Bump the go-modules group with 25 updates

Bumps the go-modules group with 25 updates:

Package	From	To
github.com/onsi/gomega	`1.30.0`	`1.31.1`
github.com/paketo-buildpacks/occam	`0.18.0`	`0.18.2`
github.com/CycloneDX/cyclonedx-go	`0.7.2`	`0.8.0`
github.com/anchore/stereoscope	`0.0.0-20230412183729-8602f1afc574`	`0.0.1`
github.com/andybalholm/brotli	`1.0.6`	`1.1.0`
github.com/cloudflare/circl	`1.3.6`	`1.3.7`
github.com/containerd/containerd	`1.7.11`	`1.7.13`
github.com/docker/docker-credential-helpers	`0.8.0`	`0.8.1`
github.com/docker/go-connections	`0.4.0`	`0.5.0`
github.com/google/go-containerregistry	`0.17.0`	`0.19.0`
github.com/google/uuid	`1.4.0`	`1.6.0`
github.com/klauspost/compress	`1.17.4`	`1.17.6`
github.com/pierrec/lz4/v4	`4.1.19`	`4.1.21`
github.com/rivo/uniseg	`0.4.4`	`0.4.7`
github.com/sassoftware/go-rpmutils	`0.2.0`	`0.3.0`
github.com/sylabs/sif/v2	`2.15.0`	`2.15.1`
github.com/wagoodman/go-progress	`0.0.0-20230301185719-21920a456ad5`	`0.0.0-20230925121702-07e42b3cdba0`
golang.org/x/crypto	`0.17.0`	`0.18.0`
golang.org/x/mod	`0.14.0`	`0.15.0`
golang.org/x/net	`0.19.0`	`0.21.0`
golang.org/x/sync	`0.5.0`	`0.6.0`
golang.org/x/sys	`0.15.0`	`0.17.0`
golang.org/x/tools	`0.16.0`	`0.16.1`
google.golang.org/grpc	`1.59.0`	`1.61.1`
google.golang.org/protobuf	`1.31.0`	`1.32.0`

Updates github.com/onsi/gomega from 1.30.0 to 1.31.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.31.1

1.31.1

Fixes

Inverted arguments order of FailureMessage of BeComparableToMatcher [e0dd999]

Update test in case keeping msg is desired [ad1a367]

Maintenance

Show how to import the format sub package [24e958d]

tidy up go.sum [26661b8]

bump dependencies [bde8f7a]

v1.31.0

1.31.0

Features

Async assertions include context cancellation cause if present [121c37f]

Maintenance

Bump minimum go version [dee1e3c]

docs: fix typo in example usage "occured" -> "occurred" [49005fe]

Bump actions/setup-go from 4 to 5 (#714) [f1c8757]

Bump github/codeql-action from 2 to 3 (#715) [9836e76]

Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.2 (#713) [54726f0]

Bump golang.org/x/net from 0.17.0 to 0.19.0 (#711) [df97ecc]

docs: fix HaveExactElement typo (#712) [a672c86]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.31.1

Fixes

Inverted arguments order of FailureMessage of BeComparableToMatcher [e0dd999]

Update test in case keeping msg is desired [ad1a367]

Maintenance

Show how to import the format sub package [24e958d]

tidy up go.sum [26661b8]

bump dependencies [bde8f7a]

1.31.0

Features

Async assertions include context cancellation cause if present [121c37f]

Maintenance

Bump minimum go version [dee1e3c]

docs: fix typo in example usage "occured" -> "occurred" [49005fe]

Bump actions/setup-go from 4 to 5 (#714) [f1c8757]

Bump github/codeql-action from 2 to 3 (#715) [9836e76]

Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.2 (#713) [54726f0]

Bump golang.org/x/net from 0.17.0 to 0.19.0 (#711) [df97ecc]

docs: fix HaveExactElement typo (#712) [a672c86]

Commits

762b171 v1.31.1
26661b8 tidy up go.sum
bde8f7a bump dependencies
24e958d Show how to import the format sub package
ad1a367 Update test in case keeping msg is desired
e0dd999 Inverted arguments order of FailureMessage of BeComparableToMatcher
ba8bba2 v1.31.0
121c37f Async assertions include context cancellation cause if present
dee1e3c Bump minimum go version
49005fe docs: fix typo in example usage "occured" -> "occurred"
Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/occam from 0.18.0 to 0.18.2

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.18.2

What's Changed

Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 by @dependabot in paketo-buildpacks/occam#274

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.18.1...v0.18.2

v0.18.1

No release notes provided.

Commits

f37d228 Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12
1d68391 tests: adding tests for NewContainerFromInspectOutput function
13e5704 fix: avoid accessing undefined host ports on while creating a new container f...
0fb0353 Bump github.com/containerd/containerd from 1.7.7 to 1.7.11
See full diff in compare view

Updates github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.8.0

This release ships with almost complete support for v1.5 of the CycloneDX specification.

The only exception being the extended data flow support, as used in SaaS BOMs.

Unfortunately, there are also breaking changes in this release:

The type of Metadata.Tools has changed from *[]Tool to *ToolsChoice, to facilitate the deprecation of Tool in the spec

ToolsChoice holds both legacy *[]Tool, as well as the new *[]Component and *[]Service fields

The Tool type, as well as the ToolsChoice.Tools field are marked as deprecated

During encoding and decoding, it is asserted that only one of both options can be present, in accordance with the "One of" constraint of the spec

When encoding to lower spec versions than v1.5 (using EncodeVersion), Components and Services are automatically converted to legacy Tools

It is strongly recommended to use Components and Services. However, when consuming BOMs, applications should still expect legacy Tools to be present, and handle them accordingly.

Changelog

Fixes

64eb0c84b3d909db47c5154c17d075f68b0c85ae: fix: remove format linters that require extra tooling (@nscuro)

Building and Packaging

696aa66151e800a672c9ec860f30d8716ae6a025: build(deps): bump actions/checkout from 3.5.3 to 4.1.0 (@dependabot[bot])

b50b319d1580d5b624cfc866bc108b589b328157: build(deps): bump actions/checkout from 4.1.0 to 4.1.1 (@dependabot[bot])

5cad1b0a7dad106950790fad960be5f7e62b2110: build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (@dependabot[bot])

b0910619560e5b0b0fae51dc97c4a343983873fb: build(deps): bump gitpod/workspace-go from d3603c7 to 94ae638 (@dependabot[bot])

9e310b6d641245c89aa01f07a21b50c38f04b087: build(deps): bump gitpod/workspace-go from f37c673 to d3603c7 (@dependabot[bot])

89494fd98291ca8115e02cab78e2e47360352f00: build(deps): bump goreleaser/goreleaser-action from 4.4.0 to 5.0.0 (@dependabot[bot])

Others

61dd91e0bbe730454bef42bc0c1b0a3f97411c02: feat(spec1-5): add support for machine learning (@nscuro)

f831960f0887c1f60681924e4d4382cd4bb52ff0: feat(spec1-5): update valid-vulnerability test snapshots (@nscuro)

ffc9a4eb9204f5a31b7fb1d6cd907e6cc3e93578: ci: enable more linters (@mmorel-35)

3feda7530db8c959381261e44a96b201f79f908c: feat(spec1-5): add additional external reference types (@nscuro)

bd66a368c5116c0420f49157a217e71cde1544be: feat(spec1-5): add support for CVSSv4 scoring method (@nscuro)

d597bb9076e1856b9f2d3bb9d420728df8d43d9a: feat(spec1-5): add support for firstIssued and lastUpdated in vuln analysis (@nscuro)

2ae5445d02b8e6e7391a8a0eb4d1a5bb8a6f377c: feat(spec1-5): add support for additional compositions and composition identity (@nscuro)

f856daa3212521eaf5f1dd69424b9c98eee2db52: feat(spec1-5): add support for formulation (@nscuro)

2fbde0e17ac5876ff525ccdc9d1eebf90918d306: feat(spec1-5): add support for identity, occurrences, and callstack evidence (@nscuro)

745a35a73d395923303817de650a60fe82cf8ec8: feat(spec1-5): add support for licensing (@nscuro)

b02255f3784c608100b2ae3d1123e41500a50ff3: feat(spec1-5): add support for lifecycles (@nscuro)

fe3a9040862e5fa088e84efb004fd9e338a783d7: feat(spec1-5): add support for ssvc scoring method (@nscuro)

7d2713f4459184df4628b839e4c01bae7fd6abcf: feat(spec1-5): add support for vulnerability proof of concept (@nscuro)

25b250ac0efea93283362584394a16ca602e260f: feat(spec1-5): add support for vulnerability rejected timestamps (@nscuro)

c7a84ac4ba209f5860b1aedffa2f1e71414e4508: feat(spec1-5): handle deprecation of tools (@nscuro)

Commits

b9654ae Merge pull request #90 from CycloneDX/spec-v1.5
64eb0c8 fix: remove format linters that require extra tooling
c7a84ac feat(spec1-5): handle deprecation of tools
f856daa feat(spec1-5): add support for formulation
2fbde0e feat(spec1-5): add support for identity, occurrences, and callstack evidence
61dd91e feat(spec1-5): add support for machine learning
f831960 feat(spec1-5): update valid-vulnerability test snapshots
fe3a904 feat(spec1-5): add support for ssvc scoring method
7d2713f feat(spec1-5): add support for vulnerability proof of concept
2ae5445 feat(spec1-5): add support for additional compositions and composition identity
Additional commits viewable in compare view

Updates github.com/anchore/stereoscope from 0.0.0-20230412183729-8602f1afc574 to 0.0.1

Commits

See full diff in compare view

Updates github.com/andybalholm/brotli from 1.0.6 to 1.1.0

Commits

17e5901 Make my matchfinder work more accessible.
cf812c0 matchfinder: add M0
1b6cf36 matchfinder: remove MultiHash
265f3af matchfinder: penalize score for overlapping matches
a8d524a matchfinder: replace Score function with DistanceBitCost
578645e matchfinder: add MultiHash
24b2bfa matchfinder.M4: add Score function
4a024e3 matchfinder.M4: add match chain
3a1c5cd Fix typo in comment.
0d2aef3 matchfinder.M4: factor out extendMatch2
Additional commits viewable in compare view

Updates github.com/cloudflare/circl from 1.3.6 to 1.3.7

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.7

What's Changed

build(deps): bump golang.org/x/crypto from 0.3.1-0.20221117191849-2c476679df9a to 0.17.0 by @dependabot in cloudflare/circl#467

kyber: remove division by q in ciphertext compression by @bwesterb in cloudflare/circl#468

Releasing CIRCL v1.3.7 by @armfazh in cloudflare/circl#469

New Contributors

@dependabot made their first contribution in cloudflare/circl#467

Full Changelog: https://github.com/cloudflare/circl/compare/v1.3.6...v1.3.7

Commits

c48866b Releasing CIRCL v1.3.7
75ef91e kyber: remove division by q in ciphertext compression
899732a build(deps): bump golang.org/x/crypto
See full diff in compare view

Updates github.com/containerd/containerd from 1.7.11 to 1.7.13

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.13

Welcome to the v1.7.13 release of containerd!

The thirteenth patch release for containerd 1.7 updates the runc binary in the release builds to address CVE-2024-21626

Notable Updates

Update runc binary to v1.1.12 (GHSA-xr7r-f8xq-vfvv)

Update seccomp profile for new syscalls added since Linux 5.16 (#9693)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Derek McGowan

Akihiro Suda

Evan Lezar

Paweł Gronowski

Phil Estes

Wei Fu

Changes

Prepare v1.7.13 and update runc to v1.1.12 (#9724)

b97e611b9 Prepare release notes for v1.7.13

2e7fa14db Update runc binary to v1.1.12

[release/1.7] seccomp: kernel 6.7 (#9693)

1bed37871 seccomp: kernel 6.7

[release/1.7] Update container-device-interface to v0.6.2 (#9685)

14628d4aa Update container-device-interface to v0.6.2

[release/1.7] content: Add InfoReaderProvider (#9658)

836477930 content: Add InfoReaderProvider

Dependency Changes

tags.cncf.io/container-device-interface v0.6.2 new

tags.cncf.io/container-device-interface/specs-go v0.6.0 new

Previous release can be found at v1.7.12

containerd 1.7.12

Welcome to the v1.7.12 release of containerd!

... (truncated)

Commits

7c3aca7 Merge pull request #9724 from dmcgowan/prepare-v1.7.13
b97e611 Prepare release notes for v1.7.13
2e7fa14 Update runc binary to v1.1.12
cbda56b Merge pull request #9693 from k8s-infra-cherrypick-robot/cherry-pick-9684-to-...
1bed378 seccomp: kernel 6.7
1944259 Merge pull request #9685 from elezar/dependency-update-container-device-inter...
14628d4 Update container-device-interface to v0.6.2
8c780b7 Merge pull request #9658 from vvoland/contentprovider-1.7
8364779 content: Add InfoReaderProvider
71909c1 Merge pull request #9632 from dmcgowan/prepare-v1.7.12
Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.8.0 to 0.8.1

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.8.1

What's Changed

vendor: github.com/danieljoos/wincred v1.2.1 docker/docker-credential-helpers#307

move trimming whitespace to error-check helpers docker/docker-credential-helpers#306

Dockerfile: update golangci-lint to v1.55.2 docker/docker-credential-helpers#309

update to go1.21.6 docker/docker-credential-helpers#308

Full Changelog: https://github.com/docker/docker-credential-helpers/compare/v0.8.0...v0.8.1

Commits

292722b Merge pull request #308 from thaJeztah/update_golang_1.21.6
979dcc4 Merge pull request #309 from thaJeztah/update_golangci
f411a65 Dockerfile: update golangci-lint to v1.55.2
9629bd7 update to go1.21.6
f642c26 Merge pull request #306 from thaJeztah/err_checks
8fc3306 Merge pull request #307 from thaJeztah/bump_wincred
6a3e64c move trimming whitespace to error-check helpers
218f178 vendor: github.com/danieljoos/wincred v1.2.1
See full diff in compare view

Updates github.com/docker/go-connections from 0.4.0 to 0.5.0

Commits

fa09c95 Merge pull request #108 from thaJeztah/carry_6
7a67a58 Swap CloseRead and CloseWrite
481d3d2 Merge pull request #107 from thaJeztah/drop_legacy_go
9548f9f tlsconfig: remove deprecated io/ioutil
c564c21 drop support for go1.17 and older
7cbebcf gha: update actions
2cf423f tlsconfig: move allTLSVersions var
dca283b tlsconfig: drop support for go1.12 and older
21876c5 tlsconfig: drop support for go1.6 and older
4d174db tlsconfig: drop support for go1.4 and older
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.17.0 to 0.19.0

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.19.0

What's Changed

Work around docker v25 tarballs by @jonjohnsonjr in google/go-containerregistry#1872

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.18.0...v0.19.0

v0.18.0

What's Changed

fix: goreleaser config by @caarlos0 in google/go-containerregistry#1764

Always print pushed digest in crane push by @aw185176 in google/go-containerregistry#1860

New Contributors

@caarlos0 made their first contribution in google/go-containerregistry#1764

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.17.0...v0.18.0

Commits

8dadbe7 Work around docker v25 tarballs (#1872)
a0658aa Always print pushed digest in crane push (#1860)
55ffb00 fix: goreleaser config (#1764)
See full diff in compare view

Updates github.com/google/uuid from 1.4.0 to 1.6.0

Release notes

Sourced from github.com/google/uuid's releases.

v1.6.0

1.6.0 (2024-01-16)

Features

add Max UUID constant (#149) (c58770e)

Bug Fixes

fix typo in version 7 uuid documentation (#153) (016b199)

Monotonicity in UUIDv7 (#150) (a2b2b32)

v1.5.0

1.5.0 (2023-12-12)

Features

Validate UUID without creating new UUID (#141) (9ee7366)

Changelog

Sourced from github.com/google/uuid's changelog.

1.6.0 (2024-01-16)

Features

add Max UUID constant (#149) (c58770e)

Bug Fixes

fix typo in version 7 uuid documentation (#153) (016b199)

Monotonicity in UUIDv7 (#150) (a2b2b32)

1.5.0 (2023-12-12)

Features

Validate UUID without creating new UUID (#141) (9ee7366)

Commits

0f11ee6 chore(master): release 1.6.0 (#151)
16939da chore(tests): add strict monotonicity test case for uuid v7. (#154)
016b199 fix: fix typo in version 7 uuid documentation (#153)
1d8b6ea ci: set token permissions to github workflows (#143)
a2b2b32 fix: Monotonicity in UUIDv7 (#150)
c58770e feat: add Max UUID constant (#149)
4d47f8e chore(master): release 1.5.0 (#145)
9ee7366 feat: Validate UUID without creating new UUID (#141)
b35aa6a add uuid version 6 and 7 (#139)
See full diff in compare view

Updates github.com/klauspost/compress from 1.17.4 to 1.17.6

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.6

What's Changed

zstd: Fix incorrect repeat coding in best mode by @klauspost in klauspost/compress#923

s2: Fix DecodeConcurrent deadlock on errors by @klauspost in klauspost/compress#925

build: Remove garble compiler by @klauspost in klauspost/compress#924

Full Changelog: https://github.com/klauspost/compress/compare/v1.17.5...v1.17.6

v1.17.5

What's Changed

flate: Fix reset with dictionary on custom window encodes by @klauspost in klauspost/compress#912

zstd: Limit better/best default window to 8MB by @klauspost in klauspost/compress#913

zstd: Shorter and faster asm for decSymbol.newState by @greatroar in klauspost/compress#896

zstd: Add Frame header encoding and stripping by @klauspost in klauspost/compress#908

zstd: Tweak noasm FSE decoder by @greatroar in klauspost/compress#910

s2: Fix callbacks for skippable blocks and disallow 0xfe (Padding) for custom use by @Jille in klauspost/compress#916

s2: Fix incorrect length encoded by writer.AddSkippableBlock by @Jille in klauspost/compress#917

s2: Fix up AddSkippableBlock more by @klauspost in klauspost/compress#919

s2: Document and test how to peek the stream for skippable blocks by @Jille in klauspost/compress#918

internal/race,s2: add some race instrumentation by @egonelbre in klauspost/compress#903

build(deps): bump the github-actions group with 4 updates by @dependabot in klauspost/compress#900

CI: Hash pin sensitive actions and configure Dependabot to automatically update them by @diogoteles08 in klauspost/compress#899

Update generator and executable go.mod by @klauspost in klauspost/compress#904

Update README.md by @pelenium in klauspost/compress#905

build(deps): bump the github-actions group with 1 update by @dependabot in klauspost/compress#906

New Contributors

@pelenium made their first contribution in klauspost/compress#905

@Jille made their first contribution in klauspost/compress#916

Full Changelog: https://github.com/klauspost/compress/compare/v1.17.4...v1.17.5

Commits

255a132 s2: Fix DecodeConcurrent deadlock on errors (#925)
e8251aa build: Remove garble compiler (#924)
32f34cf build(deps): bump the github-actions group with 1 update (#921)
aac36dc zstd: Fix incorrect repeat coding in best mode (#923)
9b0f130 Update README.md
6662a21 s2: Document and test how to peek the stream for skippable blocks (#918)
3deb878 s2: Fix up AddSkippableBlock more (#919)
6ac58c9 s2: Fix incorrect length encoded by writer.AddSkippableBlock (#917)
515f153 s2: Fix callbacks for skippable blocks and disallow 0xfe (Padding) for custom...
01b2a79 zstd: Limit default window to 8MB (#913)
Additional commits viewable in compare view

Updates github.com/pierrec/lz4/v4 from 4.1.19 to 4.1.21

Commits

294e765 Merge pull request #216 from evanphx/b-fix-tests
6e17a24 Reverts bc1239ba, no longer needed to conform to legacy
9542ba5 CI: update go versions to more recent ones
d9eb671 cmd/lz4c: update go.mod and fix issue #214
219b252 Merge pull request #213 from corneliusroemer/patch-1
58c6073 Update README.md: add @latest to cli install command
e974631 Merge pull request #211 from oakad/issue_210
7613989 CompressingReader: support older Go versions
4a80a2f CompressingReader: account for possible out buffer state
f2ece5b CompressingReader: make sure to clear out buffer
Additional commits viewable in compare view

Updates github.com/rivo/uniseg from 0.4.4 to 0.4.7

Commits

03509a9 Fixed wrong width calculation for variation selectors combined with regular c...
601bbb3 Clarified some performance statements.
f302f7f Clarifications and improvements in the package documentation.
0b9a924 Improved performance by using switch statements instead of maps for state tra...
e258aa1 Switched from transition map to switch statement to improve performance.
b74d4dc Some performance improvements by fast-tracking property search on ASCII chara...
97691fc Merge pull request #47 from junegunn/eastasian-ambiguous
1f39ebc Add comment
272e3f0 Allow configuring the width of East Asian ambiguous width characters
3628fa1 Merge pull request #42 from meowgorithm/unicode-v15.0.0
Additional commits viewable in compare view

Updates github.com/sassoftware/go-rpmutils from 0.2.0 to 0.3.0

Release notes

Sourced from github.com/sassoftware/go-rpmutils's releases.

v0.3.0

Features

Add CONFLICT tags by @KN4CK3R in sassoftware/go-rpmutils#24

Support RPMs without a legacy md5sum, such as those generated by fnpm (#28) by @elliotpeele in sassoftware/go-rpmutils#29

Bug Fixes

Fix non continuous links by @jedevc in sassoftware/go-rpmutils#23

Full Changelog: https://github.com/sassoftware/go-rpmutils/compare/v0.2.0...v0.3.0

Commits

d2036ff chore: update dependencies and remove refs to ioutil
bceacf4 feat: support RPMs with a payload digest but no SIG_MD5 (#28)
277b154 Add CONFLICT tags
d2202c0 Fix non-continuous link groups
See full diff in compare view

Updates github.com/sylabs/sif/v2 from 2.15.0 to 2.15.1

Release notes

Sourced from github.com/sylabs/sif/v2's releases.

v2.15.1

What's Changed

build(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 by @dependabot in sylabs/sif#329

build(deps): bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 by @dependabot in sylabs/sif#330

build(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.3 by @dependabot in sylabs/sif#331

build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in sylabs/sif#332

build(deps): bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 by @dependabot in sylabs/sif#333

build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in sylabs/sif#334

build(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 by @dependabot in sylabs/sif#335

build(deps): bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 by @dependabot in sylabs/sif#336

build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 by @dependabot in sylabs/sif#337

build(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 by @dependabot in sylabs/sif#338

build(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 by @dependabot in sylabs/sif#339

build(deps): bump github.com/ProtonMail/go-crypto by @tri-adam in sylabs/sif#341

Full Changelog: https://github.com/sylabs/sif/compare/v2.15.0...v2.15.1

Commits

c428dc6 Merge pull request #341 from tri-adam/bump-crypto
3af14f4 build(deps): bump github.com/ProtonMail/go-crypto from v0.0.0-20230717121422-...
4fa5c1d Merge pull request #339 from sylabs/dependabot/go_modules/main/github.com/sec...
cb18ad9 refactor: adapt to breaking change in dsse package
702020f build(deps): bump github.com/secure-systems-lab/go-securesystemslib
bb85aa2 build(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#338)
3685695 build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#337)
252b6fb build(deps): bump github.com/sigstore/sigstore from 1.7.5 to 1.7.6 (#336)
85920b1 build(deps): bump github.com/google/go-containerregistry (#335)
a8b0ecf build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#334)
Additional commits viewable in compare view

Updates github.com/wagoodman/go-progress from 0.0.0-20230301185719-21920a456ad5 to 0.0.0-20230925121702-07e42b3cdba0

Commits

See full diff in compare view

Updates golang.org/x/crypto from 0.17.0 to 0.18.0

Commits

dbb6ec1 ssh/test: skip tests on darwin that fail on the darwin-amd64-longtest LUCI bu...
403f699 ssh/test: avoid leaking a net.UnixConn in server.TryDialWithAddr
055043d go.mod: update golang.org/x dependencies
08396bb internal/poly1305: drop Go 1.12 compatibility
See full diff in compare view

Updates golang.org/x/mod from 0.14.0 to 0.15.0

Commits

fa1ba42 sumdb: replace globsMatchPath with module.MatchPrefixPatterns
See full diff in compare view

Updates golang.org/x/net from 0.19.0 to 0.21.0

Commits

73d21fd go.mod: update golang.org/x dependencies
643fd16 html: fix SOLIDUS '/' handling in attribute parsing
73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
b2208d0 internal/quic/qlog: fix typo
0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
07e05fd http2: remove suspicious uint32->v conversion in frame code
26b646e quic: avoid deadlock in Endpoint.Close
cb5b10f go.mod: update golang.org/x dependencies
689bbc7 quic: deflake TestStreamsCreateConcurrency
f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
Additional commits viewable in compare view

Updates golang.org/x/sync from 0.5.0 to 0.6.0

Commits

59c1ca1 errgroup: add reference to sync.WaitGroup
See full diff in compare view

Updates golang.org/x/sys from 0.15.0 to 0.17.0

Commits

914b96c windows: support ill-formed UTF-16 in UTF16PtrToString
511ec84 Revert "windows: support nil done parameter in ReadFile and WriteFile"
628365d windows: support nil done parameter in ReadFile and WriteFile
dependabot[bot] commented 6 months ago

Superseded by #704.

paketo-buildpacks / cpython

Bump the go-modules group with 25 updates #702

v1.31.1

1.31.1

Fixes

Maintenance

v1.31.0

1.31.0

Features

Maintenance

1.31.1

Fixes

Maintenance

1.31.0

Features

Maintenance

v0.18.2

What's Changed

v0.18.1

v0.8.0

Changelog

Fixes

Building and Packaging

Others

CIRCL v1.3.7

What's Changed

New Contributors

containerd 1.7.13

Notable Updates

Contributors

Changes

Dependency Changes

containerd 1.7.12

v0.8.1

What's Changed

v0.19.0

What's Changed

v0.18.0

What's Changed

New Contributors

v1.6.0

1.6.0 (2024-01-16)

Features

Bug Fixes

v1.5.0

1.5.0 (2023-12-12)

Features

1.6.0 (2024-01-16)

Features

Bug Fixes

1.5.0 (2023-12-12)

Features

v1.17.6

What's Changed

v1.17.5

What's Changed

New Contributors

v0.3.0

Features

Bug Fixes

v2.15.1

What's Changed