search

enterprise-contract / ec-cli

Enterprise Contract command line interface
https://enterprisecontract.dev/docs/ec-cli/main/index.html
Apache License 2.0
27 stars 28 forks source link

build(deps): bump the all group across 1 directory with 8 updates #1582

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the all group with 4 updates in the / directory: cuelang.org/go, github.com/enterprise-contract/enterprise-contract-controller/api, github.com/open-policy-agent/conftest and k8s.io/apiextensions-apiserver.

Updates cuelang.org/go from 0.8.1 to 0.8.2

Updates github.com/enterprise-contract/enterprise-contract-controller/api from 0.1.41 to 0.1.43

Release notes

Sourced from github.com/enterprise-contract/enterprise-contract-controller/api's releases.

API Release api/v0.1.43

What's Changed

Full Changelog: https://github.com/enterprise-contract/enterprise-contract-controller/compare/api/v0.1.42...api/v0.1.43

API Release api/v0.1.42

What's Changed

Full Changelog: https://github.com/enterprise-contract/enterprise-contract-controller/compare/api/v0.1.41...api/v0.1.42

Commits
  • 31192dc Merge pull request #322 from enterprise-contract/dependabot/github_actions/ac...
  • 5d81d40 Merge pull request #321 from enterprise-contract/dependabot/github_actions/ac...
  • b4ffe2b Merge pull request #320 from enterprise-contract/dependabot/github_actions/gi...
  • dfd14bd Merge pull request #319 from enterprise-contract/dependabot/github_actions/ac...
  • 5ec9ecd Bump actions/checkout from 4.1.3 to 4.1.4
  • b02af9e Bump actions/download-artifact from 4.1.5 to 4.1.7
  • 61157de Bump github/codeql-action from 3.25.1 to 3.25.3
  • 00e8982 Bump actions/upload-artifact from 4.3.2 to 4.3.3
  • 8ea25fc Merge pull request #310 from enterprise-contract/dependabot/github_actions/ac...
  • b39f958 Merge pull request #308 from enterprise-contract/dependabot/github_actions/ac...
  • Additional commits viewable in compare view


Updates github.com/open-policy-agent/conftest from 0.51.0 to 0.52.0

Release notes

Sourced from github.com/open-policy-agent/conftest's releases.

v0.52.0

Changelog

OPA Changes

  • c8ca3585dfe99647c0ca039b03522bd83e0ca357: build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.0 (#943) (@​dependabot[bot])
  • 9b082a11765d408ffdddbf365bd0fdd990d87461: build(deps): bump github.com/open-policy-agent/opa from 0.64.0 to 0.64.1 (#947) (@​dependabot[bot])

Other Changes

  • 8f13bf6a82dbb7db38e1ca1a3cddba4f608dbee2: build(deps): bump cuelang.org/go from 0.8.0 to 0.8.1 (#937) (@​dependabot[bot])
  • 37b04d6036f6a146cc2c38e29769ad245c4607e6: build(deps): bump github.com/docker/docker from v25.0.3+incompatible to v25.0.5+incompatible (#932) (@​robmonct)
  • 1b3cc13b4d5e8d99a7a124672046605d1c33d0bc: build(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#948) (@​dependabot[bot])
  • 28d92a408f9d39d01dd85e0055f05f36e09bbf7f: build(deps): bump github.com/moby/buildkit from 0.13.1 to 0.13.2 (#944) (@​dependabot[bot])
  • 4ab6feaed04fa44e1de39e9c823728bfdf906867: build(deps): bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#941) (@​dependabot[bot])
  • c6bd5a541a1526f9ade5e02b41dc11725c97c47c: build(deps): bump golang from 1.22.1-alpine to 1.22.2-alpine (#938) (@​dependabot[bot])
  • 298d74aeade4b4462961fa3c7f1d44a90d7a49d8: ci: Allow Dependabot to update github.com/hashicorp/go-getter (#946) (@​jalseth)
Commits
  • 9b082a1 build(deps): bump github.com/open-policy-agent/opa from 0.64.0 to 0.64.1 (#947)
  • 1b3cc13 build(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#948)
  • 298d74a ci: Allow Dependabot to update github.com/hashicorp/go-getter (#946)
  • 28d92a4 build(deps): bump github.com/moby/buildkit from 0.13.1 to 0.13.2 (#944)
  • c8ca358 build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.0 (#943)
  • 4ab6fea build(deps): bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#941)
  • 37b04d6 build(deps): bump github.com/docker/docker from v25.0.3+incompatible to v25.0...
  • c6bd5a5 build(deps): bump golang from 1.22.1-alpine to 1.22.2-alpine (#938)
  • 8f13bf6 build(deps): bump cuelang.org/go from 0.8.0 to 0.8.1 (#937)
  • See full diff in compare view


Updates github.com/open-policy-agent/opa from 0.63.0 to 0.64.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.64.1

This is a bug fix release addressing the following issues:

  • ci: Pin GitHub Actions macos runner version. The architecture of the GitHub Actions Runner macos-latest was changed from amd64 to arm64 and as a result darwin/amd64 binary wasn't released (#6720) authored by @​suzuki-shunsuke
  • plugins/discovery: Update comparison logic used in the discovery plugin for handling overrides. This fixes a panic that resulted from the comparison of uncomparable types (#6723) authored by @​ashutosh-narkar

v0.64.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.21

This release contains a mix of features, a new builtin function (json.marshal_with_options()), performance improvements, and bugfixes.

Breaking Change

Bootstrap configuration overrides Discovered configuration

Previously if Discovery was enabled, other features like bundle downloading and status reporting could not be configured manually. The reason for this was to prevent OPAs being deployed that could not be controlled through discovery. It's possible that the system serving the discovered config is unaware of all options locally available in OPA. Hence, we relax the configuration check when discovery is enabled so that the bootstrap configuration can contain plugin configurations. In case of conflicts, the bootstrap configuration for plugins wins. These local configuration overrides from the bootstrap configuration are included in the Status API messages so that management systems can get visibility into the local overrides.

In general, the bootstrap configuration overrides the discovered configuration. Previously this was not the case for all configuration fields. For example, if the discovered configuration changes the labels section, only labels that are additional compared to the bootstrap configuration are used, all other changes are ignored. This implies labels in the bootstrap configuration override those in the discovered configuration. But for fields such as default_decision, default_authorization_decision, nd_builtin_cache, the discovered configuration would override the bootstrap configuration. Now the behavior is more consistent for the entire configuration and helps to avoid accidental configuration errors. (#5722) authored by @​ashutosh-narkar

Add rego_version attribute to the bundle manifest

A new global rego_version attribute is added to the bundle manifest, to inform the OPA runtime about what Rego version (v0/v1) to use while parsing/compiling contained Rego files. There is also a new file_rego_versions attribute which allows individual files to override the global Rego version specified by rego_version.

When the version of the contained Rego is advertised by the bundle through this attribute, it is not required to run OPA with the --v1-compatible (or future --v0-compatible) flag in order to correctly parse, compile and evaluate the bundle's modules.

A bundle's rego_version attribute takes precedence over any applied --v1-compatible/--v0-compatible flag. (#6578) authored by @​johanfylling

Runtime, Tooling, SDK

  • compile: Fix panic from CLI + metadata entrypoint overlaps. The panic occurs when opa build was provided an entrypoint from both a CLI flag, and via entrypoint metadata annotation. (#6661) authored by @​philipaconrad
  • cmd/deps: Improve memory footprint and execution time of deps command for policies with high dependency connectivity (#6685) authored by @​johanfylling
  • server: Keep default decision path in-sync with manager's config (#6697) authored by @​ashutosh-narkar
  • server: Remove unnecessary AST-to-JSON conversions (#6665) and (#6669) authored by @​koponen-styra
  • sdk: Allow customizations of the plugin manager via SDK (#6662) authored by @​xico42
  • sdk: Fix issue where active parser options aren't propagated to module reload during bundle activation resulting in errors while activating bundles with v1 syntax (#6689) authored by @​xico42

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.64.1

This is a bug fix release addressing the following issues:

  • ci: Pin GitHub Actions macos runner version. The architecture of the GitHub Actions Runner macos-latest was changed from amd64 to arm64 and as a result darwin/amd64 binary wasn't released (#6720) authored by @​suzuki-shunsuke
  • plugins/discovery: Update comparison logic used in the discovery plugin for handling overrides. This fixes a panic that resulted from the comparison of uncomparable types (#6723) authored by @​ashutosh-narkar

0.64.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.21

This release contains a mix of features, a new builtin function (json.marshal_with_options()), performance improvements, and bugfixes.

Breaking Change

Bootstrap configuration overrides Discovered configuration

Previously if Discovery was enabled, other features like bundle downloading and status reporting could not be configured manually. The reason for this was to prevent OPAs being deployed that could not be controlled through discovery. It's possible that the system serving the discovered config is unaware of all options locally available in OPA. Hence, we relax the configuration check when discovery is enabled so that the bootstrap configuration can contain plugin configurations. In case of conflicts, the bootstrap configuration for plugins wins. These local configuration overrides from the bootstrap configuration are included in the Status API messages so that management systems can get visibility into the local overrides.

In general, the bootstrap configuration overrides the discovered configuration. Previously this was not the case for all configuration fields. For example, if the discovered configuration changes the labels section, only labels that are additional compared to the bootstrap configuration are used, all other changes are ignored. This implies labels in the bootstrap configuration override those in the discovered configuration. But for fields such as default_decision, default_authorization_decision, nd_builtin_cache, the discovered configuration would override the bootstrap configuration. Now the behavior is more consistent for the entire configuration and helps to avoid accidental configuration errors. (#5722) authored by @​ashutosh-narkar

Add rego_version attribute to the bundle manifest

A new global rego_version attribute is added to the bundle manifest, to inform the OPA runtime about what Rego version (v0/v1) to use while parsing/compiling contained Rego files. There is also a new file_rego_versions attribute which allows individual files to override the global Rego version specified by rego_version.

When the version of the contained Rego is advertised by the bundle through this attribute, it is not required to run OPA with the --v1-compatible (or future --v0-compatible) flag in order to correctly parse, compile and evaluate the bundle's modules.

A bundle's rego_version attribute takes precedence over any applied --v1-compatible/--v0-compatible flag. (#6578) authored by @​johanfylling

Runtime, Tooling, SDK

  • compile: Fix panic from CLI + metadata entrypoint overlaps. The panic occurs when opa build was provided an entrypoint from both a CLI flag, and via entrypoint metadata annotation. (#6661) authored by @​philipaconrad
  • cmd/deps: Improve memory footprint and execution time of deps command for policies with high dependency connectivity (#6685) authored by @​johanfylling
  • server: Keep default decision path in-sync with manager's config (#6697) authored by @​ashutosh-narkar
  • server: Remove unnecessary AST-to-JSON conversions (#6665) and (#6669) authored by @​koponen-styra
  • sdk: Allow customizations of the plugin manager via SDK (#6662) authored by @​xico42

... (truncated)

Commits
  • 298f97d Prepare v0.64.1 release
  • faf6382 ci: pin GitHub Actions macos runner version and build for darwin/amd64
  • e72e6f6 plugins/discovery: Update comparison logic for overrides
  • 75cc90a Prepare v0.64.0 release
  • a400281 server: Keep default decision path in-sync with manager's config
  • f2011b1 Adding Raygun to the policy-testing ecosystem (#6712)
  • b58e87f ast: Importing rego.v1 in v0 support modules when applicable (#6698)
  • 44fa8ad Relax configuration check when Discovery is enabled
  • ef8532f auth: requestToken close response body
  • 8260697 build: Update WASM Rego test generation setup (#6707)
  • Additional commits viewable in compare view


Updates k8s.io/apiextensions-apiserver from 0.29.3 to 0.30.0

Commits
  • 03da840 Update dependencies to v0.30.0 tag
  • cb47ad4 Merge remote-tracking branch 'origin/master' into release-1.30
  • 6ce7f38 Update x/net for CVE-2023-45288
  • a2f312c Merge remote-tracking branch 'origin/master' into release-1.30
  • d3649bc fix test flake caused by not waiting for CRD schema update
  • 9624e52 Merge pull request #123732 from serathius/parallel-featureflags
  • 24438a9 Merge pull request #123758 from liggitt/protobump
  • 916521e Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • fe10ad0 Merge pull request #123405 from cici37/vapGA
  • a853d25 Fix SetFeatureGateDuringTest handling of Parallel tests
  • Additional commits viewable in compare view


Updates k8s.io/apimachinery from 0.29.3 to 0.30.0

Commits
  • 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30
  • c857a38 Update x/net for CVE-2023-45288
  • 0407311 followup to allow special characters
  • 25164f7 Merge pull request #123435 from tallclair/apparmor-ga
  • cbfe0a1 Merge pull request #123758 from liggitt/protobump
  • 21d26b6 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 0c29f84 Merge pull request #123385 from HirazawaUi/allow-special-characters
  • 60d24f2 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-...
  • 513d23a apimachinery/meta/types.go: define InitialEventsAnnotationKey const
  • 67cb3a8 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • Additional commits viewable in compare view


Updates k8s.io/client-go from 0.29.3 to 0.30.0

Commits
  • 3aa4577 Update dependencies to v0.30.0 tag
  • 2df4de1 Merge remote-tracking branch 'origin/master' into release-1.30
  • ade2ae2 Update x/net for CVE-2023-45288
  • b4632b7 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • 4467b1e Merge pull request #123909 from AkihiroSuda/fix-123906
  • 650f392 dra api: NodeResourceModel -> ResourceModel
  • 00e4609 api: NodeStatus: rename RuntimeClasses to RuntimeHandlers
  • 7ebe0ea Merge pull request #123180 from AkihiroSuda/rro
  • 3be09aa api: KEP-3857: Recursive Read-only (RRO) mounts
  • 110b75b Merge pull request #123344 from nilekhc/svm-controller
  • Additional commits viewable in compare view


Updates k8s.io/kube-openapi from 0.0.0-20231010175941-2dd684a91f00 to 0.0.0-20240228011516-70dd3763d340

Commits


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | github.com/open-policy-agent/conftest | [< 0.40, > 0.39.1-0.20230309145322-347708d2fd13] | | github.com/open-policy-agent/opa | [>= 0.50.a, < 0.51] | | github.com/enterprise-contract/enterprise-contract-controller/api | [>= 0.1.33.a, < 0.1.34] | | k8s.io/apimachinery | [>= 0.30.a, < 0.31] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
zregvart commented 4 months ago

@dependabot ignore k8s.io/apiextensions-apiserver minor version

dependabot[bot] commented 4 months ago

OK, I won't notify you about version 0.30.x of k8s.io/apiextensions-apiserver again, unless you unignore it.

zregvart commented 4 months ago

@dependabot ignore k8s.io/apimachinery minor version

dependabot[bot] commented 4 months ago

OK, I won't notify you about version 0.30.x of k8s.io/apimachinery again, unless you unignore it.

zregvart commented 4 months ago

@dependabot ignore k8s.io/client-go minor version

dependabot[bot] commented 4 months ago

OK, I won't notify you about version 0.30.x of k8s.io/client-go again, unless you unignore it.

dependabot[bot] commented 4 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.