From 660ce07d20ce1ce4b30137603a6b20dbefc57b52 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 16:18:48 +0000 Subject: [PATCH 01/18] chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#1906) Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.39.0 to 1.40.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.39.0...v1.40.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 8 ++++---- go.sum | 20 ++++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 07ea607ee..5cb63296a 100644 --- a/go.mod +++ b/go.mod @@ -98,10 +98,10 @@ require ( github.com/vektah/gqlparser/v2 v2.5.31 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect go.opentelemetry.io/auto/sdk v1.2.1 // indirect - go.opentelemetry.io/otel v1.39.0 // indirect - go.opentelemetry.io/otel/metric v1.39.0 // indirect - go.opentelemetry.io/otel/sdk v1.39.0 // indirect - go.opentelemetry.io/otel/trace v1.39.0 // indirect + go.opentelemetry.io/otel v1.40.0 // indirect + go.opentelemetry.io/otel/metric v1.40.0 // indirect + go.opentelemetry.io/otel/sdk v1.40.0 // indirect + go.opentelemetry.io/otel/trace v1.40.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/crypto v0.48.0 // indirect diff --git a/go.sum b/go.sum index 3f6f4bb77..1ae7deed3 100644 --- a/go.sum +++ b/go.sum @@ -266,22 +266,22 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0 h1:ssfIgGNANqpVFCndZvcuyKbl0g+UAVcbBcqGkG28H0Y= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0/go.mod h1:GQ/474YrbE4Jx8gZ4q5I4hrhUzM6UPzyrqJYV2AqPoQ= -go.opentelemetry.io/otel v1.39.0 h1:8yPrr/S0ND9QEfTfdP9V+SiwT4E0G7Y5MO7p85nis48= -go.opentelemetry.io/otel v1.39.0/go.mod h1:kLlFTywNWrFyEdH0oj2xK0bFYZtHRYUdv1NklR/tgc8= +go.opentelemetry.io/otel v1.40.0 h1:oA5YeOcpRTXq6NN7frwmwFR0Cn3RhTVZvXsP4duvCms= +go.opentelemetry.io/otel v1.40.0/go.mod h1:IMb+uXZUKkMXdPddhwAHm6UfOwJyh4ct1ybIlV14J0g= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0 h1:f0cb2XPmrqn4XMy9PNliTgRKJgS5WcL/u0/WRYGz4t0= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0/go.mod h1:vnakAaFckOMiMtOIhFI2MNH4FYrZzXCYxmb1LlhoGz8= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0 h1:in9O8ESIOlwJAEGTkkf34DesGRAc/Pn8qJ7k3r/42LM= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0/go.mod h1:Rp0EXBm5tfnv0WL+ARyO/PHBEaEAT8UUHQ6AGJcSq6c= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.39.0 h1:Ckwye2FpXkYgiHX7fyVrN1uA/UYd9ounqqTuSNAv0k4= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.39.0/go.mod h1:teIFJh5pW2y+AN7riv6IBPX2DuesS3HgP39mwOspKwU= -go.opentelemetry.io/otel/metric v1.39.0 h1:d1UzonvEZriVfpNKEVmHXbdf909uGTOQjA0HF0Ls5Q0= -go.opentelemetry.io/otel/metric v1.39.0/go.mod h1:jrZSWL33sD7bBxg1xjrqyDjnuzTUB0x1nBERXd7Ftcs= -go.opentelemetry.io/otel/sdk v1.39.0 h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18= -go.opentelemetry.io/otel/sdk v1.39.0/go.mod h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE= -go.opentelemetry.io/otel/sdk/metric v1.39.0 h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8= -go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew= -go.opentelemetry.io/otel/trace v1.39.0 h1:2d2vfpEDmCJ5zVYz7ijaJdOF59xLomrvj7bjt6/qCJI= -go.opentelemetry.io/otel/trace v1.39.0/go.mod h1:88w4/PnZSazkGzz/w84VHpQafiU4EtqqlVdxWy+rNOA= +go.opentelemetry.io/otel/metric v1.40.0 h1:rcZe317KPftE2rstWIBitCdVp89A2HqjkxR3c11+p9g= +go.opentelemetry.io/otel/metric v1.40.0/go.mod h1:ib/crwQH7N3r5kfiBZQbwrTge743UDc7DTFVZrrXnqc= +go.opentelemetry.io/otel/sdk v1.40.0 h1:KHW/jUzgo6wsPh9At46+h4upjtccTmuZCFAc9OJ71f8= +go.opentelemetry.io/otel/sdk v1.40.0/go.mod h1:Ph7EFdYvxq72Y8Li9q8KebuYUr2KoeyHx0DRMKrYBUE= +go.opentelemetry.io/otel/sdk/metric v1.40.0 h1:mtmdVqgQkeRxHgRv4qhyJduP3fYJRMX4AtAlbuWdCYw= +go.opentelemetry.io/otel/sdk/metric v1.40.0/go.mod h1:4Z2bGMf0KSK3uRjlczMOeMhKU2rhUqdWNoKcYrtcBPg= +go.opentelemetry.io/otel/trace v1.40.0 h1:WA4etStDttCSYuhwvEa8OP8I5EWu24lkOzp+ZYblVjw= +go.opentelemetry.io/otel/trace v1.40.0/go.mod h1:zeAhriXecNGP/s2SEG3+Y8X9ujcJOTqQ5RgdEJcawiA= go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A= go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= From d834b4576a24994a8da06e01e7d64baf6dd0446f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 17:14:15 +0000 Subject: [PATCH 02/18] chore(deps-dev): bump minimatch from 3.1.2 to 3.1.5 in /docs (#1911) Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- docs/package-lock.json | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index dd22edf44..2f9b196e7 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -2366,11 +2366,10 @@ } }, "node_modules/filelist/node_modules/minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "version": "5.1.9", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.9.tgz", + "integrity": "sha512-7o1wEA2RyMP7Iu7GNba9vc0RWWGACJOCZBJX2GJWip0ikV+wcOsgVuY9uE8CPiyQhkGFSlhuSkZPavN7u1c2Fw==", "dev": true, - "license": "ISC", "dependencies": { "brace-expansion": "^2.0.1" }, @@ -4062,11 +4061,10 @@ } }, "node_modules/minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz", + "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==", "dev": true, - "license": "ISC", "dependencies": { "brace-expansion": "^1.1.7" }, @@ -8136,9 +8134,9 @@ } }, "minimatch": { - "version": "5.1.6", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz", - "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==", + "version": "5.1.9", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.9.tgz", + "integrity": "sha512-7o1wEA2RyMP7Iu7GNba9vc0RWWGACJOCZBJX2GJWip0ikV+wcOsgVuY9uE8CPiyQhkGFSlhuSkZPavN7u1c2Fw==", "dev": true, "requires": { "brace-expansion": "^2.0.1" @@ -9259,9 +9257,9 @@ "dev": true }, "minimatch": { - "version": "3.1.2", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz", - "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==", + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.5.tgz", + "integrity": "sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==", "dev": true, "requires": { "brace-expansion": "^1.1.7" From 9b09c9cd0aa5e24d757bb58568258e7e190b8d2a Mon Sep 17 00:00:00 2001 From: Philip Hayton Date: Tue, 3 Mar 2026 09:58:30 +0000 Subject: [PATCH 03/18] ci: runner permissions (#1910) * chore(ci): review and update ci permissions * chore(ci): harden workflows --- .github/workflows/canary.yml | 11 +++++------ .github/workflows/lint.yml | 2 +- .github/workflows/lint_pr.yml | 5 ++++- .github/workflows/release.yml | 12 ++++++------ .github/workflows/version_comparison.yml | 3 +++ 5 files changed, 19 insertions(+), 14 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 788ea5d16..6343394b0 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -4,7 +4,6 @@ on: permissions: contents: write - packages: write env: GH_USER: "bearer-bot" @@ -18,7 +17,7 @@ jobs: - name: Bump version and push tag if: startsWith(github.ref, 'refs/tags') != true id: tag_version - uses: mathieudutour/github-tag-action@v6.2 + uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b # v6.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} tag_prefix: v @@ -81,7 +80,7 @@ jobs: - name: Setup Gon run: brew install Bearer/tap/gon - name: Import Code-Signing Certificates - uses: Apple-Actions/import-codesign-certs@v6 + uses: Apple-Actions/import-codesign-certs@b610f78488812c1e56b20e6df63ec42d833f2d14 # v6 with: # The certificates in a PKCS12 file encoded as a base64 string p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} @@ -95,7 +94,7 @@ jobs: with: path: dist/darwin key: darwin-${{ env.sha_short }}-canary - - uses: goreleaser/goreleaser-action@v5 + - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5 if: steps.cache.outputs.cache-hit != 'true' # do not run if cache hit name: Run GoReleaser with: @@ -134,7 +133,7 @@ jobs: path: dist/darwin key: darwin-${{ env.sha_short }}-canary - name: Release - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5 with: distribution: goreleaser-pro version: 1.25.0 @@ -144,7 +143,7 @@ jobs: GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 with: image-ref: "docker.io/bearer/bearer:canary-amd64" format: "table" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 34af219f0..700185c97 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -27,7 +27,7 @@ jobs: go-version: 1.25.0 - uses: actions/checkout@v6 - name: golangci-lint - uses: golangci/golangci-lint-action@v9 + uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9 with: version: latest args: --timeout=3m diff --git a/.github/workflows/lint_pr.yml b/.github/workflows/lint_pr.yml index d6e43f888..41e0e3ffd 100644 --- a/.github/workflows/lint_pr.yml +++ b/.github/workflows/lint_pr.yml @@ -7,11 +7,14 @@ on: - edited - synchronize +permissions: + pull-requests: read + jobs: main: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@v6 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 17ca2c8d7..ad32f7da0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Run Cimon (eBPF) - uses: cycodelabs/cimon-action@v0 + uses: cycodelabs/cimon-action@72dc71dd1448de5f6e69a648bb5f13fa8995be52 # v0 with: client-id: ${{ secrets.CIMON_CLIENT_ID }} secret: ${{ secrets.CIMON_SECRET }} @@ -24,7 +24,7 @@ jobs: - name: Bump version and push tag if: startsWith(github.ref, 'refs/tags') != true id: tag_version - uses: mathieudutour/github-tag-action@v6.2 + uses: mathieudutour/github-tag-action@a22cf08638b34d5badda920f9daf6e72c477b07b # v6.