chore(deps): Bump the all group across 1 directory with 11 updates #1287

dependabot · 2025-02-27T22:26:37Z

Bumps the all group with 6 updates in the /lib directory:

Package	From	To
github.com/go-git/go-git/v5	`5.12.0`	`5.14.0`
github.com/go-playground/validator/v10	`10.23.0`	`10.25.0`
github.com/kluctl/go-embed-python	`0.0.0-3.11.11-20241219-1`	`0.0.0-3.13.1-20241219-1`
github.com/otiai10/copy	`1.14.0`	`1.14.1`
k8s.io/apimachinery	`0.31.4`	`0.32.2`
k8s.io/client-go	`0.31.4`	`0.32.2`

Updates github.com/go-git/go-git/v5 from 5.12.0 to 5.14.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.14.0

What's Changed

v5: Bump Go and dependencies to mitigate GO-2025-3487 by @pjbgf in go-git/go-git#1436

⚠️ Note that this version requires Go 1.23, due to the bump to golang.org/x/crypto@v0.35.0 which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.

Full Changelog: go-git/go-git@v5.13.2...v5.14.0

v5.13.2

What's Changed

plumbing: use the correct user agent string. Fixes #883 by @uragirii in go-git/go-git#1364

build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @dependabot in go-git/go-git#1365

build: bump the golang-org group with 2 updates by @dependabot in go-git/go-git#1367

build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @dependabot in go-git/go-git#1368

build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @dependabot in go-git/go-git#1378

build: bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in go-git/go-git#1376

build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @dependabot in go-git/go-git#1377

git: worktree, fix restoring dot slash files (backported to v5). Fixes #1176 by @BeChris in go-git/go-git#1361

build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by @dependabot in go-git/go-git#1392

git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes #1150 by @BeChris in go-git/go-git#1359

build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by @dependabot in go-git/go-git#1383

Full Changelog: go-git/go-git@v5.13.1...v5.13.2

v5.13.1

What's Changed

build: bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 by @dependabot in go-git/go-git#1327

build: bump github.com/elazarl/goproxy from 1.2.1 to 1.2.2 by @dependabot in go-git/go-git#1329

build: bump github.com/elazarl/goproxy from 1.2.2 to 1.2.3 by @dependabot in go-git/go-git#1340

Revert "plumbing: transport/ssh, Add support for SSH @cert-authority." by @pjbgf in #1346

Full Changelog: go-git/go-git@v5.13.0...v5.13.1

v5.13.0

What's Changed

build: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by @dependabot in go-git/go-git#1065

build: bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1068

build: bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in go-git/go-git#1071

Properly support skipping of non-mandatory extensions by @codablock in go-git/go-git#1066

git: Refine some codes in test and non-test. by @onee-only in go-git/go-git#1077

plumbing: protocol/packp, client-side filter capability support by @edigaryev in go-git/go-git#1000

build: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by @dependabot in go-git/go-git#1078

plumbing: fix sideband demux on flush by @aymanbagabas in go-git/go-git#1084

storage: dotgit, head reference usually comes first by @aymanbagabas in go-git/go-git#1085

build: bump golang.org/x/text from 0.14.0 to 0.15.0 by @dependabot in go-git/go-git#1091

build: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1094

build: bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in go-git/go-git#1093

git: Added an example for Repository.Branches by @johnmatthiggins in go-git/go-git#1088

git: worktree_commit, Modify checking empty commit. Fixes #723 by @onee-only in go-git/go-git#1050

... (truncated)

Commits

863c621 Merge pull request #1436 from pjbgf/v5-bumps
2e69e81 build: Bump dependencies
b2c1ec9 build: Bump Go versions
2c68247 Merge pull request #1383 from go-git/dependabot/go_modules/github.com/ProtonM...
d462c2e Merge pull request #1359 from BeChris/issue1150-v5
32ac23a Merge pull request #1392 from go-git/dependabot/go_modules/github.com/pjbgf/s...
93e635a build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2
b2bb975 git: worktree_status, took into account code review remarks
518ac88 git: worktree_status, fix adding dot slash files to working tree (backported ...
21b3150 build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5
Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.23.0 to 10.25.0

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

Release 10.25.0

What's Changed

Fix postcode_iso3166_alpha2_field validation by @ddevcap in go-playground/validator#1359

Update README to replace the Travis CI badge with a GitHub Actions badge by @nodivbyzero in go-playground/validator#1362

chore: using errors.As instead of type assertion by @fatelei in go-playground/validator#1346

Fix/remove issue template md by @ganeshdipdumbare in go-playground/validator#1375

feat: Add support for omitting empty and zero values in validation (including nil pointer and empty content of pointer) by @zeewell in go-playground/validator#1289

New Contributors

@ddevcap made their first contribution in go-playground/validator#1359

@fatelei made their first contribution in go-playground/validator#1346

@zeewell made their first contribution in go-playground/validator#1289

Full Changelog: go-playground/validator@v10.24.0...v10.25.0

Release 10.24.0

What's Changed

MSGV additions by @deankarn in go-playground/validator#1361

The MSGV(Minimum Supported Go Version) has been bumped to v1.20 to address a security issues in the gaoling net package.

Full Changelog: go-playground/validator@v10.23.0...v10.24.0

Commits

0240917 Update README.md
f5f02dc feat: Add support for omitting empty and zero values in validation (including...
c171f2d Fix/remove issue template md (#1375)
e564451 chore: using errors.As instead of type assertion (#1346)
57dcfdc Update README to replace the Travis CI badge with a GitHub Actions badge (#1362)
b111154 Fix postcode_iso3166_alpha2_field validation (#1359)
2cce309 MSGV additions (#1361)
6c3307e Update README.md
See full diff in compare view

Updates github.com/kluctl/go-embed-python from 0.0.0-3.11.11-20241219-1 to 0.0.0-3.13.1-20241219-1

Commits

694241b added python 3.13.1 from python-standalone 20241219
See full diff in compare view

Updates github.com/otiai10/copy from 1.14.0 to 1.14.1

Commits

5ef5923 Revert "CopyMethod" since it's not ready
49b0b59 Merge pull request #164 from eth-p/feat-copymethod-api
f530620 ci: Allow triggering Go workflow manually
b4dd789 refactor: Split common code out of CopyBytes
9205813 feat: Add FileCopyMethod option / API
2f93b8f Merge pull request #159 from otiai10/dependabot/go_modules/main/golang.org/x/...
87072f3 Bump golang.org/x/sys from 0.23.0 to 0.24.0
d0690cb Merge pull request #158 from otiai10/dependabot/go_modules/main/golang.org/x/...
b87119d Bump golang.org/x/sys from 0.22.0 to 0.23.0
355527c Merge pull request #157 from otiai10/dependabot/go_modules/main/golang.org/x/...
Additional commits viewable in compare view

Updates github.com/rogpeppe/go-internal from 1.13.1 to 1.14.1

Release notes

Sourced from github.com/rogpeppe/go-internal's releases.

v1.14.1

What's Changed

testscript: remove temp dirs when finishing once again by @mvdan in rogpeppe/go-internal#290

Full Changelog: rogpeppe/go-internal@v1.14.0...v1.14.1

v1.14.0

What's Changed

Bump Go dependencies by @lucacome in rogpeppe/go-internal#266

diff,misspell: fix typos in comments by @alexandear in rogpeppe/go-internal#282

testscript: phase out func() int in RunMain by @mvdan in rogpeppe/go-internal#281

add Go 1.24.x, drop 1.22.x by @mvdan in rogpeppe/go-internal#288

New Contributors

@lucacome made their first contribution in rogpeppe/go-internal#266

@alexandear made their first contribution in rogpeppe/go-internal#282

Full Changelog: rogpeppe/go-internal@v1.13.1...v1.14.0

Commits

9ee3698 testscript: remove temp dirs when finishing once again
eb18234 all: modernize -fix ./...
dd6dbb2 add Go 1.24.x, drop 1.22.x
a5dc8ff testscript: phase out func() int in RunMain
f18544a diff,misspell: fix typos in comments (#282)
e71c486 Bump Go dependencies
See full diff in compare view

Updates golang.org/x/crypto from 0.31.0 to 0.35.0

Commits

7292932 ssh: limit the size of the internal packet queue while waiting for KEX
f66f74b acme/autocert: check host policy before probing the cache
b0784b7 x509roots/fallback: drop obsolete build constraint
911360c all: bump golang.org/x/crypto dependencies of asm generators
89ff08d all: upgrade go directive to at least 1.23.0 [generated]
e47973b all: update certs for go1.24
9290511 go.mod: update golang.org/x dependencies
fa5273e x509roots/fallback: update bundle
a8ea4be ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface
71d3a4c acme: support challenges that require the ACME client to send a non-empty JSO...
Additional commits viewable in compare view

Updates golang.org/x/net from 0.32.0 to 0.35.0

Commits

df97a48 go.mod: update golang.org/x dependencies
2dab271 route: treat short sockaddr lengths as unspecified
b914489 internal/http3: refactor in prep for sharing transport/server code
ebd23f8 route: fix parsing network address of length zero
938a9fb internal/http3: add request/response body transfer
145b2d7 internal/http3: add RoundTrip
5bda71a internal/http3: define connection and stream error types
3c1185a internal/http3: return error on mid-frame EOF
a6c2c7f http2, internal/httpcommon: factor out common request header logic for h2/h3
c72e89d internal/http3: QPACK encoding and decoding
Additional commits viewable in compare view

Updates golang.org/x/sys from 0.28.0 to 0.30.0

Commits

863b3c4 unix: update glibc to 2.41
4d4692e unix: add Auxv
b215a1c unix: update to Linux kernel 6.13
c756214 cpu: add support for AVX-VNNI and IFMA detection
1c14dca unix: add GetPeerUcred and UcredGet for solaris
d4ac05d windows: update NewLazyDLL, LoadDLL docs to point to NewLazySystemDLL
680bd24 windows: remove unused errString type
a7f19e9 unix: add Dup3 on dragonfly
See full diff in compare view

Updates golang.org/x/text from 0.21.0 to 0.22.0

Commits

3b64043 go.mod: update golang.org/x dependencies
1e59086 message/pipeline: add two Unalias calls
See full diff in compare view

Updates k8s.io/apimachinery from 0.31.4 to 0.32.2

Commits

59e9003 Merge remote-tracking branch 'origin/master' into release-1.32
639247c Drop use of winreadlinkvolume godebug option
220d7c3 Merge remote-tracking branch 'origin/master' into release-1.32
c199d3b Revert to go1.22 windows filesystem stdlib behavior
16af2ff implement unsafe deletion, and wire it
6ff8305 api: run codegen
ca9b8b2 api: add a new field to meta/v1 DeleteOptions
d941d9f Merge pull request #128503 from benluddy/cbor-codecs-featuregate
3b4250f Wire serving codecs to CBOR feature gate.
daaad09 Merge pull request #128501 from benluddy/watch-cbor-seq
Additional commits viewable in compare view

Updates k8s.io/client-go from 0.31.4 to 0.32.2

Commits

86ff7a1 Update dependencies to v0.32.2 tag
4765ade Merge remote-tracking branch 'origin/master' into release-1.32
692a511 Drop use of winreadlinkvolume godebug option
9df5099 Merge remote-tracking branch 'origin/master' into release-1.32
120beb2 Revert to go1.22 windows filesystem stdlib behavior
55d23e2 Align fake client-go clients with the main interface
646e79b Run codegen
c475fe0 Generify fake clientsets
955401c Merge pull request #128407 from ndixita/pod-level-resources
eddb107 Merge pull request #127857 from Jefftree/cle-v1alpha2
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

codablock · 2025-04-11T08:26:18Z

@dependabot rebase

codablock · 2025-04-11T12:35:27Z

@dependabot rebase

codablock · 2025-04-11T13:45:05Z

@dependabot rebase

codablock · 2025-04-11T14:51:59Z

@dependabot rebase

Bumps the all group with 6 updates in the /lib directory: | Package | From | To | | --- | --- | --- | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.12.0` | `5.14.0` | | [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.23.0` | `10.25.0` | | [github.com/kluctl/go-embed-python](https://github.com/kluctl/go-embed-python) | `0.0.0-3.11.11-20241219-1` | `0.0.0-3.13.1-20241219-1` | | [github.com/otiai10/copy](https://github.com/otiai10/copy) | `1.14.0` | `1.14.1` | | [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.31.4` | `0.32.2` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.31.4` | `0.32.2` | Updates `github.com/go-git/go-git/v5` from 5.12.0 to 5.14.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.14.0) Updates `github.com/go-playground/validator/v10` from 10.23.0 to 10.25.0 - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](go-playground/validator@v10.23.0...v10.25.0) Updates `github.com/kluctl/go-embed-python` from 0.0.0-3.11.11-20241219-1 to 0.0.0-3.13.1-20241219-1 - [Commits](kluctl/go-embed-python@v0.0.0-3.11.11-20241219-1...v0.0.0-3.13.1-20241219-1) Updates `github.com/otiai10/copy` from 1.14.0 to 1.14.1 - [Release notes](https://github.com/otiai10/copy/releases) - [Commits](otiai10/copy@v1.14.0...v1.14.1) Updates `github.com/rogpeppe/go-internal` from 1.13.1 to 1.14.1 - [Release notes](https://github.com/rogpeppe/go-internal/releases) - [Commits](rogpeppe/go-internal@v1.13.1...v1.14.1) Updates `golang.org/x/crypto` from 0.31.0 to 0.35.0 - [Commits](golang/crypto@v0.31.0...v0.35.0) Updates `golang.org/x/net` from 0.32.0 to 0.35.0 - [Commits](golang/net@v0.32.0...v0.35.0) Updates `golang.org/x/sys` from 0.28.0 to 0.30.0 - [Commits](golang/sys@v0.28.0...v0.30.0) Updates `golang.org/x/text` from 0.21.0 to 0.22.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.21.0...v0.22.0) Updates `k8s.io/apimachinery` from 0.31.4 to 0.32.2 - [Commits](kubernetes/apimachinery@v0.31.4...v0.32.2) Updates `k8s.io/client-go` from 0.31.4 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.31.4...v0.32.2) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/kluctl/go-embed-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/otiai10/copy dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/rogpeppe/go-internal dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

…ntication errors Verify changes on the marshalled map and not via reflect.DeepEqual

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 27, 2025

dependabot bot mentioned this pull request Feb 27, 2025

chore(deps): Bump the all group across 1 directory with 11 updates #1285

Closed

dependabot bot force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from d5fdc51 to b97ee31 Compare April 11, 2025 08:27

dependabot bot force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from b97ee31 to 114aefa Compare April 11, 2025 12:37

dependabot bot force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from 114aefa to 9496d6f Compare April 11, 2025 13:46

dependabot bot force-pushed the dependabot/go_modules/lib/all-353eb149ab branch 2 times, most recently from 9496d6f to d72c7d4 Compare April 11, 2025 14:55

8000
codablock force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from a9d3493 to 50e3e5b Compare April 11, 2025 14:58

dependabot bot and others added 2 commits April 11, 2025 16:59

chore: Update go to 1.24 for kluctl/lib

7be2286

codablock force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from 50e3e5b to 9de3f93 Compare April 11, 2025 15:00

chore: Run go mod tidy on root project

3c1440d

codablock force-pushed the dependabot/go_modules/lib/all-353eb149ab branch 2 times, most recently from a8c5944 to 8f1cbd0 Compare April 11, 2025 15:39

codablock added 2 commits April 11, 2025 18:53

fix: Fix non-constant format strings

7e363ba

tests: Don't try commit unchanged files and return/check proper authe…

21c32a3

…ntication errors Verify changes on the marshalled map and not via reflect.DeepEqual

codablock force-pushed the dependabot/go_modules/lib/all-353eb149ab branch from 8f1cbd0 to 21c32a3 Compare April 11, 2025 16:55

codablock merged commit 6e01d67 into main Apr 13, 2025
10 checks passed

codablock deleted the dependabot/go_modules/lib/all-353eb149ab branch April 13, 2025 21:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): Bump the all group across 1 directory with 11 updates #1287

chore(deps): Bump the all group across 1 directory with 11 updates #1287

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

chore(deps): Bump the all group across 1 directory with 11 updates #1287

chore(deps): Bump the all group across 1 directory with 11 updates #1287

Uh oh!

Conversation

Uh oh!

v5.14.0

What's Changed

v5.13.2

What's Changed

v5.13.1

What's Changed

v5.13.0

What's Changed

Release 10.25.0

What's Changed

New Contributors

Release 10.24.0

What's Changed

v1.14.1

What's Changed

v1.14.0

What's Changed

New Contributors

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!