Bump the go-deps group across 1 directory with 9 updates

[dependabot[bot]]

Bumps the go-deps group with 8 updates in the / directory:

Package	From	To
github.com/Azure/azure-sdk-for-go/sdk/azcore	1.11.1	1.13.0
github.com/briandowns/spinner	1.23.0	1.23.1
github.com/fatih/color	1.16.0	1.17.0
github.com/hashicorp/go-version	1.6.0	1.7.0
github.com/instrumenta/kubeval	0.16.0	0.16.1
github.com/open-policy-agent/gatekeeper/v3	3.16.0	3.16.3
github.com/spf13/cobra	1.8.0	1.8.1
golang.org/x/mod	0.17.0	0.19.0

Updates github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.11.1 to 1.13.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.13.0

1.13.0 (2024-07-16)

Features Added

• Added runtime.NewRequestFromRequest(), allowing for a policy.Request to be created from an existing *http.Request.

sdk/azcore/v1.12.0

1.12.0 (2024-06-06)

Features Added

• Added field StatusCodes to runtime.FetcherForNextLinkOptions allowing for additional HTTP status codes indicating success.
• Added func NewUUID to the runtime package for generating UUIDs.

Bugs Fixed

• Fixed an issue that prevented pollers using the Operation-Location strategy from unmarshaling the final result in some cases.

Other Changes

• Updated dependencies.

Commits

• 94c22e6 [azcore] prepping for release (#23192)
• c5213b1 Redesign persistent token cache API (#23114)
• 5df73f9 [azopenai]: Update custom_client.go to enable insecure credential with HTTP (...
• b4b4721 [azcore] Adding in a function create a policy.Request using an existing *http...
• 80dbc7d Update CODEOWNERS_baseline_errors.txt (#23191)
• d254d11 Increment package version after release of internal (#23190)
• 62f7a3d Test credential factory supports Pipelines federated auth (#23184)
• 5aaedf4 [Release] sdk/resourcemanager/informaticadatamgmt/arminformaticadatamgmt/1.0....
• ce39ed9 Sync eng/common directory with azure-sdk-tools for PR 8598 (#23175)
• 75d30bb Enable use of pipeline credential. Fixes https://github.com/microsoft/azure-p...
• Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.7.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.

sdk/internal/v1.7.0

1.7.0 (2024-05-01)

Features Added

• Support for local repo override (via presence of eng/target_proxy_version.txt) of invoked test-proxy version.

• RemoveRegisteredSanitizers selectively disables sanitizers the test proxy enables by default since version 1.0.0-dev.20240422.1

Breaking Changes

• Deprecated the go-vcr based test recording API. Its methods now return errors or panic.
• Changed value of recording.SanitizedValue from "sanitized" to "Sanitized" to match the test proxy

sdk/azidentity/v1.7.0

1.7.0 (2024-06-20)

Features Added

• AzurePipelinesCredential authenticates an Azure Pipelines service connection with workload identity federation

Breaking Changes

These changes affect only code written against a beta version such as v1.7.0-beta.1

• Removed the persistent token caching API. It will return in v1.8.0-beta.1

sdk/azidentity/v1.7.0-beta.1

1.7.0-beta.1 (2024-06-10)

Features Added

• Restored AzurePipelinesCredential and persistent token caching API

Breaking Changes

These changes affect only code written against a beta version such as v1.6.0-beta.4

• Values which NewAzurePipelinesCredential read from environment variables in prior versions are now parameters
• Renamed AzurePipelinesServiceConnectionCredentialOptions to AzurePipelinesCredentialOptions

Bugs Fixed

• Managed identity bug fixes

sdk/azidentity/v1.6.0

1.6.0 (2024-06-10)

Features Added

• NewOnBehalfOfCredentialWithClientAssertions creates an on-behalf-of credential that authenticates with client assertions such as federated credentials

Breaking Changes

These changes affect only code written against a beta version such as v1.6.0-beta.4

... (truncated)

Commits

• 624baba bump azcore version number
• ce7217c Prep for azcore v1.7.0 release (#21149)
• 62a8079 Add support for shallow cloning azcore.Client instances (#21065) (#21098)
• 47286b0 Add flag to enable skipping of dependency checks (#21146)
• ee762d4 Fix populating module name in telemetry policy (#20967) (#20971)
• 0243175 Prep azcore v1.6.1 for release (#20961)
• 9c9d62a Increment package version after release of azcore (#20740)
• 36f766d add sdk/resourcemanager/cosmos/armcosmos live test (#20705)
• c005ed6 sdk/resourcemanager/network/armnetwork live test (#20331)
• 5fa7df4 add sdk/resourcemanager/compute/armcompute live test (#20048)
• Additional commits viewable in compare view

Updates github.com/briandowns/spinner from 1.23.0 to 1.23.1

Release notes

Sourced from github.com/briandowns/spinner's releases.

v1.23.1

What's Changed

• fix: CVE-2022-29526 by @​testwill in briandowns/spinner#152
• Consolidate the dependencies for the IsTerminal() API by @​debarshiray in briandowns/spinner#156

New Contributors

• @​testwill made their first contribution in briandowns/spinner#152
• @​debarshiray made their first contribution in briandowns/spinner#156

Full Changelog: https://github.com/briandowns/spinner/compare/v1.23.0...v1.23.1

Commits

• 8f269dd Consolidate the dependencies for the IsTerminal() API (#156)
• 12e6c29 fix: CVE-2022-29526 (#152)
• See full diff in compare view

Updates github.com/fatih/color from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/fatih/color's releases.

v1.17.0

What's Changed

• Fix multi-parameter println spacing by @​klauspost in fatih/color#228
• ci: update Go and Staticcheck versions by @​fatih in fatih/color#222
• Bump golang.org/x/sys from 0.14.0 to 0.17.0 by @​dependabot in fatih/color#221
• Bump actions/setup-go from 4 to 5 by @​dependabot in fatih/color#217
• Bump golang.org/x/sys from 0.17.0 to 0.18.0 by @​dependabot in fatih/color#224

New Contributors

• @​klauspost made their first contribution in fatih/color#228

Full Changelog: https://github.com/fatih/color/compare/v1.16.0...v1.17.0

Commits

• b6598b1 Merge pull request #228 from klauspost/fix-println-issue-218
• 00b1811 Fix multi-parameter println spacing
• 04994a8 Merge pull request #224 from fatih/dependabot/go_modules/golang.org/x/sys-0.18.0
• 7526cad Merge branch 'main' into dependabot/go_modules/golang.org/x/sys-0.18.0
• 8d058ca Merge pull request #222 from fatih/ci-updates
• 2ac809f Bump golang.org/x/sys from 0.17.0 to 0.18.0
• 51a7bbf ci: update Go and Staticcheck versions
• 799c49c Merge pull request #217 from fatih/dependabot/github_actions/actions/setup-go-5
• f8e0ec9 Merge branch 'main' into dependabot/github_actions/actions/setup-go-5
• 298abd8 Merge pull request #221 from fatih/dependabot/go_modules/golang.org/x/sys-0.17.0
• Additional commits viewable in compare view

Updates github.com/hashicorp/go-version from 1.6.0 to 1.7.0

Release notes

Sourced from github.com/hashicorp/go-version's releases.

v1.7.0

ENHANCEMENTS:

• Remove reflect dependency (#91)
• Implement the database/sql.Scanner and database/sql/driver.Value interfaces for Version (#133)

INTERNAL:

• [COMPLIANCE] Add Copyright and License Headers (#115)
• [COMPLIANCE] Update MPL-2.0 LICENSE (#105)
• Bump actions/cache from 3.0.11 to 3.2.5 (#116)
• Bump actions/checkout from 3.2.0 to 3.3.0 (#111)
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#112)
• GHA Migration (#103)
• github: Pin external GitHub Actions to hashes (#107)
• SEC-090: Automated trusted workflow pinning (2023-04-05) (#124)
• update readme (#104)

Changelog

Sourced from github.com/hashicorp/go-version's changelog.

1.7.0 (May 24, 2024)

ENHANCEMENTS:

• Remove reflect dependency (#91)
• Implement the database/sql.Scanner and database/sql/driver.Value interfaces for Version (#133)

INTERNAL:

• [COMPLIANCE] Add Copyright and License Headers (#115)
• [COMPLIANCE] Update MPL-2.0 LICENSE (#105)
• Bump actions/cache from 3.0.11 to 3.2.5 (#116)
• Bump actions/checkout from 3.2.0 to 3.3.0 (#111)
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#112)
• GHA Migration (#103)
• github: Pin external GitHub Actions to hashes (#107)
• SEC-090: Automated trusted workflow pinning (2023-04-05) (#124)
• update readme (#104)

Commits

• fcaa532 Update CHANGELOG.md
• b85381a Update CHANGELOG.md
• d55f214 Implement the Scan and driver.Value SQL interfaces (#133)
• e04a866 remove reflection dependency (#91)
• 94bab9e [COMPLIANCE] Add Copyright and License Headers (#115)
• 73ddc63 github: Change Dependabot to only manage HashiCorp-owned Actions
• bf1144e SEC-090: Automated trusted workflow pinning (2023-04-05) (#124)
• 644291d Bump actions/cache from 3.0.11 to 3.2.5 (#116)
• 8f6487b Bump actions/upload-artifact from 3.1.1 to 3.1.2 (#112)
• 7f856b8 Bump actions/checkout from 3.2.0 to 3.3.0 (#111)
• Additional commits viewable in compare view

Updates github.com/instrumenta/kubeval from 0.16.0 to 0.16.1

Release notes

Sourced from github.com/instrumenta/kubeval's releases.

v0.16.1

Changelog

f99f107 Bump github.com/fatih/color from 1.7.0 to 1.10.0 4db14a9 Bump github.com/spf13/viper from 1.1.0 to 1.7.1 beb16e7 Bump github.com/stretchr/testify from 1.3.0 to 1.7.0 ad7acba Bump pyyaml from 5.1 to 5.4 efc1437 Bump sigs.k8s.io/yaml from 1.1.0 to 1.2.0 09254d0 Merge pull request #275 from instrumenta/dependabot/pip/pyyaml-5.4 114577d Merge pull request #278 from instrumenta/dependabot/go_modules/github.com/spf13/viper-1.7.1 0892549 Merge pull request #279 from instrumenta/dependabot/go_modules/github.com/stretchr/testify-1.7.0 0bd1898 Merge pull request #280 from instrumenta/dependabot/go_modules/github.com/fatih/color-1.10.0 5ef5138 Merge pull request #281 from instrumenta/dependabot/go_modules/sigs.k8s.io/yaml-1.2.0 386640a Merge pull request #282 from instrumenta/golang-1.15 c63749c Merge pull request #283 from instrumenta/issue-246 6eebd38 Merge pull request #284 from carlossg/issue-251 e6f75a2 Merge pull request #285 from carlossg/test fc15a99 chore: add dependabot config 5da28d9 chore: bump golang to 1.15 f5dba6b chore: gorelease to upstream repo 0dfbdd9 fix: List combined with other manifests 026c0d6 fix: do not fail on empty lists

Commits

• f5dba6b chore: gorelease to upstream repo
• e6f75a2 Merge pull request #285 from carlossg/test
• 6eebd38 Merge pull request #284 from carlossg/issue-251
• bb717a4 test: sync test fixtures file list
• 0dfbdd9 fix: List combined with other manifests
• c63749c Merge pull request #283 from instrumenta/issue-246
• 258f4a4 docs: running acceptance tests directly
• 026c0d6 fix: do not fail on empty lists
• 0892549 Merge pull request #279 from instrumenta/dependabot/go_modules/github.com/str...
• beb16e7 Bump github.com/stretchr/testify from 1.3.0 to 1.7.0
• Additional commits viewable in compare view

Updates github.com/open-policy-agent/gatekeeper/v3 from 3.16.0 to 3.16.3

Release notes

Sourced from github.com/open-policy-agent/gatekeeper/v3's releases.

v3.16.3

Chores

• bumping frameworks/constraints (cp - 3399) (#3400) #3400 (Jaydipkumar Arvindbhai Gabani)
• Prepare v3.16.3 release (#3401) #3401 (github-actions[bot])

v3.16.2

⚠️ Tag v3.16.1 has been erroneously published for a wrong commit and it has been deleted to avoid any confusion. Please make sure to use v3.16.2 release instead.

Chores

• bumping to frameworks 2ece026, cherry-pick (#3392) (#3393) #3393 (Jaydipkumar Arvindbhai Gabani)
• Prepare v3.16.1 release (#3394) #3394 (github-actions[bot])
• Prepare v3.16.2 release (#3396) #3396 (github-actions[bot])

Commits

• a08c83d chore: Prepare v3.16.3 release (#3401)
• 0ca51a2 chore: bumping frameworks/constraints (cp - 3399) (#3400)
• 11f8d3f chore: Prepare v3.16.2 release (#3396)
• 74854c3 chore: Prepare v3.16.1 release (#3394)
• ac77334 chore: bumping to frameworks 2ece026, cherry-pick (#3392) (#3393)
• See full diff in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

• Add env variable to suppress completion descriptions on create by @​scop in spf13/cobra#1938

🐛 Bug fixes

• Micro-optimizations by @​scop in spf13/cobra#1957

🔧 Maintenance

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @​dependabot in spf13/cobra#2127
• Consistent annotation names by @​nirs in spf13/cobra#2140
• Remove fully inactivated linters by @​nirs in spf13/cobra#2148
• Address golangci-lint deprecation warnings, enable some more linters by @​scop in spf13/cobra#2152

🧪 Testing & CI/CD

• Add test for func in cobra.go by @​korovindenis in spf13/cobra#2094
• ci: test golang 1.22 by @​cyrilico in spf13/cobra#2113
• Optimized and added more linting by @​scop in spf13/cobra#2099
• build(deps): bump actions/setup-go from 4 to 5 by @​dependabot in spf13/cobra#2087
• build(deps): bump actions/labeler from 4 to 5 by @​dependabot in spf13/cobra#2086
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in spf13/cobra#2108
• build(deps): bump actions/cache from 3 to 4 by @​dependabot in spf13/cobra#2102

✏️ Documentation

• Fixes and docs for usage as plugin by @​nirs in spf13/cobra#2070
• flags: clarify documentation that LocalFlags related function do not modify the state by @​niamster in spf13/cobra#2064
• chore: remove repetitive words by @​racerole in spf13/cobra#2122
• Add LXC to the list of projects using Cobra @​VaradBelwalkar in spf13/cobra#2071
• Update projects_using_cobra.md by @​marcuskohlberg in spf13/cobra#2089
• [chore]: update projects using cobra by @​cmwylie19 in spf13/cobra#2093
• Add Taikun CLI to list of projects by @​Smidra in spf13/cobra#2098
• Add Incus to the list of projects using Cobra by @​montag451 in spf13/cobra#2118

... (truncated)

Commits

• e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
• 8003b74 Remove fully inactivated linters (#2148)
• 5c2c1d6 Consistent annotation names (#2140)
• 5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
• 0fc86c2 docs: update user guide (#2128)
• 6b5f577 More linting (#2099)
• bd914e5 fix: remove deprecated io/ioutils package (#2120)
• 1f80fa2 chore: remove repetitive words (#2122)
• c69ae4c ci: test golang 1.22 (#2113)
• a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.17.0 to 0.19.0

Commits

• d58be1c sumdb/tlog: set the hash of the empty tree according to RFC 6962
• 232e49f Revert "module: add COM0 and LPT0 to badWindowsNames"
• c0bdc7b modfile: add API for godebug lines
• 6686f41 module: add COM0 and LPT0 to badWindowsNames
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Superseded by #358.