build(deps): bump the gomod group with 4 updates #232

dependabot · 2023-11-28T13:59:22Z

Bumps the gomod group with 4 updates: github.com/go-git/go-git/v5, github.com/go-logr/logr, github.com/rs/zerolog and golang.org/x/mod.

Updates github.com/go-git/go-git/v5 from 5.9.0 to 5.10.1

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.10.1

What's Changed

Worktree, ignore ModeSocket files by @steiler in go-git/go-git#930

git: add tracer package by @aymanbagabas in go-git/go-git#916

remote: Flip clause for fast-forward only check by @adityasaky in go-git/go-git#875

plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes #900 by @anandf in go-git/go-git#901

plumbing: uppload-server-info, implement upload-server-info by @aymanbagabas in go-git/go-git#896

plumbing: optimise memory consumption for filesystem storage by @pjbgf in go-git/go-git#799

plumbing: format/packfile, Refactor patch delta by @pjbgf in go-git/go-git#908

plumbing: fix empty uploadpack request error by @aymanbagabas in go-git/go-git#932

plumbing: transport/git, Improve tests error message by @pjbgf in go-git/go-git#752

plumbing: format/pktline, Respect pktline error-line errors by @aymanbagabas in go-git/go-git#936

utils: remove ioutil.Pipe and use std library io.Pipe by @aymanbagabas in go-git/go-git#922

utils: move trace to utils by @aymanbagabas in go-git/go-git#931

cli: separate go module for cli by @aymanbagabas in go-git/go-git#914

build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot in go-git/go-git#887

build: bump actions/setup-go from 3 to 4 by @dependabot in go-git/go-git#891

build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by @dependabot in go-git/go-git#888

build: bump actions/checkout from 3 to 4 by @dependabot in go-git/go-git#890

build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by @dependabot in go-git/go-git#907

build: bump golang.org/x/text from 0.13.0 to 0.14.0 by @dependabot in go-git/go-git#906

build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by @dependabot in go-git/go-git#917

build: bump golang.org/x/net from 0.17.0 to 0.18.0 by @dependabot in go-git/go-git#918

New Contributors

@anandf made their first contribution in go-git/go-git#901

@steiler made their first contribution in go-git/go-git#930

Full Changelog: go-git/go-git@v5.10.0...v5.10.1

v5.10.0

What's Changed

PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by @ThinkChaos in go-git/go-git#782

Worktree, apply ProxyOption on Pull by @nodivbyzero in go-git/go-git#840

Repository: add clone --shared feature by @enverbisevac in go-git/go-git#860

build: Add github workflow to check commit message format by @pjbgf in go-git/go-git#867

Improve handling of remote errors by @makkes in go-git/go-git#866

build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in go-git/go-git#873

plumbing: commitgraph, Add generation v2 support by @zeripath in go-git/go-git#869

plumbing: protocol/packp, Add validation for decodeLine by @pjbgf in go-git/go-git#868

plumbing: parse the encoding header of the commit object by @liwenqiu in go-git/go-git#761

plumbing: commitgraph, allow SHA256 commit-graphs by @zeripath in go-git/go-git#853

plumbing: commitgraph, Allow reading commit-graph chains by @zeripath in go-git/go-git#854

plumbing/object: Support mergetag in merge commits by @adityasaky in go-git/go-git#847

New Contributors

@nodivbyzero made their first contribution in go-git/go-git#840

... (truncated)

Commits

90348bd Merge pull request #936 from aymanbagabas/more-packp
f46d04a plumbing: transport: use git-proto-request and decode error-line errors
e2c6ae3 plumbing: handle pktline erro-line as errors
e187533 plumbing: add git-proto-request type
fecea41 Merge pull request #930 from steiler/fixSockets
5349b8a utils: merkletrie, Skip loading sockets as filesystem nodes. Fixes #312
c114af0 Merge pull request #752 from pjbgf/rt1
2e14e3a plumbing: transport/git, Improve tests error message
6d62dd1 Merge pull request #932 from aymanbagabas/fix-empty
05551b7 plumbing: fix empty uploadpack request error
Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.2.4 to 1.3.0

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.3.0

This release adds support for slog in a new, self-contained logr/slogr package. Implementers of a logr.LogSink are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a slog API call.

Breaking change: the call depth for LogSink.Enabled when called via Logger.Enabled was fixed to be the same as for other call paths. Implementers of a LogSink who have worked around this bug will need to remove their workarounds.

Security best practices were improved. Only Go versions >= 1.18 are supported by this release.

What's Changed

Fix golangci-lint fails by @thockin in go-logr/logr#173

Add minimal permissions to workflows by @pnacht in go-logr/logr#177

Add a security policy by @pnacht in go-logr/logr#178

Update security email by @thockin in go-logr/logr#181

docs: explain relationship between Logger{} and Discard() by @pohly in go-logr/logr#182

Add the OpenSSF Scorecard workflow by @pnacht in go-logr/logr#186

README: show of OpenSSF Scorecard badge by @pohly in go-logr/logr#187

Hash-pin workflow Actions by @pnacht in go-logr/logr#189

Bump go versions to 1.18+ by @thockin in go-logr/logr#203

slogr: add glue code for logging to slog.Handler and with slog.Logger by @pohly in go-logr/logr#205

slogr: restore original backend when converting back and forth by @pohly in go-logr/logr#210

slogr: add SlogSink by @pohly in go-logr/logr#211

Use same call depth for Enabled, Info, Error by @thockin in go-logr/logr#218

test: eliminate helper func by @thockin in go-logr/logr#219

docs: interoperability with slog by @pohly in go-logr/logr#222

build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @dependabot in go-logr/logr#190

build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by @dependabot in go-logr/logr#191

build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by @dependabot in go-logr/logr#192

build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by @dependabot in go-logr/logr#193

build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in go-logr/logr#194

build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in go-logr/logr#207

build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in go-logr/logr#206

build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in go-logr/logr#209

build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in go-logr/logr#208

build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in go-logr/logr#214

build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in go-logr/logr#217

build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in go-logr/logr#220

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in go-logr/logr#221

build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by @dependabot in go-logr/logr#223

build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in go-logr/logr#224

build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#225

build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in go-logr/logr#226

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in go-logr/logr#227

build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by @dependabot in go-logr/logr#228

build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by @dependabot in go-logr/logr#229

build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in go-logr/logr#231

build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in go-logr/logr#230

New Contributors

... (truncated)

Commits

8adefbe docs: interoperability with slog
ebabbb9 build(deps): bump github/codeql-action from 2.22.3 to 2.22.4
9c361f0 build(deps): bump actions/checkout from 4.1.0 to 4.1.1
d9b2b78 Merge pull request #229 from go-logr/dependabot/github_actions/github/codeql-...
91cec29 build(deps): bump github/codeql-action from 2.22.0 to 2.22.3
2ea8628 Merge pull request #228 from go-logr/dependabot/github_actions/github/codeql-...
37a4f55 Merge pull request #227 from go-logr/dependabot/github_actions/ossf/scorecard...
ecf310c build(deps): bump github/codeql-action from 2.21.9 to 2.22.0
d73e05e build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
1d1c415 Merge pull request #226 from go-logr/dependabot/github_actions/github/codeql-...
Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.30.0 to 1.31.0

Commits

8344fc0 Bump actions/checkout from 3 to 4 (#588)
4cb8cc5 Update dependencies
ae9b265 Update Build Status Badge (#589)
1bac5cc added support for NO_COLOR (#586)
b81cc57 Fix the standard logger output example (#584)
ad77222 chore: improve coverage report
95cf29c chore: switch to go-goverage-report action as gocover.io is closing
802c88f chore: adding any function to context (#580)
158e4ad Update logbench URL in README.md
7d5aa98 Deprecate lint in favor of https://github.com/ykadowak/zerologlint (#574)
Additional commits viewable in compare view

Updates golang.org/x/mod from 0.13.0 to 0.14.0

Commits

6e58e47 modfile: improve directory path detection and error text consistency
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 4 updates: [github.com/go-git/go-git/v5](https://github.com/go-git/go-git), [github.com/go-logr/logr](https://github.com/go-logr/logr), [github.com/rs/zerolog](https://github.com/rs/zerolog) and [golang.org/x/mod](https://github.com/golang/mod). Updates `github.com/go-git/go-git/v5` from 5.9.0 to 5.10.1 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.9.0...v5.10.1) Updates `github.com/go-logr/logr` from 1.2.4 to 1.3.0 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.2.4...v1.3.0) Updates `github.com/rs/zerolog` from 1.30.0 to 1.31.0 - [Release notes](https://github.com/rs/zerolog/releases) - [Commits](rs/zerolog@v1.30.0...v1.31.0) Updates `golang.org/x/mod` from 0.13.0 to 0.14.0 - [Commits](golang/mod@v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/rs/zerolog dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2023-12-11T13:08:06Z

Superseded by #233.

dependabot bot requested a review from wfscheper as a code owner November 28, 2023 13:59

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 28, 2023

dependabot bot mentioned this pull request Nov 28, 2023

build(deps): bump the gomod group with 4 updates #231

Closed

dependabot bot closed this Dec 11, 2023

dependabot bot deleted the dependabot/go_modules/gomod-a51f2e7b4f branch December 11, 2023 13:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the gomod group with 4 updates #232

build(deps): bump the gomod group with 4 updates #232

dependabot bot commented on behalf of github Nov 28, 2023 •

edited

Loading

dependabot bot commented on behalf of github Dec 11, 2023

build(deps): bump the gomod group with 4 updates #232

build(deps): bump the gomod group with 4 updates #232

Conversation

dependabot bot commented on behalf of github Nov 28, 2023 • edited Loading

v5.10.1

What's Changed

New Contributors

v5.10.0

What's Changed

New Contributors

v1.3.0

What's Changed

New Contributors

dependabot bot commented on behalf of github Dec 11, 2023

dependabot bot commented on behalf of github Nov 28, 2023 •

edited

Loading