Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump cuelang.org/go from 0.4.1 to 0.4.2 #1401

Merged
merged 1 commit into from Feb 4, 2022
Merged

Bump cuelang.org/go from 0.4.1 to 0.4.2 #1401

merged 1 commit into from Feb 4, 2022

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 4, 2022

Bumps cuelang.org/go from 0.4.1 to 0.4.2.

Release notes

Sourced from cuelang.org/go's releases.

v0.4.2

This patch release largely focuses on bug fixes, but also includes some additions to the cmd/cue cmd tooling layer and builtins. Some of the bug fixes were identified as part of preparing for an upcoming CUE talk at FOSDEM.

Thank you to @​brandonbloom, @​eonpatapon, @​obowersa and @​seh for contributing to this release!

Core evaluator

A number of bug fixes relating to edge cases of CUE evaluation. Notably, 1374dc99007937166e204302792df34c46138df0 fixes some subtle bugs where fields can be missed if patterns are inserted too late.

0aaf4c69be6394bcb20c0a659382f48b9cffec33 disallows _ as a field label, fixing a bug where the following CUE was previously accepted as valid:

_: 5

This now results in:

cannot use _ as label:
    ./x.cue:1:1

Tooling layer (cmd/cue cmd)

@​eonpatapon added Mkdir, MkdirAll to pkg/tool/file. cue-lang/cue#1502 was raised as a follow-up, a wider review of how the pkg/… API needs to change pre v1.

Spec

@​seh contributed to the "Declarations and scope" section, clarifying that top-level let identifiers are scoped to the containing file block.

cmd/cue

@​slewiskelly highlighted a regression introduced as far back as aaf6e846d8450663dd4fd265021a969d02a2bf4e where cmd/cue is used to validate data using a schema. In this regression, CUE inadvertently marks the failures as "fatal", instead of "incomplete" (that is, could be satisfied by making a value more concrete). 04812bfb515de3300ac21ca181542f8ea02c9ea1 disables schema checking for now whilst we consider a more precise solution.

Builtins

Both pkg/encoding/yaml and pkg/encoding/json now support UnmarshalStream.

Changelog

  • 6bc922c8 tools/trim: prevent nil-pointer panic
  • 9aeaf704 pkg/encoding/json: implement UnmarshalStream
  • 480b28b1 pkg/encoding/yaml: implement UnmarshalStream
  • 880863af encoing/json: made independent of pkg/encoding/json
  • 802a8520 cmd/cue/cmd: only consider "kind" field for known tasks
  • bd3b6eaf cmd/cue: add newline between imported objects
  • 04812bfb cmd/cue: fix spurious errors
  • 2fe5251e doc/ref/spec.md: clarify scope of top-level let ID

... (truncated)

Commits
  • 6bc922c tools/trim: prevent nil-pointer panic
  • 9aeaf70 pkg/encoding/json: implement UnmarshalStream
  • 480b28b pkg/encoding/yaml: implement UnmarshalStream
  • 880863a encoing/json: made independent of pkg/encoding/json
  • 802a852 cmd/cue/cmd: only consider "kind" field for known tasks
  • bd3b6ea cmd/cue: add newline between imported objects
  • 04812bf cmd/cue: fix spurious errors
  • 2fe5251 doc/ref/spec.md: clarify scope of top-level let ID
  • 556f57f doc/tutorial: fix typo in 55_defs.txt
  • f0d03f3 cue/ast: fix typo in docstring
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump cuelang.org/go from 0.4.1 to 0.4.2
9129c0e 
Bumps [cuelang.org/go](https://github.com/cue-lang/cue) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/cue-lang/cue/releases)
- [Changelog](https://github.com/cue-lang/cue/blob/master/.goreleaser.yml)
- [Commits](cue-lang/cue@v0.4.1...v0.4.2)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 4, 2022
@dlorenc dlorenc merged commit 3c7cc20 into main Feb 4, 2022
@dependabot dependabot bot deleted the dependabot/go_modules/cuelang.org/go-0.4.2 branch February 4, 2022 17:02
@github-actions github-actions bot added this to the v1.6.0 milestone Feb 4, 2022
hatmarch pushed a commit to hatmarch/cosign that referenced this pull request Apr 19, 2022
@dependabot
Bump cuelang.org/go from 0.4.1 to 0.4.2 (sigstore#1401)
d007ddc 
Bumps [cuelang.org/go](https://github.com/cue-lang/cue) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/cue-lang/cue/releases)
- [Changelog](https://github.com/cue-lang/cue/blob/master/.goreleaser.yml)
- [Commits](cue-lang/cue@v0.4.1...v0.4.2)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@dependabot @mlieberman85
Bump cuelang.org/go from 0.4.1 to 0.4.2 (sigstore#1401)
f1662ce 
Bumps [cuelang.org/go](https://github.com/cue-lang/cue) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/cue-lang/cue/releases)
- [Changelog](https://github.com/cue-lang/cue/blob/master/.goreleaser.yml)
- [Commits](cue-lang/cue@v0.4.1...v0.4.2)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
v1.6.0
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@dlorenc