search

buildpacks / libcnb

A non-opinionated language binding for the Cloud Native Buildpack Buildpack and Extension specifications
Apache License 2.0
31 stars 13 forks source link

Bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 #179

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0.

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.7.0

Changelog

Features

  • acb932270c1594cb44c052ebeacfe4400c25e30b: feat: add enum for official media types (@​nscuro)
  • 2826fe20711931e40df00c2d9058232b6c4ec8af: feat: add support for encoding to older spec versions (#51) (@​nscuro)
  • 7a2113a1d5cdbc27b170ce7a487cc13a108950f5: feat: raise baseline go version to 1.17 (#53) (@​nscuro)
  • 7415143fe9af48fafb4bd823cfd1dc1aaea9084e: feat: return error when parsing unknown spec versions (@​nscuro)
  • 1655b7dad8bb4e1cc7c402fac75dddf998dc5621: feat: set SpecVersion when decoding from xml (@​nscuro)
  • f97e04a588544317e666deae16fbff4b4b1a89c5: feat: update gitpod dockerfile (@​nscuro)

Fixes

  • ea0d5b79fe245884a46d7537271d0d951d46ad1a: fix: prevent nesting of Dependency (@​nscuro)

Building and Packaging

  • f43660c92e8aa58b574b90395330c2d423d87e54: build(deps): bump actions/setup-go from 3.1.0 to 3.2.0 (@​dependabot[bot])
  • 245831215bceb60ad7c0b237819dadf6fb185a4e: build(deps): bump actions/setup-go from 3.2.0 to 3.2.1 (@​dependabot[bot])
  • 760fae3319dd04b9f95659eca5cada2dcedb885e: build(deps): bump actions/setup-go from 3.2.1 to 3.3.0 (@​dependabot[bot])
  • 4dddf51ddd4be68d6c0f35adef628acd36eae0ab: build(deps): bump apache/skywalking-eyes from 0.3.0 to 0.4.0 (@​dependabot[bot])
  • 6eb6521f71afc72eef65bf97033e1197a778ddab: build(deps): bump github.com/bradleyjkemp/cupaloy/v2 from 2.7.0 to 2.8.0 (@​dependabot[bot])
  • bff00ef23cf6cdcd520c179f995aabc83cc955b9: build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (@​dependabot[bot])
  • fc11b56380ce3c547d34194a39c3ef736e6c8397: build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.4 (@​dependabot[bot])
  • f521d75e187d6f2ca3ce289cfa4afbd961b04402: build(deps): bump github.com/stretchr/testify from 1.7.4 to 1.7.5 (@​dependabot[bot])
  • d5d1ab6ca40e8ef882d6e51e1ebcb4ce72fcb805: build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (@​dependabot[bot])
  • b83bbe808f6545654d4e0deecc7e7806a2e49c4e: build(deps): bump goreleaser/goreleaser-action from 2 to 3 (@​dependabot[bot])

Documentation

  • 8f8fadfe296ad32dd78f513cd7475e81ed85e200: docs: fix cyclonedx-go version in compatibility matrix (@​nscuro)
  • 124f2be91434d720dd5d3149d7ab04461405c207: docs: fix typos (@​nscuro)

Others

  • 5f10aea00cf46bbe3a4ce66ce2b85bd17576a35c: refactor: refine spec version conversion to cover more cases (@​nscuro)
  • 0c2ebff85af58497076969010e3bb29f62f19f16: refactor: separate custom marshalling logic from model (@​nscuro)
Commits
  • 39a1d8f Merge pull request #57 from CycloneDX/tweaks
  • 124f2be docs: fix typos
  • 8f8fadf docs: fix cyclonedx-go version in compatibility matrix
  • 7415143 feat: return error when parsing unknown spec versions
  • c2db05e Merge pull request #56 from CycloneDX/issue-36
  • ea0d5b7 fix: prevent nesting of Dependency
  • 3390ca4 Merge pull request #55 from CycloneDX/refine-conversion
  • acb9322 feat: add enum for official media types
  • 1655b7d feat: set SpecVersion when decoding from xml
  • 5f10aea refactor: refine spec version conversion to cover more cases
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Looks like github.com/CycloneDX/cyclonedx-go is up-to-date now, so this is no longer needed.