feat(deps): bump github.com/spf13/viper from 1.16.0 to 1.18.0

[dependabot[bot]]

Bumps github.com/spf13/viper from 1.16.0 to 1.18.0.

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

• chore: rename files according to enabled build tags by @​alexandear in spf13/viper#1642
• test: replace ifs with asserts to simplify tests by @​alexandear in spf13/viper#1656
• ci: enable test shuffle and fix tests by @​alexandear in spf13/viper#1643
• fix: gocritic lint issues by @​alexandear in spf13/viper#1696

Bug Fixes 🐛

• Implement viper.BindStruct for automatic unmarshalling from environment variables by @​krakowski in spf13/viper#1429
• fix isPathShadowedInFlatMap type cast bug by @​linuxsong in spf13/viper#1585

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @​dependabot in spf13/viper#1661
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in spf13/viper#1659
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in spf13/viper#1663
• build(deps): bump actions/github-script from 6.4.1 to 7.0.1 by @​dependabot in spf13/viper#1686
• build(deps): bump github/codeql-action from 2.22.3 to 2.22.8 by @​dependabot in spf13/viper#1688
• build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 by @​dependabot in spf13/viper#1692
• build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @​dependabot in spf13/viper#1690
• build(deps): bump cachix/install-nix-action from 23 to 24 by @​dependabot in spf13/viper#1689
• build(deps): bump github.com/nats-io/nkeys from 0.4.5 to 0.4.6 by @​dependabot in spf13/viper#1672
• build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 by @​dependabot in spf13/viper#1691
• build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @​dependabot in spf13/viper#1668
• chore: update dependencies by @​sagikazarmark in spf13/viper#1694
• chore: update crypt by @​sagikazarmark in spf13/viper#1701

Other Changes

• Add info about multiple hosts for remote config by @​KaymeKaydex in spf13/viper#1684
• refactor: drop fsonitfy wrapper by @​sagikazarmark in spf13/viper#1693
• Note Get* behavior on parse failure by @​scop in spf13/viper#1687
• fix: godot lint issues by @​alexandear in spf13/viper#1657

New Contributors

• @​KaymeKaydex made their first contribution in spf13/viper#1684
• @​krakowski made their first contribution in spf13/viper#1429
• @​linuxsong made their first contribution in spf13/viper#1585

Full Changelog: https://github.com/spf13/viper/compare/v1.17.0...v1.18.0

v1.17.0

... (truncated)

Commits

• f5fcb4a chore: update crypt
• f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
• 36a3868 Review changes
• f0c4ccd fix: gocritic lint issues
• 3a23b80 ci: enable test shuffle; fix tests
• 73dfb94 feat: make Unmarshal work with AutomaticEnv
• 6ea31ae refactor: move all settings code to a getter
• c4dcd31 fix: godot lint issues
• 4c9b2a2 Note Get* behavior on parse failure
• a4a551f chore: update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[guardrails[bot]]

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)

Severity | Details :-: | :-- High | [pkg:golang/github.com/spf13/viper@v1.18.0](https://github.com/xmidt-org/themis/blob/ccd897b82e74661111b84093550184898a1a56af/go.mod#L15) upgrade to: *> v1.18.0* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (db893c0) 78.55% compared to head (ccd897b) 78.55%.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #191 +/- ## ======================================= Coverage 78.55% 78.55% ======================================= Files 35 35 Lines 1562 1562 ======================================= Hits 1227 1227 Misses 308 308 Partials 27 27 ``` | [Flag](https://app.codecov.io/gh/xmidt-org/themis/pull/191/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/xmidt-org/themis/pull/191/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org) | `78.55% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=xmidt-org#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.