search

kubevirt / ssp-operator

Operator that deploys additional KubeVirt resources
Apache License 2.0
29 stars 47 forks source link

chore(deps): Bump the production-dependencies group with 20 updates #1022

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps the production-dependencies group with 20 updates:

Package From To
github.com/machadovilaca/operator-observability 0.0.20 0.0.21
github.com/onsi/gomega 1.32.0 1.34.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring 0.75.1 0.75.2
github.com/spf13/cobra 1.8.0 1.8.1
github.com/tektoncd/pipeline 0.61.1 0.62.0
sigs.k8s.io/kustomize/api 0.17.1 0.17.3
sigs.k8s.io/kustomize/kyaml 0.17.0 0.17.2
github.com/antlr4-go/antlr/v4 4.13.0 4.13.1
github.com/emicklei/go-restful/v3 3.12.0 3.12.1
github.com/google/pprof 0.0.0-20230510103437-eeec1cb781c3 0.0.0-20240424215950-a892ee059fd6
github.com/gorilla/websocket 1.5.1 1.5.3
github.com/grpc-ecosystem/grpc-gateway/v2 2.20.0 2.21.0
github.com/moby/spdystream 0.2.0 0.5.0
golang.org/x/exp 0.0.0-20240213143201-ec583247a57a 0.0.0-20240719175910-8a7402abbf56
golang.org/x/net 0.26.0 0.27.0
golang.org/x/tools 0.21.1-0.20240508182429-e35e4ccd0d2d 0.23.0
google.golang.org/api 0.181.0 0.189.0
google.golang.org/genproto/googleapis/api 0.0.0-20240520151616-dc85e6b867a5 0.0.0-20240723171418-e6d459c13d2a
google.golang.org/genproto/googleapis/rpc 0.0.0-20240515191416-fc5f0ca64291 0.0.0-20240723171418-e6d459c13d2a
google.golang.org/grpc 1.64.0 1.64.1

Updates github.com/machadovilaca/operator-observability from 0.0.20 to 0.0.21

Release notes

Sourced from github.com/machadovilaca/operator-observability's releases.

v0.0.21

What's Changed

Full Changelog: https://github.com/machadovilaca/operator-observability/compare/v0.0.20...v0.0.21

Commits
  • 413f6b5 Merge pull request #13 from assafad/unregister-metrics
  • 38d9f63 Add UnregisterMetrics()
  • ff32813 Merge pull request #12 from machadovilaca/add-timestamp-metrics-to-collectors
  • c7fb9fb Allow timestamped metrics in collectors
  • 5c818f2 Make _example executable
  • See full diff in compare view


Updates github.com/onsi/gomega from 1.32.0 to 1.34.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.1

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]

v1.33.1

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

v1.33.0

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
Commits
  • fa057b8 v1.34.1
  • 5e71dcd Use slices from exp/slices to keep golang 1.20 compat
  • 32e5498 v1.34.0
  • cb3fa6a run go mod tidy and wonder why go get doesnt just run it for me in the first ...
  • 8af2ece bump ginkgo
  • 878940c fix incorrect handling of nil slices in HaveExactElements (fixes #771)
  • f5bec80 clean up bipartitegraph tests
  • ebadb67 issue_765 - fixed bug in Hopcroft-Karp algorithm
  • 123a071 Fix typo in docs
  • c549e0d Add RoundTripper method to ghttp.Server
  • Additional commits viewable in compare view


Updates github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.75.1 to 0.75.2

Release notes

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's releases.

0.75.2 / 2024-07-23

  • [BUGFIX] Avoid invalid alerting config with TLS. #6765
Changelog

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's changelog.

0.75.2 / 2024-07-23

  • [BUGFIX] Avoid invalid alerting config with TLS. #6765
Commits


Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

🐛 Bug fixes

🔧 Maintenance

🧪 Testing & CI/CD

✏️ Documentation

... (truncated)

Commits


Updates github.com/tektoncd/pipeline from 0.61.1 to 0.62.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.62.0 "Birman HAL LTS"

🎉 Ignore Task Failure Promoted and native sidecars adopted with k8s 1.29 🎉

-Docs @ v0.62.0 -Examples @ v0.62.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.62.0/release.yaml

Attestation

The Rekor UUID for this release is 24296fb24b8ad77adbcee63512553d756997c4c7efad2e1163023bda8bd9ddecafde859fcb4ebb11

Obtain the attestation:

REKOR_UUID=24296fb24b8ad77adbcee63512553d756997c4c7efad2e1163023bda8bd9ddecafde859fcb4ebb11
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.62.0/release.yaml
REKOR_UUID=24296fb24b8ad77adbcee63512553d756997c4c7efad2e1163023bda8bd9ddecafde859fcb4ebb11

Obtains the list of images with sha from the attestation


REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.62.0@sha256:" + .digest.sha256')


Download the release file


curl "$RELEASE_FILE" > release.yaml


For each image in the attestation, match it to the release file


for image in $REKOR_ATTESTATION_IMAGES; do

printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";

done

Changes

Features

  • :sparkles: access taskRun reason in addition to status in finally task (#8127)

Access reason in addition to the status using $(tasks.taskName.reason)

... (truncated)

Commits
  • 95fbf31 fix(pipelinerun): block pipelinerun spec updates once the pipelinerun has sta...
  • d6a2cdb fix(taskrun): block taskrun spec updates once the taskrun has started
  • 9ee73be Bump k8s.io/client-go in /test/custom-task-ctrls/wait-task-beta
  • d8bc914 Bump actions/upload-artifact from 4.3.3 to 4.3.4
  • 30c8a33 Bump step-security/harden-runner from 2.8.1 to 2.9.0
  • 689e2cd Bump github.com/containerd/containerd from 1.7.18 to 1.7.20
  • c9eb0f3 Bump k8s.io/code-generator from 0.29.6 to 0.29.7
  • fcafa46 Bump github/codeql-action from 3.25.12 to 3.25.13
  • a43d632 Bump the all group in /tekton with 2 updates
  • db4ac21 Add isBuildArtifact field to Artifacts
  • Additional commits viewable in compare view


Updates sigs.k8s.io/kustomize/api from 0.17.1 to 0.17.3

Release notes

Sourced from sigs.k8s.io/kustomize/api's releases.

api/v0.17.3

chore

#5506: fix some comments #5693: fix: always show accumulation errors #5699: chore: add deprecation comment to commonLabels #5698: fix(namereference): add configuration for new admission API

Dependencies

#5734: Update kyaml to v0.17.2

api/v0.17.2

Feature

#5294: feat: localize absolute paths #5556: feat: support labels key in transformer configuration

Bug fixes/Performance improvements

#5079: perf: improve applyOrdering by avoid call to GetByCurrentId #5500: add testcase that check yield malformed yaml errors

chore

#5625: fix: return error instead of log.Fatalf() #5651: fix: use fmt.Errorf instead of non-existing errors.New

Dependencies

#5672: chore(deps): bump dependencies of kustomize + sync go workspace #5680: chore: restore version for github.com/asaskevich/govalidator #5702: Update kyaml to v0.17.1

kyaml/v0.17.2

chore

#5413: chore(docs): fix grammar error in comment #5506: fix some comments

Commits
  • ddeb572 Merge pull request #5735 from koba1t/pinToCmdConfig
  • 36d78f6 Update cmd/config to v0.14.2
  • 4e52632 Merge pull request #5734 from koba1t/pinToKyaml
  • 8eacab0 Update kyaml to v0.17.2
  • 1a41303 Merge pull request #5628 from antoooks/release-helper-script
  • 7cbaf78 fix:kustomize cfg grep with no arguments causes panic (#5707)
  • 735ad0b Merge pull request #5682 from kozjan/add-label-include-templates
  • c1de030 Merge pull request #5413 from crenshaw-dev/patch-1
  • 5cfd3ab Merge pull request #5725 from kubernetes-sigs/dependabot/go_modules/hack/gola...
  • dfb3064 build(deps): bump golang.org/x/image from 0.13.0 to 0.18.0 in /hack
  • Additional commits viewable in compare view


Updates sigs.k8s.io/kustomize/kyaml from 0.17.0 to 0.17.2

Release notes

Sourced from sigs.k8s.io/kustomize/kyaml's releases.

api/v0.17.2

Feature

#5294: feat: localize absolute paths #5556: feat: support labels key in transformer configuration

Bug fixes/Performance improvements

#5079: perf: improve applyOrdering by avoid call to GetByCurrentId #5500: add testcase that check yield malformed yaml errors

chore

#5625: fix: return error instead of log.Fatalf() #5651: fix: use fmt.Errorf instead of non-existing errors.New

Dependencies

#5672: chore(deps): bump dependencies of kustomize + sync go workspace #5680: chore: restore version for github.com/asaskevich/govalidator #5702: Update kyaml to v0.17.1

kyaml/v0.17.2

chore

#5413: chore(docs): fix grammar error in comment #5506: fix some comments

api/v0.17.1

#5644: fix version subcommand is not working after release build

kyaml/v0.17.1

Dependencies

#5672: chore(deps): bump dependencies of kustomize + sync go workspace #5680: chore: restore version for github.com/asaskevich/govalidator

Commits
  • 9cc25a5 Merge pull request #5703 from koba1t/pinToCmdConfig
  • f6ad718 Update cmd/config to v0.14.1
  • da14e76 Merge pull request #5702 from koba1t/pinToKyaml
  • 7424956 Update kyaml to v0.17.1
  • e244b83 Merge pull request #5688 from emirot/refactor/indexOf
  • f983846 refactor: function in stdlib now
  • 49a645f Merge pull request #5294 from typeid/localize_absolute_paths
  • e7a1549 fix: use fmt.Errorf instead of non-existing errors.New (#5651)
  • 0d7d830 Merge pull request #5681 from emirot/remove-string-in-slice
  • e676d05 Merge pull request #5500 from charles-chenzz/kust-target-tc
  • Additional commits viewable in compare view


Updates github.com/antlr4-go/antlr/v4 from 4.13.0 to 4.13.1

Release notes

Sourced from github.com/antlr4-go/antlr/v4's releases.

Release 4.13.1

The 4.13.1 release has:

  • Some minor performance improvements
  • An optional build tag -tags antlr.nomutex which allows a build without using mutexes, when the user knows they will not use it with multiple go routines. (Note, somewhat experimental)

Note that I did not remove the sort.Slices calls. They will not be experimental for long and are implemented efficently. Please make a fork if you must use it without this dependency. Maybe review whether you need to do so for the sake of one call.

Commits


Updates github.com/emicklei/go-restful/v3 from 3.12.0 to 3.12.1

Changelog

Sourced from github.com/emicklei/go-restful/v3's changelog.

[v3.12.1] - 2024-05-28

  • fix misroute when dealing multiple webservice with regex (#549) (thanks Haitao Chen)
Commits


Updates github.com/google/pprof from 0.0.0-20230510103437-eeec1cb781c3 to 0.0.0-20240424215950-a892ee059fd6

Commits


Updates github.com/gorilla/websocket from 1.5.1 to 1.5.3

Release notes

Sourced from github.com/gorilla/websocket's releases.

v1.5.3

Important change

This reverts the websockets package back to https://github.com/gorilla/websocket/commit/931041c5ee6de24fe9cba1aa16f1a0b910284d6d

What's Changed

New Contributors

Full Changelog: https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3

v1.5.2

What's Changed

... (truncated)

Commits
  • ce903f6 Reverts to v1.5.0
  • 9ec25ca fixes broken random value generation
  • 1bddf2e bumps go version & removes deprecated module usage
  • 750bf92 adds GHA & Makefile configs
  • b2c246b Revert " Update go version & add verification/testing tools (#840)"
  • 09a6bab removing error handling while closing connections
  • 58af150 return errors instead of printing to logs
  • e5f1a0a excludes errchecks linter
  • b2a86a1 Do not timeout when WriteControl deadline is zero
  • 695e909 Remove hideTempErr to allow downstream users to check for errors like net.Err...
  • Additional commits viewable in compare view


Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.20.0 to 2.21.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.21.0

What's Changed

New Contributors

Full Changelog: https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.20.0...v2.21.0

Commits
  • f41fd20 Fix build on 32bit systems (#4557)
  • db9cebd chore(deps): update googleapis digest to 3f4e29a
  • 22c97cd chore(deps): update googleapis digest to 68d8154
  • 39b04b7 chore(deps): update googleapis digest to a91d1a3
  • 0c2a928 chore(deps): update googleapis digest to 6cabb8b
  • 6811367 chore(deps): update googleapis digest to ec69fcc
  • 8508633 fix(deps): update google.golang.org/genproto/googleapis/rpc digest to e6d459c
  • 92fd444 chore(deps): update googleapis digest to 6f08435
  • 6266c42 fix(deps): update google.golang.org/genproto/googleapis/api digest to e6d459c
  • 1507807 chore(deps): update googleapis digest to 51d7fa8
  • Additional commits viewable in compare view


Updates github.com/moby/spdystream from 0.2.0 to 0.5.0

Release notes

Sourced from github.com/moby/spdystream's releases.

[v0.5.0] Avoid leaking timeout timer channels and update github actions

What's Changed

Full Changelog: https://github.com/moby/spdystream/compare/v0.4.0...v0.5.0

[v0.4.0] fix goroutine leak and remove unused code

What's Changed

New Contributors

Full Changelog: https://github.com/moby/spdystream/compare/v0.3.0...v0.4.0

[v0.3.0] Release with fixes for a race condition

What's Changed

New Contributors

Full Changelog: https://github.com/moby/spdystream/compare/v0.2.0...v0.3.0

Commits
  • 77eb080 Merge pull request #101 from liggitt/close-leak
  • 93aa56f Merge pull request #102 from thaJeztah/refresh_gha
  • 0aeabbd gha: test against go1.13 (oldest), go1.21 and go1.22
  • fe02cdd gha: update to actions/setup-go@v5
  • e973431 gha: update to actions/checkout@v4
  • 3f1023d Shorten timeout for unhandled error to 1 second
  • ad82e28 Avoid leaking timeout timer channels
  • 7ebd9df Merge pull request #100 from thaJeztah/remove_gosum
  • cb11f46 remove empty go.sum
  • 258380d Merge pull request #98 from dmcgowan/remove-ws-package
  • Additional commits viewable in compare view


Updates golang.org/x/exp from 0.0.0-20240213143201-ec583247a57a to 0.0.0-20240719175910-8a7402abbf56

Commits


Updates golang.org/x/net from 0.26.0 to 0.27.0

Commits
  • e2310ae go.mod: update golang.org/x dependencies
  • 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
  • 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
  • See full diff in compare view


Updates golang.org/x/tools from 0.21.1-0.20240508182429-e35e4ccd0d2d to 0.23.0

Commits


Updates google.golang.org/api from 0.181.0 to 0.189.0

Release notes

Sourced from google.golang.org/api's releases.

v0.189.0

0.189.0 (2024-07-22)

Features

kubevirt-bot commented 1 month ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign akrejcir for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/ssp-operator/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
sonarcloud[bot] commented 1 month ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

dependabot[bot] commented 1 month ago

Looks like these dependencies are updatable in another way, so this is no longer needed.