Mikhail Mazurskiy
ea5365a3d1
Drop direct github.com/docker/docker dependency
...
Signed-off-by: Mikhail Mazurskiy <mmazurskiy@gitlab.com>
2 years ago
Matt Farina
26ce96464f
Merge pull request #11153 from macedogm/bump-kube-openapi
...
Update github.com/emicklei/go-restful to fix CVE-2022-1996
2 years ago
Guilherme Macedo
1e0f8a4ee9
Bump k8s.io/kube-openapi to fix CVE-2022-1996 in github.com/emicklei/go-restful
...
Signed-off-by: Guilherme Macedo <guilherme.macedo@suse.com>
2 years ago
dependabot[bot]
0c9de28b58
chore(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Martin Hickey
211bd2b60a
Upgrading to Kubernetes 1.24.2
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
2 years ago
Martin Hickey
51e6c8e4e0
Bump Oras to 1.2.0
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
2 years ago
yxxhero
39b0a82365
bump Go 1.18
...
Signed-off-by: yxxhero <aiopsclub@163.com>
2 years ago
dependabot[bot]
0acd81b43e
chore(deps): bump github.com/stretchr/testify from 1.7.4 to 1.7.5
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
3ff331fb14
chore(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 ( #11075 )
2 years ago
Matt Farina
47641e753a
Merge pull request #10966 from helm/dependabot/go_modules/github.com/lib/pq-1.10.6
...
chore(deps): bump github.com/lib/pq from 1.10.5 to 1.10.6
2 years ago
dependabot[bot]
994d786511
chore(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.4
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.1 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.4 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Matt Farina
657850e44b
Merge pull request #11018 from mattfarina/bump-k8s.1.24.1
...
Upgrading to Kubernetes 1.24.1 packages
2 years ago
Matt Farina
5ef01c2714
Upgrading to Kubernetes 1.24.1 packages
...
Note, Go seems to handle dependencies differently in 1.16 and 1.17.
Running go mod tidy highlights this. This change was generated using
go mod tidy -compat=1.17. The current supported Go versions are 1.18
and 1.17.
Signed-off-by: Matt Farina <matt.farina@suse.com>
2 years ago
dependabot[bot]
fe2a66c63c
chore(deps): bump github.com/Masterminds/squirrel from 1.5.2 to 1.5.3
...
Bumps [github.com/Masterminds/squirrel](https://github.com/Masterminds/squirrel ) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/Masterminds/squirrel/releases )
- [Commits](https://github.com/Masterminds/squirrel/compare/v1.5.2...v1.5.3 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/squirrel
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
f3cfd4f6cc
chore(deps): bump github.com/lib/pq from 1.10.5 to 1.10.6
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.5 to 1.10.6.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.5...v1.10.6 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
a3bb2f71e0
chore(deps): bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
fa6ba5bb29
Merge pull request #10532 from helm/dependabot/go_modules/github.com/evanphx/json-patch-5.6.0incompatible
...
chore(deps): bump github.com/evanphx/json-patch from 4.12.0+incompatible to 5.6.0+incompatible
3 years ago
Matthew Fisher
9b28ad1dca
Merge pull request #10902 from helm/dependabot/go_modules/github.com/lib/pq-1.10.5
...
Bump github.com/lib/pq from 1.10.4 to 1.10.5
3 years ago
Matthew Fisher
921c7f3668
Merge pull request #10958 from helm/dependabot/go_modules/github.com/containerd/containerd-1.6.4
...
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
3 years ago
Matthew Fisher
a9ed6057ba
Merge pull request #10855 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.1.0
...
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
3 years ago
dependabot[bot]
606633cc5e
chore(deps): bump github.com/evanphx/json-patch
...
Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch ) from 4.12.0+incompatible to 5.6.0+incompatible.
- [Release notes](https://github.com/evanphx/json-patch/releases )
- [Commits](https://github.com/evanphx/json-patch/compare/v4.12.0...v5.6.0 )
---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
ede591f65d
Bump github.com/lib/pq from 1.10.4 to 1.10.5
...
Bumps [github.com/lib/pq](https://github.com/lib/pq ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/lib/pq/releases )
- [Commits](https://github.com/lib/pq/compare/v1.10.4...v1.10.5 )
---
updated-dependencies:
- dependency-name: github.com/lib/pq
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
8b6904869a
build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.3 to 1.6.4.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.3...v1.6.4 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matthew Fisher
14673dac31
Merge pull request #10923 from helm/dependabot/go_modules/github.com/jmoiron/sqlx-1.3.5
...
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
3 years ago
dependabot[bot]
67ed6e2999
build(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.14+incompatible to 20.10.16+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.14...v20.10.16 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
43aa3132ff
build(deps): bump github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
...
Bumps [github.com/jmoiron/sqlx](https://github.com/jmoiron/sqlx ) from 1.3.4 to 1.3.5.
- [Release notes](https://github.com/jmoiron/sqlx/releases )
- [Commits](https://github.com/jmoiron/sqlx/compare/v1.3.4...v1.3.5 )
---
updated-dependencies:
- dependency-name: github.com/jmoiron/sqlx
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Andrew Seigner
bd7c97f786
Bump k8s packages from 0.23.6 to 0.24.0
...
This required modifying the `kube.Factory` interface to conform to
changes in k8s' `cmdutil.Factory` interface:
fe3772890f
Signed-off-by: Andrew Seigner <andrew@sig.gy>
3 years ago
Martin Hickey
3013c48cda
Bumping Kubernetes package version to 0.23.6
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
3 years ago
Colleen Murphy
5105899a86
fix(helm): update golang.org/x/crypto to latest
...
Update the crypto dependency to address CVE-2022-27191.
Helm does not use the ssh module of crypto, so is not vulnerable to this
CVE, but the dependency gets flagged by vulnerability scanners
Signed-off-by: Colleen Murphy <colleen.murphy@suse.com>
3 years ago
dependabot[bot]
08b5feb145
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.13+incompatible to 20.10.14+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.13...v20.10.14 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
3543d14c34
Bump github.com/containerd/containerd from 1.6.1 to 1.6.3
...
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/containerd/containerd/releases )
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md )
- [Commits](https://github.com/containerd/containerd/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
6eee0de7cc
Bump oras.land/oras-go from 1.1.0 to 1.1.1
...
Bumps [oras.land/oras-go](https://github.com/oras-project/oras-go ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/oras-project/oras-go/releases )
- [Commits](https://github.com/oras-project/oras-go/compare/v1.1.0...v1.1.1 )
---
updated-dependencies:
- dependency-name: oras.land/oras-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
aafc920185
Bump github.com/BurntSushi/toml from 1.0.0 to 1.1.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v1.0.0...v1.1.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
c0ded2e01c
Merge pull request #10775 from helm/dependabot/go_modules/github.com/stretchr/testify-1.7.1
...
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
3 years ago
Matt Farina
a87ab07aed
Bumping Kubernetes package versions
...
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
Matt Farina
3490f1e7b6
Updating vcs to latest version
...
vcs had a release due to a CVE. This updates to the latest version
that mitigates the CVE.
Note, the Makefile was updated so that `make build` would build
without cgo just like gox does in the CI pipeline. They should
both build without cgo so we can catch issues before merging to
master where a canary build would pick up the problem.
Signed-off-by: Matt Farina <matt@mattfarina.com>
3 years ago
dependabot[bot]
9380e211aa
Bump github.com/stretchr/testify from 1.7.0 to 1.7.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
2cf845424a
Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Theo Chupp
45af381aa4
fix: run 'go mod tidy' for go 1.17
...
Signed-off-by: Theo Chupp <theodorechupp@stockx.com>
3 years ago
Theo Chupp
4448042723
dummy change to trigger CI
...
Signed-off-by: Theo Chupp <theodorechupp@stockx.com>
3 years ago
Matthew Fisher
8a0bfae335
Merge pull request #10581 from smaftoul/bump-go-version
...
Set go version to 1.17 to match CI
3 years ago
Matthew Fisher
0f2e2bbd6c
Merge pull request #10544 from helm/dependabot/go_modules/github.com/BurntSushi/toml-1.0.0
...
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
3 years ago
dependabot[bot]
5886c28b8b
Bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 20.10.12+incompatible to 20.10.13+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md )
- [Commits](https://github.com/docker/docker/compare/v20.10.12...v20.10.13 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Matt Farina
7432807210
Updating Kubernetes libs to 0.23.4 (latest)
...
Signed-off-by: Matt Farina <matt.farina@suse.com>
3 years ago
Shubham Sharma
df2c916692
Upgrade rubenv/sql-migrate
...
Signed-off-by: Shubham Sharma <shubhash@microsoft.com>
3 years ago
Martin Hickey
5213891bb1
Updating Kubernetes packages to 1.23.3
...
Signed-off-by: Martin Hickey <martin.hickey@ie.ibm.com>
3 years ago
Samuel Maftoul
850da38265
Set go version to 1.17 to match CI
...
Signed-off-by: Samuel Maftoul <samuel.maftoul@gmail.com>
3 years ago
dependabot[bot]
583c4acbcf
chore(deps): bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0
...
Bumps [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml ) from 0.4.1 to 1.0.0.
- [Release notes](https://github.com/BurntSushi/toml/releases )
- [Commits](https://github.com/BurntSushi/toml/compare/v0.4.1...v1.0.0 )
---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Scott Rigby
1b3e0bc46a
Update oras-go to v1.1.0
...
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago
Scott Rigby
a8df413c41
Update ORAS to v1.1.0-rc1
...
Now that https://github.com/oras-project/oras-go/pull/89 is merged and released
Signed-off-by: Scott Rigby <scott@r6by.com>
3 years ago