Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds ./ and ../ as valid subpath prefix #68

Merged
merged 3 commits into from
Mar 4, 2024
Merged

Adds ./ and ../ as valid subpath prefix #68

merged 3 commits into from
Mar 4, 2024

Conversation

ridhoq
Copy link
Contributor

@ridhoq ridhoq commented Dec 2, 2023

Closes #67.

Checks if ./ and ../ are the first segment in the subpath, if they are, proceed. Otherwise, throw the invalid error

@pxp928
Copy link

pxp928 commented Jan 16, 2024

@pombredanne here is the PR to fix this in the go library.

@pxp928 pxp928 mentioned this pull request Jan 16, 2024
Closed
@shibumi
Copy link
Collaborator

shibumi commented Mar 1, 2024

GitHub Actions seem to be stuck on this PR. Similar issue like: https://github.com/orgs/community/discussions/26698

@shibumi
Copy link
Collaborator

shibumi commented Mar 1, 2024

@ridhoq can you run these commands to force another run of Github Actions?

git commit --amend --no-edit
git push --force-with-lease

The pipeline is stuck :/ it's an issue on Github.

@ridhoq ridhoq force-pushed the dot-slash-valid-subpath-prefix branch from 926d47a to b04172f Compare March 1, 2024 22:03
@ridhoq
Copy link
Contributor Author

ridhoq commented Mar 1, 2024

@shibumi just repushed as you suggested. But the error looks the same. I noticed that it is saying that it is awaiting approval:
image

Are you able to approve the workflow?

@shibumi
Copy link
Collaborator

shibumi commented Mar 1, 2024

@ridhoq This approval button was missing for me, before.

Now it works! Thanks!

@shibumi shibumi mentioned this pull request Mar 3, 2024
Merged
@shibumi
Copy link
Collaborator

shibumi commented Mar 3, 2024

@ridhoq I have created: #69 to fix the Github actions issues.

@ridhoq @sschuberth
add ./ as a valid test case
62a8a4b 
Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
@ridhoq @sschuberth
add ../ as a valid prefix test
322020f 
Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
@ridhoq @sschuberth
enable valid prefix
6f82665 
Signed-off-by: Ridwan Hoq <ridwanhoq@microsoft.com>
@sschuberth sschuberth force-pushed the dot-slash-valid-subpath-prefix branch from b04172f to 6f82665 Compare March 4, 2024 07:03
@coveralls
Copy link

Pull Request Test Coverage Report for Build 8136756947

Details

  • 2 of 2 (100.0%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 86.942%
Totals Coverage Status
Change from base Build 8136746164: 0.0%
Covered Lines: 253
Relevant Lines: 291
💛 - Coveralls

@sschuberth sschuberth merged commit 7cb81af into package-url:master Mar 4, 2024
2 checks passed
@shibumi
Copy link
Collaborator

shibumi commented Mar 4, 2024

Thanks for reacting to so quickly @sschuberth :)

@ridhoq
Copy link
Contributor Author

ridhoq commented May 1, 2024

@shibumi is it possible to publish a new version to make this fix available for consumption? cc @pxp928

@ridhoq
Copy link
Contributor Author

ridhoq commented May 16, 2024
edited

@sschuberth as well for the above question

@sschuberth
Copy link
Member

@sschuberth as well for the above question

While I'm part of the general package-url org, I have no clue about Go and / or publishing packages for it specifically 😄

@shibumi
Copy link
Collaborator

shibumi commented May 16, 2024

Hi @ridhoq, sorry, I totally missed your comment :)

I will look at this now and will make a new version available, ASAP

cuixq added a commit to google/osv-scanner that referenced this pull request May 24, 2024
@renovate-bot @cuixq
fix(deps): update osv-scanner minor (#978)
c4caa03 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/charmbracelet/bubbletea](https://togithub.com/charmbracelet/bubbletea)
| `v0.26.1` -> `v0.26.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[github.com/package-url/packageurl-go](https://togithub.com/package-url/packageurl-go)
| `v0.1.2` -> `v0.1.3` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/exp | `v0.0.0-20240416160154-fe59bbe5cc7f` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) |
`v1.63.2` -> `v1.64.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go)
| `v1.34.0` -> `v1.34.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>charmbracelet/bubbletea
(github.com/charmbracelet/bubbletea)</summary>

###
[`v0.26.2`](https://togithub.com/charmbracelet/bubbletea/releases/tag/v0.26.2)

[Compare
Source](https://togithub.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2)

This fixes a small regression that was introduced in v0.26.0 related to
the first line on the first render not being displayed correctly. Thank
you [@&#8203;mistakenelf](https://togithub.com/mistakenelf) for pointing
this out in
[charmbracelet/bubbletea#1000!

#### What's Changed

- fix: stop and drain timers by
[@&#8203;caarlos0](https://togithub.com/caarlos0) in
[charmbracelet/bubbletea#993
- chore(lint): minor lint-related improvements by
[@&#8203;meowgorithm](https://togithub.com/meowgorithm) in
[charmbracelet/bubbletea#1007
- fix: renderer: reset the cursor on the first line by
[@&#8203;aymanbagabas](https://togithub.com/aymanbagabas) in
[charmbracelet/bubbletea#1008
- chore(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1003
- chore(deps): bump golangci/golangci-lint-action from 5 to 6 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1005
- chore(deps): bump golang.org/x/term from 0.19.0 to 0.20.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1002

**Full Changelog**:
charmbracelet/bubbletea@v0.26.1...v0.26.2

***

<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>

Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.social/@&#8203;charmcli), or
[Discord](https://charm.sh/chat).

</details>

<details>
<summary>package-url/packageurl-go
(github.com/package-url/packageurl-go)</summary>

###
[`v0.1.3`](https://togithub.com/package-url/packageurl-go/releases/tag/v0.1.3)

[Compare
Source](https://togithub.com/package-url/packageurl-go/compare/v0.1.2...v0.1.3)

#### What's Changed

- go.mod: Bump required Go version to 1.18 by
[@&#8203;magnusbaeck](https://togithub.com/magnusbaeck) in
[package-url/packageurl-go#66
- Fix Github Actions by [@&#8203;shibumi](https://togithub.com/shibumi)
in
[package-url/packageurl-go#69
- Adds `./` and `../` as valid subpath prefix by
[@&#8203;ridhoq](https://togithub.com/ridhoq) in
[package-url/packageurl-go#68

#### New Contributors

- [@&#8203;magnusbaeck](https://togithub.com/magnusbaeck) made their
first contribution in
[package-url/packageurl-go#66
- [@&#8203;ridhoq](https://togithub.com/ridhoq) made their first
contribution in
[package-url/packageurl-go#68

**Full Changelog**:
package-url/packageurl-go@v0.1.2...v0.1.3

</details>

<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>

### [`v1.64.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.64.0):
Release 1.64.0

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.63.2...v1.64.0)

### API Changes

- stats: Deprecate `InPayload.Data` and `OutPayload.Data`; they were
experimental and will be deleted in the next release
([#&#8203;7121](https://togithub.com/grpc/grpc-go/issues/7121))

### Behavior Changes

- codec: Remove handling of environment variable
`GRPC_GO_ADVERTISE_COMPRESSORS` to suppress setting supported
compressors in `grpc-accept-encoding` header. Compressors will always be
advertised, as they have been by default for some time
([#&#8203;7203](https://togithub.com/grpc/grpc-go/issues/7203))

### New Features

- resolver/dns: Add `SetMinResolutionInterval` to set the minimum
interval at which DNS re-resolutions may occur
([#&#8203;6962](https://togithub.com/grpc/grpc-go/issues/6962))
- Special Thanks:
[@&#8203;HomayoonAlimohammadi](https://togithub.com/HomayoonAlimohammadi)
- peer/peer: Implement the `fmt.Stringer` interface for pretty printing
`Peer`, and
- metadata/metadata: Implement the `fmt.Stringer` interface for pretty
printing `MD`
([#&#8203;7137](https://togithub.com/grpc/grpc-go/issues/7137))
- Special Thanks: [@&#8203;AnomalRoil](https://togithub.com/AnomalRoil)

### Performance Improvements

- client: Improve RPC performance by reducing work while holding a lock
([#&#8203;7132](https://togithub.com/grpc/grpc-go/issues/7132))

### Bug Fixes

- transport/server: Display the proper timeout value when keepalive
pings are not ack'd in time
([#&#8203;7038](https://togithub.com/grpc/grpc-go/issues/7038))
- Special Thanks: [@&#8203;BatmanAoD](https://togithub.com/BatmanAoD)
- channelz: Fix bug that was causing the subchannel's target to be unset
([#&#8203;7189](https://togithub.com/grpc/grpc-go/issues/7189))
- stats: Fix bug where peer was not set in context when calling stats
handler for `OutPayload`, `InPayload`, and `End`
([#&#8203;7096](https://togithub.com/grpc/grpc-go/issues/7096))

### Dependencies

- deps: Remove dependency on deprecated `github.com/golang/protobuf`
module ([#&#8203;7122](https://togithub.com/grpc/grpc-go/issues/7122))

### Documentation

- grpc: Deprecate `WithBlock`, `WithReturnConnectionError`,
`FailOnNonTempDialError` which are ignored by `NewClient`
([#&#8203;7097](https://togithub.com/grpc/grpc-go/issues/7097))
- Special Thanks: [@&#8203;pellared](https://togithub.com/pellared)
- grpc: Deprecate `Dial` and `DialContext`. These will continue to be
supported throughout 1.x, but are deprecated to direct users to
`NewClient` (See
[#&#8203;7090](https://togithub.com/grpc/grpc-go/issues/7090) for more
information)
- examples: Add custom lb example
([#&#8203;6691](https://togithub.com/grpc/grpc-go/issues/6691))

</details>

<details>
<summary>protocolbuffers/protobuf-go
(google.golang.org/protobuf)</summary>

###
[`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1)

[Compare
Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1)

Minor fixes for editions compliance:

- [CL/582635](https://go.dev/cl/582635): all: update to protobuf
27.0-rc1 and regenerate protos
- [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]:
accept lower case names for group-like fields

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

---------

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
josieang pushed a commit to josieang/osv-scanner that referenced this pull request Jun 6, 2024
@renovate-bot @cuixq @josieang
fix(deps): update osv-scanner minor (google#978)
0ebcf43 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/charmbracelet/bubbletea](https://togithub.com/charmbracelet/bubbletea)
| `v0.26.1` -> `v0.26.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[github.com/package-url/packageurl-go](https://togithub.com/package-url/packageurl-go)
| `v0.1.2` -> `v0.1.3` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/exp | `v0.0.0-20240416160154-fe59bbe5cc7f` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) |
`v1.63.2` -> `v1.64.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go)
| `v1.34.0` -> `v1.34.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>charmbracelet/bubbletea
(github.com/charmbracelet/bubbletea)</summary>

###
[`v0.26.2`](https://togithub.com/charmbracelet/bubbletea/releases/tag/v0.26.2)

[Compare
Source](https://togithub.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2)

This fixes a small regression that was introduced in v0.26.0 related to
the first line on the first render not being displayed correctly. Thank
you [@&#8203;mistakenelf](https://togithub.com/mistakenelf) for pointing
this out in
[charmbracelet/bubbletea#1000!

#### What's Changed

- fix: stop and drain timers by
[@&#8203;caarlos0](https://togithub.com/caarlos0) in
[charmbracelet/bubbletea#993
- chore(lint): minor lint-related improvements by
[@&#8203;meowgorithm](https://togithub.com/meowgorithm) in
[charmbracelet/bubbletea#1007
- fix: renderer: reset the cursor on the first line by
[@&#8203;aymanbagabas](https://togithub.com/aymanbagabas) in
[charmbracelet/bubbletea#1008
- chore(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1003
- chore(deps): bump golangci/golangci-lint-action from 5 to 6 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1005
- chore(deps): bump golang.org/x/term from 0.19.0 to 0.20.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[charmbracelet/bubbletea#1002

**Full Changelog**:
charmbracelet/bubbletea@v0.26.1...v0.26.2

***

<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>

Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.social/@&#8203;charmcli), or
[Discord](https://charm.sh/chat).

