Update all non-major dependencies (#1646) · zarf-dev/zarf@8d905f7

Commit

Update all non-major dependencies (#1646)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence | Type |
Update |
|---|---|---|---|---|---|---|---|
| @&#8203;defense-unicorns/unicorn-ui | [`^0.0.47` ->
`^0.0.48`](https://renovatebot.com/diffs/npm/@defense-unicorns%2funicorn-ui/0.0.47/0.0.48)
|
[![age](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.48/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.48/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.48/compatibility-slim/0.0.47)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@defense-unicorns%2funicorn-ui/0.0.48/confidence-slim/0.0.47)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch |
| [@floating-ui/dom](https://floating-ui.com)
([source](https://togithub.com/floating-ui/floating-ui)) | [`1.2.6` ->
`1.2.7`](https://renovatebot.com/diffs/npm/@floating-ui%2fdom/1.2.6/1.2.7)
|
[![age](https://badges.renovateapi.com/packages/npm/@floating-ui%2fdom/1.2.7/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@floating-ui%2fdom/1.2.7/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@floating-ui%2fdom/1.2.7/compatibility-slim/1.2.6)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@floating-ui%2fdom/1.2.7/confidence-slim/1.2.6)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch |
| [@playwright/test](https://playwright.dev)
([source](https://togithub.com/Microsoft/playwright)) | [`1.32.3` ->
`1.33.0`](https://renovatebot.com/diffs/npm/@playwright%2ftest/1.32.3/1.33.0)
|
[![age](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.33.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.33.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.33.0/compatibility-slim/1.32.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.33.0/confidence-slim/1.32.3)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [@sveltejs/kit](https://kit.svelte.dev)
([source](https://togithub.com/sveltejs/kit)) | [`1.15.7` ->
`1.16.3`](https://renovatebot.com/diffs/npm/@sveltejs%2fkit/1.15.7/1.16.3)
|
[![age](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.16.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.16.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.16.3/compatibility-slim/1.15.7)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.16.3/confidence-slim/1.15.7)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
|
[@typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/typescript-eslint)
| [`5.59.0` ->
`5.59.5`](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/5.59.0/5.59.5)
|
[![age](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2feslint-plugin/5.59.5/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2feslint-plugin/5.59.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2feslint-plugin/5.59.5/compatibility-slim/5.59.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2feslint-plugin/5.59.5/confidence-slim/5.59.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |
|
[@typescript-eslint/parser](https://togithub.com/typescript-eslint/typescript-eslint)
| [`5.59.0` ->
`5.59.5`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/5.59.0/5.59.5)
|
[![age](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2fparser/5.59.5/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2fparser/5.59.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2fparser/5.59.5/compatibility-slim/5.59.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@typescript-eslint%2fparser/5.59.5/confidence-slim/5.59.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |
| [anchore/sbom-action](https://togithub.com/anchore/sbom-action) |
`v0.14.1` -> `v0.14.2` |
[![age](https://badges.renovateapi.com/packages/github-tags/anchore%2fsbom-action/v0.14.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/github-tags/anchore%2fsbom-action/v0.14.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/github-tags/anchore%2fsbom-action/v0.14.2/compatibility-slim/v0.14.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/github-tags/anchore%2fsbom-action/v0.14.2/confidence-slim/v0.14.1)](https://docs.renovatebot.com/merge-confidence/)
| action | patch |
| [cuelang.org/go](https://togithub.com/cue-lang/cue) | `v0.4.3` ->
`v0.5.0` |
[![age](https://badges.renovateapi.com/packages/go/cuelang.org%2fgo/v0.5.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/cuelang.org%2fgo/v0.5.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/cuelang.org%2fgo/v0.5.0/compatibility-slim/v0.4.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/cuelang.org%2fgo/v0.5.0/confidence-slim/v0.4.3)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [eslint](https://eslint.org)
([source](https://togithub.com/eslint/eslint)) | [`8.39.0` ->
`8.40.0`](https://renovatebot.com/diffs/npm/eslint/8.39.0/8.40.0) |
[![age](https://badges.renovateapi.com/packages/npm/eslint/8.40.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/eslint/8.40.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/eslint/8.40.0/compatibility-slim/8.39.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/eslint/8.40.0/confidence-slim/8.39.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [flate2](https://togithub.com/rust-lang/flate2-rs) | `1.0.25` ->
`1.0.26` |
[![age](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/compatibility-slim/1.0.25)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/crate/flate2/1.0.26/confidence-slim/1.0.25)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | patch |
| [github.com/anchore/syft](https://togithub.com/anchore/syft) |
`v0.79.0` -> `v0.80.0` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.80.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.80.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.80.0/compatibility-slim/v0.79.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.80.0/confidence-slim/v0.79.0)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [github.com/derailed/k9s](https://togithub.com/derailed/k9s) |
`v0.27.3` -> `v0.27.4` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fderailed%2fk9s/v0.27.4/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fderailed%2fk9s/v0.27.4/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fderailed%2fk9s/v0.27.4/compatibility-slim/v0.27.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fderailed%2fk9s/v0.27.4/confidence-slim/v0.27.3)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
|
[github.com/distribution/distribution](https://togithub.com/distribution/distribution)
| `v2.8.1+incompatible` -> `v2.8.2+incompatible` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fdistribution%2fdistribution/v2.8.2+incompatible/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fdistribution%2fdistribution/v2.8.2+incompatible/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fdistribution%2fdistribution/v2.8.2+incompatible/compatibility-slim/v2.8.1+incompatible)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fdistribution%2fdistribution/v2.8.2+incompatible/confidence-slim/v2.8.1+incompatible)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
| [github.com/docker/cli](https://togithub.com/docker/cli) |
`v23.0.4+incompatible` -> `v23.0.6+incompatible` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fdocker%2fcli/v23.0.6+incompatible/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fdocker%2fcli/v23.0.6+incompatible/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fdocker%2fcli/v23.0.6+incompatible/compatibility-slim/v23.0.4+incompatible)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fdocker%2fcli/v23.0.6+incompatible/confidence-slim/v23.0.4+incompatible)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
|
[github.com/google/go-containerregistry](https://togithub.com/google/go-containerregistry)
| `v0.14.0` -> `v0.15.1` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fgoogle%2fgo-containerregistry/v0.15.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fgoogle%2fgo-containerregistry/v0.15.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fgoogle%2fgo-containerregistry/v0.15.1/compatibility-slim/v0.14.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fgoogle%2fgo-containerregistry/v0.15.1/confidence-slim/v0.14.0)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [github.com/moby/moby](https://togithub.com/moby/moby) |
`v23.0.4+incompatible` -> `v23.0.6+incompatible` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fmoby%2fmoby/v23.0.6+incompatible/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fmoby%2fmoby/v23.0.6+incompatible/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fmoby%2fmoby/v23.0.6+incompatible/compatibility-slim/v23.0.4+incompatible)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fmoby%2fmoby/v23.0.6+incompatible/confidence-slim/v23.0.4+incompatible)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
|
[github.com/opencontainers/image-spec](https://togithub.com/opencontainers/image-spec)
| `v1.1.0-rc2.0.20221005185240-3a7f492d3f1b` -> `v1.1.0-rc3` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fopencontainers%2fimage-spec/v1.1.0-rc3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fopencontainers%2fimage-spec/v1.1.0-rc3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fopencontainers%2fimage-spec/v1.1.0-rc3/compatibility-slim/v1.1.0-rc2.0.20221005185240-3a7f492d3f1b)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fopencontainers%2fimage-spec/v1.1.0-rc3/confidence-slim/v1.1.0-rc2.0.20221005185240-3a7f492d3f1b)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
`v2.3.0` -> `v2.3.3` |
[![age](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/compatibility-slim/v2.3.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/confidence-slim/v2.3.0)](https://docs.renovatebot.com/merge-confidence/)
| action | patch |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
`v2.3.2` -> `v2.3.3` |
[![age](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/compatibility-slim/v2.3.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/github-tags/github%2fcodeql-action/v2.3.3/confidence-slim/v2.3.2)](https://docs.renovatebot.com/merge-confidence/)
| action | patch |
| golang.org/x/crypto | `v0.8.0` -> `v0.9.0` |
[![age](https://badges.renovateapi.com/packages/go/golang.org%2fx%2fcrypto/v0.9.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/golang.org%2fx%2fcrypto/v0.9.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/golang.org%2fx%2fcrypto/v0.9.0/compatibility-slim/v0.8.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/golang.org%2fx%2fcrypto/v0.9.0/confidence-slim/v0.8.0)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [helm.sh/helm/v3](https://togithub.com/helm/helm) | `v3.11.3` ->
`v3.12.0` |
[![age](https://badges.renovateapi.com/packages/go/helm.sh%2fhelm%2fv3/v3.12.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/helm.sh%2fhelm%2fv3/v3.12.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/helm.sh%2fhelm%2fv3/v3.12.0/compatibility-slim/v3.11.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/helm.sh%2fhelm%2fv3/v3.12.0/confidence-slim/v3.11.3)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [k8s.io/api](https://togithub.com/kubernetes/api) | `v0.26.4` ->
`v0.27.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fapi/v0.27.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fapi/v0.27.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fapi/v0.27.1/compatibility-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fapi/v0.27.1/confidence-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [k8s.io/apimachinery](https://togithub.com/kubernetes/apimachinery) |
`v0.26.4` -> `v0.27.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fapimachinery/v0.27.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fapimachinery/v0.27.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fapimachinery/v0.27.1/compatibility-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fapimachinery/v0.27.1/confidence-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [k8s.io/client-go](https://togithub.com/kubernetes/client-go) |
`v0.26.4` -> `v0.27.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fclient-go/v0.27.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fclient-go/v0.27.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fclient-go/v0.27.1/compatibility-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fclient-go/v0.27.1/confidence-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
|
[k8s.io/component-base](https://togithub.com/kubernetes/component-base)
| `v0.26.4` -> `v0.27.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fcomponent-base/v0.27.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fcomponent-base/v0.27.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fcomponent-base/v0.27.1/compatibility-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fcomponent-base/v0.27.1/confidence-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [k8s.io/klog/v2](https://togithub.com/kubernetes/klog) | `v2.90.1` ->
`v2.100.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fklog%2fv2/v2.100.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fklog%2fv2/v2.100.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fklog%2fv2/v2.100.1/compatibility-slim/v2.90.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fklog%2fv2/v2.100.1/confidence-slim/v2.90.1)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [k8s.io/kubectl](https://togithub.com/kubernetes/kubectl) | `v0.26.4`
-> `v0.27.1` |
[![age](https://badges.renovateapi.com/packages/go/k8s.io%2fkubectl/v0.27.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/k8s.io%2fkubectl/v0.27.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/k8s.io%2fkubectl/v0.27.1/compatibility-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/k8s.io%2fkubectl/v0.27.1/confidence-slim/v0.26.4)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| oras.land/oras-go/v2 | `v2.0.2` -> `v2.1.0` |
[![age](https://badges.renovateapi.com/packages/go/oras.land%2foras-go%2fv2/v2.1.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/oras.land%2foras-go%2fv2/v2.1.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/oras.land%2foras-go%2fv2/v2.1.0/compatibility-slim/v2.0.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/oras.land%2foras-go%2fv2/v2.1.0/confidence-slim/v2.0.2)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [playwright](https://playwright.dev)
([source](https://togithub.com/Microsoft/playwright)) | [`1.32.3` ->
`1.33.0`](https://renovatebot.com/diffs/npm/playwright/1.32.3/1.33.0) |
[![age](https://badges.renovateapi.com/packages/npm/playwright/1.33.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/playwright/1.33.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/playwright/1.33.0/compatibility-slim/1.32.3)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/playwright/1.33.0/confidence-slim/1.32.3)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [quicktype](https://togithub.com/quicktype/quicktype) | [`23.0.21` ->
`23.0.30`](https://renovatebot.com/diffs/npm/quicktype/23.0.21/23.0.30)
|
[![age](https://badges.renovateapi.com/packages/npm/quicktype/23.0.30/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/quicktype/23.0.30/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/quicktype/23.0.30/compatibility-slim/23.0.21)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/quicktype/23.0.30/confidence-slim/23.0.21)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |
| [sass](https://togithub.com/sass/dart-sass) | [`1.62.0` ->
`1.62.1`](https://renovatebot.com/diffs/npm/sass/1.62.0/1.62.1) |
[![age](https://badges.renovateapi.com/packages/npm/sass/1.62.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/sass/1.62.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/sass/1.62.1/compatibility-slim/1.62.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/sass/1.62.1/confidence-slim/1.62.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |
|
[sigs.k8s.io/kustomize/api](https://togithub.com/kubernetes-sigs/kustomize)
| `v0.12.1` -> `v0.13.4` |
[![age](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fapi/v0.13.4/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fapi/v0.13.4/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fapi/v0.13.4/compatibility-slim/v0.12.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fapi/v0.13.4/confidence-slim/v0.12.1)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [svelte](https://svelte.dev)
([source](https://togithub.com/sveltejs/svelte)) | [`3.58.0` ->
`3.59.1`](https://renovatebot.com/diffs/npm/svelte/3.58.0/3.59.1) |
[![age](https://badges.renovateapi.com/packages/npm/svelte/3.59.1/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/svelte/3.59.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/svelte/3.59.1/compatibility-slim/3.58.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/svelte/3.59.1/confidence-slim/3.58.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [svelte-check](https://togithub.com/sveltejs/language-tools) |
[`3.2.0` ->
`3.3.2`](https://renovatebot.com/diffs/npm/svelte-check/3.2.0/3.3.2) |
[![age](https://badges.renovateapi.com/packages/npm/svelte-check/3.3.2/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/svelte-check/3.3.2/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/svelte-check/3.3.2/compatibility-slim/3.2.0)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/svelte-check/3.3.2/confidence-slim/3.2.0)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [vite](https://togithub.com/vitejs/vite/tree/main/#readme)
([source](https://togithub.com/vitejs/vite)) | [`4.3.1` ->
`4.3.5`](https://renovatebot.com/diffs/npm/vite/4.3.1/4.3.5) |
[![age](https://badges.renovateapi.com/packages/npm/vite/4.3.5/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/vite/4.3.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/vite/4.3.5/compatibility-slim/4.3.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/vite/4.3.5/confidence-slim/4.3.1)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the
Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>floating-ui/floating-ui</summary>

