⬆️ Bump the gomod-deps group with 4 updates #566

dependabot · 2024-09-01T04:15:52Z

Bumps the gomod-deps group with 4 updates: github.com/gorilla/sessions, github.com/ory/dockertest/v3, golang.org/x/oauth2 and google.golang.org/api.

Updates github.com/gorilla/sessions from 1.3.0 to 1.4.0

Release notes

Sourced from github.com/gorilla/sessions's releases.

v1.4.0

Summary

There were new features important for compatibility with some of the upcoming cookie security changes with google that required a new Partitioned attribute be added to the cookies, this attribute was only available in go 1.23, which has just recently been released.

If you require a version that is backward compatible with a lower version than go 1.23 then you'll need to use release v1.3.0.

The following notes show the difference between 1.2.2 and the current version because 1.3.0 was a hotfix for go 1.22 and below.

What's Changed

Improve File System Path Handling by @moloch-- in gorilla/sessions#274

#272: feat: Add support for paritioned attribute in cookies as per chrome 3rd party cookie phaseout by @kashishbehl in gorilla/sessions#273

fix no default samesite by @bharat-rajani in gorilla/sessions#276

Fix gorillatoolkit link in README.md by @mbacalan in gorilla/sessions#278

Add mysql store to the readme by @danielepintore in gorilla/sessions#279

New Contributors

@moloch-- made their first contribution in gorilla/sessions#274

@kashishbehl made their first contribution in gorilla/sessions#273

@bharat-rajani made their first contribution in gorilla/sessions#276

@mbacalan made their first contribution in gorilla/sessions#278

@danielepintore made their first contribution in gorilla/sessions#279

Full Changelog: gorilla/sessions@v1.2.2...v1.4.0

Commits

bb4cd60 chore: Update readme to relect go 1.23 release
e2083f9 chore: update to go 1.23 for workflows
6eef180 fix: Missing SameSite attribute on options
a56e60c Add mysql store to the readme (#279)
466d29e chore: Update readme and copyrights
7a8159e chore(go): Remove go version 1.11 support
ff5660f chore(go): Add warning about main branch
8e2d547 chore(go): Remove vendored dependencies
See full diff in compare view

Updates github.com/ory/dockertest/v3 from 3.10.0 to 3.11.0

Release notes

Sourced from github.com/ory/dockertest/v3's releases.

v3.11.0

What's Changed

chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.6 by @dependabot in ory/dockertest#435

chore(deps): bump github.com/Microsoft/go-winio from 0.6.0 to 0.6.1 by @dependabot in ory/dockertest#437

chore(deps): bump github.com/lib/pq from 0.0.0-20180327071824-d34b9ff171c2 to 1.10.8 by @dependabot in ory/dockertest#438

chore(deps): bump github.com/docker/docker from 20.10.7+incompatible to 20.10.24+incompatible by @dependabot in ory/dockertest#426

chore(deps): bump actions/checkout from 2 to 3 by @dependabot in ory/dockertest#427

chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @dependabot in ory/dockertest#450

chore(deps): bump github.com/containerd/continuity from 0.3.0 to 0.4.1 by @dependabot in ory/dockertest#451

chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.3 by @dependabot in ory/dockertest#449

chore(deps): bump github.com/opencontainers/runc from 1.1.6 to 1.1.7 by @dependabot in ory/dockertest#442

chore(deps): bump golang.org/x/sys from 0.7.0 to 0.8.0 by @dependabot in ory/dockertest#445

chore(deps): bump github.com/moby/term from 0.0.0-20201216013528-df9cb8a40635 to 0.5.0 by @dependabot in ory/dockertest#446

chore(deps): bump github.com/docker/cli from 20.10.17+incompatible to 24.0.1+incompatible by @dependabot in ory/dockertest#448

chore: bump dependencies and fix some lint by @alnr in ory/dockertest#499

chore(deps): bump golang.org/x/sys from 0.19.0 to 0.21.0 by @dependabot in ory/dockertest#501

chore(deps): bump actions/checkout from 2 to 4 by @dependabot in ory/dockertest#475

feat: fall back to podman if available by @SoMuchForSubtlety in ory/dockertest#452

test: refactor asserts by @alexandear in ory/dockertest#497

use defer instead of os.Exit(m.Run()) by @pmenglund in ory/dockertest#493

docs: remove outdated dep install instruction by @alexandear in ory/dockertest#505

chore: remove direct dependency on gotest.tools/v3 by @alexandear in ory/dockertest#504

chore: replace deprecated ioutil.TempDir with os.MkdirTemp by @alexandear in ory/dockertest#506

chore(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 by @dependabot in ory/dockertest#509

move tests to dockertest_test package by @siraj-mx51 in ory/dockertest#490

chore(deps): bump github.com/opencontainers/image-spec from 1.0.2 to 1.1.0 by @dependabot in ory/dockertest#510

chore(deps): bump actions/setup-node from 2.pre.beta to 4.0.2 by @dependabot in ory/dockertest#503

chore(deps): bump actions/setup-go from 4 to 5 by @dependabot in ory/dockertest#508

chore(deps): bump actions/stale from 4 to 9 by @dependabot in ory/dockertest#507

feat: introduce cve scanners by @Demonsthere in ory/dockertest#500

chore: update docker to v27.1.1 by @adamwalach in ory/dockertest#522

New Contributors

@alnr made their first contribution in ory/dockertest#499

@SoMuchForSubtlety made their first contribution in ory/dockertest#452

@siraj-mx51 made their first contribution in ory/dockertest#490

@Demonsthere made their first contribution in ory/dockertest#500

@adamwalach made their first contribution in ory/dockertest#522

Full Changelog: ory/dockertest@v3.10.0...v3.11.0

Commits

6110e9a chore: update docker to v27.1.1 (#522)
d229e74 feat: introduce cve scanners (#500)
1b46b29 chore(deps): bump actions/stale from 4 to 9 (#507)
44496a3 chore(deps): bump actions/setup-go from 4 to 5 (#508)
1aa8cd7 chore(deps): bump actions/setup-node from 2.pre.beta to 4.0.2 (#503)
0c91bda chore(deps): bump github.com/opencontainers/image-spec (#510)
3328cf9 move tests to dockertest_test package (#490)
05f6347 chore(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 (#509)
6539ccd chore: replace deprecated ioutil.TempDir with os.MkdirTemp (#506)
84015fd chore: remove direct dependency on gotest.tools/v3 (#504)
Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.21.0 to 0.22.0

Commits

6d8340f LICENSE: update per Google Legal
See full diff in compare view

Updates google.golang.org/api from 0.189.0 to 0.195.0

Release notes

Sourced from google.golang.org/api's releases.

v0.195.0

0.195.0 (2024-08-28)

Features

all: Auto-regenerate discovery clients (#2750) (6bdae51)

all: Auto-regenerate discovery clients (#2752) (5b1ebe2)

all: Auto-regenerate discovery clients (#2753) (70a68c2)

all: Auto-regenerate discovery clients (#2755) (3f3bd66)

all: Auto-regenerate discovery clients (#2756) (e907e01)

all: Auto-regenerate discovery clients (#2759) (04cbad8)

v0.194.0

0.194.0 (2024-08-22)

Features

all: Auto-regenerate discovery clients (#2746) (5d61f08)

Bug Fixes

gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

v0.193.0

0.193.0 (2024-08-20)

Features

all: Auto-regenerate discovery clients (#2733) (4118ec2)

all: Auto-regenerate discovery clients (#2736) (6b81f1a)

all: Auto-regenerate discovery clients (#2737) (a2308c1)

all: Auto-regenerate discovery clients (#2738) (7296c72)

all: Auto-regenerate discovery clients (#2739) (9d915ff)

all: Auto-regenerate discovery clients (#2742) (cb825c8)

v0.192.0

0.192.0 (2024-08-13)

Features

all: Auto-regenerate discovery clients (#2725) (b2c7c05)

all: Auto-regenerate discovery clients (#2727) (36e3fa7)

all: Auto-regenerate discovery clients (#2728) (97c7f2e)

all: Auto-regenerate discovery clients (#2729) (a0ed1f3)

Move storage, bigquery, and compute to new auth lib (#2730) (2b4e9f4)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.195.0 (2024-08-28)

Features

all: Auto-regenerate discovery clients (#2750) (6bdae51)

all: Auto-regenerate discovery clients (#2752) (5b1ebe2)

all: Auto-regenerate discovery clients (#2753) (70a68c2)

all: Auto-regenerate discovery clients (#2755) (3f3bd66)

all: Auto-regenerate discovery clients (#2756) (e907e01)

all: Auto-regenerate discovery clients (#2759) (04cbad8)

0.194.0 (2024-08-22)

Features

all: Auto-regenerate discovery clients (#2746) (5d61f08)

Bug Fixes

gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

0.193.0 (2024-08-20)

Features

all: Auto-regenerate discovery clients (#2733) (4118ec2)

all: Auto-regenerate discovery clients (#2736) (6b81f1a)

all: Auto-regenerate discovery clients (#2737) (a2308c1)

all: Auto-regenerate discovery clients (#2738) (7296c72)

all: Auto-regenerate discovery clients (#2739) (9d915ff)

all: Auto-regenerate discovery clients (#2742) (cb825c8)

0.192.0 (2024-08-13)

Features

all: Auto-regenerate discovery clients (#2725) (b2c7c05)

all: Auto-regenerate discovery clients (#2727) (36e3fa7)

all: Auto-regenerate discovery clients (#2728) (97c7f2e)

all: Auto-regenerate discovery clients (#2729) (a0ed1f3)

Move storage, bigquery, and compute to new auth lib (#2730) (2b4e9f4)

Bug Fixes

... (truncated)

Commits

f9bde01 chore(main): release 0.195.0 (#2751)
04cbad8 feat(all): auto-regenerate discovery clients (#2759)
e907e01 feat(all): auto-regenerate discovery clients (#2756)
47629a1 chore(all): update all to 4ba0660 (#2754)
3f3bd66 feat(all): auto-regenerate discovery clients (#2755)
70a68c2 feat(all): auto-regenerate discovery clients (#2753)
5b1ebe2 feat(all): auto-regenerate discovery clients (#2752)
6bdae51 feat(all): auto-regenerate discovery clients (#2750)
cd95a34 chore(main): release 0.194.0 (#2747)
eda6a59 fix(gen): change HttpBody.Data from string to any for monitoring:v1 (#2744)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod-deps group with 4 updates: [github.com/gorilla/sessions](https://github.com/gorilla/sessions), [github.com/ory/dockertest/v3](https://github.com/ory/dockertest), [golang.org/x/oauth2](https://github.com/golang/oauth2) and [google.golang.org/api](https://github.com/googleapis/google-api-go-client). Updates `github.com/gorilla/sessions` from 1.3.0 to 1.4.0 - [Release notes](https://github.com/gorilla/sessions/releases) - [Commits](gorilla/sessions@v1.3.0...v1.4.0) Updates `github.com/ory/dockertest/v3` from 3.10.0 to 3.11.0 - [Release notes](https://github.com/ory/dockertest/releases) - [Commits](ory/dockertest@v3.10.0...v3.11.0) Updates `golang.org/x/oauth2` from 0.21.0 to 0.22.0 - [Commits](golang/oauth2@v0.21.0...v0.22.0) Updates `google.golang.org/api` from 0.189.0 to 0.195.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.189.0...v0.195.0) --- updated-dependencies: - dependency-name: github.com/gorilla/sessions dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-deps - dependency-name: github.com/ory/dockertest/v3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-deps - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-deps - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod-deps ... Signed-off-by: dependabot[bot] <[email protected]>

iChemy · 2024-09-02T10:46:23Z

github/codeql-action#2455
codeql が 1.23.0 に対応していなさそうなので gorilla は 1.3.0 にして go のバージョンに変更はなしにする

iChemy

動作確認よし

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 1, 2024

dependabot bot requested a review from iChemy September 1, 2024 04:15

⬆️ update go version for gorilla session

62d0831

iChemy force-pushed the dependabot/go_modules/gomod-deps-b2ea81d4ba branch from 44d2c3e to 62d0831 Compare September 2, 2024 11:31

⬇️ down go version 1.23.0 to 1.22.0 and gorilla version 1.4.0 to 1.3.0

2cacfb9

iChemy approved these changes Sep 2, 2024

View reviewed changes

iChemy merged commit d9414e7 into main Sep 2, 2024

iChemy deleted the dependabot/go_modules/gomod-deps-b2ea81d4ba branch September 2, 2024 11:42

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

⬆️ Bump the gomod-deps group with 4 updates #566

⬆️ Bump the gomod-deps group with 4 updates #566

Uh oh!

dependabot bot commented on behalf of github Sep 1, 2024

Uh oh!

iChemy commented Sep 2, 2024

Uh oh!

iChemy left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

⬆️ Bump the gomod-deps group with 4 updates #566

⬆️ Bump the gomod-deps group with 4 updates #566

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 1, 2024

v1.4.0

Summary

What's Changed

New Contributors

v3.11.0

What's Changed

New Contributors

v0.195.0

0.195.0 (2024-08-28)

Features

v0.194.0

0.194.0 (2024-08-22)

Features

Bug Fixes

v0.193.0

0.193.0 (2024-08-20)

Features

v0.192.0

0.192.0 (2024-08-13)

Features

0.195.0 (2024-08-28)

Features

0.194.0 (2024-08-22)

Features

Bug Fixes

0.193.0 (2024-08-20)

Features

0.192.0 (2024-08-13)

Features

Bug Fixes

Uh oh!

iChemy commented Sep 2, 2024

Uh oh!

iChemy left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants