Skip to content

fix(deps): update all non-major dependencies #628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 2, 2025
Merged

fix(deps): update all non-major dependencies #628

merged 2 commits into from
Jul 2, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 10, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Confidence
actions/setup-go action minor v5.3.0 -> v5.5.0 age confidence
alpine final minor 3.21.3 -> 3.22.0 age confidence
codecov/codecov-action action patch v5.4.0 -> v5.4.3 age confidence
elgohr/Publish-Docker-Github-Action action digest eb53b3e -> 4feac4d
github.com/Masterminds/semver/v3 require minor v3.3.1 -> v3.4.0 age confidence
github.com/gin-gonic/gin require patch v1.10.0 -> v1.10.1 age confidence
github.com/go-vela/sdk-go require digest a78afa8 -> 3ea8df8
github.com/go-vela/server require minor v0.26.5-0.20250617170616-81f50fad35b1 -> v0.27.0-rc1 age confidence
github.com/urfave/cli/v3 require patch v3.3.3 -> v3.3.8 age confidence
github/codeql-action action minor v3.28.11 -> v3.29.2 age confidence
golang.org/x/sync require minor v0.14.0 -> v0.15.0 age confidence
k8s.io/api require minor v0.32.2 -> v0.33.2 age confidence
k8s.io/apimachinery require patch v0.33.0 -> v0.33.2 age confidence
k8s.io/client-go require minor v0.32.2 -> v0.33.2 age confidence
sigs.k8s.io/yaml require minor v1.4.0 -> v1.5.0 age confidence

Release Notes

actions/setup-go (actions/setup-go)

v5.5.0

Compare Source

What's Changed

Bug fixes:
Dependency updates:

New Contributors

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

Compare Source

What's Changed
Dependency updates :
New Contributors

Full Changelog: actions/setup-go@v5...v5.4.0

codecov/codecov-action (codecov/codecov-action)

v5.4.3

Compare Source

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

Compare Source

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.1..v5.4.2

v5.4.1

Compare Source

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.0..v5.4.1

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.4.0

Compare Source

There are a few changes in this release to highlight:

  1. Constraints now has a property IncludePrerelease. When set to true the Check and Validate methods will include prereleases.
  2. When an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, >1.0.0-beta.1 < 2. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, >1.0.0-beta.1 < 2 || > 3. In this case, prereleases will not be included when evaluating against >3.
  3. NewVersion coercion with leading "0"'s is restored. This can be disabled by setting the package level property CoerceNewVersion to false.

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.3.1...v3.4.0

gin-gonic/gin (github.com/gin-gonic/gin)

v1.10.1

Compare Source

Changelog

Refactor
go-vela/server (github.com/go-vela/server)

v0.27.0-rc1

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.26.4...v0.27.0-rc1

urfave/cli (github.com/urfave/cli/v3)

v3.3.8

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.3.7...v3.3.8

v3.3.7

Compare Source

What's Changed

New Contributors

Full Changelog: urfave/cli@v3.3.6...v3.3.7

v3.3.6

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.3.5...v3.3.6

v3.3.5

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.3.4...v3.3.5

v3.3.4

Compare Source

What's Changed

New Contributors

Full Changelog: urfave/cli@v3.3.3...v3.3.4

github/codeql-action (github/codeql-action)

v3.29.2

Compare Source

v3.29.1

Compare Source

v3.29.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.0 - 11 Jun 2025

  • Update default CodeQL bundle version to 2.22.0. #​2925
  • Bump minimum CodeQL bundle version to 2.16.6. #​2912

See the full CHANGELOG.md for more information.

v3.28.19

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.19 - 03 Jun 2025

  • The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview.
    The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned
    your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable
    actions analysis.
  • Update default CodeQL bundle version to 2.21.4. #​2910

See the full CHANGELOG.md for more information.

v3.28.18

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025

  • Update default CodeQL bundle version to 2.21.3. #​2893
  • Skip validating SARIF produced by CodeQL for improved performance. #​2894
  • The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #​2891

See the full CHANGELOG.md for more information.

v3.28.17

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025
  • Update default CodeQL bundle version to 2.21.2. #​2872

See the full CHANGELOG.md for more information.

v3.28.16

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025
  • Update default CodeQL bundle version to 2.21.1. #​2863

See the full CHANGELOG.md for more information.

v3.28.15

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025
  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #​2842

See the full CHANGELOG.md for more information.

v3.28.14

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #​2838

See the full CHANGELOG.md for more information.

v3.28.13

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #​2810

See the full CHANGELOG.md for more information.

kubernetes/api (k8s.io/api)

v0.33.2

Compare Source

v0.33.1

Compare Source

v0.33.0

Compare Source

v0.32.6

Compare Source

v0.32.5

Compare Source

v0.32.4

Compare Source

v0.32.3

Compare Source

kubernetes/apimachinery (k8s.io/apimachinery)

v0.33.2

Compare Source

v0.33.1

Compare Source

kubernetes/client-go (k8s.io/client-go)

v0.33.2

Compare Source

v0.33.1

Compare Source

v0.33.0

Compare Source

v0.32.6

Compare Source

v0.32.5

Compare Source

v0.32.4

Compare Source

v0.32.3

Compare Source

kubernetes-sigs/yaml (sigs.k8s.io/yaml)

v1.5.0

Compare Source

Full Changelog: kubernetes-sigs/yaml@v1.4.0...v1.5.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Indicates a change to dependencies label Mar 10, 2025
@renovate renovate bot requested a review from a team as a code owner March 10, 2025 22:23
@codecov
Copy link

codecov bot commented Mar 10, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 58.27%. Comparing base (d497cbb) to head (80bbdf1).
Report is 1 commits behind head on main.

