Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the backend group across 1 directory with 5 updates #4108

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the backend group across 1 directory with 5 updates #4108

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 21, 2024

Bumps the backend group with 5 updates in the / directory:

Package From To
github.com/aquasecurity/trivy 0.56.1 0.56.2
github.com/open-policy-agent/opa 0.68.1-0.20240903211041-76f7038ea2d1 0.69.0
github.com/prometheus/client_golang 1.20.4 1.20.5
google.golang.org/api 0.199.0 0.201.0
helm.sh/helm/v3 3.16.1 3.16.2

Updates github.com/aquasecurity/trivy from 0.56.1 to 0.56.2

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.56.2

Changelog

  • f2252c833d4dee18546577f0c32ceb83c8bf20ae release: v0.56.2 [release/v0.56] (#7694)
  • f6700ec10e819fb2fc0573782e87d2d31d2c50f1 fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#7702)
  • 25d2540f12272603bf27eb67f4b3fba52b1ddab8 fix(sbom): add options for DBs in private registries [backport: release/v0.56] (#7691)
Changelog

Sourced from github.com/aquasecurity/trivy's changelog.

0.56.2 (2024-10-10)

Bug Fixes

  • redhat: include arch in PURL qualifiers [backport: release/v0.56] (#7702) (f6700ec)
  • sbom: add options for DBs in private registries [backport: release/v0.56] (#7691) (25d2540)
Commits
  • f2252c8 release: v0.56.2 [release/v0.56] (#7694)
  • f6700ec fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#7702)
  • 25d2540 fix(sbom): add options for DBs in private registries [backport: release/v0.56...
  • See full diff in compare view

Updates github.com/open-policy-agent/opa from 0.68.1-0.20240903211041-76f7038ea2d1 to 0.69.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.69.0

This release contains a mix of features, bugfixes and necessary tooling and test changes required to support the upcoming OPA 1.0 release.

Inter-Query Value Cache (#6908)

OPA now has a new inter-query value cache added to the SDK. It is intended to be used for values that are expensive to compute and can be reused across multiple queries. The cache can be leveraged by built-in functions to store values that otherwise aren't appropriate for the existing inter-query cache; for instance when the entry size isn't an appropriate or primary limiting factor for cache eviction.

The default size of the inter-query value cache is unbounded, but can be configured via the caching.inter_query_builtin_value_cache.max_num_entries configuration field. OPA will drop random items from the cache if this limit is exceeded.

The cache is used by the regex and glob built-in functions, which previously had individual, non-configurable caches with a max entry size of 100 each.

Currently, the cache is only exercised when running OPA in server mode (ie. opa run -s). Also this feature is unsupported for WASM.

Authored by @​ashutosh-narkar, reported by @​amirsalarsafaei

Topdown and Rego

Runtime, Tooling, SDK

  • Future-proofing tests in the sdk, downlaod, server , cmd etc. packages to be 1.0 compatible (authored by @​johanfylling)
  • cmd: Add --v0-compatible flag to make OPA behave as v0.x post v1.0 release (#7065) authored by @​johanfylling
  • util: Strip UTF-8 BOM from input JSON when found (#6988) authored by @​anderseknert reported by @​adhilto
  • plugins/rest: Support reading AWS token from the filesystem for the AWS container credential provider (#6997) authored by @​cmaddalozzo
  • debug: Add RegoOption launch option to debugger for setting custom Rego options (#7045) authored by @​johanfylling
  • debug: Always include Input and Data variable scopes to ease discoverability of the scopes (#7074) authored by @​johanfylling
  • wasm: Fix arithmetic comparison for large numbers, caused by an integer overflow (#6991) authored by @​Ptroger

Docs, Website, Ecosystem

Miscellaneous

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.69.0

This release contains a mix of features, bugfixes and necessary tooling and test changes required to support the upcoming OPA 1.0 release.

Inter-Query Value Cache (#6908)

OPA now has a new inter-query value cache added to the SDK. It is intended to be used for values that are expensive to compute and can be reused across multiple queries. The cache can be leveraged by built-in functions to store values that otherwise aren't appropriate for the existing inter-query cache; for instance when the entry size isn't an appropriate or primary limiting factor for cache eviction.

The default size of the inter-query value cache is unbounded, but can be configured via the caching.inter_query_builtin_value_cache.max_num_entries configuration field. OPA will drop random items from the cache if this limit is exceeded.

The cache is used by the regex and glob built-in functions, which previously had individual, non-configurable caches with a max entry size of 100 each.

Currently, the cache is only exercised when running OPA in server mode (ie. opa run -s). Also this feature is unsupported for WASM.

Authored by @​ashutosh-narkar, reported by @​amirsalarsafaei

Topdown and Rego

Runtime, Tooling, SDK

  • Future-proofing tests in the sdk, downlaod, server , cmd etc. packages to be 1.0 compatible (authored by @​johanfylling)
  • cmd: Add --v0-compatible flag to make OPA behave as v0.x post v1.0 release (#7065) authored by @​johanfylling
  • util: Strip UTF-8 BOM from input JSON when found (#6988) authored by @​anderseknert reported by @​adhilto
  • plugins/rest: Support reading AWS token from the filesystem for the AWS container credential provider (#6997) authored by @​cmaddalozzo
  • debug: Add RegoOption launch option to debugger for setting custom Rego options (#7045) authored by @​johanfylling
  • debug: Always include Input and Data variable scopes to ease discoverability of the scopes (#7074) authored by @​johanfylling
  • wasm: Fix arithmetic comparison for large numbers, caused by an integer overflow (#6991) authored by @​Ptroger

Docs, Website, Ecosystem

... (truncated)

Commits

Updates github.com/prometheus/client_golang from 1.20.4 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

  • [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.
Commits

Updates google.golang.org/api from 0.199.0 to 0.201.0

Release notes

Sourced from google.golang.org/api's releases.

v0.201.0

0.201.0 (2024-10-15)

Features

v0.200.0

0.200.0 (2024-10-09)

Features

Changelog

Sourced from google.golang.org/api's changelog.

0.201.0 (2024-10-15)

Features

0.200.0 (2024-10-09)

Features

Commits

Updates helm.sh/helm/v3 from 3.16.1 to 3.16.2

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.2. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.16.3 is the next patch release and will be on November 13, 2024
  • 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

  • Revering change unrelated to issue #13176 13654a52f7c70a143b1dd51416d633e1071faffb (ricardo.bartels@telekom.de)
  • adds tests for handling of Helm index with broken chart versions #13176 9fc8f1b614e1a2f41afa36e081c89ead21cd63bb (ricardo.bartels@telekom.de)
  • improves handling of Helm index with broken helm chart versions #13176 961194d85dd0c9d18492a99c9193faa7f1556968 (ricardo.bartels@telekom.de)
  • Bump the k8s-io group with 7 updates f6be62b65a92c16927c24310885d01ecfb1d2aaf (dependabot[bot])
  • adding check-latest:true 27d44cf4c9cbdb05aaed038e970263a5b11c0b51 (Robert Sirchia)
  • Grammar fixes 46e0a0f9e44b56b0d2fc81cc0e624534662b1df7 (Nathan Baulch)
  • Fix typos a1bd541d17cd6d120635c1f65ada92edcd224517 (Nathan Baulch)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the backend group across 1 directory with 5 updates
0180e72 
Bumps the backend group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.56.1` | `0.56.2` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `0.68.1-0.20240903211041-76f7038ea2d1` | `0.69.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.20.4` | `1.20.5` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.199.0` | `0.201.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.16.1` | `3.16.2` |



Updates `github.com/aquasecurity/trivy` from 0.56.1 to 0.56.2
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/v0.56.2/CHANGELOG.md)
- [Commits](aquasecurity/trivy@v0.56.1...v0.56.2)

Updates `github.com/open-policy-agent/opa` from 0.68.1-0.20240903211041-76f7038ea2d1 to 0.69.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa/commits/v0.69.0)

Updates `github.com/prometheus/client_golang` from 1.20.4 to 1.20.5
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.20.4...v1.20.5)

Updates `google.golang.org/api` from 0.199.0 to 0.201.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.199.0...v0.201.0)

Updates `helm.sh/helm/v3` from 3.16.1 to 3.16.2
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.16.1...v3.16.2)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants