feat(deps): bump github.com/spf13/viper from 1.17.0 to 1.18.0

[dependabot]

Bumps github.com/spf13/viper from 1.17.0 to 1.18.0.

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

• chore: rename files according to enabled build tags by @​alexandear in spf13/viper#1642
• test: replace ifs with asserts to simplify tests by @​alexandear in spf13/viper#1656
• ci: enable test shuffle and fix tests by @​alexandear in spf13/viper#1643
• fix: gocritic lint issues by @​alexandear in spf13/viper#1696

Bug Fixes 🐛

• Implement viper.BindStruct for automatic unmarshalling from environment variables by @​krakowski in spf13/viper#1429
• fix isPathShadowedInFlatMap type cast bug by @​linuxsong in spf13/viper#1585

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @​dependabot in spf13/viper#1661
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in spf13/viper#1659
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in spf13/viper#1663
• build(deps): bump actions/github-script from 6.4.1 to 7.0.1 by @​dependabot in spf13/viper#1686
• build(deps): bump github/codeql-action from 2.22.3 to 2.22.8 by @​dependabot in spf13/viper#1688
• build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 by @​dependabot in spf13/viper#1692
• build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @​dependabot in spf13/viper#1690
• build(deps): bump cachix/install-nix-action from 23 to 24 by @​dependabot in spf13/viper#1689
• build(deps): bump github.com/nats-io/nkeys from 0.4.5 to 0.4.6 by @​dependabot in spf13/viper#1672
• build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 by @​dependabot in spf13/viper#1691
• build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @​dependabot in spf13/viper#1668
• chore: update dependencies by @​sagikazarmark in spf13/viper#1694
• chore: update crypt by @​sagikazarmark in spf13/viper#1701

Other Changes

• Add info about multiple hosts for remote config by @​KaymeKaydex in spf13/viper#1684
• refactor: drop fsonitfy wrapper by @​sagikazarmark in spf13/viper#1693
• Note Get* behavior on parse failure by @​scop in spf13/viper#1687
• fix: godot lint issues by @​alexandear in spf13/viper#1657

New Contributors

• @​KaymeKaydex made their first contribution in spf13/viper#1684
• @​krakowski made their first contribution in spf13/viper#1429
• @​linuxsong made their first contribution in spf13/viper#1585

Full Changelog: spf13/viper@v1.17.0...v1.18.0

Commits

• f5fcb4a chore: update crypt
• f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
• 36a3868 Review changes
• f0c4ccd fix: gocritic lint issues
• 3a23b80 ci: enable test shuffle; fix tests
• 73dfb94 feat: make Unmarshal work with AutomaticEnv
• 6ea31ae refactor: move all settings code to a getter
• c4dcd31 fix: godot lint issues
• 4c9b2a2 Note Get* behavior on parse failure
• a4a551f chore: update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (bbf9096) 59.67% compared to head (7e689ea) 59.67%.
Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #367   +/-   ##
=======================================
  Coverage   59.67%   59.67%           
=======================================
  Files          18       18           
  Lines        1550     1550           
=======================================
  Hits          925      925           
  Misses        611      611           
  Partials       14       14           

Flag	Coverage Δ
unittests	59.67% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[guardrails]

⚠️ We detected 1 security issue in this pull request:

Vulnerable Libraries (1)

Severity	Details
N/A	pkg:golang/github.com/spf13/viper@v1.16.0 - no patch available

More info on how to fix Vulnerable Libraries in Go.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.