Bump the smallweb-deps group across 1 directory with 6 updates

[dependabot]

Bumps the smallweb-deps group with 6 updates in the / directory:

Package	From	To
github.com/knadh/koanf/providers/env	1.0.0	1.1.0
github.com/knadh/koanf/providers/file	1.1.2	1.2.0
github.com/knadh/koanf/v2	2.1.2	2.2.0
github.com/caddyserver/certmagic	0.22.2	0.23.0
github.com/getsops/sops/v3	3.10.1	3.10.2
github.com/knadh/koanf/providers/posflag	0.1.0	1.0.0

Updates github.com/knadh/koanf/providers/env from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/knadh/koanf/providers/env's releases.

v1.1.0

• 036e4bf Merge pull request #79 from aeneasr/fix-memory-keyparts
• 6692d05 Merge pull request #78 from aeneasr/fix-memory-use
• d174d00 Reduce memory consumption for populateKeyParts
• 1095e5e Significantly reduce memory use of maps.Flatten
• 7d983f3 Fix Watch() doc

Commits

• 036e4bf Merge pull request #79 from aeneasr/fix-memory-keyparts
• 6692d05 Merge pull request #78 from aeneasr/fix-memory-use
• d174d00 Reduce memory consumption for populateKeyParts
• 1095e5e Significantly reduce memory use of maps.Flatten
• 7d983f3 Fix Watch() doc
• See full diff in compare view

Updates github.com/knadh/koanf/providers/file from 1.1.2 to 1.2.0

Release notes

Sourced from github.com/knadh/koanf/providers/file's releases.

v1.2.0

• 5fc619c Add Delim()
• f001ae3 Merge pull request #98 from knadh/fix-confmap-dep
• bc5fe47 Remove superfluous dependency on providers/confmap in the core

Commits

• 5fc619c Add Delim()
• f001ae3 Merge pull request #98 from knadh/fix-confmap-dep
• bc5fe47 Remove superfluous dependency on providers/confmap in the core
• 57e89cf Merge pull request #94 from knadh/fix-posflag-callbacks
• d3bad45 Merge pull request #91 from knadh/bug-report-template
• b1985ad Merge pull request #93 from rhnvrm/unit-test-issue-90
• a72baa3 Merge pull request #92 from knadh/fix-posflag-callbacks
• adc0b54 tests: add unit test for #90
• 9e87eba Fix unchanged default posflag value merging via incorrect callback.
• 2f82a14 Merge pull request #87 from mvrahden/feature/filesystem
• Additional commits viewable in compare view

Updates github.com/knadh/koanf/v2 from 2.1.2 to 2.2.0

Release notes

Sourced from github.com/knadh/koanf/v2's releases.

v2.2.0

This release sets the min required Go version to v1.23.0

An increasing number of important updates to various deps, including golang.org/x/*, require go >= 1.23.0. It is now untenable to maintain support for older Go versions. This does not break existing installations, just that further updates will only be available to newer Go versions.

What's Changed

• Update CI by @​StefMa in knadh/koanf#332
• Fix typos by @​NathanBaulch in knadh/koanf#336
• adds urfave/cli/v2 flag parser by @​joicemjoseph in knadh/koanf#330
• Bump golang.org/x/net from 0.23.0 to 0.36.0 in /providers/consul by @​dependabot in knadh/koanf#342
• Added support for Azure Keyvault by @​arawin1979 in knadh/koanf#343
• Bump golang.org/x/crypto from 0.21.0 to 0.35.0 in /providers/vault by @​dependabot in knadh/koanf#348
• Bump golang.org/x/crypto from 0.17.0 to 0.35.0 in /providers/nats by @​dependabot in knadh/koanf#347
• Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 in /examples by @​dependabot in knadh/koanf#346
• Bump golang.org/x/net from 0.23.0 to 0.36.0 in /providers/vault by @​dependabot in knadh/koanf#344
• Upgrade min Go version and deps across all providers and parsers by @​knadh in knadh/koanf#349

New Contributors

• @​NathanBaulch made their first contribution in knadh/koanf#336
• @​joicemjoseph made their first contribution in knadh/koanf#330
• @​arawin1979 made their first contribution in knadh/koanf#343

Full Changelog: knadh/koanf@v2.1.2...v2.2.0

Commits

• 8a93024 Merge pull request #349 from knadh/upgrade-all-deps
• 3c4f717 Update min Go version in examples and go.work.
• 3941bee Upgrade Go min version and all deps in providers/vault.
• e77a6f5 Upgrade Go min version and all deps in providers/structs.
• 42f0d69 Upgrade Go min version and all deps in providers/s3.
• 56c5c58 Upgrade Go min version and all deps in providers/rawbytes.
• b78b66c Upgrade Go min version and all deps in providers/posflag.
• 6914b12 Upgrade Go min version and all deps in providers/parameterstore.
• 95372c1 Upgrade Go min version and all deps in providers/nats.
• ea81688 Upgrade Go min version and all deps in providers/fs.
• Additional commits viewable in compare view

Updates github.com/caddyserver/certmagic from 0.22.2 to 0.23.0

Commits

• f5d71eb go.mod: Upgrade acmez with minor patch
• 2cc2fca Guard Cache.SetOptions with default values (#341)
• b9399ea go.mod: Upgrade to libdns v1 beta (breaking API change in libdns)
• See full diff in compare view

Updates github.com/getsops/sops/v3 from 3.10.1 to 3.10.2

Release notes

Sourced from github.com/getsops/sops/v3's releases.

v3.10.2

Installation

To install sops, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.

For instance, if you are using Linux on an AMD64 architecture:

# Download the binary
curl -LO https://github.com/getsops/sops/releases/download/v3.10.2/sops-v3.10.2.linux.amd64
Move the binary in to your PATH
mv sops-v3.10.2.linux.amd64 /usr/local/bin/sops
Make the binary executable
chmod +x /usr/local/bin/sops

Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:

# Download the checksums file, certificate and signature
curl -LO https://github.com/getsops/sops/releases/download/v3.10.2/sops-v3.10.2.checksums.txt
curl -LO https://github.com/getsops/sops/releases/download/v3.10.2/sops-v3.10.2.checksums.pem
curl -LO https://github.com/getsops/sops/releases/download/v3.10.2/sops-v3.10.2.checksums.sig
Verify the checksums file
cosign verify-blob sops-v3.10.2.checksums.txt 
--certificate sops-v3.10.2.checksums.pem 
--signature sops-v3.10.2.checksums.sig 
--certificate-identity-regexp=https://github.com/getsops 
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature:

# Verify the binary using the checksums file
sha256sum -c sops-v3.10.2.checksums.txt --ignore-missing

Verify artifact provenance

The SLSA provenance of the binaries, packages, and SBOMs can be found within the artifacts associated with this release. It is presented through an in-toto link metadata file named sops-v3.10.2.intoto.jsonl. To verify the provenance of an artifact, you can utilize the slsa-verifier tool:

</tr></table> 

... (truncated)

Changelog

Sourced from github.com/getsops/sops/v3's changelog.

3.10.2

Bugfixes:

• Remove reserved keyword check from YAML store, which hid a better check (#1829).

Improvements:

• Dependency updates (#1834, #1839).
• Use latest 1.24 Go version for release build (#1836).

Project changes:

• CI dependency updates (#1840).

Commits

• a95e525 Merge pull request #1841 from felixfontein/release-3.10.2
• 54610b8 Prepare 3.10.2 release.
• d101549 Merge pull request #1840 from getsops/dependabot/github_actions/ci-d230bc030b
• 69651f3 build(deps): Bump github/codeql-action in the ci group
• b53d168 Merge pull request #1839 from getsops/dependabot/go_modules/go-bc2a587282
• d1c3561 build(deps): Bump the go group with 9 updates
• 0dec4a0 Merge pull request #1829 from felixfontein/remove-reserved-check-in-store
• 6d4c218 Remove reserved keyword check from YAML store's LoadPlainFile().
• 9797277 Merge pull request #1836 from getsops/fix-go-version
• 2cb4731 Use latest 1.24 Go version for release build
• Additional commits viewable in compare view

Updates github.com/knadh/koanf/providers/posflag from 0.1.0 to 1.0.0

Release notes

Sourced from github.com/knadh/koanf/providers/posflag's releases.

v1.0.0

• deea8ad Upgrade deps

Commits

• deea8ad Upgrade deps
• d4c432d Merge pull request #66 from grount/issue-62
• a05e2d5 MergeStrict returns the first error
• 81e20a9 Merge pull request #68 from glenn-m/master
• 12e8fc8 Fixing pflag link
• 5c66566 Merge branch 'master' of github.com:knadh/koanf into issue-62
• e14a5b0 Merge pull request #64 from grount/issue-63
• b97eac0 add missing getters type conversions
• 968145c feature: control merging behavior
• 7bad171 Merge pull request #65 from rhnvrm/travis-build-versions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.