Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: bump the all group in /cli with 4 updates #1916

Closed
wants to merge 1 commit into from
Closed

fix: bump the all group in /cli with 4 updates #1916

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 30, 2023
edited
Loading

Bumps the all group in /cli with 4 updates: cloud.google.com/go/asset, github.com/jedib0t/go-pretty/v6, github.com/migueleliasweb/go-github-mock and github.com/open-policy-agent/opa.

Updates cloud.google.com/go/asset from 1.15.1 to 1.15.2

Commits
  • df23105 chore: release main (#8494)
  • 84888bf test(pubsub): dedupe by message data in ordering keys json test (#8526)
  • a4b2cfb chore: release auth standalone (#8552)
  • bcdb70a chore(video/stitcher): add config to restore generation of apiv1 (#8424)
  • f47885f chore(deps): temporarily ignore grpc dep (#8551)
  • 39d63ad chore(main): release 0.110.8 (#8514)
  • e4da890 test(pubsublite): fix flaky TestAssigningSubscriberAddRemovePartitions (#8496)
  • 73a958d fix(dialogflow/cx): Fix Ruby namespaces for generative AI classes (#8538)
  • 1001acf feat(bigquery): add external dataset reference (#8545)
  • 7f62291 chore(main): release bigquery 1.55.0 (#8464)
  • Additional commits viewable in compare view

Updates github.com/jedib0t/go-pretty/v6 from 6.4.8 to 6.4.9

Release notes

Sourced from github.com/jedib0t/go-pretty/v6's releases.

v6.4.9

Bug-Fixes

  • table
    • do not merge content cells with empty ones (#280)
Commits

Updates github.com/migueleliasweb/go-github-mock from 0.0.20 to 0.0.21

Release notes

Sourced from github.com/migueleliasweb/go-github-mock's releases.

v0.0.21

What's Changed

New Contributors

Full Changelog: migueleliasweb/go-github-mock@v0.0.20...v0.0.21

Commits

Updates github.com/open-policy-agent/opa from 0.57.1 to 0.58.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.58.0

NOTES:

  • All published OPA images now run with a non-root uid/gid. The uid:gid is set to 1000:1000 for all images. As a result there is no longer a need for the -rootless image variant and hence it will not be published as part of future releases. This change is in line with container security best practices. OPA can still be run with root privileges by explicitly setting the user, either with the --user argument for docker run, or by specifying the securityContext in the Kubernetes Pod specification.

This release contains a mix of performance improvements, bugfixes and security fixes for third-party libraries.

Runtime, Tooling, SDK

  • cmd/test: Display lines not covered if code coverage threshold not met in verbose reporting mode (#2562) authored by @​johanfylling
  • cmd/test: Don't round up test coverage calculation as it could lead to inaccurate code coverage results (#6307) authored by @​anderseknert
  • cmd/fmt: Don't format functions without a value to include = true as it is implied (#6323) authored by @​anderseknert
  • server: Remove deprecated partial query parameter from REST API. This option has been deprecated since v0.23.0 (#2266) authored by @​ashutosh-narkar
  • Add support for configurable prometheus buckets for the http_request_duration_seconds metric (#6238) authored by @​AdrianArnautu
  • plugins/bundle: Update bundle plugin state on a reconfigure operation when existing bundle is not modified (#6311) authored by @​asadk12
  • internal/pathwatcher: Fix how paths to watch by a fsnotify watcher are determined to avoid monitoring unintended directories and files (#6277) authored by @​ashutosh-narkar

Topdown and Rego

  • topdown: Fix issue with build optimization producing support modules with forbidden characters in first var of rule ref (#6338) authored by @​johanfylling
  • topdown: Fix panic in build optimization when policy contains rules with a general ref in the head (#6339) authored by @​johanfylling
  • topdown: Avoid unnecessary conversion of small numbers by caching them and thereby helping to speed up some arithmetic operations (#6021) authored by @​ashutosh-narkar
  • ast+rego: Disable compiler stages for IR-based eval paths (#6335) authored by @​srenatus
  • built-in/walk: Skip path creation if path is assigned a wildcard to achieve faster walk-ing (#6267) authored by @​anderseknert
  • ast: Add regression test for edge case where partial rule hides recursion cycle (#6318) authored by @​johanfylling

Docs

  • Drop EXPERIMENTAL status of reported prom metrics (#6298) authored by @​ashutosh-narkar
  • Update documentation on GCS bundles for case where the resource (the object in the GCS bucket) contains slashes (/) or other special characters (#6264) authored by @​dennisg
  • Provide a more clear description of negation in the policy language section (#6275) authored by @​gusega

Website + Ecosystem

  • Fix un-versioned built-in docs issue so that only the built-ins for a given doc version are displayed (#6269) authored by @​charlieegan3

Miscellaneous

  • ci: Remove hub tool in GitHub workflows in favor of GitHub CLI tool (#6326) authored by @​ashutosh-narkar
  • Dependency updates; notably:
    • bump go.opentelemetry.io modules (#6292) authored by @​cksidharthan
    • aquasecurity/trivy-action from 0.12.0 to 0.13.0
    • github.com/containerd/containerd from 1.7.6 to 1.7.7
    • github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0
    • golang.org/x/net from 0.15.0 to 0.17.0
    • google.golang.org/grpc from 1.58.2 to 1.59.0 (addresses vulnerability GHSA-m425-mq94-257g)
    • oras.land/oras-go/v2 from 2.3.0 to 2.3.1
    • sigs.k8s.io/yaml from 1.3.0 to 1.4.0
Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.58.0

NOTES:

  • All published OPA images now run with a non-root uid/gid. The uid:gid is set to 1000:1000 for all images. As a result there is no longer a need for the -rootless image variant and hence it will not be published as part of future releases. This change is in line with container security best practices. OPA can still be run with root privileges by explicitly setting the user, either with the --user argument for docker run, or by specifying the securityContext in the Kubernetes Pod specification.

This release contains a mix of performance improvements, bugfixes and security fixes for third-party libraries.

Runtime, Tooling, SDK

  • cmd/test: Display lines not covered if code coverage threshold not met in verbose reporting mode (#2562) authored by @​johanfylling
  • cmd/test: Don't round up test coverage calculation as it could lead to inaccurate code coverage results (#6307) authored by @​anderseknert
  • cmd/fmt: Don't format functions without a value to include = true as it is implied (#6323) authored by @​anderseknert
  • server: Remove deprecated partial query parameter from REST API. This option has been deprecated since v0.23.0 (#2266) authored by @​ashutosh-narkar
  • Add support for configurable prometheus buckets for the http_request_duration_seconds metric (#6238) authored by @​AdrianArnautu
  • plugins/bundle: Update bundle plugin state on a reconfigure operation when existing bundle is not modified (#6311) authored by @​asadk12
  • internal/pathwatcher: Fix how paths to watch by a fsnotify watcher are determined to avoid monitoring unintended directories and files (#6277) authored by @​ashutosh-narkar

Topdown and Rego

  • topdown: Fix issue with build optimization producing support modules with forbidden characters in first var of rule ref (#6338) authored by @​johanfylling
  • topdown: Fix panic in build optimization when policy contains rules with a general ref in the head (#6339) authored by @​johanfylling
  • topdown: Avoid unnecessary conversion of small numbers by caching them and thereby helping to speed up some arithmetic operations (#6021) authored by @​ashutosh-narkar
  • ast+rego: Disable compiler stages for IR-based eval paths (#6335) authored by @​srenatus
  • built-in/walk: Skip path creation if path is assigned a wildcard to achieve faster walk-ing (#6267) authored by @​anderseknert
  • ast: Add regression test for edge case where partial rule hides recursion cycle (#6318) authored by @​johanfylling

Docs

  • Drop EXPERIMENTAL status of reported prom metrics (#6298) authored by @​ashutosh-narkar
  • Update documentation on GCS bundles for case where the resource (the object in the GCS bucket) contains slashes (/) or other special characters (#6264) authored by @​dennisg
  • Provide a more clear description of negation in the policy language section (#6275) authored by @​gusega

Website + Ecosystem

  • Fix un-versioned built-in docs issue so that only the built-ins for a given doc version are displayed (#6269) authored by @​charlieegan3

Miscellaneous

  • ci: Remove hub tool in GitHub workflows in favor of GitHub CLI tool (#6326) authored by @​ashutosh-narkar
  • Dependency updates; notably:
    • bump go.opentelemetry.io modules (#6292) authored by @​cksidharthan
    • aquasecurity/trivy-action from 0.12.0 to 0.13.0
    • github.com/containerd/containerd from 1.7.6 to 1.7.7
    • github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0
    • golang.org/x/net from 0.15.0 to 0.17.0
    • google.golang.org/grpc from 1.58.2 to 1.59.0 (addresses vulnerability GHSA-m425-mq94-257g)
    • oras.land/oras-go/v2 from 2.3.0 to 2.3.1
    • sigs.k8s.io/yaml from 1.3.0 to 1.4.0
Commits
  • 69a381c Prepare v0.58.0 release
  • 132cc4b docs: Update generated CLI docs
  • a470a21 Rename --future-compat CLI flag
  • d7e9d13 topdown: Fixing issues with optimizing rules with refs in the head
  • 98c300c Rename future.compat import
  • 483d941 build(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.13.0 (#6347)
  • 2bd8d58 build(deps): bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0
  • 89e02ef build(deps): bump oras.land/oras-go/v2 from 2.3.0 to 2.3.1 (#6337)
  • 1246ad2 build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0
  • 544fd03 ast+rego: disable compiler stages for IR-based eval paths (#6335)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 30, 2023
@dependabot dependabot bot mentioned this pull request Oct 30, 2023
Closed
@dpebot
Copy link
Collaborator

dpebot commented Oct 30, 2023

/gcbrun

@dependabot
fix: bump the all group in /cli with 4 updates
7bce689 
Bumps the all group in /cli with 4 updates: [cloud.google.com/go/asset](https://github.com/googleapis/google-cloud-go), [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty), [github.com/migueleliasweb/go-github-mock](https://github.com/migueleliasweb/go-github-mock) and [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).


Updates `cloud.google.com/go/asset` from 1.15.1 to 1.15.2
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.15.1...kms/v1.15.2)

Updates `github.com/jedib0t/go-pretty/v6` from 6.4.8 to 6.4.9
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](jedib0t/go-pretty@v6.4.8...v6.4.9)

Updates `github.com/migueleliasweb/go-github-mock` from 0.0.20 to 0.0.21
- [Release notes](https://github.com/migueleliasweb/go-github-mock/releases)
- [Commits](migueleliasweb/go-github-mock@v0.0.20...v0.0.21)

Updates `github.com/open-policy-agent/opa` from 0.57.1 to 0.58.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.57.1...v0.58.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/asset
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/migueleliasweb/go-github-mock
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/cli/all-afa6a3337b branch from 35c0acb to 7bce689 Compare October 31, 2023 15:48
@dpebot
Copy link
Collaborator

dpebot commented Oct 31, 2023

/gcbrun

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 1, 2023

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 1, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/cli/all-afa6a3337b branch November 1, 2023 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bharathkkb bharathkkb Awaiting requested review from bharathkkb

@g-awmalik g-awmalik Awaiting requested review from g-awmalik

@apeabody apeabody Awaiting requested review from apeabody

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dpebot