Skip to content
This repository was archived by the owner on Nov 7, 2025. It is now read-only.

Bump github.com/gorilla/sessions from 1.1.1 to 1.4.0 in /quesma #887

Merged
merged 1 commit into from
Oct 15, 2024
Merged

Bump github.com/gorilla/sessions from 1.1.1 to 1.4.0 in /quesma #887

merged 1 commit into from
Oct 15, 2024

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 15, 2024

Bumps github.com/gorilla/sessions from 1.1.1 to 1.4.0.

Release notes

Sourced from github.com/gorilla/sessions's releases.

v1.4.0

Summary

There were new features important for compatibility with some of the upcoming cookie security changes with google that required a new Partitioned attribute be added to the cookies, this attribute was only available in go 1.23, which has just recently been released.

If you require a version that is backward compatible with a lower version than go 1.23 then you'll need to use release v1.3.0.

The following notes show the difference between 1.2.2 and the current version because 1.3.0 was a hotfix for go 1.22 and below.

What's Changed

New Contributors

Full Changelog: gorilla/sessions@v1.2.2...v1.4.0

v1.3.0

The maintainers of this repo merged a PR into main with the net/http.Cookie field Partitioned which is a field only available in go 1.23. As a result all usage of the main branch will not work unless users are on 1.23 which at the time of writing is currently unreleased. This broke the install for a number of users so the intent of this release is to push out a couple of features and bugfixes with the go 1.23 specific changes removed.

Releases should be used exclusively until go 1.23 is released.

What's Changed

New Contributors

Full Changelog: gorilla/sessions@v1.2.2...v1.3.0

Release v1.2.2

What's Changed

... (truncated)

Commits
  • bb4cd60 chore: Update readme to relect go 1.23 release
  • e2083f9 chore: update to go 1.23 for workflows
  • 6eef180 fix: Missing SameSite attribute on options
  • a56e60c Add mysql store to the readme (#279)
  • 466d29e chore: Update readme and copyrights
  • 7a8159e chore(go): Remove go version 1.11 support
  • ff5660f chore(go): Add warning about main branch
  • 8e2d547 chore(go): Remove vendored dependencies
  • c373b3e Fix gorillatoolkit link in README.md (#278)
  • ef99c78 fix(cookie): Add default samesite (#276)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/gorilla/sessions from 1.1.1 to 1.4.0 in /quesma
26759df 
Bumps [github.com/gorilla/sessions](https://github.com/gorilla/sessions) from 1.1.1 to 1.4.0.
- [Release notes](https://github.com/gorilla/sessions/releases)
- [Commits](gorilla/sessions@v1.1.1...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/gorilla/sessions
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner October 15, 2024 06:02
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 15, 2024
@jakozaur jakozaur added this pull request to the merge queue Oct 15, 2024
Merged via the queue into main with commit d388c92 Oct 15, 2024
4 checks passed
@jakozaur jakozaur deleted the dependabot/go_modules/quesma/github.com/gorilla/sessions-1.4.0 branch October 15, 2024 12:55
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@nablaone nablaone Awaiting requested review from nablaone nablaone is a code owner automatically assigned from QuesmaOrg/engineering

@mieciu mieciu Awaiting requested review from mieciu mieciu is a code owner automatically assigned from QuesmaOrg/engineering

@trzysiek trzysiek Awaiting requested review from trzysiek trzysiek is a code owner automatically assigned from QuesmaOrg/engineering

@avelanarius avelanarius Awaiting requested review from avelanarius avelanarius is a code owner automatically assigned from QuesmaOrg/engineering

1 more reviewer

@jakozaur jakozaur jakozaur approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jakozaur