search

ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.25k stars 460 forks source link

:seedling: Bump github.com/golangci/golangci-lint from 1.58.1 to 1.59.0 in /tools #4125

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps github.com/golangci/golangci-lint from 1.58.1 to 1.59.0.

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.59.0

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! :heart:

For key updates, see the changelog.

Changelog

  • 4f5251d3 Support Sarif output (#4723)
  • 73110df2 build(deps): bump github.com/Antonboom/testifylint from 1.2.0 to 1.3.0 (#4729)
  • 62c83ccd build(deps): bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 (#4746)
  • 0cb14183 build(deps): bump github.com/go-critic/go-critic from 0.11.3 to 0.11.4 (#4738)
  • e14ae4b7 build(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#4745)
  • 2059b18a build(deps): bump github.com/securego/gosec/v2 from 2.20.0 to 5f0084eb01a9 (#4748)
  • be1bb6db build(deps): bump go-simpler.org/sloglint from 0.6.0 to 0.7.0 (#4718)
  • 08deff42 feat: add warning about disabled and deprecated linters (level 2) (#4742)
  • b99d5295 feat: allow the analysis of generated files (#4740)
  • 867adaf9 feat: deprecate github-actions format (#4726)
  • 4beae6a9 fix: remove errcheck defaults (#4734)

v1.58.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! :heart:

For key updates, see the changelog.

Changelog

  • 7c87a9e6 build(deps): bump github.com/Antonboom/nilnil from 0.1.8 to 0.1.9 (#4716)
  • 3fbc2f52 build(deps): bump github.com/fatih/color from 1.16.0 to 1.17.0 (#4725)
  • 8fe47a93 build(deps): bump github.com/lasiar/canonicalheader from 1.0.6 to 1.1.1 (#4715)
  • 8c4cfb61 build(deps): bump github.com/securego/gosec/v2 from 2.19.0 to 2.20.0 (#4724)
  • 35eaf609 build(deps): bump go-simpler.org/musttag from 0.12.1 to 0.12.2 (#4710)
  • 7f6606a7 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (#4722)
Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.59.0

  1. Enhancements
    • Add SARIF output format
    • Allow the analysis of generated files (issues.exclude-generated: disable)
  2. Updated linters
    • errcheck: fix deprecation warning
    • go-critic: from 0.11.3 to 0.11.4
    • gosec: from 2.20.0 to 5f0084eb01a9 (fix G601 and G113 performance issues)
    • sloglint: from 0.6.0 to 0.7.0 (new option forbidden-keys)
    • testifylint: from 1.2.0 to 1.3.0 (new checker negative-positive and new option go-require.ignore-http-handlers)
  3. Misc.
    • ️️⚠️ Deprecate github-action output format
    • ️️⚠️ Deprecate issues.exclude-generated-strict option (replaced by issues.exclude-generated: strict)
    • ️️⚠️ Add warning about disabled and deprecated linters (level 2)

v1.58.2

  1. Updated linters
    • canonicalheader: from 1.0.6 to 1.1.1
    • gosec: from 2.19.0 to 2.20.0
    • musttag: from 0.12.1 to 0.12.2
    • nilnil: from 0.1.8 to 0.1.9
  2. Documentation
    • Improve integrations and install pages
Commits
  • 2059b18 build(deps): bump github.com/securego/gosec/v2 from 2.20.0 to 5f0084eb01a9 (#...
  • 95ca3c3 dev: fix badges
  • 495321c dev: improve issue chooser (#4747)
  • 62c83cc build(deps): bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 (#4746)
  • e14ae4b build(deps): bump github.com/hashicorp/go-version from 1.6.0 to 1.7.0 (#4745)
  • 010b4f8 chore: use global security policy
  • b99d529 feat: allow the analysis of generated files (#4740)
  • 08deff4 feat: add warning about disabled and deprecated linters (level 2) (#4742)
  • b9868e1 chore: add html to the JSONSchema (#4737)
  • 0cb1418 build(deps): bump github.com/go-critic/go-critic from 0.11.3 to 0.11.4 (#4738)
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
spencerschrock commented 1 month ago

@dependabot rebase