chore(deps): bump github.com/xmidt-org/candlelight from 0.0.16 to 0.1.6

[dependabot[bot]]

Bumps github.com/xmidt-org/candlelight from 0.0.16 to 0.1.6.

Release notes

Sourced from github.com/xmidt-org/candlelight's releases.

v0.1.6

Changelog

v0.1.5

Changelog

v0.1.4

Changelog

v0.1.3

Changelog

v0.1.2

Changelog

v0.1.1

Changelog

v0.1.0

No release notes provided.

v0.0.21

Changelog

Other Work

• e372eead31ea1bb6718341d105da6ef7dc04d947: Fix the lint errors due to deprecation. (@​schmidtw)

v0.0.18

Changelog

Other Work

• b74126b9aa3ec1f50dc62cec6cf40fb47ef059ea: Update middleware func, do not return trace header (@​renaz6)

v0.0.17

Changelog

Other Work

• 9da3452feb85ee36756c969fa833c0986f61dfa8: Add Check for traceheader, ensure tracing (@​renaz6)
• 6737d670d38e2c3c73b6f36ec3e10bf260719964: Add bool param to middleware for decoding (@​renaz6)
• 1c3d88966ed24f0a37b361220720820da8ff5847: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#132) (@​dependabot[bot])
• f79a3db6fe13305bf158e92632660eeba33ec677: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#140) (@​dependabot[bot])
• f50bf0a2ad115c84011c0172e8a000f9c743cee5: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.14.0 to 1.15.0 (#121) (@​dependabot[bot])
• a4889e6fa021a8f269978f367a6a956da672f33c: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.15.0 to 1.15.1 (#126) (@​dependabot[bot])
• dfa637bc8b485af1be6beabe854df508cc1eec61: Bump go.opentelemetry.io/otel/exporters/jaeger from 1.15.1 to 1.16.0 (#136) (@​dependabot[bot])
• fa489808bc20d053c0a86fa520f0889620f7409e: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#123) (@​dependabot[bot])
• 61089d66d26f568e350d0a562b21a748ab4fd755: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#131) (@​dependabot[bot])
• ff83be858109587564e41167f3a6523dc76cc60a: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#139) (@​dependabot[bot])
• dc55a2c2b1b9052c251729ab2fe7e20695f25b11: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#122) (@​dependabot[bot])
• beeaabe0187fb8ece124945c7685d8d963e8098f: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#130) (@​dependabot[bot])
• 3d91385bd5633854d2c17f32527e13ad2bb4ebcc: Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp (#138) (@​dependabot[bot])
• 1db8600ec93f1c6978155c0195bdf1d74dd59b26: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#124) (@​dependabot[bot])
• 0038ab0306997c3272773f194e732c6a7e8feec9: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#128) (@​dependabot[bot])
• e616d9d96a00c51d5bdd89154992f5fb382a0ef1: Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#134) (@​dependabot[bot])

... (truncated)

Commits

• adc8faa chore(deps): bump xmidt-org/shared-go from 4.4.10 to 4.4.12 (#225)
• 5f986c2 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 3e9e31e chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
• 8250670 chore(deps): bump go.opentelemetry.io/otel/exporters/zipkin (#224)
• b74e2b8 chore(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#221)
• ebb13ba chore(deps): bump go.opentelemetry.io/otel/sdk from 1.27.0 to 1.28.0 (#218)
• 6af543c chore(deps): bump xmidt-org/shared-go from 4.4.9 to 4.4.10 (#216)
• 3e5f373 chore(deps): bump xmidt-org/shared-go from 4.4.8 to 4.4.9 (#215)
• 7bbfe32 Merge pull request #214 from xmidt-org/spdx
• 72806b0 Merge branch 'main' into spdx
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[guardrails[bot]]

:warning: We detected 2 security issues in this pull request:

Vulnerable Libraries (2)

Severity | Details :-: | :-- High | [pkg:golang/github.com/xmidt-org/candlelight@v0.1.6](https://github.com/xmidt-org/argus/blob/1c69f4e8c05fd578d3d623791eb52d0b0094b981/go.mod#L24) upgrade to: *> v0.1.6* High | [pkg:golang/github.com/prometheus/client_golang@v1.19.0](https://github.com/xmidt-org/argus/blob/1c69f4e8c05fd578d3d623791eb52d0b0094b981/go.mod#L17) upgrade to: *> v1.19.0* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[dependabot[bot]]

Superseded by #759.