mach-composer-cli icon indicating copy to clipboard operation
mach-composer-cli copied to clipboard

Published 20 hours ago verified publisher icon mach-composer

chore(deps): bump the go group across 1 directory with 12 updates

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps the go group with 11 updates in the / directory:

Package From To
github.com/adrg/xdg 0.4.0 0.5.0
github.com/elliotchance/pie/v2 2.8.0 2.8.1
github.com/hashicorp/go-getter 1.7.4 1.7.5
github.com/hashicorp/go-retryablehttp 0.7.6 0.7.7
github.com/hashicorp/hcl/v2 2.20.1 2.21.0
github.com/rs/zerolog 1.32.0 1.33.0
github.com/spf13/cobra 1.8.0 1.8.1
github.com/spf13/viper 1.18.2 1.19.0
golang.org/x/oauth2 0.20.0 0.21.0
github.com/mach-composer/mach-composer-plugin-sdk/v2 2.0.0 2.0.1
golang.org/x/mod 0.17.0 0.19.0

Updates github.com/adrg/xdg from 0.4.0 to 0.5.0

Release notes

Sourced from github.com/adrg/xdg's releases.

v0.5.0

Changelog

  • user-dirs.dirs config file is now parsed on Unix-like operating systems (except for macOS and Plan 9). See XDG user directories README section for more details.
  • Updated golang.org/x/sys dependency to the latest version.

Internal

  • Moved all path related functionality in internal pathutil package.
  • Added internal userdirs package:
    • Moved xdg.UserDirectories to userdirs.Directories.
    • Added parsing functions for user-dirs.dirs config file.
  • Improved package testing.
Commits
  • 1356827 Change definition of userdirs.ParseConfigFile and userdirs.ParseConfig
  • d48cee0 Merge pull request #86 from adrg/dependabot/go_modules/golang.org/x/sys-0.22.0
  • c53b5d9 Add Codecov token in Github actions tests workflow
  • fe619a1 Merge pull request #87 from adrg/parse-user-dirs
  • ed625ee Minor README.md update
  • ac2d468 Improve user directories README.md section
  • 27a1554 Move UserDirectories struct in userdirs package
  • e72f914 Update XDG user directories README.md section
  • e9e51ac Remove xdgPath and xdgPaths functions
  • 28fbf4c Replace xdgPath and xdgPaths calls with pathutil equivalents
  • Additional commits viewable in compare view

Updates github.com/elliotchance/pie/v2 from 2.8.0 to 2.8.1

Commits

Updates github.com/hashicorp/go-getter from 1.7.4 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.4...v1.7.5

Commits
  • 5a63fd9 Merge pull request #497 from hashicorp/fix-git-update
  • 5b7ec5f fetch tags on update and fix tests
  • 9906874 recreate git config during update to prevent config alteration
  • See full diff in compare view

Updates github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7

Changelog

Sourced from github.com/hashicorp/go-retryablehttp's changelog.

0.7.7 (May 30, 2024)

BUG FIXES:

  • client: avoid potentially leaking URL-embedded basic authentication credentials in logs (#158)
Commits
  • 1542b31 v0.7.7
  • defb9f4 v0.7.7
  • a99f07b Merge pull request #158 from dany74q/danny/redacted-url-in-logs
  • 8a28c57 Merge branch 'main' into danny/redacted-url-in-logs
  • 86e852d Merge pull request #227 from hashicorp/dependabot/github_actions/actions/chec...
  • 47fe99e Bump actions/checkout from 4.1.5 to 4.1.6
  • 490fc06 Merge pull request #226 from testwill/ioutil
  • f3e9417 chore: remove refs to deprecated io/ioutil
  • See full diff in compare view

Updates github.com/hashicorp/hcl/v2 from 2.20.1 to 2.21.0

Release notes

Sourced from github.com/hashicorp/hcl/v2's releases.

v2.21.0

Enhancements

  • Introduce ParseTraversalPartial, which allows traversals that include the splat ([*]) index operator. (#673)
  • ext/dynblock: Now accepts marked values in for_each, and will transfer those marks (as much as technically possible) to values in the generated blocks. (#679)

Bugs Fixed

  • Expression evaluation will no longer panic if the splat operator is applied to an unknown value that has cty marks. (#678)
Changelog

Sourced from github.com/hashicorp/hcl/v2's changelog.

v2.21.0 (June 19, 2024)

Enhancements

  • Introduce ParseTraversalPartial, which allows traversals that include the splat ([*]) index operator. (#673)
  • ext/dynblock: Now accepts marked values in for_each, and will transfer those marks (as much as technically possible) to values in the generated blocks. (#679)

Bugs Fixed

  • Expression evaluation will no longer panic if the splat operator is applied to an unknown value that has cty marks. (#678)
Commits
  • 360ae57 prepare for v2.21.0 release
  • f7e093a github: Pin action refs to latest trusted by TSCCR (#683)
  • 212a40e Update CHANGELOG.md
  • 318bbfe hcldec: Allow body-derived values to be marked
  • 9a64c17 dynblock: Preserve marks from for_each expression into result
  • bc75765 hclsyntax: Don't panic if splat operand is unknown and marked
  • bf54697 github: Set up Dependabot to manage HashiCorp-owned Actions versioning
  • 4521ae9 github: Pin action refs to latest trusted by TSCCR (#677)
  • 1c5ae8f Update CHANGELOG.md
  • f7cd61a Add additional function for parsing traversals with [*] keys (#673)
  • See full diff in compare view

Updates github.com/rs/zerolog from 1.32.0 to 1.33.0

Commits

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

... (truncated)

Commits

Updates github.com/spf13/viper from 1.18.2 to 1.19.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.19.0

What's Changed

Bug Fixes 🐛

Dependency Updates ⬆️

... (truncated)

Commits
  • b9733f0 build(deps): bump actions/checkout from 4.1.4 to 4.1.6
  • 6ecc5c8 build(deps): bump cachix/install-nix-action from 26 to 27
  • 248c6fd build(deps): bump github/codeql-action from 3.25.4 to 3.25.7
  • abea773 Update references to bketelsen/crypt
  • f17acb4 build(deps): bump golangci/golangci-lint-action from 4.0.0 to 6.0.1
  • 8e285a5 build(deps): bump github/codeql-action from 3.25.2 to 3.25.4
  • 4017620 build(deps): bump actions/setup-go from 5.0.0 to 5.0.1
  • b67e814 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.1 to 2.2.2
  • 4a182c7 build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.2
  • 45a0e12 build(deps): bump mheap/github-action-required-labels
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.20.0 to 0.21.0

Commits

Updates github.com/google/uuid from 1.5.0 to 1.6.0

Release notes

Sourced from github.com/google/uuid's releases.

v1.6.0

1.6.0 (2024-01-16)

Features

Bug Fixes

Changelog

Sourced from github.com/google/uuid's changelog.

1.6.0 (2024-01-16)

Features

Bug Fixes

Commits

Updates github.com/mach-composer/mach-composer-plugin-sdk/v2 from 2.0.0 to 2.0.1

Changelog

Sourced from github.com/mach-composer/mach-composer-plugin-sdk/v2's changelog.

v2.0.1 - 2024-05-17

Dependency

  • chore(deps): bump github/codeql-action from 2 to 3 in the github-actions group across 1 directory
  • chore(deps): bump github.com/hashicorp/go-plugin from 1.6.0 to 1.6.1 in the go group
Commits
  • 0a0f7fc Merge pull request #14 from mach-composer/release/v2.0.1
  • ea3a14b Release v2.0.1
  • 4eb1571 Merge pull request #15 from mach-composer/dependabot/go_modules/go-8aa7a72b71
  • b144d85 chore(deps): add changelog for dependabot updates
  • 8a11fbf chore(deps): bump github.com/hashicorp/go-plugin in the go group
  • 4a31eb7 Create Dependency-20240510-142032.yaml
  • f4598f2 Merge pull request #13 from mach-composer/dependabot/github_actions/github-ac...
  • 09e6121 Merge pull request #11 from mach-composer/dependabot/go_modules/go-8442f99f56
  • 3fb67c2 chore(deps): bump github/codeql-action
  • aa8bea7 chore(deps): bump the go group with 3 updates
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.17.0 to 0.19.0

Commits
  • d58be1c sumdb/tlog: set the hash of the empty tree according to RFC 6962
  • 232e49f Revert "module: add COM0 and LPT0 to badWindowsNames"
  • c0bdc7b modfile: add API for godebug lines
  • 6686f41 module: add COM0 and LPT0 to badWindowsNames
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar Jul 09 '24 21:07 dependabot[bot]