</details>

<details>
<summary>package-url/packageurl-go
(github.com/package-url/packageurl-go)</summary>

###
[`v0.1.3`](https://togithub.com/package-url/packageurl-go/releases/tag/v0.1.3)

[Compare
Source](https://togithub.com/package-url/packageurl-go/compare/v0.1.2...v0.1.3)

#### What's Changed

- go.mod: Bump required Go version to 1.18 by
[@&#8203;magnusbaeck](https://togithub.com/magnusbaeck) in
[package-url/packageurl-go#66
- Fix Github Actions by [@&#8203;shibumi](https://togithub.com/shibumi)
in
[package-url/packageurl-go#69
- Adds `./` and `../` as valid subpath prefix by
[@&#8203;ridhoq](https://togithub.com/ridhoq) in
[package-url/packageurl-go#68

#### New Contributors

- [@&#8203;magnusbaeck](https://togithub.com/magnusbaeck) made their
first contribution in
[package-url/packageurl-go#66
- [@&#8203;ridhoq](https://togithub.com/ridhoq) made their first
contribution in
[package-url/packageurl-go#68

**Full Changelog**:
package-url/packageurl-go@v0.1.2...v0.1.3

</details>

<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>

### [`v1.64.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.64.0):
Release 1.64.0

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.63.2...v1.64.0)

### API Changes

- stats: Deprecate `InPayload.Data` and `OutPayload.Data`; they were
experimental and will be deleted in the next release
([#&#8203;7121](https://togithub.com/grpc/grpc-go/issues/7121))

### Behavior Changes

- codec: Remove handling of environment variable
`GRPC_GO_ADVERTISE_COMPRESSORS` to suppress setting supported
compressors in `grpc-accept-encoding` header. Compressors will always be
advertised, as they have been by default for some time
([#&#8203;7203](https://togithub.com/grpc/grpc-go/issues/7203))

### New Features

- resolver/dns: Add `SetMinResolutionInterval` to set the minimum
interval at which DNS re-resolutions may occur
([#&#8203;6962](https://togithub.com/grpc/grpc-go/issues/6962))
- Special Thanks:
[@&#8203;HomayoonAlimohammadi](https://togithub.com/HomayoonAlimohammadi)
- peer/peer: Implement the `fmt.Stringer` interface for pretty printing
`Peer`, and
- metadata/metadata: Implement the `fmt.Stringer` interface for pretty
printing `MD`
([#&#8203;7137](https://togithub.com/grpc/grpc-go/issues/7137))
- Special Thanks: [@&#8203;AnomalRoil](https://togithub.com/AnomalRoil)

### Performance Improvements

- client: Improve RPC performance by reducing work while holding a lock
([#&#8203;7132](https://togithub.com/grpc/grpc-go/issues/7132))

### Bug Fixes

- transport/server: Display the proper timeout value when keepalive
pings are not ack'd in time
([#&#8203;7038](https://togithub.com/grpc/grpc-go/issues/7038))
- Special Thanks: [@&#8203;BatmanAoD](https://togithub.com/BatmanAoD)
- channelz: Fix bug that was causing the subchannel's target to be unset
([#&#8203;7189](https://togithub.com/grpc/grpc-go/issues/7189))
- stats: Fix bug where peer was not set in context when calling stats
handler for `OutPayload`, `InPayload`, and `End`
([#&#8203;7096](https://togithub.com/grpc/grpc-go/issues/7096))

### Dependencies

- deps: Remove dependency on deprecated `github.com/golang/protobuf`
module ([#&#8203;7122](https://togithub.com/grpc/grpc-go/issues/7122))

### Documentation

- grpc: Deprecate `WithBlock`, `WithReturnConnectionError`,
`FailOnNonTempDialError` which are ignored by `NewClient`
([#&#8203;7097](https://togithub.com/grpc/grpc-go/issues/7097))
- Special Thanks: [@&#8203;pellared](https://togithub.com/pellared)
- grpc: Deprecate `Dial` and `DialContext`. These will continue to be
supported throughout 1.x, but are deprecated to direct users to
`NewClient` (See
[#&#8203;7090](https://togithub.com/grpc/grpc-go/issues/7090) for more
information)
- examples: Add custom lb example
([#&#8203;6691](https://togithub.com/grpc/grpc-go/issues/6691))

</details>

<details>
<summary>protocolbuffers/protobuf-go
(google.golang.org/protobuf)</summary>

###
[`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1)

[Compare
Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1)

Minor fixes for editions compliance:

- [CL/582635](https://go.dev/cl/582635): all: update to protobuf
27.0-rc1 and regenerate protos
- [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]:
accept lower case names for group-like fields

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

---------

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shibumi shibumi shibumi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[bug] ./ and ../ are not valid subpath prefix
5 participants
@ridhoq @pxp928 @shibumi @coveralls @sschuberth