Skip to content

chore(deps): bump the go group with 11 updates #726

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump the go group with 11 updates #726

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 17, 2025
edited
Loading

Bumps the go group with 11 updates:

Package From To
cuelang.org/go 0.14.0 0.14.1
github.com/fluxcd/pkg/http/fetch 0.17.0 0.18.0
github.com/fluxcd/pkg/runtime 0.79.0 0.80.0
github.com/mikefarah/yq/v4 4.45.4 4.47.1
github.com/open-component-model/ocm-e2e-framework 0.11.1 0.12.0
helm.sh/helm/v3 3.18.4 3.18.5
k8s.io/api 0.33.3 0.33.4
k8s.io/apiextensions-apiserver 0.33.3 0.33.4
k8s.io/apimachinery 0.33.3 0.33.4
k8s.io/client-go 0.33.3 0.33.4
ocm.software/ocm 0.27.0 0.28.0

Updates cuelang.org/go from 0.14.0 to 0.14.1

Updates github.com/fluxcd/pkg/http/fetch from 0.17.0 to 0.18.0

Commits
  • 288cd7a Merge pull request #752 from fluxcd/handle-in-cluster-annotation
  • 4971c85 Return a DiffTypeExclude when exclusion annotation is set in cluster
  • 46467e7 Merge pull request #754 from fluxcd/update-docker
  • 43f36aa Update docker dependencies
  • e350b5b Merge pull request #750 from fluxcd/update-deps-go-1.22
  • 3ad72d9 Update dependencies to Go 1.22 and Kubernetes 1.29.3
  • 6ad47ef Merge pull request #751 from fluxcd/disable-bitbucket-server-tests
  • 9ba119b Disable bitbucket-server e2e
  • e8f9e40 Merge pull request #723 from gdasson/main
  • 5c27146 Adding common "reason" constants
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.79.0 to 0.80.0

Commits
  • 4ca8fb0 Merge pull request #1007 from cappyzawa/remove-servername-pinning
  • 8ce7a0d Prepare for release
  • a254eac runtime/secrets: remove ServerName pinning from TLS config
  • 6bf77f0 Merge pull request #1006 from fluxcd/oci-rename-util
  • b0abad5 oci: Expose RenameWithFallback utility
  • 621a899 Merge pull request #1005 from fluxcd/dependabot/github_actions/ci-914c47a322
  • 2c7a666 build(deps): bump the ci group across 1 directory with 7 updates
  • 4bb23ec Merge pull request #1002 from dipti-pai/azure-privatecloud-oidc
  • d6fbf47 auth/azure: Add support for custom Azure cloud configurations
  • a849bcf Merge pull request #1004 from fluxcd/auth-hc-refactor
  • Additional commits viewable in compare view

Updates github.com/mikefarah/yq/v4 from 4.45.4 to 4.47.1

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.47.1 - Merge Anchor fixes (with flag)

  • Fixed merge anchor behaviour (<<); #2404, #2110, #2386, #2178 Huge thanks to @​stevenwdv! Note that you will need to set --yaml-fix-merge-anchor-to-spec to see the fixes
  • Fixed panic for syntax error when creating a map #2423
  • Bumped dependencies

v4.46.1 - INI support + bug fixes

  • Added INI support
  • Fixed 'add' operator when piped in with no data #2378, #2383, #2384
  • Fixed delete after slice problem (bad node path) #2387 Thanks @​antoinedeschenes
  • Fixed yq small build Thanks @​imzue
  • Switched to YAML org supported go-yaml!
  • Bumped dependencies
Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.47.1:

  • Fixed merge anchor behaviour (<<); #2404, #2110, #2386, #2178 Huge thanks to @​stevenwdv! Note that you will need to set --yaml-fix-merge-anchor-to-spec to see the fixes
  • Fixed panic for syntax error when creating a map #2423
  • Bumped dependencies

4.46.1:

  • Added INI support
  • Fixed 'add' operator when piped in with no data #2378, #2383, #2384
  • Fixed delete after slice problem (bad node path) #2387 Thanks @​antoinedeschenes
  • Fixed yq small build Thanks @​imzue
  • Switched to YAML org supported go-yaml!
  • Bumped dependencies
Commits

Updates github.com/open-component-model/ocm-e2e-framework from 0.11.1 to 0.12.0

Release notes

Sourced from github.com/open-component-model/ocm-e2e-framework's releases.

v0.12.0

Release 0.12.0

  • feat: upgrade dump logs to take more information and a proper label selector (#170)
  • fix: update flux apply and tests to ensure updates fail if broken (#169)
  • chore(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible in the go_modules group (#165)
  • chore(deps): bump the go group with 4 updates (#164)
  • chore(deps): bump the go group with 7 updates (#163)
  • chore(deps): bump the go group across 1 directory with 8 updates (#162)
  • chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.4 in the go_modules group (#160)
  • chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in the go_modules group (#157)
  • chore(deps): bump the go group with 6 updates (#158)
  • chore(deps): bump the go group with 7 updates (#156)
  • chore(deps): bump the go group with 6 updates (#155)
  • chore(deps): bump the go group with 2 updates (#154)
  • chore(deps): bump the go group with 7 updates (#153)
  • chore(deps): bump the go group with 4 updates (#152)
  • chore(deps): bump the go group with 7 updates (#151)
Commits
  • bc37dcb chore: add release notes for v0.12.0 (#171)
  • 617404b feat: upgrade dump logs to take more information and a proper label selector ...
  • 91e71d2 fix: update flux apply and tests to ensure updates fail if broken (#169)
  • 68b793d chore(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3...
  • c3b9c4f chore(deps): bump the go group with 4 updates (#164)
  • 8a921bd chore(deps): bump the go group with 7 updates (#163)
  • 70cf766 chore(deps): bump the go group across 1 directory with 8 updates (#162)
  • e712a86 chore(deps): bump helm.sh/helm/v3 from 3.18.2 to 3.18.4 in the go_modules gro...
  • 8f276e9 chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in ...
  • 34a9b92 chore(deps): bump the go group with 6 updates (#158)
  • Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.18.4 to 3.18.5

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.18.5 is a security release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Security Advisories

Installation and Upgrading

Download Helm v3.18.5. The common platform binaries are here:

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.18.6 will contain only bug fixes.
  • 3.19.5 is the next feature release. This release will focus on ...

Changelog

  • fix Chart.yaml handling 7799b483f52ceb665264a4056da3d2569d60f910 (Matt Farina)
  • Handle messy index files dd8502f7b4fd5824a696c99909babd0fbed77e9e (Matt Farina)
  • json schema fix cb8595bc650e2ec7459427d2b0430599431a3dbe (Robert Sirchia)
Commits

Updates k8s.io/api from 0.33.3 to 0.33.4

Commits

Updates k8s.io/apiextensions-apiserver from 0.33.3 to 0.33.4

Commits

Updates k8s.io/apimachinery from 0.33.3 to 0.33.4

Commits

Updates k8s.io/client-go from 0.33.3 to 0.33.4

Commits

Updates ocm.software/ocm from 0.27.0 to 0.28.0

Release notes

Sourced from ocm.software/ocm's releases.

v0.28.0

What's Changed

🚀 Features

🐛 Bug Fixes

⬆️ Dependencies

🧰 Maintenance

Full Changelog: open-component-model/ocm@v0.27...v0.28.0

v0.28.0-rc.1

What's Changed

🚀 Features

🐛 Bug Fixes

⬆️ Dependencies

🧰 Maintenance

... (truncated)

Commits
  • 732be84 chore(deps): bump the go group with 5 updates (#1553)
  • 7468bf6 fix: double slash in imageReference (#1548)
  • 61ca8cb chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 in the ci group ...
  • 361f254 feat: add ref to github access spec (#1550)
  • 0e3c9e2 chore(deps): bump the ci group with 2 updates (#1549)
  • 05c2413 chore: update 'flake.nix' (#1546)
  • 79d44f0 chore(deps): bump the go group with 14 updates (#1547)
  • fc40108 chore(deps): bump the go group across 1 directory with 6 updates (#1542)
  • fafac49 chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 in the ci gro...
  • 22735b5 chore(deps): bump DeterminateSystems/nix-installer-action from 18 to 19 in th...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the go group with 11 updates
93c935c 
Bumps the go group with 11 updates:

| Package | From | To |
| --- | --- | --- |
| cuelang.org/go | `0.14.0` | `0.14.1` |
| [github.com/fluxcd/pkg/http/fetch](https://github.com/fluxcd/pkg) | `0.17.0` | `0.18.0` |
| [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.79.0` | `0.80.0` |
| [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) | `4.45.4` | `4.47.1` |
| [github.com/open-component-model/ocm-e2e-framework](https://github.com/open-component-model/ocm-e2e-framework) | `0.11.1` | `0.12.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.18.4` | `3.18.5` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.33.3` | `0.33.4` |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.33.3` | `0.33.4` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.33.3` | `0.33.4` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.33.3` | `0.33.4` |
| [ocm.software/ocm](https://github.com/open-component-model/ocm) | `0.27.0` | `0.28.0` |


Updates `cuelang.org/go` from 0.14.0 to 0.14.1

Updates `github.com/fluxcd/pkg/http/fetch` from 0.17.0 to 0.18.0
- [Commits](fluxcd/pkg@git/v0.17.0...git/v0.18.0)

Updates `github.com/fluxcd/pkg/runtime` from 0.79.0 to 0.80.0
- [Commits](fluxcd/pkg@runtime/v0.79.0...runtime/v0.80.0)

Updates `github.com/mikefarah/yq/v4` from 4.45.4 to 4.47.1
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.45.4...v4.47.1)

Updates `github.com/open-component-model/ocm-e2e-framework` from 0.11.1 to 0.12.0
- [Release notes](https://github.com/open-component-model/ocm-e2e-framework/releases)
- [Changelog](https://github.com/open-component-model/ocm-e2e-framework/blob/main/.goreleaser.yaml)
- [Commits](open-component-model/ocm-e2e-framework@v0.11.1...v0.12.0)

Updates `helm.sh/helm/v3` from 3.18.4 to 3.18.5
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.18.4...v3.18.5)

Updates `k8s.io/api` from 0.33.3 to 0.33.4
- [Commits](kubernetes/api@v0.33.3...v0.33.4)

Updates `k8s.io/apiextensions-apiserver` from 0.33.3 to 0.33.4
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.33.3...v0.33.4)

Updates `k8s.io/apimachinery` from 0.33.3 to 0.33.4
- [Commits](kubernetes/apimachinery@v0.33.3...v0.33.4)

Updates `k8s.io/client-go` from 0.33.3 to 0.33.4
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.33.3...v0.33.4)

Updates `ocm.software/ocm` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/open-component-model/ocm/releases)
- [Changelog](https://github.com/open-component-model/ocm/blob/main/RELEASE_PROCESS.md)
- [Commits](open-component-model/ocm@v0.27...v0.28)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-version: 0.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/http/fetch
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/runtime
  dependency-version: 0.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/mikefarah/yq/v4
  dependency-version: 4.47.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/open-component-model/ocm-e2e-framework
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: k8s.io/api
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: ocm.software/ocm
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Aug 17, 2025
@dependabot dependabot bot requested a review from a team as a code owner August 17, 2025 15:28
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 18, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Aug 18, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/go-1e9de1dd93 branch August 18, 2025 07:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

kind/chore chore, maintenance, etc. kind/dependency dependency update, etc.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant