dependabot[bot]
fe2a66c63c
chore(deps): bump github.com/Masterminds/squirrel from 1.5.2 to 1.5.3
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.2...v1.5.3 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
a3bb2f71e0
chore(deps): bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Matthew Fisher
fa6ba5bb29
Merge pull request #10532 from helm/dependabot/go_modules/github.com/evanphx/json-patch-5.6.0incompatible
...
chore(deps): bump github.com/evanphx/json-patch from 4.12.0+incompatible to 5.6.0+incompatible
2 years ago
Matthew Fisher
9b28ad1dca
Merge pull request #10902 from helm/dependabot/go_modules/github.com/lib/pq-1.10.5
...
Bump github.com/lib/pq from 1.10.4 to 1.10.5
2 years ago
Matthew Fisher
921c7f3668
Merge pull request #10958 from helm/dependabot/go_modules/github.com/containerd/containerd-1.6.4
...
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
2 years ago
Matthew Fisher
a9ed6057ba
Merge pull request #10855 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0
...
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
2 years ago
dependabot[bot]
606633cc5e
chore(deps): bump github.com/evanphx/json-patch
...
Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch ) from 4.12.0+incompatible to 5.6.0+incompatible.
- [Release notes](https://github.com/evanphx/json-patch/releases )
- [Commits](https://github.com/evanphx/json-patch/compare/v4.12.0...v5.6.0 )
---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
ede591f65d
Bump github.com/lib/pq from 1.10.4 to 1.10.5
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.4...v1.10.5 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
8b6904869a
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.3 to 1.6.4.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.3...v1.6.4 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Matthew Fisher
14673dac31
Merge pull request #10923 from helm/dependabot/go_modules/github.com/jmoiron/sqlx-1.3.5
...
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
2 years ago
dependabot[bot]
67ed6e2999
build(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.14+incompatible to 20.10.16+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.14...v20.10.16 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
43aa3132ff
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
...
Bumps [github.com/jmoiron/sqlx](https://github.com/jmoiron/sqlx ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/jmoiron/sqlx/releases )
- [Commits](https://github.com/jmoiron/sqlx/compare/v1.3.4...v1.3.5 )
---
updated-dependencies:
- dependency-name: github.com/jmoiron/sqlx
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Andrew Seigner
bd7c97f786
Bump k8s packages from 0.23.6 to 0.24.0
...
This required modifying the `kube.Factory` interface to conform to
changes in k8s' `cmdutil.Factory` interface:
fe3772890f
Signed-off-by: Andrew Seigner <andrew@sig.gy>
2 years ago
Martin Hickey
3013c48cda
Bumping Kubernetes package version to 0.23.6
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
2 years ago
Colleen Murphy
5105899a86
fix(helm): update golang.org/x/crypto to latest
...
Update the crypto dependency to address CVE-2022-27191.
Helm does not use the ssh module of crypto, so is not vulnerable to this
CVE, but the dependency gets flagged by vulnerability scanners
Signed-off-by: Colleen Murphy <colleen.murphy@suse.com>
2 years ago
dependabot[bot]
08b5feb145
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.13+incompatible to 20.10.14+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.13...v20.10.14 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
3543d14c34
Bump github.com/containerd/containerd from 1.6.1 to 1.6.3
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
6eee0de7cc
Bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
aafc920185
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
c0ded2e01c
Merge pull request #10775 from helm/dependabot/go_modules/github.com/stretchr/testify-1.7.1
...
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
3 years ago
Matt Farina
a87ab07aed
Bumping Kubernetes package versions
...
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
Matt Farina
3490f1e7b6
Updating vcs to latest version
...
vcs had a release due to a CVE. This updates to the latest version
that mitigates the CVE.
Note, the Makefile was updated so that `make build` would build
without cgo just like gox does in the CI pipeline. They should
both build without cgo so we can catch issues before merging to
master where a canary build would pick up the problem.
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
dependabot[bot]
9380e211aa
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
2cf845424a
Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
0f2e2bbd6c
Merge pull request #10544 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.0.0
...
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
3 years ago
dependabot[bot]
5886c28b8b
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.12+incompatible to 20.10.13+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.12...v20.10.13 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
7432807210
Updating Kubernetes libs to 0.23.4 (latest)
...
Signed-off-by: Matt Farina <matt.farina@suse.com>
3 years ago
Shubham Sharma
df2c916692
Upgrade rubenv/sql-migrate
...
Signed-off-by: Shubham Sharma <shubhash@microsoft.com>
3 years ago
Martin Hickey
5213891bb1
Updating Kubernetes packages to 1.23.3
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
3 years ago
dependabot[bot]
583c4acbcf
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 0.4.1 to 1.0.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v0.4.1...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Scott Rigby
1b3e0bc46a
Update oras-go to v1.1.0
...
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Scott Rigby
a8df413c41
Update ORAS to v1.1.0-rc1
...
Now that https://github.com/oras-project/oras-go/pull/89 is merged and released
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Scott Rigby
042e13d0d1
Temp use Andy's fork PR branch
...
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Allen Bai
e3897ad6b1
registry/client: use NewClientWithDockerFallback from oras v1.1.0-rc3
...
Uses NewClientWithDockerFallback to always use Docker config and
modifies go.mod to use oras v1.1.0-rc3.
Ref:
- https://github.com/helm/helm/pull/10536#issuecomment-1010144075
- https://github.com/oras-project/oras-go/pull/92
Signed-off-by: Allen Bai <abai@redhat.com>
3 years ago
Josh Wolf
fb0eeebf66
add oci reference validation and tag scoped (+) replacement to registry client Push/Pull
...
Signed-off-by: Josh Wolf <josh@wolfs.io>
3 years ago
dependabot[bot]
babbb67f89
chore(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.11+incompatible to 20.10.12+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.11...v20.10.12 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
d417878a69
chore(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.1...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
5c698e9fa7
Updating Kubernetes packages to those from 1.23.1
...
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
dependabot[bot]
a840fb0940
chore(deps): bump github.com/Masterminds/squirrel from 1.5.1 to 1.5.2
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.1...v1.5.2 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
664d5e63e3
chore(deps): bump github.com/mattn/go-shellwords from 1.0.11 to 1.0.12
...
Bumps [github.com/mattn/go-shellwords](https://github.com/mattn/go-shellwords ) from 1.0.11 to 1.0.12.
- [Release notes](https://github.com/mattn/go-shellwords/releases )
- [Commits](https://github.com/mattn/go-shellwords/compare/v1.0.11...v1.0.12 )
---
updated-dependencies:
- dependency-name: github.com/mattn/go-shellwords
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
98c4ccf29b
Merge pull request #10341 from helm/dependabot/go_modules/github.com/Masterminds/squirrel-1.5.1
...
chore(deps): bump github.com/Masterminds/squirrel from 1.5.0 to 1.5.1
3 years ago
Matt Farina
0199f84014
Merge pull request #10342 from helm/dependabot/go_modules/github.com/gofrs/flock-0.8.1
...
chore(deps): bump github.com/gofrs/flock from 0.8.0 to 0.8.1
3 years ago
Matt Farina
c2da47e22b
Updating to Kubernetes 1.22.4 packages
...
Signed-off-by: Matt Farina <matt.farina@suse.com>
3 years ago
dependabot[bot]
6a1daecd0c
chore(deps): bump github.com/Masterminds/squirrel from 1.5.0 to 1.5.1
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
6d96e5e4d6
chore(deps): Bump github.com/mitchellh/copystructure from 1.1.1 to 1.2.0
...
Bumps [github.com/mitchellh/copystructure](https://github.com/mitchellh/copystructure ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/mitchellh/copystructure/releases )
- [Commits](https://github.com/mitchellh/copystructure/compare/v1.1.1...v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Josh Dolitsky
b66c468812
Upgrade to oras-go v1.0.0
...
Signed-off-by: Josh Dolitsky <josh@dolit.ski>
3 years ago
dependabot[bot]
46a643fff4
chore(deps): bump github.com/gofrs/flock from 0.8.0 to 0.8.1
...
Bumps [github.com/gofrs/flock](https://github.com/gofrs/flock ) from 0.8.0 to 0.8.1.
- [Release notes](https://github.com/gofrs/flock/releases )
- [Commits](https://github.com/gofrs/flock/compare/v0.8.0...v0.8.1 )
---
updated-dependencies:
- dependency-name: github.com/gofrs/flock
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
7293ac2388
chore(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.9+incompatible to 20.10.11+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.9...v20.10.11 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
fdb97665e4
chore(deps): bump github.com/lib/pq from 1.10.3 to 1.10.4
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.3 to 1.10.4.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.3...v1.10.4 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Josh Dolitsky
b27b5551e0
Merge branch 'main' into oras-0.5
3 years ago