dependabot[bot]
commented
3 months ago Looks like these dependencies are updatable in another way, so this is no longer needed.
Closed dependabot[bot] closed 3 months ago
dependabot[bot]
commented
3 months ago Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps the gomod group with 4 updates: ariga.io/atlas, github.com/microcosm-cc/bluemonday, github.com/tdewolff/minify/v2 and golang.org/x/crypto.
Updates
ariga.io/atlasfrom 0.24.0 to 0.24.1Commits
2cdfe29cmd/atlas: extendctx can return an error (#2918)1fb0708cmd/atlas/internal/cmdapi: use env-aware connection opener (#2916)305c8b0cmd/atlas: sync vercheck on non-tty (#2914)fac9dccsql/mysql: support extending schema with system versioning (#2913)689a27bsql/postgres: make pg dep sorting version aware (#2911)e983e74sql/schema: consistent references ordering (#2909)85b7babsql/schema: add back-ref to schema dependencies (#2906)25a4317sql/sqlite: support jsonb (#2908)86f7615doc/md/guides: docker issues (#2907)3acaf3acmd/atlas/internal/cmdapi: minor refactoring to migrate command (#2904)Updates
github.com/microcosm-cc/bluemondayfrom 1.0.26 to 1.0.27Commits
10b8ac6Remove SPDX header from LICENSE to enable GitHub auto-detection30fb5d7Don't duplicate attrs if multiple global policies allow theme244202Update CONTRIBUTING.md (fixup of 109c9cf)206ce8aUpdate the security policy109c9cfClean up developer instructions to a vanilla Go projecte602a4aFix RequireCrossOriginAnonymous when crossorigin attr is allowed37251d9Consistently raise minimum Go version and update CI135e7bball: upgrade dependencies5703ea6Merge pull request #207 from silverwind/4hexaf654efMerge pull request #202 from caarlos0/tidyUpdates
github.com/tdewolff/minify/v2from 2.20.34 to 2.20.35Release notes
Sourced from github.com/tdewolff/minify/v2's releases.
Commits
fffa3dbMerge pull request #718 from tdewolff/dependabot/github_actions/softprops/act...2669b34Merge pull request #716 from tdewolff/dependabot/github_actions/docker/build-...71bd0d7Merge pull request #715 from tdewolff/dependabot/github_actions/pypa/gh-actio...be745f5Merge pull request #714 from tdewolff/dependabot/github_actions/pypa/cibuildw...7c23df3Merge branch 'master' of github.com:tdewolff/minify3658dffDon't change options, fixes #720d97383eMerge pull request #719 from espinosa/scoop4bc0570Install windows binary with scoop675afc8JS: improve decision to convert string to template literal; don't count \r, s...2b25831Bump softprops/action-gh-release from 2.0.5 to 2.0.6Updates
golang.org/x/cryptofrom 0.21.0 to 0.24.0Commits
332fd65go.mod: update golang.org/x dependencies0b431c7x509roots/fallback: update bundle349231fssh: implement CryptoPublicKey on sk keys44c9b0fssh: allow server auth callbacks to send additional banners67b1361sha3: reenable s390x assembly477a5b4sha3: make APIs usable with zero allocations59b5a86sha3: disable s390x assembly10f366esha3: simplify XOR functions905d78ago.mod: update golang.org/x dependenciesebb717dssh: validate key type in SSH_MSG_USERAUTH_PK_OK responseDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show