dependabot[bot]
32c4a43d7e
🌱 Bump github.com/google/osv-scanner from 1.8.1 to 1.8.2 ( #4234 )
CodeQL / Analyze (go) (push) Waiting to run
CodeQL / Analyze (javascript) (push) Waiting to run
gitlab-tests / gitlab-integration-trusted (push) Waiting to run
golangci-lint / check-linter (push) Waiting to run
build / unit-test (push) Waiting to run
build / generate-mocks (push) Waiting to run
build / generate-docs (push) Waiting to run
build / build-proto (push) Waiting to run
build / ${{ matrix.target }} (build-add-script) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-bq-transfer) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-cii-worker) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-controller) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-github-server) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-scorecard) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-shuffler) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-validate-script) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-webhook) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-worker) (push) Blocked by required conditions
build / validate-docs (push) Waiting to run
build / add-projects (push) Waiting to run
build / validate-projects (push) Waiting to run
build / license boilerplate check (push) Waiting to run
Scorecard analysis workflow / Scorecard analysis (push) Waiting to run
2024-07-10 21:58:33 +00:00
dependabot[bot]
11612db5b5
🌱 Bump sigs.k8s.io/release-utils from 0.8.2 to 0.8.3 ( #4228 )
2024-07-10 21:09:33 +00:00
dependabot[bot]
8028c54ab7
🌱 Bump github.com/google/go-containerregistry ( #4229 )
2024-07-10 21:00:21 +00:00
dependabot[bot]
0edd1aae98
🌱 Bump google.golang.org/grpc from 1.64.0 to 1.64.1 ( #4233 )
2024-07-10 20:49:18 +00:00
dependabot[bot]
9f9afa0c30
🌱 Bump github.com/google/osv-scanner from 1.7.4 to 1.8.1 ( #4198 )
CodeQL / Analyze (go) (push) Waiting to run
CodeQL / Analyze (javascript) (push) Waiting to run
gitlab-tests / gitlab-integration-trusted (push) Waiting to run
golangci-lint / check-linter (push) Waiting to run
build / unit-test (push) Waiting to run
build / generate-mocks (push) Waiting to run
build / generate-docs (push) Waiting to run
build / build-proto (push) Waiting to run
build / ${{ matrix.target }} (build-add-script) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-bq-transfer) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-cii-worker) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-controller) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-github-server) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-scorecard) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-shuffler) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-validate-script) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-webhook) (push) Blocked by required conditions
build / ${{ matrix.target }} (build-worker) (push) Blocked by required conditions
build / validate-docs (push) Waiting to run
build / add-projects (push) Waiting to run
build / validate-projects (push) Waiting to run
build / license boilerplate check (push) Waiting to run
Scorecard analysis workflow / Scorecard analysis (push) Waiting to run
2024-07-01 19:21:16 +00:00
dependabot[bot]
76a04bfe40
🌱 Bump github.com/xanzy/go-gitlab from 0.105.0 to 0.106.0 ( #4197 )
2024-06-27 17:11:41 +00:00
dependabot[bot]
c187c076a0
🌱 Bump cloud.google.com/go/pubsub from 1.38.0 to 1.40.0 ( #4196 )
2024-06-26 23:05:42 +00:00
dependabot[bot]
13c4485000
🌱 Bump github.com/moby/buildkit from 0.14.0 to 0.14.1 ( #4187 )
2024-06-26 22:49:24 +00:00
dependabot[bot]
c4e1f70113
🌱 Bump github.com/spf13/cobra from 1.8.0 to 1.8.1 ( #4183 )
2024-06-26 21:26:18 +00:00
dependabot[bot]
309b48b9fd
🌱 Bump github.com/hashicorp/go-retryablehttp ( #4195 )
2024-06-25 23:16:48 +00:00
dependabot[bot]
5d08c1cc11
🌱 Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 ( #4182 )
...
* 🌱 Bump github.com/google/go-containerregistry
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* update
Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Raghav Kaul <raghavkaul+github@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Raghav Kaul <raghavkaul+github@google.com>
2024-06-17 12:04:39 -04:00
dependabot[bot]
1faca4943d
🌱 Bump google.golang.org/protobuf from 1.34.1 to 1.34.2 ( #4169 )
2024-06-12 17:58:59 +00:00
dependabot[bot]
fde26a0ef4
🌱 Bump github.com/moby/buildkit from 0.13.2 to 0.14.0 ( #4168 )
2024-06-12 16:07:16 +00:00
dependabot[bot]
bc1c2e6995
🌱 Bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 ( #4148 )
2024-06-06 17:14:20 +00:00
dependabot[bot]
b4d6ee469c
🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 ( #4137 )
2024-06-05 18:13:00 +00:00
dependabot[bot]
eea94f5d01
🌱 Bump github.com/rhysd/actionlint from 1.7.0 to 1.7.1 ( #4138 )
2024-06-05 18:00:32 +00:00
dependabot[bot]
936efa9fff
🌱 Bump golang.org/x/text from 0.15.0 to 0.16.0 ( #4142 )
2024-06-05 17:44:34 +00:00
dependabot[bot]
36d8ad7a60
🌱 Bump github.com/google/osv-scanner from 1.7.3 to 1.7.4 ( #4139 )
...
Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner ) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/google/osv-scanner/releases )
- [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/osv-scanner/compare/v1.7.3...v1.7.4 )
---
updated-dependencies:
- dependency-name: github.com/google/osv-scanner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 11:25:36 -07:00
dependabot[bot]
02f72e0582
🌱 Bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 ( #4126 )
2024-05-30 23:03:52 +00:00
dependabot[bot]
d99ae690a9
🌱 Bump github.com/go-logr/logr from 1.4.1 to 1.4.2 ( #4120 )
...
updated-dependencies:
- dependency-name: github.com/go-logr/logr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-23 18:36:17 -04:00
dependabot[bot]
956d7c3895
🌱 Bump sigs.k8s.io/release-utils from 0.8.1 to 0.8.2 ( #4107 )
2024-05-15 17:14:00 +00:00
dependabot[bot]
6f9a512296
🌱 Bump github.com/rhysd/actionlint from 1.6.27 to 1.7.0 ( #4100 )
2024-05-14 19:43:41 +00:00
dependabot[bot]
d40ecbacb3
🌱 Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 ( #4091 )
2024-05-14 19:26:15 +00:00
dependabot[bot]
665e9c48e8
🌱 Bump github.com/google/osv-scanner from 1.7.2 to 1.7.3 ( #4101 )
...
* 🌱 Bump github.com/google/osv-scanner from 1.7.2 to 1.7.3
Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner ) from 1.7.2 to 1.7.3.
- [Release notes](https://github.com/google/osv-scanner/releases )
- [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/osv-scanner/compare/v1.7.2...v1.7.3 )
---
updated-dependencies:
- dependency-name: github.com/google/osv-scanner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* remove toolchain directive and run go mod tidy
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
2024-05-14 17:58:15 +00:00
dependabot[bot]
db720cc870
🌱 Bump google.golang.org/protobuf from 1.34.0 to 1.34.1 ( #4092 )
2024-05-10 21:21:27 +00:00
dependabot[bot]
5a59357658
🌱 Bump github.com/xanzy/go-gitlab from 0.103.0 to 0.105.0 ( #4099 )
2024-05-10 18:33:13 +00:00
Spencer Schrock
7ce8609469
🐛 Support renamed gradle verification action and callers which pin to hash ( #4097 )
...
* Support renamed gradle verification action
From gradle/wrapper-validation-action's readme:
"As of v3 this action has been superceded by
gradle/actions/wrapper-validation"
Also support actions pinned to a hash.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* remove unneeded dependency
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2024-05-09 18:27:34 +00:00
dependabot[bot]
6b5cb27cd0
🌱 Bump cloud.google.com/go/pubsub from 1.37.0 to 1.38.0 ( #4088 )
2024-05-07 17:49:20 +00:00
dependabot[bot]
13c7254fd5
🌱 Bump golang.org/x/text from 0.14.0 to 0.15.0 ( #4089 )
2024-05-07 17:32:27 +00:00
dependabot[bot]
e6f5767190
🌱 Bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 ( #4087 )
2024-05-07 17:20:00 +00:00
dependabot[bot]
cad20c5355
🌱 Bump cloud.google.com/go/bigquery from 1.60.0 to 1.61.0 ( #4069 )
2024-05-06 20:25:24 +00:00
dependabot[bot]
0616bf3a5e
🌱 Bump github.com/moby/buildkit from 0.13.1 to 0.13.2 ( #4070 )
...
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit ) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/moby/buildkit/releases )
- [Commits](https://github.com/moby/buildkit/compare/v0.13.1...v0.13.2 )
---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 13:23:17 -04:00
dependabot[bot]
62aca9907c
🌱 Bump github.com/onsi/gomega from 1.33.0 to 1.33.1 ( #4066 )
2024-04-30 21:42:28 +00:00
dependabot[bot]
58f0ed5ed3
🌱 Bump google.golang.org/protobuf from 1.33.0 to 1.34.0 ( #4065 )
2024-04-30 20:59:20 +00:00
dependabot[bot]
a0efbf455b
🌱 Bump github.com/onsi/gomega from 1.32.0 to 1.33.0 ( #4042 )
2024-04-24 19:10:30 +00:00
dependabot[bot]
f9b43b72db
🌱 Bump github.com/xanzy/go-gitlab from 0.102.0 to 0.103.0 ( #4043 )
2024-04-24 18:57:03 +00:00
dependabot[bot]
eef39716ef
🌱 Bump github.com/google/osv-scanner from 1.7.1 to 1.7.2 ( #4044 )
2024-04-24 18:44:47 +00:00
dependabot[bot]
c69fcab521
🌱 Bump golang.org/x/net from 0.22.0 to 0.23.0 ( #4045 )
2024-04-24 18:32:27 +00:00
dependabot[bot]
f939ab1cb3
🌱 Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 ( #4004 )
2024-04-12 18:31:25 +00:00
dependabot[bot]
d187f11e0f
🌱 Bump sigs.k8s.io/release-utils from 0.6.0 to 0.8.1 ( #4015 )
2024-04-12 18:07:00 +00:00
dependabot[bot]
b118c1950f
🌱 Bump github.com/xanzy/go-gitlab from 0.101.0 to 0.102.0 ( #4005 )
2024-04-05 18:11:56 +00:00
dependabot[bot]
6d488c0410
🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 ( #3975 )
2024-04-01 20:09:15 +00:00
dependabot[bot]
bcaef6d34e
🌱 Bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 ( #3984 )
2024-04-01 19:29:04 +00:00
dependabot[bot]
6ae6472698
🌱 Bump cloud.google.com/go/bigquery from 1.59.1 to 1.60.0 ( #3980 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.59.1 to 1.60.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/bigquery/v1.59.1...spanner/v1.60.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 11:30:42 -04:00
dependabot[bot]
153e06d99f
🌱 Bump github.com/onsi/ginkgo/v2 from 2.16.0 to 2.17.1 ( #3974 )
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.16.0 to 2.17.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.16.0...v2.17.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-26 19:25:05 +00:00
dependabot[bot]
be15709929
🌱 Bump github.com/xanzy/go-gitlab from 0.99.0 to 0.101.0 ( #3973 )
2024-03-26 17:59:52 +00:00
dependabot[bot]
deced313db
🌱 Bump github.com/onsi/gomega from 1.31.1 to 1.32.0 ( #3964 )
2024-03-25 21:37:29 +00:00
dependabot[bot]
b379817680
🌱 Bump gocloud.dev from 0.36.0 to 0.37.0 ( #3963 )
2024-03-25 20:58:27 +00:00
dependabot[bot]
c1066d9ac2
🌱 Bump github.com/moby/buildkit from 0.12.5 to 0.13.1 ( #3951 )
...
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit ) from 0.12.5 to 0.13.1.
- [Release notes](https://github.com/moby/buildkit/releases )
- [Commits](https://github.com/moby/buildkit/compare/v0.12.5...v0.13.1 )
---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-20 23:46:54 +00:00
dependabot[bot]
da798b6523
🌱 Bump github.com/google/osv-scanner from 1.6.2 to 1.7.1 ( #3958 )
...
* 🌱 Bump github.com/google/osv-scanner from 1.6.2 to 1.7.1
Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner ) from 1.6.2 to 1.7.1.
- [Release notes](https://github.com/google/osv-scanner/releases )
- [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/osv-scanner/compare/v1.6.2...v1.7.1 )
---
updated-dependencies:
- dependency-name: github.com/google/osv-scanner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* remove toolchain directive
Signed-off-by: Spencer Schrock <sschrock@google.com>
* bump vulnerable package so PR can merge
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
2024-03-20 23:26:56 +00:00