Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the go-modules group across 1 directory with 34 updates #835

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 8, 2024

Bumps the go-modules group with 18 updates in the / directory:

Package From To
github.com/onsi/gomega 1.33.1 1.34.2
github.com/paketo-buildpacks/occam 0.18.7 0.18.8
dario.cat/mergo 1.0.0 1.0.1
github.com/DataDog/zstd 1.5.5 1.5.6
github.com/Masterminds/semver/v3 3.2.1 3.3.0
github.com/Masterminds/sprig/v3 3.2.3 3.3.0
github.com/Microsoft/hcsshim 0.12.4 0.12.7
github.com/cloudflare/circl 1.3.9 1.4.0
github.com/containerd/errdefs 0.1.0 0.3.0
github.com/cpuguy83/dockercfg 0.3.1 0.3.2
github.com/cyphar/filepath-securejoin 0.2.5 0.3.3
github.com/klauspost/compress 1.17.9 1.17.10
github.com/mattn/go-runewidth 0.0.15 0.0.16
github.com/moby/sys/sequential 0.5.0 0.6.0
github.com/skeema/knownhosts 1.2.2 1.3.0
github.com/sylabs/sif/v2 2.17.0 2.19.1
github.com/tklauser/numcpus 0.8.0 0.9.0
github.com/vbatts/tar-split 0.11.5 0.11.6

Updates github.com/onsi/gomega from 1.33.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]

v1.34.1

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]

1.34.1

Maintenance

  • Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

1.34.0

Features

  • Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

  • fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
  • issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

  • bump ginkgo [8af2ece]
  • Fix typo in docs [123a071]
  • Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
  • Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
  • Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
  • Bump github-pages from 230 to 231 in /docs (#748) [892c303]
Commits
  • 7cabed6 v1.34.2
  • c59c6dc bump ginkgo as well
  • 8158b99 bump to go 1.22 - remove x/exp dependency
  • fa057b8 v1.34.1
  • 5e71dcd Use slices from exp/slices to keep golang 1.20 compat
  • 32e5498 v1.34.0
  • cb3fa6a run go mod tidy and wonder why go get doesnt just run it for me in the first ...
  • 8af2ece bump ginkgo
  • 878940c fix incorrect handling of nil slices in HaveExactElements (fixes #771)
  • f5bec80 clean up bipartitegraph tests
  • Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/occam from 0.18.7 to 0.18.8

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.18.8

What's Changed

New Contributors

Full Changelog: paketo-buildpacks/occam@v0.18.7...v0.18.8

Commits
  • 1193f3c Bump docker to version 26.1.5 to fix CVE-2024-41110
  • 5cd4ede Updates go mod version to 1.23.0
  • 2e5b930 Updates go mod version to 1.22.6
  • 815b014 Bump github.com/paketo-buildpacks/packit/v2 from 2.14.1 to 2.14.2
  • 74a79fb Bump github.com/paketo-buildpacks/packit/v2 from 2.14.0 to 2.14.1
  • 90134a5 Bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2
  • 653a6fb Bump github.com/onsi/gomega from 1.34.0 to 1.34.1
  • ed0e429 Bump github.com/onsi/gomega from 1.33.1 to 1.34.0
  • f467245 Updates go mod version to 1.22.5
  • c97acf2 Bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1
  • Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.14.0 to 2.14.2

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.14.2

What's Changed

New Contributors

Full Changelog: paketo-buildpacks/packit@v2.14.0...v2.14.2

v2.14.1

⚠️ This release contains unwanted changes due to release automation issues. Please use https://github.com/paketo-buildpacks/packit/releases/tag/v2.14.2 instead!

What's Changed

New Contributors

Full Changelog: paketo-buildpacks/packit@v2.14.0...v2.14.1

Commits
  • 3bc586e do not run draft release workflow on branches named v2-<something>
  • d558b87 Bump github.com/onsi/gomega from 1.33.1 to 1.34.1
  • 9f2a7b3 Bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5
  • b117031 Updating github-config
  • b6530bc Include error handling
  • 7222905 Fix override of existing values in prepend & append
  • e366827 Updating github-config
  • a8ac405 Bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4
  • 4ff7347 Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0
  • See full diff in compare view

Updates dario.cat/mergo from 1.0.0 to 1.0.1

Release notes

Sourced from dario.cat/mergo's releases.

v1.0.1

What's Changed

New Contributors

Full Changelog: darccio/mergo@v1.0.0...v1.0.1

Commits

Updates github.com/DataDog/zstd from 1.5.5 to 1.5.6

Release notes

Sourced from github.com/DataDog/zstd's releases.

zstd 1.5.6

What's Changed

Full Changelog: DataDog/zstd@v1.5.5+patch1...v1.5.6

Commits
  • b52f603 Merge pull request #143 from DataDog/viq111/1.5.6
  • cf4778e Update Readme for 1.5.6
  • ed87d43 Update vendored zstd to 1.5.6
  • dd7b332 Merge pull request #136 from colinlyguo/fix-readme
  • beb4dfd Merge pull request #141 from DataDog/sfluor-patch-1
  • e75a26a Update upperBound ratio when guessing the required decompression buffer size
  • c9a5141 fix readme
  • 869dae0 Merge pull request #132 from DataDog/viq111/bulk-fix-highlycompressed-payloads
  • bf7b920 [bulk] Add extra empty payload decompression test
  • 9c0d33f [bulk] Fix naming
  • Additional commits viewable in compare view

Updates github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.0

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.2.1...v3.3.0

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

3.3.0 (2024-08-27)

Added

Changed

  • #241: Simplify StrictNewVersion parsing (thanks @​grosser)
  • Testing support up through Go 1.23
  • Minimum version set to 1.21 as this is what's tested now
  • Fuzz testing now supports caching
Commits
  • e6e3d4d Merge pull request #249 from mattfarina/update-changelog-3.3.0
  • e80c4ea Updating changelog for 3.3.0
  • 80427ad Merge pull request #248 from mattfarina/bump-min-version
  • b610837 bumping min version in go.mod based on what's tested
  • a4cccd8 Merge pull request #246 from mattfarina/bump-go-1.23
  • 7c178cf Updating the testing version of Go used
  • 29f94c1 Merge pull request #241 from grosser/grosser/validate
  • 2cf1b16 Merge pull request #245 from mattfarina/remove-vert
  • b55476a Removing reference to vert
  • d07450b simplify StrictNewVersion
  • Additional commits viewable in compare view

Updates github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0

Release notes

Sourced from github.com/Masterminds/sprig/v3's releases.

v3.3.0

What's Changed

New Contributors

Full Changelog: Masterminds/sprig@v3.2.3...v3.3.0

Changelog

Sourced from github.com/Masterminds/sprig/v3's changelog.

Release 3.3.0 (2024-08-29)

Added

Changed

  • #407: Removed duplicate documentation (functions were documentated in 2 places)
  • #290: Corrected copy/paster oops in math documentation (thanks @​zzhu41)
  • #369: Corrected template reference in docs (thanks @​chey)
  • #375: Added link to URL documenation (thanks @​carlpett)
  • #406: Updated the mergo dependency which had a breaking change (which was accounted for)
  • #376: Fixed documentation error (thanks @​jheyduk)
  • #404: Updated dependency tree
  • #391: Fixed misspelling (thanks @​chrishalbert)
  • #405: Updated Go versions used in testing
Commits
  • e708470 Merge pull request #408 from mattfarina/update-changelog-3.3
  • 8fc4354 Updating the changelog for the 3.3.0 release
  • cb81a32 Merge pull request #407 from mattfarina/remove-dup-math-functions
  • 2637693 Removing duplicate documentation
  • 06b9a87 Merge pull request #290 from zzhu41/patch-1
  • e663ec6 Merge pull request #369 from chey/patch-1
  • bb2f73f Merge pull request #375 from carlpett/patch-1
  • f07659e Merge pull request #400 from itzik-elayev/master
  • 98b35c1 Add closing bracket
  • 7a88928 Merge pull request #406 from mattfarina/update-mergo
  • Additional commits viewable in compare view

Updates github.com/Microsoft/hcsshim from 0.12.4 to 0.12.7

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.7

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.6...v0.12.7

v0.12.6

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.5...v0.12.6

v0.12.5

What's Changed

Full Changelog: microsoft/hcsshim@v0.12.4...v0.12.5

Commits

Updates github.com/cloudflare/circl from 1.3.9 to 1.4.0

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.4.0

Changes

New: ML-KEM compatible with FIPS-203.

Commit History

Full Changelog: cloudflare/circl@v1.3.9...v1.4.0

Commits

Updates github.com/containerd/errdefs from 0.1.0 to 0.3.0

Release notes

Sourced from github.com/containerd/errdefs's releases.

v0.3.0

This release splits the errdefs package into the github.com/containerd/errdefs package which only contains error definitions as well as basic functions to check for those definitions and the github.com/containerd/errdefs/pkg package which containers functionality for using the errdefs, such as error serialization and adding more data to errors.

What's Changed

Full Changelog: containerd/errdefs@v0.2.0...v0.3.0

pkg/v0.3.0

What's Changed

Full Changelog: containerd/errdefs@v0.3.0...pkg/v0.3.0

v0.2.0

What's Changed

New Contributors

Full Changelog: containerd/errdefs@v0.1.0...v0.2.0

Commits
  • 9fd32fc Merge pull request #19 from dmcgowan/pkg-package
  • 3dabb2b Merge pull request #20 from austinvazquez/upgrade-ci
  • 303a6ea Update to Go 1.22.8 in CI
  • e70104e Upgrade to golangci-lint@v1.61.0
  • ffe5586 Upgrade to golangci/golangci-lint-action@v6
  • 908b04b Upgrade to actions/checkout@v4
  • 608b83c Upgrade to actions/setup-go@v5
  • 8e82ae4 Upgrade macOS runner image to macOS 13
  • 46a6522 Add errdefs/pkg package
  • 02b65bc Merge pull request #18 from dmcgowan/add-missing-interfaces
  • Additional commits viewable in compare view

Updates github.com/cpuguy83/dockercfg from 0.3.1 to 0.3.2

Release notes

Sourced from github.com/cpuguy83/dockercfg's releases.

v0.3.2

What's Changed

New Contributors

Full Changelog: cpuguy83/dockercfg@v0.3.1...v0.3.2

Commits

Updates github.com/cyphar/filepath-securejoin from 0.2.5 to 0.3.3

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.3

This release primarily includes fixes for spurious errors we hit when checking that directories created by MkdirAll "look right". Upon further consideration, these checks were fundamentally buggy and didn't offer any practical protection anyway.

  • The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.
  • The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

Thanks to all of the contributors who made this release possible:

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.2

This release includes a few fixes for MkdirAll when dealing with S_ISUID and S_ISGID, to solve a regression runc hit when switching to MkdirAll.

  • Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

  • If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.3.1

  • By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.3] - 2024-09-30

Fixed

  • The mode and owner verification logic in MkdirAll has been removed. This was originally intended to protect against some theoretical attacks but upon further consideration these protections don't actually buy us anything and they were causing spurious errors with more complicated filesystem setups.
  • The "is the created directory empty" logic in MkdirAll has also been removed. This was not causing us issues yet, but some pseudofilesystems (such as cgroup) create non-empty directories and so this logic would've been wrong for such cases.

[0.3.2] - 2024-09-13

Changed

  • Passing the S_ISUID or S_ISGID modes to MkdirAllInRoot will now return an explicit error saying that those bits are ignored by mkdirat(2). In the past a different error was returned, but since the silent ignoring behaviour is codified in the man pages a more explicit error seems apt. While silently ignoring these bits would be the most compatible option, it could lead to users thinking their code sets these bits when it doesn't. Programs that need to deal with compatibility can mask the bits themselves. (#23, #25)

Fixed

  • If a directory has S_ISGID set, then all child directories will have S_ISGID set when created and a different gid will be used for any inode created under the directory. Previously, the "expected owner and mode" validation in securejoin.MkdirAll did not correctly handle this. We now correctly handle this case. (#24, #25)

[0.3.1] - 2024-07-23

Changed

  • By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

  • We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

    Technically this [will only work on post-2.6.39 kernels][linux-readlinkat-emptypath] but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

... (truncated)

Commits

Bumps the go-modules group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.33.1` | `1.34.2` |
| [github.com/paketo-buildpacks/occam](https://github.com/paketo-buildpacks/occam) | `0.18.7` | `0.18.8` |
| [dario.cat/mergo](https://github.com/imdario/mergo) | `1.0.0` | `1.0.1` |
| [github.com/DataDog/zstd](https://github.com/DataDog/zstd) | `1.5.5` | `1.5.6` |
| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.2.1` | `3.3.0` |
| [github.com/Masterminds/sprig/v3](https://github.com/Masterminds/sprig) | `3.2.3` | `3.3.0` |
| [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.12.4` | `0.12.7` |
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.9` | `1.4.0` |
| [github.com/containerd/errdefs](https://github.com/containerd/errdefs) | `0.1.0` | `0.3.0` |
| [github.com/cpuguy83/dockercfg](https://github.com/cpuguy83/dockercfg) | `0.3.1` | `0.3.2` |
| [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.2.5` | `0.3.3` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.9` | `1.17.10` |
| [github.com/mattn/go-runewidth](https://github.com/mattn/go-runewidth) | `0.0.15` | `0.0.16` |
| [github.com/moby/sys/sequential](https://github.com/moby/sys) | `0.5.0` | `0.6.0` |
| [github.com/skeema/knownhosts](https://github.com/skeema/knownhosts) | `1.2.2` | `1.3.0` |
| [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) | `2.17.0` | `2.19.1` |
| [github.com/tklauser/numcpus](https://github.com/tklauser/numcpus) | `0.8.0` | `0.9.0` |
| [github.com/vbatts/tar-split](https://github.com/vbatts/tar-split) | `0.11.5` | `0.11.6` |



Updates `github.com/onsi/gomega` from 1.33.1 to 1.34.2
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.33.1...v1.34.2)

Updates `github.com/paketo-buildpacks/occam` from 0.18.7 to 0.18.8
- [Release notes](https://github.com/paketo-buildpacks/occam/releases)
- [Commits](paketo-buildpacks/occam@v0.18.7...v0.18.8)

Updates `github.com/paketo-buildpacks/packit/v2` from 2.14.0 to 2.14.2
- [Release notes](https://github.com/paketo-buildpacks/packit/releases)
- [Commits](paketo-buildpacks/packit@v2.14.0...v2.14.2)

Updates `dario.cat/mergo` from 1.0.0 to 1.0.1
- [Release notes](https://github.com/imdario/mergo/releases)
- [Commits](darccio/mergo@v1.0.0...v1.0.1)

Updates `github.com/DataDog/zstd` from 1.5.5 to 1.5.6
- [Release notes](https://github.com/DataDog/zstd/releases)
- [Commits](DataDog/zstd@v1.5.5...v1.5.6)

Updates `github.com/Masterminds/semver/v3` from 3.2.1 to 3.3.0
- [Release notes](https://github.com/Masterminds/semver/releases)
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md)
- [Commits](Masterminds/semver@v3.2.1...v3.3.0)

Updates `github.com/Masterminds/sprig/v3` from 3.2.3 to 3.3.0
- [Release notes](https://github.com/Masterminds/sprig/releases)
- [Changelog](https://github.com/Masterminds/sprig/blob/master/CHANGELOG.md)
- [Commits](Masterminds/sprig@v3.2.3...v3.3.0)

Updates `github.com/Microsoft/hcsshim` from 0.12.4 to 0.12.7
- [Release notes](https://github.com/Microsoft/hcsshim/releases)
- [Commits](microsoft/hcsshim@v0.12.4...v0.12.7)

Updates `github.com/cloudflare/circl` from 1.3.9 to 1.4.0
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](cloudflare/circl@v1.3.9...v1.4.0)

Updates `github.com/containerd/errdefs` from 0.1.0 to 0.3.0
- [Release notes](https://github.com/containerd/errdefs/releases)
- [Commits](containerd/errdefs@v0.1.0...v0.3.0)

Updates `github.com/cpuguy83/dockercfg` from 0.3.1 to 0.3.2
- [Release notes](https://github.com/cpuguy83/dockercfg/releases)
- [Commits](cpuguy83/dockercfg@v0.3.1...v0.3.2)

Updates `github.com/cyphar/filepath-securejoin` from 0.2.5 to 0.3.3
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](cyphar/filepath-securejoin@v0.2.5...v0.3.3)

Updates `github.com/docker/cli` from 27.0.2+incompatible to 27.1.1+incompatible
- [Commits](docker/cli@v27.0.2...v27.1.1)

Updates `github.com/gabriel-vasile/mimetype` from 1.4.4 to 1.4.5
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](gabriel-vasile/mimetype@v1.4.4...v1.4.5)

Updates `github.com/google/go-containerregistry` from 0.19.2 to 0.20.2
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.19.2...v0.20.2)

Updates `github.com/klauspost/compress` from 1.17.9 to 1.17.10
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.9...v1.17.10)

Updates `github.com/mattn/go-runewidth` from 0.0.15 to 0.0.16
- [Commits](mattn/go-runewidth@v0.0.15...v0.0.16)

Updates `github.com/moby/sys/sequential` from 0.5.0 to 0.6.0
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](moby/sys@signal/v0.5.0...signal/v0.6.0)

Updates `github.com/skeema/knownhosts` from 1.2.2 to 1.3.0
- [Commits](skeema/knownhosts@v1.2.2...v1.3.0)

Updates `github.com/spf13/cast` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/spf13/cast/releases)
- [Commits](spf13/cast@v1.6.0...v1.7.0)

Updates `github.com/sylabs/sif/v2` from 2.17.0 to 2.19.1
- [Release notes](https://github.com/sylabs/sif/releases)
- [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml)
- [Commits](sylabs/sif@v2.17.0...v2.19.1)

Updates `github.com/tklauser/numcpus` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/tklauser/numcpus/releases)
- [Commits](tklauser/numcpus@v0.8.0...v0.9.0)

Updates `github.com/vbatts/tar-split` from 0.11.5 to 0.11.6
- [Release notes](https://github.com/vbatts/tar-split/releases)
- [Commits](vbatts/tar-split@v0.11.5...v0.11.6)

Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.52.0 to 0.53.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.52.0...zpages/v0.53.0)

Updates `go.opentelemetry.io/otel` from 1.27.0 to 1.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.27.0...v1.28.0)

Updates `go.opentelemetry.io/otel/metric` from 1.27.0 to 1.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.27.0...v1.28.0)

Updates `go.opentelemetry.io/otel/trace` from 1.27.0 to 1.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.27.0...v1.28.0)

Updates `golang.org/x/crypto` from 0.24.0 to 0.26.0
- [Commits](golang/crypto@v0.24.0...v0.26.0)

Updates `golang.org/x/exp` from 0.0.0-20231006140011-7918f672742d to 0.0.0-20240719175910-8a7402abbf56
- [Commits](https://github.com/golang/exp/commits)

Updates `golang.org/x/mod` from 0.18.0 to 0.19.0
- [Commits](golang/mod@v0.18.0...v0.19.0)

Updates `golang.org/x/net` from 0.26.0 to 0.28.0
- [Commits](golang/net@v0.26.0...v0.28.0)

Updates `golang.org/x/sync` from 0.7.0 to 0.8.0
- [Commits](golang/sync@v0.7.0...v0.8.0)

Updates `golang.org/x/sys` from 0.21.0 to 0.25.0
- [Commits](golang/sys@v0.21.0...v0.25.0)

Updates `golang.org/x/text` from 0.16.0 to 0.17.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/paketo-buildpacks/occam
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/paketo-buildpacks/packit/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: dario.cat/mergo
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/DataDog/zstd
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/Masterminds/semver/v3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/Masterminds/sprig/v3
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/Microsoft/hcsshim
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/cloudflare/circl
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/containerd/errdefs
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/cpuguy83/dockercfg
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/docker/cli
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/google/go-containerregistry
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/klauspost/compress
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/mattn/go-runewidth
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/moby/sys/sequential
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/skeema/knownhosts
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/spf13/cast
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/sylabs/sif/v2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/tklauser/numcpus
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/vbatts/tar-split
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: go.opentelemetry.io/otel
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: go.opentelemetry.io/otel/metric
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/exp
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: golang.org/x/mod
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/net
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/sync
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/sys
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: golang.org/x/text
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner October 8, 2024 23:08
@dependabot dependabot bot added failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow go Pull requests that update Go code labels Oct 8, 2024
@paketo-bot paketo-bot added the semver:patch A change requiring a patch version bump label Oct 8, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 9, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Oct 9, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-modules-8e0e24f89a branch October 9, 2024 23:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow go Pull requests that update Go code semver:patch A change requiring a patch version bump
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant