search

paketo-buildpacks / php-dist

Apache License 2.0
9 stars 11 forks source link

Bump the go-modules group across 1 directory with 46 updates #757

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the go-modules group with 28 updates in the / directory:

Package From To
github.com/BurntSushi/toml 1.3.2 1.4.0
github.com/onsi/gomega 1.31.1 1.33.1
github.com/paketo-buildpacks/occam 0.18.2 0.18.5
github.com/paketo-buildpacks/packit/v2 2.12.0 2.14.0
github.com/ForestEckhardt/freezer 0.0.12 0.1.0
github.com/Microsoft/go-winio 0.6.1 0.6.2
github.com/Microsoft/hcsshim 0.11.4 0.12.3
github.com/cenkalti/backoff/v4 4.2.1 4.3.0
github.com/cloudflare/circl 1.3.7 1.3.8
github.com/containerd/containerd 1.7.13 1.7.18
github.com/cyphar/filepath-securejoin 0.2.4 0.2.5
github.com/distribution/reference 0.5.0 0.6.0
github.com/docker/docker-credential-helpers 0.8.1 0.8.2
github.com/gabriel-vasile/mimetype 1.4.3 1.4.4
github.com/go-git/go-git/v5 5.11.0 5.12.0
github.com/klauspost/compress 1.17.7 1.17.8
github.com/knqyf263/go-rpmdb 0.0.0-20230301153543-ba94b245509b 0.1.1
github.com/sassoftware/go-rpmutils 0.3.0 0.4.0
github.com/shirou/gopsutil/v3 3.24.1 3.24.5
github.com/shopspring/decimal 1.3.1 1.4.0
github.com/spdx/tools-golang 0.5.3 0.5.4
github.com/sylabs/sif/v2 2.15.1 2.16.0
github.com/tklauser/go-sysconf 0.3.13 0.3.14
golang.org/x/crypto 0.23.0 0.24.0
golang.org/x/mod 0.17.0 0.18.0
golang.org/x/net 0.25.0 0.26.0
google.golang.org/grpc 1.62.0 1.64.0
google.golang.org/protobuf 1.33.0 1.34.1

Updates github.com/BurntSushi/toml from 1.3.2 to 1.4.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.4.0

This version requires Go 1.18

  • Add toml.Marshal() (#405)

  • Require 2-digit hour (#320)

  • Wrap UnmarshalTOML() and UnmarshalText() return values in ParseError for position information (#398)

  • Fix inline tables with dotted keys inside inline arrays (e.g. k=[{a.b=1}]) (#400)

Commits
  • 1e2c053 Undeprecate PrimitiveDecode and MetaData.PrimitiveDecode()
  • f8f7e48 Update toml-test
  • 9a80667 Add -json flag to tomlv
  • 3203540 fuzz: move fuzz_targets from oss-fuzz (#406)
  • 77ce858 Add Marshal Function (#405)
  • 0e879cb Fix panic when trying to set subkey for a value that's not a table
  • c299e75 Update toml-test
  • 4223137 Fix inline tables with dotted keys inside inline arrays (#400)
  • 45e7e49 Update toml-test
  • c320c2d Fix utf8.RuneError test
  • Additional commits viewable in compare view


Updates github.com/onsi/gomega from 1.31.1 to 1.33.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.33.1

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

v1.33.0

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

v1.32.0

1.32.0

Maintenance

  • Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

    This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @​jbduncan !). Please open an issue if you run into one.

  • chore: test with Go 1.22 (#733) [32ef35e]

  • Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

  • Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

  • docs: fix typo and broken anchor link to gstruct [f460154]

  • docs: fix HaveEach matcher signature [a2862e4]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

1.32.0

Maintenance

  • Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

    This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @​jbduncan !). Please open an issue if you run into one.

  • chore: test with Go 1.22 (#733) [32ef35e]

  • Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

  • Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

  • docs: fix typo and broken anchor link to gstruct [f460154]

  • docs: fix HaveEach matcher signature [a2862e4]

Commits
  • 8a658bb v1.33.1
  • e9bc35a Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2
  • 3a66379 fix confusing eventually docs
  • f2e65fc v1.33.0
  • 02e8706 docs: Receive(POINTER, MATCHER)
  • ec1f186 feat: receiver matcher accepting (POINTER, MATCHER), includes unit tests
  • 9999deb Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745)
  • cb5ff21 Bump github-pages from 229 to 230 in /docs (#735)
  • bac6596 Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746)
  • 4379951 v1.32.0
  • Additional commits viewable in compare view


Updates github.com/paketo-buildpacks/occam from 0.18.2 to 0.18.5

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.18.5

What's Changed

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.18.4...v0.18.5

v0.18.4

What's Changed

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.18.3...v0.18.4

v0.18.3

What's Changed

Full Changelog: https://github.com/paketo-buildpacks/occam/compare/v0.18.2...v0.18.3

Commits
  • f23ed80 use go 1.20 (#288)
  • 4e0efea remove toolchain from go.mod
  • ea10e39 update fakes
  • 059d6bc Bump github.com/google/go-containerregistry from 0.14.0 to 0.19.1
  • 1f22679 Bump github.com/docker/docker
  • 37cf400 Bump github.com/onsi/gomega from 1.30.0 to 1.32.0
  • 122482e Bump github.com/testcontainers/testcontainers-go from 0.26.0 to 0.30.0 (#285)
  • 393f58f Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
  • See full diff in compare view


Updates github.com/paketo-buildpacks/packit/v2 from 2.12.0 to 2.14.0

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.14.0

What's Changed

New Contributors

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.13.0...v2.14.0

v2.13.0

What's Changed

New Contributors

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.12.0...v2.13.0

Commits
  • 13393ec Support reading service bindings from VCAP_SERVICES env var (#566)
  • 35d8f76 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1
  • ce376b7 Fixes mirror bug when originalHost is excluded (#569)
  • 4c9f338 Allows users to set a dependency mirror (#563)
  • 4e9c21d Bump github.com/onsi/gomega from 1.32.0 to 1.33.0
  • dd77ec5 Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.12
  • 95b8056 Bump github.com/onsi/gomega from 1.31.1 to 1.32.0
  • 777a503 Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
  • c1b785b Bump github.com/google/uuid from 1.5.0 to 1.6.0
  • b31dc83 Bump github.com/onsi/gomega from 1.31.0 to 1.31.1
  • Additional commits viewable in compare view


Updates github.com/ForestEckhardt/freezer from 0.0.12 to 0.1.0

Release notes

Sourced from github.com/ForestEckhardt/freezer's releases.

v0.1.0

What's Changed

Full Changelog: https://github.com/ForestEckhardt/freezer/compare/v0.0.12...v0.1.0

Commits


Updates github.com/Microsoft/go-winio from 0.6.1 to 0.6.2

Release notes

Sourced from github.com/Microsoft/go-winio's releases.

v0.6.2

What's Changed

New Contributors

Full Changelog: https://github.com/microsoft/go-winio/compare/v0.6.1...v0.6.2

Commits


Updates github.com/Microsoft/hcsshim from 0.11.4 to 0.12.3

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.3

What's Changed

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.12.2...v0.12.3

v0.12.2

No release notes provided.

v0.12.1

What's Changed

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.12.0...v0.12.1

v0.12.0

What's Changed

New Contributors

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.12.0-rc.3...v0.12.0

v0.12.0-rc.3

What's Changed

Full Changelog: https://github.com/microsoft/hcsshim/compare/v0.12.0-rc.2...v0.12.0-rc.3

... (truncated)

Commits


Updates github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0

Commits
  • 720b789 remove travis badge from readme
  • a83af7f feat(backoff): Add functional options for ExponentialBackOff Closes #136
  • See full diff in compare view


Updates github.com/cloudflare/circl from 1.3.7 to 1.3.8

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.8

New

  • BLS Signatures on top of BLS12-381.
  • Adopt faster squaring in pairings.
  • BlindRSA compliant with RFC9474.
  • (Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

Notice

What's Changed

New Contributors

Full Changelog: https://github.com/cloudflare/circl/compare/v1.3.7...v1.3.8

Commits
  • 4bb5601 Serializing ciphertext with 32-bit prefixes.
  • a4252c7 Test functions working with ciphertext.
  • 64431bb Testing long plaintext.
  • fe2b663 Using SHAKE128 as a fixed prgn for golden files.
  • 2c600ff Align to the purego build tag, removing noasm build tag
  • a4b7601 Ensure pairing functions don't overwrite the input.
  • b4f1578 Test that shows pairing functions overwrite its input.
  • bba8f1a Bumps golangci-lint action (#485)
  • dc430ec Explicitly installs Go with version before CodeQL analysis.
  • fd7a97f Rename test file extension.
  • Additional commits viewable in compare view


Updates github.com/containerd/containerd from 1.7.13 to 1.7.18

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.18

Welcome to the v1.7.18 release of containerd!

The eighteenth patch release for containerd 1.7 contains various updates along with an updated version of Go. Go 1.22.4 and 1.21.11 include a fix for a symlink time of check to time of use race condition during directory removal.

Highlights

  • Update Go version to 1.21.11 (#10298)
  • Remove uses of platforms.Platform alias (#10277)
  • Migrate log imports to github.com/containerd/log (#10269)
  • Migrate errdefs package to github.com/containerd/errdefs (#10266)
  • Fix usage of "unknown" platform (#10261)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Sebastiaan van Stijn
  • Akhil Mohan
  • Austin Vazquez
  • Phil Estes

Changes

  • Prepare release notes for v1.7.18 (#10301)
    • 9426aab62 Prepare release notes for v1.7.18
  • Update Go version to 1.21.11 (#10298)
  • Remove uses of platforms.Platform alias (#10277)
    • 1e3c662d6 [release/1.7] remove uses of platforms.Platform alias
  • Migrate log imports to github.com/containerd/log (#10269)
    • 0af6825b1 migrate logs imports to github.com/containerd/log module
  • Migrate errdefs package to github.com/containerd/errdefs (#10266)
    • 308341a44 replace uses of github.com/containerd/containerd/errdefs
    • 47ff8cfce migrate errdefs package to github.com/containerd/errdefs module
  • Fix usage of "unknown" platform (#10261)
    • f4d11912a core/image: fix usage of "unknown" platform
  • Explicitly set release latest to true (#10265)
    • 5b0480009 Explicitly set release latest to true
    • d669b100d build(deps): bump softprops/action-gh-release from 1 to 2

Changes from containerd/errdefs

... (truncated)

Commits
  • ae71819 Merge pull request #10301 from dmcgowan/prepare-v1.7.18
  • 9426aab Prepare release notes for v1.7.18
  • 1d324db Merge pull request #10298 from dmcgowan/1.7-update-go
  • cdd3ea9 Update Go version to 1.21.11
  • 0a137f0 Merge pull request #10277 from thaJeztah/1.7_backport_remove_use_of_platform_...
  • 1e3c662 [release/1.7] remove uses of platforms.Platform alias
  • 300a6de Merge pull request #10269 from thaJeztah/1.7_migrate_containerd_log
  • 0af6825 migrate logs imports to github.com/containerd/log module
  • be820ac Merge pull request #10266 from thaJeztah/1.7_migrate_to_errdefs_module
  • 566c535 Merge pull request #10261 from k8s-infra-cherrypick-robot/cherry-pick-10257-t...
  • Additional commits viewable in compare view


Updates github.com/cyphar/filepath-securejoin from 0.2.4 to 0.2.5

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.2.5

This release makes some minor improvements to SecureJoin:

  • Some changes were made to how lexical components are handled during resolution. There is no change in behaviour, and both implementations are safe, however the newer implementation is much easier to reason about.

  • The error returned when a symlink loop has been detected will now reference the correct path. #10

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

Commits
  • d861a11 VERSION: release v0.2.5
  • 87bc53a join: fix ELOOP error path
  • e9be397 join: don't allow .. and . in working path during resolution
  • 75cdbea gha: update Go versions
  • b69b737 VERSION: back to development
  • See full diff in compare view


Updates github.com/distribution/reference from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/distribution/reference's releases.

v0.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/distribution/reference/compare/v0.5.0...v0.6.0

Commits
  • ff14faf Merge pull request #9 from ozairasim/exclude-domain-from-name-length-validation
  • 2a66312 Merge pull request #10 from xrstf/patch-1
  • 094e717 fix typo in readme
  • aaca75e Exclude domain from name length check
  • 8507c7f Merge pull request #7 from thaJeztah/cleanup_splitDockerDomain
  • 89ee7ec refactor splitDockerDomain to include more documentation
  • a3fb784 Merge pull request #5 from thaJeztah/rm_deprecated
  • 4894124 remove deprecated SplitHostname
  • See full diff in compare view


Updates github.com/docker/docker from 25.0.5+incompatible to 26.0.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v26.0.1

26.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Fix a regression that meant network interface specific --sysctl options prevented container startup. moby/moby#47646
  • Remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47694
  • containerd image store: OCI archives produced by docker save will now have a non-empty mediaType field in index.json moby/moby#47701
  • Fix a regression that prevented the internal resolver from forwarding requests from IPvlan L3 networks to external resolvers. moby/moby#47705
  • Prevent the use of external resolvers in IPvlan and Macvlan networks created with no parent interface specified. moby/moby#47705

Packaging updates

v26.0.0

26.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a security fix for [CVE-2024-29018], a potential data exfiltration from 'internal' networks via authoritative DNS servers.

New

  • Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume.
    dependabot[bot] commented 3 months ago

    Looks like these dependencies are updatable in another way, so this is no longer needed.