Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Deps] Update dependencies #81

Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

[Deps] Update dependencies #81

wants to merge 19 commits into from

Conversation

loafoe
Copy link

@loafoe loafoe commented Jul 1, 2024
edited
Loading

  • Update to Go 1.22
  • Updates all package dependencies that don't require code changes
  • Fixes all known CVEs as of today (2024-07-01)
  • Update controller-gen to v0.14.0

There's a bunch of more updates, but these require code changes (update test code, etc) so would like to try and get this PR merged before moving ahead with the other updates. /cc @raffaelespazzoli

loafoe and others added 17 commits July 1, 2024 20:00
@loafoe
Add dependabot
ea72aa2
@dependabot
Bump golang from 1.21 to 1.22
b8e15a3 
Bumps golang from 1.21 to 1.22.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0
cf9adac 
Bumps [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/yaml@v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/yaml
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@loafoe
Merge pull request #1 from loafoe/dependabot/docker/golang-1.22
d9da6c0 
Bump golang from 1.21 to 1.22
@loafoe
Merge pull request #2 from loafoe/dependabot/go_modules/sigs.k8s.io/y…
f3261f4 
…aml-1.4.0

Bump sigs.k8s.io/yaml from 1.3.0 to 1.4.0
@dependabot
Bump google.golang.org/protobuf from 1.27.1 to 1.33.0
ad8fa1f 
Bumps google.golang.org/protobuf from 1.27.1 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0
74d21a2 
Bumps gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0.

---
updated-dependencies:
- dependency-name: gopkg.in/yaml.v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump golang.org/x/crypto
c41c781 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20220214200702-86341886e292 to 0.17.0.
- [Commits](https://github.com/golang/crypto/commits/v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@loafoe
Merge pull request #10 from loafoe/dependabot/go_modules/golang.org/x…
1956535 
…/crypto-0.17.0

Bump golang.org/x/crypto from 0.0.0-20220214200702-86341886e292 to 0.17.0
@loafoe
Merge pull request #8 from loafoe/dependabot/go_modules/google.golang…
bd6ed0c 
….org/protobuf-1.33.0

Bump google.golang.org/protobuf from 1.27.1 to 1.33.0
@dependabot
Bump github.com/emicklei/go-restful
05c9806 
Bumps [github.com/emicklei/go-restful](https://github.com/emicklei/go-restful) from 2.9.5+incompatible to 2.16.0+incompatible.
- [Release notes](https://github.com/emicklei/go-restful/releases)
- [Changelog](https://github.com/emicklei/go-restful/blob/v3/CHANGES.md)
- [Commits](emicklei/go-restful@v2.9.5...v2.16.0)

---
updated-dependencies:
- dependency-name: github.com/emicklei/go-restful
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@loafoe
Merge pull request #12 from loafoe/dependabot/go_modules/github.com/e…
26672c7 
…micklei/go-restful-2.16.0incompatible

Bump github.com/emicklei/go-restful from 2.9.5+incompatible to 2.16.0+incompatible
@dependabot
Bump golang.org/x/net from 0.0.0-20220127200216-cd36cc0744dd to 0.23.0
05671b1 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220127200216-cd36cc0744dd to 0.23.0.
- [Commits](https://github.com/golang/net/commits/v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@loafoe
Merge pull request #9 from loafoe/dependabot/go_modules/golang.org/x/…
45dfb42 
…net-0.23.0

Bump golang.org/x/net from 0.0.0-20220127200216-cd36cc0744dd to 0.23.0
@loafoe
Merge pull request #7 from loafoe/dependabot/go_modules/gopkg.in/yaml…
cc163f6 
….v3-3.0.0

Bump gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0
@loafoe
Update k8s.io/client-go
4b23d73
@loafoe
Update controller-gen
8fbdaf2
dependabot bot and others added 2 commits July 1, 2024 22:54
@dependabot
Bump github.com/evanphx/json-patch
acd42a4 
Bumps [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch) from 5.6.0+incompatible to 5.9.0+incompatible.
- [Release notes](https://github.com/evanphx/json-patch/releases)
- [Commits](evanphx/json-patch@v5.6.0...v5.9.0)

---
updated-dependencies:
- dependency-name: github.com/evanphx/json-patch
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@loafoe
Merge pull request #15 from loafoe/dependabot/go_modules/github.com/e…
3844274 
…vanphx/json-patch-5.9.0incompatible

Bump github.com/evanphx/json-patch from 5.6.0+incompatible to 5.9.0+incompatible
@loafoe loafoe changed the title Update dependencies [Deps] Update dependencies Jul 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@loafoe