Bump the all group across 1 directory with 8 updates #2301

dependabot · 2025-02-05T17:36:07Z

Bumps the all group with 8 updates in the / directory:

Package	From	To
cuelang.org/go	`0.11.1`	`0.12.0`
github.com/enterprise-contract/enterprise-contract-controller/api	`0.1.71`	`0.1.75`
github.com/evanphx/json-patch	`5.9.0+incompatible`	`5.9.11+incompatible`
github.com/gkampitakis/go-snaps	`0.5.7`	`0.5.9`
github.com/open-policy-agent/opa	`0.70.0`	`1.1.0`
github.com/spf13/afero	`1.11.0`	`1.12.0`
github.com/spf13/pflag	`1.0.5`	`1.0.6`
golang.org/x/sync	`0.10.0`	`0.11.0`

Updates cuelang.org/go from 0.11.1 to 0.12.0

Updates github.com/enterprise-contract/enterprise-contract-controller/api from 0.1.71 to 0.1.75

Release notes

Sourced from github.com/enterprise-contract/enterprise-contract-controller/api's releases.

API Release api/v0.1.75

What's Changed

Mention the new project name in documentation by @simonbaird in enterprise-contract/enterprise-contract-controller#466

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.74...api/v0.1.75

API Release api/v0.1.74

What's Changed

Add additional trigger for new website rebuild by @simonbaird in enterprise-contract/enterprise-contract-controller#465

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.73...api/v0.1.74

API Release api/v0.1.73

What's Changed

Bump step-security/harden-runner from 2.10.2 to 2.10.4 by @dependabot in enterprise-contract/enterprise-contract-controller#463

Bump softprops/action-gh-release from 2.2.0 to 2.2.1 by @dependabot in enterprise-contract/enterprise-contract-controller#460

Bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in enterprise-contract/enterprise-contract-controller#459

Bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in enterprise-contract/enterprise-contract-controller#457

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.72...api/v0.1.73

API Release api/v0.1.72

What's Changed

Bump codecov/codecov-action from 5.1.1 to 5.1.2 by @dependabot in enterprise-contract/enterprise-contract-controller#454

Bump actions/upload-artifact from 4.4.3 to 4.5.0 by @dependabot in enterprise-contract/enterprise-contract-controller#453

Bump github/codeql-action from 3.27.9 to 3.28.0 by @dependabot in enterprise-contract/enterprise-contract-controller#452

Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 by @dependabot in enterprise-contract/enterprise-contract-controller#455

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.71...api/v0.1.72

Commits

2e0a33e Merge pull request #466 from simonbaird/conforma-rename
6db46bc Mention the new project name in documentation
fa2fc55 Merge pull request #465 from simonbaird/trigger-new-website-update
16f4f32 Merge pull request #457 from enterprise-contract/dependabot/github_actions/gi...
5dcfc29 Merge pull request #459 from enterprise-contract/dependabot/github_actions/ac...
ad7c747 Merge pull request #460 from enterprise-contract/dependabot/github_actions/so...
1d4b226 Merge pull request #463 from enterprise-contract/dependabot/github_actions/st...
eacc220 Add additional trigger for new website rebuild
687a01b Bump step-security/harden-runner from 2.10.2 to 2.10.4
7f85742 Bump softprops/action-gh-release from 2.2.0 to 2.2.1
Additional commits viewable in compare view

Updates github.com/evanphx/json-patch from 5.9.0+incompatible to 5.9.11+incompatible

Release notes

Sourced from github.com/evanphx/json-patch's releases.

v5.9.11

What's Changed

Export errBadJSONDoc and errBadJSONPatch errors by @skitt in evanphx/json-patch#209

Full Changelog: evanphx/json-patch@v5.9.10...v5.9.11

v5.9.10

What's Changed

Drop the reference to gopkg.in for v5 by @skitt in evanphx/json-patch#203

remove unmaintained errors pkg(github.com/pkg/errors) by @koba1t in evanphx/json-patch#206

New Contributors

@skitt made their first contribution in evanphx/json-patch#203

@koba1t made their first contribution in evanphx/json-patch#206

Full Changelog: evanphx/json-patch@v5.9.0...v5.9.10

Commits

84a4bb1 Merge pull request #209 from skitt/export-errs-v5
7a7a88a Export errBadJSONDoc and errBadJSONPatch errors
bd18525 Upgrade go-flags
42f26cb Fix spacing
0a3482b Merge pull request #206 from koba1t/remove_unmaintained_error_pkg
106306d remove unmaintained errors pkg
e7cfbbb Merge pull request #203 from skitt/drop-gopkgin-v5
61e1ad7 Drop the reference to gopkg.in for v5
See full diff in compare view

Updates github.com/gkampitakis/go-snaps from 0.5.7 to 0.5.9

Release notes

Sourced from github.com/gkampitakis/go-snaps's releases.

v0.5.9

What's Changed

fix: snaps.Update should apply and on snapshot create by @gkampitakis in gkampitakis/go-snaps#119

Full Changelog: gkampitakis/go-snaps@v0.5.8...v0.5.9

Kudos to @orloffv for this issue gkampitakis/go-snaps#116

v0.5.8

What's Changed

feat: implement matchYAML by @gkampitakis in gkampitakis/go-snaps#114

feat: implement matchStandaloneJSON by @gkampitakis in gkampitakis/go-snaps#113

Full Changelog: gkampitakis/go-snaps@v0.5.7...v0.5.8

Commits

00f3055 fix: snaps.Update should apply and on snapshot create (#119)
560fde0 feat: implement matchStandaloneJSON (#113)
f81115d feat: implement matchYAML (#114)
See full diff in compare view

Updates github.com/open-policy-agent/opa from 0.70.0 to 1.1.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.1.0

This release contains a mix of features, performance improvements, and bugfixes.

Performance Improvements

ast: Remove jsonOptions from AST nodes and terms (#7281) authored by @anderseknert

ast+plugins: Optimize activation of bundles with no inter-bundle path overlap (#7144) authored and reported by @sqyang94

bundle: Optimizing rego-version management in bundle activation (#7296) authored by @johanfylling

cmd: Don't generate JSON from result in opa bench (#7291) authored by @anderseknert

topdown: Adding configurable token cache to io.jwt token verification built-ins (#7274) authored by @johanfylling

topdown: Reduce allocations in hot path (#7288) authored by @anderseknert

perf: Improvements to terms and built-in functions (#7284) authored by @anderseknert

perf: add Regorus ACI benchmark tests (#7298) authored by @anderseknert

plugins: Don't use reflect.DeepEqual for errors (#7238) authored by @anderseknert

testing: replace reflect.DeepEqual where possible (#7286) authored by @anderseknert

Topdown and Rego

topdown: Fix out of range error in numbers.range built-in (#7269) authored by @anderseknert

topdown+rego+server: Allow opt-in for evaluating non-det builtins in PE (#6496) authored by @srenatus

Runtime, Tooling, SDK

bundle: Add info about the correct rego version to parse modules on the store (#7278) co-authored by @ashutosh-narkar and @johanfylling

bundle+plugins: Fixing issue where bundle plugin could panic on reconfiguration (SDK use) (#7297) authored by @johanfylling reported by @carabasdaniel

cmd: Fix printed representation of ref head rules in opa repl (#7301) authored by @anderseknert reported by @tsandall

cmd: Respect --v0-compatible for opa eval partial eval support modules (#7251) authored by @johanfylling

golangci: fix invalid linter-settings configuration name (#7244) authored by @Juneezee

plugins/logs: Add support for masking with array keys (#6883) authored by @charlieegan3

tester: code nitpicks (#7252) authored by @srenatus

util: Add util.Keys and util.KeysSorted (#7285) authored by @anderseknert

Docs, Website, Ecosystem

docs: Update docker compose file in HTTP API tutorial and use addr for binding (#7264) authored and reported by @zanliffick

docs: Make 'ancient' warnings closable (#7253) authored by @srenatus reported by @konradzagozda

docs: Redirect opa-1 to v0-upgrade (#7259) authored by @charlieegan3

docs: Use preformatted strings in fmt help (#7263) authored by @charlieegan3

docs: Fix typo in k8s primer (#7242) authored by @vicentinileonardo

docs: Formatting and wording fixes (#7268) authored by @kamilturek

docs: Update output document of Envoy plugin. (#7241) authored by @regeda

Miscellaneous

ci(nightly): Remove vendor w/o modproxy check (#7292) authored by @srenatus

Dependency updates; notably:

build(go): bump to 1.23.5 (7279) authored by @srenatus

build(deps): upgrade github.com/dgraph-io/badger to v4 (4.5.1) (#7239) authored by @Juneezee

build(deps): bump github.com/containerd/containerd from 1.7.24 to 1.7.25

build(deps): bump github.com/tchap/go-patricia/v2 from 2.3.1 to 2.3.2

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.1.0

This release contains a mix of features, performance improvements, and bugfixes.

Performance Improvements

ast: Remove jsonOptions from AST nodes and terms (#7281) authored by @anderseknert

ast+plugins: Optimize activation of bundles with no inter-bundle path overlap (#7144) authored and reported by @sqyang94

bundle: Optimizing rego-version management in bundle activation (#7296) authored by @johanfylling

cmd: Don't generate JSON from result in opa bench (#7291) authored by @anderseknert

topdown: Adding configurable token cache to io.jwt token verification built-ins (#7274) authored by @johanfylling

topdown: Reduce allocations in hot path (#7288) authored by @anderseknert

perf: Improvements to terms and built-in functions (#7284) authored by @anderseknert

perf: add Regorus ACI benchmark tests (#7298) authored by @anderseknert

plugins: Don't use reflect.DeepEqual for errors (#7238) authored by @anderseknert

testing: replace reflect.DeepEqual where possible (#7286) authored by @anderseknert

Topdown and Rego

topdown: Fix out of range error in numbers.range built-in (#7269) authored by @anderseknert

topdown+rego+server: Allow opt-in for evaluating non-det builtins in PE (#6496) authored by @srenatus

Runtime, Tooling, SDK

bundle: Add info about the correct rego version to parse modules on the store (#7278) co-authored by @ashutosh-narkar and @johanfylling

bundle+plugins: Fixing issue where bundle plugin could panic on reconfiguration (SDK use) (#7297) authored by @johanfylling reported by @carabasdaniel

cmd: Fix printed representation of ref head rules in opa repl (#7301) authored by @anderseknert reported by @tsandall

cmd: Respect --v0-compatible for opa eval partial eval support modules (#7251) authored by @johanfylling

golangci: fix invalid linter-settings configuration name (#7244) authored by @Juneezee

plugins/logs: Add support for masking with array keys (#6883) authored by @charlieegan3

tester: code nitpicks (#7252) authored by @srenatus

util: Add util.Keys and util.KeysSorted (#7285) authored by @anderseknert

Docs, Website, Ecosystem

docs: Update docker compose file in HTTP API tutorial and use addr for binding (#7264) authored and reported by @zanliffick

docs: Make 'ancient' warnings closable (#7253) authored by @srenatus reported by @konradzagozda

docs: Redirect opa-1 to v0-upgrade (#7259) authored by @charlieegan3

docs: Use preformatted strings in fmt help (#7263) authored by @charlieegan3

docs: Fix typo in k8s primer (#7242) authored by @vicentinileonardo

docs: Formatting and wording fixes (#7268) authored by @kamilturek

docs: Update output document of Envoy plugin. (#7241) authored by @regeda

Miscellaneous

ci(nightly): Remove vendor w/o modproxy check (#7292) authored by @srenatus

Dependency updates; notably:

build(go): bump to 1.23.5 (7279) authored by @srenatus

build(deps): upgrade github.com/dgraph-io/badger to v4 (4.5.1) (#7239) authored by @Juneezee

build(deps): bump github.com/containerd/containerd from 1.7.24 to 1.7.25

... (truncated)

Commits

de28510 Prepare v1.1.0 release
2d47dd8 docs: Update generated CLI docs
4b8a138 topdown+rego+server: allow opt-in for evaluating non-det builtins in PE (#7313)
50a8c96 rego: Fixing broken BenchmarkCustomFunctionInHotPath (#7312)
6e83f2a topdown: jwt cache (#7274)
211e95d build(deps): bump github/codeql-action from 3.28.3 to 3.28.4
e682a67 Don't use reflect.DeepEqual for errors (#7311)
d20dd18 build(deps): bump google.golang.org/grpc from 1.69.4 to 1.70.0 (#7309)
b032e3b Fixing issue where bundle plugin could panic on reconfiguration (SDK use) (#...
e47bd4f bundle: Optimizing rego-version management in bundle activation (#7296)
Additional commits viewable in compare view

Updates github.com/spf13/afero from 1.11.0 to 1.12.0

Release notes

Sourced from github.com/spf13/afero's releases.

v1.12.0

What's Changed

improve ci by @sagikazarmark in spf13/afero#438

Update dependencies by @sagikazarmark in spf13/afero#439

add dependabot by @sagikazarmark in spf13/afero#440

Update README.md by @sean9999 in spf13/afero#434

fix lint violations by @sagikazarmark in spf13/afero#441

New Contributors

@sagikazarmark made their first contribution in spf13/afero#438

@sean9999 made their first contribution in spf13/afero#434

Full Changelog: spf13/afero@v1.11.0...v1.12.0

Commits

d4d55e8 Merge pull request #441 from spf13/lint
15743bc fix lint violations
024e183 Merge pull request #434 from sean9999/patch-1
6504f4c Merge pull request #440 from spf13/dependabot
09a514e add dependabot
1ba15b5 Merge pull request #439 from spf13/update-dependencies
dac11c4 exclude google test lib from golangci
e0bdbe3 update all dependencies
22d41e8 drop iam from google testing library
ee4067b drop google-cloud-go-testing
Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.5 to 1.0.6

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.6

What's Changed

Add exported functions to preserve pkg/flag compatibility by @mckern in spf13/pflag#220

remove dead code for checking error nil by @yashbhutwala in spf13/pflag#282

Add IPNetSlice and unit tests by @rpothier in spf13/pflag#170

allow for blank ip addresses by @duhruh in spf13/pflag#316

add github actions by @sagikazarmark in spf13/pflag#419

New Contributors

@mckern made their first contribution in spf13/pflag#220

@yashbhutwala made their first contribution in spf13/pflag#282

@rpothier made their first contribution in spf13/pflag#170

@duhruh made their first contribution in spf13/pflag#316

@sagikazarmark made their first contribution in spf13/pflag#419

Full Changelog: spf13/pflag@v1.0.5...v1.0.6

Commits

5ca8134 Merge pull request #419 from spf13/ci
100ab0e disable unsupported dependency graph for now
a0f4ddd fix govet
f48cbd1 add github actions
d5e0c06 allow for blank ip addresses (#316)
85dd5c8 Add IPNetSlice and unit tests (#170)
6971c29 remove dead code for checking error nil (#282)
81378bb Add exported functions to preserve pkg/flag compatibility (#220)
See full diff in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits

fe3591b sync/errgroup: improve documentation for semaphore limit behavior
See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/open-policy-agent/opa	[>= 0.50.a, < 0.51]
github.com/enterprise-contract/enterprise-contract-controller/api	[>= 0.1.33.a, < 0.1.34]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | cuelang.org/go | `0.11.1` | `0.12.0` | | [github.com/enterprise-contract/enterprise-contract-controller/api](https://github.com/enterprise-contract/enterprise-contract-controller) | `0.1.71` | `0.1.75` | | [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch) | `5.9.0+incompatible` | `5.9.11+incompatible` | | [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) | `0.5.7` | `0.5.9` | | [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `0.70.0` | `1.1.0` | | [github.com/spf13/afero](https://github.com/spf13/afero) | `1.11.0` | `1.12.0` | | [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.5` | `1.0.6` | | [golang.org/x/sync](https://github.com/golang/sync) | `0.10.0` | `0.11.0` | Updates `cuelang.org/go` from 0.11.1 to 0.12.0 Updates `github.com/enterprise-contract/enterprise-contract-controller/api` from 0.1.71 to 0.1.75 - [Release notes](https://github.com/enterprise-contract/enterprise-contract-controller/releases) - [Commits](enterprise-contract/enterprise-contract-controller@api/v0.1.71...api/v0.1.75) Updates `github.com/evanphx/json-patch` from 5.9.0+incompatible to 5.9.11+incompatible - [Release notes](https://github.com/evanphx/json-patch/releases) - [Commits](evanphx/json-patch@v5.9.0...v5.9.11) Updates `github.com/gkampitakis/go-snaps` from 0.5.7 to 0.5.9 - [Release notes](https://github.com/gkampitakis/go-snaps/releases) - [Commits](gkampitakis/go-snaps@v0.5.7...v0.5.9) Updates `github.com/open-policy-agent/opa` from 0.70.0 to 1.1.0 - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](open-policy-agent/opa@v0.70.0...v1.1.0) Updates `github.com/spf13/afero` from 1.11.0 to 1.12.0 - [Release notes](https://github.com/spf13/afero/releases) - [Commits](spf13/afero@v1.11.0...v1.12.0) Updates `github.com/spf13/pflag` from 1.0.5 to 1.0.6 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.5...v1.0.6) Updates `golang.org/x/sync` from 0.10.0 to 0.11.0 - [Commits](golang/sync@v0.10.0...v0.11.0) --- updated-dependencies: - dependency-name: cuelang.org/go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/enterprise-contract/enterprise-contract-controller/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/evanphx/json-patch dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/gkampitakis/go-snaps dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/open-policy-agent/opa dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: github.com/spf13/afero dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/spf13/pflag dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 5, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all group across 1 directory with 8 updates #2301

Bump the all group across 1 directory with 8 updates #2301

dependabot bot commented on behalf of github Feb 5, 2025

Bump the all group across 1 directory with 8 updates #2301

Are you sure you want to change the base?

Bump the all group across 1 directory with 8 updates #2301

Conversation

dependabot bot commented on behalf of github Feb 5, 2025

API Release api/v0.1.75

What's Changed

API Release api/v0.1.74

What's Changed

API Release api/v0.1.73

What's Changed

API Release api/v0.1.72

What's Changed

v5.9.11

What's Changed

v5.9.10

What's Changed

New Contributors

v0.5.9

What's Changed

Full Changelog: gkampitakis/go-snaps@v0.5.8...v0.5.9

v0.5.8

What's Changed

v1.1.0

Performance Improvements

Topdown and Rego

Runtime, Tooling, SDK

Docs, Website, Ecosystem

Miscellaneous

1.1.0

Performance Improvements

Topdown and Rego

Runtime, Tooling, SDK

Docs, Website, Ecosystem

Miscellaneous

v1.12.0

What's Changed

New Contributors

v1.0.6

What's Changed

New Contributors

Full Changelog: gkampitakis/go-snaps@`v0.5.8...v0.5.9`