search

xmidt-org / caduceus

The Xmidt server for delivering events written in Go.
Apache License 2.0
16 stars 19 forks source link

feat(deps): bump github.com/xmidt-org/touchstone from 0.1.2 to 0.1.3 #420

Closed dependabot[bot] closed 12 months ago

dependabot[bot] commented 12 months ago

Bumps github.com/xmidt-org/touchstone from 0.1.2 to 0.1.3.

Release notes

Sourced from github.com/xmidt-org/touchstone's releases.

v0.1.3

Changelog

Bug Fixes

  • 03e1db0beaf0daeb0445449da5ae3cd23d439d41: fix: added back pruned bundle code (@​johnabass)

Other Work

  • 9a7b748b1eede7695a33fdfb4bfa6f6bcf0bd050: Bump github.com/prometheus/client_golang from 1.13.0 to 1.13.1 (#38) (@​dependabot[bot])
  • bfc106dc0b52dc6c3d8b080eb1317d5dd6625247: Bump github.com/prometheus/client_golang from 1.13.1 to 1.14.0 (#39) (@​dependabot[bot])
  • 658c8276933d07cc3ec999e8eb9379eb5cf71054: Bump github.com/prometheus/common from 0.37.0 to 0.38.0 (#41) (@​dependabot[bot])
  • 30d483bd806bdd68ffafb3ebe18000e2befeca76: Bump github.com/prometheus/common from 0.38.0 to 0.39.0 (#43) (@​dependabot[bot])
  • 4b01e5ae26e233d56774017e8c3ce15dc62472ab: Bump github.com/prometheus/common from 0.39.0 to 0.40.0 (#46) (@​dependabot[bot])
  • 7968ff8e13cbf8aaa11e733240da92d954310266: Bump github.com/prometheus/common from 0.40.0 to 0.42.0 (#51) (@​dependabot[bot])
  • e66b2dd6521752182d5cfc81308abf74f7d62e30: Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#37) (@​dependabot[bot])
  • b6a89370d10236941af132992965b8ca9da61004: Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#48) (@​dependabot[bot])
  • 84a3176236ac2a1ef1f29c9d6ccc269be21fee48: Bump go.uber.org/fx from 1.18.1 to 1.18.2 (#36) (@​dependabot[bot])
  • 7b491b76728afa617ff7dabcc46fb14c06f2ae9e: Bump go.uber.org/fx from 1.18.2 to 1.19.0 (#44) (@​dependabot[bot])
  • bddfcd91feffe033e5a75b9feddcdc1584ca8c18: Bump go.uber.org/fx from 1.19.0 to 1.19.1 (#45) (@​dependabot[bot])
  • 036bdcf681087a62046a88d99ea6426062234abd: Bump go.uber.org/fx from 1.19.1 to 1.19.2 (#47) (@​dependabot[bot])
  • ebb58547594d69e7e8df30cc7fc6cb9b5f0ab4bb: Bump go.uber.org/multierr from 1.8.0 to 1.9.0 (#42) (@​dependabot[bot])
  • 1f138099b179725974da4ce8dd52691744d38b36: Bump go.uber.org/multierr from 1.9.0 to 1.10.0 (#50) (@​dependabot[bot])
  • 3a7a6756fe4b62802d7be2d378db50261a829edb: Bump go.uber.org/zap from 1.22.0 to 1.23.0 (#35) (@​dependabot[bot])
  • 2e50ad75babb50800b424559a0cc9ec76ab31fbf: Bump go.uber.org/zap from 1.23.0 to 1.24.0 (#40) (@​dependabot[bot])
  • 8a243489632c2cb8f0febc64ac3b889bed9fd9f7: Remove a defunct badge. (@​schmidtw)
  • d297e715457dcfa491d5b50646d8cca8370445bd: Update dependabot to manage all dependencies. (@​schmidtw)
  • 9b39899dc894270e937daee83740e5e4b20a59fc: Use the new shared workflow. (@​schmidtw)
  • 000dca9e0db43c7a58501f685c10e9f4849d4e02: corrected the note about fx.Printer (@​johnabass)
  • d99b5393287bf0ee7bd6df5d9d5767ae7ec890b3: removed old reflection code (@​johnabass)
  • 48ddf9f1f8fe4647229581ae753f7dc54d2c0be8: updated doc (@​johnabass)
Changelog

Sourced from github.com/xmidt-org/touchstone's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased]

Commits
  • 03e1db0 fix: added back pruned bundle code
  • d297e71 Update dependabot to manage all dependencies.
  • d99b539 removed old reflection code
  • 48ddf9f updated doc
  • 000dca9 corrected the note about fx.Printer
  • 609efb8 Merge pull request #53 from xmidt-org/update-workflow
  • 9b39899 Use the new shared workflow.
  • 1f13809 Bump go.uber.org/multierr from 1.9.0 to 1.10.0 (#50)
  • 7968ff8 Bump github.com/prometheus/common from 0.40.0 to 0.42.0 (#51)
  • b6a8937 Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#48)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
guardrails[bot] commented 12 months ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity | Details :-: | :-- N/A | [pkg:golang/github.com/xmidt-org/touchstone@v0.1.2](https://github.com/xmidt-org/caduceus/blob/bf62d5a442c0ac24d7634b4ce992934bfb3eb8d1/go.mod#L22) - **no patch available** More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.