feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.1 #61

dependabot · 2023-12-11T09:21:45Z

Bumps github.com/spf13/viper from 1.12.0 to 1.18.1.

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.1

What's Changed

Bug Fixes 🐛

Merge missing struct keys inside UnmarshalExact by @krakowski in spf13/viper#1704

Full Changelog: spf13/viper@v1.18.0...v1.18.1

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

chore: rename files according to enabled build tags by @alexandear in spf13/viper#1642

test: replace ifs with asserts to simplify tests by @alexandear in spf13/viper#1656

ci: enable test shuffle and fix tests by @alexandear in spf13/viper#1643

fix: gocritic lint issues by @alexandear in spf13/viper#1696

Bug Fixes 🐛

Implement viper.BindStruct for automatic unmarshalling from environment variables by @krakowski in spf13/viper#1429

fix isPathShadowedInFlatMap type cast bug by @linuxsong in spf13/viper#1585

Dependency Updates ⬆️

build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @dependabot in spf13/viper#1661

build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in spf13/viper#1659

build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in spf13/viper#1663

build(deps): bump actions/github-script from 6.4.1 to 7.0.1 by @dependabot in spf13/viper#1686

build(deps): bump github/codeql-action from 2.22.3 to 2.22.8 by @dependabot in spf13/viper#1688

build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 by @dependabot in spf13/viper#1692

build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @dependabot in spf13/viper#1690

build(deps): bump cachix/install-nix-action from 23 to 24 by @dependabot in spf13/viper#1689

build(deps): bump github.com/nats-io/nkeys from 0.4.5 to 0.4.6 by @dependabot in spf13/viper#1672

build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 by @dependabot in spf13/viper#1691

build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @dependabot in spf13/viper#1668

chore: update dependencies by @sagikazarmark in spf13/viper#1694

chore: update crypt by @sagikazarmark in spf13/viper#1701

Other Changes

Add info about multiple hosts for remote config by @KaymeKaydex in spf13/viper#1684

refactor: drop fsonitfy wrapper by @sagikazarmark in spf13/viper#1693

Note Get* behavior on parse failure by @scop in spf13/viper#1687

... (truncated)

Commits

fb6eb1e fix: merge missing struct keys inside UnmarshalExact
f5fcb4a chore: update crypt
f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
36a3868 Review changes
f0c4ccd fix: gocritic lint issues
3a23b80 ci: enable test shuffle; fix tests
73dfb94 feat: make Unmarshal work with AutomaticEnv
6ea31ae refactor: move all settings code to a getter
c4dcd31 fix: godot lint issues
4c9b2a2 Note Get* behavior on parse failure
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.12.0 to 1.18.1. - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.12.0...v1.18.1) --- updated-dependencies: - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

guardrails · 2023-12-11T09:32:05Z

⚠️ We detected 222 security issues in this pull request:

Vulnerable Libraries (222)

Severity	Details
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.19.6,1.20.1,0.7.0
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20220314234659-1baeb1ce4c0b
High	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.16.12,1.17.5,0.0.0-20211209124913-491a49abca63
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/github.com/gogo/[email protected] upgrade to: 1.3.2
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
High	pkg:golang/github.com/gogo/[email protected] upgrade to: 1.3.2
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
High	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20211202192323-5770296d904e
High	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20200220183623-bac4c82f6975
Low	pkg:golang/github.com/aws/[email protected] upgrade to: 1.34.0
High	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20200220183623-bac4c82f6975
High	pkg:golang/github.com/gorilla/[email protected] upgrade to: 1.4.1
Medium	pkg:golang/github.com/aws/[email protected] upgrade to: 1.34.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.12.16,1.13.7,0.0.0-20200124225646-8b5121be2f68
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20220314234659-1baeb1ce4c0b
Low	pkg:golang/github.com/aws/[email protected] upgrade to: 1.34.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.11.13,1.12.8,0.0.0-20190813141303-74dc4d7220e7
High	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20211202192323-5770296d904e
N/A	pkg:golang/github.com/gogo/[email protected] upgrade to: 1.3.2
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
Medium	pkg:golang/github.com/miekg/[email protected] upgrade to: 1.1.25
Medium	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
High	pkg:golang/github.com/nats-io/nats-server/[email protected] upgrade to: 1.1.0,2.1.9
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
Critical	pkg:golang/github.com/nats-io/[email protected] upgrade to: 1.1.0,2.1.9
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/github.com/dgrijalva/[email protected]+incompatible upgrade to: 4.0.0-preview1
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20211202192323-5770296d904e
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
Critical	pkg:golang/github.com/nats-io/[email protected] upgrade to: 1.1.0,2.1.9
High	pkg:golang/golang.org/x/[email protected] - no patch available
Medium	pkg:golang/golang.org/x/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.16.12,1.17.5,0.0.0-20211209124913-491a49abca63
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.19.6,1.20.1,0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.12.16,1.13.7,0.0.0-20200124225646-8b5121be2f68
Low	pkg:golang/go.etcd.io/[email protected] upgrade to: 3.4.10,0.5.0-alpha.5.0.20200423152442-f4b650b51dc4
High	pkg:golang/github.com/gorilla/[email protected] - no patch available
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/vault/[email protected] - no patch available
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
Medium	pkg:golang/github.com/yuin/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.5.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.5.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.19.6,1.20.1,0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.5.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/vault/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/k8s.io/[email protected] upgrade to: 0.0.0-20190927203648-9ce6eca90e73
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20210520170846-37e1c6afe023
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.3.3
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
Medium	pkg:golang/github.com/yuin/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
High	pkg:golang/github.com/miekg/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/k8s.io/[email protected] upgrade to: 0.0.0-20190927203648-9ce6eca90e73,0.0.0-20190927203648-9ce6eca90e73,0.0.0-20190927203648-9ce6eca90e73
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/miekg/[email protected] - no patch available
N/A	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
Critical	pkg:golang/github.com/gogo/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/github.com/apache/[email protected] upgrade to: 0.13.0
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
Medium	pkg:golang/github.com/pkg/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/github.com/aws/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
Medium	pkg:golang/github.com/yuin/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.16.12,1.17.5,0.0.0-20211209124913-491a49abca63
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/miekg/[email protected] - no patch available
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
N/A	pkg:golang/github.com/gorilla/[email protected] upgrade to: 1.4.1
N/A	pkg:golang/github.com/prometheus/[email protected] upgrade to: 1.11.1
Medium	pkg:golang/github.com/hashicorp/[email protected] upgrade to: 1.11.9,1.12.5,1.13.2
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.19.6,1.20.1,0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.11.13,1.12.8,0.0.0-20190813141303-74dc4d7220e7
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.11.13,1.12.8,0.0.0-20190813141303-74dc4d7220e7
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/github.com/coredns/[email protected] upgrade to: 1.6.6
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20220314234659-1baeb1ce4c0b
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20220314234659-1baeb1ce4c0b
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.7.0
Low	pkg:golang/github.com/aws/[email protected] upgrade to: 1.34.0
High	pkg:golang/github.com/hashicorp/consul/[email protected] - no patch available
Medium	pkg:golang/gopkg.in/[email protected] upgrade to: 2.2.8
Medium	pkg:golang/github.com/nats-io/nats-server/[email protected] upgrade to: 2.7.4,0.24.3
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
N/A	pkg:golang/github.com/nats-io/[email protected] upgrade to: 2.0.1,2.0.1
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c
Medium	pkg:golang/github.com/hashicorp/[email protected] upgrade to: 1.11.9,1.12.5,1.13.2
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.9,1.19.4,0.4.0
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 0.0.0-20211202192323-5770296d904e
N/A	pkg:golang/golang.org/x/[email protected] upgrade to: 1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c

More info on how to fix Vulnerable Libraries in Go.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot · 2023-12-19T00:08:44Z

Superseded by #63.

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 11, 2023

dependabot bot mentioned this pull request Dec 11, 2023

feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.0 #60

Closed

dependabot bot assigned maurafortino Dec 11, 2023

github-actions bot enabled auto-merge (squash) December 11, 2023 09:22

github-actions bot approved these changes Dec 11, 2023

View reviewed changes

dependabot bot closed this Dec 19, 2023

auto-merge was automatically disabled December 19, 2023 00:08
Pull request was closed

dependabot bot deleted the dependabot/go_modules/github.com/spf13/viper-1.18.1 branch December 19, 2023 00:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.1 #61

feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.1 #61

dependabot bot commented on behalf of github Dec 11, 2023 •

edited

Loading

guardrails bot commented Dec 11, 2023

dependabot bot commented on behalf of github Dec 19, 2023

feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.1 #61

feat(deps): bump github.com/spf13/viper from 1.12.0 to 1.18.1 #61

Conversation

dependabot bot commented on behalf of github Dec 11, 2023 • edited Loading

v1.18.1

What's Changed

Bug Fixes 🐛

v1.18.0

Major changes

AutomaticEnv works with Unmarshal

What's Changed

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

Other Changes

guardrails bot commented Dec 11, 2023

dependabot bot commented on behalf of github Dec 19, 2023

dependabot bot commented on behalf of github Dec 11, 2023 •

edited

Loading

`AutomaticEnv` works with `Unmarshal`