Skip to content

chore(deps): bump the dependencies group across 1 directory with 4 updates#114

Merged
jmeridth merged 2 commits intomainfrom
dependabot/go_modules/dependencies-10a552e418
Aug 31, 2025
Merged

chore(deps): bump the dependencies group across 1 directory with 4 updates#114
jmeridth merged 2 commits intomainfrom
dependabot/go_modules/dependencies-10a552e418

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 26, 2025
edited
Loading

Bumps the dependencies group with 3 updates in the / directory: github.com/go-git/go-git/v5, github.com/hashicorp/go-plugin and github.com/privateerproj/privateer-sdk.

Updates github.com/go-git/go-git/v5 from 5.14.0 to 5.16.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.2

What's Changed

Full Changelog: go-git/go-git@v5.16.1...v5.16.2

v5.16.1

What's Changed

New Contributors

Full Changelog: go-git/go-git@v5.16.0...v5.16.1

v5.16.0

What's Changed

Full Changelog: go-git/go-git@v5.15.0...v5.16.0

v5.15.0

What's Changed

Full Changelog: go-git/go-git@v5.14.0...v5.15.0

Commits
  • ed8216c Merge pull request #1567 from kane8n/backport-to-v5-patricsss/fix-1455
  • 4f35eba Merge pull request #1484 from patricsss/patricsss/fix-1455
  • fd1a836 Merge pull request #1561 from kane8n/backport-to-v5-fix-sparse-checkout-status
  • c3c8410 Merge pull request #1492 from onee-only/fix-sparse-checkout-status
  • 6d4a5c6 Merge pull request #1515 from pjbgf/regre
  • beedd6b plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514
  • 763ce2e Merge pull request #1510 from hiddeco/mtls-support
  • 5320e1b plumbing: surface transport configuration errors
  • 9bbc93b plumbing: fix unintended pointer mutation in test
  • f3783f4 plumbing: support mTLS for HTTPS protocol
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-plugin from 1.6.3 to 1.7.0

Release notes

Sourced from github.com/hashicorp/go-plugin's releases.

v1.7.0

What's Changed

New Contributors

Full Changelog: hashicorp/go-plugin@v1.6.3...v1.7.0

Changelog

Sourced from github.com/hashicorp/go-plugin's changelog.

v1.7.0

CHANGES:

  • When go-plugin encounters a stack trace on the server stderr stream, it now raises output to a log-level of Error instead of Debug. [GH-292]

ENHANCEMENTS:

  • Don't spend resources parsing log lines when logging is disabled [GH-352]

v1.6.2

ENHANCEMENTS:

  • Added support for gRPC dial options to the Dial API [GH-257]

BUGS:

  • Fixed a bug where reattaching to a plugin that exits could kill an unrelated process [GH-320]

v1.6.1

BUGS:

  • Suppress spurious os.ErrClosed on plugin shutdown [GH-299]

ENHANCEMENTS:

  • deps: bump google.golang.org/grpc to v1.58.3 [GH-296]

v1.6.0

CHANGES:

  • plugin: Plugins written in other languages can optionally start to advertise whether they support gRPC broker multiplexing. If the environment variable PLUGIN_MULTIPLEX_GRPC is set, it is safe to include a seventh field containing a boolean value in the |-separated protocol negotiation line.

ENHANCEMENTS:

  • Support muxing gRPC broker connections over a single listener [GH-288]
  • client: Configurable buffer size for reading plugin log lines [GH-265]
  • Use buf for proto generation [GH-286]
  • deps: bump golang.org/x/net to v0.17.0 [GH-285]
  • deps: bump golang.org/x/sys to v0.13.0 [GH-285]
  • deps: bump golang.org/x/text to v0.13.0 [GH-285]

v1.5.2

ENHANCEMENTS:

... (truncated)

Commits
  • 92fb14e update changelog for v1.7.0 (#356)
  • d2a064e Complete the implementation of moving panics to the Error log level (#353)
  • b02adb3 Spend less time preparing to write log lines when the logger is disabled (#352)
  • a938e9a [Compliance] - PR Template Changes Required (#350)
  • f4acdfe Bump protobuf from 4.24.4 to 4.25.8 in /examples/grpc/plugin-python (#348)
  • ba61a65 [chore] : Bump the go group across 2 directories with 7 updates (#346)
  • 64b8d76 fix additional lint issues and expand linter scope (#344)
  • 810097c [chore] : Bump golang.org/x/net (#347)
  • c882484 [chore] : Bump the actions group with 3 updates (#345)
  • 21b9619 IND-3869 enabling dependabot (#343)
  • Additional commits viewable in compare view

Updates github.com/privateerproj/privateer-sdk from 1.0.2 to 1.4.0

Release notes

Sourced from github.com/privateerproj/privateer-sdk's releases.

v1.4.0

Changelog

🚀 Features

  • feat: Add recommendation to assessment result (upgrade Gemara 0.4.2) @​speas038 (#94)

🧰 Maintenance

See details of all code changes since previous release

v1.3.0

Changelog

🚀 Features

🧰 Maintenance

  • chore: replace gopkg.in/yaml.v3 with github.com/goccy/go-yaml @​trumant (#86)
  • chore(deps): bump github/ospo-reusable-workflows from 0.4.6 to 0.5.0 in the dependencies group @dependabot[bot] (#84)

See details of all code changes since previous release

v1.2.0

Changelog

🚀 Features

🧰 Maintenance

See details of all code changes since previous release

v1.1.0

Changelog

🚀 Features

🧰 Maintenance

  • chore(deps): bump actions/setup-go from 5.3.0 to 5.4.0 in the dependencies group @dependabot[bot] (#81)

See details of all code changes since previous release

... (truncated)

Commits
  • 32c2b41 feat: Add recommendation to assessment result (upgrade Gemara 0.4.2) (#94)
  • fa4274d chore(deps): bump the dependencies group across 1 directory with 2 updates (#89)
  • 92cfdb6 chore: use ossf/gemara@v0.3.10 in place of sci (#91)
  • 06eee3d feat: renamed 'vessel' struct to 'evaluation coordinator' (#92)
  • cb7efe7 chore: replace gopkg.in/yaml.v3 with github.com/goccy/go-yaml (#86)
  • 84872c0 chore(deps): bump github/ospo-reusable-workflows (#84)
  • d95bede feat: linting action and fixes (#83)
  • caf5d30 chore(deps): bump the dependencies group with 2 updates (#80)
  • 0b00f23 feat: Support new SCI assessment change functionality (#82)
  • 7ee67fe chore(deps): bump actions/setup-go in the dependencies group (#81)
  • Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.19.0 to 1.20.1

Release notes

Sourced from github.com/spf13/viper's releases.

v1.20.1

What's Changed

Bug Fixes 🐛

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

[!WARNING] This release includes a few minor breaking changes. Read the upgrade guide for details.

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Bug Fixes 🐛

Breaking Changes 🛠

Dependency Updates ⬆️

... (truncated)

Commits
  • 9568cfc fix: config type check when loading any config
  • fd05140 fix(config): get config type from v.configType or config file ext
  • c038295 docs: add update instructions for 1.20
  • 9c07e0f build: disable unused linters
  • 48112d6 ci: add Go 1.24 to the test matrix
  • 66e3e28 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
  • 17b96ac New Logo
  • 8b223a4 build(deps): bump github.com/spf13/cast from 1.7.0 to 1.7.1
  • 91fd363 chore: update afero
  • e75c48f Fix issues reported by testifylint
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Aug 26, 2025
@dependabot dependabot bot requested a review from a team as a code owner August 26, 2025 11:09
@jmeridth
Copy link
Member

jmeridth commented Aug 31, 2025

@dependabot rebase

@dependabot
chore(deps): bump the dependencies group across 1 directory with 4 up…
35f5dc7 
…dates

Bumps the dependencies group with 3 updates in the / directory: [github.com/go-git/go-git/v5](https://github.com/go-git/go-git), [github.com/hashicorp/go-plugin](https://github.com/hashicorp/go-plugin) and [github.com/privateerproj/privateer-sdk](https://github.com/privateerproj/privateer-sdk).


Updates `github.com/go-git/go-git/v5` from 5.14.0 to 5.16.2
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.14.0...v5.16.2)

Updates `github.com/hashicorp/go-plugin` from 1.6.3 to 1.7.0
- [Release notes](https://github.com/hashicorp/go-plugin/releases)
- [Changelog](https://github.com/hashicorp/go-plugin/blob/main/CHANGELOG.md)
- [Commits](hashicorp/go-plugin@v1.6.3...v1.7.0)

Updates `github.com/privateerproj/privateer-sdk` from 1.0.2 to 1.4.0
- [Release notes](https://github.com/privateerproj/privateer-sdk/releases)
- [Commits](privateerproj/privateer-sdk@v1.0.2...v1.4.0)

Updates `github.com/spf13/viper` from 1.19.0 to 1.20.1
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.19.0...v1.20.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/hashicorp/go-plugin
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/privateerproj/privateer-sdk
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/spf13/viper
  dependency-version: 1.20.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/dependencies-10a552e418 branch from 6fafa6b to 35f5dc7 Compare August 31, 2025 22:37
@jmeridth
fix: linting issue
9548e54 
Signed-off-by: jmeridth <35014+jmeridth@users.noreply.github.com>
@jmeridth jmeridth merged commit b636ed7 into main Aug 31, 2025
5 checks passed
@jmeridth jmeridth deleted the dependabot/go_modules/dependencies-10a552e418 branch August 31, 2025 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmeridth jmeridth jmeridth approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jmeridth