feat(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0

[dependabot]

Bumps github.com/spf13/viper from 1.16.0 to 1.17.0.

Release notes

Sourced from github.com/spf13/viper's releases.

v1.17.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

Minimum Go version: 1.19

Viper now requires Go 1.19

This change ensures we can stay up to date with modern practices and dependencies.

log/slog support [BREAKING]

Viper v1.11.0 added an experimental Logger interface to allow custom implementations (besides jwalterweatherman).

In addition, it also exposed an experimental WithLogger function allowing to set a custom logger.

This release deprecates that interface in favor of log/slog released in Go 1.21.

[!WARNING] WithLogger accepts an *slog.Logger from now on.

To preserve backwards compatibility with older Go versions, prior to Go 1.21 Viper accepts a *golang.org/x/exp/slog.Logger.

The experimental flag is removed.

New finder implementation [BREAKING]

As of this release, Viper uses a new library to look for files, called locafero.

The new library is better covered by tests and has been built from scratch as a general purpose file finder library.

The implementation is experimental and is hidden behind a finder build tag.

[!WARNING] The io/fs based implementation (that used to be hidden behind a finder build tag) has been removed.

What's Changed

Exciting New Features 🎉

• Add NATS support by @​hooksie1 in spf13/viper#1590
• Add slog support by @​sagikazarmark in spf13/viper#1627

Enhancements 🚀

• chore: add local development environment using nix by @​sagikazarmark in spf13/viper#1572
• feat: add func GetEnvPrefix by @​baruchiro in spf13/viper#1565
• Improve dev env by @​sagikazarmark in spf13/viper#1575
• fix: code optimization by @​testwill in spf13/viper#1557
• test: remove not needed testutil.Setenv by @​alexandear in spf13/viper#1610
• new finder library based on afero by @​sagikazarmark in spf13/viper#1625

... (truncated)

Commits

• f62f86a refactor: make use of strings.Cut
• 94632fa chore: Use pip3 explicitly to install yamllint
• 3f6cadc chore: Fix copy-paste error for yamllint target
• 287507c docs: add set subset KV example
• f1cb226 chore(deps): update crypt
• c292b55 test: refactor asserts
• 3d006fe refactor: replace interface{} with any
• 8a6dc5d build(deps): bump github/codeql-action from 2.21.8 to 2.21.9
• 96c5c00 chore: remove deprecated build tags
• 44911d2 build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[codecov]

Codecov Report

Merging #305 (0ad414b) into main (34f3ea8) will not change coverage.
Report is 2 commits behind head on main.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #305   +/-   ##
=======================================
  Coverage   20.95%   20.95%           
=======================================
  Files           7        7           
  Lines         730      730           
=======================================
  Hits          153      153           
  Misses        575      575           
  Partials        2        2           

Flag	Coverage Δ
unittests	20.95% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[guardrails]

⚠️ We detected 1 security issue in this pull request:

Vulnerable Libraries (1)

Severity	Details
N/A	pkg:golang/github.com/spf13/viper@v1.16.0 - no patch available

More info on how to fix Vulnerable Libraries in Go.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.