Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the go group across 1 directory with 19 updates #165

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the go group across 1 directory with 19 updates #165

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 30, 2024

Bumps the go group with 13 updates in the / directory:

Package From To
code.gitea.io/sdk/gitea 0.15.1 0.18.0
cuelang.org/go 0.7.0 0.9.2
github.com/containers/image/v5 5.29.2 5.31.1
github.com/fluxcd/kustomize-controller/api 1.0.0-rc.3 1.3.0
github.com/fluxcd/pkg/apis/event 0.5.2 0.9.0
github.com/fluxcd/pkg/runtime 0.42.0 0.47.1
github.com/fluxcd/pkg/untar 0.2.0 0.3.0
github.com/fluxcd/source-controller/api 1.1.0 1.3.0
github.com/open-component-model/git-controller 0.12.0 0.12.1
github.com/open-component-model/mpas-project-controller 0.6.0 0.6.1
github.com/open-component-model/ocm 0.8.0 0.11.0
github.com/open-component-model/replication-controller 0.13.0 0.13.1
github.com/teekennedy/goldmark-markdown 0.2.0 0.3.0

Updates code.gitea.io/sdk/gitea from 0.15.1 to 0.18.0

Updates cuelang.org/go from 0.7.0 to 0.9.2

Updates github.com/containers/image/v5 from 5.29.2 to 5.31.1

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.31.1

Fixes an interoperability issue while listing tags from JFrog Artifactory.

v5.31.0

What's Changed

... (truncated)

Commits
  • 57695f8 [release-5.31] Bump to v5.31.1
  • edcf253 Don't abort listing tags when we encounter a digest
  • 2281641 Merge pull request #2431 from TomSweeneyRedHat/dev/tsweeney/5.31.1-dev
  • 9ac505f [release-5.31] Bump c/image to v5.31.1-dev
  • b5a7587 Bump c/image to v5.31.0
  • 21ac79b Merge pull request #2428 from mtrmac/als-toc-fixes
  • 45f4f23 Don't completely ignore already-computed image size if we see an ALS layer
  • 27516f3 Don't modify a storage.Layer returned by c/storage
  • c2327e4 Don't unnecessarily trust the ALS FUSE server about the TOC digest
  • db02dee Merge pull request #2426 from containers/renovate/github.com-containers-stora...
  • Additional commits viewable in compare view

Updates github.com/fluxcd/kustomize-controller/api from 1.0.0-rc.3 to 1.3.0

Release notes

Sourced from github.com/fluxcd/kustomize-controller/api's releases.

v1.3.0

Changelog

v1.3.0 changelog

Container images

  • docker.io/fluxcd/kustomize-controller:v1.3.0
  • ghcr.io/fluxcd/kustomize-controller:v1.3.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.2

Changelog

v1.2.2 changelog

Container images

  • docker.io/fluxcd/kustomize-controller:v1.2.2
  • ghcr.io/fluxcd/kustomize-controller:v1.2.2

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.1

Changelog

v1.2.1 changelog

Container images

  • docker.io/fluxcd/kustomize-controller:v1.2.1
  • ghcr.io/fluxcd/kustomize-controller:v1.2.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.0

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/kustomize-controller/api's changelog.

1.3.0

Release date: 2024-05-06

This minor release comes with new features, improvements and bug fixes.

The controller has been updated to Kustomize v5.4, please see the kubernetes-sigs/kustomize changelog for more details.

The Flux Kustomization API gains two optional fields .spec.namePrefix and .spec.nameSuffix that can be used to specify a prefix and suffix to be added to the names of all managed resources.

The controller now supports the --feature-gates=StrictPostBuildSubstitutions=true flag, when enabled the post-build substitutions will fail if a variable without a default value is declared in files but is missing from the input vars.

When using variable substitution with values that are numbers or booleans, it is now possible to covert the values to strings, for more details see the post-build documentation.

In addition, the controller dependencies have been updated to Kubernetes v1.30 and controller-runtime v0.18. Various other dependencies have also been updated to their latest version to patch upstream CVEs.

Lastly, the controller is now built with Go 1.22.

Improvements:

  • Implement name prefix/suffix transformers #1134
  • Add StrictPostBuildSubstitutions feature flag #1130
  • Document how to use numbers and booleans in post build substitutions #1129
  • Remove deprecated aad pod identity from API docs #1152
  • api: Refer condition type constants from fluxcd/pkg/apis #1144
  • Update dependencies to Kustomize v5.4.0 #1128
  • Various dependency updates #1155 #1121 #1139 #1122

Fixes:

  • Fix requeue warning introduced by controller-runtime

... (truncated)

Commits
  • 83fbfee Merge pull request #1157 from fluxcd/release-v1.3.0
  • 458d7e2 Release v1.3.0
  • 4a02b3f Add changelog entry for v1.3.0
  • 882f6a7 Merge pull request #1154 from fluxcd/dependabot/github_actions/ci-b23e0286c6
  • dfcd4ed Merge pull request #1155 from fluxcd/source-controller-1.3.0
  • e81120a build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 in the ci group
  • 780954f Update source-controller API to v1.3.0
  • 99792de Merge pull request #1152 from dipti-pai/remove-deprecated-aad-podidentity-ref
  • fc663de Remove references aad pod identity
  • f0f9b03 Merge pull request #1149 from fluxcd/dependabot/github_actions/ci-cfa2b75493
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/event from 0.5.2 to 0.9.0

Commits
  • 598e74e git: update dependencies
  • c28ef00 Merge pull request #463 from fluxcd/go-git-bc-tag
  • da9a7b7 go-git: transform revision for last observed tag
  • 0009fda Merge pull request #404 from fluxcd/commit-string-fmt
  • db0daab git: make LastObservedCommit backwards compatible
  • 3fb1b65 git: tidy code around digests
  • b097686 git: align tests and code with commit fmt change
  • 24a228c git: change Commit#String format
  • da2a476 Merge pull request #462 from fluxcd/event-digest-key
  • 7053ad7 apis/event: add MetaDigestKey
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.1.2 to 1.5.0

Commits
  • e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
  • 2b974af Update sigs.k8s.io/controller-tools to v0.15.0
  • 52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
  • c906252 Update dependencies to Kubernetes 1.30
  • 92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
  • ccb916a build(deps): bump the ci group with 3 updates
  • 6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
  • abf5675 kustomize: Add support for namePrefix and nameSuffix
  • 98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
  • efcd824 build(deps): bump docker/setup-buildx-action in the ci group
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.42.0 to 0.47.1

Commits
  • adcfcbe Merge pull request #769 from fluxcd/controller-runtime-v0.18.1
  • 0e74a82 Update runtime pkg docs
  • b329d92 Update dependencies to controller-runtime v0.18.1
  • d0bf8ed Merge pull request #768 from fluxcd/dependabot/github_actions/ci-b93eff89fb
  • 14f05d7 build(deps): bump actions/checkout from 4.1.3 to 4.1.4 in the ci group
  • 3790516 Merge pull request #767 from fluxcd/up-internal-deps
  • 37ea30c Update internal dependencies
  • e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
  • 2b974af Update sigs.k8s.io/controller-tools to v0.15.0
  • 52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/untar from 0.2.0 to 0.3.0

Commits
  • 57d9588 Merge pull request #655 from fluxcd/oci-skip-symlinks
  • c62dc82 Skip symlinks during OCI layer decompression
  • 4f69e78 Merge pull request #653 from errordeveloper/pull-any-artifact
  • 887bad4 oci/clinet: ensure Pull sets URL field in metadata it returns
  • 3b8d634 oci/client: drop custom platfrom from default client options
  • 0202722 oci/client: relax annotation parser
  • 56bc0ab Merge pull request #654 from fluxcd/dependabot/github_actions/ci-663ed1f0b6
  • 10fa7df build(deps): bump the ci group with 1 update
  • 83f76d6 Merge pull request #652 from fluxcd/dependabot/github_actions/ci-d24d09982f
  • 5c0b256 build(deps): bump the ci group with 3 updates
  • Additional commits viewable in compare view

Updates github.com/fluxcd/source-controller/api from 1.1.0 to 1.3.0

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.3.0

Changelog

v1.3.0 changelog

Container images

  • docker.io/fluxcd/source-controller:v1.3.0
  • ghcr.io/fluxcd/source-controller:v1.3.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.5

Changelog

v1.2.5 changelog

Container images

  • docker.io/fluxcd/source-controller:v1.2.5
  • ghcr.io/fluxcd/source-controller:v1.2.5

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.4

Changelog

v1.2.4 changelog

Container images

  • docker.io/fluxcd/source-controller:v1.2.4
  • ghcr.io/fluxcd/source-controller:v1.2.4

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.2.3

Changelog

... (truncated)

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.3.0

Release date: 2024-05-03

This minor release promotes the Helm APIs to GA, and comes with new features, improvements and bug fixes.

HelmRepository

The HelmRepository API has been promoted from v1beta2 to v1 (GA). The v1 API is backwards compatible with v1beta2.

For HelmRepository of type oci, the .spec.insecure field allows connecting over HTTP to an insecure non-TLS container registry.

To upgrade from v1beta2, after deploying the new CRD and controller, set apiVersion: source.toolkit.fluxcd.io/v1 in the YAML files that contain HelmRepository definitions. Bumping the API version in manifests can be done gradually. It is advised not to delay this procedure as the beta versions will be removed after 6 months.

HelmChart

The HelmChart API have been promoted from v1beta2 to v1 (GA). The v1 API is backwards compatible with v1beta2, with the exception of the removal of the deprecated field .spec.valuesFile which was replaced with spec.valuesFiles.

The HelmChart API was extended with support for Notation signature verification of Helm OCI charts.

A new optional field .spec.ignoreMissingValuesFiles has been added, which allows the controller to ignore missing values files rather than failing to reconcile the HelmChart.

OCIRepository

The OCIRepository API was extended with support for Notation signature verification of OCI artifacts.

A new optional field .spec.ref.semverFilter has been added, which allows the controller to filter the tags based on regular expressions before applying the semver range. This allows picking the latest release candidate instead of the latest stable release.

In addition, the controller has been updated to Kubernetes v1.30.0, Helm v3.14.4, and various other dependencies to their latest version to patch upstream CVEs.

... (truncated)

Commits
  • a80a99b Merge pull request #1472 from fluxcd/release-v1.3.0
  • 70901f8 Release v1.3.0
  • 05ab8b1 Add changelog entry for v1.3.0
  • c9bf167 Merge pull request #1298 from fluxcd/phony-build
  • cc3d495 ci: Print controller logs after e2e run
  • 0bd5b95 Rename make target build to manager
  • edccfe9 Merge pull request #1470 from fluxcd/dependabot/github_actions/ci-b23e0286c6
  • 9ce2d61 build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 in the ci group
  • 16eeeef Merge pull request #1469 from fluxcd/dependabot/go_modules/go-deps-4411c5bc33
  • 8598b8d build(deps): bump google.golang.org/api
  • Additional commits viewable in compare view

Updates github.com/open-component-model/git-controller from 0.12.0 to 0.12.1

Release notes

Sourced from github.com/open-component-model/git-controller's releases.

v0.12.1

Release 0.12.1

  • fix: add the right version in the image overlay for the deployment (#145)
  • chore: remove personal information (#139)
Commits

Updates github.com/open-component-model/mpas-project-controller from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/open-component-model/mpas-project-controller's releases.

v0.6.1

Release 0.6.1

  • fix: add the right version in the image overlay for the deployment (#90)
Commits
  • 3a268a9 fix: add the right version in the image overlay for the deployment (#90)
  • See full diff in compare view

Updates github.com/open-component-model/ocm from 0.8.0 to 0.11.0

Release notes

Sourced from github.com/open-component-model/ocm's releases.

v0.11.0

Changelog

  • 72f033b0 (redo)Only re-encode subst value if it smells like json and target doc is yaml (#796)
  • 0c499cf2 Bump anchore/sbom-action from 0.15.11 to 0.16.0 in the ci group (#777)
  • 165edcc4 Bump github.com/cloudflare/cfssl from 0.0.0-20180223231731-4e2dcbde5004 to 1.6.5 (#787)
  • 89b6e960 Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in the go group (#786)
  • 87aa3425 Bump goreleaser/goreleaser-action from 5 to 6 in the ci group (#802)
  • b835e96c Bump the go group with 11 updates (#778)
  • 9b01bcaa Bump the go group with 14 updates (#805)
  • de169445 Bump the go group with 15 updates (#770)
  • ee356cdb Flake.nix (#795)
  • 509ba891 Follow Up To Maven Access (#781)
  • 93412ff3 Maven/access2 (#731)
  • c02802f7 Release v0.11.0
  • d1ab90dd ReleaseNotes for v0.11.0
  • 01f0e6f0 Revert "Bump goreleaser/goreleaser-action from 5 to 6 in the ci group… (#806)
  • 70f15885 Update version file to 0.11.0-dev
  • 93c6bad8 Vault tests (#749)
  • 2f023223 add workflow for updateVendorHash of flake (#789)
  • 5d36b1eb early CD validation for AddVersion (#779)
  • 84b92318 extract optionutils + fix new usages of moved packages (#775)
  • e76ec98c finally at least be able to sign commits (#800)
  • 4f6c9eb3 fix maven issues (#790)
  • 6fa92aae fix maven uploader and rename mavenArtifact to mavenPackage (#799)
  • 075c42ee fix pss signing server signing (#774)
  • a8a27810 fix update-vendor-hash (#791)
  • 1ba6e562 fix updateVendorHash (#793)
  • 55c022cd fix: make sure that format of replacement matches file format (#773)
  • ab463b22 fix: only have yaml out put on stdout if dryrun is enabled (#780)
  • c29184fe fix: use sync.OnceFunc instead of the struct package local value (#772)
  • d16f64ba goutils refactoring (#803)
  • 7f814d56 let's create PRs instead of direct commits (#792)
  • edaf5ea8 remove SPDX Header (#776)
  • 862458c1 sonatype nexus - quirks modes (#782)
  • 49a79ea7 update github.com/mandelsoft/logging
  • 16f55524 update release notes (#807)
  • ba23b9fd utility function to get module name (#783)
  • 7a913dc5 various fixes/improvements for tests and paths to prepare migration (#788)

v0.10.0

Release v0.10.0

  • externalize general go utilities in packages pkg{errors,exceptions,generics,finalizer} (#761)
  • Bump the go group with 12 updates (#768)
  • feat: add silent flag and fix dry run with prerequisites (#767)
  • let's get rid of reuse PendingDeprecationWarning (#765)
  • fix: stop ignoring most of the errors (#745)
  • feat: add uninstall command to the controller (#766)
  • Create codeql.yml (#764)
  • Npm/auth access (#757)

... (truncated)

Commits
  • c02802f Release v0.11.0
  • 16f5552 update release notes (#807)
  • 01f0e6f Revert "Bump goreleaser/goreleaser-action from 5 to 6 in the ci group… (#806)
  • d16f64b goutils refactoring (#803)
  • 9b01bca Bump the go group with 14 updates (#805)
  • d1ab90d ReleaseNotes for v0.11.0
  • 87aa342 Bump goreleaser/goreleaser-action from 5 to 6 in the ci group (#802)
  • e76ec98 finally at least be able to sign commits (#800)
  • 6fa92aa fix maven uploader and rename mavenArtifact to mavenPackage (#799)
  • 72f033b (redo)Only re-encode subst value if it smells like json and target doc is yam...
  • Additional commits viewable in compare view

Updates github.com/open-component-model/replication-controller from 0.13.0 to 0.13.1

Release notes

Sourced from github.com/open-component-model/replication-controller's releases.

v0.13.1

Release 0.13.1

  • fix: add the right version in the image overlay for the deployment (#140)
  • fix: remove any more personal data (#137)
  • chore: remove personal information (#134)
Commits

Updates github.com/teekennedy/goldmark-markdown from 0.2.0 to 0.3.0

Commits
  • 0cdef01 Fix lint errors
  • 96dcd23 Update module to go 1.21
  • 1e1dd11 Add tests for custom node renderers
  • 0f4d780 renderer: add support for extending node renderers
  • a9e5318 Bump gopkg.in/yaml.v3 from 3.0.0-20200313102051-9f266ea9e77c to 3.0.0
  • 286638d renderer: add support for ordered list
  • 5350b71 Fix typo
  • 215f4f5 Use go 1.18, upgrade all workflow actions
  • See full diff in compare view

Updates github.com/yuin/goldmark from 1.4.13 to 1.5.4

Commits

Updates golang.org/x/exp from 0.0.0-20240103183307-be819d1f06fc to 0.0.0-20240506185415-9bf2ced13842

Commits

Updates golang.org/x/oauth2 from 0.16.0 to 0.20.0

Commits
  • 84cb9f7 oauth2: fix typo in comment
  • 4b7f0bd go.mod: update cloud.google.com/go/compute/metadata dependency
  • e11eea8 microsoft: added DeviceAuthURL to AzureADEndpoint
  • d0e617c google: add Credentials.UniverseDomainProvider
  • 3c9c1f6 oauth2/google: fix the logic of sts 0 value of expires_in
  • 5a05c65 oauth2/google: fix remove content-type header from idms get requests
  • 3a6776a appengine: drop obsolete code for AppEngine envs <=Go 1.11
  • 85231f9 go.mod: update golang.org/x dependencies
  • 34a7afa google/externalaccount: add Config.UniverseDomain
  • 95bec95 google/externalaccount: moves externalaccount package out of internal and exp...
  • Additional commits viewable in compare view

Updates k8s.io/klog/v2 from 2.110.1 to 2.120.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.30 (Take 2)

What's Changed

Full Changelog: kubernetes/klog@v2.120.0...v2.120.1

Prepare klog release for Kubernetes v1.30 (Take 1)

What's Changed

New Contributors

Full Changelog: kubernetes/klog@v2.110.1...v2.120.0

Commits
  • 007e661 textlogger: allow caller to override stack unwinding
  • 2d08296 Merge pull request #396 from pohly/slog-helper
  • e4deee8 slog: use main logr package instead of logr/slogr
  • 5d1d2d5 add SetSlogLogger
  • 39afdba dependencies: logr v1.4.1
  • 2086216 Merge pull request #393 from kaisoz/add-safeptr
  • 881fa0b Add SafePtr wrapper
  • 8dd3f2e Merge pull request #395 from pohly/readme-update
  • d3dd725 docs: clarify relationship between different features
  • 761b630 Merge pull request #394 from pohly/owners-update
  • Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20240102154912-e7106e64919e to 0.0.0-20240310230437-4693a0247e57

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> wi...

Description has been truncated

@dependabot
build(deps): bump the go group across 1 directory with 19 updates
bb2bb81 
Bumps the go group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| code.gitea.io/sdk/gitea | `0.15.1` | `0.18.0` |
| cuelang.org/go | `0.7.0` | `0.9.2` |
| [github.com/containers/image/v5](https://github.com/containers/image) | `5.29.2` | `5.31.1` |
| [github.com/fluxcd/kustomize-controller/api](https://github.com/fluxcd/kustomize-controller) | `1.0.0-rc.3` | `1.3.0` |
| [github.com/fluxcd/pkg/apis/event](https://github.com/fluxcd/pkg) | `0.5.2` | `0.9.0` |
| [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.42.0` | `0.47.1` |
| [github.com/fluxcd/pkg/untar](https://github.com/fluxcd/pkg) | `0.2.0` | `0.3.0` |
| [github.com/fluxcd/source-controller/api](https://github.com/fluxcd/source-controller) | `1.1.0` | `1.3.0` |
| [github.com/open-component-model/git-controller](https://github.com/open-component-model/git-controller) | `0.12.0` | `0.12.1` |
| [github.com/open-component-model/mpas-project-controller](https://github.com/open-component-model/mpas-project-controller) | `0.6.0` | `0.6.1` |
| [github.com/open-component-model/ocm](https://github.com/open-component-model/ocm) | `0.8.0` | `0.11.0` |
| [github.com/open-component-model/replication-controller](https://github.com/open-component-model/replication-controller) | `0.13.0` | `0.13.1` |
| [github.com/teekennedy/goldmark-markdown](https://github.com/teekennedy/goldmark-markdown) | `0.2.0` | `0.3.0` |



Updates `code.gitea.io/sdk/gitea` from 0.15.1 to 0.18.0

Updates `cuelang.org/go` from 0.7.0 to 0.9.2

Updates `github.com/containers/image/v5` from 5.29.2 to 5.31.1
- [Release notes](https://github.com/containers/image/releases)
- [Commits](containers/image@v5.29.2...v5.31.1)

Updates `github.com/fluxcd/kustomize-controller/api` from 1.0.0-rc.3 to 1.3.0
- [Release notes](https://github.com/fluxcd/kustomize-controller/releases)
- [Changelog](https://github.com/fluxcd/kustomize-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/kustomize-controller@v1.0.0-rc.3...v1.3.0)

Updates `github.com/fluxcd/pkg/apis/event` from 0.5.2 to 0.9.0
- [Commits](fluxcd/pkg@kustomize/v0.5.2...git/v0.9.0)

Updates `github.com/fluxcd/pkg/apis/meta` from 1.1.2 to 1.5.0
- [Commits](fluxcd/pkg@apis/meta/v1.1.2...apis/meta/v1.5.0)

Updates `github.com/fluxcd/pkg/runtime` from 0.42.0 to 0.47.1
- [Commits](fluxcd/pkg@runtime/v0.42.0...runtime/v0.47.1)

Updates `github.com/fluxcd/pkg/untar` from 0.2.0 to 0.3.0
- [Commits](fluxcd/pkg@tar/v0.2.0...tar/v0.3.0)

Updates `github.com/fluxcd/source-controller/api` from 1.1.0 to 1.3.0
- [Release notes](https://github.com/fluxcd/source-controller/releases)
- [Changelog](https://github.com/fluxcd/source-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/source-controller@v1.1.0...v1.3.0)

Updates `github.com/open-component-model/git-controller` from 0.12.0 to 0.12.1
- [Release notes](https://github.com/open-component-model/git-controller/releases)
- [Changelog](https://github.com/open-component-model/git-controller/blob/main/.goreleaser.yaml)
- [Commits](open-component-model/git-controller@v0.12.0...v0.12.1)

Updates `github.com/open-component-model/mpas-project-controller` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/open-component-model/mpas-project-controller/releases)
- [Changelog](https://github.com/open-component-model/mpas-project-controller/blob/main/.goreleaser.yaml)
- [Commits](open-component-model/mpas-project-controller@v0.6.0...v0.6.1)

Updates `github.com/open-component-model/ocm` from 0.8.0 to 0.11.0
- [Release notes](https://github.com/open-component-model/ocm/releases)
- [Changelog](https://github.com/open-component-model/ocm/blob/main/.goreleaser.yaml)
- [Commits](open-component-model/ocm@v0.8.0...v0.11.0)

Updates `github.com/open-component-model/replication-controller` from 0.13.0 to 0.13.1
- [Release notes](https://github.com/open-component-model/replication-controller/releases)
- [Changelog](https://github.com/open-component-model/replication-controller/blob/main/.goreleaser.yaml)
- [Commits](open-component-model/replication-controller@v0.13.0...v0.13.1)

Updates `github.com/teekennedy/goldmark-markdown` from 0.2.0 to 0.3.0
- [Commits](teekennedy/goldmark-markdown@v0.2.0...v0.3.0)

Updates `github.com/yuin/goldmark` from 1.4.13 to 1.5.4
- [Release notes](https://github.com/yuin/goldmark/releases)
- [Commits](yuin/goldmark@v1.4.13...v1.5.4)

Updates `golang.org/x/exp` from 0.0.0-20240103183307-be819d1f06fc to 0.0.0-20240506185415-9bf2ced13842
- [Commits](https://github.com/golang/exp/commits)

Updates `golang.org/x/oauth2` from 0.16.0 to 0.20.0
- [Commits](golang/oauth2@v0.16.0...v0.20.0)

Updates `k8s.io/klog/v2` from 2.110.1 to 2.120.1
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](kubernetes/klog@v2.110.1...v2.120.1)

Updates `k8s.io/utils` from 0.0.0-20240102154912-e7106e64919e to 0.0.0-20240310230437-4693a0247e57
- [Commits](https://github.com/kubernetes/utils/commits)

---
updated-dependencies:
- dependency-name: code.gitea.io/sdk/gitea
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: cuelang.org/go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/kustomize-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/apis/event
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/apis/meta
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/untar
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/source-controller/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/open-component-model/git-controller
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/open-component-model/mpas-project-controller
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/open-component-model/ocm
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/open-component-model/replication-controller
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/teekennedy/goldmark-markdown
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/yuin/goldmark
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/exp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 30, 2024
@dependabot dependabot bot mentioned this pull request Jun 30, 2024
Closed
@github-actions GitHub Actions
Copy link

Mend Scan Summary: ❌

Repository: open-component-model/mpas-product-controller

VIOLATION DESCRIPTION NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES 1
MAJOR UPDATES AVAILABLE 0
LICENSE REQUIRES REVIEW 1
LICENSE RISK HIGH 9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY 0

Detailed Logs: mend-scan-> Generate Report
Mend UI

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants