build(deps): bump the gomod group across 1 directory with 6 updates #270

dependabot · 2025-03-24T16:15:42Z

Bumps the gomod group with 5 updates in the / directory:

Package	From	To
github.com/Masterminds/semver/v3	`3.3.0`	`3.3.1`
github.com/go-git/go-git/v5	`5.12.0`	`5.14.0`
github.com/rs/zerolog	`1.33.0`	`1.34.0`
golang.org/x/mod	`0.21.0`	`0.24.0`
pgregory.net/rapid	`1.1.0`	`1.2.0`

Updates github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.1

What's Changed

Fix for allowing some version that were invalid by @mattfarina in Masterminds/semver#253

Full Changelog: Masterminds/semver@v3.3.0...v3.3.1

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

Changelog

Commits

1558ca3 Merge pull request #253 from mattfarina/fix-bad-versions
252dd61 Fix for allowing some version that were invalid
See full diff in compare view

Updates github.com/go-git/go-git/v5 from 5.12.0 to 5.14.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.14.0

What's Changed

v5: Bump Go and dependencies to mitigate GO-2025-3487 by @pjbgf in go-git/go-git#1436

⚠️ Note that this version requires Go 1.23, due to the bump to golang.org/x/[email protected] which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.

Full Changelog: go-git/go-git@v5.13.2...v5.14.0

v5.13.2

What's Changed

plumbing: use the correct user agent string. Fixes #883 by @uragirii in go-git/go-git#1364

build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @dependabot in go-git/go-git#1365

build: bump the golang-org group with 2 updates by @dependabot in go-git/go-git#1367

build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @dependabot in go-git/go-git#1368

build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @dependabot in go-git/go-git#1378

build: bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in go-git/go-git#1376

build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @dependabot in go-git/go-git#1377

git: worktree, fix restoring dot slash files (backported to v5). Fixes #1176 by @BeChris in go-git/go-git#1361

build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by @dependabot in go-git/go-git#1392

git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes #1150 by @BeChris in go-git/go-git#1359

build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by @dependabot in go-git/go-git#1383

Full Changelog: go-git/go-git@v5.13.1...v5.13.2

v5.13.1

What's Changed

build: bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 by @dependabot in go-git/go-git#1327

build: bump github.com/elazarl/goproxy from 1.2.1 to 1.2.2 by @dependabot in go-git/go-git#1329

build: bump github.com/elazarl/goproxy from 1.2.2 to 1.2.3 by @dependabot in go-git/go-git#1340

Revert "plumbing: transport/ssh, Add support for SSH @cert-authority." by @pjbgf in #1346

Full Changelog: go-git/go-git@v5.13.0...v5.13.1

v5.13.0

What's Changed

build: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by @dependabot in go-git/go-git#1065

build: bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1068

build: bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in go-git/go-git#1071

Properly support skipping of non-mandatory extensions by @codablock in go-git/go-git#1066

git: Refine some codes in test and non-test. by @onee-only in go-git/go-git#1077

plumbing: protocol/packp, client-side filter capability support by @edigaryev in go-git/go-git#1000

build: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by @dependabot in go-git/go-git#1078

plumbing: fix sideband demux on flush by @aymanbagabas in go-git/go-git#1084

storage: dotgit, head reference usually comes first by @aymanbagabas in go-git/go-git#1085

build: bump golang.org/x/text from 0.14.0 to 0.15.0 by @dependabot in go-git/go-git#1091

build: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1094

build: bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in go-git/go-git#1093

git: Added an example for Repository.Branches by @johnmatthiggins in go-git/go-git#1088

git: worktree_commit, Modify checking empty commit. Fixes #723 by @onee-only in go-git/go-git#1050

... (truncated)

Commits

863c621 Merge pull request #1436 from pjbgf/v5-bumps
2e69e81 build: Bump dependencies
b2c1ec9 build: Bump Go versions
2c68247 Merge pull request #1383 from go-git/dependabot/go_modules/github.com/ProtonM...
d462c2e Merge pull request #1359 from BeChris/issue1150-v5
32ac23a Merge pull request #1392 from go-git/dependabot/go_modules/github.com/pjbgf/s...
93e635a build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2
b2bb975 git: worktree_status, took into account code review remarks
518ac88 git: worktree_status, fix adding dot slash files to working tree (backported ...
21b3150 build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5
Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.33.0 to 1.34.0

Commits

db9d1be Update go versions covered by CI
5f4b880 Delete _config.yml
ffb2708 Remove CNAME file
cc4dde7 Create CONTRIBUTING.md
04ea0f4 Implement Close() for zerolog.FilteredLevelWriter (#715)
0398600 fix: reset condition in burst sampler (#711) (#712)
1869fa5 FormatPartValueByName for flexible custom formatting for ConsoleWriter (#541)
31e7995 remove unnecessary nil checks (#701)
582f820 Get BasicSampler(0), RandomSampler(0), and BurstSampler(0) to behave the same...
6abadab Bump github.com/rs/xid from 1.5.0 to 1.6.0 (#684)
See full diff in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.10.0

What's Changed

Functional Changes

Add PanicAssertionFunc by @fahimbagar in stretchr/testify#1337

assert: deprecate CompareType by @dolmen in stretchr/testify#1566

assert: make YAML dependency pluggable via build tags by @dolmen in stretchr/testify#1579

assert: new assertion NotElementsMatch by @hendrywiranto in stretchr/testify#1600

mock: in order mock calls by @ReyOrtiz in stretchr/testify#1637

Add assertion for NotErrorAs by @palsivertsen in stretchr/testify#1129

Record Return Arguments of a Call by @jayd3e in stretchr/testify#1636

assert.EqualExportedValues: accepts everything by @redachl in stretchr/testify#1586

Fixes

assert: make tHelper a type alias by @dolmen in stretchr/testify#1562

Do not get argument again unnecessarily in Arguments.Error() by @TomWright in stretchr/testify#820

Fix time.Time compare by @myxo in stretchr/testify#1582

assert.Regexp: handle []byte array properly by @kevinburkesegment in stretchr/testify#1587

assert: collect.FailNow() should not panic by @marshall-lee in stretchr/testify#1481

mock: simplify implementation of FunctionalOptions by @dolmen in stretchr/testify#1571

mock: caller information for unexpected method call by @spirin in stretchr/testify#1644

suite: fix test failures by @stevenh in stretchr/testify#1421

Fix issue #1662 (comparing infs should fail) by @ybrustin in stretchr/testify#1663

NotSame should fail if args are not pointers #1661 by @sikehish in stretchr/testify#1664

Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI by @sikehish in stretchr/testify#1667

fix: compare functional option names for indirect calls by @arjun-1 in stretchr/testify#1626

Documantation, Build & CI

.gitignore: ignore "go test -c" binaries by @dolmen in stretchr/testify#1565

mock: improve doc by @dolmen in stretchr/testify#1570

mock: fix FunctionalOptions docs by @snirye in stretchr/testify#1433

README: link out to the excellent testifylint by @brackendawson in stretchr/testify#1568

assert: fix typo in comment by @JohnEndson in stretchr/testify#1580

Correct the EventuallyWithT and EventuallyWithTf example by @JonCrowther in stretchr/testify#1588

CI: bump softprops/action-gh-release from 1 to 2 by @dependabot in stretchr/testify#1575

mock: document more alternatives to deprecated AnythingOfTypeArgument by @dolmen in stretchr/testify#1569

assert: Correctly document EqualValues behavior by @brackendawson in stretchr/testify#1593

fix: grammar in godoc by @miparnisari in stretchr/testify#1607

.github/workflows: Run tests for Go 1.22 by @HaraldNordgren in stretchr/testify#1629

Document suite's lack of support for t.Parallel by @brackendawson in stretchr/testify#1645

assert: fix typos in comments by @alexandear in stretchr/testify#1650

mock: fix doc comment for NotBefore by @alexandear in stretchr/testify#1651

Generate better comments for require package by @Neokil in stretchr/testify#1610

README: replace Testify V2 notice with @dolmen's V2 manifesto by @hendrywiranto in stretchr/testify#1518

New Contributors

@fahimbagar made their first contribution in stretchr/testify#1337

@TomWright made their first contribution in stretchr/testify#820

@snirye made their first contribution in stretchr/testify#1433

@myxo made their first contribution in stretchr/testify#1582

@JohnEndson made their first contribution in stretchr/testify#1580

... (truncated)

Commits

89cbdd9 Merge pull request #1626 from arjun-1/fix-functional-options-diff-indirect-calls
07bac60 Merge pull request #1667 from sikehish/flaky
716de8d Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI
118fb83 NotSame should fail if args are not pointers #1661 (#1664)
7d99b2b attempt 2
05f87c0 more similar
ea7129e better fmt
a1b9c9e Merge pull request #1663 from ybrustin/master
8302de9 Merge branch 'master' into master
89352f7 Merge pull request #1518 from hendrywiranto/adjust-readme-remove-v2
Additional commits viewable in compare view

Updates golang.org/x/mod from 0.21.0 to 0.24.0

Commits

dc121ce all: upgrade go directive to at least 1.23.0 [generated]
52289f1 modfile: fix trailing empty lines in require blocks
dec0365 sumdb: make data tiles by Server compatible with sum.golang.org
c8a7319 x/mod: fix handling of vendored packages with '/vendor' in non-top-level paths
9cd0e4c x/mod: remove vendor/modules.txt from module download
See full diff in compare view

Updates pgregory.net/rapid from 1.1.0 to 1.2.0

Release notes

Sourced from pgregory.net/rapid's releases.

v1.2.0

What's Changed

StateMachineActions: Support func(rapid.TB) actions by @prashantv in flyingmutant/rapid#66

ci: Test with Go 1.24 by @abhinav in flyingmutant/rapid#76

feat: Add T.Context() by @abhinav in flyingmutant/rapid#77

feat: Add T.Cleanup by @abhinav in flyingmutant/rapid#79

New Contributors

@prashantv made their first contribution in flyingmutant/rapid#66

@abhinav made their first contribution in flyingmutant/rapid#76

Full Changelog: flyingmutant/rapid@v1.1.0...v1.2.0

Commits

7adc026 feat: Add T.Cleanup (#79)
c3c5e3c feat: Add T.Context() (#77)
ecc839f ci: Test with Go 1.24
4b93305 CI: test on Go 1.23
ee28b02 CI: bump versions of actions
4d1266b CI: test on Go 1.22
3aa554a Add note about limitation of Make for recursive types
654675a persist: fix windows reserved filenames check
34cb5b2 Fix typo
fec3f59 rewrite TestStateMachineActions to use TB.Skip
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.3.0` | `3.3.1` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.12.0` | `5.14.0` | | [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` | | [golang.org/x/mod](https://github.com/golang/mod) | `0.21.0` | `0.24.0` | | [pgregory.net/rapid](https://github.com/flyingmutant/rapid) | `1.1.0` | `1.2.0` | Updates `github.com/Masterminds/semver/v3` from 3.3.0 to 3.3.1 - [Release notes](https://github.com/Masterminds/semver/releases) - [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md) - [Commits](Masterminds/semver@v3.3.0...v3.3.1) Updates `github.com/go-git/go-git/v5` from 5.12.0 to 5.14.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.14.0) Updates `github.com/rs/zerolog` from 1.33.0 to 1.34.0 - [Commits](rs/zerolog@v1.33.0...v1.34.0) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `golang.org/x/mod` from 0.21.0 to 0.24.0 - [Commits](golang/mod@v0.21.0...v0.24.0) Updates `pgregory.net/rapid` from 1.1.0 to 1.2.0 - [Release notes](https://github.com/flyingmutant/rapid/releases) - [Commits](flyingmutant/rapid@v1.1.0...v1.2.0) --- updated-dependencies: - dependency-name: github.com/Masterminds/semver/v3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/rs/zerolog dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: pgregory.net/rapid dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot requested a review from wfscheper as a code owner March 24, 2025 16:15

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 24, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the gomod group across 1 directory with 6 updates #270

build(deps): bump the gomod group across 1 directory with 6 updates #270

dependabot bot commented on behalf of github Mar 24, 2025 •

edited

Loading

build(deps): bump the gomod group across 1 directory with 6 updates #270

Are you sure you want to change the base?

build(deps): bump the gomod group across 1 directory with 6 updates #270

Conversation

dependabot bot commented on behalf of github Mar 24, 2025 • edited Loading

v3.3.1

What's Changed

Changelog

v5.14.0

What's Changed

v5.13.2

What's Changed

v5.13.1

What's Changed

v5.13.0

What's Changed

v1.10.0

What's Changed

Functional Changes

Fixes

Documantation, Build & CI

New Contributors

v1.2.0

What's Changed

New Contributors

dependabot bot commented on behalf of github Mar 24, 2025 •

edited

Loading