fix(deps): update go minor dependencies#1449
Open
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
Open
fix(deps): update go minor dependencies#1449red-hat-konflux[bot] wants to merge 1 commit intomainfrom
red-hat-konflux[bot] wants to merge 1 commit intomainfrom
Conversation
Contributor
Author
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
red-hat-konflux
bot
requested review from
14rcole,
Josh-Everett,
NigelByrne1,
dirgim,
hongweiliu17,
jencull,
jsztuka,
kasemAlem and
sonam1412
as code owners
⛔ Snyk checks have failed. 1 issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
red-hat-konflux
bot
force-pushed
the
konflux/mintmaker/main/go-minor-dependencies
branch
16 times, most recently
from
f2269a5 to
626b21b
Compare
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
red-hat-konflux
bot
force-pushed
the
konflux/mintmaker/main/go-minor-dependencies
branch
from
626b21b to
36a49ad
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.2.66-0.20240924153421-39656e186641->v0.261.7v0.26.1->v0.27.0v1.7.0->v1.8.0v2.27.5->v2.28.1v0.34.0->v0.41.1v1.7.0->v1.9.0v0.134.0->v0.161.1v1.39.0->v1.40.0v1.39.0->v1.40.0v1.39.0->v1.40.0v1.39.0->v1.40.0v1.39.0->v1.40.0v1.39.0->v1.40.0v0.262.0->v0.265.0v0.22.4->v0.23.1Warning
Some dependencies could not be looked up. Check the warning logs for more information.
Release Notes
gitea/act (gitea.com/gitea/act)
v0.261.7: - node24 actionsCompare Source
v0.261.6Compare Source
v0.261.5Compare Source
v0.261.4Compare Source
v0.261.3Compare Source
v0.261.2Compare Source
v0.261.1Compare Source
v0.261.0Compare Source
v0.260.2Compare Source
v0.260.1Compare Source
v0.260.0Compare Source
v0.259.2Compare Source
v0.259.1Compare Source
v0.259.0Compare Source
v0.251.1Compare Source
v0.249.0Compare Source
v0.246.2Compare Source
v0.246.1Compare Source
v0.246.0Compare Source
v0.245.2Compare Source
v0.245.1Compare Source
v0.245.0Compare Source
v0.243.4Compare Source
v0.243.3Compare Source
v0.243.2Compare Source
v0.243.1Compare Source
v0.243.0Compare Source
v0.234.2Compare Source
v0.234.1Compare Source
v0.234.0Compare Source
v0.233.5Compare Source
google/cel-go (github.com/google/cel-go)
v0.27.0Compare Source
Release Summary
This release focuses on improving developer tooling and stability. Key highlights include significant enhancements to the REPL (YAML configuration support and parse-only evaluation), the addition of cost estimation for regex operations, and improved test coverage reporting.
On the stability front, this release addresses race conditions in reference types, improves namespace resolution, and ensures formatting directives align strictly with the CEL specification.
Note: This release includes a breaking change regarding how types are handled as variables. Please review the "Breaking Changes" section below.
⚠ Breaking Changes
Remove types as variables: The logic for handling types has been relaxed to support safe rollout of feature packages which introduce new types whose names may collide with existing variables. Please review your policies if you relied on types behaving strictly as variables in previous versions. PR #1262
Features & Enhancements
REPL & Tooling
YAML Configuration: The REPL now supports reading and writing YAML environment configurations. PR #1250
Parse-Only Mode: Added parse-only evaluation capabilities to the REPL. PR #1254
Test Coverage: Introduced logic for CEL test coverage calculation and updated the reporter to handle error/unknown scenarios.PR #1209 & PR #1215
Core Library
Regex Costing: Added support for cost estimation and tracking within the regex library. PR #1200
JSON Type Exposure: Exposed CEL JSON types to assist developers in converting to native values. PR #1261
Policy Composition: Source information is now preserved during CEL policy composition, aiding in debugging. PR #1253
Extensibility:
Updated extension option factory to resolve by ID (#1249).
Refactored match output compiling to accept user-defined logic (#1246).
Exposed Match source ID to callers (#1227).
Build & Maintenance
Bazel: Migrated to use Bazel module only and improved configuration for dependent builds. PR #1231 & PR #1228
Cleanup: Removed strcase dependency, removed AppEngine code from REPL, and performed general linting. PR #1230, #1216, #1251
Bug Fixes
Concurrency: Fixed a race condition in the checker regarding reference types. PR #1224
Namespace Resolution: Addressed an issue with namespace resolution. PR #1256
Spec Compliance: Fixed formatting directives to fully support requirements documented in the cel-spec. PR #1232
New Contributors
Full Changelog: google/cel-go@v0.26.1...v0.27.0
hashicorp/go-version (github.com/hashicorp/go-version)
v1.8.0Compare Source
What's Changed
New Contributors
Full Changelog: hashicorp/go-version@v1.7.0...v1.8.0
onsi/ginkgo (github.com/onsi/ginkgo/v2)
v2.28.1Compare Source
2.28.1
Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.
v2.28.0Compare Source
2.28.0
Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:
can be filtered in or out with an invocation like:
ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"Huge thanks to @Icarus9913 for working on this!
openshift-pipelines/pipelines-as-code (github.com/openshift-pipelines/pipelines-as-code)
v0.41.1Compare Source
Pipelines as Code v0.41.1
OpenShift Pipelines as Code v0.41.1 has been released.
Security Fix
Bug Fixes
Misc / Chores
uvand release process. 384976buv run.5f515b9actions/cachefrom 4 to 5. a541f27gosmeeoutput and organize CI logs.8d7c9b1kobuild cache to E2E workflow. 7605c5auvforsecond-controller.py. 055e68aInstallation
To install this version you can install the release.yaml with
kubectlfor your platform :Openshift
Kubernetes
Documentation
The documentation for this release is available here :
https://release-v0-41-1.pipelines-as-code.pages.dev
Full Changelog
a541f27: chore(deps): bump actions/cache from 4 to 5 (@dependabot[bot])7605c5a: chore: Add ko cache to e2e workflow (@chmouel)8d7c9b1: chore: Redirect gosmee output and organize logs (@chmouel)eb39d14: chore: Skip revert commits in linter (@chmouel)48a7720: chore: Update vendored dependencies (@chmouel)055e68a: chore: Use uv for second-controller.py (@chmouel)41a632b: chore: divide Gitea tests in equall number in 3 jobs (@zakisk)65ece3f: ci: prevent e2e matrix jobs from cancelling on failure (@theakshaypant)5f515b9: feat: Move pr-ci scripts to be executable with uv (@chmouel)555aeb0: fix(bitbucketcloud): optimize commit info fetch (@zakisk)9a230ff: fix: Enforce mandatory webhook secret for GitLab validation (@chmouel)b7b421f: fix: Stabilize pipeline run sorting by name when start times are equal (@chmouel)667fd80: fix: Stabilize sorting logic for task logs and status (@chmouel)5a5f4e8: fix: Update E2E test matrix and script (@chmouel)384976b: fix: update dev docs for uv and release process (@chmouel)9c30b5d: refactor: Rename github pull request test function (@chmouel)v0.41.0Compare Source
Pipelines as Code version v0.41.0
OpenShift Pipelines as Code v0.41.0 has been released 🥳
Installation
To install this version you can install the release.yaml with
kubectlfor your platform :Openshift
Kubernetes
✨ Features
🛡️ Enhanced CEL Expressions: Added direct access to custom parameter variables within CEL expressions, allowing for more flexible pipeline logic.
e95b4e7🌐 Advanced Token Scoping: Introduced glob pattern support for repositories when defining token scopes in GitHub.
18413b1🧠 Flexible Logic Support: Added support for arbitrary CEL expressions using the new cel: prefix for complex event matching.
751f931🐛 Bug Fixes
🔄 Merge Commit Reliability: Implemented an exponential backoff retry mechanism for PR lookups to handle GitHub API indexing delays on merge commits.
618fac5🛑 Accurate Lifecycle Reporting: Fixed an issue where deleted PipelineRuns remained stuck in pending; the controller now explicitly reports a cancelled status upon deletion.
c690b58🏷️ Improved Event Matching: Resolved a bug in the matcher to prevent CEL from unintentionally matching label events.
1a3b241💬 Smarter GitLab Feedback: Reduced Merge Request noise by skipping comments for non-permission-related errors.
6a956e4🏗️ Concurrency Stability: Improved test reliability by ensuring PipelineRuns are correctly filtered by SHA in concurrency test suites.
9b8d81f🔗 GitLab Provider Routing: Fixed an issue where the GitLab provider failed to retrieve URLs when hosted on the same host.
bafda32📡 Gitea/Forgejo Stability: Added retry logic for Gitea status updates and migrated Gitea integration to use the Forgejo SDK.
7a00a56,152ce93🧹 Catalog Cleanup: Removed the deprecated public Tekton Hub as a built-in catalog to favor modern repository standards.
882c31b📊 Status Sync: Corrected logic to ensure pending and running commit statuses are accurately synchronized with the provider platform.
7ca0bd9🧩 Safety Checks: Added handling for nil bodies in CEL evaluations to prevent controller crashes during specific event processing.
8b8ddda🚨 Linting Fixes: Resolved prealloc and other golangci-lint errors to maintain code quality standards.
d6d9f48,d5d71cf🧰 Misc / Maintenance
🤖 Agent Migration: Moved project skills and documentation to the new AGENTS.md and Claude-based format.
01dfc83🏗️ Architecture Refactoring: Renamed internal Gitea structures to Forgejo and migrated secondary controller installation to use startpaac.
fba88e7,8aee3e7📦 Go Version Bump: Updated Golang versions in Tekton configurations for improved performance and security.
4961902🧹 Repo Hygiene: Updated .gitignore to include temporary directories and removed obsolete local CI development scripts.
c26acc7,4376b32🔒 Security Hardening: Integrated minica CA certificates into E2E workflows and added necessary secrets to environment workflows.
b82a29b,c84902d🧪 E2E Tooling: Integrated gosmee for the main controller and Gitea in E2E tests to improve webhook replay capabilities.
6b4af55,c8ab303📝 Style Guide: Updated Vale style guide links to maintain documentation consistency.
cff5590🐳 Modernized Base Images: Upgraded project base images to UBI 10 to ensure the latest security patches and runtime compliance.
63bd2d9🛠️ Infrastructure Upgrades: Updated the CI workflow and Kind configurations to improve development environment reliability.
032d13c⚡ Optimized E2E Testing: Enabled parallel binary building during end-to-end tests to significantly reduce CI wait times.
6addfb3🐍 Dependency Update: bump pyasn1 from 0.6.1 to 0.6.2 in /hack/pr-ci
582d56d🐍 Dependency Update: bump urllib3 from 2.6.2 to 2.6.3 in /hack/pr-ci
177abe3📦 Dependency Update: Update dependencies
f98d1d5📦 Dependency Update: Update python dependencies
b681ad5🚮 Cleanup: Remove code.gitea.io/gitea
0a22413Documentation
The documentation for this release is available here :
https://release-v0-41-0.pipelines-as-code.pages.dev
Changelog
bcdb85f: Revert "fix: Increase loop max in concurrent PR test" (@chmouel)582d56d: chore(deps): bump pyasn1 from 0.6.1 to 0.6.2 in /hack/pr-ci (@dependabot[bot])177abe3: chore(deps): bump urllib3 from 2.6.2 to 2.6.3 in /hack/pr-ci (@dependabot[bot])0a22413: chore(deps): remove code.gitea.io/gitea (@theakshaypant)6b4af55: chore: Add gosmee for main controller E2E test (@chmouel)c84902d: chore: Add secrets to the env workflows (@chmouel)c26acc7: chore: Add temporary directories to gitignore (@chmouel)a92013e: chore: Fix makefile ignore when collecting files (@chmouel)b82a29b: chore: Install minica CA certificate in e2e workflow (@chmouel)7ea8473: chore: Migrate CI to forgejo (@chmouel)cff5590: chore: Update Vale style guide links (@chmouel)f98d1d5: chore: Update dependencies (@chmouel)4961902: chore: Update golang version in Tekton configurations (@chmouel)b681ad5: chore: Update python dependencies (@chmouel)01dfc83: chore: move to Claude skills and AGENTS.md (@chmouel)e95b4e7: feat(cel): add direct custom param variable access in expressions (@theakshaypant)18413b1: feat(github): add glob pattern support for token scope repos (@theakshaypant)6addfb3: feat: Build binaries in parallel in e2e (@chmouel)751f931: feat: Support arbitrary CEL expressions with cel: prefix (@chmouel)032d13c: feat: Update CI workflow and Kind configuration (@chmouel)63bd2d9: feat: Update base images to UBI 10 (@chmouel)1a3b241: fix(matcher): prevent CEL from matching label events unintentionally (@theakshaypant)c8ab303: fix: Add gosmee replay for Gitea controller (@chmouel)7a00a56: fix: Add retry logic for Gitea status updates (@chmouel)618fac5: fix: Add retry logic for PR lookup on merge commits (@zakisk)9b8d81f: fix: Filter PipelineRuns by SHA in concurrency tests (@chmouel)bafda32: fix: GitLab provider getting a URL on same host (@chmouel)fda8d68: fix: Increase loop max in concurrent PR test (@chmouel)3b30e03: fix: Remove redundant gosmee client setup for Gitea (@chmouel)152ce93: fix: Update Gitea to use Forgejo SDK (@chmouel)7ca0bd9: fix: correctly update pending and running commit status (#2341) (@ab-ghosh)8b8ddda: fix: handle nil body in CEL eval (@chmouel)d6d9f48: fix: prealloc error in golangci-lint (@zakisk)882c31b: fix: remove deprecated public Tekton Hub as built-in catalog (@chmouel)c690b58: fix: report cancelled status when PipelineRun is deleted (@zakisk)6a956e4: fix: skip MR comment for non-permission errors (#2340) (@ab-ghosh)4376b32: refactor: Remove old local ci dev scripts (@chmouel)fba88e7: refactor: Rename Gitea structs to forgejostructs (@chmouel)8aee3e7: refactor: Use startpaac to install second controller (@chmouel)d5d71cf: refactor: reenable prealloc and fix it properly (@chmouel)v0.40.0Compare Source
OpenShift Pipelines as Code v0.40.0 has been released 🥳
✨ Features
✨ Require explicit
bodyandheadersflags for CEL expressions, making webhook CEL evaluation stricter and more explicit🔗
1eabf1c⚡ Cache
vcs.GetFiles()results to reduce redundant VCS API calls, significantly improving performance on large repositories🔗
9175257⏭️ Add support for a “skip CI” command, allowing users to explicitly bypass CI execution from commit or PR commands
🔗
222e82b🐛 Bug Fixes
🧪 Disable retry logic in the GitLab test client, reducing GitLab provider test runtime from ~60s to under 1s
🔗
ebd538b🔐 Fix GitLab permission checks to respect the
remember-ok-to-testsetting, aligning authorization behavior with configuration🔗
6a0d179📄 Ensure GitLab
GetFilesandCreateCommentcorrectly page through API results, preventing missing files or comments🔗
9d60ff7🧩 Add nil checks in CEL webhook parsers, preventing panics on malformed or incomplete payloads
🔗
605306d🏷️ Assign unique status names for Bitbucket Cloud checks, avoiding collisions in status reporting
🔗
fba42f2🧾 Lower log level for GitHub skip messages from error to info, reducing log noise for expected behavior
🔗
5b4173f🔄 Do not return an error when PipelineRun patching fails, improving controller robustness during transient failures
🔗
420f4c0🧭 Automatically detect Tekton Hub type when catalog type is empty, fixing task resolution edge cases
🔗
063c543📝 Fix markdownlint failures introduced by newer markdownlint versions, restoring CI stability
🔗
5b220d7🧰 Misc / Maintenance
📦 Bump
actions/checkoutfrom v5 to v6 to align CI with the latest GitHub Actions runtime🔗
565420c📦 Bump
actions/upload-artifactfrom v5 to v6, moving CI artifacts to Node.js 24🔗
e6870e6🔐 Update
golang.org/x/cryptodependency, pulling in upstream security and correctness fixes🔗
c8dc5d4🧹 Refine golangci-lint configuration, scoping revive exclusions and enforcing exhaustive switch defaults
🔗
4d75ddc🔗
2be7e0b📚 CLI documentation cleanup, reformatting curl examples for clarity
🔗
610dd2cInstallation
To install this version you can install the release.yaml with
kubectlfor your platform :Openshift
Kubernetes
Documentation
The documentation for this release is available here :
https://release-v0-40-0.pipelines-as-code.pages.dev
Changelog
565420c: chore(deps): bump actions/checkout from 5 to 6 (@dependabot[bot])e6870e6: chore(deps): bump actions/upload-artifact from 5 to 6 (@dependabot[bot])c8dc5d4: chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.45.0 (@dependabot[bot])4d75ddc: chore(lint): scope revive var-naming exclusion to specific packages (@theakshaypant)2be7e0b: chore(lint): set golangci default switch case as exhaustive (@aThorp96)610dd2c: docs(cli): reformat curl command example to single line (@theakshaypant)1eabf1c: feat(cel): require body and headers flags (@theakshaypant)9175257: feat(perf): cachevcs.GetFiles()to reduce redundant VCS API volume (@aThorp96)222e82b: feat: add skip CI command support (@theakshaypant)fba42f2: fix(bitbucket-cloud): assign unique statue name in Bitbucket Cloud (@zakisk)605306d: fix(cel): add nil checks to prevent panics in webhook parsers (@theakshaypant)5b4173f: fix(github): change skip log level from error to info (@infernus01)6a0d179: fix(gitlab): check permission according to RememberOkToTest setting (@zakisk)ebd538b: fix(gitlab): disable retry logic in test client (@infernus01)9d60ff7: fix(giConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.