Skip to content

build(deps): bump the common group across 1 directory with 7 updates #2836

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the common group across 1 directory with 7 updates #2836

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 8, 2025
edited
Loading

Bumps the common group with 7 updates in the / directory:

Package From To
github.com/CycloneDX/cyclonedx-go 0.9.2 0.9.3
github.com/aws/aws-sdk-go-v2 1.39.2 1.40.1
github.com/google/go-containerregistry 0.20.6 0.20.7
github.com/onsi/ginkgo/v2 2.25.3 2.27.3
github.com/onsi/gomega 1.38.2 1.38.3
github.com/quasilyte/go-ruleguard/dsl 0.3.22 0.3.23
github.com/samber/lo 1.51.0 1.52.0

Updates github.com/CycloneDX/cyclonedx-go from 0.9.2 to 0.9.3

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.9.3

Changelog

Fixes

  • 6636ce32f8b15a5104fda6636937e91d62d647e7: fix: .component.data was not a slice as per CycloneDX schema #242 (@​madpah)
  • 3e0f245f7b936eb38e16d0518a2a0020c0d69223: fix: add missing properties (@​rdghe)

Building and Packaging

  • 24c8c33dd36390754b63f9ab056b2bf62b1eb70f: build(deps): bump actions/setup-go from 5.2.0 to 5.4.0 (@​dependabot[bot])
  • 5fcf097fbdcedb6832989d0a74195f0698b48de8: build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 (@​dependabot[bot])
  • edea8aedbc8467a478ac4b11d587c9bdff68f0dd: build(deps): bump apache/skywalking-eyes from 0.6.0 to 0.7.0 (@​dependabot[bot])
  • f32eebc413c71327df4fd6f264aa9f22e6e8cce1: build(deps): bump gitpod/workspace-go from 4702df2 to 8985eb7 (@​dependabot[bot])
  • 7fdaa7fc2b0fe25ff5eb17d57bede84131415674: build(deps): bump gitpod/workspace-go from 6932342 to 4702df2 (@​dependabot[bot])
  • d62ea3cd450cbd3aebcbf9a50c8d12b2e4187b13: build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (@​dependabot[bot])
  • 4709461dea7961fbd824e433b3c68217ff856122: build(deps): bump goreleaser/goreleaser-action from 6.1.0 to 6.3.0 (@​dependabot[bot])
Commits
  • 72e4629 Merge pull request #243 from madpah/fix/component-data-schema
  • 6636ce3 fix: .component.data was not a slice as per CycloneDX schema #242
  • a39bf6b Merge pull request #232 from CycloneDX/dependabot/github_actions/actions/setu...
  • cff8cd5 Merge pull request #233 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
  • 6a93b76 Merge pull request #234 from rdghe/fix/add-missing-properties
  • 3e0f245 fix: add missing properties
  • f32eebc build(deps): bump gitpod/workspace-go from 4702df2 to 8985eb7
  • 5fcf097 build(deps): bump actions/setup-go from 5.4.0 to 5.5.0
  • 75427c8 Merge pull request #222 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
  • 551624d Merge pull request #217 from CycloneDX/dependabot/github_actions/apache/skywa...
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.39.2 to 1.40.1

Commits

Updates github.com/google/go-containerregistry from 0.20.6 to 0.20.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.7

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.20.6...v0.20.7

Commits
  • e075f20 go mod tidy on dependabot update (#2171)
  • 45aacf4 Bump the actions group across 1 directory with 3 updates (#2170)
  • 073b936 Update dependencies and deprecate DockerVersion field (#2164)
  • 390dacd Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /cmd/krane (#2163)
  • ca44d47 Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /pkg/authn/k8schain (#2162)
  • 999cc1f Bump github.com/docker/docker (#2161)
  • d1809c8 Build artifacts for riscv64 (#2159)
  • 7471efd Bump the auxiliary-deps group across 3 directories with 4 updates (#2156)
  • 2bb5bb0 Bump the actions group with 5 updates (#2155)
  • 16371c1 Remove manual vendor setting for dependabot (#2151)
  • Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.25.3 to 2.27.3

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.3

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

v2.27.2

2.27.2

Fixes

  • inline automaxprocs to simplify dependencies; this will be removed when Go 1.26 comes out [a69113a]

Maintenance

  • Fix syntax errors and typo [a99c6e0]
  • Fix paragraph position error [f993df5]

v2.27.1

2.27.1

Fixes

  • Fix Ginkgo Reporter slice-bounds panic [606c1cb]
  • Bug Fix: Add GinkoTBWrapper.Attr() and GinkoTBWrapper.Output() [a6463b3]

v2.27.0

2.27.0

Features

Transforming Nodes during Tree Construction

This release adds support for NodeArgsTransformers that can be registered with AddTreeConstructionNodeArgsTransformer.

These are called during the tree construction phase as nodes are constructed and can modify the node strings and decorators. This enables frameworks built on top of Ginkgo to modify Ginkgo nodes and enforce conventions.

Learn more here.

Spec Prioritization

A new SpecPriority(int) decorator has been added. Ginkgo will honor priority when ordering specs, ensuring that higher priority specs start running before lower priority specs

Learn more here.

Maintenance

  • Bump rexml from 3.4.0 to 3.4.2 in /docs (#1595) [1333dae]
  • Bump github.com/gkampitakis/go-snaps from 0.5.14 to 0.5.15 (#1600) [17ae63e]

v2.26.0

2.26.0

... (truncated)

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

2.27.2

Fixes

  • inline automaxprocs to simplify dependencies; this will be removed when Go 1.26 comes out [a69113a]

Maintenance

  • Fix syntax errors and typo [a99c6e0]
  • Fix paragraph position error [f993df5]

2.27.1

Fixes

  • Fix Ginkgo Reporter slice-bounds panic [606c1cb]
  • Bug Fix: Add GinkoTBWrapper.Attr() and GinkoTBWrapper.Output() [a6463b3]

2.27.0

Features

Transforming Nodes during Tree Construction

This release adds support for NodeArgsTransformers that can be registered with AddTreeConstructionNodeArgsTransformer.

These are called during the tree construction phase as nodes are constructed and can modify the node strings and decorators. This enables frameworks built on top of Ginkgo to modify Ginkgo nodes and enforce conventions.

Learn more here.

Spec Prioritization

A new SpecPriority(int) decorator has been added. Ginkgo will honor priority when ordering specs, ensuring that higher priority specs start running before lower priority specs

Learn more here.

Maintenance

  • Bump rexml from 3.4.0 to 3.4.2 in /docs (#1595) [1333dae]
  • Bump github.com/gkampitakis/go-snaps from 0.5.14 to 0.5.15 (#1600) [17ae63e]

2.26.0

Features

Ginkgo can now generate json-formatted reports that are compatible with the go test json format. Use ginkgo --gojson-report=report.go.json. This is not intended to be a replacement for Ginkgo's native json format which is more information rich and better models Ginkgo's test structure semantics.

Commits
  • f331739 v2.27.3
  • 1c9f356 ginkgo: report exit result in case of failure
  • ece19c8 ginkgo: fix data race
  • 9a84c21 v2.27.2
  • a69113a inline automaxprocs to simplify dependencies; this will be removed when Go 1....
  • a99c6e0 Fix syntax errors and typo
  • f993df5 Fix paragraph position error
  • 56cb393 v2.27.1
  • 2ce3f13 reporters: add enhanced bounds checking in emitTimeline to prevent slice panic
  • acf208a Adding check for malformed date
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.38.3

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits
  • a3ca2ca v1.38.3
  • 4dada36 fix failing have http tests
  • d40c691 make string formatitng more consistent for users who use format.Object directly
  • 2a37b46 doc: fix typos
  • ee26170 docs: fix HaveValue example
  • cc85c05 Bump actions/setup-go from 5 to 6 (#866)
  • 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
  • 67552c5 chore: apply fixes from Go modernize command
  • See full diff in compare view

Updates github.com/quasilyte/go-ruleguard/dsl from 0.3.22 to 0.3.23

Commits
  • 53ee6ef make Import() function more module-aware with v%d support
  • 7513f50 add ImportAs method
  • 5757289 fix: update min Go version (#481)
  • fbdfc93 Bump x/tools v0.30.0 (#484)
  • 0fe6f58 chore: fix CI ang go1.22 support (#479)
  • 5a36c24 support alias types in typeIdentical() (#478)
  • 173c282 build(deps): bump toolmantim/release-drafter from 5.25.0 to 6.0.0 (#470)
  • 51cece5 Fix for Go 1.22 (#473)
  • 9a00b21 build(deps): bump golang.org/x/tools from 0.14.0 to 0.17.0 (#469)
  • d18bf0f build(deps): bump toolmantim/release-drafter from 5.12.1 to 5.25.0 (#463)
  • Additional commits viewable in compare view

Updates github.com/samber/lo from 1.51.0 to 1.52.0

Release notes

Sourced from github.com/samber/lo's releases.

v1.52.0

Thrilled to announce the latest release of samber/lo!

This version brings major improvements:

  • A new it/ sub-package for everything related to the iter package added in Go 1.23. Big up to @​NathanBaulch for its help on this
  • A new documentation -> lo.samber.dev
  • Lots of micro fixes and performance improvements
  • Better code quality with many more linters

✨ A good introduction to streams in Go !

What's Changed

Tests

Style

... (truncated)

Commits
  • a25c42d bump v1.52.0
  • 15ac624 docs: adding go playground examples to it/ package (#708)
  • c7e9459 docs: lots of various doc improvements (#706)
  • fa2d724 doc: add it/mutable/parallel sub-package to llms.txt (#707)
  • aa3a48d fix(doc): add missing "contributing" entry in the menu
  • 5def06d fix(doc): various hot fixes
  • f9a57ef chore(deps-dev): bump typescript from 5.6.3 to 5.9.3 in /docs (#704)
  • 8b8aa28 fix(doc): make "iter" package visible in doc sidebar
  • 39e418f doc: adding a "contributing" page
  • 1b3cb42 fix(doc): improve algolia search
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 8, 2025
@dependabot dependabot bot requested a review from simar7 as a code owner December 8, 2025 16:04
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 8, 2025
@github-actions github-actions bot added the deps label Dec 8, 2025
@dependabot
build(deps): bump the common group across 1 directory with 7 updates
6454ff6 
Bumps the common group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) | `0.9.2` | `0.9.3` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.39.2` | `1.40.1` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.20.6` | `0.20.7` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.25.3` | `2.27.3` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.38.2` | `1.38.3` |
| [github.com/quasilyte/go-ruleguard/dsl](https://github.com/quasilyte/go-ruleguard) | `0.3.22` | `0.3.23` |
| [github.com/samber/lo](https://github.com/samber/lo) | `1.51.0` | `1.52.0` |



Updates `github.com/CycloneDX/cyclonedx-go` from 0.9.2 to 0.9.3
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Commits](CycloneDX/cyclonedx-go@v0.9.2...v0.9.3)

Updates `github.com/aws/aws-sdk-go-v2` from 1.39.2 to 1.40.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.39.2...v1.40.1)

Updates `github.com/google/go-containerregistry` from 0.20.6 to 0.20.7
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.20.6...v0.20.7)

Updates `github.com/onsi/ginkgo/v2` from 2.25.3 to 2.27.3
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.25.3...v2.27.3)

Updates `github.com/onsi/gomega` from 1.38.2 to 1.38.3
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.2...v1.38.3)

Updates `github.com/quasilyte/go-ruleguard/dsl` from 0.3.22 to 0.3.23
- [Release notes](https://github.com/quasilyte/go-ruleguard/releases)
- [Commits](quasilyte/go-ruleguard@dsl/v0.3.22...dsl/v0.3.23)

Updates `github.com/samber/lo` from 1.51.0 to 1.52.0
- [Release notes](https://github.com/samber/lo/releases)
- [Commits](samber/lo@v1.51.0...v1.52.0)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-version: 0.9.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.40.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.20.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.27.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.38.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/quasilyte/go-ruleguard/dsl
  dependency-version: 0.3.23
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/samber/lo
  dependency-version: 1.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/common-5590f987f9 branch from d8f640e to 6454ff6 Compare December 15, 2025 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simar7 simar7 Awaiting requested review from simar7 simar7 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file deps go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant