Bump the go-modules group with 21 updates #478

dependabot · 2023-09-27T02:59:20Z

Bumps the go-modules group with 21 updates:

Package	From	To
github.com/CycloneDX/cyclonedx-go	`0.7.1`	`0.7.2`
github.com/Microsoft/hcsshim	`0.11.0`	`0.11.1`
github.com/docker/docker-credential-helpers	`0.7.0`	`0.8.0`
github.com/go-git/go-billy/v5	`5.4.1`	`5.5.0`
github.com/go-git/go-git/v5	`5.6.1`	`5.9.0`
github.com/google/go-containerregistry	`0.14.0`	`0.16.1`
github.com/google/uuid	`1.3.0`	`1.3.1`
github.com/jinzhu/copier	`0.3.5`	`0.4.0`
github.com/klauspost/compress	`1.16.5`	`1.17.0`
github.com/klauspost/pgzip	`1.2.5`	`1.2.6`
github.com/opencontainers/runc	`1.1.5`	`1.1.9`
github.com/pierrec/lz4/v4	`4.1.17`	`4.1.18`
github.com/sirupsen/logrus	`1.9.1`	`1.9.3`
github.com/skeema/knownhosts	`1.2.0`	`1.2.1`
github.com/spdx/tools-golang	`0.5.0`	`0.5.3`
github.com/spf13/afero	`1.9.5`	`1.10.0`
github.com/spf13/cast	`1.5.0`	`1.5.1`
github.com/sylabs/sif/v2	`2.11.1`	`2.14.1`
github.com/testcontainers/testcontainers-go	`0.21.0`	`0.24.1`
github.com/vbatts/tar-split	`0.11.3`	`0.11.5`
google.golang.org/grpc	`1.57.0`	`1.58.2`

Updates github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.7.2

This is a bugfix release that ships with minimal support for the CycloneDX v1.5 specification.

Full support is being worked on and planned to be released soon. The progress may be tracked in #90.

The reason for publishing partial support like this is to allow the consumption of v1.5 BOMs, which fails with cyclonedx-go <= v0.7.1.

Warning
The default SpecVersion has been updated to SpecVersion1_5. If your application generates BOMs, and you're not ready (or willing) to distribute BOMs following the v1.5 specification yet, consider using EncodeVersion to generate output for an older version of the spec.

Changelog

Features

7128a921f3e83a43feef75bc8ab95642c236ef82: feat: raise baseline go version to 1.18 (@nscuro)

Fixes

ff719b64835af6e75dcfd6e7ff90d070f271ae07: fix: unmarshal bom on v1.5 return invalid specification version (@chen-keinan)

Building and Packaging

966c223154527621395473cc045a7672609c879f: build(deps): bump CycloneDX/gh-gomod-generate-sbom from 1.1.0 to 2.0.0 (@dependabot[bot])

1e83e8598d07b6303522cb63458be2577223f8d3: build(deps): bump actions/checkout from 3.5.0 to 3.5.1 (@dependabot[bot])

78f6593ed81da036aec671c19ea937b3a80586bf: build(deps): bump actions/checkout from 3.5.1 to 3.5.2 (@dependabot[bot])

868f6db7d03da581dbe9b6d283acd6c477529c0a: build(deps): bump actions/checkout from 3.5.2 to 3.5.3 (@dependabot[bot])

5885827e4246b82e08d37f6f0b95c6c0a4ef821b: build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (@dependabot[bot])

d772b5438430be7879f3a4e7064c1ccbdbf153a1: build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 (@dependabot[bot])

578e8621c93869b9e0368eebb619cd96c7e9e2bb: build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.4 (@dependabot[bot])

f83e6a7c9d196eff9f99ecf8291cd4adeabce31a: build(deps): bump gitpod/workspace-go from 2be827f to 910daeb (@dependabot[bot])

cd7b23a68ff1c7467e211c9c69f9fb67c2244043: build(deps): bump gitpod/workspace-go from 910daeb to d7a41f5 (@dependabot[bot])

668553d1667110b8b34c7a4a954c3ac4707816ba: build(deps): bump gitpod/workspace-go from d7a41f5 to f37c673 (@dependabot[bot])

d9a5f8cf07fa834c02969fba2128bdb14c0865ff: build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (@dependabot[bot])

66f96dfacf866f8d2ca686659e964fc535c72f92: build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (@dependabot[bot])

8b51c39974573c22ba0a14ba1d5a0cd5b50c68fa: build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (@dependabot[bot])

e44f7de374a51cd1228117d43ccedfdcbe50cd73: build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (@dependabot[bot])

6360fe1474853e461a6af83fc6214882b4647f09: build(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (@dependabot[bot])

Others

a06990657b338db19fec11a677ea915eea2b5c74: feat(spec1-5): add initial support for spec v1.5 (@nscuro)

67a7567143eb3373099f100bbe17143239cf5d4e: feat(spec1-5): add licensing, license properties, and license bom-ref (@nscuro)

d2f3bb95bf740da7a6d36c6a1c324356afed5356: feat(spec1-5): add lifecycle support (@nscuro)

eb041b55b2eb8685a37be6f7a9c265fb6528377b: feat(spec1-5): add new component types (@nscuro)

c45ba618028d9f0cb593784e6483f4392a78ff3b: feat(spec1-5): add new external reference types (@nscuro)

d84947d74d7df97f851211bf7b72786e3583b9e3: feat(spec1-5): add support for annotations (@nscuro)

0ba04965ce8c5df710eb2a1cae1e7546ffb6321b: feat(spec1-5): bump schema to 1.5 for round-trip tests (@nscuro)

4e20914ebfc2aa80fbe0fa32650567554ebaaf49: misc(dx): add project icon for intellij and goland (@nscuro)

Commits

83031d6 Merge pull request #117 from CycloneDX/dependabot/github_actions/golangci/gol...
8b51c39 build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0
0ed4535 Merge pull request #114 from CycloneDX/dependabot/github_actions/goreleaser/g...
6360fe1 build(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0
5c1db8e Merge pull request #113 from CycloneDX/dependabot/github_actions/actions/setu...
d772b54 build(deps): bump actions/setup-go from 4.0.1 to 4.1.0
3d592d2 Merge pull request #112 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
668553d build(deps): bump gitpod/workspace-go from d7a41f5 to f37c673
fdeec7e Merge pull request #111 from CycloneDX/idea-project-icon
4e20914 misc(dx): add project icon for intellij and goland
Additional commits viewable in compare view

Updates github.com/Microsoft/hcsshim from 0.11.0 to 0.11.1

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.11.1

What's Changed

Fix closing stdin (#1899) by @rumpl

defaulting to unbuffered reader for dmverity hashing (#1887) by @SethHollandsworth

Cleanup tests that are skipped in CI by @kiashok

skip failing test, use gotestsum (#1820) by @helsaawy

fix integration test failure (#1799) by @helsaawy

update to latest containerd/1.6 tag v1.6.23 by @kiashok

Full Changelog: microsoft/hcsshim@v0.11.0...v0.11.1

Commits

641f8b8 Fix closing stdin (#1899)
b497608 defaulting to unbuffered reader for dmverity hashing (#1887)
134c4a2 Cleanup tests that are skipped in CI:
eb50291 skip failing test, use gotestsum (#1820)
d10bd0b Checkout appropriate containerd ref
623db83 fix integration test failure (#1799)
7e652d5 update to latest containerd/1.6 tag v1.6.23
cba2f73 Revert "[release/0.11] Cherry-pick testing fixes from v0.10.0-rc.9 and update...
9c3272e [release/0.11] Cherry-pick testing fixes from v0.10.0-rc.9 and update contain...
See full diff in compare view

Updates github.com/docker/docker-credential-helpers from 0.7.0 to 0.8.0

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.8.0

What's Changed

wincred: windows/arm64 support by @crazy-max in docker/docker-credential-helpers#279

osxkeychain: Delete(): return typed errors by @thaJeztah in docker/docker-credential-helpers#278

osxkeychain: match min macos version for xx by @crazy-max in docker/docker-credential-helpers#283

pass: fix interpolation of $PASSWORD_STORE_DIR, and use os.UserHomeDir() by @thaJeztah in docker/docker-credential-helpers#287

cli: assorted improvements, and add --version, -v, and --help, -h flags by @thaJeztah in docker/docker-credential-helpers#284

vendor: github.com/danieljoos/wincred v1.2.0 by @thaJeztah in docker/docker-credential-helpers#271

vendor: golang.org/x/sys v0.7.0 by @crazy-max in docker/docker-credential-helpers#265

chore: update go to 1.20.6 by @crazy-max @thaJeztah in docker/docker-credential-helpers#297 docker/docker-credential-helpers#293 docker/docker-credential-helpers#281 docker/docker-credential-helpers#263

chore: use go build constraint by @crazy-max in docker/docker-credential-helpers#289

credentials: fix minor nits in tests for credentials by @thaJeztah in docker/docker-credential-helpers#291

credentials: improve errors and error-handling by @thaJeztah in docker/docker-credential-helpers#292

chore: remove uses of golang.org/x/sys/execabs by @thaJeztah in docker/docker-credential-helpers#270

chore: format code with gofumpt by @thaJeztah in docker/docker-credential-helpers#273

chore: rewrite tests to use sub-tests, improve error-handling in tests, and use t.Cleanup() by @thaJeztah in docker/docker-credential-helpers#275

chore: use designated domains in tests (RFC2606) (step 1) by @thaJeztah in docker/docker-credential-helpers#294

chore: fix vendor validation by @crazy-max in docker/docker-credential-helpers#253

chore: update xx to 1.2.1 by @crazy-max in docker/docker-credential-helpers#264

chore: use same target for sandboxed and native tests by @crazy-max in docker/docker-credential-helpers#285

ci: bump runners to ubuntu-22.04 by @crazy-max in docker/docker-credential-helpers#276

chore: add CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md by @thaJeztah in docker/docker-credential-helpers#272

chore: fix build status badge being broken by @okrc in docker/docker-credential-helpers#252

docs: install emulators when building with docker by @crazy-max in docker/docker-credential-helpers#286

New Contributors

@okrc made their first contribution in docker/docker-credential-helpers#252

Full Changelog: docker/docker-credential-helpers@v0.7.0...v0.8.0

Commits

8396edb Merge pull request #297 from thaJeztah/update_go_1.20.6
a3d1ffc update go to go1.20.6
c03d56c deb: update to golang bullseye
7f48455 Merge pull request #294 from thaJeztah/use_designated_domains_step1
a90e3fa secretservice: use designated domains in tests (RFC2606)
ffb3232 pass: use designated domains in tests (RFC2606)
1050848 client: use designated domains in tests (RFC2606)
7d66ae0 osxkeychain: use designated domains in tests (RFC2606)
13475b4 credentials: use designated domains in tests (RFC2606)
91af1de registryurl: use designated domains in tests (RFC2606)
Additional commits viewable in compare view

Updates github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0

Release notes

Sourced from github.com/go-git/go-billy/v5's releases.

v5.5.0

What's Changed

*: Bump dependencies and go.mod to Go 1.18. Add codeQL workflow. by @pjbgf in go-git/go-billy#30

osfs: Add new BoundOS type by @pjbgf in go-git/go-billy#31

Re-introduce osfs.Default by @pjbgf in go-git/go-billy#33

Revert back to upstream github.com/cyphar/filepath-securejoin by @pjbgf in go-git/go-billy#34

Full Changelog: go-git/go-billy@v5.4.1...v5.5.0

Commits

5c1dfec Merge pull request #34 from pjbgf/bump-scj
3994cd7 osfs: Add WithDeduplicatePath
e223a66 Bump github.com/cyphar/filepath-securejoin
ca80085 Merge pull request #33 from pjbgf/default
74a6e60 Re-introduce osfs.Default
1d4d3d3 Merge pull request #31 from pjbgf/new-osfs
3c59de8 osfs: Add new BoundOS type
dafe8bc build: Bump Go to 1.19
326c59f Merge pull request #30 from pjbgf/updates
c88853b *: Add CodeQL workflow
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.6.1 to 5.9.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.9.0

What's Changed

git: worktree: add Amend option to CommitOptions by @john-cai in go-git/go-git#438

git: worktree, reset ignored files that are part of the worktree: Fixes #819 by @daolis in go-git/go-git#821

plumbing: Do not swallow http message coming from VCS providers by @matejrisek in go-git/go-git#835

plumbing: transport, handle IPv6 while parsing endpoint. Fixes #740 by @ninedraft in go-git/go-git#820

*: update goproxy dependency to fix CVE-2023-37788 vulnerability by @svghadi in go-git/go-git#832

*: bump dependencies and Go to 1.19 by @pjbgf in go-git/go-git#837

New Contributors

@svghadi made their first contribution in go-git/go-git#832

@daolis made their first contribution in go-git/go-git#821

Full Changelog: go-git/go-git@v5.8.1...v5.9.0

v5.8.1

What's Changed

*: Bump dependencies by @pjbgf in go-git/go-git#815

Full Changelog: go-git/go-git@v5.8.0...v5.8.1

v5.8.0

What's Changed

git: Fix fetching after shallow clone. Fixes #305 by @AriehSchneier in go-git/go-git#778

git: enable fetch with unqualified references by @AriehSchneier in go-git/go-git#762

git: don't add to want if exists, shallow and depth 1 by @AriehSchneier in go-git/go-git#763

git: Clone HEAD should not force master. Fixes #363 by @AriehSchneier in go-git/go-git#758

git: fix the issue with submodules having the SCP style URL fail due to the wrong URL parsing by @matejrisek in go-git/go-git#756

git: add a clone option to allow for shallow cloning of submodules by @matejrisek in go-git/go-git#765

worktree: minor speedup for doAddDirectory by @ThinkChaos in go-git/go-git#702

_examples: Remove wrong comment by @pascal-hofmann in go-git/go-git#357

*: Handle paths starting with tilde by @ricci2511 in go-git/go-git#808

*: Handle paths starting with ~Username by @AriehSchneier in go-git/go-git#809

storage: filesystem/dotgit, add support for tmp_objdir prefix by @L11R in go-git/go-git#812

plumbing: gitignore, replace user dir in path by @Jleagle in go-git/go-git#772

plumbing: gitignore, fix incorrect parsing. Fixes #500 by @AriehSchneier in go-git/go-git#781

plumbing: http, Fix empty repos on Git v2.41+ by @pjbgf in go-git/go-git#802

plumbing: packp, A request is not empty if it contains shallows. Fixes #328 by @AriehSchneier in go-git/go-git#792

plumbing: blame, Complete rewrite. Fixes #603 by @AriehSchneier in go-git/go-git#789

plumbing: gitignore, Allow gitconfig to contain a gitignore relative to any user home. Fixes #578 by @AriehSchneier in go-git/go-git#785

New Contributors

@Jleagle made their first contribution in go-git/go-git#772

@pascal-hofmann made their first contribution in go-git/go-git#357

@ricci2511 made their first contribution in go-git/go-git#808

@L11R made their first contribution in go-git/go-git#812

Full Changelog: go-git/go-git@v5.7.0...v5.7.1

... (truncated)

Commits

e24e0f7 *: Bump go-billy to v5.5.0
ff0bd08 Merge pull request #837 from pjbgf/bump
cbbeb49 *: Bump to Go 1.19
cf3a75c *: Bump dependencies
51e9c9f Merge pull request #835 from matejrisek/feature/do-not-swallow-vcs-host-errors
5ad72db plumbing: Do not swallow http message coming from VCS providers.
0377d06 Merge pull request #821 from daolis/bug/resetfix
753b0d5 git: worktree, reset ignored files that are part of the worktree: Fixes #819
cd3a21c Merge pull request #832 from svghadi/CVE-2023-37788
f71a449 *: Bump goproxy dep. Fixes #826
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.14.0 to 0.16.1

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.16.1

Release is broken due to goreleaser error, 0.16.1 has the fix

What's Changed

bump deps using ./hack/bump-deps.sh by @imjasonh in google/go-containerregistry#1702

Allow crane to export schema 1 images by @jonjohnsonjr in google/go-containerregistry#1704

fixed a goroutine leak by @ktarplee in google/go-containerregistry#1705

retry HTTP 522 errors by default by @imjasonh in google/go-containerregistry#1707

Limit size of manifest by @AdamKorcz in google/go-containerregistry#1711

Add crane auth token by @jonjohnsonjr in google/go-containerregistry#1709

Bump codecov/codecov-action from 3.1.3 to 3.1.4 by @dependabot in google/go-containerregistry#1710

Pass scopes through crane auth token by @jonjohnsonjr in google/go-containerregistry#1713

fix: add bounds checking to addendum layer mutations to prevent panic by @aaron-prindle in google/go-containerregistry#1715

Surface better error messages in crane index by @jonjohnsonjr in google/go-containerregistry#1722

crane: add missing name option in crane index commands by @HubertZhang in google/go-containerregistry#1723

crane: Respect cmd.OutOrStdout by @kyleconroy in google/go-containerregistry#1728

Make ErrSchema1 checkable via errors.Is() by @Laitr0n in google/go-containerregistry#1721

Don't load into daemon if the image already exists by @jonjohnsonjr in google/go-containerregistry#1724

add --blobs-to-disk to 'crane registry serve' by @imjasonh in google/go-containerregistry#1731

Correct crane registry help text by @jonjohnsonjr in google/go-containerregistry#1732

Allow concurrent blob Sets, use RWMutex by @mattmoor in google/go-containerregistry#1733

Use RWLock, limit scope of locking, write digest first by @mattmoor in google/go-containerregistry#1734

Let the filesystem handle atomicity by @mattmoor in google/go-containerregistry#1735

Don't try cross-origin mounting against dockerhub by @jonjohnsonjr in google/go-containerregistry#1743

Drop localhost to support crane registry serve in a container by @mattmoor in google/go-containerregistry#1746

Return OCI Index content-type for referrers response by @jdolitsky in google/go-containerregistry#1762

New Contributors

@AdamKorcz made their first contribution in google/go-containerregistry#1711

@HubertZhang made their first contribution in google/go-containerregistry#1723

@kyleconroy made their first contribution in google/go-containerregistry#1728

@Laitr0n made their first contribution in google/go-containerregistry#1721

Full Changelog: google/go-containerregistry@v0.15.2...v0.16.1

Container Images

https://gcr.io/go-containerregistry/crane:v0.16.1 https://gcr.io/go-containerregistry/gcrane:v0.16.1

For example:
docker pull gcr.io/go-containerregistry/crane:v0.16.1
docker pull gcr.io/go-containerregistry/gcrane:v0.16.1
v0.16.0

Release is broken due to goreleaser error, 0.16.1 has the fix

... (truncated)

Commits

a54d642 fix: pin to goreleaser v1.18 to unblock release (#1763)
ea19b57 Return OCI Index content-type for referrers response (#1762)
b850480 Drop localhost to support crane registry serve in a container (#1746)
fe268b7 Don't try cross-origin mounting against dockerhub (#1743)
2472cbb Let the filesystem handle atomicity (#1735)
db818dc Use RWLock, limit scope of locking, write digest first (#1734)
44a6e2e Allow concurrent blob Sets, use RWMutex (#1733)
9010ce1 Correct crane registry help text (#1732)
03ad2ac add --blobs-to-disk to 'crane registry serve' (#1731)
4e4b03a Don't load into daemon if the image already exists (#1724)
Additional commits viewable in compare view

Updates github.com/google/uuid from 1.3.0 to 1.3.1

Release notes

Sourced from github.com/google/uuid's releases.

v1.3.1

1.3.1 (2023-08-18)

Bug Fixes

Use .EqualFold() to parse urn prefixed UUIDs (#118) (574e687)

Changelog

Sourced from github.com/google/uuid's changelog.

1.3.1 (2023-08-18)

Bug Fixes

Use .EqualFold() to parse urn prefixed UUIDs (#118) (574e687)

Changelog

Commits

b3cae7c chore(master): release 1.3.1 (#127)
7b8f57c fix(ci): switch to release-please app (#126)
e69e468 chore(ci): configure release-please, update contrib (#122)
97c970d chore(ci): add apidiff check for API compatibility (#123)
53f93a8 docs: change godoc URL in README (#124)
0b416df docs: update link to RFC 4122 (#93)
75e1ac5 docs: shell format go tool command (#111)
d719869 docs: fix typo node_js docs (#117)
574e687 fix: Use .EqualFold() to parse urn prefixed UUIDs (#118)
c91929c Merge pull request #121 from noahdietz/setup-codeowners-and-actions
Additional commits viewable in compare view

Updates github.com/jinzhu/copier from 0.3.5 to 0.4.0

Commits

70b1d4e Merge pull request #190 from driventokill/feature/custom-field-names
1835b1a ci: upgrade ci go version >=1.17
5a54efd style: format copier_file_name_mapping_test.go
bacc10b fix: use CaseSensitive=true for legacy test cases
7d39583 feat: Support custom file name mappings
83982c7 Merge pull request #177 from jiang4869/master
f036a42 Merge pull request #178 from QianChenglong/master
1885609 Merge pull request #180 from driventokill/issue/170
780b83e fix: several issues while copy with custom converter
61dc501 support case-insensitive copy
Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.16.5 to 1.17.0

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.0

What's Changed

Add dictionary builder by @klauspost in klauspost/compress#853

Add xerial snappy read/writer by @klauspost in klauspost/compress#838

flate: Add limited window compression by @klauspost in klauspost/compress#843

s2: Do 2 overlapping match checks by @klauspost in klauspost/compress#839

flate: Add amd64 assembly matchlen by @klauspost in klauspost/compress#837

gzip: Copy bufio.Reader on Reset by @thatguystone in klauspost/compress#860

zstd: Remove offset from bitReader by @greatroar in klauspost/compress#854

fse, huff0, zstd: Remove always-nil error returns by @greatroar in klauspost/compress#857

tests: unnecessary use of fmt.Sprintf by @testwill in klauspost/compress#836

tests: Fix OSS fuzzer t.Run by @klauspost in klauspost/compress#852

tests: Use Go 1.21.x by @klauspost in klauspost/compress#851

New Contributors

@testwill made their first contribution in klauspost/compress#836

@thatguystone made their first contribution in klauspost/compress#860

Full Changelog: klauspost/compress@v1.16.7...v1.17.0

v1.16.7

What's Changed

zstd: Fix default level first dictionary encode by @klauspost in klauspost/compress#829

docs: Fix typo in security advisory URL by @vcabbage in klauspost/compress#830

s2: add GetBufferCapacity() method by @GiedriusS in klauspost/compress#832

New Contributors

@vcabbage made their first contribution in klauspost/compress#830

@GiedriusS made their first contribution in klauspost/compress#832

Full Changelog: klauspost/compress@v1.16.6...v1.16.7

v1.16.6

What's Changed

zstd: correctly ignore WithEncoderPadding(1) by @ianlancetaylor in klauspost/compress#806

gzhttp: Handle informational headers by @rtribotte in klauspost/compress#815

zstd: Add amd64 match length assembly by @klauspost in klauspost/compress#824

s2: Improve Better compression slightly by @klauspost in klauspost/compress#663

s2: Clean up matchlen assembly by @klauspost in klauspost/compress#825

New Contributors

@rtribotte made their first contribution in klauspost/compress#815

@dveeden made their first contribution in klauspost/compress#816

Full Changelog: klauspost/compress@v1.16.5...v1.16.6

Commits

fd16146 gzip: Copy bufio.Reader on Reset (#860)
0e8837c fse, huff0, zstd: Remove always-nil error returns (#857)
11e91a1 Add dictionary builder (#853)
66f41b3 Update README.md
0836a1c zstd: Remove offset from bitReader (#854)
11b5108 tests: Use Go 1.21.x (#851)
ecf01d0 tests: Fix OSS fuzzer t.Run (#852)
b404607 flate: Add limited window compression (#843)
c1dcc38 s2: Do 2 overlapping match checks (#839)
895291c Add xerial snappy read/writer (#838)
Additional commits viewable in compare view

Updates github.com/klauspost/pgzip from 1.2.5 to 1.2.6

Release notes

Sourced from github.com/klauspost/pgzip's releases.

v1.2.6

What's Changed

AddingPowerSupport_CI/Testing by @santosh653 in klauspost/pgzip#37

Change LICENSE back to the original MIT License by @cfiderer in klauspost/pgzip#47

Update README.md by @lukasmalkmus in klauspost/pgzip#48

RFC: Consume z.current prepared by Reader.Read in Reader.WriteTo by @mtrmac in klauspost/pgzip#50

New Contributors

@santosh653 made their first contribution in klauspost/pgzip#37

@cfiderer made their first contribution in klauspost/pgzip#47

@lukasmalkmus made their first contribution in klauspost/pgzip#48

@mtrmac made their first contribution in klauspost/pgzip#50

Full Changelog: klauspost/pgzip@v1.2.5...v1.2.6

Commits

17e8dac Consume z.current prepared by Reader.Read in Reader.WriteTo (#50)
f5d9792 Update README.md
5060573 Update README.md (#48)
867eb6f Change LI...
Description has been truncated

Bumps the go-modules group with 21 updates: | Package | From | To | | --- | --- | --- | | [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) | `0.7.1` | `0.7.2` | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.11.0` | `0.11.1` | | [github.com/docker/docker-credential-helpers](https://github.com/docker/docker-credential-helpers) | `0.7.0` | `0.8.0` | | [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy) | `5.4.1` | `5.5.0` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.6.1` | `5.9.0` | | [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.14.0` | `0.16.1` | | [github.com/google/uuid](https://github.com/google/uuid) | `1.3.0` | `1.3.1` | | [github.com/jinzhu/copier](https://github.com/jinzhu/copier) | `0.3.5` | `0.4.0` | | [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.16.5` | `1.17.0` | | [github.com/klauspost/pgzip](https://github.com/klauspost/pgzip) | `1.2.5` | `1.2.6` | | [github.com/opencontainers/runc](https://github.com/opencontainers/runc) | `1.1.5` | `1.1.9` | | [github.com/pierrec/lz4/v4](https://github.com/pierrec/lz4) | `4.1.17` | `4.1.18` | | [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.1` | `1.9.3` | | [github.com/skeema/knownhosts](https://github.com/skeema/knownhosts) | `1.2.0` | `1.2.1` | | [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) | `0.5.0` | `0.5.3` | | [github.com/spf13/afero](https://github.com/spf13/afero) | `1.9.5` | `1.10.0` | | [github.com/spf13/cast](https://github.com/spf13/cast) | `1.5.0` | `1.5.1` | | [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) | `2.11.1` | `2.14.1` | | [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) | `0.21.0` | `0.24.1` | | [github.com/vbatts/tar-split](https://github.com/vbatts/tar-split) | `0.11.3` | `0.11.5` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.57.0` | `1.58.2` | Updates `github.com/CycloneDX/cyclonedx-go` from 0.7.1 to 0.7.2 - [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases) - [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml) - [Commits](CycloneDX/cyclonedx-go@v0.7.1...v0.7.2) Updates `github.com/Microsoft/hcsshim` from 0.11.0 to 0.11.1 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.11.0...v0.11.1) Updates `github.com/docker/docker-credential-helpers` from 0.7.0 to 0.8.0 - [Release notes](https://github.com/docker/docker-credential-helpers/releases) - [Commits](docker/docker-credential-helpers@v0.7.0...v0.8.0) Updates `github.com/go-git/go-billy/v5` from 5.4.1 to 5.5.0 - [Release notes](https://github.com/go-git/go-billy/releases) - [Commits](go-git/go-billy@v5.4.1...v5.5.0) Updates `github.com/go-git/go-git/v5` from 5.6.1 to 5.9.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.6.1...v5.9.0) Updates `github.com/google/go-containerregistry` from 0.14.0 to 0.16.1 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.14.0...v0.16.1) Updates `github.com/google/uuid` from 1.3.0 to 1.3.1 - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.3.0...v1.3.1) Updates `github.com/jinzhu/copier` from 0.3.5 to 0.4.0 - [Commits](jinzhu/copier@v0.3.5...v0.4.0) Updates `github.com/klauspost/compress` from 1.16.5 to 1.17.0 - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](klauspost/compress@v1.16.5...v1.17.0) Updates `github.com/klauspost/pgzip` from 1.2.5 to 1.2.6 - [Release notes](https://github.com/klauspost/pgzip/releases) - [Commits](klauspost/pgzip@v1.2.5...v1.2.6) Updates `github.com/opencontainers/runc` from 1.1.5 to 1.1.9 - [Release notes](https://github.com/opencontainers/runc/releases) - [Changelog](https://github.com/opencontainers/runc/blob/v1.1.9/CHANGELOG.md) - [Commits](opencontainers/runc@v1.1.5...v1.1.9) Updates `github.com/pierrec/lz4/v4` from 4.1.17 to 4.1.18 - [Commits](pierrec/lz4@v4.1.17...v4.1.18) Updates `github.com/sirupsen/logrus` from 1.9.1 to 1.9.3 - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](sirupsen/logrus@v1.9.1...v1.9.3) Updates `github.com/skeema/knownhosts` from 1.2.0 to 1.2.1 - [Commits](skeema/knownhosts@v1.2.0...v1.2.1) Updates `github.com/spdx/tools-golang` from 0.5.0 to 0.5.3 - [Release notes](https://github.com/spdx/tools-golang/releases) - [Changelog](https://github.com/spdx/tools-golang/blob/main/RELEASE-NOTES.md) - [Commits](spdx/tools-golang@v0.5.0...v0.5.3) Updates `github.com/spf13/afero` from 1.9.5 to 1.10.0 - [Release notes](https://github.com/spf13/afero/releases) - [Commits](spf13/afero@v1.9.5...v1.10.0) Updates `github.com/spf13/cast` from 1.5.0 to 1.5.1 - [Release notes](https://github.com/spf13/cast/releases) - [Commits](spf13/cast@v1.5.0...v1.5.1) Updates `github.com/sylabs/sif/v2` from 2.11.1 to 2.14.1 - [Release notes](https://github.com/sylabs/sif/releases) - [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml) - [Commits](sylabs/sif@v2.11.1...v2.14.1) Updates `github.com/testcontainers/testcontainers-go` from 0.21.0 to 0.24.1 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.21.0...v0.24.1) Updates `github.com/vbatts/tar-split` from 0.11.3 to 0.11.5 - [Release notes](https://github.com/vbatts/tar-split/releases) - [Commits](vbatts/tar-split@v0.11.3...v0.11.5) Updates `google.golang.org/grpc` from 1.57.0 to 1.58.2 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.57.0...v1.58.2) --- updated-dependencies: - dependency-name: github.com/CycloneDX/cyclonedx-go dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/Microsoft/hcsshim dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/docker/docker-credential-helpers dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/go-git/go-billy/v5 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/go-git/go-git/v5 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/google/go-containerregistry dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/google/uuid dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/jinzhu/copier dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/klauspost/compress dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/klauspost/pgzip dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/opencontainers/runc dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/pierrec/lz4/v4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/sirupsen/logrus dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/skeema/knownhosts dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/spdx/tools-golang dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/spf13/afero dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/spf13/cast dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/sylabs/sif/v2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/testcontainers/testcontainers-go dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/vbatts/tar-split dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: google.golang.org/grpc dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from a team as a code owner September 27, 2023 02:59

dependabot bot requested review from ryanmoran and paketo-bot-reviewer September 27, 2023 02:59

dependabot bot added the failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow label Sep 27, 2023

paketo-bot added the semver:patch A change requiring a patch version bump label Sep 27, 2023

dependabot bot force-pushed the dependabot/go_modules/go-modules-001dfcc0aa branch 3 times, most recently from 43290e7 to 1e592bb Compare September 27, 2023 08:07

dependabot bot force-pushed the dependabot/go_modules/go-modules-001dfcc0aa branch from 1e592bb to f73c2c8 Compare September 27, 2023 08:37

ForestEckhardt approved these changes Sep 27, 2023

View reviewed changes

ForestEckhardt merged commit 7f21d96 into main Sep 27, 2023
8 checks passed

ForestEckhardt deleted the dependabot/go_modules/go-modules-001dfcc0aa branch September 27, 2023 14:24

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-modules group with 21 updates #478

Bump the go-modules group with 21 updates #478

dependabot bot commented on behalf of github Sep 27, 2023 •

edited

Loading

Bump the go-modules group with 21 updates #478

Bump the go-modules group with 21 updates #478

Conversation

dependabot bot commented on behalf of github Sep 27, 2023 • edited Loading

v0.7.2

Changelog

Features

Fixes

Building and Packaging

Others

v0.11.1

What's Changed

v0.8.0

What's Changed

New Contributors

v5.5.0

What's Changed

v5.9.0

What's Changed

New Contributors

v5.8.1

What's Changed

v5.8.0

What's Changed

New Contributors

v0.16.1

What's Changed

New Contributors

Container Images

v0.16.0

v1.3.1

1.3.1 (2023-08-18)

Bug Fixes

1.3.1 (2023-08-18)

Bug Fixes

Changelog

v1.17.0

What's Changed

New Contributors

v1.16.7

What's Changed

New Contributors

v1.16.6

What's Changed

New Contributors

v1.2.6

What's Changed

New Contributors

dependabot bot commented on behalf of github Sep 27, 2023 •

edited

Loading