Bump the github-dependencies group with 2 updates

[dependabot[bot]]

Bumps the github-dependencies group with 2 updates: github.com/spf13/cobra and github.com/spf13/viper.

Updates github.com/spf13/cobra from 1.4.0 to 1.7.0

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.7.0

✨ Features

• Allow to preserve ordering of completions in bash, zsh, pwsh, & fish: @​h4ck3rk3y #1903
• Add support for PowerShell 7.2+ in completions: @​oldium #1916
• Allow sourcing zsh completion script: @​marckhouzam #1917

🐛 Bug fixes

• Don't remove flag values that match sub-command name: @​brianpursley #1781
• Fix powershell completions not returning single word: @​totkeks #1850
• Remove masked template import variable name: @​yashLadha #1879
• Correctly detect completions with dash in argument: @​oncilla #1817

🧪 Testing & CI/CD

• Deprecate Go 1.15 in CI: @​umarcor #1866
• Deprecate Go 1.16 in CI: @​umarcor #1926
• Add testing for Go 1.20 in CI: @​umarcor #1925
• Add tests to illustrate unknown flag bug: @​brianpursley #1854

🔧 Maintenance

• Update main image to better handle dark backgrounds: @​Deleplace and @​marckhouzam #1883
• Fix stale.yaml mispellings: @​enrichman #1863
• Remove stale bot from GitHub actions: @​jpmcb #1908
• Add makefile target for installing dependencies: @​umarcor #1865
• Add Sia to projects using Cobra: @​mike76-dev #1844
• Add Vitess and Arewefastyet to projects using cobra: @​frouioui #1932
• Fixup for Kubescape github org: @​dwertent #1874
• Fix route for GitHub workflows badge: @​sh-cho #1884
• Fixup for GoDoc style documentation: @​yashLadha #1885
• Various bash scripting improvements for completion: @​scop #1702
• Add Constellation to projects using Cobra: @​datosh #1829

✏️ Documentation

• Add documentation about disabling completion descriptions: @​Shihta #1901
• Improve MarkFlagsMutuallyExclusive example in user guide: @​janhn #1904
• Update shell_completions.md: @​gusega #1907
• Update copywrite year: @​umarcor #1927
• Document suggested layout of subcommands: @​lcarva #1930
• Replace deprecated ExactValidArgs with MatchAll in doc: @​doniacld #1836

---

This release contains several long running fixes, improvements to powershell completions, and further optimizations for completions.

Thank you everyone who contributed to this release and all your hard work! Cobra and this community would never be possible without all of you! 🐍

Full changelog: https://github.com/spf13/cobra/compare/v1.6.1...v1.7.0

... (truncated)

Commits

• 4dd4b25 Update main image to better handle dark background (#1883)
• 45360a5 Allow sourcing zsh completion script (#1917)
• c8a20a1 Document suggested layout for subcommands (#1930)
• b197a24 Update projects_using_cobra.md (#1932)
• 9e6b58a update copyright year (#1927)
• fb36524 ci: test Golang 1.20 (#1925)
• c7300f0 ci: deprecate go 1.16 (#1926)
• 567ea8e Add support for PowerShell 7.2+ (#1916)
• 3daa4b9 Add keeporder to shell completion (#1903)
• a516d41 Removes stale bot from GitHub action (#1908)
• Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.12.0 to 1.17.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.17.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

Minimum Go version: 1.19

Viper now requires Go 1.19

This change ensures we can stay up to date with modern practices and dependencies.

log/slog support [BREAKING]

Viper v1.11.0 added an experimental Logger interface to allow custom implementations (besides jwalterweatherman).

In addition, it also exposed an experimental WithLogger function allowing to set a custom logger.

This release deprecates that interface in favor of log/slog released in Go 1.21.

[!WARNING] WithLogger accepts an *slog.Logger from now on.

To preserve backwards compatibility with older Go versions, prior to Go 1.21 Viper accepts a *golang.org/x/exp/slog.Logger.

The experimental flag is removed.

New finder implementation [BREAKING]

As of this release, Viper uses a new library to look for files, called locafero.

The new library is better covered by tests and has been built from scratch as a general purpose file finder library.

The implementation is experimental and is hidden behind a finder build tag.

[!WARNING] The io/fs based implementation (that used to be hidden behind a finder build tag) has been removed.

What's Changed

Exciting New Features 🎉

• Add NATS support by @​hooksie1 in spf13/viper#1590
• Add slog support by @​sagikazarmark in spf13/viper#1627

Enhancements 🚀

• chore: add local development environment using nix by @​sagikazarmark in spf13/viper#1572
• feat: add func GetEnvPrefix by @​baruchiro in spf13/viper#1565
• Improve dev env by @​sagikazarmark in spf13/viper#1575
• fix: code optimization by @​testwill in spf13/viper#1557
• test: remove not needed testutil.Setenv by @​alexandear in spf13/viper#1610
• new finder library based on afero by @​sagikazarmark in spf13/viper#1625

... (truncated)

Commits

• f62f86a refactor: make use of strings.Cut
• 94632fa chore: Use pip3 explicitly to install yamllint
• 3f6cadc chore: Fix copy-paste error for yamllint target
• 287507c docs: add set subset KV example
• f1cb226 chore(deps): update crypt
• c292b55 test: refactor asserts
• 3d006fe refactor: replace interface{} with any
• 8a6dc5d build(deps): bump github/codeql-action from 2.21.8 to 2.21.9
• 96c5c00 chore: remove deprecated build tags
• 44911d2 build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign jsafrane for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-sigs/container-object-storage-interface-controller/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[dependabot[bot]]

Superseded by #106.