Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the common group across 1 directory with 20 updates #7604

Merged
merged 2 commits into from
Sep 26, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 26, 2024

Bumps the common group with 14 updates in the / directory:

Package From To
github.com/CycloneDX/cyclonedx-go 0.9.0 0.9.1
github.com/aws/aws-sdk-go-v2 1.30.5 1.31.0
github.com/aws/aws-sdk-go-v2/config 1.27.33 1.27.38
github.com/aws/aws-sdk-go-v2/service/ec2 1.177.2 1.179.1
github.com/aws/aws-sdk-go-v2/service/ecr 1.32.4 1.35.2
github.com/aws/aws-sdk-go-v2/service/s3 1.61.2 1.63.2
github.com/containerd/containerd 1.7.21 1.7.22
github.com/docker/docker 27.2.0+incompatible 27.3.1+incompatible
github.com/hashicorp/hc-install 0.8.0 0.9.0
github.com/moby/buildkit 0.15.2 0.16.0
golang.org/x/crypto 0.26.0 0.27.0
golang.org/x/net 0.28.0 0.29.0
helm.sh/helm/v3 3.15.4 3.16.1
modernc.org/sqlite 1.32.0 1.33.1

Updates github.com/CycloneDX/cyclonedx-go from 0.9.0 to 0.9.1

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.9.1

Changelog

Fixes

  • 6f0e0cf025dd99ab903e33f8e043d92b28dab4f6: fix: nil pointer dereference during evidence conversion (@​nscuro)
  • ce43b6f4cb5707d3ef2db1af1d597f5b23bf0e15: fix: make linter happy (@​nscuro)
  • 5d799e634b9bed9c86621048544737b210e433e8: fix: remove deprecated goreleaser flag (@​nscuro)

Building and Packaging

  • 6d5bcb0e277207551dbc728eb29959f1d3cbd685: build(deps): bump actions/checkout from 4.1.6 to 4.1.7 (@​dependabot[bot])
  • f34fc0c413da74d20d1cc240863aaf2eb6b274f7: build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 (@​dependabot[bot])
  • 71cff221b8dbbc1d50f839fa76ecea4e42d83a2b: build(deps): bump gitpod/workspace-go from 8d15123 to 2a9e01c (@​dependabot[bot])
  • ea693550558d230b3fbba810b6e75ac2eb0b55c8: build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 (@​dependabot[bot])
  • d5cbdad49dfbf54f2dab4ad95bd1a47c710a526c: build(deps): bump goreleaser/goreleaser-action from 5.1.0 to 6.0.0 (@​dependabot[bot])
Commits
  • 02759af Merge pull request #195 from CycloneDX/nscuro-patch-1
  • 5d799e6 fix: remove deprecated goreleaser flag
  • 39328d3 Merge pull request #194 from CycloneDX/fix-nil-pointer-deref
  • ce43b6f fix: make linter happy
  • 6f0e0cf fix: nil pointer dereference during evidence conversion
  • 6f53207 Merge pull request #185 from CycloneDX/dependabot/github_actions/goreleaser/g...
  • eef8882 Merge pull request #188 from CycloneDX/dependabot/github_actions/actions/setu...
  • 094b2b6 Merge pull request #191 from CycloneDX/dependabot/github_actions/golangci/gol...
  • 17e9df7 Merge pull request #193 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
  • 71cff22 build(deps): bump gitpod/workspace-go from 8d15123 to 2a9e01c
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.30.5 to 1.31.0

Commits

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.33 to 1.27.38

Commits

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.32 to 1.17.36

Commits

Updates github.com/aws/aws-sdk-go-v2/service/ec2 from 1.177.2 to 1.179.1

Commits

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.32.4 to 1.35.2

Commits
  • 390cf19 Release 2023-03-21
  • c37c72a Regenerated Clients
  • d1e5193 Update endpoints model
  • 2506101 Update API model
  • c93b5cc Merge pull request #2051 from aws/add100ContinueCustomization
  • c01aac6 Keep one changelog for PR
  • 3780faa Keep one changelog for PR
  • b94b5b7 Merge remote-tracking branch 'origin/add100ContinueCustomization' into add100...
  • 6174ff2 Change some variable name and use operation shape id to represent operation s...
  • 83491fc add changelog to last commit
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.61.2 to 1.63.2

Commits

Updates github.com/aws/smithy-go from 1.20.4 to 1.21.0

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2024-09-25)

Module Highlights

  • github.com/aws/smithy-go/aws-http-auth: v1.0.0
    • Release: Initial release of module aws-http-auth, which implements generically consumable SigV4 and SigV4a request signing.

Release (2024-09-19)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.21.0
    • Feature: Add tracing and metrics APIs, and builtin instrumentation for both, in generated clients.
  • github.com/aws/smithy-go/metrics/smithyotelmetrics: v1.0.0
    • Release: Initial release of smithyotelmetrics module, which is used to adapt an OpenTelemetry SDK meter provider to be used with Smithy clients.
  • github.com/aws/smithy-go/tracing/smithyoteltracing: v1.0.0
    • Release: Initial release of smithyoteltracing module, which is used to adapt an OpenTelemetry SDK tracer provider to be used with Smithy clients.

Release (2024-08-14)

Module Highlights

  • github.com/aws/smithy-go: v1.20.4
    • Dependency Update: Bump minimum Go version to 1.21.

Release (2024-06-27)

Module Highlights

  • github.com/aws/smithy-go: v1.20.3
    • Bug Fix: Fix encoding/cbor test overflow on x86.

Release (2024-03-29)

  • No change notes available for this release.

Release (2024-02-21)

Module Highlights

  • github.com/aws/smithy-go: v1.20.1
    • Bug Fix: Remove runtime dependency on go-cmp.

Release (2024-02-13)

Module Highlights

  • github.com/aws/smithy-go: v1.20.0
    • Feature: Add codegen definition for sigv4a trait.
    • Feature: Bump minimum Go version to 1.20 per our language support policy.

Release (2023-12-07)

... (truncated)

Commits

Updates github.com/containerd/containerd from 1.7.21 to 1.7.22

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.22

Welcome to the v1.7.22 release of containerd!

The twenty-second patch release for containerd 1.7 contains various fixes and updates.

Highlights

Build and Release Toolchain

  • Update to go1.22.7, go1.23.1 (#10679)

Container Runtime Interface (CRI)

  • Cumulative stats can't decrease (#10670)

Runtime

  • Fix bug where init exits were being dropped (#10675)
  • Update runc binary to 1.1.14 (#10668)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Samuel Karp
  • James Sturtevant
  • Laura Brehm
  • Maksym Pavlenko
  • Akhil Mohan
  • Akihiro Suda
  • Cory Snider
  • Derek McGowan
  • Sebastiaan van Stijn

Changes

  • Prepare release notes for v1.7.22 (#10684)
    • 43174ee6a Prepare release notes for v1.7.22
  • integration: regression test for issue 10589 (#10682)
    • 0c4ba21d8 integration: regression test for issue 10589
    • 1cc2cfa4b fifosync: cross-process synchronization
  • Fix bug where init exits were being dropped (#10675)
    • f338717ed runc-shim: handle pending execs as running
    • 686c69490 runc-shim: refuse to start execs after init exits
    • 760935e52 runc-shim: remove misleading comment
  • Update to go1.22.7, go1.23.1 (#10679)

... (truncated)

Commits
  • 7f7fdf5 Merge pull request #10684 from samuelkarp/release-1.7.22
  • 43174ee Prepare release notes for v1.7.22
  • c10e4a6 Merge pull request #10682 from samuelkarp/shim-exec-fp-test-1.7
  • 0c4ba21 integration: regression test for issue 10589
  • 1cc2cfa fifosync: cross-process synchronization
  • b19be30 Merge pull request #10675 from laurazard/1.7-backport-shim-dropped-init-exits
  • c62aa06 Merge pull request #10679 from thaJeztah/1.7_update_go1.22.7
  • 19d678f update to go1.22.7, go1.23.1
  • f338717 runc-shim: handle pending execs as running
  • 686c694 runc-shim: refuse to start execs after init exits
  • Additional commits viewable in compare view

Updates github.com/docker/docker from 27.2.0+incompatible to 27.3.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.3.1

27.3.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • CLI: Fix issue with command execution metrics not being exported due to the CLI MeterProvider being shutdown too early. docker/cli#5457

Packaging updates

v27.3.0

27.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • containerd image store: Fix docker image prune -a untagging images used by containers started from images referenced by a digested reference. moby/moby#48488
  • Add a --feature flag to the daemon options. moby/moby#48487
  • Updated the handling of the --gpus=0 flag to be consistent with the NVIDIA Container Runtime. moby/moby#48483 (docker/cli#5432)
  • Support WSL2 mirrored-mode networking's use of interface loopback0 for packets from the Windows host. moby/moby#48514
  • Fix an issue that prevented communication between containers on an IPv4 bridge network when running with --iptables=false, --ip6tables=true (the default), a firewall with a DROP rule for forwarded packets on hosts where the br_netfilter kernel module was not normally loaded. moby/moby#48511
  • CLI: Fix issue where docker volume update command would cause the CLI to panic if no argument/volume was passed. docker/cli#5426
  • docker/cli#5432

Packaging updates

v27.3.0-rc.2

27.3.0-rc.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

... (truncated)

Commits
  • 41ca978 Merge pull request #48525 from thaJeztah/27.x_backport_govulncheck_permissions
  • a6b772b gha: govulncheck: make sure read permissions are set
  • 856359c Merge pull request #48514 from robmry/backport-27.x/wsl2_mirrored_loopback0_w...
  • cd21af7 Do not DNAT packets from WSL2's loopback0
  • 8516f3b Merge pull request #48510 from thaJeztah/27.x_backport_bump_buildx_compose
  • 3a7779a Merge pull request #48511 from robmry/backport-27.x/48375_bridge_netfiltering
  • 5c499fc Only enable bridge netfiltering when needed
  • 98f24aa Merge pull request #48506 from thaJeztah/27.x_backport_man_dockerd_logformat
  • 8adc8e4 Dockerfile: update compose to v2.29.4
  • 576fc88 Dockerfile: update buildx to v0.17.1
  • Additional commits viewable in compare view

Updates github.com/hashicorp/hc-install from 0.8.0 to 0.9.0

Release notes

Sourced from github.com/hashicorp/hc-install's releases.

v0.9.0

What's Changed

Full Changelog: hashicorp/hc-install@v0.8.1...v0.9.0

v0.8.1

What's Changed

New Contributors

Full Changelog: hashicorp/hc-install@v0.8.0...v0.8.1

Commits
  • 157a802 Merge pull request #250 from hashicorp/release-0.9.0
  • 4c734fc Prepare for v0.9.0 release
  • d78b328 Merge pull request #249 from hashicorp/d-contributing-md-update
  • 34f38b0 docs: Update release instructions
  • 6a5aa83 build(deps): bump golang.org/x/mod from 0.20.0 to 0.21.0 (#242)
  • 1784fcc Merge pull request #248 from hashicorp/revert-version-contents
  • ea2c69b Finish Release of 0.8.1 by updating VERSION
  • 4f3e00e Releasing 0.8.1
  • c6d1ced Merge pull request #246 from hashicorp/update-contributing
  • eea12f1 Update CONTRIBUTING.md to add clean up step
  • Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.15.2 to 0.16.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.16.0

Welcome to the v0.16.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • CrazyMax
  • Tõnis Tiigi
  • Sebastiaan van Stijn
  • Akihiro Suda
  • David Karlsson
  • Shaun Thompson
  • Talon Bowler
  • Arkadiusz Drabczyk
  • Craig Andrews
  • Justin Chadwell
  • Mitsuru Kariya
  • Anthony Nandaa
  • Bertrand Paquet
  • Ignas Mikalajūnas
  • Jonathan A. Sternberg
  • Billy Owire
  • Debosmit Ray
  • Kai Takac
  • Marat Radchenko
  • a-palchikov

Notable changes

  • Builtin Dockerfile frontend has been updated to v1.10.0 changelog
  • Remote cache export to S3 backend can now happen with parallel requests and can be controlled with new upload_parallelism option #5270
  • Remote cache export to S3 backend now supports layers larger than 5GB #5266
  • History records now contain information about the number of warnings that were generated during the build #5166
  • Printing check results with library now allows source mapping modifications #5295
  • Unconditionally use /etc/resolv.conf rather than systemd's config in host networking mode #5207
  • Certain history, graph consistency, and some syscall errors as now marked as internal and use corresponding gRPC error code #5163 #5182
  • Output of errors produced by the container executor has been improved #5179
  • Stack traces produced by build errors are now clearer and avoid duplicates #5180
  • Build containers killed by OOMKiller are now detected and shown to the user in the error message #5260
  • Runc container runtime has been updated to v1.1.14 #5300
  • Pre-defined OCI annotations are now set to the BuildKit image #3554
  • Fix pruning cache mounts that use uid/gid/mode/from on no-cache builds #5306
  • Fix issue where --import-cache flag could be ignored for buildctl #5143
  • Fix OTEL trace ID being missing from logs #5315

Dependency Changes

... (truncated)

Commits
  • 0865fcc Merge pull request #5320 from crazy-max/v0.16.0-picks2
  • 74116a2 fix windows area label when modifications are under the vendor folder
  • 5c5dc59 vendor: github.com/docker/docker v27.2.1
  • c9d08dd Merge pull request #5315 from jsternberg/trace-id-in-log
  • b2b8b1c Merge pull request #5313 from tonistiigi/grpc-v1.62
  • 366c355 bklog: always enable trace id if it exists
  • e89d391 vendor: update grpc to v1.62.0
  • a1993e8 Merge pull request #5306 from tonistiigi/cache-mount-mode-prune
  • 85668ff Merge pull request #5307 from thompson-shaun/update-labeler
  • 436609d Merge pull request #5302 from crazy-max/dockerfile-rootless-cache
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.26.0 to 0.27.0

Commits
  • c9da6b9 all: fix printf(var) mistakes detected by latest printf checker
  • b35ab4f go.mod: update golang.org/x dependencies
  • bcb0f91 internal/poly1305: Port sum_amd64.s to Avo
  • 7eace71 chacha20poly1305: Avo port of chacha20poly1305_amd64.s
  • 620dfbc salsa20/salsa: Port salsa20_amd64.s to Avo
  • 82942cf blake2b: port blake2b_amd64.s to Avo
  • 0484c26 blake2b: port blake2bAVX2_amd64.s to Avo
  • 38ed1bc blake2s: port blake2s_amd64.s to Avo
  • 38a0b5d argon2: Avo port of blamka_amd64.s
  • bf5f14f x509roots/fallback: update bundle
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.20.0 to 0.21.0

Commits
  • 46a3137 zip: set GIT_DIR in test when using bare repositories
  • 3afcd4e go.mod: set go version to 1.22.0
  • b1d336c go.mod: update required go version to go1.22
  • See full diff in compare view

Updates golang.org/x/net from 0.28.0 to 0.29.0

Commits
  • 35b4aba go.mod: update golang.org/x dependencies
  • 9bf379f websocket: fix printf(var) mistake detected by latest printf checker
  • See full diff in compare view

Updates golang.org/x/term from 0.23.0 to 0.24.0

Commits
  • 2f7b0dd go.mod: update golang.org/x dependencies
  • f867b76 x/term: set missing VIRTUAL_TERMINAL_INPUT flag on Windows
  • See full diff in compare view

Updates golang.org/x/text from 0.17.0 to 0.18.0

Commits
  • 1e3e9fd all: rename Example test functions to prevent vet errors
  • See full diff in compare view

Updates helm.sh/helm/v3 from 3.15.4 to 3.16.1

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm 3.16.1

Helm v3.16.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

This release fixes a regression that is in 3.16.0.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.1. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.16.2 is the next patch release and will be on October 09, 2024
  • 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

  • bumping version to 1.22.7 5a5449dc42be07001fd5771d56429132984ab3ab (Robert Sirchia)
  • Merge pull request #13327 from mattfarina/revert-11726 2cbf7fc005885cb46b60ebfcd03ff09890e43be1 (Joe Julian)

Helm v3.16.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs

... (truncated)

Commits
  • 5a5449d bumping version to 1.22.7
  • 2cbf7fc Merge pull request #13327 from mattfarina/revert-11726
  • 0d439e1 bump version to v3.16.0
  • 1ac6fce Merge pull request #13290 from helm/dependabot/go_modules/github.com/rubenv/s...
  • a585fdb Merge pull request #13291 from helm/dependabot/go_modules/github.com/cyphar/f...
  • 0d12150 Bump github.com/cyphar/filepath-securejoin from 0.2.5 to 0.3.1
  • b1f9f0c Bump github.com/rubenv/sql-migrate from 1.6.1 to 1.7.0
  • d66d435 Merge pull request #13276 from helm/dependabot/go_modules/github.com/evanphx/...
  • c1ed2e2 Merge pull request #13286 from mattfarina/bump-sprig
  • 2dc73d8 Merge pull request #13281 from giuliocalzolari/timestamp
  • Additional commits viewable in compare view

Updates k8s.io/api from 0.30.3 to 0.31.0

Commits

Updates modernc.org/sqlite from 1.32.0 to 1.33.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the common group with 14 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/CycloneDX/cyclonedx-go](https://github.com/CycloneDX/cyclonedx-go) | `0.9.0` | `0.9.1` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.30.5` | `1.31.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.33` | `1.27.38` |
| [github.com/aws/aws-sdk-go-v2/service/ec2](https://github.com/aws/aws-sdk-go-v2) | `1.177.2` | `1.179.1` |
| [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) | `1.32.4` | `1.35.2` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.61.2` | `1.63.2` |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.21` | `1.7.22` |
| [github.com/docker/docker](https://github.com/docker/docker) | `27.2.0+incompatible` | `27.3.1+incompatible` |
| [github.com/hashicorp/hc-install](https://github.com/hashicorp/hc-install) | `0.8.0` | `0.9.0` |
| [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.15.2` | `0.16.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.26.0` | `0.27.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.28.0` | `0.29.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.15.4` | `3.16.1` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.32.0` | `1.33.1` |



Updates `github.com/CycloneDX/cyclonedx-go` from 0.9.0 to 0.9.1
- [Release notes](https://github.com/CycloneDX/cyclonedx-go/releases)
- [Changelog](https://github.com/CycloneDX/cyclonedx-go/blob/master/.goreleaser.yml)
- [Commits](CycloneDX/cyclonedx-go@v0.9.0...v0.9.1)

Updates `github.com/aws/aws-sdk-go-v2` from 1.30.5 to 1.31.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.30.5...v1.31.0)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.33 to 1.27.38
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.27.33...config/v1.27.38)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.32 to 1.17.36
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.17.32...credentials/v1.17.36)

Updates `github.com/aws/aws-sdk-go-v2/service/ec2` from 1.177.2 to 1.179.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ec2/v1.177.2...service/ec2/v1.179.1)

Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.32.4 to 1.35.2
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/sqs/v1.32.4...service/iot/v1.35.2)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.61.2 to 1.63.2
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.61.2...service/s3/v1.63.2)

Updates `github.com/aws/smithy-go` from 1.20.4 to 1.21.0
- [Release notes](https://github.com/aws/smithy-go/releases)
- [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md)
- [Commits](aws/smithy-go@v1.20.4...v1.21.0)

Updates `github.com/containerd/containerd` from 1.7.21 to 1.7.22
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.21...v1.7.22)

Updates `github.com/docker/docker` from 27.2.0+incompatible to 27.3.1+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v27.2.0...v27.3.1)

Updates `github.com/hashicorp/hc-install` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/hashicorp/hc-install/releases)
- [Commits](hashicorp/hc-install@v0.8.0...v0.9.0)

Updates `github.com/moby/buildkit` from 0.15.2 to 0.16.0
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](moby/buildkit@v0.15.2...v0.16.0)

Updates `golang.org/x/crypto` from 0.26.0 to 0.27.0
- [Commits](golang/crypto@v0.26.0...v0.27.0)

Updates `golang.org/x/mod` from 0.20.0 to 0.21.0
- [Commits](golang/mod@v0.20.0...v0.21.0)

Updates `golang.org/x/net` from 0.28.0 to 0.29.0
- [Commits](golang/net@v0.28.0...v0.29.0)

Updates `golang.org/x/term` from 0.23.0 to 0.24.0
- [Commits](golang/term@v0.23.0...v0.24.0)

Updates `golang.org/x/text` from 0.17.0 to 0.18.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.17.0...v0.18.0)

Updates `helm.sh/helm/v3` from 3.15.4 to 3.16.1
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.15.4...v3.16.1)

Updates `k8s.io/api` from 0.30.3 to 0.31.0
- [Commits](kubernetes/api@v0.30.3...v0.31.0)

Updates `modernc.org/sqlite` from 1.32.0 to 1.33.1
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.32.0...v1.33.1)

---
updated-dependencies:
- dependency-name: github.com/CycloneDX/cyclonedx-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ec2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/aws/smithy-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/containerd/containerd
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: common
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/hashicorp/hc-install
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: github.com/moby/buildkit
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: common
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from knqyf263 as a code owner September 26, 2024 10:46
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 26, 2024
@knqyf263 knqyf263 added this pull request to the merge queue Sep 26, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Sep 26, 2024
@knqyf263 knqyf263 enabled auto-merge September 26, 2024 17:20
@knqyf263 knqyf263 added this pull request to the merge queue Sep 26, 2024
Merged via the queue into main with commit 3fa24e8 Sep 26, 2024
12 checks passed
@knqyf263 knqyf263 deleted the dependabot/go_modules/common-505bd183ca branch September 26, 2024 17:43
fhielpos added a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
* feat(vm): Support direct filesystem (aquasecurity#7058)

Signed-off-by: yusuke.koyoshi <[email protected]>

* feat(cli)!: delete deprecated SBOM flags (aquasecurity#7266)

Signed-off-by: knqyf263 <[email protected]>

* feat(vm): support the Ext2/Ext3 filesystems (aquasecurity#6983)

* fix(plugin): do not call GitHub content API for releases and tags (aquasecurity#7274)

Signed-off-by: knqyf263 <[email protected]>

* fix(java): Return error when trying to find a remote pom to avoid segfault (aquasecurity#7275)

Co-authored-by: DmitriyLewen <[email protected]>

* fix(flag): incorrect behavior for deprected flag `--clear-cache` (aquasecurity#7281)

* refactor(misconf): remove file filtering from parsers (aquasecurity#7289)

Signed-off-by: nikpivkin <[email protected]>

* feat(vuln): Add `--detection-priority` flag for accuracy tuning (aquasecurity#7288)

Signed-off-by: knqyf263 <[email protected]>

* docs: add auto-generated config (aquasecurity#7261)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(terraform): add aws_region name to presets (aquasecurity#7184)

* perf(misconf): do not convert contents of a YAML file to string (aquasecurity#7292)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): remove unused universal scanner (aquasecurity#7293)

Signed-off-by: nikpivkin <[email protected]>

* perf(misconf): use json.Valid to check validity of JSON (aquasecurity#7308)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): load only submodule if it is specified in source (aquasecurity#7112)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): support for policy and bucket grants (aquasecurity#7284)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): do not set default value for default_cache_behavior (aquasecurity#7234)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): iterator argument support for dynamic blocks (aquasecurity#7236)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: simar7 <[email protected]>

* chore(deps): bump the common group across 1 directory with 7 updates (aquasecurity#7305)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* docs: update client/server docs for misconf and license scanning (aquasecurity#7277)

Signed-off-by: nikpivkin <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs: update links to packaging.python.org (aquasecurity#7318)

Signed-off-by: nikpivkin <[email protected]>

* perf(misconf): optimize work with context (aquasecurity#6968)

Signed-off-by: nikpivkin <[email protected]>

* refactor: replace ftypes.Gradle with packageurl.TypeGradle (aquasecurity#7323)

Signed-off-by: nikpivkin <[email protected]>

* docs: update air-gapped docs (aquasecurity#7160)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(misconf): Update callsites to use correct naming (aquasecurity#7335)

* chore(deps): bump the common group with 9 updates (aquasecurity#7333)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(misconf): change default TLS values for the Azure storage account (aquasecurity#7345)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): highlight only affected rows (aquasecurity#7310)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): wrap Azure PortRange in iac types (aquasecurity#7357)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): scanning support for YAML and JSON (aquasecurity#7311)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): variable support for Terraform Plan (aquasecurity#7228)

Signed-off-by: nikpivkin <[email protected]>

* fix: safely check if the directory exists (aquasecurity#7353)

Signed-off-by: nikpivkin <[email protected]>

* chore(deps): bump the aws group across 1 directory with 7 updates (aquasecurity#7358)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat(server): add internal `--path-prefix` flag for client/server mode (aquasecurity#7321)

Signed-off-by: knqyf263 <[email protected]>

* chore(deps): bump trivy-checks (aquasecurity#7350)

Signed-off-by: nikpivkin <[email protected]>

* refactor(misconf): use slog (aquasecurity#7295)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): ignore duplicate checks (aquasecurity#7317)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): init frameworks before updating them (aquasecurity#7376)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): support deprecating for Go checks (aquasecurity#7377)

Signed-off-by: nikpivkin <[email protected]>

* feat(python): use minimum version for pip packages (aquasecurity#7348)

* docs: add pkg flags to config file page (aquasecurity#7370)

* feat(misconf): Add support for using spec from on-disk bundle (aquasecurity#7179)

* fix(report): escape `Message` field in `asff.tpl` template (aquasecurity#7401)

* fix(misconf): use module to log when metadata retrieval fails (aquasecurity#7405)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): support for ignore by nested attributes (aquasecurity#7205)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): do not filter Terraform plan JSON by name (aquasecurity#7406)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): port and protocol support for EC2 networks (aquasecurity#7146)

Signed-off-by: nikpivkin <[email protected]>

* chore: fix allow rule of ignoring test files to make it case insensitive (aquasecurity#7415)

* fix(secret): use only line with secret for long secret lines (aquasecurity#7412)

* chore: update CODEOWNERS (aquasecurity#7398)

Signed-off-by: knqyf263 <[email protected]>

* feat(server): Make Trivy Server Multiplexer Exported (aquasecurity#7389)

* feat(report): export modified findings in JSON (aquasecurity#7383)

Signed-off-by: knqyf263 <[email protected]>

* fix(sbom): use `NOASSERTION` for licenses fields in SPDX formats (aquasecurity#7403)

* fix(misconf): do not register Rego libs in checks registry (aquasecurity#7420)

Signed-off-by: nikpivkin <[email protected]>

* chore(deps): Bump trivy-checks (aquasecurity#7417)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* fix(misconf): do not recreate filesystem map (aquasecurity#7416)

Signed-off-by: nikpivkin <[email protected]>

* fix(secret): use `.eyJ` keyword for JWT secret (aquasecurity#7410)

* fix(misconf): fix infer type for null value (aquasecurity#7424)

Signed-off-by: nikpivkin <[email protected]>

* fix(aws): handle ECR repositories in different regions (aquasecurity#6217)

Signed-off-by: Kevin Conner <[email protected]>

* fix: logger initialization before flags parsing (aquasecurity#7372)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(nodejs): check all `importers` to detect dev deps from pnpm-lock.yaml file (aquasecurity#7387)

* test: add integration plugin tests (aquasecurity#7299)

* feat(sbom): set User-Agent header on requests to Rekor (aquasecurity#7396)

Signed-off-by: Bob Callaway <[email protected]>

* fix(helm): explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element (aquasecurity#7362)

* chore(deps): Bump trivy-checks and pin OPA (aquasecurity#7427)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* feat(java): add `test` scope support for `pom.xml` files (aquasecurity#7414)

* fix(license): add license handling to JUnit template (aquasecurity#7409)

* feat(go): use `toolchain` as `stdlib` version for `go.mod` files (aquasecurity#7163)

* release: v0.55.0 [main] (aquasecurity#7271)

* fix(license): stop spliting a long license text (aquasecurity#7336)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (aquasecurity#7451)

* chore(helm): bump up Trivy Helm chart (aquasecurity#7441)

* chore(deps): bump the common group across 1 directory with 19 updates (aquasecurity#7436)

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <[email protected]>

* chore(deps): bump the aws group with 6 updates (aquasecurity#7468)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix(oracle): Update EOL date for Oracle 7 (aquasecurity#7480)

* fix(report): change a receiver of MarshalJSON (aquasecurity#7483)

Signed-off-by: knqyf263 <[email protected]>

* fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (aquasecurity#7463)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (aquasecurity#7449)

* feat(license): improve license normalization (aquasecurity#7131)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* docs(db): add a manifest example (aquasecurity#7485)

Signed-off-by: knqyf263 <[email protected]>

* revert(java): stop supporting of `test` scope for `pom.xml` files (aquasecurity#7488)

* docs: refine go docs (aquasecurity#7442)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* chore(vex): suppress openssl vulnerabilities (aquasecurity#7500)

Signed-off-by: knqyf263 <[email protected]>

* chore(deps): bump alpine from 3.20.0 to 3.20.3 (aquasecurity#7508)

* chore(vex): add `CVE-2024-34155`, `CVE-2024-34156` and `CVE-2024-34158` in `trivy.openvex.json` (aquasecurity#7510)

* fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents (aquasecurity#7497)

* refactor: split `.egg` and `packaging` analyzers (aquasecurity#7514)

* feat(misconf): Register checks only when needed (aquasecurity#7435)

* fix(misconf): Fix logging typo (aquasecurity#7473)

* chore(deps): bump go-ebs-file (aquasecurity#7513)

Signed-off-by: nikpivkin <[email protected]>

* fix(sbom): parse type `framework` as `library` when unmarshalling `CycloneDX` files (aquasecurity#7527)

* refactor(misconf): pass options to Rego scanner as is (aquasecurity#7529)

Signed-off-by: nikpivkin <[email protected]>

* fix(sbom): export bom-ref when converting a package to a component (aquasecurity#7340)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: amf <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* perf(misconf): use port ranges instead of enumeration (aquasecurity#7549)

Signed-off-by: nikpivkin <[email protected]>

* fix(misconf): Fixed scope for China Cloud (aquasecurity#7560)

* docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (aquasecurity#7458)

* chore(deps): remove broken replaces for opa and discovery (aquasecurity#7600)

* ci: cache test images for `integration`, `VM` and `module` tests (aquasecurity#7599)

* ci: add `workflow_dispatch` trigger for test workflow. (aquasecurity#7606)

* chore(deps): bump the common group across 1 directory with 20 updates (aquasecurity#7604)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <[email protected]>

* fix(db): check `DownloadedAt` for `trivy-java-db` (aquasecurity#7592)

* fix: allow access to '..' in mapfs (aquasecurity#7575)

Signed-off-by: nikpivkin <[email protected]>

* test: use a local registry for remote scanning (aquasecurity#7607)

Signed-off-by: knqyf263 <[email protected]>

* fix(misconf): escape all special sequences (aquasecurity#7558)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): add ability to disable checks by ID (aquasecurity#7536)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: Simar <[email protected]>

* feat(suse): added SUSE Linux Enterprise Micro support (aquasecurity#7294)

Signed-off-by: Marcus Meissner <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* fix(misconf): disable DS016 check for image history analyzer (aquasecurity#7540)

Signed-off-by: nikpivkin <[email protected]>

* ci: split `save` and `restore` cache actions (aquasecurity#7614)

* refactor: fix auth error handling (aquasecurity#7615)

Signed-off-by: knqyf263 <[email protected]>

* feat(secret): enhance secret scanning for python binary files (aquasecurity#7223)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: knqyf263 <[email protected]>

* feat(java): add empty versions if `pom.xml` dependency versions can't be detected (aquasecurity#7520)

Co-authored-by: Teppei Fukuda <[email protected]>

* test: use loaded image names (aquasecurity#7617)

Signed-off-by: knqyf263 <[email protected]>

* ci: don't use cache for `setup-go` (aquasecurity#7622)

* feat: support multiple DB repositories for vulnerability and Java DB (aquasecurity#7605)

Signed-off-by: nikpivkin <[email protected]>

* feat(misconf): Support `--skip-*` for all included modules  (aquasecurity#7579)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: nikpivkin <[email protected]>

* chore: add prefixes to log messages (aquasecurity#7625)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: simar7 <[email protected]>

* fix(misconf): Disable deprecated checks by default (aquasecurity#7632)

* chore(deps): Bump trivy-checks to v1.1.0 (aquasecurity#7631)

* fix(secret): change grafana token regex to find them without unquoted (aquasecurity#7627)

* feat: support RPM archives (aquasecurity#7628)

Signed-off-by: knqyf263 <[email protected]>

* fix(misconf): not to warn about missing selectors of libraries (aquasecurity#7638)

Signed-off-by: nikpivkin <[email protected]>

* release: v0.56.0 [main] (aquasecurity#7447)

* fix(db): fix javadb downloading error handling [backport: release/v0.56] (aquasecurity#7646)

Signed-off-by: nikpivkin <[email protected]>
Co-authored-by: Nikita Pivkin <[email protected]>

* release: v0.56.1 [release/v0.56] (aquasecurity#7648)

* fix(sbom): add options for DBs in private registries [backport: release/v0.56] (aquasecurity#7691)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>

* fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (aquasecurity#7702)

Signed-off-by: knqyf263 <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>

* release: v0.56.2 [release/v0.56] (aquasecurity#7694)

* Make liveness probe configurable (#3)

---------

Signed-off-by: yusuke.koyoshi <[email protected]>
Signed-off-by: knqyf263 <[email protected]>
Signed-off-by: nikpivkin <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Kevin Conner <[email protected]>
Signed-off-by: Bob Callaway <[email protected]>
Signed-off-by: Marcus Meissner <[email protected]>
Co-authored-by: yusuke-koyoshi <[email protected]>
Co-authored-by: Teppei Fukuda <[email protected]>
Co-authored-by: Aruneko <[email protected]>
Co-authored-by: Colm O hEigeartaigh <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: afdesk <[email protected]>
Co-authored-by: Nikita Pivkin <[email protected]>
Co-authored-by: Alberto Donato <[email protected]>
Co-authored-by: simar7 <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Itay Shakury <[email protected]>
Co-authored-by: DmitriyLewen <[email protected]>
Co-authored-by: aasish-r <[email protected]>
Co-authored-by: Ori <[email protected]>
Co-authored-by: Kevin Conner <[email protected]>
Co-authored-by: Bob Callaway <[email protected]>
Co-authored-by: vhash <[email protected]>
Co-authored-by: psibre <[email protected]>
Co-authored-by: Aqua Security automated builds <[email protected]>
Co-authored-by: s-reddy1498 <[email protected]>
Co-authored-by: Squiddim <[email protected]>
Co-authored-by: Pierre Baumard <[email protected]>
Co-authored-by: Lior Kaplan <[email protected]>
Co-authored-by: amf <[email protected]>
Co-authored-by: bloomadcariad <[email protected]>
Co-authored-by: Sylvain Baubeau <[email protected]>
Co-authored-by: Simar <[email protected]>
Co-authored-by: Marcus Meissner <[email protected]>
Co-authored-by: Samuel Gaist <[email protected]>
fhielpos pushed a commit to giantswarm/trivy-upstream that referenced this pull request Dec 20, 2024
…aquasecurity#7604)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: knqyf263 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant