Updates go mod version to 1.23.0 #598

paketo-bot · 2024-08-26T03:31:38Z

No description provided.

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.0 to 0.32.1. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.0...v0.32.1) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.1 to 0.32.2. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.1...v0.32.2) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

* Bump github.com/anchore/syft from 0.32.2 to 0.33.0 Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.2 to 0.33.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.2...v0.33.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * extract dependency IDs from syft output since these seem to change with syft releases Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <[email protected]>

to avoid brittleness from irrelevant SBOM content changes

* Bump github.com/anchore/syft from 0.33.0 to 0.34.0 Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.33.0 to 0.34.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.33.0...v0.34.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * in tests: extract syft SBOM schema info from actual SBOM Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <[email protected]> Co-authored-by: Sophie Wigmore <[email protected]>

Currently, the servicebindings.Resolve(...) function does not consider whitespace when comparing the requested type/providers with what's on the filesystem. This change ensures that the type/providers read from disk are sanitized before they are used.

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.34.0 to 0.35.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.0 to 0.35.1. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.35.0...v0.35.1) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

* Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 0.4.1 to 1.0.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v0.4.1...v1.0.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * update toml decoding Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.17.0 to 1.18.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.17.0...v1.18.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.1 to 0.36.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.35.1...v0.36.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.18.0...v1.18.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.36.0 to 0.37.5. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.36.0...v0.37.5) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.5 to 0.37.10. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.37.5...v0.37.10) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.10 to 0.38.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.37.10...v0.38.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

* Fixes error interpolation case where err is nil * Adds failure case where there is additional data on the tar file Co-authored-by: Forest Eckhardt <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.38.0 to 0.39.3. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.38.0...v0.39.3) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.39.3 to 0.40.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.39.3...v0.40.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.3.1 to 1.4.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.3.1...v1.4.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.29.0 to 1.30.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.30.0 to 1.31.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.30.0...v1.31.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.0 to 1.31.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.0...v1.31.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.32.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.1...v1.32.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.12. - [Commits](ulikunitz/xz@v0.5.11...v0.5.12) --- updated-dependencies: - dependency-name: github.com/ulikunitz/xz dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.32.0 to 1.33.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.32.0...v1.33.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.0 to 1.33.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: Johannes Dillmann <[email protected]>

Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/gabriel-vasile/mimetype/releases) - [Commits](gabriel-vasile/mimetype@v1.4.3...v1.4.4) --- updated-dependencies: - dependency-name: github.com/gabriel-vasile/mimetype dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.4 to 1.4.5. - [Release notes](https://github.com/gabriel-vasile/mimetype/releases) - [Commits](gabriel-vasile/mimetype@v1.4.4...v1.4.5) --- updated-dependencies: - dependency-name: github.com/gabriel-vasile/mimetype dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.1 to 1.34.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.33.1...v1.34.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

linux-foundation-easycla · 2024-08-26T03:31:52Z

✅ login: dependabot[bot] (a8d191f, 6ff09da, f1329b1, c6f84d7, c40e34d, 592fec7, 14956ac, 246b9c4, 9784594, 8117a8c, 181d2b3, 0ff8008, ad03504, 73d8bc1, 429f8e4, 054c1ca, 56b3d48, 4a6b6e9, 9bfc1d4, 8ae6429, ec2329c, 15857fd, 5add877, 53a23cf, d991581, 37dbc35, 795b1b9, 9c33469, 87586bc, 909d039, bfefb95, 67120d3, 0536aa9, de0f00f, 0e95819, e6a8364, 63415bf, 56ac668, 881a73d, 8f76e7a, 67a71e0, 95719da, 57021e5, 8bb42ef, 8f861ec, e0511eb, fb8c35f, f9813db, 8a2fa04, 74d5f06, fe14322, 1d84cfe, 6954a42, a65afbb, 60faaec, 814626f, 34d99ab, 5022b00, 3e01d1e, 5d8cd20, 10340fb, 7cc181e, 43dbd22, 5d38995, 95a690c, 8a63129, ebf2e8a, 0f61b71, 42a0269, 13b0ecc, 60d240d, c7c3398, 663a970, e3ed2b9, 82fbf79, 8f080ea, e89d955, ac9385b, e6b2701, f58bd8e, c65a7b7, ffd6402, d53b6dd, 56d7667, 6a7f27d, e4f7c46, 3790bd4, 7b9a5b0, 22b1ca9, a9c466f, f498877, 86b7e87, a9983c8, aa8161a, 7946103, 1072dbc, 64169e4, d94b1ef, 8a7cf8f, dd5868f, e9bd6e2, 6c889fc, a97c19b, 85db596, 14ebfa0, 0ce6d54, 2ef9116, 703e4fb, 7ece65c, 777a503, b31dc83, abeb000, 65e47b8, 95b8056, dbbbbc5, 0649674, 4e9c21d, 42ee8c8, dd77ec5, a8ac405, 9f2a7b3, 35d8f76, d558b87, c1b785b, 4ff7347)
✅ login: sophiewigmore / name: Sophie Wigmore (bc31d56, b5e27ef, fe74309, 9339a24, 7fc64d7, bbd6771, b0348e1, e7bd30a, f959f31, 5c8e862, 3bc586e)
✅ login: ryanmoran / name: Ryan Moran (06a914f, 1d7e9a9, 998393f, 0c723ae, 246a747, 99c168f, b5dff77)
✅ login: paketo-bot (61144ef, be2f594, 53d7bd7, 77b6938, 2a4b22d, dcc1374, 706743a, 3acbbae, cc22b52, 5b6af78, 7d3ea90, 7893a5c, c10f263, c8db4ec, b117031, ad4d421, e366827)
✅ login: ForestEckhardt / name: Forest Eckhardt (c0228c6, 7f7eaad, 733d098, fec3ba5, f95ee58, 4e304e4, de1bc36, ed29b63, f027902, d2001eb, 602660a, 68f1252, aade3bb, d8bc1a6, 3b843c5, 3d5da08, 1c5ad2f, c7fa1a6, 0ce9f56, 8bb254b, 7dfd95a, 2ecad07, 4f67806)
✅ login: joshuatcasey / name: Joshua Casey (1224515, 545e8c0, d176542, 54dcc85, cd69bd3, 3735008, 579f71a, 580c283, 7484d77)
✅ login: noamichael (98052d2)
✅ login: samj1912 / name: Sambhav Kothari (ba6658c)
✅ login: pacostas / name: Costas Papastathis (97dea53, 1dd83ed)
✅ login: robdimsdale / name: Rob Dimsdale-Zucker (11cf297, 1820200, bf5a320)
✅ login: modulo11 / name: Johannes Dillmann (4a226ae)
✅ login: ChuckQuinnIV / name: Chuck Quinn IV (fb332c0)
✅ login: pbusko / name: Pavel Busko (d41178d, 13393ec)
✅ login: nicolasbender / name: Nicolas Bender (7222905, b6530bc)
❌ The email address for the commit (49787b5, c773010, cbf7ba2, 444cccb, 32d5998, 3f5210f, 5bda788, 2247967, c810215, 341fa34, 5ff9d3b, e3745cd, 56c823a, 1434903, 29abfed, 610f3b8, 5b4d81b, 80341f5, 306103e, 6bec663, 115372f, 776ba7a, 23a81a1, cf9981d, 1baf032, e050758, 07ce8a2, 548b1e3, 8a2660d, 190426a, 05348af, b8f20b3, 531c596, 35cf40c, 01b7e94, 02183b6, e1f6949, 39b9455, 1be192e, 8b897da, 5fa7790) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please submit a support request ticket.

Ryan Moran and others added 30 commits December 7, 2021 08:06

Adds v2 branch

39b9455

Fixes import statement for v2 module

c810215

Removes syft replace directive to use upstream

5bda788

Updates expectations to match new Syft output

4f67806

streamline sbom test assertions

6bec663

to avoid brittleness from irrelevant SBOM content changes

extract SBOM output structs; share across tests

5b4d81b

remove unused structs

56c823a

Add a WithLevel function to scribe.Emitter

b0348e1

Update input to syft.CatalogPackages

bbd6771

Fixes breaking changes in syft sbom package

8a2660d

make logger writers public (#284)

02183b6

add SBOM logging to scribe.Emitter

07ce8a2

Fixes error interpolation case where err is nil (#289)

99c168f

* Fixes error interpolation case where err is nil * Adds failure case where there is additional data on the tar file Co-authored-by: Forest Eckhardt <[email protected]>

Trims whitespace around dependency-mapping values (#291)

06a914f

dependabot bot and others added 26 commits October 26, 2023 23:00

Updating github-config

c8db4ec

Updating github-config

c10f263

Allows users to set a dependency mirror (#563)

4c9f338

Fixes mirror bug when originalHost is excluded (#569)

ce376b7

Support reading service bindings from VCAP_SERVICES env var (#566)

13393ec

Co-authored-by: Johannes Dillmann <[email protected]>

Updating github-config

e366827

Fix override of existing values in prepend & append

7222905

Include error handling

b6530bc

Updating github-config

b117031

do not run draft release workflow on branches named v2-<something>

3bc586e

Updates go mod version to 1.23.0

ad4d421

paketo-bot requested a review from a team as a code owner August 26, 2024 03:31

paketo-bot requested review from ForestEckhardt and sophiewigmore August 26, 2024 03:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Updates go mod version to 1.23.0 #598

Updates go mod version to 1.23.0 #598

paketo-bot commented Aug 26, 2024

linux-foundation-easycla bot commented Aug 26, 2024

Updates go mod version to 1.23.0 #598

Are you sure you want to change the base?

Updates go mod version to 1.23.0 #598

Conversation

paketo-bot commented Aug 26, 2024

linux-foundation-easycla bot commented Aug 26, 2024