Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump golang.org/x/crypto from 0.10.0 to 0.11.0 #153

Merged
merged 1 commit into from
Jul 18, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 10, 2023

Bumps golang.org/x/crypto from 0.10.0 to 0.11.0.

Commits
  • e984872 go.mod: update golang.org/x dependencies
  • 183630a x509roots: generate a stable sort, for real this time
  • a9e447d x509roots/fallback: add //go:build go1.20 to bundle.go
  • 64c3993 ssh: add hmac-sha2-512
  • 5fe8145 x509roots: remove list hash and generation date, change ordering
  • 043e94c x509roots: fix generate script argument checking
  • 0d502d7 x509roots: use "generate" build tag
  • 0ff6005 ssh/test: set a timeout and WaitDelay on sshd subcommands
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @priteshbandi.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 10, 2023
@dependabot dependabot bot requested a review from shizhMSFT as a code owner July 10, 2023 16:57
@dependabot dependabot bot added the go Pull requests that update Go code label Jul 10, 2023
@codecov-commenter
Copy link

codecov-commenter commented Jul 10, 2023

Codecov Report

Merging #153 (4d7c7ca) into main (6a0651c) will not change coverage.
The diff coverage is n/a.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff           @@
##             main     #153   +/-   ##
=======================================
  Coverage   89.13%   89.13%           
=======================================
  Files          21       21           
  Lines        1693     1693           
=======================================
  Hits         1509     1509           
  Misses        149      149           
  Partials       35       35           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shizhMSFT
Copy link
Contributor

@dependabot merge

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 18, 2023

Dependabot tried to merge this PR, but received the following error from GitHub:

At least 3 approving reviews are required by reviewers with write access.

Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@priteshbandi
Copy link
Contributor

@dependabot merge

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.10.0 to 0.11.0.
- [Commits](golang/crypto@v0.10.0...v0.11.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/golang.org/x/crypto-0.11.0 branch from 4ff72fc to 4d7c7ca Compare July 18, 2023 15:09
@dependabot dependabot bot merged commit 45cdd4e into main Jul 18, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/golang.org/x/crypto-0.11.0 branch July 18, 2023 15:13
@shizhMSFT shizhMSFT mentioned this pull request Jul 21, 2023
6 tasks
fanndu pushed a commit to fanndu/notation-core-go that referenced this pull request Jul 21, 2023
fanndu pushed a commit to fanndu/notation-core-go that referenced this pull request Jul 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants