chore(deps): bump the go-deps group across 1 directory with 4 updates

[dependabot]

Bumps the go-deps group with 4 updates in the / directory: github.com/go-viper/mapstructure/v2, github.com/rudderlabs/analytics-go/v4, github.com/spf13/cobra and golang.org/x/term.

Updates github.com/go-viper/mapstructure/v2 from 2.4.0 to 2.5.0

Release notes

Sourced from github.com/go-viper/mapstructure/v2's releases.

v2.5.0

What's Changed

• Print qualified type name when ErrorUnused=true causes errors for unused keys in embedded fields by @​jmacd in go-viper/mapstructure#113
• build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by @​dependabot[bot] in go-viper/mapstructure#126
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.10 by @​dependabot[bot] in go-viper/mapstructure#131
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in go-viper/mapstructure#129
• feat: support for automatically initializing squashed pointer structs by @​tuunit in go-viper/mapstructure#71
• build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in go-viper/mapstructure#134
• build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @​dependabot[bot] in go-viper/mapstructure#142
• Fix slice deep map (owned) by @​jphastings in go-viper/mapstructure#144
• chore: fix lint violations by @​sagikazarmark in go-viper/mapstructure#157
• chore: switch to devenv by @​sagikazarmark in go-viper/mapstructure#158
• build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in go-viper/mapstructure#151
• build(deps): bump github/codeql-action from 3.29.10 to 4.31.2 by @​dependabot[bot] in go-viper/mapstructure#153
• build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 by @​dependabot[bot] in go-viper/mapstructure#154
• build(deps): bump actions/checkout from 5.0.0 to 6.0.1 by @​dependabot[bot] in go-viper/mapstructure#160
• build(deps): bump actions/setup-go from 6.0.0 to 6.1.0 by @​dependabot[bot] in go-viper/mapstructure#159
• build(deps): bump github/codeql-action from 4.31.7 to 4.31.8 by @​dependabot[bot] in go-viper/mapstructure#162
• build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in go-viper/mapstructure#161
• build(deps): bump github/codeql-action from 4.31.8 to 4.31.9 by @​dependabot[bot] in go-viper/mapstructure#163
• feature: Add map field name to convert structs dynamically instead of individually with a tag. by @​thespags in go-viper/mapstructure#149
• feat(decoder): support multiple tag names in order by @​DarkiT in go-viper/mapstructure#59
• feat: optional root object name by @​andreev-fn in go-viper/mapstructure#137
• Add unmarshaler interface by @​sagikazarmark in go-viper/mapstructure#166

New Contributors

• @​jmacd made their first contribution in go-viper/mapstructure#113
• @​tuunit made their first contribution in go-viper/mapstructure#71
• @​jphastings made their first contribution in go-viper/mapstructure#144
• @​thespags made their first contribution in go-viper/mapstructure#149
• @​DarkiT made their first contribution in go-viper/mapstructure#59
• @​andreev-fn made their first contribution in go-viper/mapstructure#137

Full Changelog: go-viper/mapstructure@v2.4.0...v2.5.0

Commits

• 9aa3f77 Merge pull request #166 from go-viper/unmarshal2
• ae32a61 doc: add more documentation
• 320c8c9 test: cover unmarshaler to map
• 5b22829 feat: add unmarshaler interface
• fd74c75 Merge pull request #137 from andreev-fn/opt-root-name
• dee4661 Merge pull request #59 from DarkiT/main
• 5605df4 chore: cover more test cases, fix edge cases, add docs
• 6166631 fix(mapstructure): add multi-tag support and regression tests
• 6471aa6 Merge pull request #149 from thespags/main
• dbffaaa chore: add more tests and clarification to the documentation
• Additional commits viewable in compare view

Updates github.com/rudderlabs/analytics-go/v4 from 4.2.2 to 4.2.3

Release notes

Sourced from github.com/rudderlabs/analytics-go/v4's releases.

v4.2.3

What's Changed

• chore: apply security best practices from step security by @​stepsecurity-app[bot] in rudderlabs/analytics-go#43
• chore: bump actions/checkout from 5.0.0 to 6.0.0 by @​dependabot[bot] in rudderlabs/analytics-go#46
• chore: bump actions/setup-go from 6.0.0 to 6.1.0 by @​dependabot[bot] in rudderlabs/analytics-go#45
• fix: use All instead of all for integrations by @​MattiasMTS in rudderlabs/analytics-go#50
• chore: bump step-security/harden-runner from 2.13.1 to 2.14.0 by @​dependabot[bot] in rudderlabs/analytics-go#49
• chore: bump actions/checkout from 6.0.0 to 6.0.1 by @​dependabot[bot] in rudderlabs/analytics-go#48
• chore: update workflow matrix to test multiple go version by @​saikumarrs in rudderlabs/analytics-go#52
• fix: add hard limits for MaxMessageBytes and MaxBatchBytes by @​vgupta98 in rudderlabs/analytics-go#51
• chore: release v4.2.3 by @​saikumarrs in rudderlabs/analytics-go#53

New Contributors

• @​stepsecurity-app[bot] made their first contribution in rudderlabs/analytics-go#43
• @​MattiasMTS made their first contribution in rudderlabs/analytics-go#50
• @​vgupta98 made their first contribution in rudderlabs/analytics-go#51

Full Changelog: rudderlabs/analytics-go@v4.2.2...v4.2.3

Commits

• a6d223a chore: release v4.2.3 (#53)
• 05d52bd fix: add hard limits for MaxMessageBytes and MaxBatchBytes (#51)
• 4d9323f chore: update workflow matrix to test multiple go version (#52)
• 0d84a69 chore: bump actions/checkout from 6.0.0 to 6.0.1 (#48)
• ee08f2c chore: bump step-security/harden-runner from 2.13.1 to 2.14.0 (#49)
• de41044 fix: use All instead of all for integrations (#50)
• e8ed7dc chore: bump actions/setup-go from 6.0.0 to 6.1.0 (#45)
• a375ce0 chore: bump actions/checkout from 5.0.0 to 6.0.0 (#46)
• 5cc0fb9 chore: apply security best practices from step security (#43)
• See full diff in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

• chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

• Fix linter and allow CI to pass by @​marckhouzam in spf13/cobra#2327
• fix: actions/setup-go v6 by @​jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

• Add documentation for repeated flags functionality by @​rvergis in spf13/cobra#2316

🍂 Refactors

• refactor: replace several vars with consts by @​htoyoda18 in spf13/cobra#2328
• refactor: change minUsagePadding from var to const by @​ssam18 in spf13/cobra#2325

🤗 New Contributors

• @​rvergis made their first contribution in spf13/cobra#2316
• @​htoyoda18 made their first contribution in spf13/cobra#2328
• @​ssam18 made their first contribution in spf13/cobra#2325
• @​dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

• 88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
• 346d408 fix: actions/setup-go v6 (#2337)
• fc81d20 refactor: change minUsagePadding from var to const (#2325)
• 117698a refactor: replace several vars with consts (#2328)
• e2dd29d Add documentation for repeated flags functionality (#2316)
• 0629892 Fix linter (#2327)
• See full diff in compare view

Updates golang.org/x/term from 0.36.0 to 0.39.0

Commits

• a7e5b04 go.mod: update golang.org/x dependencies
• 943f25d x/term: handle transpose
• 9b991dd x/term: handle delete key
• 3863673 go.mod: update golang.org/x dependencies
• 1231d54 go.mod: update golang.org/x dependencies
• 3475bc8 term: fix some comments
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions