Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the go-modules group across 1 directory with 46 updates #638

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 30, 2024

Bumps the go-modules group with 26 updates in the / directory:

Package From To
github.com/BurntSushi/toml 1.3.2 1.4.0
github.com/onsi/gomega 1.30.0 1.34.1
github.com/paketo-buildpacks/occam 0.18.0 0.18.7
github.com/Microsoft/hcsshim 0.11.5 0.12.5
github.com/andybalholm/brotli 1.0.6 1.1.0
github.com/cenkalti/backoff/v4 4.2.1 4.3.0
github.com/cloudflare/circl 1.3.7 1.3.9
github.com/cyphar/filepath-securejoin 0.2.4 0.3.1
github.com/distribution/reference 0.5.0 0.6.0
github.com/docker/docker-credential-helpers 0.8.0 0.8.2
github.com/gabriel-vasile/mimetype 1.4.3 1.4.5
github.com/go-git/go-git/v5 5.11.0 5.12.0
github.com/huandu/xstrings 1.4.0 1.5.0
github.com/klauspost/compress 1.17.4 1.17.9
github.com/knqyf263/go-rpmdb 0.0.0-20230301153543-ba94b245509b 0.1.1
github.com/mattn/go-runewidth 0.0.15 0.0.16
github.com/moby/sys/sequential 0.5.0 0.6.0
github.com/pierrec/lz4/v4 4.1.19 4.1.21
github.com/rivo/uniseg 0.4.4 0.4.7
github.com/sassoftware/go-rpmutils 0.2.0 0.4.0
github.com/shopspring/decimal 1.3.1 1.4.0
github.com/spdx/tools-golang 0.5.3 0.5.5
github.com/sylabs/sif/v2 2.15.0 2.18.0
github.com/tklauser/go-sysconf 0.3.13 0.3.14
github.com/vbatts/go-mtree 0.5.3 0.5.4
github.com/yusufpapurcu/wmi 1.2.3 1.2.4

Updates github.com/BurntSushi/toml from 1.3.2 to 1.4.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.4.0

This version requires Go 1.18

  • Add toml.Marshal() (#405)

  • Require 2-digit hour (#320)

  • Wrap UnmarshalTOML() and UnmarshalText() return values in ParseError for position information (#398)

  • Fix inline tables with dotted keys inside inline arrays (e.g. k=[{a.b=1}]) (#400)

Commits
  • 1e2c053 Undeprecate PrimitiveDecode and MetaData.PrimitiveDecode()
  • f8f7e48 Update toml-test
  • 9a80667 Add -json flag to tomlv
  • 3203540 fuzz: move fuzz_targets from oss-fuzz (#406)
  • 77ce858 Add Marshal Function (#405)
  • 0e879cb Fix panic when trying to set subkey for a value that's not a table
  • c299e75 Update toml-test
  • 4223137 Fix inline tables with dotted keys inside inline arrays (#400)
  • 45e7e49 Update toml-test
  • c320c2d Fix utf8.RuneError test
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.30.0 to 1.34.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.1

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]

v1.33.1

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

v1.33.0

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

v1.32.0

1.32.0

Maintenance

  • Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

... (truncated)

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

1.33.0

Features

Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
  • Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
  • Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]

1.32.0

Maintenance

  • Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

    This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @​jbduncan !). Please open an issue if you run into one.

  • chore: test with Go 1.22 (#733) [32ef35e]

  • Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

... (truncated)

Commits
  • fa057b8 v1.34.1
  • 5e71dcd Use slices from exp/slices to keep golang 1.20 compat
  • 32e5498 v1.34.0
  • cb3fa6a run go mod tidy and wonder why go get doesnt just run it for me in the first ...
  • 8af2ece bump ginkgo
  • 878940c fix incorrect handling of nil slices in HaveExactElements (fixes #771)
  • f5bec80 clean up bipartitegraph tests
  • ebadb67 issue_765 - fixed bug in Hopcroft-Karp algorithm
  • 123a071 Fix typo in docs
  • c549e0d Add RoundTripper method to ghttp.Server
  • Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/occam from 0.18.0 to 0.18.7

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.18.7

What's Changed

Full Changelog: paketo-buildpacks/occam@v0.18.6...v0.18.7

v0.18.6

What's Changed

Full Changelog: paketo-buildpacks/occam@v0.18.5...v0.18.6

v0.18.5

What's Changed

Full Changelog: paketo-buildpacks/occam@v0.18.4...v0.18.5

v0.18.4

What's Changed

Full Changelog: paketo-buildpacks/occam@v0.18.3...v0.18.4

v0.18.3

What's Changed

... (truncated)

Commits
  • aff3030 Buildpack packaging should always target linux
  • 7b8692d Updates go mod toolchain version to 1.22.4
  • ddf2781 Bump github.com/docker/docker
  • e9fee75 Adds support of buildpackages in buildpack store and updates freezer (#302)
  • dda57be Updating github-config
  • f0b937b Use stable go version everywhere.
  • 354d744 Bump to go 1.21
  • 64bc107 Updating github-config
  • d00fe4b Bump github.com/docker/docker
  • 37502e4 Bump github.com/testcontainers/testcontainers-go from 0.30.0 to 0.31.0
  • Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.12.0 to 2.14.0

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.14.0

What's Changed

New Contributors

Full Changelog: paketo-buildpacks/packit@v2.13.0...v2.14.0

v2.13.0

What's Changed

New Contributors

Full Changelog: paketo-buildpacks/packit@v2.12.0...v2.13.0

Commits
  • 13393ec Support reading service bindings from VCAP_SERVICES env var (#566)
  • 35d8f76 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1
  • ce376b7 Fixes mirror bug when originalHost is excluded (#569)
  • 4c9f338 Allows users to set a dependency mirror (#563)
  • 4e9c21d Bump github.com/onsi/gomega from 1.32.0 to 1.33.0
  • dd77ec5 Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.12
  • 95b8056 Bump github.com/onsi/gomega from 1.31.1 to 1.32.0
  • 777a503 Bump github.com/stretchr/testify from 1.8.4 to 1.9.0
  • c1b785b Bump github.com/google/uuid from 1.5.0 to 1.6.0
  • b31dc83 Bump github.com/onsi/gomega from 1.31.0 to 1.31.1
  • Additional commits viewable in compare view

Updates github.com/ForestEckhardt/freezer from 0.0.12 to 0.1.0

Release notes

Sourced from github.com/ForestEckhardt/freezer's releases.

v0.1.0

What's Changed

Full Changelog: ForestEckhardt/freezer@v0.0.12...v0.1.0

Commits

Updates github.com/Microsoft/hcsshim from 0.11.5 to 0.12.5

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.5

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.4...v0.12.5

v0.12.4

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.3...v0.12.4

v0.12.3

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.2...v0.12.3

v0.12.2

No release notes provided.

v0.12.1

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.0...v0.12.1

v0.12.0

What's Changed

... (truncated)

Commits
  • e970943 Modifying network flag EnableIov.
  • 4f77a09 Hcsshim wrapper over HNS API needed for exclusion of management mac addresses...
  • 3b5bd8a [release/0.12] vendor: github.com/containerd/containerd v17.18
  • 40cdbc8 Adding state attribute to the HNSEndpoint struct to support hyperv containers...
  • c6a8327 Adding support for loadbalancer policy update in hns. (#2085)
  • 44e4ec0 Changes for checking the global version for modify policy version support. (#...
  • 62f86c0 OutBoundNATPolicy Schema changes (#2106)
  • c950974 Update go-winio to v0.6.2 & fix lint errors
  • ad1ccf5 fix: move permissions to the correct job (#2080) (#2081)
  • 6588c1c Updating permissions and github release action versions (#2078) (#2079)
  • Additional commits viewable in compare view

Updates github.com/andybalholm/brotli from 1.0.6 to 1.1.0

Commits
  • 17e5901 Make my matchfinder work more accessible.
  • cf812c0 matchfinder: add M0
  • 1b6cf36 matchfinder: remove MultiHash
  • 265f3af matchfinder: penalize score for overlapping matches
  • a8d524a matchfinder: replace Score function with DistanceBitCost
  • 578645e matchfinder: add MultiHash
  • 24b2bfa matchfinder.M4: add Score function
  • 4a024e3 matchfinder.M4: add match chain
  • 3a1c5cd Fix typo in comment.
  • 0d2aef3 matchfinder.M4: factor out extendMatch2
  • Additional commits viewable in compare view

Updates github.com/cenkalti/backoff/v4 from 4.2.1 to 4.3.0

Commits
  • 720b789 remove travis badge from readme
  • a83af7f feat(backoff): Add functional options for ExponentialBackOff Closes #136
  • See full diff in compare view

Updates github.com/cloudflare/circl from 1.3.7 to 1.3.9

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.9

Changes:

  • Fix bug on BLS12381 decoding elements.

Commit History

Full Changelog: cloudflare/circl@v1.3.8...v1.3.9

CIRCL v1.3.8

New

  • BLS Signatures on top of BLS12-381.
  • Adopt faster squaring in pairings.
  • BlindRSA compliant with RFC9474.
  • (Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

Notice

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.3.7...v1.3.8

Commits
  • 75b28ed Preparing CIRCL release v1.3.9
  • 9e7c49b Detects invalid encodings of bls12381 elements.
  • 5f94471 Test for invalid encodings of BLS12381.
  • 456fe41 dilithium: fix typo
  • 4bb5601 Serializing ciphertext with 32-bit prefixes.
  • a4252c7 Test functions working with ciphertext.
  • 64431bb Testing long plaintext.
  • fe2b663 Using SHAKE128 as a fixed prgn for golden files.
  • 2c600ff Align to the purego build tag, removing noasm build tag
  • a4b7601 Ensure pairing functions don't overwrite the input.
  • Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.2.4 to 0.3.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.1

  • By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

  • We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

    Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

  • Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

    These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

Signed-off-by: Aleksa Sarai [email protected]

v0.3.0

This release contains no changes to SecureJoin.

However, it does introduce a new *os.File-based API which is much safer to use for most usecases. These are adapted from [libpathrs][1] and are the bare minimum to be able to operate more safely on an untrusted rootfs where an attacker has write access (something that SecureJoin cannot protect against). The new APIs are:

  • OpenInRoot, which resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the file handle returned by OpenInRoot is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- see open(2) for more details).

  • Reopen, which takes an O_PATH file handle and safely re-opens it to "upgrade" it to a regular handle.

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.1] - 2024-07-23

Changed

  • By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

  • We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

    Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

Fixed

  • Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

    These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

[0.3.0] - 2024-07-11

Added

  • A new set of *os.File-based APIs have been added. These are adapted from [libpathrs][] and we strongly suggest using them if possible (as they provide far more protection against attacks than SecureJoin):

    • Open(at)InRoot resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the handle returned is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- [see open(2) for more details][open.2])

    • Reopen takes an O_PATH file handle and safely re-opens it to upgrade it to a regular handle. This can also be used with non-O_PATH handles, but O_PATH is the most obvious application.

    • MkdirAll is an implementation of os.MkdirAll that is safe to use to

... (truncated)

Commits
  • ce7b28a VERSION: release v0.3.1
  • a2c14f8 CHANGELOG: add readlinkat(fd, "") shout-out
  • 4ea279f merge #22 into cyphar/filepath-securejoin:main
  • 16e1bec CHANGELOG: add initial changelog with current history
  • 2404ffb merge #21 into cyphar/filepath-securejoin:main
  • f29b7a4 lookup: handle // and trailing slash components correctly
  • ecd61ca merge #19 into cyphar/filepath-securejoin:main
  • 38b1220 procfs: refactor statx mnt_id logic
  • 45c4415 procfs: use readlink(fd, "") for magic-links
  • edab538 merge #17 into cyphar/filepath-securejoin:main
  • Additional commits viewable in compare view

Updates github.com/distribution/reference from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/distribution/reference's releases.

v0.6.0

What's Changed

New Contributors

Full Changelog: distribution/reference@v0.5.0...v0.6.0

Commits
  • ff14faf Merge pull request #9 from ozairasim/exclude-domain-from-name-length-validation
  • 2a66312 Merge pull request #10 from xrstf/patch-1
  • 094e717 fix typo in readme
  • aaca75e Exclude domain from name length check
  • 8507c7f Merge pull request #7 from thaJeztah/cleanup_splitDockerDomain
  • 89ee7ec refactor splitDockerDomain to include more documentation
  • a3fb784 Merge pull request #5 from thaJeztah/rm_deprecated
  • 4894124 remove deprecated SplitHostname
  • See full diff in compare view

Updates github.com/docker/docker-credential-helpers from 0.8.0 to 0.8.2

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.8.2

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.8.1...v0.8.2

v0.8.1

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.8.0...v0.8.1

Commits
    ...

    Description has been truncated

Bumps the go-modules group with 26 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) | `1.3.2` | `1.4.0` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.30.0` | `1.34.1` |
| [github.com/paketo-buildpacks/occam](https://github.com/paketo-buildpacks/occam) | `0.18.0` | `0.18.7` |
| [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.11.5` | `0.12.5` |
| [github.com/andybalholm/brotli](https://github.com/andybalholm/brotli) | `1.0.6` | `1.1.0` |
| [github.com/cenkalti/backoff/v4](https://github.com/cenkalti/backoff) | `4.2.1` | `4.3.0` |
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.3.9` |
| [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.2.4` | `0.3.1` |
| [github.com/distribution/reference](https://github.com/distribution/reference) | `0.5.0` | `0.6.0` |
| [github.com/docker/docker-credential-helpers](https://github.com/docker/docker-credential-helpers) | `0.8.0` | `0.8.2` |
| [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) | `1.4.3` | `1.4.5` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.11.0` | `5.12.0` |
| [github.com/huandu/xstrings](https://github.com/huandu/xstrings) | `1.4.0` | `1.5.0` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.4` | `1.17.9` |
| [github.com/knqyf263/go-rpmdb](https://github.com/knqyf263/go-rpmdb) | `0.0.0-20230301153543-ba94b245509b` | `0.1.1` |
| [github.com/mattn/go-runewidth](https://github.com/mattn/go-runewidth) | `0.0.15` | `0.0.16` |
| [github.com/moby/sys/sequential](https://github.com/moby/sys) | `0.5.0` | `0.6.0` |
| [github.com/pierrec/lz4/v4](https://github.com/pierrec/lz4) | `4.1.19` | `4.1.21` |
| [github.com/rivo/uniseg](https://github.com/rivo/uniseg) | `0.4.4` | `0.4.7` |
| [github.com/sassoftware/go-rpmutils](https://github.com/sassoftware/go-rpmutils) | `0.2.0` | `0.4.0` |
| [github.com/shopspring/decimal](https://github.com/shopspring/decimal) | `1.3.1` | `1.4.0` |
| [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) | `0.5.3` | `0.5.5` |
| [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) | `2.15.0` | `2.18.0` |
| [github.com/tklauser/go-sysconf](https://github.com/tklauser/go-sysconf) | `0.3.13` | `0.3.14` |
| [github.com/vbatts/go-mtree](https://github.com/vbatts/go-mtree) | `0.5.3` | `0.5.4` |
| [github.com/yusufpapurcu/wmi](https://github.com/yusufpapurcu/wmi) | `1.2.3` | `1.2.4` |



Updates `github.com/BurntSushi/toml` from 1.3.2 to 1.4.0
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.3.2...v1.4.0)

Updates `github.com/onsi/gomega` from 1.30.0 to 1.34.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.30.0...v1.34.1)

Updates `github.com/paketo-buildpacks/occam` from 0.18.0 to 0.18.7
- [Release notes](https://github.com/paketo-buildpacks/occam/releases)
- [Commits](paketo-buildpacks/occam@v0.18.0...v0.18.7)

Updates `github.com/paketo-buildpacks/packit/v2` from 2.12.0 to 2.14.0
- [Release notes](https://github.com/paketo-buildpacks/packit/releases)
- [Commits](paketo-buildpacks/packit@v2.12.0...v2.14.0)

Updates `github.com/ForestEckhardt/freezer` from 0.0.12 to 0.1.0
- [Release notes](https://github.com/ForestEckhardt/freezer/releases)
- [Commits](ForestEckhardt/freezer@v0.0.12...v0.1.0)

Updates `github.com/Microsoft/hcsshim` from 0.11.5 to 0.12.5
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](microsoft/hcsshim@v0.11.5...v0.12.5)

Updates `github.com/andybalholm/brotli` from 1.0.6 to 1.1.0
- [Commits](andybalholm/brotli@v1.0.6...v1.1.0)

Updates `github.com/cenkalti/backoff/v4` from 4.2.1 to 4.3.0
- [Commits](cenkalti/backoff@v4.2.1...v4.3.0)

Updates `github.com/cloudflare/circl` from 1.3.7 to 1.3.9
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](cloudflare/circl@v1.3.7...v1.3.9)

Updates `github.com/cyphar/filepath-securejoin` from 0.2.4 to 0.3.1
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](cyphar/filepath-securejoin@v0.2.4...v0.3.1)

Updates `github.com/distribution/reference` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/distribution/reference/releases)
- [Commits](distribution/reference@v0.5.0...v0.6.0)

Updates `github.com/docker/docker-credential-helpers` from 0.8.0 to 0.8.2
- [Release notes](https://github.com/docker/docker-credential-helpers/releases)
- [Commits](docker/docker-credential-helpers@v0.8.0...v0.8.2)

Updates `github.com/docker/go-connections` from 0.4.0 to 0.5.0
- [Commits](docker/go-connections@v0.4.0...v0.5.0)

Updates `github.com/gabriel-vasile/mimetype` from 1.4.3 to 1.4.5
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.3...v1.4.5)

Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.11.0...v5.12.0)

Updates `github.com/google/go-containerregistry` from 0.17.0 to 0.19.1
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.17.0...v0.19.1)

Updates `github.com/google/uuid` from 1.4.0 to 1.6.0
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.4.0...v1.6.0)

Updates `github.com/huandu/xstrings` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/huandu/xstrings/releases)
- [Commits](huandu/xstrings@v1.4.0...v1.5.0)

Updates `github.com/klauspost/compress` from 1.17.4 to 1.17.9
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.4...v1.17.9)

Updates `github.com/knqyf263/go-rpmdb` from 0.0.0-20230301153543-ba94b245509b to 0.1.1
- [Commits](https://github.com/knqyf263/go-rpmdb/commits/v0.1.1)

Updates `github.com/mattn/go-runewidth` from 0.0.15 to 0.0.16
- [Commits](mattn/go-runewidth@v0.0.15...v0.0.16)

Updates `github.com/moby/sys/sequential` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](moby/sys@signal/v0.5.0...signal/v0.6.0)

Updates `github.com/pierrec/lz4/v4` from 4.1.19 to 4.1.21
- [Commits](pierrec/lz4@v4.1.19...v4.1.21)

Updates `github.com/rivo/uniseg` from 0.4.4 to 0.4.7
- [Release notes](https://github.com/rivo/uniseg/releases)
- [Commits](rivo/uniseg@v0.4.4...v0.4.7)

Updates `github.com/sassoftware/go-rpmutils` from 0.2.0 to 0.4.0
- [Release notes](https://github.com/sassoftware/go-rpmutils/releases)
- [Commits](sassoftware/go-rpmutils@v0.2.0...v0.4.0)

Updates `github.com/sergi/go-diff` from 1.3.1 to 1.3.2-0.20230802210424-5b0b94c5c0d3
- [Commits](https://github.com/sergi/go-diff/commits)

Updates `github.com/shirou/gopsutil/v3` from 3.23.11 to 3.23.12
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](shirou/gopsutil@v3.23.11...v3.23.12)

Updates `github.com/shopspring/decimal` from 1.3.1 to 1.4.0
- [Release notes](https://github.com/shopspring/decimal/releases)
- [Changelog](https://github.com/shopspring/decimal/blob/master/CHANGELOG.md)
- [Commits](shopspring/decimal@v1.3.1...v1.4.0)

Updates `github.com/skeema/knownhosts` from 1.2.1 to 1.2.2
- [Commits](skeema/knownhosts@v1.2.1...v1.2.2)

Updates `github.com/spdx/tools-golang` from 0.5.3 to 0.5.5
- [Release notes](https://github.com/spdx/tools-golang/releases)
- [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md)
- [Commits](spdx/tools-golang@v0.5.3...v0.5.5)

Updates `github.com/sylabs/sif/v2` from 2.15.0 to 2.18.0
- [Release notes](https://github.com/sylabs/sif/releases)
- [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml)
- [Commits](sylabs/sif@v2.15.0...v2.18.0)

Updates `github.com/tklauser/go-sysconf` from 0.3.13 to 0.3.14
- [Release notes](https://github.com/tklauser/go-sysconf/releases)
- [Commits](tklauser/go-sysconf@v0.3.13...v0.3.14)

Updates `github.com/tklauser/numcpus` from 0.7.0 to 0.8.0
- [Release notes](https://github.com/tklauser/numcpus/releases)
- [Commits](tklauser/numcpus@v0.7.0...v0.8.0)

Updates `github.com/ulikunitz/xz` from 0.5.11 to 0.5.12
- [Commits](ulikunitz/xz@v0.5.11...v0.5.12)

Updates `github.com/vbatts/go-mtree` from 0.5.3 to 0.5.4
- [Release notes](https://github.com/vbatts/go-mtree/releases)
- [Changelog](https://github.com/vbatts/go-mtree/blob/main/releases.md)
- [Commits](vbatts/go-mtree@v0.5.3...v0.5.4)

Updates `github.com/yusufpapurcu/wmi` from 1.2.3 to 1.2.4
- [Release notes](https://github.com/yusufpapurcu/wmi/releases)
- [Commits](yusufpapurcu/wmi@v1.2.3...v1.2.4)

Updates `golang.org/x/crypto` from 0.21.0 to 0.25.0
- [Commits](golang/crypto@v0.21.0...v0.25.0)

Updates `golang.org/x/exp` from 0.0.0-20230510235704-dd950f8aeaea to 0.0.0-20240719175910-8a7402abbf56
- [Commits](https://github.com/golang/exp/commits)

Updates `golang.org/x/mod` from 0.14.0 to 0.19.0
- [Commits](golang/mod@v0.14.0...v0.19.0)

Updates `golang.org/x/net` from 0.23.0 to 0.27.0
- [Commits](golang/net@v0.23.0...v0.27.0)

Updates `golang.org/x/sync` from 0.5.0 to 0.7.0
- [Commits](golang/sync@v0.5.0...v0.7.0)

Updates `golang.org/x/sys` from 0.18.0 to 0.22.0
- [Commits](golang/sys@v0.18.0...v0.22.0)

Updates `golang.org/x/text` from 0.14.0 to 0.16.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.14.0...v0.16.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20231120223509-83a465c0220f to 0.0.0-20240123012728-ef4313101c80
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.59.0 to 1.62.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.59.0...v1.62.0)

Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.1

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/paketo-buildpacks/occam
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/paketo-buildpacks/packit/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/ForestEckhardt/freezer
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/andybalholm/brotli
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/cenkalti/backoff/v4
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/cloudflare/circl
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/distribution/reference
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/docker/docker-credential-helpers
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/docker/go-connections
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/google/go-containerregistry
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/google/uuid
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/huandu/xstrings
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/klauspost/compress
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/knqyf263/go-rpmdb
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/mattn/go-runewidth
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/moby/sys/sequential
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/pierrec/lz4/v4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/rivo/uniseg
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/sassoftware/go-rpmutils
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/sergi/go-diff
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/shopspring/decimal
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/skeema/knownhosts
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/spdx/tools-golang
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/sylabs/sif/v2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/tklauser/go-sysconf
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/tklauser/numcpus
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/ulikunitz/xz
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/vbatts/go-mtree
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/yusufpapurcu/wmi
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/exp
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: golang.org/x/mod
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/net
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/sync
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/sys
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/text
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner July 30, 2024 06:58
@dependabot dependabot bot added the failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow label Jul 30, 2024
@paketo-bot paketo-bot added the semver:patch A change requiring a patch version bump label Jul 30, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 31, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jul 31, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-modules-5e243a7212 branch July 31, 2024 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow semver:patch A change requiring a patch version bump
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant