msftclas
commented
5 years ago
All CLA requirements met.
Closed dependabot-preview[bot] closed 5 years ago
msftclas
commented
5 years ago
All CLA requirements met.
Bumps github.com/Masterminds/sprig from 2.15.0+incompatible to 2.18.0+incompatible.
Release notes
*Sourced from [github.com/Masterminds/sprig's releases](https://github.com/Masterminds/sprig/releases).* > ## 2.19.0: Fixes, reversion of 2.18 change > *IMPORTANT:* This release reverts a change from 2.18.0 > > In the previous release (2.18), we prematurely merged a partial change to the crypto functions that led to creating two sets of crypto functions (I blame [@technosophos](https://github.com/technosophos) -- since that's me). This release rolls back that change, and does what was originally intended: It alters the _existing_ crypto functions to use secure random. > > We debated whether this classifies as a change worthy of major revision, but given the proximity to the last release, we have decided that treating 2.18 as a faulty release is the correct course of action. We apologize for any inconvenience. > > ## Changes > > - Fix substr panic 35fb796e3ed3869e2df7be0e4fcb5e8b2c425453 (Alexey igrychev) > - Remove extra period 1eb7729022202c016475c4f4d0cb2c463c22c5fe (Matthew Lorimor) > - Make random string functions use crypto by default 6ceff26ca2586bda18e788afef093b7d89e70023 (Matthew Lorimor) > - README edits/fixes/suggestions 08fe136717db5c06a7dd9ee140f9de7070774c78 (Lauri Apple) > > ## New functions, updates for Go 1.11, and improved documentation > Sprig has been updated to accommodate a breaking change to Go Templates' nil handling that was introduced in Go 1.11. Along the way, we added some new functions and updated the documentation in several places. > > A few new functions were added, including: > > - mergeOverwrite > - cryptographic functions that use secure random (see fe1de1249f2781f5873969508aa1c9a297671ce0) > > ## All Changes > > - Improve documentation of regexMatch function, resolves [#139](https://github-redirect.dependabot.com/Masterminds/sprig/issues/139) 90b89cedc86ac45049f89567139100466aa66b4d (Jan Tagscherer) > - Handle has for nil list 9c108854bc36c8c5a4bc12af6efef00b2093cf81 (Daniel Cohen) > - Document behaviour of mergeOverwrite fe0dbe93e8c69514fd7e1520237f617219936dd6 (Lukas Rieder) > - Fix dict merge issue and provide mergeOverwrite .dst .src1 to overwrite from src -> dst 4c59c1250a68e7f7a7e48c54f68c38b5c4c26d20 (Lukas Rieder) > - doc: adds missing documentation. 4b871e6ee25372506d32433b8500c329feaae404 (Fernandez Ludovic) > - Replace outdated goutils imports 01893d2f350f3b349e29fd3c5cd49d575293ea04 (Matthew Lorimor) > - Surface crypto secure random strings from goutils fe1de1249f2781f5873969508aa1c9a297671ce0 (Matthew Lorimor) > - Handle untyped nil values as paramters to string functions 2b2ec8fad08275e41bc78b9d4ad4938f430e3ef8 (Morten Torkildsen) > - Fix substr var names and comments d581f80788b5e3493eed4639a3b9b86adf564884 (Dean Coakley) > - Fix substr documentation 27372034d6d4bc190df568170ea616c97cc4b505 (Dean Coakley) > > ## Bug fix: Update dependencies > The 2.17.0 release did not have a version pinned for `xstrings`, which caused compilation failures when xstrings < 1.2 was used. This adds the correct version string to glide.yaml. > > ## Minor release: New functions, updated dependencies > - Update goutils to 1.1.0 4e1125d1400cd9d0d05045013dda46b391f82461 (Matt Butcher) > - fixes spelling errors... not sure how that happened 4cf188a2b79bcba173ac96e90912cdebcabae153 (marshallford) > - adds alder32sum function and test 6908fc2d99d9e77185fe248522903e54f8e5ea25 (marshallford) > - Added kebabcase function ca331a1b276654fa7e74f0b823c1dc57be128a66 (Ilyes512) > - Fix 'has' documentation e3f2a8519b45e095bdd02b0859346a19942423c9 (dean-coakley) > - docs(dict): fix typo in pick example dc424f950a9a3fcad8c5175ad9dccb310480b717 (Dustin Specker) > > ## Minor release: New functions, bugfixes > This release adds a few functions and fixes a handful of bugs. > > - Test on go 1.11 49df8097cae92e03cc4e7a167547097d326561ca (Helgi Þormar Þorbjörnsson) > ... (truncated)Commits
- [`b1fe275`](https://github.com/Masterminds/sprig/commit/b1fe2752acccf8c3d7f8a1e7c75c7ae7d83a1975) Merge pull request [#131](https://github-redirect.dependabot.com/Masterminds/sprig/issues/131) from Dean-Coakley/patch-1 - [`b70dc08`](https://github.com/Masterminds/sprig/commit/b70dc08b9d1b923cee7745c53cc40efab0938336) Merge pull request [#135](https://github-redirect.dependabot.com/Masterminds/sprig/issues/135) from mattlorimor/AddCryptoStrings - [`7436748`](https://github.com/Masterminds/sprig/commit/74367483ad5a19ea8d345b086253c1ef6e30465a) Merge pull request [#136](https://github-redirect.dependabot.com/Masterminds/sprig/issues/136) from ldez/feature/missing-doc - [`bddad17`](https://github.com/Masterminds/sprig/commit/bddad17817ce3ee862db4df45f185af219b0a978) Merge pull request [#137](https://github-redirect.dependabot.com/Masterminds/sprig/issues/137) from Overbryd/fix/dict-merge-issue - [`ec41f06`](https://github.com/Masterminds/sprig/commit/ec41f06bd3749203f2f15022d58e5a35e9a97927) Merge pull request [#138](https://github-redirect.dependabot.com/Masterminds/sprig/issues/138) from dacohen/nil_list_fix - [`e36be37`](https://github.com/Masterminds/sprig/commit/e36be376d21e7962ba114768ea2e74eae6e114ce) Merge pull request [#140](https://github-redirect.dependabot.com/Masterminds/sprig/issues/140) from jtagscherer/issue-139 - [`45a0d1b`](https://github.com/Masterminds/sprig/commit/45a0d1b415c8784375f16291bd86c99375d541cc) Merge pull request [#133](https://github-redirect.dependabot.com/Masterminds/sprig/issues/133) from mortent/StringHandleNil - [`90b89ce`](https://github.com/Masterminds/sprig/commit/90b89cedc86ac45049f89567139100466aa66b4d) Improve documentation of regexMatch function, resolves [#139](https://github-redirect.dependabot.com/Masterminds/sprig/issues/139) - [`9c10885`](https://github.com/Masterminds/sprig/commit/9c108854bc36c8c5a4bc12af6efef00b2093cf81) Handle has for nil list - [`fe0dbe9`](https://github.com/Masterminds/sprig/commit/fe0dbe93e8c69514fd7e1520237f617219936dd6) Document behaviour of mergeOverwrite - Additional commits viewable in [compare view](https://github.com/Masterminds/sprig/compare/v2.15.0...v2.18.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.
You can always request more updates by clicking
Bump nowin your Dependabot dashboard.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in the `.dependabot/config.yml` file in this repo: - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.