Updates go mod version to 1.23.0 #596

paketo-bot · 2024-08-22T19:19:11Z

No description provided.

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.0 to 0.32.1. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.0...v0.32.1) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.1 to 0.32.2. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.1...v0.32.2) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/anchore/syft from 0.32.2 to 0.33.0 Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.32.2 to 0.33.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.32.2...v0.33.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * extract dependency IDs from syft output since these seem to change with syft releases Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <frankieg@vmware.com>

to avoid brittleness from irrelevant SBOM content changes

* Bump github.com/anchore/syft from 0.33.0 to 0.34.0 Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.33.0 to 0.34.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.33.0...v0.34.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * in tests: extract syft SBOM schema info from actual SBOM Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <frankieg@vmware.com> Co-authored-by: Sophie Wigmore <swigmore@vmware.com>

Currently, the servicebindings.Resolve(...) function does not consider whitespace when comparing the requested type/providers with what's on the filesystem. This change ensures that the type/providers read from disk are sanitized before they are used.

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.34.0 to 0.35.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.0 to 0.35.1. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.35.0...v0.35.1) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

* Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 0.4.1 to 1.0.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v0.4.1...v1.0.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * update toml decoding Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Frankie Gallina-Jones <frankieg@vmware.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.17.0 to 1.18.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.17.0...v1.18.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.35.1 to 0.36.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.35.1...v0.36.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.18.0 to 1.18.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.18.0...v1.18.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.36.0 to 0.37.5. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.36.0...v0.37.5) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.5 to 0.37.10. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.37.5...v0.37.10) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.37.10 to 0.38.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.37.10...v0.38.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

* Fixes error interpolation case where err is nil * Adds failure case where there is additional data on the tar file Co-authored-by: Forest Eckhardt <feckhardt@pivotal.io>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.38.0 to 0.39.3. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.38.0...v0.39.3) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/anchore/syft](https://github.com/anchore/syft) from 0.39.3 to 0.40.0. - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v0.39.3...v0.40.0) --- updated-dependencies: - dependency-name: github.com/anchore/syft dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.29.0 to 1.30.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.4.0...v1.5.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.30.0 to 1.31.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.30.0...v1.31.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.0 to 1.31.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.0...v1.31.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0. - [Release notes](https://github.com/google/uuid/releases) - [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md) - [Commits](google/uuid@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/google/uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.32.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.1...v1.32.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) from 0.5.11 to 0.5.12. - [Commits](ulikunitz/xz@v0.5.11...v0.5.12) --- updated-dependencies: - dependency-name: github.com/ulikunitz/xz dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.32.0 to 1.33.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.32.0...v1.33.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.0 to 1.33.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.33.0...v1.33.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>

Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) from 1.3.2 to 1.4.0. - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4. - [Release notes](https://github.com/gabriel-vasile/mimetype/releases) - [Commits](gabriel-vasile/mimetype@v1.4.3...v1.4.4) --- updated-dependencies: - dependency-name: github.com/gabriel-vasile/mimetype dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.4 to 1.4.5. - [Release notes](https://github.com/gabriel-vasile/mimetype/releases) - [Commits](gabriel-vasile/mimetype@v1.4.4...v1.4.5) --- updated-dependencies: - dependency-name: github.com/gabriel-vasile/mimetype dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.33.1 to 1.34.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.33.1...v1.34.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

linux-foundation-easycla · 2024-08-22T19:19:23Z

✅ login: noamichael (98052d2)
✅ login: pacostas / name: Costas Papastathis (1dd83ed, 97dea53)
✅ login: dependabot[bot] (74d5f06, d94b1ef, 8bb42ef, 14956ac, 6954a42, 9784594, a9c466f, 6a7f27d, a65afbb, 60faaec, 7cc181e, a9983c8, 56b3d48, 56d7667, 909d039, 3e01d1e, 43dbd22, fb8c35f, 8117a8c, 6ff09da, 814626f, 82fbf79, 34d99ab, 95a690c, 60d240d, e4f7c46, e6a8364, 87586bc, e0511eb, 7946103, 246b9c4, 8f861ec, a97c19b, aa8161a, 592fec7, 14ebfa0, 1072dbc, 10340fb, f9813db, 64169e4, c40e34d, e3ed2b9, 0ce6d54, f1329b1, 85db596, 5d8cd20, 181d2b3, 5022b00, c7c3398, 67a71e0, 8a7cf8f, de0f00f, ad03504, 054c1ca, d991581, 13b0ecc, 5d38995, 73d8bc1, 35d8f76, 37dbc35, ec2329c, 9bfc1d4, 9c33469, 0f61b71, 22b1ca9, 2ef9116, 65e47b8, 7b9a5b0, abeb000, 0e95819, 663a970, 6c889fc, 56ac668, 42a0269, bfefb95, 57021e5, 8f76e7a, dd77ec5, dd5868f, e9bd6e2, 1d84cfe, 777a503, 4e9c21d, f58bd8e, 8f080ea, 4a6b6e9, 881a73d, c65a7b7, a8d191f, 8ae6429, 429f8e4, dbbbbc5, c1b785b, e89d955, 0ff8008, 8a2fa04, fe14322, 15857fd, 795b1b9, 5add877, ebf2e8a, c6f84d7, ac9385b, ffd6402, f498877, 0536aa9, 63415bf, d53b6dd, 0649674, 67120d3, 53a23cf, 95719da, 4ff7347, e6b2701, 8a63129, 3790bd4, 86b7e87, a8ac405, 95b8056, 7ece65c, 9f2a7b3, b31dc83, 703e4fb, 42ee8c8, d558b87)
✅ login: samj1912 / name: Sambhav Kothari (ba6658c)
✅ login: paketo-bot (2a4b22d, 706743a, 61144ef, dcc1374, 3acbbae, 7d3ea90, 5b6af78, 7893a5c, cc22b52, 53d7bd7, 77b6938, be2f594, c8db4ec, e366827, 6feabde, b117031, c10f263)
✅ login: ForestEckhardt / name: Forest Eckhardt (d8bc1a6, aade3bb, 1c5ad2f, 7dfd95a, 3d5da08, 3b843c5, 4f67806, c7fa1a6, 8bb254b, 0ce9f56, fec3ba5, 68f1252, ed29b63, 2ecad07, 4e304e4, d2001eb, c0228c6, 602660a, f027902, 7f7eaad, de1bc36, 733d098, f95ee58)
✅ login: joshuatcasey / name: Joshua Casey (579f71a, 7484d77, 3735008, 580c283, d176542, 545e8c0, 54dcc85, cd69bd3, 1224515)
✅ login: ChuckQuinnIV / name: Chuck Quinn IV (fb332c0)
✅ login: sophiewigmore / name: Sophie Wigmore (5c8e862, b0348e1, b5e27ef, bc31d56, 9339a24, e7bd30a, bbd6771, 7fc64d7, f959f31, fe74309, 3bc586e)
✅ login: ryanmoran / name: Ryan Moran (1d7e9a9, 06a914f, 998393f, 99c168f, b5dff77, 0c723ae, 246a747)
✅ login: pbusko / name: Pavel Busko (d41178d, 13393ec)
✅ login: modulo11 / name: Johannes Dillmann (4a226ae)
✅ login: robdimsdale / name: Rob Dimsdale-Zucker (bf5a320, 11cf297, 1820200)
✅ login: nicolasbender / name: Nicolas Bender (7222905, b6530bc)
❌ The email address for the commit (23a81a1, 35cf40c, 1baf032, 5b4d81b, 56c823a, e050758, 548b1e3, e1f6949, cf9981d, 05348af, 6bec663, 8b897da, b8f20b3, cbf7ba2, 49787b5, c773010, 444cccb, 32d5998, 5ff9d3b, 341fa34, 01b7e94, 1434903, 306103e, 39b9455, 07ce8a2, 115372f, 5bda788, 1be192e, 3f5210f, 531c596, 5fa7790, 02183b6, c810215, e3745cd, 2247967, 29abfed, 610f3b8, 190426a, 8a2660d, 80341f5, 776ba7a) is not linked to the GitHub account, preventing the EasyCLA check. Consult this Help Article and GitHub Help to resolve. (To view the commit's email address, add .patch at the end of this PR page's URL.) For further assistance with EasyCLA, please submit a support request ticket.

Ryan Moran and others added 30 commits December 7, 2021 08:06

Adds v2 branch

39b9455

Fixes import statement for v2 module

c810215

Removes syft replace directive to use upstream

5bda788

Updates expectations to match new Syft output

4f67806

streamline sbom test assertions

6bec663

to avoid brittleness from irrelevant SBOM content changes

extract SBOM output structs; share across tests

5b4d81b

remove unused structs

56c823a

Add a WithLevel function to scribe.Emitter

b0348e1

Update input to syft.CatalogPackages

bbd6771

Fixes breaking changes in syft sbom package

8a2660d

make logger writers public (#284)

02183b6

add SBOM logging to scribe.Emitter

07ce8a2

Fixes error interpolation case where err is nil (#289)

99c168f

* Fixes error interpolation case where err is nil * Adds failure case where there is additional data on the tar file Co-authored-by: Forest Eckhardt <feckhardt@pivotal.io>

Trims whitespace around dependency-mapping values (#291)

06a914f

dependabot bot and others added 24 commits November 8, 2023 21:49

Updating github-config

c10f263

Allows users to set a dependency mirror (#563)

4c9f338

Fixes mirror bug when originalHost is excluded (#569)

ce376b7

Support reading service bindings from VCAP_SERVICES env var (#566)

13393ec

Co-authored-by: Johannes Dillmann <j.dillmann@sap.com>

Updating github-config

e366827

Fix override of existing values in prepend & append

7222905

Include error handling

b6530bc

Updating github-config

b117031

do not run draft release workflow on branches named v2-<something>

3bc586e

Updates go mod version to 1.23.0

6feabde

paketo-bot requested a review from a team as a code owner August 22, 2024 19:19

paketo-bot requested review from robdimsdale and sophiewigmore August 22, 2024 19:19

ForestEckhardt closed this Aug 22, 2024

ForestEckhardt deleted the automation/go-mod-update/update-main branch August 22, 2024 19:20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Updates go mod version to 1.23.0 #596

Updates go mod version to 1.23.0 #596

paketo-bot commented Aug 22, 2024

linux-foundation-easycla bot commented Aug 22, 2024

Updates go mod version to 1.23.0 #596

Updates go mod version to 1.23.0 #596

Conversation

paketo-bot commented Aug 22, 2024

linux-foundation-easycla bot commented Aug 22, 2024