Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stable output: Add some more names to anonymous Method classes #169

Merged
merged 10 commits into from
Jan 19, 2024

Conversation

RobQuistNL
Copy link
Contributor

@RobQuistNL RobQuistNL commented Nov 16, 2023

Fix #54

The root issue of the seemingly "random" output is the fact that the sorting method only sorts on items that have a Name decalred. Some Method structs didn't have this by default (such as the unmarshal and enum methods).

I'm not sure if this is a clean solution, but for me it generates solid and stable output so diffs between generated versions are clean :)

What has been done

  • Added some arbitrary names to some methods

How to test

  • Did 2 generations of slightly different schema files and compared in a diff

To debug, you can add the following code in line 110 in pkg/codegen/model.go (see commit 96737c8):

	for i, decl := range sorted {
		log.Printf("Sorted: %+v %+v", i, decl)
	}

this shows the sorted output.

Todo

Maybe we should add automated tests?

EDIT:
Yep, just found the test data folder 🤡
Looks like this will need a lot of restructuring in that testing data.. but first let me know if this is the right way to go!

@omissis
Copy link
Owner

omissis commented Nov 16, 2023

uh-uh this solving this issue would be very appreciated @RobQuistNL ! :) I will take a look in the next days and hopefully merge it sooner than later! thanks for putting in the effort!

@RobQuistNL
Copy link
Contributor Author

Thanks! Yeah it was driving me nuts :+)

I see that there might be one annoying thing here though - the enumValues_ variables end up at the bottom of the generated file.

The actual enums + values do end up in the "proper" position - but I think this might be a rather small change to the code here.

Thanks for the project so far, has helped me greatly!

@RobQuistNL
Copy link
Contributor Author

Quick question - I got that figured out too - but to make it "sort" properly, the generated interfaces would end up with a different name.

Currently:

var enumValue_Method = []interface{}{
	"GET",
	"POST",
}

Proposed (which sorts it properly)

var Method_enumValues = []interface{}{
	"GET",
	"POST",
}

This is by changing the name. If you'd rather not change the name, we can make an exception in the sorter - if the string begins with enumValues_ - we filter out that piece of string to run the sorting logic. This does change the order, but it doesn't change any previously generated interface names. I think that option would be preferable? I'll implement the latter in a jiffy - LMK if you'd rather see it different.

Commit incoming :)

@RobQuistNL RobQuistNL changed the title Add some more names to anonymous Method classes for stable output Stable output: Add some more names to anonymous Method classes Nov 17, 2023
@RobQuistNL
Copy link
Contributor Author

hey @omissis sorry to bother you again, but any chance we can get this through?

Do you want me to restructure the test files or something? I'm not sure where they are at the moment but I can try to fix it if you'd like :)

@omissis
Copy link
Owner

omissis commented Dec 5, 2023

Hey @RobQuistNL I haven't forgotten about it, I will try to give it a look over the weekend

@omissis
Copy link
Owner

omissis commented Dec 17, 2023

hey @RobQuistNL sorry for not getting to this yet, I will try to take some time over xmas/new year's to review and merge this, as I would really like to have this improvement, too! 🙏

@RobQuistNL
Copy link
Contributor Author

No worries @omissis , I know how it is 😎
For the time being we're using my own branch so no real hurry from my end :) Take your time and don't forget to enjoy the years' ending too 🥳

@omissis omissis added this to the v0.16.0 milestone Jan 17, 2024
@omissis omissis self-requested a review January 17, 2024 21:16
Copy link
Owner

@omissis omissis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi! Thanks for the patience. I reviewed the PR and I think it looks quite nice. 👌

I don't have a strong opinion about the CleanNameForSorting workaround: I see the pros and cons of both approaches. I guess we could keep the "hack" for the sake of BC, even though a not too disruptive change like that in a 0.x release doesn't worry me too much to be honest. I reserve the right to change that in a future release for the sake of a simpler codebase 👹

That said, I'd like to ask you a couple things before we merge:

  • Fix the linting issues (I already added the suggestions so it should be very quick) 🙏
  • Update the go files in the tests folder

The latter item is a bit involved due to the current test setup (I'll see to make it easier in the future). Here's a little walkthrough of how you can do that:

# Remove all generated go code in the test folders
find tests/data -name "*.go" -exec rm {} \;

# Temporarily remove the integration tests
git co tests/unmarshal_test.go tests/validation_test.go

# Run the tests
make test

# Restore the integration tests
git co tests/unmarshal_test.go tests/validation_test.go

I have already done the steps above and checked the diffs, and they look good to me 💯

pkg/schemas/types.go Outdated Show resolved Hide resolved
pkg/schemas/types.go Outdated Show resolved Hide resolved
pkg/schemas/types.go Outdated Show resolved Hide resolved
RobQuistNL and others added 4 commits January 18, 2024 12:19
Co-authored-by: Claudio Beatrice <claudi0.beatric3@gmail.com>
Co-authored-by: Claudio Beatrice <claudi0.beatric3@gmail.com>
Co-authored-by: Claudio Beatrice <claudi0.beatric3@gmail.com>
@RobQuistNL
Copy link
Contributor Author

Heya, thanks for the review!

I've just tried your suggested steps (I assume your git co is something like a stash? I've removed the files and would unstage the deletion afterwards (rm <file> and git checkout -- <file>)

Either way, every time I run the tests, (also after pulling in main), the tests fail with the following error;

main module (github.com/atombender/go-jsonschema) does not contain package github.com/atombender/go-jsonschema/tests
make: *** [Makefile:220: test] Error 1

@omissis
Copy link
Owner

omissis commented Jan 18, 2024

Hey @RobQuistNL , thanks for taking the time! yeah, sorry, co is my git shortcut for checkout, and I pasted the second command wrong (that's what you get when you work at night 😅). The problem you are seeing is likely caused by the lack of go.work in your filesystem, you should be able to correct that by running cp go.work.dist go.work.

Once you do that, you can run the (corrected) command I posted above and it should all work.

To recap:

# Create the go.work file, to make both modules available in the current workspace
cp go.work.dist go.work

# Remove all generated go code in the test folders, to allow for the tests to regenerate them
find tests/data -name "*.go" -exec rm {} \;

# Temporarily remove the integration tests, as they depend on the files above
rm tests/unmarshal_test.go tests/validation_test.go

# Run the tests, which will regenerate the missing files we deleted above
make test

# Restore the integration tests
git checkout tests/unmarshal_test.go tests/validation_test.go

# Run the tests once again, to check the two restored ones also pass
make test

@RobQuistNL
Copy link
Contributor Author

Sweet! Thanks. Yeah, I figured the rm and checkout commands out - I was just missing the go.work file (my bad, didn't even know about that in golang)

Tests now succeed and I've pushed the changes!

Copy link

codecov bot commented Jan 19, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (40f48ce) 76.51% compared to head (728e586) 76.58%.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #169      +/-   ##
==========================================
+ Coverage   76.51%   76.58%   +0.07%     
==========================================
  Files          24       24              
  Lines        1882     1892      +10     
==========================================
+ Hits         1440     1449       +9     
- Misses        353      354       +1     
  Partials       89       89              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@omissis omissis self-requested a review January 19, 2024 11:55
@omissis omissis merged commit e91fd0c into omissis:main Jan 19, 2024
3 checks passed
andrewpollock referenced this pull request in google/osv.dev Jun 12, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change | Age | Adoption | Passing |
Confidence |
|---|---|---|---|---|---|---|---|
|  |  | lockFileMaintenance | All locks refreshed |  |  |  |  |
|
[cloud.google.com/go/logging](https://togithub.com/googleapis/google-cloud-go)
| require | minor | `v1.8.1` -> `v1.10.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/cloud.google.com%2fgo%2flogging/v1.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/cloud.google.com%2fgo%2flogging/v1.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/cloud.google.com%2fgo%2flogging/v1.8.1/v1.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/cloud.google.com%2fgo%2flogging/v1.8.1/v1.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[cloud.google.com/go/secretmanager](https://togithub.com/googleapis/google-cloud-go)
| require | minor | `v1.11.4` -> `v1.13.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/cloud.google.com%2fgo%2fsecretmanager/v1.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/cloud.google.com%2fgo%2fsecretmanager/v1.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/cloud.google.com%2fgo%2fsecretmanager/v1.11.4/v1.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/cloud.google.com%2fgo%2fsecretmanager/v1.11.4/v1.13.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[github.com/atombender/go-jsonschema](https://togithub.com/atombender/go-jsonschema)
| require | minor | `v0.14.1` -> `v0.16.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fatombender%2fgo-jsonschema/v0.16.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fatombender%2fgo-jsonschema/v0.16.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fatombender%2fgo-jsonschema/v0.14.1/v0.16.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fatombender%2fgo-jsonschema/v0.14.1/v0.16.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [github.com/go-git/go-git/v5](https://togithub.com/go-git/go-git) |
require | minor | `v5.11.0` -> `v5.12.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgo-git%2fgo-git%2fv5/v5.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgo-git%2fgo-git%2fv5/v5.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgo-git%2fgo-git%2fv5/v5.11.0/v5.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgo-git%2fgo-git%2fv5/v5.11.0/v5.12.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[github.com/google/osv-scanner](https://togithub.com/google/osv-scanner)
| require | minor | `v1.4.3` -> `v1.7.4` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgoogle%2fosv-scanner/v1.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgoogle%2fosv-scanner/v1.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgoogle%2fosv-scanner/v1.4.3/v1.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgoogle%2fosv-scanner/v1.4.3/v1.7.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang | stage | digest | `9d8429e` -> `9bdd569` |  |  |  |  |
| golang.org/x/exp | require | digest | `6522937` -> `fc45aab` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240604190554-fc45aab8b7f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240604190554-fc45aab8b7f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20231127185646-65229373498e/v0.0.0-20240604190554-fc45aab8b7f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20231127185646-65229373498e/v0.0.0-20240604190554-fc45aab8b7f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

🔧 This Pull Request updates lock files to use the latest dependency
versions.

---

### Release Notes

<details>
<summary>atombender/go-jsonschema
(github.com/atombender/go-jsonschema)</summary>

###
[`v0.16.0`](https://togithub.com/omissis/go-jsonschema/releases/tag/v0.16.0)

[Compare
Source](https://togithub.com/atombender/go-jsonschema/compare/v0.15.0...v0.16.0)

This release introduces several new improvements:

-   Improve support for non-case-sensitive languages
-   Make generated go more stable, and solve annoying big diffs
-   Fix  generated code for non-nullable types with two options
-   Removes nil check for `required` properties
-   Add support for additionalProperties when other fields exist

#### What's Changed

- Enhance splitIdentifierByCaseAndSeparators to support
non-case-sensitive languages by
[@&#8203;zrma](https://togithub.com/zrma) in
[https://github.com/omissis/go-jsonschema/pull/170](https://togithub.com/omissis/go-jsonschema/pull/170)
- Stable output: Add some more names to anonymous Method classes by
[@&#8203;RobQuistNL](https://togithub.com/RobQuistNL) in
[https://github.com/omissis/go-jsonschema/pull/169](https://togithub.com/omissis/go-jsonschema/pull/169)
- Fix non-nullable type with two options by
[@&#8203;jagregory](https://togithub.com/jagregory) in
[https://github.com/omissis/go-jsonschema/pull/205](https://togithub.com/omissis/go-jsonschema/pull/205)
- Removes nil check for `required` properties by
[@&#8203;Henkoglobin](https://togithub.com/Henkoglobin) in
[https://github.com/omissis/go-jsonschema/pull/215](https://togithub.com/omissis/go-jsonschema/pull/215)
- Add support for additionalProperties when other fields exist by
[@&#8203;codeboten](https://togithub.com/codeboten) and
[@&#8203;omissis](https://togithub.com/omissis) in
[https://github.com/omissis/go-jsonschema/pull/218](https://togithub.com/omissis/go-jsonschema/pull/218)
- Update go and all deps by
[@&#8203;omissis](https://togithub.com/omissis) in
[https://github.com/omissis/go-jsonschema/pull/217](https://togithub.com/omissis/go-jsonschema/pull/217)
-   Several [@&#8203;renovate](https://togithub.com/renovate) PRs
- fix(deps): update golang.org/x/exp digest to
[`1b97071`](https://togithub.com/atombender/go-jsonschema/commit/1b97071)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/190](https://togithub.com/omissis/go-jsonschema/pull/190)
- fix(deps): update module github.com/goccy/go-yaml to v1.11.3 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/191](https://togithub.com/omissis/go-jsonschema/pull/191)
- fix(deps): update golang.org/x/exp digest to
[`2c58cdc`](https://togithub.com/atombender/go-jsonschema/commit/2c58cdc)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/193](https://togithub.com/omissis/go-jsonschema/pull/193)
- chore(deps): update golang docker tag to v1.22.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/195](https://togithub.com/omissis/go-jsonschema/pull/195)
- chore(deps): update dependency golangci-lint to v1.56.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/196](https://togithub.com/omissis/go-jsonschema/pull/196)
- chore(deps): update dependency golangci-lint to v1.56.1 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/197](https://togithub.com/omissis/go-jsonschema/pull/197)
- chore(deps): update dependency shfmt to v3.8.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/198](https://togithub.com/omissis/go-jsonschema/pull/198)
- fix(deps): update golang.org/x/exp digest to
[`ec58324`](https://togithub.com/atombender/go-jsonschema/commit/ec58324)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/199](https://togithub.com/omissis/go-jsonschema/pull/199)
- chore(deps): update dependency golangci-lint to v1.56.2 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/200](https://togithub.com/omissis/go-jsonschema/pull/200)
- fix(deps): update golang.org/x/exp digest to
[`814bf88`](https://togithub.com/atombender/go-jsonschema/commit/814bf88)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/201](https://togithub.com/omissis/go-jsonschema/pull/201)
- chore(deps): update golang docker tag to v1.22.1 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/202](https://togithub.com/omissis/go-jsonschema/pull/202)
- chore(deps): update dependency shellcheck to v0.10.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/203](https://togithub.com/omissis/go-jsonschema/pull/203)
- chore(deps): update codecov/codecov-action action to v4 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/192](https://togithub.com/omissis/go-jsonschema/pull/192)
- fix(deps): update golang.org/x/exp digest to
[`c7f7c64`](https://togithub.com/atombender/go-jsonschema/commit/c7f7c64)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/206](https://togithub.com/omissis/go-jsonschema/pull/206)
- fix(deps): update golang.org/x/exp digest to
[`a85f2c6`](https://togithub.com/atombender/go-jsonschema/commit/a85f2c6)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/207](https://togithub.com/omissis/go-jsonschema/pull/207)
- chore(deps): update dependency golangci-lint to v1.57.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/208](https://togithub.com/omissis/go-jsonschema/pull/208)
- chore(deps): update dependency golangci-lint to v1.57.1 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/209](https://togithub.com/omissis/go-jsonschema/pull/209)
- fix(deps): update golang.org/x/exp digest to
[`a685a6e`](https://togithub.com/atombender/go-jsonschema/commit/a685a6e)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/210](https://togithub.com/omissis/go-jsonschema/pull/210)
- chore(deps): update dependency golangci-lint to v1.57.2 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/211](https://togithub.com/omissis/go-jsonschema/pull/211)
- chore(deps): update golang docker tag to v1.22.2 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/212](https://togithub.com/omissis/go-jsonschema/pull/212)
- fix(deps): update golang.org/x/exp digest to
[`c0f41cb`](https://togithub.com/atombender/go-jsonschema/commit/c0f41cb)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/213](https://togithub.com/omissis/go-jsonschema/pull/213)
- fix(deps): update golang.org/x/exp digest to
[`93d18d7`](https://togithub.com/atombender/go-jsonschema/commit/93d18d7)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/214](https://togithub.com/omissis/go-jsonschema/pull/214)
- fix(deps): update golang.org/x/exp digest to
[`fe59bbe`](https://togithub.com/atombender/go-jsonschema/commit/fe59bbe)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/216](https://togithub.com/omissis/go-jsonschema/pull/216)

#### New Contributors

- [@&#8203;zrma](https://togithub.com/zrma) made their first
contribution in
[https://github.com/omissis/go-jsonschema/pull/170](https://togithub.com/omissis/go-jsonschema/pull/170)
- [@&#8203;RobQuistNL](https://togithub.com/RobQuistNL) made their first
contribution in
[https://github.com/omissis/go-jsonschema/pull/169](https://togithub.com/omissis/go-jsonschema/pull/169)
- [@&#8203;jagregory](https://togithub.com/jagregory) made their first
contribution in
[https://github.com/omissis/go-jsonschema/pull/205](https://togithub.com/omissis/go-jsonschema/pull/205)
- [@&#8203;Henkoglobin](https://togithub.com/Henkoglobin) made their
first contribution in
[https://github.com/omissis/go-jsonschema/pull/215](https://togithub.com/omissis/go-jsonschema/pull/215)
- [@&#8203;codeboten](https://togithub.com/codeboten) made their first
contribution in
[https://github.com/omissis/go-jsonschema/pull/218](https://togithub.com/omissis/go-jsonschema/pull/218)
(replaces
[https://github.com/omissis/go-jsonschema/pull/189](https://togithub.com/omissis/go-jsonschema/pull/189))

**Full Changelog**:
omissis/go-jsonschema@v0.15.0...v0.16.0

###
[`v0.15.0`](https://togithub.com/omissis/go-jsonschema/releases/tag/v0.15.0)

[Compare
Source](https://togithub.com/atombender/go-jsonschema/compare/v0.14.1...v0.15.0)

This release introduces one new feature and a fix:

-   support for `file://` schema in references
-   support for yaml file references

#### What's Changed

- feat: add support for "file://" schema in $refs by
[@&#8203;omissis](https://togithub.com/omissis) in
[https://github.com/omissis/go-jsonschema/pull/147](https://togithub.com/omissis/go-jsonschema/pull/147)
- fix: support for yaml file references by
[@&#8203;johanneswuerbach](https://togithub.com/johanneswuerbach) in
[https://github.com/omissis/go-jsonschema/pull/179](https://togithub.com/omissis/go-jsonschema/pull/179)
- chore: split generate.go file by
[@&#8203;AlbertoBarba](https://togithub.com/AlbertoBarba) in
[https://github.com/omissis/go-jsonschema/pull/153](https://togithub.com/omissis/go-jsonschema/pull/153)
- chore(deps): update dependency golangci-lint to v1.55.2 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/162](https://togithub.com/omissis/go-jsonschema/pull/162)
- chore(deps): update golang docker tag to v1.21.4 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/165](https://togithub.com/omissis/go-jsonschema/pull/165)
- chore(deps): update golang docker tag to v1.21.5 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/174](https://togithub.com/omissis/go-jsonschema/pull/174)
- chore(deps): update actions/setup-go action to v5 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/175](https://togithub.com/omissis/go-jsonschema/pull/175)
- chore(deps): update golang docker tag to v1.21.6 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/184](https://togithub.com/omissis/go-jsonschema/pull/184)
- fix(deps): update module github.com/spf13/cobra to v1.8.0 by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/163](https://togithub.com/omissis/go-jsonschema/pull/163)
- fix(deps): update golang.org/x/exp digest to
[`2478ac8`](https://togithub.com/atombender/go-jsonschema/commit/2478ac8)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/166](https://togithub.com/omissis/go-jsonschema/pull/166)
- fix(deps): update golang.org/x/exp digest to
[`9a3e603`](https://togithub.com/atombender/go-jsonschema/commit/9a3e603)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/168](https://togithub.com/omissis/go-jsonschema/pull/168)
- fix(deps): update golang.org/x/exp digest to
[`6522937`](https://togithub.com/atombender/go-jsonschema/commit/6522937)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/172](https://togithub.com/omissis/go-jsonschema/pull/172)
- fix(deps): update golang.org/x/exp digest to
[`f3f8817`](https://togithub.com/atombender/go-jsonschema/commit/f3f8817)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/176](https://togithub.com/omissis/go-jsonschema/pull/176)
- fix(deps): update golang.org/x/exp digest to
[`aacd6d4`](https://togithub.com/atombender/go-jsonschema/commit/aacd6d4)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/178](https://togithub.com/omissis/go-jsonschema/pull/178)
- fix(deps): update golang.org/x/exp digest to
[`dc181d7`](https://togithub.com/atombender/go-jsonschema/commit/dc181d7)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/180](https://togithub.com/omissis/go-jsonschema/pull/180)
- fix(deps): update golang.org/x/exp digest to
[`02704c9`](https://togithub.com/atombender/go-jsonschema/commit/02704c9)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/181](https://togithub.com/omissis/go-jsonschema/pull/181)
- fix(deps): update golang.org/x/exp digest to
[`be819d1`](https://togithub.com/atombender/go-jsonschema/commit/be819d1)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/182](https://togithub.com/omissis/go-jsonschema/pull/182)
- fix(deps): update golang.org/x/exp digest to
[`0dcbfd6`](https://togithub.com/atombender/go-jsonschema/commit/0dcbfd6)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/185](https://togithub.com/omissis/go-jsonschema/pull/185)
- fix(deps): update golang.org/x/exp digest to
[`db7319d`](https://togithub.com/atombender/go-jsonschema/commit/db7319d)
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/omissis/go-jsonschema/pull/186](https://togithub.com/omissis/go-jsonschema/pull/186)

#### New Contributors

- [@&#8203;johanneswuerbach](https://togithub.com/johanneswuerbach) made
their first contribution in
[https://github.com/omissis/go-jsonschema/pull/179](https://togithub.com/omissis/go-jsonschema/pull/179)

**Full Changelog**:
omissis/go-jsonschema@v0.14.1...v0.15.0

</details>

<details>
<summary>go-git/go-git (github.com/go-git/go-git/v5)</summary>

### [`v5.12.0`](https://togithub.com/go-git/go-git/releases/tag/v5.12.0)

[Compare
Source](https://togithub.com/go-git/go-git/compare/v5.11.0...v5.12.0)

#### What's Changed

- git: Worktree.AddWithOptions: add skipStatus option when providing a
specific path by
[@&#8203;moranCohen26](https://togithub.com/moranCohen26) in
[https://github.com/go-git/go-git/pull/994](https://togithub.com/go-git/go-git/pull/994)
- git: Signer: fix usage of crypto.Signer interface by
[@&#8203;wlynch](https://togithub.com/wlynch) in
[https://github.com/go-git/go-git/pull/1029](https://togithub.com/go-git/go-git/pull/1029)
- git: Remote, fetch, adds the prune option. by
[@&#8203;juliens](https://togithub.com/juliens) in
[https://github.com/go-git/go-git/pull/366](https://togithub.com/go-git/go-git/pull/366)
- git: Add crypto.Signer option to CommitOptions. by
[@&#8203;wlynch](https://togithub.com/wlynch) in
[https://github.com/go-git/go-git/pull/996](https://togithub.com/go-git/go-git/pull/996)
- git: Worktree checkout tag hash id
([#&#8203;959](https://togithub.com/go-git/go-git/issues/959)) by
[@&#8203;aymanbagabas](https://togithub.com/aymanbagabas) in
[https://github.com/go-git/go-git/pull/966](https://togithub.com/go-git/go-git/pull/966)
- git: Worktree, Don't panic on empty or root path when checking if it
is valid by [@&#8203;tim775](https://togithub.com/tim775) in
[https://github.com/go-git/go-git/pull/1042](https://togithub.com/go-git/go-git/pull/1042)
- git: Add commit validation for Reset by
[@&#8203;pjbgf](https://togithub.com/pjbgf) in
[https://github.com/go-git/go-git/pull/1048](https://togithub.com/go-git/go-git/pull/1048)
- git: worktree_commit, Fix amend commit to apply changes. Fixes
[#&#8203;1024](https://togithub.com/go-git/go-git/issues/1024) by
[@&#8203;onee-only](https://togithub.com/onee-only) in
[https://github.com/go-git/go-git/pull/1045](https://togithub.com/go-git/go-git/pull/1045)
- git: Implement Merge function with initial `FastForwardMerge` support
by [@&#8203;pjbgf](https://togithub.com/pjbgf) in
[https://github.com/go-git/go-git/pull/1044](https://togithub.com/go-git/go-git/pull/1044)
- plumbing: object, Make first commit visible on logs filtered with
filename. Fixes
[#&#8203;191](https://togithub.com/go-git/go-git/issues/191) by
[@&#8203;onee-only](https://togithub.com/onee-only) in
[https://github.com/go-git/go-git/pull/1036](https://togithub.com/go-git/go-git/pull/1036)
- plumbing: no panic in printStats function. Fixes
[#&#8203;177](https://togithub.com/go-git/go-git/issues/177) by
[@&#8203;nodivbyzero](https://togithub.com/nodivbyzero) in
[https://github.com/go-git/go-git/pull/971](https://togithub.com/go-git/go-git/pull/971)
- plumbing: object, Optimize logging with file. by
[@&#8203;onee-only](https://togithub.com/onee-only) in
[https://github.com/go-git/go-git/pull/1046](https://togithub.com/go-git/go-git/pull/1046)
- plumbing: object, check legitimacy in (\*Tree).Encode by
[@&#8203;niukuo](https://togithub.com/niukuo) in
[https://github.com/go-git/go-git/pull/967](https://togithub.com/go-git/go-git/pull/967)
- plumbing: format/gitattributes, close file in ReadAttributesFile by
[@&#8203;prskr](https://togithub.com/prskr) in
[https://github.com/go-git/go-git/pull/1018](https://togithub.com/go-git/go-git/pull/1018)
- plumbing: check setAuth error. Fixes
[#&#8203;185](https://togithub.com/go-git/go-git/issues/185) by
[@&#8203;nodivbyzero](https://togithub.com/nodivbyzero) in
[https://github.com/go-git/go-git/pull/969](https://togithub.com/go-git/go-git/pull/969)
- plumbing: object, fix variable defaultUtf8CommitMessageEncoding name
spell error by [@&#8203;Jerry-yz](https://togithub.com/Jerry-yz) in
[https://github.com/go-git/go-git/pull/987](https://togithub.com/go-git/go-git/pull/987)
- utils: merkletrie, calculate filesystem node's hash lazily. by
[@&#8203;candid82](https://togithub.com/candid82) in
[https://github.com/go-git/go-git/pull/825](https://togithub.com/go-git/go-git/pull/825)
- utils: update comment in node.go's Hash() by
[@&#8203;codablock](https://togithub.com/codablock) in
[https://github.com/go-git/go-git/pull/992](https://togithub.com/go-git/go-git/pull/992)
- \_example: fix 404 link and added ssh-agent clone link by
[@&#8203;grinish21](https://togithub.com/grinish21) in
[https://github.com/go-git/go-git/pull/1022](https://togithub.com/go-git/go-git/pull/1022)
- \_example: checkout-branch example by
[@&#8203;dlambda](https://togithub.com/dlambda) in
[https://github.com/go-git/go-git/pull/446](https://togithub.com/go-git/go-git/pull/446)
- \_example: example for git clone using ssh-agent by
[@&#8203;pjbgf](https://togithub.com/pjbgf) in
[https://github.com/go-git/go-git/pull/998](https://togithub.com/go-git/go-git/pull/998)

#### New Contributors

- [@&#8203;candid82](https://togithub.com/candid82) made their first
contribution in
[https://github.com/go-git/go-git/pull/825](https://togithub.com/go-git/go-git/pull/825)
- [@&#8203;codablock](https://togithub.com/codablock) made their first
contribution in
[https://github.com/go-git/go-git/pull/992](https://togithub.com/go-git/go-git/pull/992)
- [@&#8203;Jerry-yz](https://togithub.com/Jerry-yz) made their first
contribution in
[https://github.com/go-git/go-git/pull/987](https://togithub.com/go-git/go-git/pull/987)
- [@&#8203;wlynch](https://togithub.com/wlynch) made their first
contribution in
[https://github.com/go-git/go-git/pull/996](https://togithub.com/go-git/go-git/pull/996)
- [@&#8203;moranCohen26](https://togithub.com/moranCohen26) made their
first contribution in
[https://github.com/go-git/go-git/pull/994](https://togithub.com/go-git/go-git/pull/994)
- [@&#8203;grinish21](https://togithub.com/grinish21) made their first
contribution in
[https://github.com/go-git/go-git/pull/1022](https://togithub.com/go-git/go-git/pull/1022)
- [@&#8203;prskr](https://togithub.com/prskr) made their first
contribution in
[https://github.com/go-git/go-git/pull/1018](https://togithub.com/go-git/go-git/pull/1018)
- [@&#8203;dlambda](https://togithub.com/dlambda) made their first
contribution in
[https://github.com/go-git/go-git/pull/446](https://togithub.com/go-git/go-git/pull/446)
- [@&#8203;juliens](https://togithub.com/juliens) made their first
contribution in
[https://github.com/go-git/go-git/pull/366](https://togithub.com/go-git/go-git/pull/366)
- [@&#8203;onee-only](https://togithub.com/onee-only) made their first
contribution in
[https://github.com/go-git/go-git/pull/1036](https://togithub.com/go-git/go-git/pull/1036)
- [@&#8203;tim775](https://togithub.com/tim775) made their first
contribution in
[https://github.com/go-git/go-git/pull/1042](https://togithub.com/go-git/go-git/pull/1042)
- [@&#8203;niukuo](https://togithub.com/niukuo) made their first
contribution in
[https://github.com/go-git/go-git/pull/967](https://togithub.com/go-git/go-git/pull/967)
- [@&#8203;avoidalone](https://togithub.com/avoidalone) made their first
contribution in
[https://github.com/go-git/go-git/pull/1047](https://togithub.com/go-git/go-git/pull/1047)

**Full Changelog**:
go-git/go-git@v5.11.0...v5.12.0

</details>

<details>
<summary>google/osv-scanner (github.com/google/osv-scanner)</summary>

###
[`v1.7.4`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v174)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.7.3...v1.7.4)

##### Features:

- [Feature
#&#8203;943](https://togithub.com/google/osv-scanner/pull/943) Support
scanning gradle/verification-metadata.xml files.

##### Misc:

- [Bug #&#8203;968](https://togithub.com/google/osv-scanner/issues/968)
Hide unimportant Debian vulnerabilities to reduce noise.

###
[`v1.7.3`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v173)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.7.2...v1.7.3)

##### Features:

- [Feature
#&#8203;934](https://togithub.com/google/osv-scanner/pull/934) add
support for PNPM v9 lockfiles.

##### Fixes:

- [Bug #&#8203;938](https://togithub.com/google/osv-scanner/issues/938)
Ensure the sarif output has a stable order.
- [Bug #&#8203;922](https://togithub.com/google/osv-scanner/issues/922)
Support filtering on alias IDs in Guided Remediation.

###
[`v1.7.2`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v172)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.7.1...v1.7.2)

##### Fixes:

- [Bug #&#8203;899](https://togithub.com/google/osv-scanner/issues/899)
Guided Remediation: Parse paths in npmrc auth fields correctly.
- [Bug #&#8203;908](https://togithub.com/google/osv-scanner/issues/908)
Fix rust call analysis by explicitly disabling stripping of debug info.
- [Bug #&#8203;914](https://togithub.com/google/osv-scanner/issues/914)
Fix regression for go call analysis introduced in 1.7.0.

###
[`v1.7.1`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v171)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.7.0...v1.7.1)

(There is no Github release for this version)

##### Fixes

- [Bug #&#8203;856](https://togithub.com/google/osv-scanner/issues/856)
Add retry logic to make calls to OSV.dev API more resilient. This
combined with changes in OSV.dev's API should result in much less
timeout errors.

##### API Features

- [Feature
#&#8203;781](https://togithub.com/google/osv-scanner/pull/781)
    add `MakeVersionRequestsWithContext()`
- [Feature
#&#8203;857](https://togithub.com/google/osv-scanner/pull/857)
API and networking related errors now has their own error and exit code
(Exit Code 129)

###
[`v1.7.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v170)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.6.2...v1.7.0)

##### Features

- [Feature
#&#8203;352](https://togithub.com/google/osv-scanner/issues/352) Guided
Remediation
Introducing our new experimental guided remediation feature on
`osv-scanner fix` subcommand.
See our
[docs](https://google.github.io/osv-scanner/experimental/guided-remediation/)
for detailed usage instructions.

- [Feature
#&#8203;805](https://togithub.com/google/osv-scanner/pull/805)
    Include CVSS MaxSeverity in JSON output.

##### Fixes

-   [Bug #&#8203;818](https://togithub.com/google/osv-scanner/pull/818)
    Align GoVulncheck Go version with go.mod.

-   [Bug #&#8203;797](https://togithub.com/google/osv-scanner/pull/797)
    Don't traverse gitignored dirs for gitignore files.

##### Miscellaneous

-   [#&#8203;831](https://togithub.com/google/osv-scanner/pull/831)
    Remove version number from the release binary name.

###
[`v1.6.2`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v162)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.6.1...v1.6.2)

##### Features

- [Feature
#&#8203;694](https://togithub.com/google/osv-scanner/pull/694)
Add subcommands! OSV-Scanner now has subcommands! The base command has
been moved to `scan` (currently the only commands is `scan`).
By default if you do not pass in a command, `scan` will be used, so CLI
remains backwards compatible.

This is a building block to adding the guided remediation feature. See
[issue #&#8203;352](https://togithub.com/google/osv-scanner/issues/352)
    for more details!

- [Feature
#&#8203;776](https://togithub.com/google/osv-scanner/pull/776)
    Add pdm lockfile support.

##### API Features

- [Feature
#&#8203;754](https://togithub.com/google/osv-scanner/pull/754)
    Add dependency groups to flattened vulnerabilities output.

###
[`v1.6.1`](https://togithub.com/google/osv-scanner/releases/tag/v1.6.1)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.6.0...v1.6.1)

### v1.6.0/v1.6.1:

##### Features

- [Feature
#&#8203;694](https://togithub.com/google/osv-scanner/pull/694) Add
support for NuGet lock files version 2.

- [Feature
#&#8203;655](https://togithub.com/google/osv-scanner/pull/655) Scan and
report dependency groups (e.g. "dev dependencies") for vulnerabilities.

- [Feature
#&#8203;702](https://togithub.com/google/osv-scanner/pull/702) Created
an option to skip/disable upload to code scanning.

- [Feature
#&#8203;732](https://togithub.com/google/osv-scanner/pull/732) Add
option to not fail on vulnerability being found for GitHub Actions.

- [Feature
#&#8203;729](https://togithub.com/google/osv-scanner/pull/729) Verify
the spdx licenses passed in to the license allowlist.

##### Fixes

- [Bug #&#8203;736](https://togithub.com/google/osv-scanner/pull/736)
Show ecosystem and version even if git is shown if the info exists.

- [Bug #&#8203;703](https://togithub.com/google/osv-scanner/pull/703)
Return an error if both license scanning and local/offline scanning is
enabled simultaneously.

- [Bug #&#8203;718](https://togithub.com/google/osv-scanner/pull/718)
Fixed parsing of SBOMs generated by the latest CycloneDX.

- [Bug #&#8203;704](https://togithub.com/google/osv-scanner/pull/704)
Get go stdlib version from go.mod.

##### API Features

- [Feature
#&#8203;727](https://togithub.com/google/osv-scanner/pull/727) Changes
to `Reporter` methods to add verbosity levels and to deprecate
functions.

#### New Contributors

- [@&#8203;geekNero](https://togithub.com/geekNero) made their first
contribution in
[https://github.com/google/osv-scanner/pull/718](https://togithub.com/google/osv-scanner/pull/718)

**Full Changelog**:
google/osv-scanner@v1.5.0...v1.6.0-alpha3

###
[`v1.6.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v160)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.5.0...v1.6.0)

##### Features

- [Feature
#&#8203;694](https://togithub.com/google/osv-scanner/pull/694)
    Add support for NuGet lock files version 2.

- [Feature
#&#8203;655](https://togithub.com/google/osv-scanner/pull/655)
Scan and report dependency groups (e.g. "dev dependencies") for
vulnerabilities.

- [Feature
#&#8203;702](https://togithub.com/google/osv-scanner/pull/702)
    Created an option to skip/disable upload to code scanning.

- [Feature
#&#8203;732](https://togithub.com/google/osv-scanner/pull/732)
Add option to not fail on vulnerability being found for GitHub Actions.

- [Feature
#&#8203;729](https://togithub.com/google/osv-scanner/pull/729)
    Verify the spdx licenses passed in to the license allowlist.

##### Fixes

-   [Bug #&#8203;736](https://togithub.com/google/osv-scanner/pull/736)
    Show ecosystem and version even if git is shown if the info exists.

-   [Bug #&#8203;703](https://togithub.com/google/osv-scanner/pull/703)
Return an error if both license scanning and local/offline scanning is
enabled simultaneously.

-   [Bug #&#8203;718](https://togithub.com/google/osv-scanner/pull/718)
    Fixed parsing of SBOMs generated by the latest CycloneDX.

-   [Bug #&#8203;704](https://togithub.com/google/osv-scanner/pull/704)
    Get go stdlib version from go.mod.

##### API Features

- [Feature
#&#8203;727](https://togithub.com/google/osv-scanner/pull/727)
Changes to `Reporter` methods to add verbosity levels and to deprecate
functions.

###
[`v1.5.0`](https://togithub.com/google/osv-scanner/blob/HEAD/CHANGELOG.md#v150)

[Compare
Source](https://togithub.com/google/osv-scanner/compare/v1.4.3...v1.5.0)

##### Features

- [Feature
#&#8203;501](https://togithub.com/google/osv-scanner/pull/501)
Add experimental license scanning support! See
https://osv.dev/blog/posts/introducing-license-scanning-with-osv-scanner/
for more information!
- [Feature
#&#8203;642](https://togithub.com/google/osv-scanner/pull/642)
    Support scanning `renv` files for the R language ecosystem.
- [Feature
#&#8203;513](https://togithub.com/google/osv-scanner/pull/513)
Stabilize call analysis for Go! The experimental
`--experimental-call-analysis` flag has now been updated to:
        --call-analysis=<language/all>
        --no-call-analysis=<language/all>
with call analysis for Go enabled by default. See
https://google.github.io/osv-scanner/usage/#scanning-with-call-analysis
for the documentation!
- [Feature
#&#8203;676](https://togithub.com/google/osv-scanner/pull/676)
    Simplify return codes:
    -   Return 0 if there are no findings or errors.
- Return 1 if there are any findings (license violations or
vulnerabilities).
    -   Return 128 if no packages are found.
- [Feature
#&#8203;651](https://togithub.com/google/osv-scanner/pull/651)
    CVSS v4.0 support.
- [Feature #&#8203;60](https://togithub.com/google/osv-scanner/pull/60)
    [Pre-commit hook](https://pre-commit.com/) support.

##### Fixes

- [Bug #&#8203;639](https://togithub.com/google/osv-scanner/issues/639)
We now filter local packages from scans, and report the filtering of
those packages.
- [Bug #&#8203;645](https://togithub.com/google/osv-scanner/issues/645)
    Properly handle file/url paths on Windows.
- [Bug #&#8203;660](https://togithub.com/google/osv-scanner/issues/660)
    Remove noise from failed lockfile parsing.
- [Bug #&#8203;649](https://togithub.com/google/osv-scanner/issues/649)
    No longer include vendored libraries in C/C++ package analysis.
- [Bug #&#8203;634](https://togithub.com/google/osv-scanner/issues/634)
    Fix filtering of aliases to also include non OSV aliases

##### Miscellaneous

-   The minimum go version has been updated to go1.21 from go1.18.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on wednesday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv.dev).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

investigation: produce stable output
2 participants