build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools

[dependabot]

Bumps github.com/getkin/kin-openapi from 0.118.0 to 0.131.0.

Release notes

Sourced from github.com/getkin/kin-openapi's releases.

v0.131.0

What's Changed

• openapi3filter: de-register ZipFileBodyDecoder and make a few decoders public by @​fenollp in getkin/kin-openapi#1059

Full Changelog: getkin/kin-openapi@v0.130.0...v0.131.0

v0.130.0

What's Changed

• feat(openapi3gen): Customize json.RawMessage by @​kyleconroy in getkin/kin-openapi#1050
• openapi3gen: Fix issue with separate component generated for time.Time by @​d1vbyz3r0 in getkin/kin-openapi#1052
• openapi3filter: Remove redundant ExcludeResponseBody check by @​tatsumack in getkin/kin-openapi#1056
• openapi3: use origin to minimize collisions by @​reuvenharrison in getkin/kin-openapi#1057
• openapi3: delete origin keys only when IncludeOrigin=true by @​reuvenharrison in getkin/kin-openapi#1055
• openapi3filter: apply default values of an array in a query param with exploded = false by @​nhochstr in getkin/kin-openapi#1054

New Contributors

• @​kyleconroy made their first contribution in getkin/kin-openapi#1050
• @​d1vbyz3r0 made their first contribution in getkin/kin-openapi#1052
• @​tatsumack made their first contribution in getkin/kin-openapi#1056
• @​nhochstr made their first contribution in getkin/kin-openapi#1054

Full Changelog: getkin/kin-openapi@v0.129.0...v0.130.0

v0.129.0

What's Changed

• README: add Fuego to dependents by @​EwenQuim in getkin/kin-openapi#1017
• openapi3: skip a test in CI to avoid 403s from some remote server by @​fenollp in getkin/kin-openapi#1019
• openapi3: introduce StringMap type to enable unmarshalling of maps with Origin by @​reuvenharrison in getkin/kin-openapi#1018
• openapi3: reference originating locations in YAML specs - step 1 by @​reuvenharrison in getkin/kin-openapi#1007
• openapi3: reference originating locations in YAML specs - step 2 by @​reuvenharrison in getkin/kin-openapi#1024
• openapi3: process discriminator mapping values as refs by @​jgresty in getkin/kin-openapi#1022
• openapi3filter: register decoder for other JSON content types by @​oliverli in getkin/kin-openapi#1026
• Revert "openapi3: process discriminator mapping values as refs" by @​fenollp in getkin/kin-openapi#1029
• openapi3: fail to load spec because of schema names in mapping by @​reuvenharrison in getkin/kin-openapi#1027
• openapi2conv: convert schemaRef for additional props by @​jayanth-tatina-groww in getkin/kin-openapi#1030
• openapi3: simplify by replacing math.Min with min by @​alexandear in getkin/kin-openapi#1032
• openapi3: fix deprecation comments by @​alexandear in getkin/kin-openapi#1034
• test: fix expected-actual parameters in require.Equal by @​alexandear in getkin/kin-openapi#1035
• use forked yaml modules without "replace" by @​reuvenharrison in getkin/kin-openapi#1038
• openapi3: update date schema formats to not match months or days of '00' by @​RulerOfTheQueendom in getkin/kin-openapi#1042
• openapi3,openapi3filter: replace interface{} with any by @​alexandear in getkin/kin-openapi#1040
• openapi3filter: Simplify ValidateRequest implementation by @​alexandear in getkin/kin-openapi#1041
• openapi3filter: validation of x-www-form-urlencoded with arbitrary nested allOf by @​mikhalytch in getkin/kin-openapi#1046
• openapi2conv: convert references in nested additionalProperties schemas by @​travisnewhouse in getkin/kin-openapi#1047

New Contributors

• @​EwenQuim made their first contribution in getkin/kin-openapi#1017
• @​jgresty made their first contribution in getkin/kin-openapi#1022
• @​oliverli made their first contribution in getkin/kin-openapi#1026

... (truncated)

Commits

• 67f0b23 openapi3filter: de-register ZipFileBodyDecoder and make a few decoders public...
• 6da871e openapi3filter: apply default values of an array in a query param with explod...
• a34baf0 openapi3: delete origin keys only when IncludeOrigin=true (#1055)
• 2d3e67a use origin to minimize collisions (#1057)
• e3d68dc Remove redundant ExcludeResponseBody check in ValidateResponse (#1056)
• 050a930 openapi3gen: Fix issue with separate component generated for time.Time (#1052)
• 72fb819 feat(openapi3gen): Customize json.RawMessage (#1050)
• cea0a13 openapi2conv: convert references in nested additionalProperties schemas (#1047)
• f476f7b openapi3filter: validation of x-www-form-urlencoded with arbitrary nested a...
• 325cecc openapi3filter: simplify ValidateRequest implementation (#1041)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[prodsecmachine]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

[mergify]

This pull request does not have a backport label. Could you fix it @dependabot[bot]? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-./d./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

[ycombinator]

@Mergifyio backport 7.17 8.17 8.18 8.19 9.0

[mergify]

backport 7.17 8.17 8.18 8.19 9.0

✅ Backports have been created

Details

• #4936 [7.17](backport #4920) build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools has been created for branch 7.17 but encountered conflicts
• #4937 [8.17](backport #4920) build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools has been created for branch 8.17 but encountered conflicts
• #4938 [8.18](backport #4920) build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools has been created for branch 8.18 but encountered conflicts
• #4939 [8.19](backport #4920) build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools has been created for branch 8.19 but encountered conflicts
• #4940 [9.0](backport #4920) build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.131.0 in /dev-tools has been created for branch 9.0 but encountered conflicts

[swiatekm]

@Mergifyio backport 7.17 8.17 8.18 8.19 9.0

@ycombinator do we need these backports? This go.mod only exists on main due to #4694, in every other branch we just hardcode tools in GHA jobs. If we want to update this in those branches, backporting isn't the right path here imo.

[ycombinator]

@Mergifyio backport 7.17 8.17 8.18 8.19 9.0

@ycombinator do we need these backports? This go.mod only exists on main due to #4694, in every other branch we just hardcode tools in GHA jobs. If we want to update this in those branches, backporting isn't the right path here imo.

Yeah, I agree these backports are problematic because #4694 hasn't been backported. Unfortunately, I do think we should continue to backport dependency bumps until we've fixed our automation to do dependency bumps directly on active branches other than main.

For this specific dependency bump, I'll just file manual PRs on the active branches rather than backporting #4694 and then backporting this PR.. This dependency does not exist in any of the active branches (besides main) so there is no need for further PRs to bump it on those branches.