search

xmidt-org / argus

simple json database abstraction layer
Apache License 2.0
3 stars 9 forks source link

chore(deps): bump github.com/xmidt-org/candlelight from 0.0.16 to 0.1.10 #764

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps github.com/xmidt-org/candlelight from 0.0.16 to 0.1.10.

Release notes

Sourced from github.com/xmidt-org/candlelight's releases.

v0.1.10

Changelog

v0.1.9

Changelog

v0.1.8

Changelog

v0.1.7

Changelog

v0.1.6

Changelog

v0.1.5

Changelog

v0.1.4

Changelog

v0.1.3

Changelog

v0.1.2

Changelog

v0.1.1

Changelog

v0.1.0

No release notes provided.

v0.0.21

Changelog

Other Work

  • e372eead31ea1bb6718341d105da6ef7dc04d947: Fix the lint errors due to deprecation. (@​schmidtw)

v0.0.18

Changelog

Other Work

  • b74126b9aa3ec1f50dc62cec6cf40fb47ef059ea: Update middleware func, do not return trace header (@​renaz6)

v0.0.17

Changelog

Other Work

  • 9da3452feb85ee36756c969fa833c0986f61dfa8: Add Check for traceheader, ensure tracing (@​renaz6)
  • 6737d670d38e2c3c73b6f36ec3e10bf260719964: Add bool param to middleware for decoding (@​renaz6)
  • 1c3d88966ed24f0a37b361220720820da8ff5847: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#132) (@​dependabot[bot])
  • f79a3db6fe13305bf158e92632660eeba33ec677: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#140) (@​dependabot[bot])

... (truncated)

Commits
  • 2d07fa6 chore(deps): bump xmidt-org/shared-go from 4.4.15 to 4.4.16 (#229)
  • d87335f chore(deps): bump xmidt-org/shared-go from 4.4.14 to 4.4.15 (#228)
  • 259e1a6 chore(deps): bump xmidt-org/shared-go from 4.4.13 to 4.4.14 (#227)
  • c871985 chore(deps): bump xmidt-org/shared-go from 4.4.12 to 4.4.13 (#226)
  • adc8faa chore(deps): bump xmidt-org/shared-go from 4.4.10 to 4.4.12 (#225)
  • 5f986c2 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
  • 3e9e31e chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
  • 8250670 chore(deps): bump go.opentelemetry.io/otel/exporters/zipkin (#224)
  • b74e2b8 chore(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace (#221)
  • ebb13ba chore(deps): bump go.opentelemetry.io/otel/sdk from 1.27.0 to 1.28.0 (#218)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
guardrails[bot] commented 1 month ago

:warning: We detected 2 security issues in this pull request:

Vulnerable Libraries (2)
Severity | Details :-: | :-- High | [pkg:golang/github.com/prometheus/client_golang@v1.19.0](https://github.com/xmidt-org/argus/blob/928dc41538cf8fdba51ba5eea00136285f5065e7/go.mod#L17) upgrade to: *> v1.19.0* High | [pkg:golang/github.com/xmidt-org/candlelight@v0.1.10](https://github.com/xmidt-org/argus/blob/928dc41538cf8fdba51ba5eea00136285f5065e7/go.mod#L24) upgrade to: *> v0.1.10* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot[bot] commented 1 month ago

Superseded by #768.