Bump the security group across 1 directory with 8 updates #223

dependabot · 2024-12-03T00:52:40Z

Bumps the security group with 4 updates in the / directory: github.com/pact-foundation/pact-go, github.com/stretchr/testify, helm.sh/helm/v3 and sigs.k8s.io/controller-runtime.

Updates github.com/pact-foundation/pact-go from 1.9.0 to 1.10.0

Changelog

Sourced from github.com/pact-foundation/pact-go's changelog.

v1.10.0 (03 July 2024)

6456e82 - chore: update release.sh to select correct version (Matt Fellows, Thu Jun 6 14:24:30 2024 +1000)

Commits

c3dc763 chore(release): release v1.10.0
6456e82 chore: update release.sh to select correct version
See full diff in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.10.0

What's Changed

Functional Changes

Add PanicAssertionFunc by @fahimbagar in stretchr/testify#1337

assert: deprecate CompareType by @dolmen in stretchr/testify#1566

assert: make YAML dependency pluggable via build tags by @dolmen in stretchr/testify#1579

assert: new assertion NotElementsMatch by @hendrywiranto in stretchr/testify#1600

mock: in order mock calls by @ReyOrtiz in stretchr/testify#1637

Add assertion for NotErrorAs by @palsivertsen in stretchr/testify#1129

Record Return Arguments of a Call by @jayd3e in stretchr/testify#1636

assert.EqualExportedValues: accepts everything by @redachl in stretchr/testify#1586

Fixes

assert: make tHelper a type alias by @dolmen in stretchr/testify#1562

Do not get argument again unnecessarily in Arguments.Error() by @TomWright in stretchr/testify#820

Fix time.Time compare by @myxo in stretchr/testify#1582

assert.Regexp: handle []byte array properly by @kevinburkesegment in stretchr/testify#1587

assert: collect.FailNow() should not panic by @marshall-lee in stretchr/testify#1481

mock: simplify implementation of FunctionalOptions by @dolmen in stretchr/testify#1571

mock: caller information for unexpected method call by @spirin in stretchr/testify#1644

suite: fix test failures by @stevenh in stretchr/testify#1421

Fix issue #1662 (comparing infs should fail) by @ybrustin in stretchr/testify#1663

NotSame should fail if args are not pointers #1661 by @sikehish in stretchr/testify#1664

Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI by @sikehish in stretchr/testify#1667

fix: compare functional option names for indirect calls by @arjun-1 in stretchr/testify#1626

Documantation, Build & CI

.gitignore: ignore "go test -c" binaries by @dolmen in stretchr/testify#1565

mock: improve doc by @dolmen in stretchr/testify#1570

mock: fix FunctionalOptions docs by @snirye in stretchr/testify#1433

README: link out to the excellent testifylint by @brackendawson in stretchr/testify#1568

assert: fix typo in comment by @JohnEndson in stretchr/testify#1580

Correct the EventuallyWithT and EventuallyWithTf example by @JonCrowther in stretchr/testify#1588

CI: bump softprops/action-gh-release from 1 to 2 by @dependabot in stretchr/testify#1575

mock: document more alternatives to deprecated AnythingOfTypeArgument by @dolmen in stretchr/testify#1569

assert: Correctly document EqualValues behavior by @brackendawson in stretchr/testify#1593

fix: grammar in godoc by @miparnisari in stretchr/testify#1607

.github/workflows: Run tests for Go 1.22 by @HaraldNordgren in stretchr/testify#1629

Document suite's lack of support for t.Parallel by @brackendawson in stretchr/testify#1645

assert: fix typos in comments by @alexandear in stretchr/testify#1650

mock: fix doc comment for NotBefore by @alexandear in stretchr/testify#1651

Generate better comments for require package by @Neokil in stretchr/testify#1610

README: replace Testify V2 notice with @dolmen's V2 manifesto by @hendrywiranto in stretchr/testify#1518

New Contributors

@fahimbagar made their first contribution in stretchr/testify#1337

@TomWright made their first contribution in stretchr/testify#820

@snirye made their first contribution in stretchr/testify#1433

@myxo made their first contribution in stretchr/testify#1582

@JohnEndson made their first contribution in stretchr/testify#1580

... (truncated)

Commits

89cbdd9 Merge pull request #1626 from arjun-1/fix-functional-options-diff-indirect-calls
07bac60 Merge pull request #1667 from sikehish/flaky
716de8d Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI
118fb83 NotSame should fail if args are not pointers #1661 (#1664)
7d99b2b attempt 2
05f87c0 more similar
ea7129e better fmt
a1b9c9e Merge pull request #1663 from ybrustin/master
8302de9 Merge branch 'master' into master
89352f7 Merge pull request #1518 from hendrywiranto/adjust-readme-remove-v2
Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.15.4 to 3.16.3

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

Join the discussion in Kubernetes Slack:

for questions and just to hang out

for discussing PRs, code, and bugs

Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom

Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.3. The common platform binaries are here:

MacOS amd64 (checksum / 495d75b404a96fb664f1ca3f8cb01db2210aacc62dbfa1bbab30916abbb20a57)

MacOS arm64 (checksum / 3a39f690173086e6eea17674751eb3c8b970c02697e49cecd4093eaa3cf89dcd)

Linux amd64 (checksum / f5355c79190951eed23c5432a3b920e071f4c00a64f75e077de0dd4cb7b294ea)

Linux arm (checksum / 02ba2f3b1524113f49be6df25a0b4b3190010d6e218c8e2b2fde4578a8439a9c)

Linux arm64 (checksum / 5bd34ed774df6914b323ff84a0a156ea6ff2ba1eaf0113962fa773f3f9def798)

Linux i386 (checksum / 70318f60fec3219680fff86c9293e2a92fb8b9a691d41791661074588f22768e)

Linux ppc64le (checksum / 266f7698c56a724fddd3a2f2b862ad496c4338dce79f0282fdbc6e23e1738608)

Linux s390x (checksum / bac414c409faead9c2b8af11d29281aa4f1aeb9139c62d5178baf982d71fc9bb)

Linux riscv64 (checksum / 492843d2584bb14bd38a735a9708af2d7f3ea7e1b6c43e650968f16fce0b5064)

Windows amd64 (checksum / 1a52aa56e55168c3d3d2e45fa833a32290e4e3790559851dce1e707eb7728b81)

Windows arm64 (checksum / 247a63269a83bb73c14e8f62b0cfd5a2e1d32b7d3f93977d3a6ef3902d218ff1)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

3.16.4 is the next patch release and will be on December 11, 2024

3.17.0 is the next feature release and will be on January 15, 2025

Changelog

fix: fix label name cfd07493f46efc9debd9cc1b02a0961186df7fdf (wangjingcun)

Fix typo in pkg/lint/rules/chartfile_test.go a303060fc60bc713cd0757503b3fcb4636b14f34 (Zach Burgess)

Increasing the size of the runner used for releases. ab45e8a861e929e40163a7ad5a8636cb41f381ac (Matt Farina)

fix(hooks): correct hooks delete order 19fe320ae87e8d1d4bc1952d9da8ea2fe435aa6e (Suleiman Dibirov)

Bump github.com/containerd/containerd from 1.7.12 to 1.7.23 4fcc5c2cadf49d1399adfdbc5ab7222b2dff1d5b (dependabot[bot])

Helm v3.16.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

Join the discussion in Kubernetes Slack:

for questions and just to hang out

for discussing PRs, code, and bugs

... (truncated)

Commits

cfd0749 fix: fix label name
a303060 Fix typo in pkg/lint/rules/chartfile_test.go
ab45e8a Increasing the size of the runner used for releases.
19fe320 fix(hooks): correct hooks delete order
4fcc5c2 Bump github.com/containerd/containerd from 1.7.12 to 1.7.23
13654a5 Revering change unrelated to issue #13176
9fc8f1b adds tests for handling of Helm index with broken chart versions #13176
961194d improves handling of Helm index with broken helm chart versions #13176
f6be62b Bump the k8s-io group with 7 updates
27d44cf adding check-latest:true
Additional commits viewable in compare view

Updates k8s.io/api from 0.30.3 to 0.31.1

Commits

eb5129b Update dependencies to v0.31.1 tag
46f6230 Merge pull request #126761thockin/automated-cherry-pick-of-#126749
1857695 fix v1a3 ResourceSliceList metadata field name
382a091 update codegen and openapi
1073c1e regen clients
6f8e3bd Review feedback
437d97a Coordinated Leader Election Alpha API
63e21d3 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
ca07d5a generated files
7192863 add AllocatedResourcesStatus field to ContainerStatus
Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.30.3 to 0.31.1

Commits

a8f449e Falls back to SPDY for gorilla/websocket https proxy error
62791ec Merge pull request #125571 from liggitt/filter-auth-02-sar
cc2ba35 add field and label selectors to authorization attributes
ce76a8f generate
35052c5 add subjectaccessreview field and label selectors
ab06869 Merge pull request #126105 from benluddy/cbor-framer
429f4e4 Implement runtime.Framer for CBOR Sequences.
d7e1c53 Merge pull request #126018 from aroradaman/bump-k8s-utils
07cb122 Merge pull request #125748 from benluddy/cbor-custom-marshalers
dd17456 bump k8s.io/utils
Additional commits viewable in compare view

Updates k8s.io/cli-runtime from 0.30.3 to 0.31.1

Commits

754d15f Update dependencies to v0.31.1 tag
86e7f90 revendor dependencies
5f321dd Merge pull request #125488 from pohly/dra-1.31
8b18255 DRA: bump API v1alpha2 -> v1alpha3
094be53 Merge pull request #126018 from aroradaman/bump-k8s-utils
8c0748c bump k8s.io/utils
80033e7 Merge pull request #125868 from soltysh/wait_for
5e5ff2a Expose WithError in FakeResourceFinder for tests
f3a0798 Merge pull request #125922 from dims/update_otel_27
9b798b9 update OpenTelemetry dependencies and grpc
Additional commits viewable in compare view

Updates k8s.io/client-go from 0.30.3 to 0.31.1

Commits

c5196eb Update dependencies to v0.31.1 tag
5e3e8ea informers: add comment that Start does not block
f71a5cc Call non-blocking informerFactory.Start synchronously to avoid races
4536e5a Merge pull request #124012 from Jefftree/le-controller
93c6a5b Merge pull request #126353 from liggitt/fix-vendor
6a9911a revendor dependencies
fe54892 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
825f52e Change PingTime to be persistent
f45c451 fix ordering issue in candidates
18dd587 feedback: leasecandidate clients
Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.18.4 to 0.19.3

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.19.3

What's Changed

🐛 Refactor certificate watcher to use polling, instead of fsnotify by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3023

🐛 Use leader elector with client timeout by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3031

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.2...v0.19.3

v0.19.2

What's Changed

✨ Add EnableWatchBookmarks option to cache informers by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3018

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.1...v0.19.2

v0.19.1

What's Changed

[release-0.19] 🌱 Verify PR titles with shell script by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2947

[release-0.19] 🐛 Fakeclient: preserve TypeMeta for PartialObjectMeta resources by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2951

[release-0.19] 🌱 pr-verify: use env var for passing the PR title by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2962

[release-0.19] 🌱 pr-verify: use env var for passing the PR title by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2965

[release-0.19] 🌱 Fix PR verify action by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2974

[release-0.19] 🐛 Fakeclient: Fix TOCTOU races by @k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#2992

Full Changelog: kubernetes-sigs/controller-runtime@v0.19.0...v0.19.1

v0.19.0

⚠️ Deprecation Warnings

Please note that admission.Defaulter/Validator have been deprecated in favor of admission.CustomDefaulter/CustomValidator since v0.17 and will be removed with v0.20.

⚠️ Breaking Changes

Bump to k8s.io/* v1.31 (#2798 #2858 #2867 #2872 #2883 #2900 #2906 #2924)

Add generic TypedReconciler (#2799)

client: Remove options.WarningHandler (#2887 #2903)

controller: Validate controller names are unique & add SkipNameValidation option (#2902 #2918)

✨ New Features

client: Add WithFieldValidation client (#2860 #2913)

controller & webhook: Recover panics per default & add panic metrics (#2905)

controllerutil: configure BlockOwnerDeletion when setting OwnerReference (#2847)

fake client: Add scale subresource logic (#2855)

predicate: Add missing generic version of ResourceVersionChangedPredicate (#2812)

setup-envtest: Download binaries from controller-tools releases instead of GCS (#2811)

setup-envtest: Publish setup-envtest binaries via release attachments (#2911)

workqueue: Add controller label to workqueue metrics (#2895)

... (truncated)

Commits

3e66810 Merge pull request #3037 from kubernetes-sigs/backport019-watch
2085acc add watch deprecated to certwatcher
0823530 Merge pull request #3031 from k8s-infra-cherrypick-robot/cherry-pick-3028-to-...
e727239 [release-0.19] 🐛 Refactor certificate watcher to use polling, instead of fsno...
2a0ce59 🌱 Make using leader elector with client timeout non-breaking
4bc3811 🐛 Fix RenewDeadline typo in leader election
0170742 warning: Use leader elector with client timeout
bfd1cf9 [release-0.19] ✨ Add EnableWatchBookmarks option to cache informers (#3018)
013f46f Merge pull request #2992 from k8s-infra-cherrypick-robot/cherry-pick-2980-to-...
4421425 bug: Fakeclient: Fix TOCTOU races
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the security group with 4 updates in the / directory: [github.com/pact-foundation/pact-go](https://github.com/pact-foundation/pact-go), [github.com/stretchr/testify](https://github.com/stretchr/testify), [helm.sh/helm/v3](https://github.com/helm/helm) and [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime). Updates `github.com/pact-foundation/pact-go` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/pact-foundation/pact-go/releases) - [Changelog](https://github.com/pact-foundation/pact-go/blob/v1.10.0/CHANGELOG.md) - [Commits](pact-foundation/pact-go@v1.9.0...v1.10.0) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `helm.sh/helm/v3` from 3.15.4 to 3.16.3 - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.15.4...v3.16.3) Updates `k8s.io/api` from 0.30.3 to 0.31.1 - [Commits](kubernetes/api@v0.30.3...v0.31.1) Updates `k8s.io/apimachinery` from 0.30.3 to 0.31.1 - [Commits](kubernetes/apimachinery@v0.30.3...v0.31.1) Updates `k8s.io/cli-runtime` from 0.30.3 to 0.31.1 - [Commits](kubernetes/cli-runtime@v0.30.3...v0.31.1) Updates `k8s.io/client-go` from 0.30.3 to 0.31.1 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.30.3...v0.31.1) Updates `sigs.k8s.io/controller-runtime` from 0.18.4 to 0.19.3 - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.18.4...v0.19.3) --- updated-dependencies: - dependency-name: github.com/pact-foundation/pact-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependabot go type::security labels Dec 3, 2024

dependabot bot mentioned this pull request Dec 3, 2024

Bump the security group across 1 directory with 8 updates #222

Closed

dependabot bot force-pushed the dependabot/go_modules/security-6253f7a0c7 branch from 179e751 to db2836b Compare December 10, 2024 00:14

divolgin force-pushed the dependabot/go_modules/security-6253f7a0c7 branch from db2836b to 10ed1e3 Compare December 11, 2024 16:14

divolgin approved these changes Dec 11, 2024

View reviewed changes

divolgin merged commit a8cb805 into main Dec 11, 2024
11 checks passed

divolgin deleted the dependabot/go_modules/security-6253f7a0c7 branch December 11, 2024 16:56

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the security group across 1 directory with 8 updates #223

Bump the security group across 1 directory with 8 updates #223

dependabot bot commented on behalf of github Dec 3, 2024 •

edited

Loading

Bump the security group across 1 directory with 8 updates #223

Bump the security group across 1 directory with 8 updates #223

Conversation

dependabot bot commented on behalf of github Dec 3, 2024 • edited Loading

v1.10.0 (03 July 2024)

v1.10.0

What's Changed

Functional Changes

Fixes

Documantation, Build & CI

New Contributors

Installation and Upgrading

What's Next

Changelog

v0.19.3

What's Changed

v0.19.2

What's Changed

v0.19.1

What's Changed

v0.19.0

⚠️ Deprecation Warnings

⚠️ Breaking Changes

✨ New Features

dependabot bot commented on behalf of github Dec 3, 2024 •

edited

Loading