Bump github.com/fxamacker/cbor/v2 from 2.4.1-0.20220515183430-ad2eae63303f to 2.5.0-beta5

[dependabot[bot]]

Bumps github.com/fxamacker/cbor/v2 from 2.4.1-0.20220515183430-ad2eae63303f to 2.5.0-beta5.

Release notes

Sourced from github.com/fxamacker/cbor/v2's releases.

v2.5.0-beta5 is fuzz tested and production quality, but docs need to be updated before releasing v2.5.0. IMPORTANT: Please view these release notes (esp. v2.5.0-beta) before upgrading from v2.4 or earlier:

• v2.5.0-beta4 - Bugfix for Diagnose to return io.EOF on empty data.
• v2.5.0-beta3 - Add functions: Diagnose, DiagnoseFirst, UnmarshalFirst, Wellformed.
• v2.5.0-beta2 - Bugfix to retry in Decoder if io.Reader's Read() returns 0 bytes read with nil error.
• v2.5.0-beta - Notable improvements, optimizations, bugfixes, and 8 new contributors!

What's Changed since v2.5.0-beta4

• Add Decoder.Buffered to return remaining data in buffer by @​fxamacker in fxamacker/cbor#412
• Update README.md for v2.5.0-beta5 by @​fxamacker in fxamacker/cbor#413

Full Changelog: https://github.com/fxamacker/cbor/compare/v2.5.0-beta4...v2.5.0-beta5

v2.5.0-beta4

Features already present in v2.4 are release quality. Newly added functions require more fuzzing and docs.
IMPORTANT: Please view these release notes (esp. v2.5.0-beta) before upgrading from v2.4:

• v2.5.0-beta3 - Add Diagnose(), DiagnoseFirst(), UnmarshalFirst(), Wellformed().
• v2.5.0-beta2 - Bugfix and release notes include benchmark comparison of v2.5.0-beta2 vs v2.4.0.
• v2.5.0-beta - Notable improvements, optimizations, bugfixes, and 8 new contributors!

What's Changed Since v2.5.0-beta3

• Bump safer-golangci-lint to 1.52.2 by @​x448 in fxamacker/cbor#408
• Fix Diagnose() to return io.EOF error on empty data by @​fxamacker in fxamacker/cbor#410
• Update README.md for cbor v2.5.0-beta4 by @​fxamacker in fxamacker/cbor#411

Full Changelog: https://github.com/fxamacker/cbor/compare/v2.5.0-beta3...v2.5.0-beta4

v2.5.0-beta3

This release adds 4 new functions: UnmarshalFirst, Diagnose, DiagnoseFirst, and Wellformed. In addition Valid function is deprecated (use Wellformed instead).

• UnmarshalFirst decodes first CBOR data item and returns remaining bytes. This is useful for CBOR Sequences (RFC 8742) and also because Unmarshal was fixed in v2.5.0-beta to return ExtraneousDataError if there are remaining bytes.
• Diagnose and DiagnoseFirst returns human-readable Extended Diagnostic Notation (RFC 8610 Appendix G) for the given CBOR encoding. These are useful for debugging and allows more user-friendly error logging.

What's Changed (since v2.5.0-beta2)

• Deprecate Valid() and add Wellformed() to replace it by @​fxamacker in fxamacker/cbor#400
• Add UnmarshalFirst by @​immesys in fxamacker/cbor#398
• Add UnmarshalFirst to DecMode interface by @​fxamacker in fxamacker/cbor#402
• Add functions for Extended Diagnostic Notation (RFC 8610 Appendix G) by @​zensh in fxamacker/cbor#386
• Add more tests for Diagnose and DiagnoseFirst by @​fxamacker in fxamacker/cbor#405

Changes to CI and Documentation

• Create govulncheck.yml by @​fxamacker in fxamacker/cbor#393
• Update README for cbor v2.5.0-beta2 by @​fxamacker in fxamacker/cbor#394
• Bump actions/setup-go from 3 to 4 by @​dependabot in fxamacker/cbor#395
• Update ci-go-cover.yml by @​x448 in fxamacker/cbor#404
• Update README for CBOR Sequences RFC 8742 by @​fxamacker in fxamacker/cbor#406
• Update README.md for v2.5.0-beta3 by @​fxamacker in fxamacker/cbor#407

Special Thanks

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.