Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/tektoncd/cli from 0.29.0 to 0.33.0 #660

Closed
wants to merge 1 commit into from
Closed

Bump github.com/tektoncd/cli from 0.29.0 to 0.33.0 #660

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 9, 2023
edited
Loading

Bumps github.com/tektoncd/cli from 0.29.0 to 0.33.0.

Release notes

Sourced from github.com/tektoncd/cli's releases.

v0.33.0

Changelog

  • 50af2e7bb New version v0.33.0

v0.32.2 Release 🎉

This is a patch release addressing a security issue on the github.com/grpc/grpc-go dependency:

  • This addresses GHSA-qppj-fm5r-hxr3 by not allowing more server handlers to be run than the HTTP/2 MAX_CONCURRENT_STREAMS setting.

ChangeLog 📋

Misc 🔨

Thanks ❤️

v0.32.1 Release 🎉

This is a minor release addressing a security issue on the golang.org/x/net dependency:

  • HTTP/2 rapid reset can cause excessive work in net/http - commits

ChangeLog 📋

Misc 🔨

Thanks ❤️

v0.32.0 Release 🎉

This is a major LTS release which comes with Pipelines version v0.50.x (LTS), Triggers version v0.25.0, Chains version v0.17.0 and Hub version v0.14.0. This release not only covers bumping up of dependencies to most recent versions but a couple of feature and fixes such as now tkn pipelinerun logs command now supports streaming of logs from PIpelineRun resolvers and we can now add annotations which pushing the tekton bundles. There were of couple of bugs fixes as well such as while streaming PipelineRun logs with invalid Task selected, there was an infinite loop instead of throwing error and couple of other bugs fixes.

ChangeLog 📋

Features ✨

... (truncated)

Commits
  • 50af2e7 New version v0.33.0
  • bb23741 Bump golangci-lint to v1.55.2
  • 5a07e62 Bump golang in release pipeline
  • 4b6104e Bump github.com/tektoncd/hub from 1.14.2 to 1.15.0
  • 2064cc8 Bump golang.org/x/term from 0.13.0 to 0.14.0
  • 6c93f79 Bump github.com/fatih/color from 1.15.0 to 1.16.0
  • b6336b5 Bump github.com/tektoncd/chains from 0.18.1 to 0.19.0
  • b447ad6 Bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5
  • c0e6494 Bump github.com/spf13/cobra from 1.7.0 to 1.8.0
  • 093659f Bump github.com/creack/pty from 1.1.18 to 1.1.20
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the dependencies Used by dependabot - identifies all PRs created by dependabot label Nov 9, 2023
@tekton-robot
Copy link

@dependabot[bot]: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot tekton-robot added the do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. label Nov 9, 2023
@dependabot dependabot bot mentioned this pull request Nov 9, 2023
Closed
@tekton-robot tekton-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Nov 9, 2023
@tekton-robot
Copy link

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Nov 9, 2023
@dependabot
Bump github.com/tektoncd/cli from 0.29.0 to 0.33.0
9a37b41 
Bumps [github.com/tektoncd/cli](https://github.com/tektoncd/cli) from 0.29.0 to 0.33.0.
- [Release notes](https://github.com/tektoncd/cli/releases)
- [Changelog](https://github.com/tektoncd/cli/blob/main/RELEASE_PROCESS.md)
- [Commits](tektoncd/cli@v0.29.0...v0.33.0)

---
updated-dependencies:
- dependency-name: github.com/tektoncd/cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/tektoncd/cli-0.33.0 branch from e188ab3 to 9a37b41 Compare November 13, 2023 12:57
@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please ask for approval from enarha after the PR has been reviewed.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@enarha
Copy link
Contributor

enarha commented Nov 21, 2023

/ok-to-test

@tekton-robot tekton-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Nov 21, 2023
@tekton-robot
Copy link

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-tekton-results-integration-tests 9a37b41 link true /test pull-tekton-results-integration-tests
pull-tekton-results-build-tests 9a37b41 link true /test pull-tekton-results-build-tests
pull-tekton-results-unit-tests 9a37b41 link true /test pull-tekton-results-unit-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jan 5, 2024
@tekton-robot
Copy link

@dependabot: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 11, 2024

Superseded by #693.

@dependabot dependabot bot closed this Jan 11, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/tektoncd/cli-0.33.0 branch January 11, 2024 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alan-ghelardi alan-ghelardi Awaiting requested review from alan-ghelardi

@avinal avinal Awaiting requested review from avinal

@dibyom dibyom Awaiting requested review from dibyom

@enarha enarha Awaiting requested review from enarha

Assignees

@enarha enarha

Labels
dependencies Used by dependabot - identifies all PRs created by dependabot do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tekton-robot @enarha