❌ Your project status has failed because the head coverage (58.27%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #628   +/-   ##
=======================================
  Coverage   58.27%   58.27%           
=======================================
  Files         123      123           
  Lines        8287     8287           
=======================================
  Hits         4829     4829           
  Misses       3253     3253           
  Partials      205      205
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch from 08c5d2b to 3e31a28 Compare March 12, 2025 11:59
@renovate renovate bot changed the title fix(deps): update module github.com/go-vela/server to v0.26.4 fix(deps): update all non-major dependencies Mar 12, 2025
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 5 times, most recently from 91f055c to ec5870a Compare March 24, 2025 17:27
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch from ec5870a to 61f2eab Compare March 25, 2025 11:23
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 6 times, most recently from ec13026 to f1b0d25 Compare April 8, 2025 13:01
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 7 times, most recently from 7ba9c2a to 3e584ea Compare April 14, 2025 22:06
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 50b03ec to 76a3cf0 Compare April 23, 2025 17:13
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 2 times, most recently from 256df69 to 2ad4225 Compare April 24, 2025 17:23
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 2 times, most recently from eb9d9f3 to a252f50 Compare May 23, 2025 00:28
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 3627338 to 26c6e6c Compare June 3, 2025 16:50
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 27d20c8 to 8a87c4b Compare June 13, 2025 06:42
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 3 times, most recently from b7c2a9c to 3cec089 Compare June 19, 2025 19:59
@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch 6 times, most recently from f0198df to 7f7542c Compare June 30, 2025 21:54
@renovate
Copy link
Contributor Author

renovate bot commented Jun 30, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 27 additional dependencies were updated

Details:

Package Change
github.com/expr-lang/expr v1.17.2 -> v1.17.5
github.com/lestrrat-go/httprc/v3 v3.0.0-beta2 -> v3.0.0
github.com/lestrrat-go/jwx/v3 v3.0.1 -> v3.0.7
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.60.0 -> v0.61.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 -> v1.36.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 -> v1.36.0
go.opentelemetry.io/otel/sdk v1.35.0 -> v1.36.0
google.golang.org/genproto/googleapis/api v0.0.0-20250428153025-10db94c68c34 -> v0.0.0-20250519155744-55703ea1f237
google.golang.org/genproto/googleapis/rpc v0.0.0-20250428153025-10db94c68c34 -> v0.0.0-20250519155744-55703ea1f237
google.golang.org/grpc v1.72.0 -> v1.72.1
gorm.io/driver/postgres v1.5.11 -> v1.6.0
gorm.io/driver/sqlite v1.5.7 -> v1.6.0
gorm.io/gorm v1.26.1 -> v1.30.0
github.com/alicebob/miniredis/v2 v2.34.0 -> v2.35.0
github.com/lestrrat-go/blackmagic v1.0.3 -> v1.0.4
github.com/redis/go-redis/v9 v9.8.0 -> v9.10.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 -> v0.61.0
go.opentelemetry.io/otel v1.35.0 -> v1.36.0
go.opentelemetry.io/otel/metric v1.35.0 -> v1.36.0
go.opentelemetry.io/otel/trace v1.35.0 -> v1.36.0
go.starlark.net v0.0.0-20250417143717-f57e51f710eb -> v0.0.0-20250603171236-27fdb1d4744d
golang.org/x/crypto v0.38.0 -> v0.39.0
golang.org/x/mod v0.21.0 -> v0.25.0
golang.org/x/net v0.39.0 -> v0.40.0
golang.org/x/text v0.25.0 -> v0.26.0
golang.org/x/time v0.11.0 -> v0.12.0
golang.org/x/tools v0.26.0 -> v0.33.0

@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch from 7f7542c to 1e40a0f Compare July 1, 2025 23:07
@renovate
Copy link
Contributor Author

renovate bot commented Jul 1, 2025
edited
Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum
Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: module github.com/go-vela/[email protected] requires go >= 1.24.4; switching to go1.24.4
go: downloading go1.24.4 (linux/amd64)
go: download go1.24.4: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off

@renovate renovate bot force-pushed the renovate/all-minor-patch-digest-pin branch from 1e40a0f to 25d001d Compare July 2, 2025 18:41
@renovate
Copy link
Contributor Author

renovate bot commented Jul 2, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@wass3rw3rk wass3rw3rk merged commit 3460209 into main Jul 2, 2025
11 of 13 checks passed
@wass3rw3rk wass3rw3rk deleted the renovate/all-minor-patch-digest-pin branch July 2, 2025 19:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timhuynh94 timhuynh94 timhuynh94 approved these changes

@KellyMerrick KellyMerrick KellyMerrick approved these changes

Assignees

No one assigned

Labels

dependencies Indicates a change to dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@timhuynh94 @KellyMerrick @wass3rw3rk