Bump the go-modules group across 1 directory with 41 updates #639

dependabot · 2024-07-16T03:59:44Z

Bumps the go-modules group with 23 updates in the / directory:

Package	From	To
github.com/onsi/gomega	`1.31.1`	`1.33.1`
github.com/paketo-buildpacks/occam	`0.18.2`	`0.18.7`
github.com/BurntSushi/toml	`1.3.2`	`1.4.0`
github.com/Microsoft/hcsshim	`0.11.7`	`0.12.5`
github.com/cenkalti/backoff/v4	`4.2.1`	`4.3.0`
github.com/cloudflare/circl	`1.3.7`	`1.3.9`
github.com/cyphar/filepath-securejoin	`0.2.4`	`0.3.0`
github.com/docker/docker-credential-helpers	`0.8.1`	`0.8.2`
github.com/gabriel-vasile/mimetype	`1.4.3`	`1.4.4`
github.com/go-git/go-git/v5	`5.11.0`	`5.12.0`
github.com/go-logr/logr	`1.4.1`	`1.4.2`
github.com/huandu/xstrings	`1.4.0`	`1.5.0`
github.com/klauspost/compress	`1.17.7`	`1.17.9`
github.com/knqyf263/go-rpmdb	`0.0.0-20230301153543-ba94b245509b`	`0.1.1`
github.com/sassoftware/go-rpmutils	`0.3.0`	`0.4.0`
github.com/shirou/gopsutil/v3	`3.24.1`	`3.24.5`
github.com/shopspring/decimal	`1.3.1`	`1.4.0`
github.com/spdx/tools-golang	`0.5.3`	`0.5.5`
github.com/sylabs/sif/v2	`2.15.1`	`2.18.0`
github.com/tklauser/go-sysconf	`0.3.13`	`0.3.14`
github.com/vbatts/go-mtree	`0.5.3`	`0.5.4`
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	`0.49.0`	`0.53.0`
google.golang.org/grpc	`1.62.0`	`1.65.0`

Updates github.com/onsi/gomega from 1.31.1 to 1.33.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.33.1

1.33.1

Fixes

fix confusing eventually docs [3a66379]

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

v1.33.0

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]

Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]

Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

v1.32.0

1.32.0

Maintenance

Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @jbduncan !). Please open an issue if you run into one.

chore: test with Go 1.22 (#733) [32ef35e]

Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

docs: fix typo and broken anchor link to gstruct [f460154]

docs: fix HaveEach matcher signature [a2862e4]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.33.1

Fixes

fix confusing eventually docs [3a66379]

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]

Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]

Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

1.32.0

Maintenance

Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @jbduncan !). Please open an issue if you run into one.

chore: test with Go 1.22 (#733) [32ef35e]

Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

docs: fix typo and broken anchor link to gstruct [f460154]

docs: fix HaveEach matcher signature [a2862e4]

Commits

8a658bb v1.33.1
e9bc35a Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2
3a66379 fix confusing eventually docs
f2e65fc v1.33.0
02e8706 docs: Receive(POINTER, MATCHER)
ec1f186 feat: receiver matcher accepting (POINTER, MATCHER), includes unit tests
9999deb Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745)
cb5ff21 Bump github-pages from 229 to 230 in /docs (#735)
bac6596 Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746)
4379951 v1.32.0
Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/occam from 0.18.2 to 0.18.7

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.18.7

What's Changed

Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible by @dependabot in paketo-buildpacks/occam#305

Updates go mod toolchain version to 1.22.4 by @paketo-bot in paketo-buildpacks/occam#306

Buildpack packaging should always target linux by @ForestEckhardt in paketo-buildpacks/occam#307

Full Changelog: paketo-buildpacks/occam@v0.18.6...v0.18.7

v0.18.6

What's Changed

Bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible by @dependabot in paketo-buildpacks/occam#290

Bump github.com/onsi/gomega from 1.32.0 to 1.33.0 by @dependabot in paketo-buildpacks/occam#291

Bump github.com/paketo-buildpacks/packit/v2 from 2.12.0 to 2.13.0 by @dependabot in paketo-buildpacks/occam#292

Bump github.com/docker/docker from 26.0.2+incompatible to 26.1.0+incompatible by @dependabot in paketo-buildpacks/occam#293

Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 by @dependabot in paketo-buildpacks/occam#294

Bump github.com/docker/docker from 26.1.0+incompatible to 26.1.1+incompatible by @dependabot in paketo-buildpacks/occam#295

Bump github.com/paketo-buildpacks/packit/v2 from 2.13.0 to 2.14.0 by @dependabot in paketo-buildpacks/occam#296

Bump github.com/docker/docker from 26.1.1+incompatible to 26.1.2+incompatible by @dependabot in paketo-buildpacks/occam#298

Bump github.com/testcontainers/testcontainers-go from 0.30.0 to 0.31.0 by @dependabot in paketo-buildpacks/occam#297

Bump github.com/docker/docker from 26.1.2+incompatible to 26.1.3+incompatible by @dependabot in paketo-buildpacks/occam#299

Updates github-config by @paketo-bot in paketo-buildpacks/occam#289

Updates github-config by @paketo-bot in paketo-buildpacks/occam#303

Adds support of buildpackages in buildpack store and updates freezer by @ForestEckhardt in paketo-buildpacks/occam#302

Full Changelog: paketo-buildpacks/occam@v0.18.5...v0.18.6

v0.18.5

What's Changed

use go 1.20 by @sophiewigmore in paketo-buildpacks/occam#288

Full Changelog: paketo-buildpacks/occam@v0.18.4...v0.18.5

v0.18.4

What's Changed

remove toolchain from go.mod by @sophiewigmore in paketo-buildpacks/occam#287

Full Changelog: paketo-buildpacks/occam@v0.18.3...v0.18.4

v0.18.3

What's Changed

Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @dependabot in paketo-buildpacks/occam#280

Bump github.com/testcontainers/testcontainers-go from 0.26.0 to 0.30.0 by @dependabot in paketo-buildpacks/occam#285

Bump github.com/onsi/gomega from 1.30.0 to 1.32.0 by @dependabot in paketo-buildpacks/occam#282

Bump github.com/docker/docker from 25.0.5+incompatible to 26.0.1+incompatible by @dependabot in paketo-buildpacks/occam#286

Bump github.com/google/go-containerregistry from 0.14.0 to 0.19.1 by @dependabot in paketo-buildpacks/occam#281

... (truncated)

Commits

aff3030 Buildpack packaging should always target linux
7b8692d Updates go mod toolchain version to 1.22.4
ddf2781 Bump github.com/docker/docker
e9fee75 Adds support of buildpackages in buildpack store and updates freezer (#302)
dda57be Updating github-config
f0b937b Use stable go version everywhere.
354d744 Bump to go 1.21
64bc107 Updating github-config
d00fe4b Bump github.com/docker/docker
37502e4 Bump github.com/testcontainers/testcontainers-go from 0.30.0 to 0.31.0
Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.12.0 to 2.14.0

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.14.0

What's Changed

Fixes mirror bug when originalHost is excluded by @TisVictress in paketo-buildpacks/packit#569

Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 by @dependabot in paketo-buildpacks/packit#571

Support reading service bindings from VCAP_SERVICES env var by @pbusko in paketo-buildpacks/packit#566

New Contributors

@pbusko made their first contribution in paketo-buildpacks/packit#566 🥳

Full Changelog: paketo-buildpacks/packit@v2.13.0...v2.14.0

v2.13.0

What's Changed

Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 by @dependabot in paketo-buildpacks/packit#531

Bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in paketo-buildpacks/packit#533

Updates github-config by @paketo-bot in paketo-buildpacks/packit#532

Bump github.com/onsi/gomega from 1.29.0 to 1.30.0 by @dependabot in paketo-buildpacks/packit#536

Updates github-config by @paketo-bot in paketo-buildpacks/packit#534

Bump github.com/google/uuid from 1.4.0 to 1.5.0 by @dependabot in paketo-buildpacks/packit#541

Bump github.com/onsi/gomega from 1.30.0 to 1.31.0 by @dependabot in paketo-buildpacks/packit#544

Bump github.com/onsi/gomega from 1.31.0 to 1.31.1 by @dependabot in paketo-buildpacks/packit#547

Bump github.com/google/uuid from 1.5.0 to 1.6.0 by @dependabot in paketo-buildpacks/packit#548

Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in paketo-buildpacks/packit#556

Bump github.com/onsi/gomega from 1.31.1 to 1.32.0 by @dependabot in paketo-buildpacks/packit#560

Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.12 by @dependabot in paketo-buildpacks/packit#562

Bump github.com/onsi/gomega from 1.32.0 to 1.33.0 by @dependabot in paketo-buildpacks/packit#568

Allows users to set a dependency mirror by @TisVictress in paketo-buildpacks/packit#563

New Contributors

@TisVictress made their first contribution in paketo-buildpacks/packit#563

Full Changelog: paketo-buildpacks/packit@v2.12.0...v2.13.0

Commits

13393ec Support reading service bindings from VCAP_SERVICES env var (#566)
35d8f76 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1
ce376b7 Fixes mirror bug when originalHost is excluded (#569)
4c9f338 Allows users to set a dependency mirror (#563)
4e9c21d Bump github.com/onsi/gomega from 1.32.0 to 1.33.0
dd77ec5 Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.12
95b8056 Bump github.com/onsi/gomega from 1.31.1 to 1.32.0
777a503 Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
c1b785b Bump github.com/google/uuid from 1.5.0 to 1.6.0
b31dc83 Bump github.com/onsi/gomega from 1.31.0 to 1.31.1
Additional commits viewable in compare view

Updates github.com/BurntSushi/toml from 1.3.2 to 1.4.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.4.0

This version requires Go 1.18

Add toml.Marshal() (#405)

Require 2-digit hour (#320)

Wrap UnmarshalTOML() and UnmarshalText() return values in ParseError for position information (#398)

Fix inline tables with dotted keys inside inline arrays (e.g. k=[{a.b=1}]) (#400)

Commits

1e2c053 Undeprecate PrimitiveDecode and MetaData.PrimitiveDecode()
f8f7e48 Update toml-test
9a80667 Add -json flag to tomlv
3203540 fuzz: move fuzz_targets from oss-fuzz (#406)
77ce858 Add Marshal Function (#405)
0e879cb Fix panic when trying to set subkey for a value that's not a table
c299e75 Update toml-test
4223137 Fix inline tables with dotted keys inside inline arrays (#400)
45e7e49 Update toml-test
c320c2d Fix utf8.RuneError test
Additional commits viewable in compare view

Updates github.com/ForestEckhardt/freezer from 0.0.12 to 0.1.0

Release notes

Sourced from github.com/ForestEckhardt/freezer's releases.

v0.1.0

What's Changed

Updates fetchers to create buildpackages by @ForestEckhardt in ForestEckhardt/freezer#11

Full Changelog: ForestEckhardt/freezer@v0.0.12...v0.1.0

Commits

a57bf55 Updates fetchers to create buildpackages
See full diff in compare view

Updates github.com/Microsoft/hcsshim from 0.11.7 to 0.12.5

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.5

What's Changed

[release/0.12] Adding state attribute to the HNSEndpoint struct to support hyperv co… by @ritikaguptams in microsoft/hcsshim#2183

[release/0.12] vendor: github.com/containerd/containerd v17.18 by @thaJeztah in microsoft/hcsshim#2186

[release/0.12] Backport networking commits for L1VH feature by @princepereira in microsoft/hcsshim#2205

Full Changelog: microsoft/hcsshim@v0.12.4...v0.12.5

v0.12.4

What's Changed

[release/0.12] Backport networking commits by @kiashok in microsoft/hcsshim#2157

Full Changelog: microsoft/hcsshim@v0.12.3...v0.12.4

v0.12.3

What's Changed

[release/0.12] Update go-winio to v0.6.2 by @kiashok in microsoft/hcsshim#2114

Full Changelog: microsoft/hcsshim@v0.12.2...v0.12.3

v0.12.2

No release notes provided.

v0.12.1

What's Changed

Add spans and drop large size high volume trace logs by @kiashok in microsoft/hcsshim#2068

Updating permissions and github release action versions (#2078) by @hgarvison in microsoft/hcsshim#2079

fix: move permissions to the correct job (#2080) by @anmaxvl in microsoft/hcsshim#2081

Full Changelog: microsoft/hcsshim@v0.12.0...v0.12.1

v0.12.0

What's Changed

adding option of using buffered image reader for faster dmverity hashing by @SethHollandsworth in microsoft/hcsshim#2013

Fix process handle leak when launching a job container by @kevpar in microsoft/hcsshim#2020

Revert "gcs: Support routing container stdio to sidecar" by @kevpar in microsoft/hcsshim#2023

internal/exec: Fix stdio pipe problems by @kevpar in microsoft/hcsshim#2021

Allow mounting multiple dev nodes per assigned device by @katiewasnothere in microsoft/hcsshim#2003

tests: update docker images by @anmaxvl in microsoft/hcsshim#2012

Don't create container scratch per base layer by @ambarve in microsoft/hcsshim#2002

Removing internal tests from hcsshim's cri-containerd tests by @yyatmsft in microsoft/hcsshim#1998

Fix CodeQL pipeline failure by @helsaawy in microsoft/hcsshim#2032

Update Cmd IO handling by @helsaawy in microsoft/hcsshim#1937

[deps] Omni-bus dependency update by @helsaawy in microsoft/hcsshim#2039

Upgrade to go1.21 by @kiashok in microsoft/hcsshim#2033

... (truncated)

Commits

e970943 Modifying network flag EnableIov.
4f77a09 Hcsshim wrapper over HNS API needed for exclusion of management mac addresses...
3b5bd8a [release/0.12] vendor: github.com/containerd/containerd v17.18
40cdbc8 Adding state attribute to the HNSEndpoint struct to support hyperv containers...
c6a8327 Adding support for loadbalancer policy update in hns. (#2085)
44e4ec0 Changes for checking the global version for modify policy version support. (#...
62f86c0 OutBoundNATPolicy Schema changes (#2106)
c950974 Update go-winio to v0.6.2 & fix lint errors
ad1ccf5 fix: move permissions to the correct job (#2080) (#2081)
6588c1c Updating permissions and github release action versions (#2078) (#2079)
Additional commits viewable in compare view

Updates github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0

Commits

720b789 remove travis badge from readme
a83af7f feat(backoff): Add functional options for ExponentialBackOff Closes #136
See full diff in compare view

Updates github.com/cloudflare/circl from 1.3.7 to 1.3.9

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.9

Changes:

Fix bug on BLS12381 decoding elements.

Commit History

dilithium: fix typo by @bwesterb in cloudflare/circl#498

bls12381: Detects invalid prefix in G1 and G2 serialized elements by @armfazh in cloudflare/circl#500

Preparing CIRCL release v1.3.9 by @armfazh in cloudflare/circl#501

Full Changelog: cloudflare/circl@v1.3.8...v1.3.9

CIRCL v1.3.8

New

BLS Signatures on top of BLS12-381.

Adopt faster squaring in pairings.

BlindRSA compliant with RFC9474.

(Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

Notice

Update on cpabe/tkn20 ciphertexts, read more at https://github.com/cloudflare/circl/wiki/tkn20-Ciphertext-Format-(v1.3.8)

What's Changed

Implement Granger-Scott faster squaring in the cyclotomic subgroup. by @armfazh in cloudflare/circl#449

Updates avo and CIRCL's own dependency. by @armfazh in cloudflare/circl#474

Updating documentation for OPRF package. by @armfazh in cloudflare/circl#475

group: removes order method from group interface by @armfazh in cloudflare/circl#356

zk/dleq: Adding DLEQ proofs for Qn, the subgroup of squares in (Z/nZ)* by @armfazh in cloudflare/circl#451

Reduce x/crypto and x/sys versions to match Go 1.21 by @Lekensteyn in cloudflare/circl#476

Bump GitHub Actions versions and use Go 1.22 and 1.21 by @Lekensteyn in cloudflare/circl#477

Adding rule for constant values by @armfazh in cloudflare/circl#478

Add BLS signatures over BLS12-381 by @armfazh in cloudflare/circl#446

group: Implements Shamir and Feldman secret sharing. by @armfazh in cloudflare/circl#348

blindrsa: add support for all variants of RFC9474 by @armfazh in cloudflare/circl#479

Explicitly installs Go with version before CodeQL analysis. by @armfazh in cloudflare/circl#481

Bumps golangci-lint action by @armfazh in cloudflare/circl#485

ecc/bls12381: Ensures pairing operations don't overwrite their input by @armfazh in cloudflare/circl#494

Align to the purego build tag, removing noasm build tag by @mattyclarkson in cloudflare/circl#492

cpabe: Serializing ciphertext with 32-bit prefixes. by @armfazh in cloudflare/circl#490

New Contributors

@mattyclarkson made their first contribution in cloudflare/circl#492

Full Changelog: cloudflare/circl@v1.3.7...v1.3.8

Commits

75b28ed Preparing CIRCL release v1.3.9
9e7c49b Detects invalid encodings of bls12381 elements.
5f94471 Test for invalid encodings of BLS12381.
456fe41 dilithium: fix typo
4bb5601 Serializing ciphertext with 32-bit prefixes.
a4252c7 Test functions working with ciphertext.
64431bb Testing long plaintext.
fe2b663 Using SHAKE128 as a fixed prgn for golden files.
2c600ff Align to the purego build tag, removing noasm build tag
a4b7601 Ensure pairing functions don't overwrite the input.
Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.2.4 to 0.3.0

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.0

This release contains no changes to SecureJoin.

However, it does introduce a new *os.File-based API which is much safer to use for most usecases. These are adapted from libpathrs and are the bare minimum to be able to operate more safely on an untrusted rootfs where an attacker has write access (something that SecureJoin cannot protect against). The new APIs are:

OpenInRoot, which resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the file handle returned by OpenInRoot is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- see open(2) for more details).

Reopen, which takes an O_PATH file handle and safely re-opens it to "upgrade" it to a regular handle.

MkdirAll, which is a safe implementation of os.MkdirAll that can be used to create directory trees inside a rootfs.

As these are new APIs, it is possible they may change in the future. However, they should be safe to start migrating to as we have extensive tests ensuring they behave correctly and are safe against various races and other attacks.

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.2.5

This release makes some minor improvements to SecureJoin:

Some changes were made to how lexical components are handled during resolution. There is no change in behaviour, and both implementations are safe, however the newer implementation is much easier to reason about.

The error returned when a symlink loop has been detected will now reference the correct path. #10

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

Commits

b984b9c VERSION: bump to 0.3.0
6ae6d58 merge #15 into cyphar/filepath-securejoin:main
0a923e5 README: update to describe and strongly recommend new APIs
ebb9f1f mkdirall: switch away from O_PATH for mkdir loop
975d7b3 open: add OpenInRoot and Reopen tests
1e6990b open: add Open(at)InRoot and Reopen
96f72c6 procfs: make procSelfFdReadlink more generic with generics
a91c705 lookup: clean up test helper
fbc8097 proc: do not export internal PROC_ constants
ce95b91 gha: update actions/checkout to v4
Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.8.1 to 0.8.2

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.8.2

What's Changed

pass: return correct error, and ignore empty stores on list docker/docker-credential-helpers#321

pass: add utilities for encoding/decoding serverURL docker/docker-credential-helpers#322

pass: Get: remove redundant stat docker/docker-credential-helpers#323

Dockerfile: update xx to v1.4.0 docker/docker-credential-helpers#310

ci: update github actions to latest stable docker/docker-credential-helpers#313

ci: set codecov token docker/docker-credential-helpers#316

ci: add pull-request template docker/docker-credential-helpers#318

ci: update GHA to macOS-13, macOS-14, and update to go1.21.10 docker/docker-credential-helpers#320

build(deps): bump softprops/action-gh-release from 1 to 2 docker/docker-credential-helpers#317

Full Changelog: docker/docker-credential-helpers@v0.8.1...v0.8.2

Commits

6b9df3e Merge pull request #323 from thaJeztah/pass_simplify_get
dc10c50 Merge pull request #317 from docker/dependabot/github_actions/softprops/actio...
896eb37 build(deps): bump softprops/action-gh-release to 2.0.5
a14669f pass: Get: remove redundant stat
74840b3 Merge pull request #322 from thaJeztah/pass_dry
d3ef442 pass: add utilities for encoding/decoding serverURL
f64d6b1 Merge pull request #321 from thaJeztah/fix_pass_errors
1bb9aa3 pass: return correct error, and ignore empty stores on list
73b9e5d Merge pull request #320 from thaJeztah/update_gha
0c43fed update to go1.21.10
Additional commits viewable in compare view

Updates github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4

Release notes

Sourced from github.com/gabriel-vasile/mimetype's releases.

v1.4.4

What's Changed

Security fixes:

Update golang.org/x/net to latest. Fixes: CVE-2023-45288

Performance improvements:

Change tar detection to use checksum instead of legal ranges of values in gabriel-vasile/mimetype#466

ftyp: exit asap to prevent mem allocs in gabriel-vasile/mimetype#517

Improve x-subrip detection performance in gabriel-vasile/mimetype#524

improve performance for text detection in gabriel-vasile/mimetype#532

Using io.ReadAll instead of ioutil.ReadAll by @phihungtf in gabriel-vasile/mimetype#525

Benchmarks:
before:
BenchmarkText/application/x-ndjson-8              663314              2027 ns/op            4306 B/op          6 allocs/op
BenchmarkSliceRand-8                              688160              1690 ns/op             728 B/op         75 allocs/op
BenchmarkSrt-8                                    946042              1089 ns/op            4240 B/op          5 allocs/op
after:
BenchmarkText/application/x-ndjson-8             1930292               678.6 ns/op           160 B/op          4 allocs/op
BenchmarkSliceRand-8                             1232066              1173 ns/op             160 B/op          4 allocs/op
BenchmarkSrt-8                                   3235448               368.8 ns/op            64 B/op          2 allocs/op
New Contributors

@phihungtf made their first contribution in gabriel-vasile/mimetype#525

Full Changelog: gabriel-vasile/mimetype@v1.4.3...v1.4.4

Commits

43192c8 Bump the github-actions group across 1 directory with 3 updates (#534)
07821d3 Using io.ReadAll instead of ioutil.ReadAll (#525)
9bd6023 github actions & readme: remove codecov badge (#533)
ff4d3d0 improve performance for text detection (#532)
bc511b8 add defaultLimit and use it when resetting back (#531)
341c422 Improve x-subrip detection performance (#524)
043efb9 fix benchmark files order (#518)
fd7639e ftyp: exit asap to prevent mem allocs (#517)
889166d Merge pull request #505 from gabriel-vasile/dependabot/github_actions/github-...
e938b0c Merge pull request #502 from gabriel-vasile/dependabot/go_modules/gomod-82d2d...
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.12.0

What's Changed

git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by @moranCohen26 in go-git/go-git#994

git: Signer: fix usage of crypto.Signer interface by @wlynch in go-git/go-git#1029

git: Remote, fetch, adds the prune option. by @juliens in go-git/go-git#366

git: Add crypto.Signer option to CommitOptions. by @wlynch in go-git/go-git#996

git: Worktree checkout tag hash id (#959) by @aymanbagabas in go-git/go-git#966

git: Worktree, Don't panic on empty or root path when checking if it is valid by @tim775 in go-git/go-git#1042

git: Add commit validation for Reset by @pjbgf in go-git/go-git#1048

git: worktree_commit, Fix amend commit to apply changes. Fixes #1024 by @onee-only in go-git/go-git#1045

git: Implement Merge function with initial FastForwardMerge support by @pjbgf in go-git/go-git#1044

plumbing: object, Make first commit visible on logs filtered with filename. Fixes #191 by @onee-only in go-git/go-git#1036

plumbing: no panic in printStats function. Fixes #177 by @nodivbyzero in go-git/go-git#971

plumbing: object, Optimize logging with file. by @onee-only in go-git/go-git#1046

plumbing: object, check legitimacy in (*Tree).Encode by @niukuo in go-git/go-git#967

plumbing: format/gitattributes, close file in ReadAttributesFile by @prskr in go-git/go-git#1018

plumbing: check setAuth error. Fixes #185 by @nodivbyzero in go-git/go-git#969

plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by @Jerry-yz in go-git/go-git#987

utils: merkletrie, calculate filesystem node's hash lazily. by @candid82 in go-git/go-git#825

utils: update comment in node.go's Hash() by <...
Description has been truncated

Bumps the go-modules group with 23 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.31.1` | `1.33.1` | | [github.com/paketo-buildpacks/occam](https://github.com/paketo-buildpacks/occam) | `0.18.2` | `0.18.7` | | [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) | `1.3.2` | `1.4.0` | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.11.7` | `0.12.5` | | [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) | `4.2.1` | `4.3.0` | | [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.3.9` | | [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.2.4` | `0.3.0` | | [github.com/docker/docker-credential-helpers](https://github.com/docker/docker-credential-helpers) | `0.8.1` | `0.8.2` | | [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) | `1.4.3` | `1.4.4` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.11.0` | `5.12.0` | | [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.4.1` | `1.4.2` | | [github.com/huandu/xstrings](https://github.com/huandu/xstrings) | `1.4.0` | `1.5.0` | | [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.7` | `1.17.9` | | [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb) | `0.0.0-20230301153543-ba94b245509b` | `0.1.1` | | [github.com/sassoftware/go-rpmutils](https://github.com/sassoftware/go-rpmutils) | `0.3.0` | `0.4.0` | | [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil) | `3.24.1` | `3.24.5` | | [github.com/shopspring/decimal](https://github.com/shopspring/decimal) | `1.3.1` | `1.4.0` | | [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) | `0.5.3` | `0.5.5` | | [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) | `2.15.1` | `2.18.0` | | [github.com/tklauser/go-sysconf](https://github.com/tklauser/go-sysconf) | `0.3.13` | `0.3.14` | | [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree) | `0.5.3` | `0.5.4` | | [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.49.0` | `0.53.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.62.0` | `1.65.0` | Updates `github.com/onsi/gomega` from 1.31.1 to 1.33.1 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.1...v1.33.1) Updates `github.com/paketo-buildpacks/occam` from 0.18.2 to 0.18.7 - [Release notes](https://github.com/paketo-buildpacks/occam/releases) - [Commits](paketo-buildpacks/occam@v0.18.2...v0.18.7) Updates `github.com/paketo-buildpacks/packit/v2` from 2.12.0 to 2.14.0 - [Release notes](https://github.com/paketo-buildpacks/packit/releases) - [Commits](paketo-buildpacks/packit@v2.12.0...v2.14.0) Updates `github.com/BurntSushi/toml` from 1.3.2 to 1.4.0 - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) Updates `github.com/ForestEckhardt/freezer` from 0.0.12 to 0.1.0 - [Release notes](https://github.com/ForestEckhardt/freezer/releases) - [Commits](ForestEckhardt/freezer@v0.0.12...v0.1.0) Updates `github.com/Microsoft/hcsshim` from 0.11.7 to 0.12.5 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.11.7...v0.12.5) Updates `github.com/cenkalti/backoff/v4` from 4.2.1 to 4.3.0 - [Commits](cenkalti/backoff@v4.2.1...v4.3.0) Updates `github.com/cloudflare/circl` from 1.3.7 to 1.3.9 - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.3.7...v1.3.9) Updates `github.com/cyphar/filepath-securejoin` from 0.2.4 to 0.3.0 - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](cyphar/filepath-securejoin@v0.2.4...v0.3.0) Updates `github.com/docker/docker-credential-helpers` from 0.8.1 to 0.8.2 - [Release notes](https://github.com/docker/docker-credential-helpers/releases) - [Commits](docker/docker-credential-helpers@v0.8.1...v0.8.2) Updates `github.com/gabriel-vasile/mimetype` from 1.4.3 to 1.4.4 - [Release notes](https://github.com/gabriel-vasile/mimetype/releases) - [Commits](gabriel-vasile/mimetype@v1.4.3...v1.4.4) Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.4.1...v1.4.2) Updates `github.com/google/go-containerregistry` from 0.19.0 to 0.19.1 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.19.0...v0.19.1) Updates `github.com/huandu/xstrings` from 1.4.0 to 1.5.0 - [Release notes](https://github.com/huandu/xstrings/releases) - [Commits](huandu/xstrings@v1.4.0...v1.5.0) Updates `github.com/klauspost/compress` from 1.17.7 to 1.17.9 - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](klauspost/compress@v1.17.7...v1.17.9) Updates `github.com/knqyf263/go-rpmdb` from 0.0.0-20230301153543-ba94b245509b to 0.1.1 - [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.1) Updates `github.com/sassoftware/go-rpmutils` from 0.3.0 to 0.4.0 - [Release notes](https://github.com/sassoftware/go-rpmutils/releases) - [Commits](sassoftware/go-rpmutils@v0.3.0...v0.4.0) Updates `github.com/sergi/go-diff` from 1.3.1 to 1.3.2-0.20230802210424-5b0b94c5c0d3 - [Commits](https://github.com/sergi/go-diff/commits) Updates `github.com/shirou/gopsutil/v3` from 3.24.1 to 3.24.5 - [Release notes](https://github.com/shirou/gopsutil/releases) - [Commits](shirou/gopsutil@v3.24.1...v3.24.5) Updates `github.com/shopspring/decimal` from 1.3.1 to 1.4.0 - [Release notes](https://github.com/shopspring/decimal/releases) - [Changelog](https://github.com/shopspring/decimal/blob/master/CHANGELOG.md) - [Commits](shopspring/decimal@v1.3.1...v1.4.0) Updates `github.com/skeema/knownhosts` from 1.2.1 to 1.2.2 - [Commits](skeema/knownhosts@v1.2.1...v1.2.2) Updates `github.com/spdx/tools-golang` from 0.5.3 to 0.5.5 - [Release notes](https://github.com/spdx/tools-golang/releases) - [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md) - [Commits](spdx/tools-golang@v0.5.3...v0.5.5) Updates `github.com/sylabs/sif/v2` from 2.15.1 to 2.18.0 - [Release notes](https://github.com/sylabs/sif/releases) - [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml) - [Commits](sylabs/sif@v2.15.1...v2.18.0) Updates `github.com/tklauser/go-sysconf` from 0.3.13 to 0.3.14 - [Release notes](https://github.com/tklauser/go-sysconf/releases) - [Commits](tklauser/go-sysconf@v0.3.13...v0.3.14) Updates `github.com/tklauser/numcpus` from 0.7.0 to 0.8.0 - [Release notes](https://github.com/tklauser/numcpus/releases) - [Commits](tklauser/numcpus@v0.7.0...v0.8.0) Updates `github.com/ulikunitz/xz` from 0.5.11 to 0.5.12 - [Commits](ulikunitz/xz@v0.5.11...v0.5.12) Updates `github.com/vbatts/go-mtree` from 0.5.3 to 0.5.4 - [Release notes](https://github.com/vbatts/go-mtree/releases) - [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md) - [Commits](vbatts/go-mtree@v0.5.3...v0.5.4) Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.49.0 to 0.53.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.49.0...zpages/v0.53.0) Updates `go.opentelemetry.io/otel` from 1.24.0 to 1.28.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.24.0...v1.28.0) Updates `go.opentelemetry.io/otel/metric` from 1.24.0 to 1.28.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.24.0...v1.28.0) Updates `go.opentelemetry.io/otel/trace` from 1.24.0 to 1.28.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.24.0...v1.28.0) Updates `golang.org/x/crypto` from 0.22.0 to 0.24.0 - [Commits](golang/crypto@v0.22.0...v0.24.0) Updates `golang.org/x/exp` from 0.0.0-20230510235704-dd950f8aeaea to 0.0.0-20231006140011-7918f672742d - [Commits](https://github.com/golang/exp/commits) Updates `golang.org/x/mod` from 0.16.0 to 0.17.0 - [Commits](golang/mod@v0.16.0...v0.17.0) Updates `golang.org/x/net` from 0.23.0 to 0.25.0 - [Commits](golang/net@v0.23.0...v0.25.0) Updates `golang.org/x/sync` from 0.6.0 to 0.7.0 - [Commits](golang/sync@v0.6.0...v0.7.0) Updates `golang.org/x/sys` from 0.19.0 to 0.21.0 - [Commits](golang/sys@v0.19.0...v0.21.0) Updates `golang.org/x/text` from 0.14.0 to 0.16.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.14.0...v0.16.0) Updates `google.golang.org/grpc` from 1.62.0 to 1.65.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.65.0) Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.1 --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/paketo-buildpacks/occam dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/paketo-buildpacks/packit/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/BurntSushi/toml dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/ForestEckhardt/freezer dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/Microsoft/hcsshim dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/cenkalti/backoff/v4 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/cloudflare/circl dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/docker/docker-credential-helpers dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/gabriel-vasile/mimetype dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/go-git/go-git/v5 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/go-logr/logr dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/google/go-containerregistry dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/huandu/xstrings dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/klauspost/compress dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/knqyf263/go-rpmdb dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/sassoftware/go-rpmutils dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/sergi/go-diff dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/shirou/gopsutil/v3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/shopspring/decimal dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/skeema/knownhosts dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/spdx/tools-golang dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/sylabs/sif/v2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/tklauser/go-sysconf dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/tklauser/numcpus dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/ulikunitz/xz dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/vbatts/go-mtree dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: go.opentelemetry.io/otel dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: go.opentelemetry.io/otel/metric dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: go.opentelemetry.io/otel/trace dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/crypto dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/exp dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: golang.org/x/mod dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/net dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/sync dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/sys dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: golang.org/x/text dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: google.golang.org/grpc dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: google.golang.org/protobuf dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from a team as a code owner July 16, 2024 03:59

dependabot bot added the failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow label Jul 16, 2024

dependabot bot mentioned this pull request Jul 16, 2024

Bump the go-modules group across 1 directory with 41 updates #638

Closed

paketo-bot added the semver:patch A change requiring a patch version bump label Jul 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-modules group across 1 directory with 41 updates #639

Bump the go-modules group across 1 directory with 41 updates #639

dependabot bot commented on behalf of github Jul 16, 2024

Bump the go-modules group across 1 directory with 41 updates #639

Are you sure you want to change the base?

Bump the go-modules group across 1 directory with 41 updates #639

Conversation

dependabot bot commented on behalf of github Jul 16, 2024

v1.33.1

1.33.1

Fixes

Maintenance

v1.33.0

1.33.0

Features

Maintenance

v1.32.0

1.32.0

Maintenance

1.33.1

Fixes

Maintenance

1.33.0

Features

Maintenance

1.32.0

Maintenance

v0.18.7

What's Changed

v0.18.6

What's Changed

v0.18.5

What's Changed

v0.18.4

What's Changed

v0.18.3

What's Changed

v2.14.0

What's Changed

New Contributors

v2.13.0

What's Changed

New Contributors

v1.4.0

v0.1.0

What's Changed

v0.12.5

What's Changed

v0.12.4

What's Changed

v0.12.3

What's Changed

v0.12.2

v0.12.1

What's Changed

v0.12.0

What's Changed

CIRCL v1.3.9

Changes:

Commit History

CIRCL v1.3.8

New

Notice

What's Changed

New Contributors

v0.3.0

v0.2.5

v0.8.2

What's Changed

v1.4.4

What's Changed

Security fixes:

Performance improvements:

New Contributors

v5.12.0

What's Changed