chore(deps): bump github.com/xmidt-org/arrange from 0.4.0 to 0.5.1

[dependabot[bot]]

Bumps github.com/xmidt-org/arrange from 0.4.0 to 0.5.1.

Release notes

Sourced from github.com/xmidt-org/arrange's releases.

v0.5.1

Changelog

Dependency Updates

• 7b22e4e78b7ddf835f82275b3a0757d95e0f602f: feat(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#141) (@​dependabot[bot])
• 518bcde93f01ac69dcc70991e7c99bbe05ca5316: feat(deps): bump go.uber.org/fx from 1.20.0 to 1.20.1 (#133) (@​dependabot[bot])
• 25d87904a31fb2dd953fd046ebb5b10d1664ddc6: feat(deps): bump go.uber.org/fx from 1.20.1 to 1.21.0 (#142) (@​dependabot[bot])
• d208194d66cf95e51b2da67edcc679f8f4574eca: feat(deps): bump go.uber.org/fx from 1.21.0 to 1.21.1 (#145) (@​dependabot[bot])
• f02b8651b631d74a6be0a2918be6d01ed5533f45: feat(deps): bump go.uber.org/zap from 1.25.0 to 1.26.0 (#132) (@​dependabot[bot])
• d5000a41a08bffcdb01b94ad758def92009e8325: feat(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#140) (@​dependabot[bot])

Other Work

• 98827aa9508319f20194434e6889d7564fd241bc: --- (#146) (@​dependabot[bot])
• a8e94d51875f9c12efa10469190f283d451fa015: Update README.md (@​schmidtw)
• 6d945582ee68cbde109d5cb878f91be0b99524b5: Update README.md (@​schmidtw)
• 0b45861e985b9069974e87248e71a0b111b1f169: Update dependabot to manage all dependencies. (@​schmidtw)
• c3273fbf67edab0627e033b860f2be3f2a1fa455: corrected the MinVersion and MaxVersion comments (@​johnabass)
• 707924f002fcd15afc50e627fff4b52c062493d2: fixed project name (@​johnabass)
• e698653000a9a1bfb3eca6a89a9996bd4e480dff: removed gorilla/mux and instead only support *http.ServeMux (@​johnabass)

v0.5.0

Changelog

Other Work

• 3cc95cf342edb681bd5726ca14440e2fa814ce61: Bump github.com/spf13/viper from 1.12.0 to 1.15.0 (#87) (@​dependabot[bot])
• 0523e201651a7402eaeb141f9e0a9659011ad17f: Bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#103) (@​dependabot[bot])
• 451664259ff0829a88426acfd243e9a7c6027d62: Bump github.com/stretchr/testify from 1.8.0 to 1.8.2 (#91) (@​dependabot[bot])
• 163554beb7c5bf9db1655296a422cace80da4ece: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#102) (@​dependabot[bot])
• 2ff769279b5621445932ba81342a8fc4f4c30994: Bump go.uber.org/dig from 1.15.0 to 1.16.1 (#86) (@​dependabot[bot])
• 762b150462a3e1ec94082bd77a37a70d176f6835: Bump go.uber.org/dig from 1.16.1 to 1.17.0 (#99) (@​dependabot[bot])
• 199ed8554274ace1a0358e194981b9fe4c2ffdcf: Bump go.uber.org/fx from 1.18.1 to 1.19.2 (#88) (@​dependabot[bot])
• 46d3c83e84cbcd0b1e2a1cfd621845e0a1d04760: Bump go.uber.org/fx from 1.19.2 to 1.19.3 (#100) (@​dependabot[bot])
• 7377b764ba9f0f29986273227d0c879723218dc2: Bump go.uber.org/fx from 1.19.3 to 1.20.0 (#107) (@​dependabot[bot])
• baf62525dd5ebbed451844481f2d79c5d39ad696: Bump go.uber.org/multierr from 1.8.0 to 1.9.0 (#82) (@​dependabot[bot])
• ce8cec515760758f76a06ad76526871cf6847ca0: Bump go.uber.org/multierr from 1.9.0 to 1.10.0 (#94) (@​dependabot[bot])
• 3b90c88b586d4ba9a9bbd6a9bedc18e1e8f7eb29: MockRoundTripper and friends to ease client testing (@​johnabass)
• ea6efb41cbe99f31bc2838073adee20ee0fbbcc4: ServerFactory may now be used as a server option (@​johnabass)
• 75043693cff301be8881dd04a8dbfe3d20dac966: Use the new shared workflow. (@​schmidtw)
• dca1247e239f6e84675e366ae209479412a4ff67: added Push/Pop scoping to TagBuilder (@​johnabass)
• 7a2ec64ba641923a69c29bae00ace1343935b131: added TLSSuite for unit tests that need certificates (@​johnabass)
• 261fb4868374b2a0c57341c745643643848dcfb6: added a ConnState server option (@​johnabass)
• 273e37102f40c4ede8da9f41ab77ea846752b2fd: added a basic tag builder as a compiler-friendly alternative to specifying tags in annotations (@​johnabass)
• d30748c9cd7fc473333f1215669cf2264df0cd20: added composability to BaseContext (@​johnabass)
• 6af4643c7b45b02e59ef4f8bba0665babc94c714: added generic middleware (@​johnabass)
• 1893b25fdd1fdef03f8d3e7eb2095605db6b42a1: augmented ConnContext to allow for function chaining and flexibility for user-defined types (@​johnabass)
• 347a2831f2b33add83858ef1b2fd1d6dc4163d08: better RoundTripper closure implementation (@​johnabass)
• ceff63b3b9fa9234656c92a14240b8d93d21d6c9: cleaned up tests; verify raw vs reflect values (@​johnabass)
• 29c14c9471dc41412a952c613b9a09de2b19e376: created a different version of VisitDependencies for reflect.Values (@​johnabass)
• 063787f3a44a05c3a67d1c555171c807c18ab3c3: factored out listener creation into NewListener for better reusability (@​johnabass)
• b63b6dbe8061b7d4ffc48b309b6053c16ca23692: implemented Provide functions for simple client usage in the typical (intended) use cases (@​johnabass)
• e094ebf585d63d5b2bfa95dd395e613b3d66554b: interim (@​johnabass)
• b265527c1f3cec95accbc024420a735646c2f45a: listener capture allows access to the bound net.Addr during tests (@​johnabass)
• 6d479a6cb3fa981249de3515e6ba9fb723e1402d: major refactor of the client infrastructure (@​johnabass)

... (truncated)

Commits

• c3273fb corrected the MinVersion and MaxVersion comments
• cf50977 go mod tidy
• 9985bda Merge pull request #164 from xmidt-org/dependabot/go_modules/github.com/xmidt...
• b66648b chore(deps): bump github.com/xmidt-org/httpaux from 0.4.0 to 0.4.1
• 1891633 chore(deps): bump xmidt-org/shared-go from 4.4.15 to 4.4.16 (#163)
• 9d54460 chore(deps): bump xmidt-org/shared-go from 4.4.14 to 4.4.15 (#162)
• 97d5b5b chore(deps): bump xmidt-org/shared-go from 4.4.13 to 4.4.14 (#161)
• 2594f5f chore(deps): bump xmidt-org/shared-go from 4.4.12 to 4.4.13 (#160)
• 9082f43 chore(deps): bump xmidt-org/shared-go from 4.4.11 to 4.4.12 (#159)
• c11b9ca chore(deps): bump xmidt-org/shared-go from 4.4.10 to 4.4.11 (#158)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[guardrails[bot]]

:warning: We detected 3 security issues in this pull request:

Vulnerable Libraries (3)

Severity | Details :-: | :-- High | [pkg:golang/github.com/xmidt-org/arrange@v0.5.1](https://github.com/xmidt-org/argus/blob/bc878e74110bf7a1e9149e64a14e836ff62a7252/go.mod#L23) upgrade to: *> v0.5.1* High | [pkg:golang/github.com/xmidt-org/httpaux@v0.4.1](https://github.com/xmidt-org/argus/blob/bc878e74110bf7a1e9149e64a14e836ff62a7252/go.mod#L27) upgrade to: *> v0.4.1* High | [pkg:golang/go.uber.org/fx@v1.22.1](https://github.com/xmidt-org/argus/blob/bc878e74110bf7a1e9149e64a14e836ff62a7252/go.mod#L31) upgrade to: *> v1.22.1* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.