Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the all group across 1 directory with 17 updates #188

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 27, 2024

Bumps the all group with 11 updates in the / directory:

Package From To
cuelang.org/go 0.8.0 0.8.2
github.com/enterprise-contract/enterprise-contract-controller/api 0.1.39 0.1.47
github.com/gkampitakis/go-snaps 0.5.2 0.5.4
github.com/go-logr/logr 1.4.1 1.4.2
github.com/hashicorp/go-getter 1.7.3 1.7.4
github.com/leanovate/gopter 0.2.9 0.2.11
github.com/open-policy-agent/conftest 0.50.0 0.52.0
github.com/package-url/packageurl-go 0.1.2 0.1.3
github.com/sigstore/cosign/v2 2.2.3 2.2.4
github.com/tektoncd/pipeline 0.54.0 0.60.0
k8s.io/apiextensions-apiserver 0.29.3 0.30.1

Updates cuelang.org/go from 0.8.0 to 0.8.2

Updates github.com/enterprise-contract/enterprise-contract-controller/api from 0.1.39 to 0.1.47

Release notes

Sourced from github.com/enterprise-contract/enterprise-contract-controller/api's releases.

API Release api/v0.1.47

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.46...api/v0.1.47

API Release api/v0.1.46

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.45...api/v0.1.46

API Release api/v0.1.45

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.44...api/v0.1.45

API Release api/v0.1.44

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.43...api/v0.1.44

API Release api/v0.1.43

What's Changed

Full Changelog: enterprise-contract/enterprise-contract-controller@api/v0.1.42...api/v0.1.43

API Release api/v0.1.42

What's Changed

... (truncated)

Commits
  • 8b8d7be Merge pull request #341 from enterprise-contract/dependabot/github_actions/ac...
  • d1db73a Merge pull request #340 from enterprise-contract/dependabot/github_actions/gi...
  • d3db660 Merge pull request #339 from enterprise-contract/dependabot/github_actions/co...
  • 7fe254a Bump actions/checkout from 4.1.5 to 4.1.6
  • 1d8f08a Bump github/codeql-action from 3.25.5 to 3.25.6
  • 36061d8 Bump codecov/codecov-action from 4.3.1 to 4.4.1
  • 5c0827c Merge pull request #328 from enterprise-contract/dependabot/go_modules/sigs.k...
  • 710d23f Run go mod tidy
  • 95e86b1 Bump sigs.k8s.io/controller-runtime from 0.17.4 to 0.17.5 in /api
  • 6f09ed5 Bump github/codeql-action from 3.25.3 to 3.25.5
  • Additional commits viewable in compare view

Updates github.com/gkampitakis/go-snaps from 0.5.2 to 0.5.4

Release notes

Sourced from github.com/gkampitakis/go-snaps's releases.

v0.5.4

What's Changed

New Contributors

Full Changelog: gkampitakis/go-snaps@v0.5.3...v0.5.4

v0.5.3

What's Changed

Full Changelog: gkampitakis/go-snaps@v0.5.2...v0.5.3

Commits

Updates github.com/go-logr/logr from 1.4.1 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Dependencies:

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

Commits
  • 1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
  • ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
  • bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
  • a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
  • 19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
  • 1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
  • f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
  • 4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
  • 88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
  • 432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.7.3 to 1.7.4

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.4

What's Changed

Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4

Commits

Updates github.com/leanovate/gopter from 0.2.9 to 0.2.11

Commits
  • b641a79 Remove invalid type panic for now (addresses #86)
  • 4dccbc2 Remove invalid type panic for now (addresses #86)
  • 2607924 Panic on unsupported type
  • 4f507f6 Update build runner
  • 69954c9 Support array generators (addresses #86)
  • f9f2f29 Merge pull request #85 from zhongdai/fix-dead-links
  • e59552d Fixed the dead links.
  • 90cc76d Merge pull request #82 from kkweon/master
  • 62760ed fix(gen/struct): typo in the comment
  • f350002 Keep track of command sieve (issue #81)
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/conftest from 0.50.0 to 0.52.0

Release notes

Sourced from github.com/open-policy-agent/conftest's releases.

v0.52.0

Changelog

OPA Changes

  • c8ca3585dfe99647c0ca039b03522bd83e0ca357: build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.0 (#943) (@​dependabot[bot])
  • 9b082a11765d408ffdddbf365bd0fdd990d87461: build(deps): bump github.com/open-policy-agent/opa from 0.64.0 to 0.64.1 (#947) (@​dependabot[bot])

Other Changes

  • 8f13bf6a82dbb7db38e1ca1a3cddba4f608dbee2: build(deps): bump cuelang.org/go from 0.8.0 to 0.8.1 (#937) (@​dependabot[bot])
  • 37b04d6036f6a146cc2c38e29769ad245c4607e6: build(deps): bump github.com/docker/docker from v25.0.3+incompatible to v25.0.5+incompatible (#932) (@​robmonct)
  • 1b3cc13b4d5e8d99a7a124672046605d1c33d0bc: build(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#948) (@​dependabot[bot])
  • 28d92a408f9d39d01dd85e0055f05f36e09bbf7f: build(deps): bump github.com/moby/buildkit from 0.13.1 to 0.13.2 (#944) (@​dependabot[bot])
  • 4ab6feaed04fa44e1de39e9c823728bfdf906867: build(deps): bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#941) (@​dependabot[bot])
  • c6bd5a541a1526f9ade5e02b41dc11725c97c47c: build(deps): bump golang from 1.22.1-alpine to 1.22.2-alpine (#938) (@​dependabot[bot])
  • 298d74aeade4b4462961fa3c7f1d44a90d7a49d8: ci: Allow Dependabot to update github.com/hashicorp/go-getter (#946) (@​jalseth)

v0.51.0

Changelog

Bug Fixes

  • 1989c6c7a2ddbecf15f6b736978a468777694562: fix: Only raise problematic if error when rule has no name set (#935) (@​jalseth)

OPA Changes

  • 6609893ae256424714b43f3a54feb9da97804ffb: build(deps): bump github.com/open-policy-agent/opa from 0.62.1 to 0.63.0 (#933) (@​dependabot[bot])

Other Changes

  • 06e3f8d1e4de112effa58924c61e72d493794ffc: build(deps): bump cuelang.org/go from 0.7.1 to 0.8.0 (#930) (@​dependabot[bot])
  • bece944a615fffdf96d971e7fb05e98600bffe20: build(deps): bump github.com/moby/buildkit from 0.13.0 to 0.13.1 (#931) (@​dependabot[bot])
  • 515feda4311e2ac62b062d1002a9a70a8cd9177d: build(deps): bump golang from 1.22.0-alpine to 1.22.1-alpine (#929) (@​dependabot[bot])
  • 86afe2f34ba2d567ed99c85e363c3b6457e82ef9: ci: Pin bats version to work around broken CI (#936) (@​jalseth)
Commits
  • 9b082a1 build(deps): bump github.com/open-policy-agent/opa from 0.64.0 to 0.64.1 (#947)
  • 1b3cc13 build(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#948)
  • 298d74a ci: Allow Dependabot to update github.com/hashicorp/go-getter (#946)
  • 28d92a4 build(deps): bump github.com/moby/buildkit from 0.13.1 to 0.13.2 (#944)
  • c8ca358 build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.0 (#943)
  • 4ab6fea build(deps): bump github.com/spdx/tools-golang from 0.5.3 to 0.5.4 (#941)
  • 37b04d6 build(deps): bump github.com/docker/docker from v25.0.3+incompatible to v25.0...
  • c6bd5a5 build(deps): bump golang from 1.22.1-alpine to 1.22.2-alpine (#938)
  • 8f13bf6 build(deps): bump cuelang.org/go from 0.8.0 to 0.8.1 (#937)
  • 1989c6c fix: Only raise problematic if error when rule has no name set (#935)
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 0.62.1 to 0.64.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.64.1

This is a bug fix release addressing the following issues:

  • ci: Pin GitHub Actions macos runner version. The architecture of the GitHub Actions Runner macos-latest was changed from amd64 to arm64 and as a result darwin/amd64 binary wasn't released (#6720) authored by @​suzuki-shunsuke
  • plugins/discovery: Update comparison logic used in the discovery plugin for handling overrides. This fixes a panic that resulted from the comparison of uncomparable types (#6723) authored by @​ashutosh-narkar

v0.64.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.21

This release contains a mix of features, a new builtin function (json.marshal_with_options()), performance improvements, and bugfixes.

Breaking Change

Bootstrap configuration overrides Discovered configuration

Previously if Discovery was enabled, other features like bundle downloading and status reporting could not be configured manually. The reason for this was to prevent OPAs being deployed that could not be controlled through discovery. It's possible that the system serving the discovered config is unaware of all options locally available in OPA. Hence, we relax the configuration check when discovery is enabled so that the bootstrap configuration can contain plugin configurations. In case of conflicts, the bootstrap configuration for plugins wins. These local configuration overrides from the bootstrap configuration are included in the Status API messages so that management systems can get visibility into the local overrides.

In general, the bootstrap configuration overrides the discovered configuration. Previously this was not the case for all configuration fields. For example, if the discovered configuration changes the labels section, only labels that are additional compared to the bootstrap configuration are used, all other changes are ignored. This implies labels in the bootstrap configuration override those in the discovered configuration. But for fields such as default_decision, default_authorization_decision, nd_builtin_cache, the discovered configuration would override the bootstrap configuration. Now the behavior is more consistent for the entire configuration and helps to avoid accidental configuration errors. (#5722) authored by @​ashutosh-narkar

Add rego_version attribute to the bundle manifest

A new global rego_version attribute is added to the bundle manifest, to inform the OPA runtime about what Rego version (v0/v1) to use while parsing/compiling contained Rego files. There is also a new file_rego_versions attribute which allows individual files to override the global Rego version specified by rego_version.

When the version of the contained Rego is advertised by the bundle through this attribute, it is not required to run OPA with the --v1-compatible (or future --v0-compatible) flag in order to correctly parse, compile and evaluate the bundle's modules.

A bundle's rego_version attribute takes precedence over any applied --v1-compatible/--v0-compatible flag. (#6578) authored by @​johanfylling

Runtime, Tooling, SDK

  • compile: Fix panic from CLI + metadata entrypoint overlaps. The panic occurs when opa build was provided an entrypoint from both a CLI flag, and via entrypoint metadata annotation. (#6661) authored by @​philipaconrad
  • cmd/deps: Improve memory footprint and execution time of deps command for policies with high dependency connectivity (#6685) authored by @​johanfylling
  • server: Keep default decision path in-sync with manager's config (#6697) authored by @​ashutosh-narkar
  • server: Remove unnecessary AST-to-JSON conversions (#6665) and (#6669) authored by @​koponen-styra
  • sdk: Allow customizations of the plugin manager via SDK (#6662) authored by @​xico42
  • sdk: Fix issue where active parser options aren't propagated to module reload during bundle activation resulting in errors while activating bundles with v1 syntax (#6689) authored by @​xico42

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.64.1

This is a bug fix release addressing the following issues:

  • ci: Pin GitHub Actions macos runner version. The architecture of the GitHub Actions Runner macos-latest was changed from amd64 to arm64 and as a result darwin/amd64 binary wasn't released (#6720) authored by @​suzuki-shunsuke
  • plugins/discovery: Update comparison logic used in the discovery plugin for handling overrides. This fixes a panic that resulted from the comparison of uncomparable types (#6723) authored by @​ashutosh-narkar

0.64.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.21

This release contains a mix of features, a new builtin function (json.marshal_with_options()), performance improvements, and bugfixes.

Breaking Change

Bootstrap configuration overrides Discovered configuration

Previously if Discovery was enabled, other features like bundle downloading and status reporting could not be configured manually. The reason for this was to prevent OPAs being deployed that could not be controlled through discovery. It's possible that the system serving the discovered config is unaware of all options locally available in OPA. Hence, we relax the configuration check when discovery is enabled so that the bootstrap configuration can contain plugin configurations. In case of conflicts, the bootstrap configuration for plugins wins. These local configuration overrides from the bootstrap configuration are included in the Status API messages so that management systems can get visibility into the local overrides.

In general, the bootstrap configuration overrides the discovered configuration. Previously this was not the case for all configuration fields. For example, if the discovered configuration changes the labels section, only labels that are additional compared to the bootstrap configuration are used, all other changes are ignored. This implies labels in the bootstrap configuration override those in the discovered configuration. But for fields such as default_decision, default_authorization_decision, nd_builtin_cache, the discovered configuration would override the bootstrap configuration. Now the behavior is more consistent for the entire configuration and helps to avoid accidental configuration errors. (#5722) authored by @​ashutosh-narkar

Add rego_version attribute to the bundle manifest

A new global rego_version attribute is added to the bundle manifest, to inform the OPA runtime about what Rego version (v0/v1) to use while parsing/compiling contained Rego files. There is also a new file_rego_versions attribute which allows individual files to override the global Rego version specified by rego_version.

When the version of the contained Rego is advertised by the bundle through this attribute, it is not required to run OPA with the --v1-compatible (or future --v0-compatible) flag in order to correctly parse, compile and evaluate the bundle's modules.

A bundle's rego_version attribute takes precedence over any applied --v1-compatible/--v0-compatible flag. (#6578) authored by @​johanfylling

Runtime, Tooling, SDK

  • compile: Fix panic from CLI + metadata entrypoint overlaps. The panic occurs when opa build was provided an entrypoint from both a CLI flag, and via entrypoint metadata annotation. (#6661) authored by @​philipaconrad
  • cmd/deps: Improve memory footprint and execution time of deps command for policies with high dependency connectivity (#6685) authored by @​johanfylling
  • server: Keep default decision path in-sync with manager's config (#6697) authored by @​ashutosh-narkar
  • server: Remove unnecessary AST-to-JSON conversions (#6665) and (#6669) authored by @​koponen-styra
  • sdk: Allow customizations of the plugin manager via SDK (#6662) authored by @​xico42

... (truncated)

Commits
  • 298f97d Prepare v0.64.1 release
  • faf6382 ci: pin GitHub Actions macos runner version and build for darwin/amd64
  • e72e6f6 plugins/discovery: Update comparison logic for overrides
  • 75cc90a Prepare v0.64.0 release
  • a400281 server: Keep default decision path in-sync with manager's config
  • f2011b1 Adding Raygun to the policy-testing ecosystem (#6712)
  • b58e87f ast: Importing rego.v1 in v0 support modules when applicable (#6698)
  • 44fa8ad Relax configuration check when Discovery is enabled
  • ef8532f auth: requestToken close response body
  • 8260697 build: Update WASM Rego test generation setup (#6707)
  • Additional commits viewable in compare view

Updates github.com/package-url/packageurl-go from 0.1.2 to 0.1.3

Release notes

Sourced from github.com/package-url/packageurl-go's releases.

v0.1.3

What's Changed

New Contributors

Full Changelog: package-url/packageurl-go@v0.1.2...v0.1.3

Commits
  • 7cb81af Merge pull request #68 from ridhoq/dot-slash-valid-subpath-prefix
  • 6f82665 enable valid prefix
  • 322020f add ../ as a valid prefix test
  • 62a8a4b add ./ as a valid test case
  • a8ae119 Merge pull request #69 from shibumi/fix-ci
  • 11504a3 Fix Github Actions
  • fe183c1 Merge pull request #66 from magnusbaeck/go-mod-version
  • e033e37 go.mod: Bump required Go version to 1.18
  • See full diff in compare view

Updates github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.2.4

Bug Fixes

Features

  • Adds Support for Fulcio Client Credentials Flow, and Argument to Set Flow Explicitly (#3578)

Documentation

  • add oci bundle spec (#3622)
  • Correct help text of triangulate cmd (#3551)
  • Correct help text of verify-attestation policy argument (#3527)
  • feat: add OVHcloud MPR registry tested with cosign (#3639)

Testing

  • Refactor e2e-tests.yml workflow (#3627)
  • Clean up and clarify e2e scripts (#3628)
  • Don't ignore transparency log in tests if possible (#3528)
  • Make E2E tests hermetic (#3499)
  • add e2e test for pkcs11 token signing (#3495)

Full Changelog: sigstore/cosign@v2.2.3...v2.2.4

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.2.4

Bug Fixes

Features

  • Adds Support for Fulcio Client Credentials Flow, and Argument to Set Flow Explicitly (#3578)

Documentation

  • add oci bundle spec (#3622)
  • Correct help text of triangulate cmd (#3551)
  • Correct help text of verify-attestation policy argument (#3527)
  • feat: add OVHcloud MPR registry tested with cosign (#3639)

Testing

  • Refactor e2e-tests.yml workflow (#3627)
  • Clean up and clarify e2e scripts (#3628)
  • Don't ignore transparency log in tests if possible (#3528)
  • Make E2E tests hermetic (#3499)
  • add e2e test for pkcs11 token signing (#3495)
Commits

Updates github.com/sigstore/sigstore from 1.8.2 to 1.8.3

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.3

What's Changed

Full Changelog: sigstore/sigstore@v1.8.2...v1.8.3

Commits
  • 1b41d79 add support for verifying IEEE P1363 encoded ECDSA sigs (#1686)
  • 65a36c4 Update tuf root.json to version 9 from root-signing repo (#1649)
  • 656a152 build(deps): Bump the all group in /pkg/signature/kms/gcp with 1 update
  • 06016c2 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
  • 4440161 build(deps): Bump the all group with 2 updates
  • 97c04d0 build(deps): Bump the all group in /test/e2e with 1 update
  • 25dd9f3 build(deps): Bump the all group with 1 update
  • d78dca2 build(deps): Bump the all group in /pkg/signature/kms/aws with 1 update
  • 405c5c4 build(deps): Bump the all group
  • b7f6993 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
  • Additional commits viewable in compare view

Updates github.com/tektoncd/pipeline from 0.54.0 to 0.60.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.60.0 "Chinchilla Tobor"

🎉 Artifacts through Sidecar Logs and Concise Resolver Syntax(Stage I)🎉

-Docs @ v0.60.0 -Examples @ v0.60.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.60.0/r...
Description has been truncated

Bumps the all group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| cuelang.org/go | `0.8.0` | `0.8.2` |
| [github.com/enterprise-contract/enterprise-contract-controller/api](https://github.com/enterprise-contract/enterprise-contract-controller) | `0.1.39` | `0.1.47` |
| [github.com/gkampitakis/go-snaps](https://github.com/gkampitakis/go-snaps) | `0.5.2` | `0.5.4` |
| [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.4.1` | `1.4.2` |
| [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) | `1.7.3` | `1.7.4` |
| [github.com/leanovate/gopter](https://github.com/leanovate/gopter) | `0.2.9` | `0.2.11` |
| [github.com/open-policy-agent/conftest](https://github.com/open-policy-agent/conftest) | `0.50.0` | `0.52.0` |
| [github.com/package-url/packageurl-go](https://github.com/package-url/packageurl-go) | `0.1.2` | `0.1.3` |
| [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.2.3` | `2.2.4` |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.54.0` | `0.60.0` |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.29.3` | `0.30.1` |



Updates `cuelang.org/go` from 0.8.0 to 0.8.2

Updates `github.com/enterprise-contract/enterprise-contract-controller/api` from 0.1.39 to 0.1.47
- [Release notes](https://github.com/enterprise-contract/enterprise-contract-controller/releases)
- [Commits](enterprise-contract/enterprise-contract-controller@api/v0.1.39...api/v0.1.47)

Updates `github.com/gkampitakis/go-snaps` from 0.5.2 to 0.5.4
- [Release notes](https://github.com/gkampitakis/go-snaps/releases)
- [Commits](gkampitakis/go-snaps@v0.5.2...v0.5.4)

Updates `github.com/go-logr/logr` from 1.4.1 to 1.4.2
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.4.1...v1.4.2)

Updates `github.com/hashicorp/go-getter` from 1.7.3 to 1.7.4
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](hashicorp/go-getter@v1.7.3...v1.7.4)

Updates `github.com/leanovate/gopter` from 0.2.9 to 0.2.11
- [Release notes](https://github.com/leanovate/gopter/releases)
- [Changelog](https://github.com/leanovate/gopter/blob/master/CHANGELOG.md)
- [Commits](leanovate/gopter@v0.2.9...v0.2.11)

Updates `github.com/open-policy-agent/conftest` from 0.50.0 to 0.52.0
- [Release notes](https://github.com/open-policy-agent/conftest/releases)
- [Changelog](https://github.com/open-policy-agent/conftest/blob/master/.goreleaser.yml)
- [Commits](open-policy-agent/conftest@v0.50.0...v0.52.0)

Updates `github.com/open-policy-agent/opa` from 0.62.1 to 0.64.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.62.1...v0.64.1)

Updates `github.com/package-url/packageurl-go` from 0.1.2 to 0.1.3
- [Release notes](https://github.com/package-url/packageurl-go/releases)
- [Commits](package-url/packageurl-go@v0.1.2...v0.1.3)

Updates `github.com/sigstore/cosign/v2` from 2.2.3 to 2.2.4
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v2.2.3...v2.2.4)

Updates `github.com/sigstore/sigstore` from 1.8.2 to 1.8.3
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.2...v1.8.3)

Updates `github.com/tektoncd/pipeline` from 0.54.0 to 0.60.0
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v0.54.0...v0.60.0)

Updates `golang.org/x/net` from 0.22.0 to 0.25.0
- [Commits](golang/net@v0.22.0...v0.25.0)

Updates `k8s.io/apiextensions-apiserver` from 0.29.3 to 0.30.1
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.29.3...v0.30.1)

Updates `k8s.io/apimachinery` from 0.29.3 to 0.30.1
- [Commits](kubernetes/apimachinery@v0.29.3...v0.30.1)

Updates `k8s.io/client-go` from 0.29.3 to 0.30.1
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.3...v0.30.1)

Updates `k8s.io/kube-openapi` from 0.0.0-20231010175941-2dd684a91f00 to 0.0.0-20240228011516-70dd3763d340
- [Commits](https://github.com/kubernetes/kube-openapi/commits)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/enterprise-contract/enterprise-contract-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/gkampitakis/go-snaps
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/hashicorp/go-getter
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/leanovate/gopter
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/open-policy-agent/conftest
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/package-url/packageurl-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/cosign/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/tektoncd/pipeline
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/kube-openapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 27, 2024
Copy link
Author

dependabot bot commented on behalf of github Jun 3, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jun 3, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/all-71b28f8de7 branch June 3, 2024 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants