Bump the go-deps group across 1 directory with 17 updates

[dependabot]

Bumps the go-deps group with 11 updates in the / directory:

Package	From	To
github.com/ProtonMail/go-crypto	1.1.3	1.1.5
github.com/cyphar/filepath-securejoin	0.3.5	0.4.1
github.com/fluxcd/pkg/apis/acl	0.5.0	0.6.0
github.com/fluxcd/pkg/apis/event	0.13.0	0.16.0
github.com/fluxcd/pkg/apis/meta	1.9.0	1.10.0
github.com/fluxcd/pkg/auth	0.2.0	0.3.0
github.com/fluxcd/pkg/git	0.23.0	0.24.0
github.com/fluxcd/pkg/git/gogit	0.23.0	0.24.0
github.com/fluxcd/pkg/runtime	0.52.0	0.53.0
github.com/google/go-containerregistry	0.20.2	0.20.3
github.com/otiai10/copy	1.14.0	1.14.1

Updates github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.5

Release notes

Sourced from github.com/ProtonMail/go-crypto's releases.

Release v1.1.5

What's Changed

• Check binding signature details against primary key by @​twiss in ProtonMail/go-crypto#264

Full Changelog: ProtonMail/go-crypto@v1.1.4...v1.1.5

Release v1.1.5-proton

What's Changed

This release is v1.1.5 with support for the following non-standardized features:

• Presistent symmetric keys draft-ietf-openpgp-persistent-symmetric-keys-00
• Automatic forwarding draft-wussler-openpgp-forwarding-00
• Post-quantum algorithms draft-ietf-openpgp-pqc

Release v1.1.4

What's Changed

• Emit armor headers in sorted order by @​andrewgdotcom in ProtonMail/go-crypto#255
• Reduce memory usage when AEAD en/decrypting large messages by @​twiss in ProtonMail/go-crypto#259
• Update artifact actions to v4 by @​twiss in ProtonMail/go-crypto#260

Full Changelog: ProtonMail/go-crypto@v1.1.3...v1.1.4

Release v1.1.4-proton

What's Changed

This release is v1.1.4 with support for the following non-standardized features:

• Presistent symmetric keys draft-ietf-openpgp-persistent-symmetric-keys-00
• Automatic forwarding draft-wussler-openpgp-forwarding-00
• Post-quantum algorithms draft-ietf-openpgp-pqc

Commits

• d703f49 Check binding signature details against primary key (#264)
• 72cacd5 ci: Update openpgp-interop-test-analyzer to v2.1.0 (#243)
• 3de0301 Update artifact actions to v4 (#260)
• be3aef0 Merge pull request #259 from ProtonMail/less-memory-large-msgs
• 1fd5ec8 Add tests for reusing buffer in OCB en/decryption
• df3ee02 Buffer decrypted bytes more efficiently
• 04cfaf2 Reuse plaintext slice for ciphertext when encrypting
• fee7824 Reuse ciphertext slice for plaintext when decrypting
• 6fa7f91 Preallocate the chunk size rather than buffering
• add07bd Don't allocate the nonce for each chunk
• Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.5 to 0.4.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.4.1

This release fixes a regression introduced in one of the hardening features added to filepath-securejoin 0.4.0.

• The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths. (#46)

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

v0.4.0

This release primarily includes a few minor breaking changes to make the MkdirAll and SecureJoin interfaces more robust against accidental misuse.

• SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

  While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

  All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

  Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

• MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

  However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.4.1] - 2025-01-28

Fixed

• The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths.

[0.4.0] - 2025-01-13

Breaking

• SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

  While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

  All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

  Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

• MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

  However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

[0.3.6] - 2024-12-17

Compatibility

• The minimum Go version requirement for filepath-securejoin is now Go 1.18 (we use generics internally).

... (truncated)

Commits

• 7abd870 VERSION: release v0.4.1
• 509a359 merge #47 into cyphar/filepath-securejoin:main
• fbaef26 join: loosen cleanliness requirements for SecureJoin root
• 54460df merge #45 into cyphar/filepath-securejoin:main
• 14e6cfe VERSION: back to development
• 9a17e6b VERSION: release v0.4.0
• e410d4a merge #44 into cyphar/filepath-securejoin:main
• ea4e5b6 gha: add GOARCH=386 build check
• 0c2fbe6 mkdirall: switch to os.FileMode argument
• f3a512c merge #43 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/acl from 0.5.0 to 0.6.0

Commits

• 288cd7a Merge pull request #752 from fluxcd/handle-in-cluster-annotation
• 4971c85 Return a DiffTypeExclude when exclusion annotation is set in cluster
• 46467e7 Merge pull request #754 from fluxcd/update-docker
• 43f36aa Update docker dependencies
• e350b5b Merge pull request #750 from fluxcd/update-deps-go-1.22
• 3ad72d9 Update dependencies to Go 1.22 and Kubernetes 1.29.3
• 6ad47ef Merge pull request #751 from fluxcd/disable-bitbucket-server-tests
• 9ba119b Disable bitbucket-server e2e
• e8f9e40 Merge pull request #723 from gdasson/main
• 5c27146 Adding common "reason" constants
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/event from 0.13.0 to 0.16.0

Commits

• 91eda6e Merge pull request #694 from fluxcd/git-deps-up
• 2a64584 Use gomega in sourceignore
• 46577cd Update golang.org dependencies
• e6b6af7 Merge pull request #685 from knutgoetz/chore/gogit/delete-gogiterror-function
• cbc2172 Delete obsolete goGitError function
• 02723c3 Merge pull request #693 from fluxcd/go-git-v5.10.1
• 3715de1 Update go-git to v5.10.1
• ce91255 Merge pull request #692 from fluxcd/ssa-nits
• 8fc4505 ssa: prevent unnecessary DeepCopy
• cc07605 Merge pull request #691 from fluxcd/jsondiff-include-obj
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.9.0 to 1.10.0

Commits

• 2f763a4 Merge pull request #857 from fluxcd/custom-healthchecks
• a6353b2 Add healthcheck expressions to kustomize types
• af0f283 Merge pull request #859 from fluxcd/cel-meta
• 1178930 Add InvalidCELExpressionReason to apis/meta
• f39dac4 Merge pull request #861 from fluxcd/deps-kube-v0.32.1
• 70e88cb Update dependencies
• f59d360 Merge pull request #850 from kane8n/support-sparse-checkout
• a033d2f support sparse checkout
• 528bc56 Merge pull request #856 from fluxcd/get-revision
• a189152 Add GetRevision() to Event API
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/auth from 0.2.0 to 0.3.0

Commits

• 57d9588 Merge pull request #655 from fluxcd/oci-skip-symlinks
• c62dc82 Skip symlinks during OCI layer decompression
• 4f69e78 Merge pull request #653 from errordeveloper/pull-any-artifact
• 887bad4 oci/clinet: ensure Pull sets URL field in metadata it returns
• 3b8d634 oci/client: drop custom platfrom from default client options
• 0202722 oci/client: relax annotation parser
• 56bc0ab Merge pull request #654 from fluxcd/dependabot/github_actions/ci-663ed1f0b6
• 10fa7df build(deps): bump the ci group with 1 update
• 83f76d6 Merge pull request #652 from fluxcd/dependabot/github_actions/ci-d24d09982f
• 5c0b256 build(deps): bump the ci group with 3 updates
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git from 0.23.0 to 0.24.0

Commits

• c964ce7 Merge pull request #858 from fluxcd/custom-healthchecks-impl
• 62d235c Add CEL library with custom healthchecks to runtime
• 243510f Merge pull request #863 from fluxcd/dependabot/github_actions/ci-83dfb6cda2
• 3cffbeb build(deps): bump the ci group across 1 directory with 3 updates
• 2f763a4 Merge pull request #857 from fluxcd/custom-healthchecks
• a6353b2 Add healthcheck expressions to kustomize types
• af0f283 Merge pull request #859 from fluxcd/cel-meta
• 1178930 Add InvalidCELExpressionReason to apis/meta
• f39dac4 Merge pull request #861 from fluxcd/deps-kube-v0.32.1
• 70e88cb Update dependencies
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git/gogit from 0.23.0 to 0.24.0

Commits

• c964ce7 Merge pull request #858 from fluxcd/custom-healthchecks-impl
• 62d235c Add CEL library with custom healthchecks to runtime
• 243510f Merge pull request #863 from fluxcd/dependabot/github_actions/ci-83dfb6cda2
• 3cffbeb build(deps): bump the ci group across 1 directory with 3 updates
• 2f763a4 Merge pull request #857 from fluxcd/custom-healthchecks
• a6353b2 Add healthcheck expressions to kustomize types
• af0f283 Merge pull request #859 from fluxcd/cel-meta
• 1178930 Add InvalidCELExpressionReason to apis/meta
• f39dac4 Merge pull request #861 from fluxcd/deps-kube-v0.32.1
• 70e88cb Update dependencies
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/gittestserver from 0.15.0 to 0.16.0

Commits

• 91eda6e Merge pull request #694 from fluxcd/git-deps-up
• 2a64584 Use gomega in sourceignore
• 46577cd Update golang.org dependencies
• e6b6af7 Merge pull request #685 from knutgoetz/chore/gogit/delete-gogiterror-function
• cbc2172 Delete obsolete goGitError function
• 02723c3 Merge pull request #693 from fluxcd/go-git-v5.10.1
• 3715de1 Update go-git to v5.10.1
• ce91255 Merge pull request #692 from fluxcd/ssa-nits
• 8fc4505 ssa: prevent unnecessary DeepCopy
• cc07605 Merge pull request #691 from fluxcd/jsondiff-include-obj
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.52.0 to 0.53.0

Commits

• c964ce7 Merge pull request #858 from fluxcd/custom-healthchecks-impl
• 62d235c Add CEL library with custom healthchecks to runtime
• 243510f Merge pull request #863 from fluxcd/dependabot/github_actions/ci-83dfb6cda2
• 3cffbeb build(deps): bump the ci group across 1 directory with 3 updates
• 2f763a4 Merge pull request #857 from fluxcd/custom-healthchecks
• a6353b2 Add healthcheck expressions to kustomize types
• af0f283 Merge pull request #859 from fluxcd/cel-meta
• 1178930 Add InvalidCELExpressionReason to apis/meta
• f39dac4 Merge pull request #861 from fluxcd/deps-kube-v0.32.1
• 70e88cb Update dependencies
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/ssh from 0.16.0 to 0.17.0

Commits

• 31388ce Merge pull request #727 from fluxcd/distribution-up
• 328eb42 Update OCI distribution to v3.0.0-alpha.1
• 7fabcd8 Merge pull request #684 from somtochiama/pull-static-file-oci
• a330445 fix options
• 255f8fc test for static archive
• f155227 refactor test
• 8687514 implement pull static artifact
• 4624208 Merge pull request #726 from fluxcd/deps-kube-v0.28.6
• 30da897 Update dependencies
• 63e3e9c Merge pull request #725 from fluxcd/dependabot/github_actions/ci-f38fbd1956
• Additional commits viewable in compare view

Updates github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.2

Release notes

Sourced from github.com/go-git/go-billy/v5's releases.

v5.6.2

What's Changed

• Enable the iofs adapter to also return other interfaces from io/fs by @​JAORMX in go-git/go-billy#102
• build: Bump dependencies by @​pjbgf in go-git/go-billy#103

New Contributors

• @​JAORMX made their first contribution in go-git/go-billy#102

Full Changelog: go-git/go-billy@v5.6.1...v5.6.2

v5.6.1

What's Changed

• build: bump github/codeql-action from 3.26.11 to 3.27.0 by @​dependabot in go-git/go-billy#88
• build: bump github/codeql-action from 3.27.0 to 3.27.1 by @​dependabot in go-git/go-billy#89
• build: bump github/codeql-action from 3.27.1 to 3.27.4 by @​dependabot in go-git/go-billy#90
• build: bump github/codeql-action from 3.27.4 to 3.27.5 by @​dependabot in go-git/go-billy#91
• Bump dependencies and build housekeeping by @​pjbgf in go-git/go-billy#95

Full Changelog: go-git/go-billy@v5.6.0...v5.6.1

Commits

• 9f8b16d Merge pull request #103 from pjbgf/bump-deps
• 783f58c build: Bump dependencies
• 0009381 Merge pull request #102 from JAORMX/iofs-extra-interfaces-v5
• 21beb15 Enable the iofs adapter to also return other interfaces from io/fs
• a6c6b50 Merge pull request #95 from pjbgf/pre-release
• f4615d3 build: Remove test_js workflow
• ae8b61b build: Bump workflows Go versions
• b412339 build: Align dependabot settings with go-git
• d982317 build: Bump Go to 1.21 and dependencies
• 9ca623c Merge pull request #91 from go-git/dependabot/github_actions/github/codeql-ac...
• Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.12.0 to 5.13.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.13.2

What's Changed

• plumbing: use the correct user agent string. Fixes #883 by @​uragirii in go-git/go-git#1364
• build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @​dependabot in go-git/go-git#1365
• build: bump the golang-org group with 2 updates by @​dependabot in go-git/go-git#1367
• build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @​dependabot in go-git/go-git#1368
• build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @​dependabot in go-git/go-git#1378
• build: bump github/codeql-action from 3.28.0 to 3.28.1 by @​dependabot in go-git/go-git#1376
• build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @​dependabot in go-git/go-git#1377
• git: worktree, fix restoring dot slash files (backported to v5). Fixes #1176 by @​BeChris in go-git/go-git#1361
• build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by @​dependabot in go-git/go-git#1392
• git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes #1150 by @​BeChris in go-git/go-git#1359
• build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by @​dependabot in go-git/go-git#1383

Full Changelog: go-git/go-git@v5.13.1...v5.13.2

v5.13.1

What's Changed

• build: bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 by @​dependabot in go-git/go-git#1327
• build: bump github.com/elazarl/goproxy from 1.2.1 to 1.2.2 by @​dependabot in go-git/go-git#1329
• build: bump github.com/elazarl/goproxy from 1.2.2 to 1.2.3 by @​dependabot in go-git/go-git#1340
• Revert "plumbing: transport/ssh, Add support for SSH @​cert-authority." by @​pjbgf in #1346

Full Changelog: go-git/go-git@v5.13.0...v5.13.1

v5.13.0

What's Changed

• build: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by @​dependabot in go-git/go-git#1065
• build: bump golang.org/x/net from 0.22.0 to 0.23.0 by @​dependabot in go-git/go-git#1068
• build: bump golang.org/x/net from 0.23.0 to 0.24.0 by @​dependabot in go-git/go-git#1071
• Properly support skipping of non-mandatory extensions by @​codablock in go-git/go-git#1066
• git: Refine some codes in test and non-test. by @​onee-only in go-git/go-git#1077
• plumbing: protocol/packp, client-side filter capability support by @​edigaryev in go-git/go-git#1000
• build: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by @​dependabot in go-git/go-git#1078
• plumbing: fix sideband demux on flush by @​aymanbagabas in go-git/go-git#1084
• storage: dotgit, head reference usually comes first by @​aymanbagabas in go-git/go-git#1085
• build: bump golang.org/x/text from 0.14.0 to 0.15.0 by @​dependabot in go-git/go-git#1091
• build: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @​dependabot in go-git/go-git#1094
• build: bump golang.org/x/net from 0.24.0 to 0.25.0 by @​dependabot in go-git/go-git#1093
• git: Added an example for Repository.Branches by @​johnmatthiggins in go-git/go-git#1088
• git: worktree_commit, Modify checking empty commit. Fixes #723 by @​onee-only in go-git/go-git#1050
• plumbing: transport/http, Wrap http errors to return reason. Fixes #1097 by @​ggambetti in go-git/go-git#1100
• build: bump golang.org/x/sys from 0.20.0 to 0.21.0 by @​dependabot in go-git/go-git#1106
• build: bump golang.org/x/text from 0.15.0 to 0.16.0 by @​dependabot in go-git/go-git#1107
• Bumps Go versions and go-billy by @​pjbgf in go-git/go-git#1056
• _examples: Fixed a dead link COMPATIBILITY.md by @​gecko655 in go-git/go-git#1109
• build: bump github.com/jessevdk/go-flags from 1.5.0 to 1.6.1 in /cli/go-git by @​dependabot in go-git/go-git#1115
• build: bump github.com/elazarl/goproxy from v0.0.0-20230808193330-2592e75ae04a to v0.0.0-20240618083138-03be62527ccb by @​hbelmiro in go-git/go-git#1124
• build: bump golang.org/x/net from 0.25.0 to 0.26.0 by @​dependabot in go-git/go-git#1104

... (truncated)

Commits

• 2c68247 Merge pull request #1383 from go-git/dependabot/go_modules/github.com/ProtonM...
• d462c2e Merge pull request #1359 from BeChris/issue1150-v5
• 32ac23a Merge pull request #1392 from go-git/dependabot/go_modules/github.com/pjbgf/s...
• 93e635a build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2
• b2bb975 git: worktree_status, took into account code review remarks
• 518ac88 git: worktree_status, fix adding dot slash files to working tree (backported ...
• 21b3150 build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5
• 189e7e4 Merge pull request #1361 from BeChris/issue1176-v5
• 654815a Merge pull request #1377 from go-git/dependabot/go_modules/github.com/elazarl...
• 91dbdb9 Merge pull request #1376 from go-git/dependabot/github_actions/github/codeql-...
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/onsi/gomega from 1.36.1 to 1.36.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.2

Maintenance

• Bump nokogiri from 1.16.3 to 1.16.5 in /docs by @​dependabot in onsi/gomega#757
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 by @​dependabot in onsi/gomega#808
• Bump golang.org/x/net from 0.30.0 to 0.33.0 by @​dependabot in onsi/gomega#807
• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 by @​dependabot in onsi/gomega#810

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.2

Maintenance

• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 (#810) [9a7609d]
• Bump golang.org/x/net from 0.30.0 to 0.33.0 (#807) [b6cb028]
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 (#808) [5756529]
• Bump nokogiri from 1.16.3 to 1.16.5 in /docs (#757) [dabc12e]

Commits

• bb0e550 v1.36.2
• 9a7609d Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 (#810)
• b6cb028 Bump golang.org/x/net from 0.30.0 to 0.33.0 (#807)
• 5756529 Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 (#808)
• dabc12e Bump nokogiri from 1.16.3 to 1.16.5 in /docs (#757)
• See full diff in compare view

Updates github.com/otiai10/copy from 1.14.0 to 1.14.1

Commits

• 5ef5923 Revert "CopyMethod" since it's not ready
• 49b0b59 Merge pull request #164 from eth-p/feat-copymethod-api
• f530620 ci: Allow triggering Go workflow manually
• b4dd789 refactor: Split common code out of CopyBytes
• 9205813 feat: Add FileCopyMethod option / API
• 2f93b8f Merge pull request #159 from otiai10/dependabot/go_modules/main/golang.org/x/...
• 87072f3 Bump golang.org/x/sys from 0.23.0 to 0.24.0
• d0690cb Merge pull request #158 from otiai10/dependabot/go_modules/main/golang.org/x/...
• b87119d Bump golang.org/x/sys from 0.22.0 to 0.23.0
• 355527c Merge pull request #157 from otiai10/dependabot/go_modules/main/golang.org/x/...
• Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.5 to 1.0.6

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.6

What's Changed

• Add exported functions to preserve pkg/flag compatibility by @​mckern in spf13/pflag#220
• remove dead code for checking error nil by @​yashbhutwala in spf13/pflag#282
• Add IPNetSlice and unit tests by @​rpothier in spf13/pflag#170
• allow for blank ip addresses by @​duhruh in spf13/pflag#316
• add github actions by @​sagikazarmark in spf13/pflag#419

New Contributors

• @​mckern made their first contribution in spf13/pflag#220

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.