From 169737666f27726e2ab68e098813011fafe9a4a2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Nov 2024 10:03:26 +0100 Subject: [PATCH 1/3] Bump github.com/DataDog/go-sqllexer from 0.0.16 to 0.0.17 in /quesma (#992) Bumps [github.com/DataDog/go-sqllexer](https://github.com/DataDog/go-sqllexer) from 0.0.16 to 0.0.17.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/DataDog/go-sqllexer&package-manager=go_modules&previous-version=0.0.16&new-version=0.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- quesma/go.mod | 2 +- quesma/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/quesma/go.mod b/quesma/go.mod index 2fbe0ad4e..4c89cf103 100644 --- a/quesma/go.mod +++ b/quesma/go.mod @@ -5,7 +5,7 @@ go 1.23.2 require ( github.com/ClickHouse/clickhouse-go/v2 v2.30.0 github.com/DATA-DOG/go-sqlmock v1.5.2 - github.com/DataDog/go-sqllexer v0.0.16 + github.com/DataDog/go-sqllexer v0.0.17 github.com/barkimedes/go-deepcopy v0.0.0-20220514131651-17c30cfc62df github.com/coreos/go-semver v0.3.1 github.com/google/uuid v1.6.0 diff --git a/quesma/go.sum b/quesma/go.sum index 059600576..a4790f1ab 100644 --- a/quesma/go.sum +++ b/quesma/go.sum @@ -4,8 +4,8 @@ github.com/ClickHouse/clickhouse-go/v2 v2.30.0 h1:AG4D/hW39qa58+JHQIFOSnxyL46H6h github.com/ClickHouse/clickhouse-go/v2 v2.30.0/go.mod h1:i9ZQAojcayW3RsdCb3YR+n+wC2h65eJsZCscZ1Z1wyo= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= -github.com/DataDog/go-sqllexer v0.0.16 h1:RoSUMS6MECyB3gTUIdydzXwK5NhEhv6GMJkS7ptsgRA= -github.com/DataDog/go-sqllexer v0.0.16/go.mod h1:KwkYhpFEVIq+BfobkTC1vfqm4gTi65skV/DpDBXtexc= +github.com/DataDog/go-sqllexer v0.0.17 h1:u47fJAVg/+5DA74ZW3w0Qu+3qXHd3GtnA8ZBYixdPrM= +github.com/DataDog/go-sqllexer v0.0.17/go.mod h1:KwkYhpFEVIq+BfobkTC1vfqm4gTi65skV/DpDBXtexc= github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA= github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA= github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ= From c4765cb2217eeafd2342e98f48c499380080a9ba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Nov 2024 02:04:09 -0700 Subject: [PATCH 2/3] Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 in /quesma (#965) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.23.0 to 0.24.0.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/oauth2&package-manager=go_modules&previous-version=0.23.0&new-version=0.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- quesma/go.mod | 2 +- quesma/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/quesma/go.mod b/quesma/go.mod index 4c89cf103..b57caf598 100644 --- a/quesma/go.mod +++ b/quesma/go.mod @@ -26,7 +26,7 @@ require ( github.com/tidwall/sjson v1.2.5 github.com/ucarion/urlpath v0.0.0-20200424170820-7ccc79b76bbb golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 - golang.org/x/oauth2 v0.23.0 + golang.org/x/oauth2 v0.24.0 ) require ( diff --git a/quesma/go.sum b/quesma/go.sum index a4790f1ab..1e561b7c7 100644 --- a/quesma/go.sum +++ b/quesma/go.sum @@ -175,8 +175,8 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From 3551618e546eb1571dd002b052a8ceb7d3e7252a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Przemys=C5=82aw=20Hejman?= Date: Thu, 14 Nov 2024 10:33:11 +0100 Subject: [PATCH 3/3] Update NOTICE.MD (#993) There's been a change in Quesma dependencies Co-authored-by: Quesma[bot] --- NOTICE.MD | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/NOTICE.MD b/NOTICE.MD index 367a8662c..9825ba082 100644 --- a/NOTICE.MD +++ b/NOTICE.MD @@ -259,11 +259,11 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- #### Module : github.com/DataDog/go-sqllexer -Version : v0.0.16 -Time : 2024-10-08T13:04:06Z +Version : v0.0.17 +Time : 2024-11-12T11:59:15Z Licence : MIT -Contents of probable licence file $GOMODCACHE/github.com/!data!dog/go-sqllexer@v0.0.16/LICENSE: +Contents of probable licence file $GOMODCACHE/github.com/!data!dog/go-sqllexer@v0.0.17/LICENSE: MIT License @@ -2061,11 +2061,11 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- #### Module : golang.org/x/oauth2 -Version : v0.23.0 -Time : 2024-08-21T18:21:24Z +Version : v0.24.0 +Time : 2024-11-01T18:29:12Z Licence : BSD-3-Clause -Contents of probable licence file $GOMODCACHE/golang.org/x/oauth2@v0.23.0/LICENSE: +Contents of probable licence file $GOMODCACHE/golang.org/x/oauth2@v0.24.0/LICENSE: Copyright 2009 The Go Authors.