Skip to content

chore(deps): update all non-major dependencies #265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update all non-major dependencies #265

wants to merge 1 commit into from
+39 −23

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Apr 1, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/cache action patch v4.2.2 -> v4.2.3 age adoption passing confidence
actions/setup-go action minor v5.3.0 -> v5.4.0 age adoption passing confidence
cloud.google.com/go/functions require patch v1.19.3 -> v1.19.6 age adoption passing confidence
github.com/cloudevents/sdk-go/v2 require minor v2.15.2 -> v2.16.0 age adoption passing confidence
github/codeql-action action patch v3.28.11 -> v3.28.16 age adoption passing confidence
step-security/harden-runner action minor v2.11.0 -> v2.12.0 age adoption passing confidence

Release Notes

actions/cache (actions/cache)

v4.2.3

Compare Source

What's Changed
New Contributors

Full Changelog: actions/cache@v4.2.2...v4.2.3

actions/setup-go (actions/setup-go)

v5.4.0

Compare Source

What's Changed
Dependency updates :
New Contributors

Full Changelog: actions/setup-go@v5...v5.4.0

cloudevents/sdk-go (github.com/cloudevents/sdk-go/v2)

v2.16.0

Compare Source

✨ Features & Enhancements

  • Confluent Kafka binding [#​988] by @​yanmxa
    Added a new Confluent Kafka protocol binding for CloudEvents, supporting modern Kafka client features.

  • Producer report channel for Confluent Kafka [#​1031] by @​yanmxa
    Exposed a producer report channel via Events() to allow users to track delivery status of Kafka messages.

  • Support structured content type suffixes [#​1007] by @​dan-j
    Improved content type handling by recognizing structured syntax suffixes like +json, increasing compatibility with various encodings.

  • Default timeout via context [#​992] by @​nkreiger
    Introduced support for configuring protocol default timeouts using context.Context.

  • Benchmarks for CESQL [#​1050] by @​Cali0707
    Added benchmark tests to measure CESQL query performance.

  • Optimized CESQL LIKE matching [#​1049] by @​Cali0707
    Improved the performance of CESQL's LIKE pattern matching logic.

  • Expose AddFunction API for CESQL Parser [#​1047 / #​1051] by @​dgeorgievski
    Enabled users to register custom functions in CESQL via the newly exposed AddFunction API.

  • Flexible subject matching for NATS JetStream [#​1084] by @​evankanderson
    Added support for flexible subject pattern matching in NATS JetStream subscriptions.

  • Add v3 version of NATS JetStream protocol [#​1095] by @​stephen-totty-hpe
    Introduced a new version of the NATS JetStream protocol (v3) with enhanced features and forward compatibility.

  • Expose WithHost option [#​1070] by @​jaxtonw
    Added a configurable WithHost option for improved protocol initialization flexibility.

  • Support dataref cloud event extension [Dataref Extension #​1018] by @​matzew
    Implements the Dataref (Claim Check Pattern) as specified by the CloudEvent Extension Attributes spec.

🛠 Fixes

  • Handle multiple AMQP data fields correctly [#​1034] by @​embano1
    Fixed parsing of AMQP messages containing multiple data fields to conform with spec expectations.

  • Fix invalid ce- prefix in Confluent binding [#​1059] by @​embano1
    Corrected an issue where CloudEvents extensions were incorrectly prefixed in the Confluent Kafka binding.

  • Fix LIKE expression error handling [#​1046] by @​Cali0707
    Prevented panics on malformed LIKE expressions in CESQL; now returns a parse error instead.

  • Fix MQTT content-type issue [#​1063] by @​yanmxa
    Corrected how content types are applied in the MQTT protocol to improve interoperability.

  • Fix race condition in MQTT protocol [#​1094] by @​yanmxa
    Resolved a concurrency issue that could occur when sending messages over MQTT.

  • Fix pubsub ack logic [#​1064] by @​chapurlatn
    Updated acknowledgment logic to correctly rely on protocol.IsAck, fixing false negatives in pubsub delivery handling.

  • NATS Ack/Nak support in JetStream v3 [#​1104] by @​stephen-totty-hpe
    Added explicit acknowledgment and negative-ack support in the v3 NATS JetStream protocol.

  • Fix data_base64 decoding [#​1129] by @​duglin
    [Breaking Change] Modified base64 handling to require JSON string-wrapped base64 data; see release notes for migration details.

🧹 Maintenance

  • Sort extensions during JSON serialization [#​1117] by @​sargas
    Ensured deterministic serialization of extensions for improved consistency.

  • Add CODEOWNERS file [#​1038] by @​embano1
    Established code ownership rules to streamline PR review workflows.

  • Update GitHub workflows & Go dependencies [#​1105] by @​embano1
    Routine maintenance of CI workflows and dependency versions.

  • Bump MQTT SDK from v0.12.0 to v0.21.0 [#​1096] by @​yanmxa
    Updated the MQTT SDK for access to newer features and fixes.

  • Pin dependency versions [#​1089] by @​harshitasao
    Locked down dependencies to improve reproducibility and stability.

  • Fix token-permission issue [#​1088] by @​harshitasao
    Resolved permission issues affecting token-based authentication flows.

  • Bump testify to v1.10.0 [#​1114] by @​aalekseevx
    Updated stretchr/testify for testing improvements and bug fixes.

  • CESQL v1 Fixes [#​1066] by @​Cali0707
    Applied several small fixes and improvements to the CESQL v1 engine.

github/codeql-action (github/codeql-action)

v3.28.16

Compare Source

v3.28.15

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #​2842

See the full CHANGELOG.md for more information.

v3.28.14

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #​2838

See the full CHANGELOG.md for more information.

v3.28.13

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025
  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #​2810

See the full CHANGELOG.md for more information.

step-security/harden-runner (step-security/harden-runner)

v2.12.0

Compare Source

What's Changed

  1. A new option, disable-sudo-and-containers, is now available to replace the disable-sudo policy, addressing Docker-based privilege escalation (CVE-2025-32955). More details can be found in this blog post.

  2. New detections have been added based on insights from the tj-actions and reviewdog actions incidents.

Full Changelog: step-security/harden-runner@v2...v2.12.0

v2.11.1

Compare Source

What's Changed

Full Changelog: step-security/harden-runner@v2...v2.11.1

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@forking-renovate Forking Renovate
Copy link

forking-renovate bot commented Apr 1, 2025
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 5 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21 -> 1.24.2
github.com/json-iterator/go v1.1.10 -> v1.1.12
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 -> v0.0.0-20180306012644-bacd9c7ef1dd
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 -> v1.0.2
go.uber.org/multierr v1.1.0 -> v1.11.0
go.uber.org/zap v1.10.0 -> v1.27.0

@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from b0d0825 to 305ea87 Compare April 8, 2025 01:26
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 1c59042 to 9e5eeb3 Compare April 16, 2025 13:30
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch from 9e5eeb3 to ec5dabe Compare April 21, 2025 20:27
@renovate-bot renovate-bot force-pushed the renovate/all-minor-patch branch from ec5dabe to 2fe141e Compare April 23, 2025 14:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@renovate-bot