Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all dependencies #370

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update all dependencies #370

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 12, 2024

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/upload-artifact action digest b4b15b8 -> 65c4c4a
cgr.dev/chainguard/glibc-dynamic final digest a2ecbc3 -> d7dd847
cgr.dev/chainguard/go stage digest d4eca27 -> 0c04e37
github.com/gofiber/fiber/v2 require patch v2.52.5 -> v2.52.6 age adoption passing confidence
github.com/gofiber/swagger require patch v1.1.0 -> v1.1.1 age adoption passing confidence
github/codeql-action action minor v3.27.7 -> v3.28.1 age adoption passing confidence
peter-evans/create-pull-request action digest 5e91468 -> 67ccf78
stefanzweifel/git-auto-commit-action action digest 8621497 -> e348103
step-security/harden-runner action patch v2.10.2 -> v2.10.3 age adoption passing confidence

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2)

v2.52.6

Compare Source

🐛 Bug Fixes

📚 Documentation

🛠️ Maintenance

Full Changelog: gofiber/fiber@v2.52.5...v2.52.6

gofiber/swagger (github.com/gofiber/swagger)

v1.1.1

Compare Source

🧹 Updates

  • build(deps): bump github.com/gofiber/fiber/v2 from 2.52.5 to 2.52.6 (#​107)
  • build(deps): bump github.com/swaggo/files/v2 from 2.0.1 to 2.0.2 (#​108)
  • build(deps): bump github.com/swaggo/swag from 1.16.3 to 1.16.4 (#​101)
  • build(deps): bump dependabot/fetch-metadata from 2.1.0 to 2.2.0 (#​98)
  • build(deps): bump github.com/swaggo/files/v2 from 2.0.0 to 2.0.1 (#​97)

Full Changelog: gofiber/swagger@v1.1.0...v1.1.1

github/codeql-action (github/codeql-action)

v3.28.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.1 - 10 Jan 2025
  • CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #​2677
  • Update default CodeQL bundle version to 2.20.1. #​2678

See the full CHANGELOG.md for more information.

v3.28.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.28.0 - 20 Dec 2024
  • Bump the minimum CodeQL bundle version to 2.15.5. #​2655
  • Don't fail in the unusual case that a file is on the search path. #​2660.

See the full CHANGELOG.md for more information.

v3.27.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.9 - 12 Dec 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.8

Compare Source

step-security/harden-runner (step-security/harden-runner)

v2.10.3

Compare Source

What's Changed

Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison.

Full Changelog: step-security/harden-runner@v2...v2.10.3


Configuration

📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot changed the title Update github/codeql-action action to v3.27.8 Update all dependencies Dec 13, 2024
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 88535c8 to ee3c6fc Compare December 21, 2024 01:07
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 92e935b to 2006d51 Compare December 31, 2024 19:28
Copy link
Contributor Author

renovate bot commented Dec 31, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 2 additional dependencies were updated

Details:

Package Change
github.com/swaggo/files/v2 v2.0.1 -> v2.0.2
golang.org/x/sys v0.27.0 -> v0.28.0

@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 6ff2030 to cdf450e Compare January 4, 2025 01:34
@renovate renovate bot force-pushed the renovate/all branch 11 times, most recently from 98bcf20 to f07a59b Compare January 14, 2025 22:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants