Closed dependabot[bot] closed 2 weeks ago
@knqyf263 In the go-sarif
package the schema was changed. Why not exclude it from comparison in tests, since it is filled in by a third-party tool and is subject to change?
@knqyf263 In the go-sarif package the schema was changed. Why not exclude it from comparison in tests, since it is filled in by a third-party tool and is subject to change?
I think it's good to know when the scheme is changed. The test can notify us of the schema update. However, if other tests can catch such a problem, we can exclude it. As long as something doesn't break without us noticing when the library version goes up, I don't mind excluding the schema field.
@dependabot rebase
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!
If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate
.
sarif
format updates quite rarely, so I think it makes little sense to skip checking schema
.
we have only 2 places with tests for sarif
We can disable schema checking for integration test, but there is only 1 test, so updating it will not be a big problem (especially since integration tests can be updated automatically), and I would leave the unit test to work with future format changes.
Bumps the common group with 6 updates in the / directory:
1.7.18
1.7.19
0.19.2
0.20.0
2.3.1
2.3.2
0.24.0
0.25.0
0.18.0
0.19.0
0.26.0
0.27.0
Updates
github.com/containerd/containerd
from 1.7.18 to 1.7.19Release notes
Sourced from github.com/containerd/containerd's releases.
... (truncated)
Commits
2bf793e
Merge pull request #10391 from dmcgowan/prepare-v1.7.1974a3d29
Prepare release notes for v1.7.19043c712
Merge pull request #10406 from samuelkarp/nri-panic-1.75a587e8
Merge pull request #10403 from thaJeztah/1.7_backport_hcsshim_version7f5d3c5
cri: ensure NRI API never has nil CRIaea977f
Merge pull request #10397 from thaJeztah/1.7_backport_deprecate_reference_Spl...6efc5bb
update runhcs binary to v0.11.7945ae09
Windows: Supply windows shim version via filebb84d90
Merge pull request #10396 from yyatmsft/updatehcsshim-release17dba5357
pkg/reference: deprecate SplitObjectUpdates
github.com/google/go-containerregistry
from 0.19.2 to 0.20.0Release notes
Sourced from github.com/google/go-containerregistry's releases.
Commits
d36047a
Restore blind-write to remote.Put (#1970)9915a85
Referrer API must return correct Content-Type (#1968)Updates
github.com/owenrumney/go-sarif/v2
from 2.3.1 to 2.3.2Release notes
Sourced from github.com/owenrumney/go-sarif/v2's releases.
Commits
07358e7
Update sarif.go453ff4a
Update v2/test/report_test.go0c3eb17
Update v2/test/report_test.god85a2aa
Update v2/test/report_test.god225853
Update v2/test/report_test.go32f3160
Update v2/test/report_test.go2b9e88f
Update v2/test/report_test.goc4cde4d
Update v2/test/report_test.go43f5b98
Update v2/test/report_test.go658a181
Update makefile to also run v2 testsUpdates
golang.org/x/crypto
from 0.24.0 to 0.25.0Commits
9fadb0b
go.mod: update golang.org/x dependenciesa6a393f
all: bump go.mod version and drop compatibility shims1c74500
ssh/test: make struct comment match struct named4e7c9c
ssh: fail client auth immediately on receiving disconnect messageUpdates
golang.org/x/mod
from 0.18.0 to 0.19.0Commits
d58be1c
sumdb/tlog: set the hash of the empty tree according to RFC 6962232e49f
Revert "module: add COM0 and LPT0 to badWindowsNames"Updates
golang.org/x/net
from 0.26.0 to 0.27.0Commits
e2310ae
go.mod: update golang.org/x dependencies77708f7
quic: skip tests which depend on unimplemented UDP functions on Plan 99617c63
http2: avoid Transport hang with Connection: close and AllowHTTPUpdates
golang.org/x/term
from 0.21.0 to 0.22.0Commits
c976cb1
go.mod: update golang.org/x dependenciesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show