search

flux-iac / tofu-controller

A GitOps OpenTofu and Terraform controller for Flux
https://flux-iac.github.io/tofu-controller/
Apache License 2.0
1.31k stars 137 forks source link

Bump the go-patch group across 3 directories with 16 updates #1445

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the go-patch group with 10 updates in the / directory:

Package From To
github.com/aws/aws-sdk-go-v2 1.30.3 1.30.5
github.com/aws/aws-sdk-go-v2/config 1.27.17 1.27.33
github.com/aws/aws-sdk-go-v2/service/dynamodb 1.34.4 1.34.9
github.com/cyphar/filepath-securejoin 0.3.1 0.3.2
github.com/elgohr/go-localstack 1.0.20 1.0.111
github.com/jenkins-x/go-scm 1.14.11 1.14.41
github.com/kubescape/go-git-url 0.0.25 0.0.30
github.com/onsi/gomega 1.34.1 1.34.2
github.com/spf13/cobra 1.8.0 1.8.1
google.golang.org/protobuf 1.34.1 1.34.2

Bumps the go-patch group with 2 updates in the /api directory: github.com/go-logr/logr and github.com/onsi/gomega. Bumps the go-patch group with 5 updates in the /tfctl directory:

Package From To
github.com/go-logr/logr 1.4.1 1.4.2
github.com/onsi/gomega 1.34.0 1.34.2
github.com/spf13/cobra 1.8.0 1.8.1
google.golang.org/protobuf 1.34.1 1.34.2
sigs.k8s.io/kustomize/kyaml 0.17.0 0.17.2

Updates github.com/aws/aws-sdk-go-v2 from 1.30.3 to 1.30.5

Commits
  • a2b751d Release 2024-09-03
  • e22c249 Regenerated Clients
  • ff0cf6f Update API model
  • 3120376 refactoring of buildQuery to accept a list of maintained headers to l… (#2773)
  • 4ed838e Merge pull request #2768 from bhavya2109sharma/presignedurl-requestpayer-change
  • d4bd42f Merge branch 'main' into presignedurl-requestpayer-change
  • 0353706 Added Changelog
  • 97e2d3f Release 2024-08-30
  • 4cca52b Regenerated Clients
  • c8a5146 Update endpoints model
  • Additional commits viewable in compare view


Updates github.com/aws/aws-sdk-go-v2/config from 1.27.17 to 1.27.33

Commits


Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.17 to 1.17.32

Commits


Updates github.com/aws/aws-sdk-go-v2/service/dynamodb from 1.34.4 to 1.34.9

Commits


Updates github.com/aws/smithy-go from 1.20.3 to 1.20.4

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2024-08-14)

Module Highlights

  • github.com/aws/smithy-go: v1.20.4
    • Dependency Update: Bump minimum Go version to 1.21.

Release (2024-06-27)

Module Highlights

  • github.com/aws/smithy-go: v1.20.3
    • Bug Fix: Fix encoding/cbor test overflow on x86.

Release (2024-03-29)

  • No change notes available for this release.

Release (2024-02-21)

Module Highlights

  • github.com/aws/smithy-go: v1.20.1
    • Bug Fix: Remove runtime dependency on go-cmp.

Release (2024-02-13)

Module Highlights

  • github.com/aws/smithy-go: v1.20.0
    • Feature: Add codegen definition for sigv4a trait.
    • Feature: Bump minimum Go version to 1.20 per our language support policy.

Release (2023-12-07)

Module Highlights

  • github.com/aws/smithy-go: v1.19.0
    • Feature: Support modeled request compression.

Release (2023-11-30)

  • No change notes available for this release.

Release (2023-11-29)

Module Highlights

  • github.com/aws/smithy-go: v1.18.0
    • Feature: Expose Options() method on generated service clients.

Release (2023-11-15)

Module Highlights

  • github.com/aws/smithy-go: v1.17.0
    • Feature: Support identity/auth components of client reference architecture.

... (truncated)

Commits


Updates github.com/cyphar/filepath-securejoin from 0.3.1 to 0.3.2

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.2

This release includes a few fixes for MkdirAll when dealing with S_ISUID and S_ISGID, to solve a regression runc hit when switching to MkdirAll.

  • Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

  • If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.2] - 2024-09-13

Changed

  • Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

Fixed

  • If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)
Commits
  • e408943 VERSION: release v0.3.2
  • 1c875f5 CHANGELOG: fix headers
  • fdaafcc merge #25 into cyphar/filepath-securejoin:main
  • 1acda83 mkdirall: correctly handle sgid directory parent
  • 8484faf tests: mkdirall: refactor check and mkdirall helpers
  • 350d697 mkdirall: explicitly return an error for suid/sgid bits
  • 43b1026 tests: procfs: skip procfs tests if overmounting is blocked
  • 82e5725 VERSION: back to development
  • See full diff in compare view


Updates github.com/elgohr/go-localstack from 1.0.20 to 1.0.111

Commits
  • f2338a6 Merge pull request #980 from elgohr/dependabot/go_modules/docker-12c74cbbec
  • 2a3219b Bump the docker group with 2 updates
  • e1faedc Merge pull request #981 from elgohr/dependabot/go_modules/github.com/maxbruns...
  • aa3a744 Bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.8.1 to 6.9.0
  • 2fc3485 Merge pull request #979 from elgohr/dependabot/go_modules/aws-sdk-6b3fa0658d
  • 53cc661 Bump the aws-sdk group with 2 updates
  • 6aad1c3 Merge pull request #978 from elgohr/dependabot/go_modules/aws-sdk-20894f4fe9
  • ef7f75e Bump the aws-sdk group with 25 updates
  • eac59af Merge pull request #976 from elgohr/dependabot/go_modules/docker-a5ce252b7b
  • ca13cde Bump the docker group with 2 updates
  • Additional commits viewable in compare view


Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Dependencies:

Full Changelog: https://github.com/go-logr/logr/compare/v1.4.1...v1.4.2

Commits
  • 1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
  • ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
  • bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
  • a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
  • 19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
  • 1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
  • f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
  • 4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
  • 88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
  • 432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
  • Additional commits viewable in compare view


Updates github.com/jenkins-x/go-scm from 1.14.11 to 1.14.41

Release notes

Sourced from github.com/jenkins-x/go-scm's releases.

1.14.41

Changes in version 1.14.41

Chores

  • release 1.14.41 (jenkins-x-bot)
  • add variables (jenkins-x-bot)
  • deps: bump github.com/bluekeyes/go-gitdiff from 0.7.3 to 0.7.4 (dependabot[bot])

1.14.40

Changes in version 1.14.40

Chores

  • release 1.14.40 (jenkins-x-bot)
  • add variables (jenkins-x-bot)
  • deps: bump k8s.io/apimachinery from 0.30.2 to 0.30.3 (dependabot[bot])

1.14.39

Changes in version 1.14.39

Chores

  • release 1.14.39 (jenkins-x-bot)
  • add variables (jenkins-x-bot)
  • deps: bump k8s.io/apimachinery from 0.29.0 to 0.30.2 (dependabot[bot])

1.14.38

Changes in version 1.14.38

Chores

  • release 1.14.38 (jenkins-x-bot)
  • add variables (jenkins-x-bot)
  • deps: bump golang.org/x/oauth2 from 0.19.0 to 0.21.0 (dependabot[bot])
  • deps: bump github.com/bluekeyes/go-gitdiff from 0.7.1 to 0.7.3 (dependabot[bot])

1.14.37

Changes in version 1.14.37

Bug Fixes

  • github now requires explicit make_latest=true on update (Mårten Svantesson)

Chores

  • release 1.14.37 (jenkins-x-bot)
  • add variables (jenkins-x-bot)

1.14.36

... (truncated)

Commits
  • 179ef0a chore: release 1.14.41
  • 9aaff94 chore: add variables
  • 12239b8 Merge pull request #452 from jenkins-x/dependabot/go_modules/github.com/bluek...
  • 2414a0d Merge pull request #451 from jenkins-x/dependabot/go_modules/k8s.io/apimachin...
  • 3289ca2 chore(deps): bump github.com/bluekeyes/go-gitdiff from 0.7.3 to 0.7.4
  • 7069d47 chore(deps): bump k8s.io/apimachinery from 0.30.2 to 0.30.3
  • f32b90c Merge pull request #450 from jenkins-x/dependabot/go_modules/k8s.io/apimachin...
  • dcbc130 chore(deps): bump k8s.io/apimachinery from 0.29.0 to 0.30.2
  • 8cbc01f Merge pull request #449 from jenkins-x/dependabot/go_modules/golang.org/x/oau...
  • a50243e Merge pull request #444 from jenkins-x/dependabot/go_modules/github.com/bluek...
  • Additional commits viewable in compare view


Updates github.com/kubescape/go-git-url from 0.0.25 to 0.0.30

Commits
  • d27eb58 Merge pull request #16 from kubescape/fix-gitlab
  • 1ba58cb use detected host in gitlab api
  • afc1c54 Merge pull request #15 from kubescape/fix-gitlab
  • 29a0174 also support self hosted gitlab in NewGitAPI
  • 1d0b89d Merge pull request #14 from kubescape/fix-gitlab
  • ec5afaf add support for self-hosted gitlab
  • 0a7f7ed Merge pull request #13 from kubescape/fix-gitlab
  • 5dd5ab2 fix gitlab project ID generation
  • 36432da Merge pull request #12 from hectorj2f/fix_git_urls_cve
  • e2ce7a0 replace whilp/git-urls module by chainguard-dev/git-urls
  • See full diff in compare view


Updates github.com/onsi/gomega from 1.34.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Commits


Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

... (truncated)

Commits


Updates google.golang.org/protobuf from 1.34.1 to 1.34.2

Updates k8s.io/apimachinery from 0.30.1 to 0.30.3

Commits


Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Dependencies:

Full Changelog: https://github.com/go-logr/logr/compare/v1.4.1...v1.4.2

Commits
  • 1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
  • ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
  • bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
  • a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
  • 19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
  • 1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
  • f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
  • 4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
  • 88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
  • 432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
  • Additional commits viewable in compare view


Updates github.com/onsi/gomega from 1.34.0 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Commits


Updates golang.org/x/net from 0.25.0 to 0.28.0

Commits
  • 4542a42 go.mod: update golang.org/x dependencies
  • 765c7e8 xsrftoken: create no padding base64 string by RawURLEncoding
  • 032e4e4 LICENSE: update per Google Legal
  • e2310ae go.mod: update golang.org/x dependencies
  • 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
  • 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
  • 66e838c go.mod: update golang.org/x dependencies
  • 6249541 http2: avoid race in server handler SetReadDeadine/SetWriteDeadline
  • 603e3e6 quic: disable X25519Kyber768Draft00 in tests
  • 67e8d0c http2: report an error if goroutines outlive serverTester tests
  • Additional commits viewable in compare view


Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Dependencies:

dependabot[bot] commented 2 months ago

Looks like these dependencies are no longer updatable, so this is no longer needed.