Soule BA
42a04c76a4
make token caching an opt in feature
...
If implemented, users have to opt in to cache a token.
Signed-off-by: Soule BA <bah.soule@gmail.com>
3 years ago
dependabot[bot]
ccc104a208
chore(deps): bump github.com/rubenv/sql-migrate from 1.1.1 to 1.1.2
...
Bumps [github.com/rubenv/sql-migrate](https://github.com/rubenv/sql-migrate ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/rubenv/sql-migrate/releases )
- [Commits](https://github.com/rubenv/sql-migrate/compare/v1.1.1...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/rubenv/sql-migrate
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
3ff331fb14
chore(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 ( #11075 )
3 years ago
Matt Farina
47641e753a
Merge pull request #10966 from helm/dependabot/go_modules/github.com/lib/pq-1.10.6
...
chore(deps): bump github.com/lib/pq from 1.10.5 to 1.10.6
3 years ago
dependabot[bot]
994d786511
chore(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.4
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.1 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.4 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
657850e44b
Merge pull request #11018 from mattfarina/bump-k8s.1.24.1
...
Upgrading to Kubernetes 1.24.1 packages
3 years ago
Matt Farina
5ef01c2714
Upgrading to Kubernetes 1.24.1 packages
...
Note, Go seems to handle dependencies differently in 1.16 and 1.17.
Running go mod tidy highlights this. This change was generated using
go mod tidy -compat=1.17. The current supported Go versions are 1.18
and 1.17.
Signed-off-by: Matt Farina <matt.farina@suse.com>
3 years ago
dependabot[bot]
fe2a66c63c
chore(deps): bump github.com/Masterminds/squirrel from 1.5.2 to 1.5.3
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.2...v1.5.3 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
f3cfd4f6cc
chore(deps): bump github.com/lib/pq from 1.10.5 to 1.10.6
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.5 to 1.10.6.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.5...v1.10.6 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
a3bb2f71e0
chore(deps): bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
fa6ba5bb29
Merge pull request #10532 from helm/dependabot/go_modules/github.com/evanphx/json-patch-5.6.0incompatible
...
chore(deps): bump github.com/evanphx/json-patch from 4.12.0+incompatible to 5.6.0+incompatible
3 years ago
Matthew Fisher
9b28ad1dca
Merge pull request #10902 from helm/dependabot/go_modules/github.com/lib/pq-1.10.5
...
Bump github.com/lib/pq from 1.10.4 to 1.10.5
3 years ago
Matthew Fisher
921c7f3668
Merge pull request #10958 from helm/dependabot/go_modules/github.com/containerd/containerd-1.6.4
...
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
3 years ago
Matthew Fisher
a9ed6057ba
Merge pull request #10855 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0
...
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
3 years ago
dependabot[bot]
606633cc5e
chore(deps): bump github.com/evanphx/json-patch
...
Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch ) from 4.12.0+incompatible to 5.6.0+incompatible.
- [Release notes](https://github.com/evanphx/json-patch/releases )
- [Commits](https://github.com/evanphx/json-patch/compare/v4.12.0...v5.6.0 )
---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
ede591f65d
Bump github.com/lib/pq from 1.10.4 to 1.10.5
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.4...v1.10.5 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
8b6904869a
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.3 to 1.6.4.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.3...v1.6.4 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
14673dac31
Merge pull request #10923 from helm/dependabot/go_modules/github.com/jmoiron/sqlx-1.3.5
...
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
3 years ago
dependabot[bot]
67ed6e2999
build(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.14+incompatible to 20.10.16+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.14...v20.10.16 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
43aa3132ff
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
...
Bumps [github.com/jmoiron/sqlx](https://github.com/jmoiron/sqlx ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/jmoiron/sqlx/releases )
- [Commits](https://github.com/jmoiron/sqlx/compare/v1.3.4...v1.3.5 )
---
updated-dependencies:
- dependency-name: github.com/jmoiron/sqlx
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Andrew Seigner
bd7c97f786
Bump k8s packages from 0.23.6 to 0.24.0
...
This required modifying the `kube.Factory` interface to conform to
changes in k8s' `cmdutil.Factory` interface:
fe3772890f
Signed-off-by: Andrew Seigner <andrew@sig.gy>
3 years ago
Martin Hickey
3013c48cda
Bumping Kubernetes package version to 0.23.6
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
3 years ago
Colleen Murphy
5105899a86
fix(helm): update golang.org/x/crypto to latest
...
Update the crypto dependency to address CVE-2022-27191.
Helm does not use the ssh module of crypto, so is not vulnerable to this
CVE, but the dependency gets flagged by vulnerability scanners
Signed-off-by: Colleen Murphy <colleen.murphy@suse.com>
3 years ago
dependabot[bot]
08b5feb145
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.13+incompatible to 20.10.14+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.13...v20.10.14 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
3543d14c34
Bump github.com/containerd/containerd from 1.6.1 to 1.6.3
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
6eee0de7cc
Bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
aafc920185
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
c0ded2e01c
Merge pull request #10775 from helm/dependabot/go_modules/github.com/stretchr/testify-1.7.1
...
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
3 years ago
Matt Farina
a87ab07aed
Bumping Kubernetes package versions
...
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
Matt Farina
3490f1e7b6
Updating vcs to latest version
...
vcs had a release due to a CVE. This updates to the latest version
that mitigates the CVE.
Note, the Makefile was updated so that `make build` would build
without cgo just like gox does in the CI pipeline. They should
both build without cgo so we can catch issues before merging to
master where a canary build would pick up the problem.
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
dependabot[bot]
9380e211aa
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
2cf845424a
Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
0f2e2bbd6c
Merge pull request #10544 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.0.0
...
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
3 years ago
dependabot[bot]
5886c28b8b
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.12+incompatible to 20.10.13+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.12...v20.10.13 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
7432807210
Updating Kubernetes libs to 0.23.4 (latest)
...
Signed-off-by: Matt Farina <matt.farina@suse.com>
3 years ago
Shubham Sharma
df2c916692
Upgrade rubenv/sql-migrate
...
Signed-off-by: Shubham Sharma <shubhash@microsoft.com>
3 years ago
Martin Hickey
5213891bb1
Updating Kubernetes packages to 1.23.3
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
3 years ago
dependabot[bot]
583c4acbcf
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 0.4.1 to 1.0.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v0.4.1...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Scott Rigby
1b3e0bc46a
Update oras-go to v1.1.0
...
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Scott Rigby
a8df413c41
Update ORAS to v1.1.0-rc1
...
Now that https://github.com/oras-project/oras-go/pull/89 is merged and released
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Scott Rigby
042e13d0d1
Temp use Andy's fork PR branch
...
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Allen Bai
e3897ad6b1
registry/client: use NewClientWithDockerFallback from oras v1.1.0-rc3
...
Uses NewClientWithDockerFallback to always use Docker config and
modifies go.mod to use oras v1.1.0-rc3.
Ref:
- https://github.com/helm/helm/pull/10536#issuecomment-1010144075
- https://github.com/oras-project/oras-go/pull/92
Signed-off-by: Allen Bai <abai@redhat.com>
3 years ago
Josh Wolf
fb0eeebf66
add oci reference validation and tag scoped (+) replacement to registry client Push/Pull
...
Signed-off-by: Josh Wolf <josh@wolfs.io>
3 years ago
dependabot[bot]
babbb67f89
chore(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.11+incompatible to 20.10.12+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.11...v20.10.12 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
d417878a69
chore(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.1...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
5c698e9fa7
Updating Kubernetes packages to those from 1.23.1
...
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
dependabot[bot]
a840fb0940
chore(deps): bump github.com/Masterminds/squirrel from 1.5.1 to 1.5.2
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.1...v1.5.2 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
664d5e63e3
chore(deps): bump github.com/mattn/go-shellwords from 1.0.11 to 1.0.12
...
Bumps [github.com/mattn/go-shellwords](https://github.com/mattn/go-shellwords ) from 1.0.11 to 1.0.12.
- [Release notes](https://github.com/mattn/go-shellwords/releases )
- [Commits](https://github.com/mattn/go-shellwords/compare/v1.0.11...v1.0.12 )
---
updated-dependencies:
- dependency-name: github.com/mattn/go-shellwords
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
98c4ccf29b
Merge pull request #10341 from helm/dependabot/go_modules/github.com/Masterminds/squirrel-1.5.1
...
chore(deps): bump github.com/Masterminds/squirrel from 1.5.0 to 1.5.1
3 years ago
Matt Farina
0199f84014
Merge pull request #10342 from helm/dependabot/go_modules/github.com/gofrs/flock-0.8.1
...
chore(deps): bump github.com/gofrs/flock from 0.8.0 to 0.8.1
3 years ago