###
[`v1.2.7`](https://togithub.com/floating-ui/floating-ui/releases/tag/%40floating-ui/dom%401.2.7)

[Compare
Source](https://togithub.com/floating-ui/floating-ui/compare/@floating-ui/[email protected]...@floating-ui/[email protected])

#### Bug Fixes

- fix(getClippingRect): incorrect clipping rect calculation with
`position: fixed` ancestors
([#&#8203;2291](https://togithub.com/floating-ui/floating-ui/issues/2291))

- fix(autoUpdate): prevent `animationFrame: true` from disabling
visualViewport scrolling updates
([#&#8203;2303](https://togithub.com/floating-ui/floating-ui/issues/2303))

</details>

<details>
<summary>Microsoft/playwright</summary>

###
[`v1.33.0`](https://togithub.com/microsoft/playwright/releases/tag/v1.33.0)

[Compare
Source](https://togithub.com/Microsoft/playwright/compare/v1.32.3...v1.33.0)

##### Locators Update

- Use [`locator.or()`][locator.or()] to create a locator that matches
either of the two locators.
Consider a scenario where you'd like to click on a "New email" button,
but sometimes a security settings dialog shows up instead.
In this case, you can wait for either a "New email" button, or a dialog
and act accordingly:

    ```js
    const newEmail = page.getByRole('button', { name: 'New' });
    const dialog = page.getByText('Confirm security settings');
    await expect(newEmail.or(dialog)).toBeVisible();
    if (await dialog.isVisible())
      await page.getByRole('button', { name: 'Dismiss' }).click();
    await newEmail.click();
    ```
- Use new options `hasNot` and `hasNotText` in
[`locator.filter()`][locator.filter()]
    to find elements that **do not match** certain conditions.

    ```js
    const rowLocator = page.locator('tr');
    await rowLocator
        .filter({ hasNotText: 'text in column 1' })
.filter({ hasNot: page.getByRole('button', { name: 'column 2 button' })
})
        .screenshot();
    ```
- Use new web-first assertion
[`locatorAssertions.toBeAttached()`][locatorAssertions.toBeAttached()]
to ensure that the element
is present in the page's DOM. Do not confuse with the
[`locatorAssertions.toBeVisible()`][locatorAssertions.toBeVisible()]
that ensures that
    element is both attached & visible.

##### New APIs

-   [`locator.or()`][locator.or()]
-   New option `hasNot` in [`locator.filter()`][locator.filter()]
-   New option `hasNotText` in [`locator.filter()`][locator.filter()]
- [`locatorAssertions.toBeAttached()`][locatorAssertions.toBeAttached()]
-   New option `timeout` in [`route.fetch()`][route.fetch()]
-   [`reporter.onExit()`][reporter.onExit()]

##### ⚠️ Breaking change

- The `mcr.microsoft.com/playwright:v1.33.0` now serves a Playwright
image based on Ubuntu Jammy.
To use the focal-based image, please use
`mcr.microsoft.com/playwright:v1.33.0-focal` instead.

##### Browser Versions

-   Chromium 113.0.5672.53
-   Mozilla Firefox 112.0
-   WebKit 16.4

This version was also tested against the following stable channels:

-   Google Chrome 112
-   Microsoft Edge 112

[`locator.or()`]:
https://playwright.dev/docs/api/class-locator#locator-or

[`reporter.onExit()`]:
https://playwright.dev/docs/api/class-reporter#reporter-on-exit

[`locator.filter()`]:
https://playwright.dev/docs/api/class-locator#locator-filter

[`locatorAssertions.toBeAttached()`]:
https://playwright.dev/docs/api/class-locatorassertions#locator-assertions-to-be-attached

[`locatorAssertions.toBeVisible()`]:
https://playwright.dev/docs/api/class-locatorassertions#locator-assertions-to-be-visible

[`route.fetch()`]:
https://playwright.dev/docs/api/class-route#route-fetch

</details>

<details>
<summary>sveltejs/kit</summary>

###
[`v1.16.3`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1163)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: entry generation with mixed segments
([#&#8203;9879](https://togithub.com/sveltejs/kit/pull/9879))

- fix: use `focusVisible: false` to prevent unwanted focus ring on
navigation ([#&#8203;9861](https://togithub.com/sveltejs/kit/pull/9861))

###
[`v1.16.2`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1162)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: support Node 20
([`6e2efcf62`](https://togithub.com/sveltejs/kit/commit/6e2efcf627ce8d179c941212d761aa93568b1724))

- fix: reset focus synchronously on navigation
([#&#8203;9837](https://togithub.com/sveltejs/kit/pull/9837))

###
[`v1.16.1`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1161)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: realign state.branch on the client on first load
([#&#8203;9754](https://togithub.com/sveltejs/kit/pull/9754))

- fix: update `$page.data` correctly after invalidate
([#&#8203;9798](https://togithub.com/sveltejs/kit/pull/9798))

- fix: file not found in manifest
([#&#8203;9846](https://togithub.com/sveltejs/kit/pull/9846))

###
[`v1.16.0`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1160)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Minor Changes

- feat: route-level entry generators via `export const entries`
([#&#8203;9571](https://togithub.com/sveltejs/kit/pull/9571))

###
[`v1.15.11`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;11511)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- chore: more compact representation for invalidated search param
([#&#8203;9708](https://togithub.com/sveltejs/kit/pull/9708))

- chore: fix import path to app script on windows
([#&#8203;9743](https://togithub.com/sveltejs/kit/pull/9743))

- fix: make $app/navigation more resilient to bundler reordering
([#&#8203;9808](https://togithub.com/sveltejs/kit/pull/9808))

- fix: page load `fetch()` now accepts the same input types for the body
as the native fetch function
([#&#8203;9801](https://togithub.com/sveltejs/kit/pull/9801))

- fix: handle preload and filterSerializedResponseHeaders in sequence
function ([#&#8203;9741](https://togithub.com/sveltejs/kit/pull/9741))

###
[`v1.15.10`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;11510)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: log whole error object in default handleError
([#&#8203;9791](https://togithub.com/sveltejs/kit/pull/9791))

###
[`v1.15.9`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1159)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: correctly replace state when `data-sveltekit-replacestate` is
used with a hash link
([#&#8203;9751](https://togithub.com/sveltejs/kit/pull/9751))

- fix: compute trailing slash on page server / data request
([#&#8203;9738](https://togithub.com/sveltejs/kit/pull/9738))

- fix: update vite-plugin-svelte to fix windows resolution issue
([#&#8203;9769](https://togithub.com/sveltejs/kit/pull/9769))

###
[`v1.15.8`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;1158)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- chore: revert undici pin and upgrade version
([#&#8203;9740](https://togithub.com/sveltejs/kit/pull/9740))

- chore: upgrade vite-plugin-svelte for resolve improvements and
warnings ([#&#8203;9742](https://togithub.com/sveltejs/kit/pull/9742))

</details>

<details>
<summary>typescript-eslint/typescript-eslint
(@&#8203;typescript-eslint/eslint-plugin)</summary>

###
[`v5.59.5`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#&#8203;5595-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5594v5595-2023-05-08)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.2...v5.59.5)

**Note:** Version bump only for package
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)

###
[`v5.59.2`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#&#8203;5592-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5591v5592-2023-05-01)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.1...v5.59.2)

**Note:** Version bump only for package
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)

###
[`v5.59.1`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#&#8203;5591-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5590v5591-2023-04-24)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.0...v5.59.1)

##### Bug Fixes

- **eslint-plugin:** \[prefer-regexp-exec] skip malformed regexes
([#&#8203;6935](https://togithub.com/typescript-eslint/typescript-eslint/issues/6935))
([05ed60e](https://togithub.com/typescript-eslint/typescript-eslint/commit/05ed60e25f1de9d1bb83d56c81a349130960bec8))
- **eslint-plugin:** \[unified-signatures] no parameters function
([#&#8203;6940](https://togithub.com/typescript-eslint/typescript-eslint/issues/6940))
([2970861](https://togithub.com/typescript-eslint/typescript-eslint/commit/297086154acc568a0ae8eb41c8977b7a7ba4e0ed))

</details>

<details>
<summary>typescript-eslint/typescript-eslint
(@&#8203;typescript-eslint/parser)</summary>

###
[`v5.59.5`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#&#8203;5595-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5594v5595-2023-05-08)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.2...v5.59.5)

**Note:** Version bump only for package
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)

###
[`v5.59.2`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#&#8203;5592-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5591v5592-2023-05-01)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.1...v5.59.2)

**Note:** Version bump only for package
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)

###
[`v5.59.1`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#&#8203;5591-httpsgithubcomtypescript-eslinttypescript-eslintcomparev5590v5591-2023-04-24)

[Compare
Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v5.59.0...v5.59.1)

**Note:** Version bump only for package
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)

</details>

<details>
<summary>anchore/sbom-action</summary>

###
[`v0.14.2`](https://togithub.com/anchore/sbom-action/releases/tag/v0.14.2)

[Compare
Source](https://togithub.com/anchore/sbom-action/compare/v0.14.1...v0.14.2)

#### Changes in v0.14.2

- Update Syft to v0.80.0
([#&#8203;415](https://togithub.com/anchore/sbom-action/issues/415))
- Make sure all invalid artifact name characters are replaced
[#&#8203;396](https://togithub.com/anchore/sbom-action/issues/396)
([#&#8203;417](https://togithub.com/anchore/sbom-action/issues/417))
\[[lts-po](https://togithub.com/lts-po)]
- Ensure SBOM is copied to `output-file`
([#&#8203;411](https://togithub.com/anchore/sbom-action/issues/411))
\[[gszr](https://togithub.com/gszr)]

</details>

<details>
<summary>cue-lang/cue</summary>

### [`v0.5.0`](https://togithub.com/cue-lang/cue/releases/tag/v0.5.0)

[Compare
Source](https://togithub.com/cue-lang/cue/compare/v0.4.3...v0.5.0)

This release focuses on changes to the implementation of comprehensions,
the algorithm for detecting cycles in CUE, and the reimplementation of
`let` comprehensions as fields.

Also included are a number of bug fixes and changes to help the
[KubeVela project](https://kubevela.io/) upgrade off CUE v0.2.2 to the
latest release. v0.5.0 is the first release since v0.4.3 back in April
2022. It has been a long time in the making, and is comprised of 277
commits.

It is worth noting that we do not plan nor wish for such long gaps
between releases. For more details on upcoming releases and steps we are
taking to increase release cadence as well as our confidence in each
release, please see [this discussion](https://cuelang.org/issue/2335).

As a reminder: users can register their projects with `unity`, our
regression and performance testing setup. `unity` is used to ensure that
a project's CUE evaluations do not unexpectedly stop working, or regress
in terms of performance. `unity` continues to catch multiple issues with
each release. Adding your project to `unity` not only guarantees that we
will not break your tests (if we do, we will work with you to fix your
CUE code), but it also helps to improve the quality of each CUE release.
We are currently in the process of releasing Unity as a GitHub App on
the public Marketplace. [Sign up](https://forms.gle/cqsdoNZQnQ1efGJy5)
to receive updates; we will be in touch as soon as the GitHub App is
ready.

Thank you to [@&#8203;djosephsen](https://togithub.com/djosephsen),
[@&#8203;joaopapereira](https://togithub.com/joaopapereira),
[@&#8203;mpvl](https://togithub.com/mpvl),
[@&#8203;mvdan](https://togithub.com/mvdan),
[@&#8203;myitcv](https://togithub.com/myitcv),
[@&#8203;qequ](https://togithub.com/qequ),
[@&#8203;rogpeppe](https://togithub.com/rogpeppe),
[@&#8203;rytswd](https://togithub.com/rytswd),
[@&#8203;satotake](https://togithub.com/satotake),
[@&#8203;spachava753](https://togithub.com/spachava753), and
[@&#8203;tmm1](https://togithub.com/tmm1) for contributing to this
release!

#### Project-level changes

Various CI-related changes have been made to simplify and streamline the
GerritHub-based CI setup across the various CUE repositories. A common
`base` package is vendored into each repository and used as a template
for GitHub workflows and other configuration. For those interested in
studying the setup, please see the files beneath
[`internal/ci`](https://togithub.com/cue-lang/cue/tree/a1d9054ffa5b292763538a3fa6cf057a062a145d/internal/ci).

This release drops support for `go1.16.x` , `go1.17.x` and `go1.18.x`,
is tested against `go1.19.x` and `go1.20.x`, and is built using
`go1.20.2`.

Our dependency on `github.com/rogpeppe/go-internal` is upgraded to
`v1.9.0` and various `testscript`-related improvements have been made to
CUE's tests.

[GoReleaser](https://goreleaser.com/) has been upgrade to v1.16.2 as
part of the release workflow. In a related change, [CL
546920](https://cuelang.org/cl/546920) moves us to a CUE-based source
configuration for GoReleaser. This allows us to define the concept of
'latest', state which indicates whether we should perform the homebrew
release and the Docker manifest latest steps. This fixes a long-standing
bug whereby homebrew taps and Docker images were created for the latest
release, regardless of whether that was a pre-release, or indeed a patch
version of a non-current minor version.

As of [CL 547507](https://cuelang.org/cl/547507), CUE build artefacts
published on GitHub are entirely reproducible, thanks to Go's [support
for reproducible, verifiable and verified
builds](https://research.swtch.com/vgo-repro).

#### Encoders

When `cue import`-ing YAML, the `-R` recursive flag now only recursively
interprets text as YAML if it contains a newline [CL
536902](https://cuelang.org/cl/536902).

#### API

Various APIs have been transitioned to drop use of the deprecated
`cue.Runtime` type, as well as migrating away from `cue.Instance` via
`cue.InstanceOrValue`. Some use of these deprecated types remains:
[#&#8203;1035](https://cuelang.org/issue/1035),
[#&#8203;1735](https://cuelang.org/issue/1735),
[#&#8203;1806](https://cuelang.org/issue/1806). These will be tidied up
in later releases as the API surface matures towards v1.0.0.

The `cue` package now supports `InlineImports` for `Value.Syntax` [CL
541561](https://cuelang.org/cl/541561). This leverages new support
within the internal exporter to creating self-contained CUE. This change
also deprecates `Value.ResolveReferences()`.

Package `cue` adds `Selector.Type` to make it easier to pull out
selector-specific information from a selector (for example, it makes it
possible and cheap to retrieve the unquoted string label from a regular
field selector) [CL 542738](https://cuelang.org/cl/542738).

Package `cue` adds `Value.BuildInstance()`. If a `cue.Value` exactly
represents a package, `BuildInstance()` returns the build instance
corresponding to the value [CL 542769](https://cuelang.org/cl/542769).

`cue/stats` is introduced as a new package for getting CUE operation
statistics. The functionality is hoisted from `internal/core/adt`, but
the package should for all practical purposes be seen as a new
implementation. The stats have been aggregated as experimental
functionality to the `tools/flow` package.

[CL 546763](https://cuelang.org/cl/546763) disallowed deprecated
language features in the Go API. These features had long been deprecated
in `cmd/cue`. This means that API operations will now fail on deprecated
features whereas before they were handled in compatibility mode. The
`parser.FromVersion` feature can be used to reenable these deprecated
features.

#### Language

This release does not introduce any language changes. [CL
537264](https://cuelang.org/cl/537264) made some minor adjustments to
the language specification to improve readability.

[CL 541457](https://cuelang.org/cl/541457) removes support for
re-writing of old-style `let` declarations. This had already been
deprecated for a long time and this change was made to enable support
for aliases of embeddings.

#### Core evaluator

##### Per-field comprehensions

One of the major changes introduced in this release is how
comprehensions are handled. [CL 529524](https://cuelang.org/cl/529524)
move the evaluator to a model of per-field comprehensions.

Comprehensions are expanded `for`, `if`, and `let` clauses that yield
zero or more structs to be embedded in the enclosing list or struct.

CUE does not allow cyclic dependencies between comprehensions if they
result in an ambiguous set of fields. It does allow cascading insertions
as in:

    a?: int
    b?: int
    if a != _|_ {
        b: 2
    }
    if b != _|_ {
        c: 3
        d: 4
    }

The way this works is that for fields with a fixed prefix path in a
comprehension value, the comprehension is assigned to these respective
fields.

More concretely, the above example is rewritten to:

    a?: int
    b: if a != _|_ { 2 }
    c: if b != _|_ { 3 }
    d: if b != _|_ { 4 }

where the fields with if clause are only inserted if their condition
resolves to true. Note that this is not valid CUE; it may be in the
future.

With this rewrite, dependencies in comprehension expressions are handled
analogously to other expressions.

Note that a single comprehension may be distributed across multiple
fields. The evaluator will ensure, however, that a comprehension is only
evaluated once.

Analogous to reference cycles, as of [CL
544129](https://cuelang.org/cl/544129) we allow comprehensions to use
the struct in which they are defined as source, as long as they do not
introduce new fields, which would alter the source on which they
iterate.

##### Reimplementation of cycle detection

The new algorithm is inspired by the cycle detection used by Tomabechi's
[^Tomabechi] and Van Lohuizen's [^VanLohuizen] graph unification
algorithms.

Unlike with traditional graph unification, however, CUE uses references,
which, unlike node equivalence, are unidirectional. This means that the
technique to track equivalence through dereference, as common in graph
unification algorithms like Tomabechi's, does not work unaltered.

The unidirectional nature of references imply that each reference
equates an exact copy of the value it points to. This renders the
original approach of node-pointer equivalence useless.

The new algorithm, a variant of Tomabechi's and Van Lohuizen's
algorithm, looks at references equality on conjuncts, instead of node
equality. This simplifies the accounting and allows for far simpler and
precise accounting when using references instead of the traditional node
equivalence.

##### More background info on cycles

We have to define when a cycle is detected. CUE implementations MUST
report an error upon a structural cycle, and SHOULD report cycles at the
shortest possible paths at which they occur, but MAY report these at
deeper paths. For instance, the following CUE has a structural cycle:

    f: g: f

The shortest path at which the cycle can be reported is `f.g`, but as
all failed configurations are logically equal, it is fine for
implementations to report them at `f.g.g`, for instance.

It is not, however, correct to assume that a reference to a parent is
always a cycle. Consider this case:

    a: [string]: b: a

Even though reference `a` refers to a parent node, the cycle needs to be
fed by a concrete field in struct `a` to persist, meaning it cannot
result in a cycle as defined in the spec as it is defined here. Note
however, that a specialization of this configuration *can* result in a
cycle. Consider

    a: [string]: b: a
    a: c: _

Here reference `a` is guaranteed to result in a structural cycle, as
field `c` will match the pattern constraint unconditionally.

In other words, it is not possible to exclude tracking references across
pattern constraints from cycle checking.

It is tempting to try to find a complete set of these edge cases with
the aim to statically determine cases in which this occurs. But as
Carpenter \[^Carpenter] demonstrates, it is possible for cycles to be
created as a result of unifying two graphs that are themselves acyclic.
The following example is a translation of Carpenters example to CUE:

    y: {
    	f: h: g
    	g: _
    }
    x: {
    	f: _
    	g: f
    }

Even though the above contains no cycles, the result of `x & y` is
cyclic:

    f: h: g
    g: f

This means that, in practice, cycle detection has at least partially a
dynamic component to it.

The [language specification](https://cuelang.org/docs/references/spec/)
contains a higher-level and more complete overview of structural cycles.

[^Tomabechi]: https://aclanthology.org/C92-2068

Hideto Tomabechi. 1992. Quasi-Destructive Graph Unification with
Structure-Sharing. In COLING 1992 Volume 2: The 14th International
Conference on Computational Linguistics.

[^VanLohuizen]: https://aclanthology.org/P00-1045/

Marcel P. van Lohuizen. 2000. "Memory-Efficient and Thread-Safe
Quasi-Destructive Graph Unification". In Proceedings of the 38th Annual
Meeting of the Association for Computational Linguistics, pages 352–359,
Hong Kong. Association for Computational Linguistics.

\[^Carpenter]:
Bob Carpenter, "The logic of typed feature structures."
Cambridge University Press, ISBN:0-521-41932-8

##### Reimplementation of `let` comprehensions

[CL 543362](https://cuelang.org/cl/543362) made a change to
`internal/core` to reimplement `let` comprehensions as fields. This
makes it easier to track context as `let` comprehensions then follow the
same paradigm as fields. It also allows debug information to be shown as
to where lets are added in the tree. This change was accompanied by
number of others that refined the approach.

##### Self-contained export

`internal/core/export` now implements an algorithm for generating
self-contained CUE on export, an option that can further be refined by
asking the exporter to inline imports. These internal changes manifest
in changes to `cue def` and `cuelang.org/go/cue` that are described
elsewhere.

##### Other changes

[CL 545897](https://cuelang.org/cl/545897) started tracking stats within
the core CUE tests. This book keeping helps to spot likely regressions
in performance early by collocating the stats with the CUE that is being
evaluated.

#### Builtins

In the `strconv` package, `strconv.FormatInt` and `strconv.FormatUint`
now support arbitary-precision format; see [CL
538512](https://cuelang.org/cl/538512).

[CL 545898](https://cuelang.org/cl/545898) improved the error messages
for `pkg` builtins, by including the path in error in many cases, and
passing a wrapped message for `encoding/yaml`.

[CL 546237](https://cuelang.org/cl/546237) allows incomplete
`list.MinItems` constraints. Before it either returned `false` or
`true`, ignoring that making a configuration more specific might still
satisfy `MinItems` later on. [CL 546238](https://cuelang.org/cl/546238)
made a similar change for `struct.MinFields`.

#### Tooling layer

Standard input is now parsed correctly in `cue cmd`-declared command
tasks; see [CL 541898](https://cuelang.org/cl/541898).

#### `cmd/cue`

Version control system (VCS) information is included in `cue version` as
of [CL 540297](https://cuelang.org/cl/540297). The Go version used to
build `cmd/cue` is included as of [CL
549302](https://cuelang.org/cl/549302).

`cue def` now supports an `--inline-imports` flag which resolves imports
to print a self-contained version of the command input. For example,
given the `txtar` input:

    -- cue.mod/module.cue --
    module: "example.com/a"

    -- in.cue --
    package a

    import "example.com/a/pkg"
    import "list"

    v: pkg.v

    -- pkg/pkg.cue --
    package pkg

    v: { x: 3, y: x }

The running `cue def --inline-imports in.cue` will give:

    package a

    import "list"

    v: {
    	x: 3
    	y: x
    }

[CL 546243](https://cuelang.org/cl/546243) fixed a long-standing bug
whereby the `--ignore` errors flag was not observed by `cue eval`.

#### Changelog

- \[release-branch.v0.5] internal/ci: use go1.19.8 for the release of
v0.5.0 by [@&#8203;myitcv](https://togithub.com/myitcv) in
[`d780488`](https://togithub.com/cue-lang/cue/commit/d780488159bd082f9f9d027ab42dd4d9b5d95d5e)
- internal/ci: fix cache eviction by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`a1d9054`](https://togithub.com/cue-lang/cue/commit/a1d9054ffa5b292763538a3fa6cf057a062a145d)
- internal/ci: address review feedback from CL 551352 by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`af01db1`](https://togithub.com/cue-lang/cue/commit/af01db1892e650a55d62d7423fe96732d6fb911d)
- internal/ci: allow trybot workflows to be workflow_dispatch-ed by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`22156ef`](https://togithub.com/cue-lang/cue/commit/22156efdb892e80b7e92b4a2785ceb831470abc1)
- internal/ci: refactor CI workflows by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`a4403eb`](https://togithub.com/cue-lang/cue/commit/a4403eb12b04c6cb9ca19ac03561199912fc66e5)
- internal/ci: remove hard-codings in base package by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`0eaee71`](https://togithub.com/cue-lang/cue/commit/0eaee7137e10cf1ca23ab263d872dcaf0fa97aeb)
- internal/ci: move evict_caches to base by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`584b21e`](https://togithub.com/cue-lang/cue/commit/584b21e968ba7941ff4a03d5784fd37dcd9cca06)
- internal/ci: remove mention of matrix and runner from base by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`7c07680`](https://togithub.com/cue-lang/cue/commit/7c07680633f8644441d9ae80f150ac5a471abd8a)
- internal/ci: remove trybot from push branches by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`9f3af8f`](https://togithub.com/cue-lang/cue/commit/9f3af8f084f97838999f6cd5bba545054fba85f1)
- internal/ci: refactor base caching pattern by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`390bca5`](https://togithub.com/cue-lang/cue/commit/390bca5ce528e3a6408171b79961508f00e56f12)
- internal/ci: drop pullThroughProxy step by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`a14fbf4`](https://togithub.com/cue-lang/cue/commit/a14fbf49856399c7a6737e1495f7d8dde994be88)
- \[release-branch.v0.5] internal/ci: bring inline with
[`be0601b`](https://togithub.com/cue-lang/cue/commit/be0601bf) by
[@&#8203;myitcv](https://togithub.com/myitcv) in
[`f4d04a7`](https://togithub.com/cue-lang/cue/commit/f4d04a7e5dc569836900c77b6aa4c26f20fcc9d1)
- internal/ci: bump pinned version of Go for releases by
[@&#8203;mvdan](https://togithub.com/mvdan) in
[`374a2cc`](https://togithub.com/cue-lang/cue/commit/374a2cc382856da74e5634341e3fbb2fd9fa84d1)
- internal/core/adt: revert fix for 2209 by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`c0421b4`](https://togithub.com/cue-lang/cue/commit/c0421b44e58cedad9200162a6fb6fae065da2d2b)
- internal/core/adt: fix possible infinte loop for API usage by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`1ce9120`](https://togithub.com/cue-lang/cue/commit/1ce91202faf3d4de930e1c75c491c332c7b9d11a)
- internal/core/adt: fix regression in comparing to bottom by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`87c79ef`](https://togithub.com/cue-lang/cue/commit/87c79efa8f37e1441b8ea67cff0bf5027bf1daaf)
- internal/core/adt: remove unnecessary check by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`28321f6`](https://togithub.com/cue-lang/cue/commit/28321f6b49947b993823fb445835f560f0464b69)
- internal/core/adt: detect closed lists as fatal errors by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`5d42c6c`](https://togithub.com/cue-lang/cue/commit/5d42c6cee285c44bb4af1cda5b31227f65364c99)
- internal/core/adt: sharpen condition for scalar setting by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`3ba76ba`](https://togithub.com/cue-lang/cue/commit/3ba76baf9b432e15f110c49be701a5d0600c2412)
- internal/ci: fix goreleaser in non-snapshot mode again by
[@&#8203;mvdan](https://togithub.com/mvdan) in
[`576d0e4`](https://togithub.com/cue-lang/cue/commit/576d0e461a990ddcdab9da7a10375a1c6d87a865)
- internal/core/adt: fix 2235 by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`ca411de`](https://togithub.com/cue-lang/cue/commit/ca411dedecdf08f2d0b99931c61a6d37ea93c985)
- internal/core/adt: add tests for 2235 by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`89693e1`](https://togithub.com/cue-lang/cue/commit/89693e1ff31881d90500db4d34b05c7685575d76)
- cmd/cue: include Go in the version command by
[@&#8203;mvdan](https://togithub.com/mvdan) in
[`9b1f248`](https://togithub.com/cue-lang/cue/commit/9b1f248845fabfda2ed70cc3c1c823baef5da69f)
- internal/ci: fix and test the release workflow on branches by
[@&#8203;mvdan](https://togithub.com/mvdan) in
[`63749fe`](https://togithub.com/cue-lang/cue/commit/63749fe7d1fc40011564d54da9826050fd5a6239)
- cmd/cue: add evaluator stats support by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`d573e0c`](https://togithub.com/cue-lang/cue/commit/d573e0c2f0419f3a32e9d7bc1f3000cc365a240d)
- cmd/cue: add tests for issue 345 by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`352a736`](https://togithub.com/cue-lang/cue/commit/352a7363b1b22ed4490d328bbc9275bf4dd2b779)
- internal/core/adt: filter more disjunctions by
[@&#8203;mpvl](https://togithub.com/mpvl) in
[`5a6bd19`](https://togithub.com/cue-lang/cue/commit/5a6bd1910821112123897c2b553b848c15f6eae2)
-   internal/core/adt: add t

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS41OC4yIiwidXBkYXRlZEluVmVyIjoiMzUuNzguMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Wayne Starr <[email protected]>
Co-authored-by: Wayne Starr <[email protected]>

Loading branch information

3 people authored May 15, 2023

1 parent 95777d0 commit 8d905f7

.github/actions/install-tools/action.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -6,7 +6,7 @@ runs:
  
      steps:

        - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1

        - uses: anchore/sbom-action/download-syft@422cb34a0f8b599678c41b21163ea6088edb2624 # v0.14.1

        - uses: anchore/sbom-action/download-syft@4d571ad1038a9cc29d676154ef265ab8f9027042 # v0.14.2

        - run: "curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin"

          shell: bash

.github/workflows/scan-codeql.yml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -48,7 +48,7 @@ jobs:
  
          # Initializes the CodeQL tools for scanning.

          - name: Initialize CodeQL

            uses: github/codeql-action/init@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2

            uses: github/codeql-action/init@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3

            env:

              CODEQL_EXTRACTOR_GO_BUILD_TRACING: on

            with:

    @@ -59,6 +59,6 @@ jobs:
  
            run: make build-cli-linux-amd

          - name: Perform CodeQL Analysis

            uses: github/codeql-action/analyze@f3feb00acb00f31a6f60280e6ace9ca31d91c76a # v2.3.2

            uses: github/codeql-action/analyze@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3

            with:

              category: "/language:${{matrix.language}}"

.github/workflows/scorecard.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -45,6 +45,6 @@ jobs:
  
          # Upload the results to GitHub's code scanning dashboard.

          - name: "Upload to code-scanning"

            uses: github/codeql-action/upload-sarif@b2c19fb9a2a485599ccf4ed5d65527d94bc57226 # v2.3.0

            uses: github/codeql-action/upload-sarif@29b1f65c5e92e24fe6b6647da1eaabe529cec70f # v2.3.3

            with:

              sarif_file: results.sarif

.grype.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -1,11 +1,11 @@
  
    # Ignore file for false positives from protobuf, see the following for more information:

    #   https://github.com/anchore/grype/issues/558

    ignore:

      # False positive from CPE confusion of svelte and svelte's extension

      - vulnerability: CVE-2021-29261

      # This vulnerability does not affect Zarf as we do not instantiate a rekor client

      - vulnerability: GHSA-2h5h-59f5-c5x9

      # From rouille - The Zarf injector does not expose endpoints that use multipart form data

      - vulnerability: GHSA-mc8h-8q98-g5hr

      # From sigs.k8s.io/kustomize/api/krusty - This is a low vulnerability that does not impact Zarf as we do not marshall/unmarshall from protocol buffers

      - vulnerability: GHSA-hw7c-3rfg-p46j

      # From go-git - Zarf does not use go-git (or its imported crypto libraries) to generate secrets

      - vulnerability: GHSA-2q89-485c-9j2x

go.mod

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -2,23 +2,19 @@ module github.com/defenseunicorns/zarf
  
    go 1.19

    replace (

    	// TODO (@WSTARR) remove this temporary replacement of oras-go 1.2.2 with defenseunicorns version due to upgraded docker lib

    	oras.land/oras-go v1.2.2 => github.com/defenseunicorns/oras-go v1.2.3

    	// TODO (@JMCCOY) not updating due to bug in kyaml, https://github.com/kubernetes-sigs/kustomize/issues/4896

    	sigs.k8s.io/kustomize/kyaml => sigs.k8s.io/kustomize/kyaml v0.13.9

    )

    // TODO (@WSTARR) remove this temporary replacement of oras-go 1.2.2 with defenseunicorns version due to upgraded docker lib

    replace oras.land/oras-go v1.2.2 => github.com/defenseunicorns/oras-go v1.2.3

    require (

    	cuelang.org/go v0.4.3

    	cuelang.org/go v0.5.0

    	github.com/AlecAivazis/survey/v2 v2.3.6

    	github.com/Masterminds/semver/v3 v3.2.1

    	github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b

    	github.com/anchore/stereoscope v0.0.0-20230412183729-8602f1afc574

    	github.com/anchore/syft v0.79.0

    	github.com/derailed/k9s v0.27.3

    	github.com/distribution/distribution v2.8.1+incompatible

    	github.com/docker/cli v23.0.4+incompatible

    	github.com/anchore/syft v0.80.0

    	github.com/derailed/k9s v0.27.4

    	github.com/distribution/distribution v2.8.2+incompatible

    	github.com/docker/cli v23.0.6+incompatible

    	github.com/fatih/color v1.15.0

    	github.com/fluxcd/helm-controller/api v0.32.2

    	github.com/fluxcd/source-controller/api v0.36.1

    @@ -28,7 +24,7 @@ require (
  
    	github.com/goccy/go-yaml v1.11.0

    	github.com/google/go-containerregistry v0.14.0

    	github.com/mholt/archiver/v3 v3.5.1

    	github.com/moby/moby v23.0.4+incompatible

    	github.com/moby/moby v23.0.6+incompatible

    	github.com/opencontainers/image-spec v1.1.0-rc2.0.20221005185240-3a7f492d3f1b

    	github.com/otiai10/copy v1.11.0

    	github.com/pkg/errors v0.9.1

    @@ -38,25 +34,25 @@ require (
  
    	github.com/spf13/cobra v1.7.0

    	github.com/spf13/viper v1.15.0

    	github.com/stretchr/testify v1.8.2

    	golang.org/x/crypto v0.8.0

    	helm.sh/helm/v3 v3.11.3

    	k8s.io/api v0.26.4

    	k8s.io/apimachinery v0.26.4

    	k8s.io/client-go v0.26.4

    	k8s.io/component-base v0.26.4

    	k8s.io/klog/v2 v2.90.1

    	k8s.io/kubectl v0.26.4

    	oras.land/oras-go/v2 v2.0.2

    	sigs.k8s.io/kustomize/api v0.12.1

    	sigs.k8s.io/kustomize/kyaml v0.13.9

    	golang.org/x/crypto v0.9.0

    	helm.sh/helm/v3 v3.12.0

    	k8s.io/api v0.27.1

    	k8s.io/apimachinery v0.27.1

    	k8s.io/client-go v0.27.1

    	k8s.io/component-base v0.27.1

    	k8s.io/klog/v2 v2.100.1

    	k8s.io/kubectl v0.27.1

    	oras.land/oras-go/v2 v2.1.0

    	sigs.k8s.io/kustomize/api v0.13.4

    	sigs.k8s.io/kustomize/kyaml v0.14.2

    	sigs.k8s.io/yaml v1.3.0

    )

    require (

    	atomicgo.dev/cursor v0.1.1 // indirect

    	atomicgo.dev/keyboard v0.2.9 // indirect

    	bitbucket.org/creachadair/shell v0.0.7 // indirect

    	cloud.google.com/go/compute v1.19.0 // indirect

    	cloud.google.com/go/compute v1.19.1 // indirect

    	cloud.google.com/go/compute/metadata v0.2.3 // indirect

    	github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 // indirect

    	github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 // indirect

    @@ -71,15 +67,15 @@ require (
  
    	github.com/Azure/go-autorest/logger v0.2.1 // indirect

    	github.com/Azure/go-autorest/tracing v0.6.0 // indirect

    	github.com/BurntSushi/toml v1.2.1 // indirect

    	github.com/CycloneDX/cyclonedx-go v0.7.1-0.20221222100750-41a1ac565cce // indirect

    	github.com/CycloneDX/cyclonedx-go v0.7.1 // indirect

    	github.com/DataDog/zstd v1.4.5 // indirect

    	github.com/MakeNowJust/heredoc v1.0.0 // indirect

    	github.com/Masterminds/goutils v1.1.1 // indirect

    	github.com/Masterminds/sprig/v3 v3.2.3 // indirect

    	github.com/Masterminds/squirrel v1.5.3 // indirect

    	github.com/Microsoft/go-winio v0.6.0 // indirect

    	github.com/Microsoft/go-winio v0.6.1 // indirect

    	github.com/OneOfOne/xxhash v1.2.8 // indirect

    	github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect

    	github.com/ProtonMail/go-crypto v0.0.0-20230426101702-58e86b294756 // indirect

    	github.com/ThalesIgnite/crypto11 v1.2.5 // indirect

    	github.com/acobaugh/osrelease v0.1.0 // indirect

    	github.com/acomagu/bufpipe v1.0.4 // indirect

    @@ -136,7 +132,7 @@ require (
  
    	github.com/cloudflare/circl v1.1.0 // indirect

    	github.com/cncf/udpa/go v0.0.0-20220112060539-c52dc94e7fbe // indirect

    	github.com/cncf/xds/go v0.0.0-20230105202645-06c439db220b // indirect

    	github.com/cockroachdb/apd/v2 v2.0.1 // indirect

    	github.com/cockroachdb/apd/v2 v2.0.2 // indirect

    	github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect

    	github.com/containerd/console v1.0.3 // indirect

    	github.com/containerd/containerd v1.7.0 // indirect

    @@ -150,20 +146,20 @@ require (
  
    	github.com/davecgh/go-spew v1.1.1 // indirect

    	github.com/daviddengcn/go-colortext v1.0.0 // indirect

    	github.com/deitch/magic v0.0.0-20230404182410-1ff89d7342da // indirect

    	github.com/derailed/popeye v0.10.1 // indirect

    	github.com/derailed/popeye v0.11.1 // indirect

    	github.com/derailed/tcell/v2 v2.3.1-rc.3 // indirect

    	github.com/derailed/tview v0.8.1 // indirect

    	github.com/dimchansky/utfbom v1.1.1 // indirect

    	github.com/docker/distribution v2.8.1+incompatible // indirect

    	github.com/docker/docker v23.0.4+incompatible // indirect

    	github.com/docker/distribution v2.8.2+incompatible // indirect

    	github.com/docker/docker v23.0.5+incompatible // indirect

    	github.com/docker/docker-credential-helpers v0.7.0 // indirect

    	github.com/docker/go-connections v0.4.0 // indirect

    	github.com/docker/go-metrics v0.0.1 // indirect

    	github.com/docker/go-units v0.5.0 // indirect

    	github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect

    	github.com/dustin/go-humanize v1.0.1 // indirect

    	github.com/emicklei/go-restful/v3 v3.10.1 // indirect

    	github.com/emicklei/proto v1.6.15 // indirect

    	github.com/emicklei/proto v1.10.0 // indirect

    	github.com/emirpasic/gods v1.18.1 // indirect

    	github.com/envoyproxy/go-control-plane v0.10.3 // indirect

    	github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect

    @@ -218,6 +214,7 @@ require (
  
    	github.com/google/go-querystring v1.1.0 // indirect

    	github.com/google/gofuzz v1.2.0 // indirect

    	github.com/google/licensecheck v0.3.1 // indirect

    	github.com/google/pprof v0.0.0-20221118152302-e6195bd50e26 // indirect

    	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect

    	github.com/google/trillian v1.5.0 // indirect

    	github.com/google/uuid v1.3.0 // indirect

    @@ -252,9 +249,9 @@ require (
  
    	github.com/json-iterator/go v1.1.12 // indirect

    	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect

    	github.com/kevinburke/ssh_config v1.2.0 // indirect

    	github.com/klauspost/compress v1.16.4 // indirect

    	github.com/klauspost/compress v1.16.5 // indirect

    	github.com/klauspost/pgzip v1.2.5 // indirect

    	github.com/knqyf263/go-rpmdb v0.0.0-20221030135625-4082a22221ce // indirect

    	github.com/knqyf263/go-rpmdb v0.0.0-20230301153543-ba94b245509b // indirect

    	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect

    	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect

    	github.com/leodido/go-urn v1.2.1 // indirect

    @@ -276,7 +273,7 @@ require (
  
    	github.com/miekg/pkcs11 v1.1.1 // indirect

    	github.com/mitchellh/copystructure v1.2.0 // indirect

    	github.com/mitchellh/go-homedir v1.1.0 // indirect

    	github.com/mitchellh/go-wordwrap v1.0.0 // indirect

    	github.com/mitchellh/go-wordwrap v1.0.1 // indirect

    	github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect

    	github.com/mitchellh/mapstructure v1.5.0 // indirect

    	github.com/mitchellh/reflectwalk v1.0.2 // indirect

    @@ -307,12 +304,11 @@ require (
  
    	github.com/prometheus/client_model v0.3.0 // indirect

    	github.com/prometheus/common v0.37.0 // indirect

    	github.com/prometheus/procfs v0.8.0 // indirect

    	github.com/protocolbuffers/txtpbfmt v0.0.0-20201118171849-f6a6b3f636fc // indirect

    	github.com/protocolbuffers/txtpbfmt v0.0.0-20220428173112-74888fd59c2b // indirect

    	github.com/rakyll/hey v0.1.4 // indirect

    	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect

    	github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect

    	github.com/rivo/uniseg v0.4.4 // indirect

    	github.com/rs/zerolog v1.29.0 // indirect

    	github.com/rs/zerolog v1.29.1 // indirect

    	github.com/rubenv/sql-migrate v1.3.1 // indirect

    	github.com/russross/blackfriday/v2 v2.1.0 // indirect

    	github.com/sahilm/fuzzy v0.1.0 // indirect

    @@ -347,12 +343,12 @@ require (
  
    	github.com/theupdateframework/go-tuf v0.5.2-0.20220930112810-3890c1e7ace4 // indirect

    	github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect

    	github.com/tjfoc/gmsm v1.3.2 // indirect

    	github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802 // indirect

    	github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 // indirect

    	github.com/transparency-dev/merkle v0.0.1 // indirect

    	github.com/ulikunitz/xz v0.5.10 // indirect

    	github.com/urfave/cli v1.22.12 // indirect

    	github.com/vbatts/go-mtree v0.5.3 // indirect

    	github.com/vbatts/tar-split v0.11.2 // indirect

    	github.com/vbatts/tar-split v0.11.3 // indirect

    	github.com/vifraa/gopom v0.2.1 // indirect

    	github.com/wagoodman/go-partybus v0.0.0-20210627031916-db1f5573bbc5 // indirect

    	github.com/wagoodman/go-progress v0.0.0-20230301185719-21920a456ad5 // indirect

    @@ -397,11 +393,11 @@ require (
  
    	go.uber.org/zap v1.24.0 // indirect

    	golang.org/x/exp v0.0.0-20230202163644-54bba9f4231b // indirect

    	golang.org/x/mod v0.10.0 // indirect

    	golang.org/x/net v0.9.0 // indirect

    	golang.org/x/oauth2 v0.6.0 // indirect

    	golang.org/x/net v0.10.0 // indirect

    	golang.org/x/oauth2 v0.7.0 // indirect

    	golang.org/x/sync v0.1.0 // indirect

    	golang.org/x/sys v0.7.0 // indirect

    	golang.org/x/term v0.7.0 // indirect

    	golang.org/x/sys v0.8.0 // indirect

    	golang.org/x/term v0.8.0 // indirect

    	golang.org/x/text v0.9.0 // indirect

    	golang.org/x/time v0.3.0 // indirect

    	golang.org/x/tools v0.8.0 // indirect

    @@ -419,27 +415,17 @@ require (
  
    	gopkg.in/warnings.v0 v0.1.2 // indirect

    	gopkg.in/yaml.v2 v2.4.0 // indirect

    	gopkg.in/yaml.v3 v3.0.1 // indirect

    	k8s.io/apiextensions-apiserver v0.26.3 // indirect

    	k8s.io/apiserver v0.26.3 // indirect

    	k8s.io/cli-runtime v0.26.4 // indirect

    	k8s.io/component-helpers v0.26.4 // indirect

    	k8s.io/apiextensions-apiserver v0.27.1 // indirect

    	k8s.io/apiserver v0.27.1 // indirect

    	k8s.io/cli-runtime v0.27.1 // indirect

    	k8s.io/component-helpers v0.27.1 // indirect

    	k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect

    	k8s.io/metrics v0.26.4 // indirect

    	k8s.io/metrics v0.27.1 // indirect

    	k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 // indirect

    	lukechampine.com/uint128 v1.1.1 // indirect

    	modernc.org/cc/v3 v3.36.0 // indirect

    	modernc.org/ccgo/v3 v3.16.6 // indirect

    	modernc.org/libc v1.16.7 // indirect

    	modernc.org/mathutil v1.4.1 // indirect

    	modernc.org/memory v1.1.1 // indirect

    	modernc.org/opt v0.1.1 // indirect

    	modernc.org/sqlite v1.17.3 // indirect

    	modernc.org/strutil v1.1.1 // indirect

    	modernc.org/token v1.0.0 // indirect

    	oras.land/oras-go v1.2.2 // indirect

    	sigs.k8s.io/controller-runtime v0.14.6 // indirect

    	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect

    	sigs.k8s.io/kustomize/kustomize/v4 v4.5.7 // indirect

    	sigs.k8s.io/kustomize/kustomize/v5 v5.0.1 // indirect

    	sigs.k8s.io/release-utils v0.7.3 // indirect

    	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect

    )

0 comments on commit `8d905f7`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `8d905f7`

Commit

There are no files selected for viewing

0 comments on commit 8d905f7

0 comments on commit `8d905f7`