Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 (#360)
Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-logr/logr/releases">github.com/go-logr/logr's releases</a>.</em></p> <blockquote> <h2>v1.3.0</h2> <p>This release adds <a href="https://github.com/go-logr/logr#slog-interoperability">support for slog</a> in a new, self-contained <code>logr/slogr</code> package. Implementers of a <code>logr.LogSink</code> are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a <code>slog</code> API call.</p> <p><em>Breaking change</em>: the call depth for <code>LogSink.Enabled</code> when called via <code>Logger.Enabled</code> <a href="https://redirect.github.com/go-logr/logr/pull/218">was fixed</a> to be the same as for other call paths. Implementers of a <code>LogSink</code> who have worked around this bug will need to remove their workarounds.</p> <p>Security best practices were improved. Only Go versions >= 1.18 are supported by this release.</p> <h2>What's Changed</h2> <ul> <li>Fix golangci-lint fails by <a href="https://github.com/thockin"><code>@thockin</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/173">go-logr/logr#173</a></li> <li>Add minimal permissions to workflows by <a href="https://github.com/pnacht"><code>@pnacht</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/177">go-logr/logr#177</a></li> <li>Add a security policy by <a href="https://github.com/pnacht"><code>@pnacht</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/178">go-logr/logr#178</a></li> <li>Update security email by <a href="https://github.com/thockin"><code>@thockin</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/181">go-logr/logr#181</a></li> <li>docs: explain relationship between Logger{} and Discard() by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/182">go-logr/logr#182</a></li> <li>Add the OpenSSF Scorecard workflow by <a href="https://github.com/pnacht"><code>@pnacht</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/186">go-logr/logr#186</a></li> <li>README: show of OpenSSF Scorecard badge by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/187">go-logr/logr#187</a></li> <li>Hash-pin workflow Actions by <a href="https://github.com/pnacht"><code>@pnacht</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/189">go-logr/logr#189</a></li> <li>Bump go versions to 1.18+ by <a href="https://github.com/thockin"><code>@thockin</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/203">go-logr/logr#203</a></li> <li>slogr: add glue code for logging to slog.Handler and with slog.Logger by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/205">go-logr/logr#205</a></li> <li>slogr: restore original backend when converting back and forth by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/210">go-logr/logr#210</a></li> <li>slogr: add SlogSink by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/211">go-logr/logr#211</a></li> <li>Use same call depth for Enabled, Info, Error by <a href="https://github.com/thockin"><code>@thockin</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/218">go-logr/logr#218</a></li> <li>test: eliminate helper func by <a href="https://github.com/thockin"><code>@thockin</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/219">go-logr/logr#219</a></li> <li>docs: interoperability with slog by <a href="https://github.com/pohly"><code>@pohly</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/222">go-logr/logr#222</a></li> </ul> <hr /> <ul> <li>build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/190">go-logr/logr#190</a></li> <li>build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/191">go-logr/logr#191</a></li> <li>build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/192">go-logr/logr#192</a></li> <li>build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/193">go-logr/logr#193</a></li> <li>build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/194">go-logr/logr#194</a></li> <li>build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/207">go-logr/logr#207</a></li> <li>build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/206">go-logr/logr#206</a></li> <li>build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/209">go-logr/logr#209</a></li> <li>build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/208">go-logr/logr#208</a></li> <li>build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/214">go-logr/logr#214</a></li> <li>build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/217">go-logr/logr#217</a></li> <li>build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/220">go-logr/logr#220</a></li> <li>build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/221">go-logr/logr#221</a></li> <li>build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/223">go-logr/logr#223</a></li> <li>build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/224">go-logr/logr#224</a></li> <li>build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/225">go-logr/logr#225</a></li> <li>build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/226">go-logr/logr#226</a></li> <li>build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/227">go-logr/logr#227</a></li> <li>build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/228">go-logr/logr#228</a></li> <li>build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/229">go-logr/logr#229</a></li> <li>build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/231">go-logr/logr#231</a></li> <li>build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/go-logr/logr/pull/230">go-logr/logr#230</a></li> </ul> <h2>New Contributors</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-logr/logr/commit/8adefbede0fe82bdee4fb8c9c9bdc7bc5d91388f"><code>8adefbe</code></a> docs: interoperability with slog</li> <li><a href="https://github.com/go-logr/logr/commit/ebabbb9f842ece8e071e7bd5f3aad24ef2c5caa0"><code>ebabbb9</code></a> build(deps): bump github/codeql-action from 2.22.3 to 2.22.4</li> <li><a href="https://github.com/go-logr/logr/commit/9c361f0c6b82f1b7c80aeae1931dcb29419b4ffc"><code>9c361f0</code></a> build(deps): bump actions/checkout from 4.1.0 to 4.1.1</li> <li><a href="https://github.com/go-logr/logr/commit/d9b2b78a8aca5e8647d57ce5f4fe443d6e3cbffc"><code>d9b2b78</code></a> Merge pull request <a href="https://redirect.github.com/go-logr/logr/issues/229">#229</a> from go-logr/dependabot/github_actions/github/codeql-...</li> <li><a href="https://github.com/go-logr/logr/commit/91cec29072c9304afb8d6e11d1741d2485a3ca27"><code>91cec29</code></a> build(deps): bump github/codeql-action from 2.22.0 to 2.22.3</li> <li><a href="https://github.com/go-logr/logr/commit/2ea8628b184c8ed00c5698d7798d30e49deb454d"><code>2ea8628</code></a> Merge pull request <a href="https://redirect.github.com/go-logr/logr/issues/228">#228</a> from go-logr/dependabot/github_actions/github/codeql-...</li> <li><a href="https://github.com/go-logr/logr/commit/37a4f55ec5facfde57e756f7944cde3ade6b7ef0"><code>37a4f55</code></a> Merge pull request <a href="https://redirect.github.com/go-logr/logr/issues/227">#227</a> from go-logr/dependabot/github_actions/ossf/scorecard...</li> <li><a href="https://github.com/go-logr/logr/commit/ecf310cca3846ad80d4f91b6c8a41d993fc6f804"><code>ecf310c</code></a> build(deps): bump github/codeql-action from 2.21.9 to 2.22.0</li> <li><a href="https://github.com/go-logr/logr/commit/d73e05e53ca7754e7b2138ddc4f63a63d4ba1f5c"><code>d73e05e</code></a> build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0</li> <li><a href="https://github.com/go-logr/logr/commit/1d1c4150cbb153668b0831e1f0b1676f307f9455"><code>1d1c415</code></a> Merge pull request <a href="https://redirect.github.com/go-logr/logr/issues/226">#226</a> from go-logr/dependabot/github_actions/github/codeql-...</li> <li>Additional commits viewable in <a href="https://github.com/go-logr/logr/compare/v1.2.4...v1.3.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Loading branch information
