chore(deps): bump the cli-tools group with 5 updates #79

dependabot · 2025-11-03T00:57:09Z

Bumps the cli-tools group with 5 updates:

Package	From	To
github.com/spf13/viper	`1.20.1`	`1.21.0`
golang.org/x/term	`0.34.0`	`0.36.0`
github.com/spf13/afero	`1.14.0`	`1.15.0`
github.com/spf13/cast	`1.9.2`	`1.10.0`
github.com/spf13/pflag	`1.0.9`	`1.0.10`

Updates github.com/spf13/viper from 1.20.1 to 1.21.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.21.0

What's Changed

Enhancements 🚀

Add support for flags pflag.BoolSlice, pflag.UintSlice and pflag.Float64Slice by @nmvalera in spf13/viper#2015

feat: use maintained yaml library by @sagikazarmark in spf13/viper#2040

Bug Fixes 🐛

fix(config): get config type from v.configType or config file ext by @GuillaumeBAECHLER in spf13/viper#2003

fix: config type check when loading any config by @sagikazarmark in spf13/viper#2007

Dependency Updates ⬆️

Update dependencies by @sagikazarmark in spf13/viper#1993

build(deps): bump github.com/spf13/cast from 1.7.1 to 1.8.0 by @dependabot[bot] in spf13/viper#2017

build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.3 to 2.2.4 by @dependabot[bot] in spf13/viper#2013

build(deps): bump github.com/sagikazarmark/locafero from 0.8.0 to 0.9.0 by @dependabot[bot] in spf13/viper#2008

build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in /remote by @dependabot[bot] in spf13/viper#2016

build(deps): bump github.com/spf13/cast from 1.8.0 to 1.9.2 by @dependabot[bot] in spf13/viper#2020

build(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @dependabot[bot] in spf13/viper#2028

build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in spf13/viper#2035

build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @dependabot[bot] in spf13/viper#2036

build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0 by @dependabot[bot] in spf13/viper#2012

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in spf13/viper#2052

build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /remote by @dependabot[bot] in spf13/viper#2048

build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 by @dependabot[bot] in spf13/viper#2056

chore: update dependencies by @sagikazarmark in spf13/viper#2057

Other Changes

Update update guide with mapstructure package replacement. by @aldas in spf13/viper#2004

refactor: use the built-in max/min to simplify the code by @yingshanghuangqiao in spf13/viper#2029

New Contributors

@GuillaumeBAECHLER made their first contribution in spf13/viper#2003

@aldas made their first contribution in spf13/viper#2004

@nmvalera made their first contribution in spf13/viper#2015

@yingshanghuangqiao made their first contribution in spf13/viper#2029

@ccoVeille made their first contribution in spf13/viper#2046

@spacez320 made their first contribution in spf13/viper#2050

Full Changelog: spf13/viper@v1.20.0...v1.21.0

Commits

394040c ci: build on go 1.25
812f548 chore: update dependencies
d5271ef ci: update stale workflow
dff303b feat: add a stale issue scheduled action
1287976 build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
38932cd build(deps): bump github.com/go-viper/mapstructure/v2 in /remote
6d014be build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1
b74c7ee build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
acd05e1 fix: linting issues
ae5a8e2 ci: upgrade golangci-lint
Additional commits viewable in compare view

Updates golang.org/x/term from 0.34.0 to 0.36.0

Commits

3a0828a go.mod: update golang.org/x dependencies
1a11b45 go.mod: update golang.org/x dependencies
d862cd5 all: upgrade go directive to at least 1.24.0 [generated]
See full diff in compare view

Updates github.com/spf13/afero from 1.14.0 to 1.15.0

Release notes

Sourced from github.com/spf13/afero's releases.

v1.15.0

What's Changed

Bump golangci/golangci-lint-action from 6.5.1 to 6.5.2 by @dependabot[bot] in spf13/afero#479

Lint by @sagikazarmark in spf13/afero#492

build(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by @dependabot[bot] in spf13/afero#494

build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @dependabot[bot] in spf13/afero#493

Bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot[bot] in spf13/afero#480

build(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot[bot] in spf13/afero#496

support aliyun oss storage with third-party link by @messikiller in spf13/afero#491

build(deps): bump github/codeql-action from 3.28.16 to 3.28.17 by @dependabot[bot] in spf13/afero#497

chore: update x/test by @sagikazarmark in spf13/afero#502

build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot[bot] in spf13/afero#503

build(deps): bump actions/dependency-review-action from 4.6.0 to 4.7.1 by @dependabot[bot] in spf13/afero#505

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot[bot] in spf13/afero#506

fix(gcsfs): update object not exist check logic by @ahkui in spf13/afero#485

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in spf13/afero#508

build(deps): bump github/codeql-action from 3.28.18 to 3.29.4 by @dependabot[bot] in spf13/afero#519

build(deps): bump github/codeql-action from 3.29.4 to 3.29.7 by @dependabot[bot] in spf13/afero#524

build(deps): bump github/codeql-action from 3.29.7 to 3.30.1 by @dependabot[bot] in spf13/afero#537

build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in spf13/afero#536

build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.3 by @dependabot[bot] in spf13/afero#533

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in spf13/afero#527

chore: update deps by @sagikazarmark in spf13/afero#538

fix: spelling errors (excpected -> expected, iself -> itself) by @MarkRosemaker in spf13/afero#523

New Contributors

@messikiller made their first contribution in spf13/afero#491

@ahkui made their first contribution in spf13/afero#485

@MarkRosemaker made their first contribution in spf13/afero#523

Full Changelog: spf13/afero@v1.14.0...v1.15.0

Commits

399bb34 Merge pull request #523 from MarkRosemaker/fix-spelling
9b67716 Merge pull request #538 from spf13/deps
f5f4f7b chore: update deps
c245c4f ci: update ci
85c4956 Merge pull request #527 from spf13/dependabot/github_actions/actions/checkout...
41206fd build(deps): bump actions/checkout from 4.2.2 to 5.0.0
a583fad Merge pull request #533 from spf13/dependabot/github_actions/actions/dependen...
673c03e Merge pull request #536 from spf13/dependabot/github_actions/actions/setup-go...
ac849f6 Merge pull request #537 from spf13/dependabot/github_actions/github/codeql-ac...
9596fe8 build(deps): bump github/codeql-action from 3.29.7 to 3.30.1
Additional commits viewable in compare view

Updates github.com/spf13/cast from 1.9.2 to 1.10.0

Release notes

Sourced from github.com/spf13/cast's releases.

v1.10.0

What's Changed

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in spf13/cast#275

build(deps): bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot[bot] in spf13/cast#277

build(deps): bump github/codeql-action from 3.28.19 to 3.29.5 by @dependabot[bot] in spf13/cast#289

build(deps): bump github/codeql-action from 3.29.7 to 3.29.10 by @dependabot[bot] in spf13/cast#296

build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @dependabot[bot] in spf13/cast#295

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in spf13/cast#293

build(deps): bump github/codeql-action from 3.29.10 to 3.30.1 by @dependabot[bot] in spf13/cast#301

build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in spf13/cast#300

build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 by @dependabot[bot] in spf13/cast#298

Always return empty map instead of nil when conversion fails by @andig in spf13/cast#283

New Contributors

@andig made their first contribution in spf13/cast#283

Full Changelog: spf13/cast@v1.9.2...v1.10.0

Commits

fc73346 Merge pull request #283 from andig/patch-1
6002cff Merge pull request #298 from spf13/dependabot/github_actions/actions/dependen...
c1c153d Merge pull request #300 from spf13/dependabot/github_actions/actions/setup-go...
39beeac Merge pull request #301 from spf13/dependabot/github_actions/github/codeql-ac...
365e80c build(deps): bump github/codeql-action from 3.29.10 to 3.30.1
9f0f68b build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
d45dead build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3
004f51d Merge pull request #293 from spf13/dependabot/github_actions/actions/checkout...
6458e07 Merge pull request #295 from spf13/dependabot/github_actions/actions/dependen...
970d9ea Merge pull request #296 from spf13/dependabot/github_actions/github/codeql-ac...
Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.9 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

fix deprecation comment for (FlagSet.)ParseErrorsWhitelist by @thaJeztah in spf13/pflag#447

remove uses of errors.Is, which requires go1.13, move go1.16/go1.21 tests to separate file by @thaJeztah in spf13/pflag#448

New Contributors

@thaJeztah made their first contribution in spf13/pflag#447

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

Commits

0491e57 Merge pull request #448 from thaJeztah/fix_go_version
72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
7e4dfb1 Test on Go 1.12
18a9d17 move Func, BoolFunc, tests as they require go1.21
c5b9e98 remove uses of errors.Is, which requires go1.13
45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot · 2025-11-03T00:57:10Z

Assignees

The following users could not be added as assignees: security-team. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, go, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Bumps the cli-tools group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/spf13/viper](https://github.com/spf13/viper) | `1.20.1` | `1.21.0` | | [golang.org/x/term](https://github.com/golang/term) | `0.34.0` | `0.36.0` | | [github.com/spf13/afero](https://github.com/spf13/afero) | `1.14.0` | `1.15.0` | | [github.com/spf13/cast](https://github.com/spf13/cast) | `1.9.2` | `1.10.0` | | [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.9` | `1.0.10` | Updates `github.com/spf13/viper` from 1.20.1 to 1.21.0 - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.20.1...v1.21.0) Updates `golang.org/x/term` from 0.34.0 to 0.36.0 - [Commits](golang/term@v0.34.0...v0.36.0) Updates `github.com/spf13/afero` from 1.14.0 to 1.15.0 - [Release notes](https://github.com/spf13/afero/releases) - [Commits](spf13/afero@v1.14.0...v1.15.0) Updates `github.com/spf13/cast` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/spf13/cast/releases) - [Commits](spf13/cast@v1.9.2...v1.10.0) Updates `github.com/spf13/pflag` from 1.0.9 to 1.0.10 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.9...v1.0.10) --- updated-dependencies: - dependency-name: github.com/spf13/viper dependency-version: 1.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cli-tools - dependency-name: golang.org/x/term dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: cli-tools - dependency-name: github.com/spf13/afero dependency-version: 1.15.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: cli-tools - dependency-name: github.com/spf13/cast dependency-version: 1.10.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: cli-tools - dependency-name: github.com/spf13/pflag dependency-version: 1.0.10 dependency-type: indirect update-type: version-update:semver-patch dependency-group: cli-tools ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot force-pushed the dependabot-go_modules-cli-tools-5a03355843 branch from ba390f8 to bcc58be Compare November 10, 2025 00:34

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the cli-tools group with 5 updates #79

chore(deps): bump the cli-tools group with 5 updates #79

Uh oh!

dependabot bot commented on behalf of github Nov 3, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Nov 3, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

chore(deps): bump the cli-tools group with 5 updates #79

Are you sure you want to change the base?

chore(deps): bump the cli-tools group with 5 updates #79

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.21.0

What's Changed

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

Other Changes

New Contributors

v1.15.0

What's Changed

New Contributors

v1.10.0

What's Changed

New Contributors

v1.0.10

What's Changed

New Contributors

Uh oh!

dependabot bot commented on behalf of github Nov 3, 2025

Assignees

Labels

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Nov 3, 2025 •

edited

Loading