Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the all group across 1 directory with 25 updates #1201

Merged
merged 1 commit into from
Sep 17, 2024
Merged

Bump the all group across 1 directory with 25 updates #1201

merged 1 commit into from
Sep 17, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 13, 2024
edited
Loading

Bumps the all group with 10 updates in the / directory:

Package From To
cloud.google.com/go/compute/metadata 0.3.0 0.5.1
cloud.google.com/go/storage 1.40.0 1.43.0
github.com/golangci/golangci-lint 1.57.2 1.61.0
github.com/google/go-containerregistry 0.19.1 0.20.2
github.com/in-toto/attestation 1.0.1 1.1.0
github.com/sigstore/cosign/v2 2.2.4 2.4.0
github.com/tektoncd/pipeline 0.58.0 0.63.0
gocloud.dev 0.37.0 0.39.0
gocloud.dev/docstore/mongodocstore 0.37.1-0.20240501181211-d8b9c9401f18 0.39.0
gocloud.dev/pubsub/kafkapubsub 0.37.0 0.39.0

Updates cloud.google.com/go/compute/metadata from 0.3.0 to 0.5.1

Release notes

Sourced from cloud.google.com/go/compute/metadata's releases.

visionai: v0.4.1

0.4.1 (2024-09-12)

Bug Fixes

  • visionai: Bump dependencies (2ddeb15)

grafeas: v0.3.11

0.3.11 (2024-09-12)

Bug Fixes

  • grafeas: Bump dependencies (2ddeb15)

policysimulator: v0.3.1

0.3.1 (2024-09-12)

Bug Fixes

  • policysimulator: Bump dependencies (2ddeb15)
Changelog

Sourced from cloud.google.com/go/compute/metadata's changelog.

Changes

0.115.1 (2024-08-13)

Bug Fixes

  • cloud.google.com/go: Bump google.golang.org/grpc@v1.64.1 (8ecc4e9)

0.115.0 (2024-06-12)

Features

Bug Fixes

  • internal/postprocessor: Use approved image tag (#10341) (a388fe5)

0.114.0 (2024-05-23)

Features

  • civil: Add Compare method to Date, Time, and DateTime (#10193) (c2920d7)

Bug Fixes

  • internal/postprocessor: Add scopes to all appropriate commit lines (#10192) (c21399b)

0.113.0 (2024-05-08)

Features

  • civil: Add Compare method to Date, Time, and DateTime (#10010) (34455c1)

Bug Fixes

  • all: Bump x/net to v0.24.0 (#10000) (ba31ed5)
  • debugger: Add internaloption.WithDefaultEndpointTemplate (3b41408)
  • internal/aliasfix: Handle import paths correctly (#10097) (fafaf0d)
  • rpcreplay: Properly unmarshal dynamic message (#9774) (53ccb20), refs #9773

Documentation

... (truncated)

Commits
  • e992f09 chore: release main (#10792)
  • 22adc9a chore(main): release firestore 1.17.0 (#10597)
  • e9a551e feat(firestore): Adding distance threshold and result field (#10802)
  • 839f30e chore(main): release auth 0.9.4 (#10846)
  • b9dfce5 chore: update gapic-generator-go to 0.47.0 (#10848)
  • 9b4b2fa docs(pubsub): update documentation for 31 day subscription message retention ...
  • 2bdedef fix(compute/metadata): check error chain for retryable error (#10840)
  • 2d5a9f9 feat(dataproc): add support for new Dataproc features (#10817)
  • f9869f7 fix(auth): enable self-signed JWT for non-GDU universe domain (#10831)
  • 6720291 chore(main): release bigtable 1.32.0 (#10815)
  • Additional commits viewable in compare view

Updates cloud.google.com/go/storage from 1.40.0 to 1.43.0

Commits
  • 58df9c3 chore(main): release pubsub 1.43.0 (#10714)
  • 6685397 chore(.github): pin golang.org/x/mod and golang.org/x/tools in renovate (#10835)
  • f0958b0 chore(all): update deps (#10834)
  • ce82b22 vertexai(test): add corpora_test in tokenizer module (#10784)
  • 8d008de feat(bigtable): add "TypeUnspecified" to represent an unspecified type (#10820)
  • caa826c feat(pubsub): allow trace extraction from protobuf message (#10827)
  • 48addbf fix(pubsub): add attributes before startSpan (#10800)
  • 79a0e11 fix(pubsub): close grpc streams on retry (#10624)
  • 02b2d12 feat(bigtable): Add client side metrics to feature flag (#10678)
  • 0d732cc fix(datastore): do not delay on final transaction attempt (#10824)
  • Additional commits viewable in compare view

Updates github.com/golangci/golangci-lint from 1.57.2 to 1.61.0

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.61.0

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • e9a872629d4feda79d2fff23ddc1f410faff163e build(deps): bump github.com/Abirdcfly/dupword from 0.0.14 to 0.1.1 (#4954)
  • 2813c451edd6b75098372dbb269ffed8df3a4ec6 build(deps): bump github.com/Crocmagnon/fatcontext from 0.4.0 to 0.5.2 (#4971)
  • 48251f274a1e09fae524271662a30a47f4ddb242 build(deps): bump github.com/ckaznocha/intrange from 0.1.2 to 0.2.0 (#4996)
  • 726b8153cac6c04238264b189f5b05ec059f9330 build(deps): bump github.com/daixiang0/gci from 0.13.4 to 0.13.5 (#4975)
  • 2fcfe26fdb368ae0930bac909a0573277a6d2226 build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0 to 2.1.0 (#4910)
  • 5fa1b681e4518b09be4ebdbe635e044cf729b8a1 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.2 to 2.2.3 (#4955)
  • a6fc686d733f339619b02de65ef4c782848eaff0 build(deps): bump github.com/quasilyte/go-ruleguard to 0fe6f58b47b1 (#4949)
  • 57fa4dad326cd24b71fccd3fb9b8fc8a2788c994 build(deps): bump github.com/ryancurrah/gomodguard from 1.3.3 to 1.3.5 (#4992)
  • 6e5dc28f52b76181f5c4f5c7d37dab20e09f59d1 build(deps): bump github.com/securego/gosec/v2 from 2.20.1-0.20240826145712-bcec04e78483 to 2.21.0 (#4981)
  • dd069d5578f3fb9eb298e5d397697c368a0e85f7 build(deps): bump github.com/securego/gosec/v2 from 2.21.0 to 2.21.1 (#4982)
  • a1d6c560de1a193a0c68ffed68cd5928ef39e884 build(deps): bump github.com/securego/gosec/v2 from 2.21.1 to 2.21.2 (#4997)
  • 98b685cc0d3dcc956eb30bd7557c4c2ecf369f54 build(deps): bump github.com/securego/gosec/v2 from ab3f6c1c83a0 to bcec04e78483 (#4960)
  • bfc52476dd7b0b5111bcc17f7e2c103cfc0a15e0 build(deps): bump github.com/tetafro/godot from 1.4.16 to 1.4.17 (#4993)
  • 04c19e6f4f8b04dae083c2923457bc911303d177 build(deps): bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 in /scripts/gen_github_action_config in the all group (#4977)
  • e905c7a3e260abe5b984e532925dfa30ffe60a5b build(deps): bump peter-evans/create-pull-request from 6 to 7 in the all group (#4978)
  • 2881c7178b62e75ac33df7747c40fabc75c62e2b build(deps): bump the all group across 4 directories with 8 updates (#4979)
  • 0275389a64bd88fd37eb5f46993a8523ce4bf2f0 feat: add junit-xml-extended format (#4918)
  • a6bd868cf0c575d7a7e6d87007cd510394c30d86 feat: exclude Swagger Codegen files (#4967)
  • 54d089d1064eb700aafade61cdb00e452fdbf5da fix: improve runtime version parsing (#4961)
  • bf4a66a07d618628f6a26609404cb5c608e99ff8 gosec: disable G407 (#4983)
  • 3797ed90c38b8471c54f003ab9ac72492c1143ec nolintlint: remove empty line in unused directive replacement (#4973)

v1.60.3

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • c2e095c022a97360f7fff5d49fbc11f273be929a build(deps): bump github.com/securego/gosec/v2 from 81cda2f91fbe to ab3f6c1c83a0 (#4943)
  • f0c190436343e51e6b4dc98a368cf7bae0e5f33a feat: check that Go version use to build is greater or equals to the Go version of the project (#4938)

v1.60.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

... (truncated)

Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.61.0

  1. Enhancements
    • Add junit-xml-extended format
    • Exclude Swagger Codegen files by default
  2. Updated linters
    • dupword: from 0.0.14 to 0.1.1
    • fatcontext: from 0.4.0 to 0.5.2
    • gci: from 0.13.4 to 0.13.5 (new option no-lex-order)
    • go-ruleguard: from 0.4.2 to 0fe6f58b47b1 (fix panic with custom linters)
    • godot: from 1.4.16 to 1.4.17
    • gomodguard: from 1.3.3 to 1.3.5
    • gosec: disable temporarily G407
    • gosec: from ab3f6c1c83a0 to 2.21.2 (partially fix G115)
    • intrange: from 0.1.2 to 0.2.0
    • nolintlint: remove the empty line in the directive replacement
  3. Misc.
    • Improve runtime version parsing
  4. Documentation
    • Add additional info about typecheck

v1.60.3

  1. Updated linters
    • gosec: from 81cda2f91fbe to ab3f6c1c83a0 (fix G115 false positives)
  2. Misc.
    • Check that the Go version use to build is greater or equals to the Go version of the project

v1.60.2

  1. Updated linters
  • gofmt: update to HEAD (go1.22)
  • gofumpt: from 0.6.0 to 0.7.0
  • gosec: fix G602 analyzer
  • gosec: from 5f0084eb01a9 to 81cda2f91fbe (adds G115, G405, G406, G506, G507)
  • staticcheck: from 0.5.0 to 0.5.1
  • staticcheck: propagate Go version
  • wrapcheck: from 2.8.3 to 2.9.0
  • ⚠️ exportloopref: deprecation

v1.60.1

  1. Updated linters
    • errorlint: from 1.5.2 to 1.6.0
    • exhaustruct: from 3.2.0 to 3.3.0 (recognize custom error values in return)
    • fatcontext: from 0.2.2 to 0.4.0 (fix false positives for context stored in structs)
    • gocognit: from 1.1.2 to 1.1.3
    • gomodguard: from 1.3.2 to 1.3.3
    • govet (printf): report non-constant format, no args
    • lll: advertise max line length instead of just reporting failure

... (truncated)

Commits
  • a1d6c56 build(deps): bump github.com/securego/gosec/v2 from 2.21.1 to 2.21.2 (#4997)
  • 48251f2 build(deps): bump github.com/ckaznocha/intrange from 0.1.2 to 0.2.0 (#4996)
  • bfc5247 build(deps): bump github.com/tetafro/godot from 1.4.16 to 1.4.17 (#4993)
  • 57fa4da build(deps): bump github.com/ryancurrah/gomodguard from 1.3.3 to 1.3.5 (#4992)
  • d302a30 dev: fix nancy
  • 24e6645 docs: add additionnal info about typecheck (#4985)
  • bf4a66a gosec: disable G407 (#4983)
  • dd069d5 build(deps): bump github.com/securego/gosec/v2 from 2.21.0 to 2.21.1 (#4982)
  • 2813c45 build(deps): bump github.com/Crocmagnon/fatcontext from 0.4.0 to 0.5.2 (#4971)
  • e9a8726 build(deps): bump github.com/Abirdcfly/dupword from 0.0.14 to 0.1.1 (#4954)
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.19.1 to 0.20.2

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.2

What's Changed

Full Changelog: google/go-containerregistry@v0.20.1...v0.20.2

v0.20.1

What's Changed

Full Changelog: google/go-containerregistry@v0.20.0...v0.20.1

v0.20.0

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.19.2...v0.20.0

v0.19.2

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.19.1...v0.19.2

Commits

Updates github.com/in-toto/attestation from 1.0.1 to 1.1.0

Release notes

Sourced from github.com/in-toto/attestation's releases.

v1.1.0

The v1.1.0 minor release generalizes the semantics of the DigestSet field type to support any type of immutable identifier. This change is backwards compatible because cryptographic digests are strongly recommended to achieve immutability, so any implementations that only support cryptographic DigestSet still meet the modified semantics. The _type of a Statement is still https://in-toto.io/Statement/v1

More details in the updated DigestSet spec

v1.0.2

This patch release includes a new predicate type, updates to the predicate vetting process, and more thorough DigestSet validation in Go.

Go, Python and Java APIs are not considered stable before v1.1.

What's Changed

New Contributors

Full Changelog: in-toto/attestation@v1.0.1...v1.0.2

Commits
  • 36c1129 Merge pull request #359 from marcelamelara/update-versioning
  • a62b90a Make linter happy
  • 4adf92e Add examples of different tagged release scenarios
  • c1af60d Add tagged release process to spec
  • b382eb5 Update link in README to 1.1 (#357)
  • bbbfea7 Merge pull request #358 from in-toto/actions-regenerate-attestation-libraries
  • 241d47f Regenerate attestation libraries
  • d6e910a Merge pull request #356 from in-toto/dependabot/go_modules/google.golang.org/...
  • a8fc604 Bump google.golang.org/protobuf from 1.34.0 to 1.34.1
  • 06eafe3 Clarify that digests don't have to be cryptographic ones. (#338)
  • Additional commits viewable in compare view

Updates github.com/sigstore/cosign/v2 from 2.2.4 to 2.4.0

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.4.0 begins the modernization of the Cosign client, which includes:

  • Support for the newer Sigstore specification-compliant bundle format
  • Support for providing trust roots (e.g. Fulcio certificates, Rekor keys) through a trust root file, instead of many different flags
  • Conformance test suite integration to verify signing and verification behavior

In future updates, we'll include:

  • General support for the trust root file, instead of only when using the bundle format during verification
  • Simplification of trust root flags and deprecation of the Cosign-specific bundle format
  • Bundle support with container signing

We have also moved nightly Cosign container builds to GHCR instead of GCR.

Features

  • Add new bundle support to verify-blob and verify-blob-attestation (#3796)
  • Adding protobuf bundle support to sign-blob and attest-blob (#3752)
  • Bump sigstore/sigstore to support email_verified as string or boolean (#3819)
  • Conformance testing for cosign (#3806)
  • move incremental builds per commit to GHCR instead of GCR (#3808)
  • Add support for recording creation timestamp for cosign attest (#3797)
  • Include SCT verification failure details in error message (#3799)

Contributors

  • Bob Callaway
  • Hayden B
  • Slavek Kabrda
  • Zach Steindler
  • Zsolt Horvath

Full Changelog: sigstore/cosign@v2.3.0...v2.4.0

v2.3.0

Features

  • Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693)
  • add registry options to cosign save (#3645)
  • Add debug providers command. (#3728)
  • Make config layers in ociremote mountable (#3741)
  • upgrade to go1.22 (#3739)
  • adds tsa cert chain check for env var or tuf targets. (#3600)
  • add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464)
  • add handling of keyless verification for all verify commands (#3761)

... (truncated)

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.4.0

v2.4.0 begins the modernization of the Cosign client, which includes:

  • Support for the newer Sigstore specification-compliant bundle format
  • Support for providing trust roots (e.g. Fulcio certificates, Rekor keys) through a trust root file, instead of many different flags
  • Conformance test suite integration to verify signing and verification behavior

In future updates, we'll include:

  • General support for the trust root file, instead of only when using the bundle format during verification
  • Simplification of trust root flags and deprecation of the Cosign-specific bundle format
  • Bundle support with container signing

We have also moved nightly Cosign container builds to GHCR instead of GCR.

Features

  • Add new bundle support to verify-blob and verify-blob-attestation (#3796)
  • Adding protobuf bundle support to sign-blob and attest-blob (#3752)
  • Bump sigstore/sigstore to support email_verified as string or boolean (#3819)
  • Conformance testing for cosign (#3806)
  • move incremental builds per commit to GHCR instead of GCR (#3808)
  • Add support for recording creation timestamp for cosign attest (#3797)
  • Include SCT verification failure details in error message (#3799)

Contributors

  • Bob Callaway
  • Hayden B
  • Slavek Kabrda
  • Zach Steindler
  • Zsolt Horvath

v2.3.0

Features

  • Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693)
  • add registry options to cosign save (#3645)
  • Add debug providers command. (#3728)
  • Make config layers in ociremote mountable (#3741)
  • upgrade to go1.22 (#3739)
  • adds tsa cert chain check for env var or tuf targets. (#3600)
  • add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464)
  • add handling of keyless verification for all verify commands (#3761)

... (truncated)

Commits
  • b5e7dc1 Add login for GHCR (#3820)
  • c346825 Bump sigstore/sigstore (#3819)
  • fd0368a Conformance testing for cosign (#3806)
  • 2387b50 chore(deps): bump google.golang.org/api from 0.189.0 to 0.190.0 (#3815)
  • be43902 move incremental builds per commit to GHCR instead of GCR (#3808)
  • d0492cf chore(deps): bump github.com/buildkite/agent/v3 from 3.75.1 to 3.76.2 (#3813)
  • e3a3914 chore(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0 (#3814)
  • 7bac5e9 tidy up validate release script (#3817)
  • 983a368 chore(deps): bump go.step.sm/crypto from 0.50.0 to 0.51.1 (#3812)
  • 71a4952 chore(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#3811)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore from 1.8.3 to 1.8.8

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.8

What's Changed

Full Changelog: sigstore/sigstore@v1.8.7...v1.8.8

v1.8.7

Dependencies updates only

What's Changed

Full Changelog: sigstore/sigstore@v1.8.6...v1.8.7

v1.8.6

What's Changed

New Contributors

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

... (truncated)

Commits
  • 7053232 build(deps): Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#1796)
  • dd948da build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1797)
  • 7cc4a3e build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp
  • 9584c8e build(deps): Bump dexidp/dex in /test/e2e in the all group
  • 5b69695 build(deps): Bump github.com/aws/aws-sdk-go
  • 54745c6 build(deps): Bump the all group with 2 updates
  • 0a54fea Support email_verified as a String (#1794)
  • 89b9585 Fixes issue in Device access token request (#1752)
  • 562745e build(deps): Bump localstack/localstack in /test/e2e in the all group
  • 516ef6e build(deps): Bump github.com/aws/aws-sdk-go in /pkg/signature/kms/aws
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.3 to 1.8.8

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.

v1.8.8

What's Changed

Full Changelog: sigstore/sigstore@v1.8.7...v1.8.8

v1.8.7

Dependencies updates only

What's Changed

Full Changelog: sigstore/sigstore@v1.8.6...v1.8.7

v1.8.6

What's Changed

New Contributors

Full Changelog: sigstore/sigstore@v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

... (truncated)

Commits
  • 7053232 build(deps): Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#1796)
  • dd948da build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1797)
  • 7cc4a3e build(deps): Bump golang.org/x/oauth2 in /pkg/signature/kms/gcp
  • 9584c8e build(deps): Bump dexidp/dex in /test/e2e in the all group
  • 5b69695 build(deps): Bump github.com/aws/aws-sdk-go

@dependabot dependabot bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Sep 13, 2024
@dependabot dependabot bot mentioned this pull request Sep 13, 2024
Closed
@tekton-robot
Copy link

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign priyawadhwa after the PR has been reviewed.
You can assign the PR to them by writing /assign @priyawadhwa in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Sep 13, 2024
@dependabot dependabot bot force-pushed the dependabot/go_modules/all-c5df7f27bb branch from d985c61 to e82bbb2 Compare September 17, 2024 14:24
@lcarva
Copy link
Contributor

lcarva commented Sep 17, 2024

@dependabot rebase

@dependabot
Bump the all group across 1 directory with 25 updates
4176b05 
Bumps the all group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) | `0.3.0` | `0.5.1` |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.40.0` | `1.43.0` |
| [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) | `1.57.2` | `1.61.0` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.19.1` | `0.20.2` |
| [github.com/in-toto/attestation](https://github.com/in-toto/attestation) | `1.0.1` | `1.1.0` |
| [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.2.4` | `2.4.0` |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.58.0` | `0.63.0` |
| [gocloud.dev](https://github.com/google/go-cloud) | `0.37.0` | `0.39.0` |
| [gocloud.dev/docstore/mongodocstore](https://github.com/google/go-cloud) | `0.37.1-0.20240501181211-d8b9c9401f18` | `0.39.0` |
| [gocloud.dev/pubsub/kafkapubsub](https://github.com/google/go-cloud) | `0.37.0` | `0.39.0` |



Updates `cloud.google.com/go/compute/metadata` from 0.3.0 to 0.5.1
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@v0.3.0...apps/v0.5.1)

Updates `cloud.google.com/go/storage` from 1.40.0 to 1.43.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@pubsub/v1.40.0...pubsub/v1.43.0)

Updates `github.com/golangci/golangci-lint` from 1.57.2 to 1.61.0
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.57.2...v1.61.0)

Updates `github.com/google/go-containerregistry` from 0.19.1 to 0.20.2
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.19.1...v0.20.2)

Updates `github.com/in-toto/attestation` from 1.0.1 to 1.1.0
- [Release notes](https://github.com/in-toto/attestation/releases)
- [Commits](in-toto/attestation@v1.0.1...v1.1.0)

Updates `github.com/sigstore/cosign/v2` from 2.2.4 to 2.4.0
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v2.2.4...v2.4.0)

Updates `github.com/sigstore/sigstore` from 1.8.3 to 1.8.8
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.3...v1.8.8)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.3 to 1.8.8
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.3...v1.8.8)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.3 to 1.8.8
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.3...v1.8.8)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.3 to 1.8.8
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.3...v1.8.8)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.3 to 1.8.8
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.3...v1.8.8)

Updates `github.com/spiffe/go-spiffe/v2` from 2.2.0 to 2.3.0
- [Release notes](https://github.com/spiffe/go-spiffe/releases)
- [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md)
- [Commits](spiffe/go-spiffe@v2.2.0...v2.3.0)

Updates `github.com/tektoncd/pipeline` from 0.58.0 to 0.63.0
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v0.58.0...v0.63.0)

Updates `gocloud.dev` from 0.37.0 to 0.39.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](google/go-cloud@v0.37.0...v0.39.0)

Updates `gocloud.dev/docstore/mongodocstore` from 0.37.1-0.20240501181211-d8b9c9401f18 to 0.39.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](https://github.com/google/go-cloud/commits/v0.39.0)

Updates `gocloud.dev/pubsub/kafkapubsub` from 0.37.0 to 0.39.0
- [Release notes](https://github.com/google/go-cloud/releases)
- [Commits](google/go-cloud@v0.37.0...v0.39.0)

Updates `golang.org/x/crypto` from 0.22.0 to 0.27.0
- [Commits](golang/crypto@v0.22.0...v0.27.0)

Updates `golang.org/x/exp` from 0.0.0-20240103183307-be819d1f06fc to 0.0.0-20240904232852-e7e105dedf7e
- [Commits](https://github.com/golang/exp/commits)

Updates `google.golang.org/grpc` from 1.63.2 to 1.66.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.63.2...v1.66.0)

Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.2

Updates `k8s.io/api` from 0.28.3 to 0.29.6
- [Commits](kubernetes/api@v0.28.3...v0.29.6)

Updates `k8s.io/apimachinery` from 0.29.0 to 0.29.7
- [Commits](kubernetes/apimachinery@v0.29.0...v0.29.7)

Updates `k8s.io/client-go` from 0.28.3 to 0.29.6
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.3...v0.29.6)

Updates `k8s.io/code-generator` from 0.26.5 to 0.29.7
- [Commits](kubernetes/code-generator@v0.26.5...v0.29.7)

Updates `knative.dev/pkg` from 0.0.0-20231023150739-56bfe0dd9626 to 0.0.0-20240416145024-0f34a8815650
- [Commits](https://github.com/knative/pkg/commits)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/compute/metadata
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/in-toto/attestation
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/cosign/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/spiffe/go-spiffe/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/tektoncd/pipeline
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gocloud.dev
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gocloud.dev/docstore/mongodocstore
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gocloud.dev/pubsub/kafkapubsub
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/exp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/code-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: knative.dev/pkg
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/all-c5df7f27bb branch from e82bbb2 to 4176b05 Compare September 17, 2024 15:19
@tekton-robot
Copy link

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-tekton-chains-unit-tests 4176b05 link true /test pull-tekton-chains-unit-tests
pull-tekton-chains-integration-tests 4176b05 link true /test pull-tekton-chains-integration-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@lcarva
Copy link
Contributor

lcarva commented Sep 17, 2024
edited
Loading

This now needs a go update.

go: github.com/sigstore/cosign/v2 in vendor/modules.txt requires go >= 1.22.5 (running go 1.22.1)

cc @PuneetPunamiya

@PuneetPunamiya
Copy link
Member

This now needs a go update.

go: github.com/sigstore/cosign/v2 in vendor/modules.txt requires go >= 1.22.5 (running go 1.22.1)

cc @PuneetPunamiya

Raising a patch for that 👍🏻

@lcarva lcarva merged commit 4176b05 into main Sep 17, 2024
13 of 17 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/all-c5df7f27bb branch September 17, 2024 18:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chitrangpatel chitrangpatel Awaiting requested review from chitrangpatel

@lcarva lcarva Awaiting requested review from lcarva

@wlynch wlynch Awaiting requested review from wlynch

Assignees
No one assigned
Labels
dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tekton-robot @lcarva @PuneetPunamiya