Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update osv-scanner minor #1590

Merged
merged 3 commits into from
Feb 12, 2025

Conversation

renovate-bot
Copy link
Collaborator

@renovate-bot renovate-bot commented Feb 9, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
deps.dev/api/v3 v3.0.0-20250129021108-7b38e5d02c19 -> v3.0.0-20250210015309-e519ac173dde age adoption passing confidence require patch
deps.dev/util/maven 7b38e5d -> e519ac1 age adoption passing confidence require digest
deps.dev/util/resolve 7b38e5d -> e519ac1 age adoption passing confidence require digest
deps.dev/util/semver 7b38e5d -> e519ac1 age adoption passing confidence require digest
github.com/charmbracelet/bubbletea v1.3.0 -> v1.3.3 age adoption passing confidence require patch
github.com/gkampitakis/go-snaps v0.5.9 -> v0.5.10 age adoption passing confidence require patch
github.com/google/osv-scalibr 34e66e8 -> df6e1f4 require digest
github.com/google/osv-scalibr v0.1.5 -> v0.1.6 age adoption passing confidence require patch
github.com/jedib0t/go-pretty/v6 v6.6.5 -> v6.6.6 age adoption passing confidence require patch
github.com/ossf/osv-schema/bindings/go a5a512f -> ab8a4f6 age adoption passing confidence require digest
golang.org/x/exp e0ece0d -> 939b2ce age adoption passing confidence require digest
golang.org/x/net v0.34.0 -> v0.35.0 age adoption passing confidence require minor
google.golang.org/protobuf v1.36.4 -> v1.36.5 age adoption passing confidence require patch

Release Notes

charmbracelet/bubbletea (github.com/charmbracelet/bubbletea)

v1.3.3

Compare Source

Changelog


The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

v1.3.2

Compare Source

Changelog

Bug fixes

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

v1.3.1

Compare Source

Changelog

Bug fixes
Other work

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

gkampitakis/go-snaps (github.com/gkampitakis/go-snaps)

v0.5.10

Compare Source

What's Changed

Full Changelog: gkampitakis/go-snaps@v0.5.9...v0.5.10

google/osv-scalibr (github.com/google/osv-scalibr)

v0.1.6

Compare Source

  • Many new extractors: Rust binaries, Pacman, OPKG, Nix, .NET packages.config + deps.json, Conda, Linux kernel modules + vmlinuz files, Portage, Elixir, Haskell Cabal + Stack, Swift Podfilelock + package.resolved
  • Container layer extraction support through the new ScanContainer method
  • Transitive Maven pom.xml extraction
  • Weak credentials detector for Windows local accounts
  • Small improvements to poetry.lock and various javascript extractors
jedib0t/go-pretty (github.com/jedib0t/go-pretty/v6)

v6.6.6

Compare Source

What's Changed

New Contributors

Full Changelog: jedib0t/go-pretty@v6.6.5...v6.6.6

protocolbuffers/protobuf-go (google.golang.org/protobuf)

v1.36.5

Compare Source

Full Changelog: protocolbuffers/protobuf-go@v1.36.4...v1.36.5

Bug fixes:
CL/644437: protogen: fix name mangling for fields with identical GoCamelCase

Maintenance:
CL/641655: all: remove weak field support


Configuration

📅 Schedule: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@forking-renovate forking-renovate bot added the dependencies Pull requests that update a dependency file label Feb 9, 2025
Copy link

forking-renovate bot commented Feb 9, 2025

ℹ Artifact update notice

File name: experimental/javareach/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.23 -> 1.23.5
File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 3 additional dependencies were updated

Details:

Package Change
golang.org/x/crypto v0.32.0 -> v0.33.0
golang.org/x/text v0.21.0 -> v0.22.0
golang.org/x/tools v0.29.0 -> v0.30.0

@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch from cc01d00 to cdcc153 Compare February 9, 2025 22:20
@codecov-commenter
Copy link

codecov-commenter commented Feb 9, 2025

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 69.33%. Comparing base (103e1b8) to head (5428807).

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1590      +/-   ##
==========================================
- Coverage   69.34%   69.33%   -0.02%     
==========================================
  Files         200      200              
  Lines       19042    19042              
==========================================
- Hits        13205    13202       -3     
- Misses       5132     5134       +2     
- Partials      705      706       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch 11 times, most recently from 02cbe90 to d10284e Compare February 12, 2025 01:41
@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch from d10284e to ad2e418 Compare February 12, 2025 02:15
@another-rex another-rex enabled auto-merge (squash) February 12, 2025 02:18
@another-rex another-rex disabled auto-merge February 12, 2025 02:21
@another-rex another-rex merged commit 0e95af5 into google:main Feb 12, 2025
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants