search

enterprise-contract / ec-cli

Enterprise Contract command line interface
https://enterprisecontract.dev/docs/ec-cli/main/index.html
Apache License 2.0
26 stars 25 forks source link

build(deps): bump the all group in /acceptance with 4 updates #1615

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the all group in /acceptance with 4 updates: github.com/enterprise-contract/enterprise-contract-controller/api, github.com/tektoncd/cli, github.com/testcontainers/testcontainers-go and k8s.io/apimachinery.

Updates github.com/enterprise-contract/enterprise-contract-controller/api from 0.1.43 to 0.1.44

Release notes

Sourced from github.com/enterprise-contract/enterprise-contract-controller/api's releases.

API Release api/v0.1.44

What's Changed

Full Changelog: https://github.com/enterprise-contract/enterprise-contract-controller/compare/api/v0.1.43...api/v0.1.44

Commits
  • 2ddfb79 Bump step-security/harden-runner from 2.7.0 to 2.7.1
  • ba736bc Merge pull request #323 from enterprise-contract/dependabot/go_modules/sigs.k...
  • 466019e Merge pull request #324 from enterprise-contract/dependabot/go_modules/github...
  • 340ef50 Merge pull request #326 from enterprise-contract/dependabot/github_actions/co...
  • 15d0685 Bump codecov/codecov-action from 4.3.0 to 4.3.1
  • 10d6067 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1
  • daba785 Bump sigs.k8s.io/controller-runtime from 0.17.3 to 0.17.4
  • See full diff in compare view


Updates github.com/tektoncd/cli from 0.36.0 to 0.37.0

Release notes

Sourced from github.com/tektoncd/cli's releases.

v0.37.0 Release 🎉

This release comes with support for Pipelines LTS v0.59.0, Triggers v0.27.0, Chains v0.20.0 and Hub v1.17.0 CLI. This release contains a feature to have exit code 0 or 1 or 2 based on PipelineRun status in pipeline start and pipelinerun logs command by providing -E flag and a couple of dependency bumps

ChangeLog 📋

Features :sparkles:

Misc 🔨

... (truncated)

Changelog

Sourced from github.com/tektoncd/cli's changelog.

Tekton CLI Releases

Release Frequency

Tekton CLI follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • A new release is produced on a monthly basis
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
    • LTS releases take place in January, April, July and October every year
    • The first Tekton CLI LTS release will be v0.30.0 in January 2023
    • Releases happen towards the middle of the month, but the exact date may vary, depending on week-ends and readiness

Tekton CLI produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.28 Tekton CLI has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.26 and v0.27.

Release Process

Read about releasing the Tekton CLI in the [release process documentation] [tekton-release-process].

Further documentation available:

  • [Tekton resources][tekton-releases-docs]
  • Standard for [release notes][release-notes-standards]

Releases

v0.37

  • Latest Release: [v0.37.0][v0-37-0] (2024-05-13) ([docs][v0-37-0-docs])
  • Initial Release: [v0.37.0][v0-37-0] (2024-05-13) ([docs][v0-37-0-docs])
  • End of Life: 2025-05-12

v0.36

  • Latest Release: [v0.36.0][v0-36-0] (2024-03-21) ([docs][v0-36-0-docs])
  • Initial Release: [v0.36.0][v0-36-0] (2024-03-21) ([docs][v0-36-0-docs])
  • End of Life: 2025-03-20

... (truncated)

Commits
  • f8b6dc0 New version v0.37.0
  • 8189441 Bump github.com/tektoncd/triggers from 0.26.2 to 0.27.0
  • aa6aad1 Bump the go-docker-dependencies group with 2 updates
  • 3e19d4e Bump github.com/golangci/golangci-lint from 1.58.0 to 1.58.1 in /tools
  • e8fcfa9 Bump github.com/tektoncd/hub from 1.16.0 to 1.17.0
  • ca51d2c Bump goreleaser for latest v1.25.1
  • 67ac3ab Bump go version to 1.22
  • f5e7201 Group all k8s dep together
  • 15e4437 Bump k8s.io/apimachinery to v0.28.9
  • c38d010 Bump k8s.io/cli-runtime from 0.28.5 to 0.28.9
  • Additional commits viewable in compare view


Updates github.com/testcontainers/testcontainers-go from 0.30.0 to 0.31.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.31.0

What's Changed

⚠️ Breaking Changes

Are you hosting your own Testcontainers for Go module?

If you are hosting your own module, please update all the custom options you created for the module, updating them to return an error in the case it occurs. This breaking change is needed to provide a more robust and consistent API for creating modules, allowing module authors to create custom code to customise the container avoiding panics.

🔒 Security

  • chore(deps): bump github.com/containerd/containerd from 1.7.12 to 1.7.15 (#2517) @​mdelapenya

🚀 Features

🐛 Bug Fixes

📖 Documentation

🧹 Housekeeping

📦 Dependency updates

... (truncated)

Commits
  • 896f379 chore: use new version (v0.31.0) in modules and examples
  • 788097d feat(mongodb): add replica set support via opts (#2469)
  • de893e1 fix(modules.kafka): Use broker container IP instead of host IP for advertised...
  • 5fa6548 feat: expose JSON representation of a container with Inspect (#2534)
  • b181e3e chore(deps): bump test-summary action to v2.3 (#2535)
  • b5541e6 chore(deps): bump jinja2 from 3.1.3 to 3.1.4 (#2533)
  • 5c5ff44 Update devcontainer image (#2531)
  • 4effa16 chore(influxdb): include more characters in wait for log regex (#2532)
  • 5e97046 fix(compose): avoid race conditions when caching services (#2528)
  • da2d5c5 chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 5.1.0 (#2525)
  • Additional commits viewable in compare view


Updates k8s.io/apimachinery from 0.29.4 to 0.30.0

Commits
  • 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30
  • c857a38 Update x/net for CVE-2023-45288
  • 0407311 followup to allow special characters
  • 25164f7 Merge pull request #123435 from tallclair/apparmor-ga
  • cbfe0a1 Merge pull request #123758 from liggitt/protobump
  • 21d26b6 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 0c29f84 Merge pull request #123385 from HirazawaUi/allow-special-characters
  • 60d24f2 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-...
  • 513d23a apimachinery/meta/types.go: define InitialEventsAnnotationKey const
  • 67cb3a8 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
zregvart commented 2 months ago

@dependabot ignore k8s.io/apimachinery minor version

dependabot[bot] commented 2 months ago

OK, I won't notify you about version 0.30.x of k8s.io/apimachinery again, unless you unignore it.

zregvart commented 2 months ago

@dependabot recreate

dependabot[bot] commented 2 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot[bot] commented 2 months ago

Looks like this PR is closed. If you re-open it I'll rebase it as long as no-one else has edited it (you can use @dependabot reopen if the branch has been deleted).