chore(deps): bump github.com/xmidt-org/candlelight from 0.0.16 to 0.1.3

dependabot[bot] commented 2 months ago

Bumps github.com/xmidt-org/candlelight from 0.0.16 to 0.1.3.

Release notes

Sourced from github.com/xmidt-org/candlelight's releases.

v0.1.3

Changelog

v0.1.2

Changelog

v0.1.1

Changelog

v0.1.0

No release notes provided.

v0.0.21

Changelog

Other Work

e372eead31ea1bb6718341d105da6ef7dc04d947: Fix the lint errors due to deprecation. (@schmidtw)

v0.0.18

Changelog

Other Work

b74126b9aa3ec1f50dc62cec6cf40fb47ef059ea: Update middleware func, do not return trace header (@renaz6)

v0.0.17

Changelog

Other Work

9da3452feb85ee36756c969fa833c0986f61dfa8: Add Check for traceheader, ensure tracing (@renaz6)

6737d670d38e2c3c73b6f36ec3e10bf260719964: Add bool param to middleware for decoding (@renaz6)

1c3d88966ed24f0a37b361220720820da8ff5847: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#132) (@dependabot[bot])

f79a3db6fe13305bf158e92632660eeba33ec677: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#140) (@dependabot[bot])

f50bf0a2ad115c84011c0172e8a000f9c743cee5: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.14.0 to 1.15.0 (#121) (@dependabot[bot])

a4889e6fa021a8f269978f367a6a956da672f33c: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.15.0 to 1.15.1 (#126) (@dependabot[bot])

dfa637bc8b485af1be6beabe854df508cc1eec61: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.15.1 to 1.16.0 (#136) (@dependabot[bot])

fa489808bc20d053c0a86fa520f0889620f7409e: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#123) (@dependabot[bot])

61089d66d26f568e350d0a562b21a748ab4fd755: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#131) (@dependabot[bot])

ff83be858109587564e41167f3a6523dc76cc60a: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#139) (@dependabot[bot])

dc55a2c2b1b9052c251729ab2fe7e20695f25b11: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#122) (@dependabot[bot])

beeaabe0187fb8ece124945c7685d8d963e8098f: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#130) (@dependabot[bot])

3d91385bd5633854d2c17f32527e13ad2bb4ebcc: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#138) (@dependabot[bot])

1db8600ec93f1c6978155c0195bdf1d74dd59b26: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#124) (@dependabot[bot])

0038ab0306997c3272773f194e732c6a7e8feec9: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#128) (@dependabot[bot])

e616d9d96a00c51d5bdd89154992f5fb382a0ef1: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#134) (@dependabot[bot])

e869145685782be7050148575f222c53a0057a67: Bump go.opentelemetry.io/otel/exporters/zipkin from 1.14.0 to 1.15.0 (#119) (@dependabot[bot])

094f8fe012c89d516303c5636f7a68c96adaa75e: Bump go.opentelemetry.io/otel/exporters/zipkin from 1.15.0 to 1.15.1 (#127) (@dependabot[bot])

3ec945e0aaa008c80565bb48bbc968fc9a7f98d1: Bump go.opentelemetry.io/otel/exporters/zipkin from 1.15.1 to 1.16.0 (#133) (@dependabot[bot])

b0193984df498a33a4deb7d297264992c6fc594c: Bump go.opentelemetry.io/otel/trace from 1.15.1 to 1.16.0 (#135) (@dependabot[bot])

8bc6dc32d806ecdb46e35d7e57e1919a8638ab6d: Correct Xmidt header (@renaz6)

Commits

3e5f373 chore(deps): bump xmidt-org/shared-go from 4.4.8 to 4.4.9 (#215)
7bbfe32 Merge pull request #214 from xmidt-org/spdx
72806b0 Merge branch 'main' into spdx
3faba6e chore:Convert to SPDX license format.
38c430d chore(deps): bump xmidt-org/shared-go from 4.4.7 to 4.4.8 (#213)
86c9818 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
5f79b5f chore(deps): bump go.opentelemetry.io/otel/exporters/zipkin (#209)
5673882 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
d722047 chore(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#211)
55ff7c9 chore(deps): bump xmidt-org/shared-go from 4.4.3 to 4.4.7 (#205)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

guardrails[bot] commented 2 months ago

:warning: We detected 2 security issues in this pull request:

Vulnerable Libraries (2)

Severity | Details :-: | :-- High | [pkg:golang/github.com/xmidt-org/candlelight@v0.1.3](https://github.com/xmidt-org/argus/blob/032a6738763066c2fec2cfff9228adc9cdf739f2/go.mod#L24) upgrade to: *> v0.1.3* High | [pkg:golang/github.com/prometheus/client_golang@v1.19.0](https://github.com/xmidt-org/argus/blob/032a6738763066c2fec2cfff9228adc9cdf739f2/go.mod#L17) upgrade to: *> v1.19.0* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot[bot] commented 2 months ago

Superseded by #753.

xmidt-org / argus

chore(deps): bump github.com/xmidt-org/candlelight from 0.0.16 to 0.1.3 #751

v0.1.3

Changelog

v0.1.2

Changelog

v0.1.1

Changelog

v0.1.0

v0.0.21

Changelog

Other Work

v0.0.18

Changelog

Other Work

v0.0.17

Changelog

Other Work