search

paketo-buildpacks / npm-install

A Cloud Native Buildpack for npm
Apache License 2.0
10 stars 17 forks source link

Bump the go-modules group with 4 updates #576

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps the go-modules group with 4 updates: github.com/onsi/gomega, golang.org/x/crypto, golang.org/x/net and golang.org/x/tools.

Updates github.com/onsi/gomega from 1.29.0 to 1.30.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.30.0

1.30.0

Features

  • BeTrueBecause and BeFalseBecause allow for better failure messages [4da4c7f]

Maintenance

  • Bump actions/checkout from 3 to 4 (#694) [6ca6e97]
  • doc: fix type on gleak go doc [f1b8343]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.30.0

Features

  • BeTrueBecause and BeFalseBecause allow for better failure messages [4da4c7f]

Maintenance

  • Bump actions/checkout from 3 to 4 (#694) [6ca6e97]
  • doc: fix type on gleak go doc [f1b8343]
Commits


Updates golang.org/x/crypto from 0.14.0 to 0.15.0

Commits
  • eb61739 ssh: allow to configure public key auth algorithms on the server side
  • 42c83ff ssh: try harder to detect incorrect passwords for legacy PEM encryption
  • e668aa9 go.mod: update golang.org/x dependencies
  • df0bc9e chacha20poly1305: guard PSHUFB usage with GOAMD64_v2
  • 74c2ba9 crypto/hkdf: remove useless call to Reset
  • cf8dcb0 ssh: add test case against ssh CLI
  • 4f30245 x509roots: catch the zero-roots case when generating the bundle
  • 1d57292 x509roots: check HTTP response status code and media type
  • 8779cbd all: update go directive to 1.18
  • 2aeefc3 ssh: add support for SSH_AGENT_CONSTRAIN_EXTENSION with id 255
  • See full diff in compare view


Updates golang.org/x/net from 0.17.0 to 0.18.0

Commits
  • fbaf412 go.mod: update golang.org/x dependencies
  • cc6f4d1 http2: remove ancient build-tagged files for unsupported Go versions
  • a720b30 http2: allocate buffer pools using pointers to arrays
  • a7ef1a2 internal/quic/cmd/interop: don't t.Log after test finishes
  • 26ea817 http2: unconditionally recycle responseWriterState
  • 39c9d01 quic: don't send CONNECTION_CLOSE after stateless reset
  • 45fa414 quic: undo accidental rename of test helpers
  • 434956a quic: include more detail in connection close errors
  • ec29a94 quic: provide source conn ID when creating server conns
  • 5791239 internal/quic/cmd/interop: skip tests when exec is unavailable
  • Additional commits viewable in compare view


Updates golang.org/x/tools from 0.14.0 to 0.15.0

Release notes

Sourced from golang.org/x/tools's releases.

gopls/v0.14.1

This release contains just two changes:

  • A workaround for a regression affecting some users of GOPACKAGESDRIVER: golang/go#63751, for example those using gopls with an older version of Bazel. When the go/packages driver is missing compiler or architecture information, gopls now assumes a default value rather than failing to load package information.
  • A fix for a minor bug in the new "remove unused parameter" refactoring: golang/go#63755. Notably, this bug was discovered via an automated report from someone who had opted in to Go telemetry.
Commits
  • 729e159 go.mod: update golang.org/x dependencies
  • 38ed81a gopls/internal/regtest/marker: porting extract tests
  • bbf8380 gopls/internal/regtest/marker: use golden diffs for suggested fixes
  • 51df92b go/ssa: two minor cleanups
  • e7fb31a internal/cmd/deadcode: rename -format to -f
  • c538b4e internal/cmd/deadcode: add -whylive=function flag
  • b753e58 internal/lsp/helper: fix misspelled "Code generated" comment
  • 2638d66 internal/cmd/deadcode: omit package/func keywords in default output
  • 118c362 gopls/internal/lsp/source: fix signatureHelp with pointer receivers
  • 4124316 gopls/internal/lsp/cache: remove baseCtx from the View
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions