Skip to content

chore: Bump github.com/open-policy-agent/opa from 1.4.0 to 1.4.2#2232

Merged
binbin-li merged 2 commits intomainfrom
dependabot/go_modules/github.com/open-policy-agent/opa-1.4.2
May 12, 2025
Merged

chore: Bump github.com/open-policy-agent/opa from 1.4.0 to 1.4.2#2232
binbin-li merged 2 commits intomainfrom
dependabot/go_modules/github.com/open-policy-agent/opa-1.4.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 12, 2025

Bumps github.com/open-policy-agent/opa from 1.4.0 to 1.4.2.

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.4.2

This is a bug fix release addressing the missing capabilities/v1.4.1.json in the v1.4.1 release.

v1.4.1

⚠️ Please skip this release and go straight to v1.4.2 ⚠️ This release is broken due to a mistake during the release process and the artifacts are missing a crucial capabilities file. Sorry for any inconvenience.

This is a security fix release for the fixes published in Go 1.24.1 and 1.24.2

  • build: bump go to 1.24.2 (#7544) (authored by @​sspaink) Addressing CVE-2025-22870 and CVE-2025-22871 vulnerabilities in the Go runtime.
Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.4.2

This is a bug fix release addressing the missing capabilities/v1.4.1.json in the v1.4.1 release.

1.4.1

This is a security fix release for the fixes published in Go 1.24.1 and 1.24.2

  • build: bump go to 1.24.2 (#7544) (authored by @​sspaink) Addressing CVE-2025-22870 and CVE-2025-22871 vulnerabilities in the Go runtime.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: Bump github.com/open-policy-agent/opa from 1.4.0 to 1.4.2
dc6d40b 
Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.4.0 to 1.4.2.
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.4.0...v1.4.2)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 12, 2025
@dependabot dependabot bot requested a review from akashsinghal as a code owner May 12, 2025 05:18
@dependabot dependabot bot added the go Pull requests that update Go code label May 12, 2025
@codecov
Copy link

codecov bot commented May 12, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@binbin-li binbin-li enabled auto-merge (squash) May 12, 2025 07:37
@binbin-li binbin-li merged commit 4facf0d into main May 12, 2025
13 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/open-policy-agent/opa-1.4.2 branch May 12, 2025 07:38
@binbin-li binbin-li mentioned this pull request Jun 4, 2025
Merged
6 tasks
shahramk64 pushed a commit to shahramk64/forked_ratify that referenced this pull request Jul 21, 2025
@dependabot @shahramk64
chore: Bump github.com/open-policy-agent/opa from 1.4.0 to 1.4.2 (not…
9890f1c 
…aryproject#2232)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@binbin-li binbin-li binbin-li approved these changes

@akashsinghal akashsinghal Awaiting requested review from akashsinghal akashsinghal is a code owner

@jimmyraywv jimmyraywv Awaiting requested review from jimmyraywv jimmyraywv is a code owner

@luisdlp luisdlp Awaiting requested review from luisdlp luisdlp is a code owner

@susanshi susanshi Awaiting requested review from susanshi susanshi is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@binbin-li