dependabot[bot] commented 3 months ago

Bumps github.com/spf13/cobra from 1.8.0 to 1.8.1.

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

Add env variable to suppress completion descriptions on create by @scop in spf13/cobra#1938

🐛 Bug fixes

Micro-optimizations by @scop in spf13/cobra#1957

🔧 Maintenance

build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @dependabot in spf13/cobra#2127

Consistent annotation names by @nirs in spf13/cobra#2140

Remove fully inactivated linters by @nirs in spf13/cobra#2148

Address golangci-lint deprecation warnings, enable some more linters by @scop in spf13/cobra#2152

🧪 Testing & CI/CD

Add test for func in cobra.go by @korovindenis in spf13/cobra#2094

ci: test golang 1.22 by @cyrilico in spf13/cobra#2113

Optimized and added more linting by @scop in spf13/cobra#2099

build(deps): bump actions/setup-go from 4 to 5 by @dependabot in spf13/cobra#2087

build(deps): bump actions/labeler from 4 to 5 by @dependabot in spf13/cobra#2086

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in spf13/cobra#2108

build(deps): bump actions/cache from 3 to 4 by @dependabot in spf13/cobra#2102

✏️ Documentation

Fixes and docs for usage as plugin by @nirs in spf13/cobra#2070

flags: clarify documentation that LocalFlags related function do not modify the state by @niamster in spf13/cobra#2064

chore: remove repetitive words by @racerole in spf13/cobra#2122

Add LXC to the list of projects using Cobra @VaradBelwalkar in spf13/cobra#2071

Update projects_using_cobra.md by @marcuskohlberg in spf13/cobra#2089

[chore]: update projects using cobra by @cmwylie19 in spf13/cobra#2093

Add Taikun CLI to list of projects by @Smidra in spf13/cobra#2098

Add Incus to the list of projects using Cobra by @montag451 in spf13/cobra#2118

... (truncated)

Commits

e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
8003b74 Remove fully inactivated linters (#2148)
5c2c1d6 Consistent annotation names (#2140)
5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
0fc86c2 docs: update user guide (#2128)
6b5f577 More linting (#2099)
bd914e5 fix: remove deprecated io/ioutils package (#2120)
1f80fa2 chore: remove repetitive words (#2122)
c69ae4c ci: test golang 1.22 (#2113)
a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions[bot] commented 3 months ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

gomod/github.com/spf13/cobra

1.8.1

:green_circle: 6.9

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	6 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Signed-Releases	:warning: -1	no releases found
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected

gomod/github.com/spf13/cobra

1.8.0

:green_circle: 6.9

Details

Check	Score	Reason
Code-Review	:green_circle: 10	all changesets reviewed
Maintained	:green_circle: 10	6 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	:warning: 0	no effort to earn an OpenSSF best practices badge detected
License	:green_circle: 10	license file detected
Branch-Protection	:warning: -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	:warning: -1	packaging workflow not detected
Dangerous-Workflow	:green_circle: 10	no dangerous workflow patterns detected
Binary-Artifacts	:green_circle: 10	no binaries found in the repo
Token-Permissions	:green_circle: 10	GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies	:warning: 0	dependency not pinned by hash detected -- score normalized to 0
Fuzzing	:warning: 0	project is not fuzzed
Signed-Releases	:warning: -1	no releases found
Security-Policy	:warning: 0	security policy file not detected
SAST	:warning: 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	:green_circle: 10	0 existing vulnerabilities detected

Scanned Manifest Files

go.mod

github.com/spf13/cobra@1.8.1
github.com/spf13/cobra@1.8.0

github-actions[bot] commented 3 months ago

Test Results

4 files ±0 20 suites ±0 1s :stopwatch: ±0s 65 tests ±0 65 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0 260 runs ±0 260 :white_check_mark: ±0 0 :zzz: ±0 0 :x: ±0

Results for commit 37854806. ± Comparison against base commit dc383cd4.

codeclimate[bot] commented 3 months ago

Code Climate has analyzed commit 37854806 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 87.7% (0.0% change).

View more on Code Climate.

Open-CMSIS-Pack / cbuild2cmake

Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 #139

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

Dependency Review

OpenSSF Scorecard

Scanned Manifest Files

Test Results