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} tag_prefix: v @@ -85,7 +85,7 @@ jobs: - name: Setup Gon run: brew install Bearer/tap/gon - name: Import Code-Signing Certificates - uses: Apple-Actions/import-codesign-certs@v6 + uses: Apple-Actions/import-codesign-certs@b610f78488812c1e56b20e6df63ec42d833f2d14 # v6 with: # The certificates in a PKCS12 file encoded as a base64 string p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} @@ -99,7 +99,7 @@ jobs: with: path: dist/darwin key: darwin-${{ env.sha_short }} - - uses: goreleaser/goreleaser-action@v5 + - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5 if: steps.cache.outputs.cache-hit != 'true' # do not run if cache hit name: Run GoReleaser with: @@ -138,7 +138,7 @@ jobs: path: dist/darwin key: darwin-${{ env.sha_short }} - name: Release - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5 with: distribution: goreleaser-pro version: 1.25.0 @@ -152,7 +152,7 @@ jobs: FURY_TOKEN: ${{ secrets.FURY_TOKEN }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 with: image-ref: "docker.io/bearer/bearer:latest" format: "table" diff --git a/.github/workflows/version_comparison.yml b/.github/workflows/version_comparison.yml index 8e4666c23..660ccfe90 100644 --- a/.github/workflows/version_comparison.yml +++ b/.github/workflows/version_comparison.yml @@ -11,6 +11,9 @@ on: testRulesRef: description: "Test rules ref" +permissions: + contents: read + jobs: setup: name: Setup version comparison From f2ade55b4b0d4ecab0309c932365e0d845dd28a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 09:30:16 +0200 Subject: [PATCH 04/18] chore(deps): bump github.com/open-policy-agent/opa from 1.13.2 to 1.14.0 (#1907) Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.13.2 to 1.14.0. - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-policy-agent/opa/compare/v1.13.2...v1.14.0) --- updated-dependencies: - dependency-name: github.com/open-policy-agent/opa dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 18 ++---------------- go.sum | 42 ++++++------------------------------------ 2 files changed, 8 insertions(+), 52 deletions(-) diff --git a/go.mod b/go.mod index 5cb63296a..ef158e099 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/google/go-github v17.0.0+incompatible github.com/google/uuid v1.6.0 github.com/hhatto/gocloc v0.7.0 - github.com/open-policy-agent/opa v1.13.2 + github.com/open-policy-agent/opa v1.14.0 github.com/rodaine/table v1.3.0 github.com/rs/zerolog v1.34.0 github.com/russross/blackfriday/v2 v2.1.0 @@ -63,12 +63,9 @@ require ( require ( github.com/BobuSumisu/aho-corasick v1.0.3 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect - github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect - github.com/go-logr/logr v1.4.3 // indirect - github.com/go-logr/stdr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.6 // indirect github.com/goccy/go-json v0.10.5 // indirect github.com/google/go-querystring v1.1.0 // indirect @@ -80,12 +77,7 @@ require ( github.com/lestrrat-go/jwx/v3 v3.0.13 // indirect github.com/lestrrat-go/option/v2 v2.0.0 // indirect github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect - github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect - github.com/prometheus/client_golang v1.23.2 // indirect - github.com/prometheus/client_model v0.6.2 // indirect - github.com/prometheus/common v0.66.1 // indirect - github.com/prometheus/procfs v0.17.0 // indirect github.com/sagikazarmark/locafero v0.11.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/segmentio/asm v1.2.1 // indirect @@ -97,16 +89,10 @@ require ( github.com/valyala/fastjson v1.6.7 // indirect github.com/vektah/gqlparser/v2 v2.5.31 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect - go.opentelemetry.io/auto/sdk v1.2.1 // indirect - go.opentelemetry.io/otel v1.40.0 // indirect - go.opentelemetry.io/otel/metric v1.40.0 // indirect - go.opentelemetry.io/otel/sdk v1.40.0 // indirect - go.opentelemetry.io/otel/trace v1.40.0 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/crypto v0.48.0 // indirect - golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect - google.golang.org/protobuf v1.36.11 // indirect + golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect ) require ( diff --git a/go.sum b/go.sum index 1ae7deed3..b703f051f 100644 --- a/go.sum +++ b/go.sum @@ -20,8 +20,6 @@ github.com/buildkite/terminal v3.2.0+incompatible h1:08p6611HADinUwK0oyxCaAsnFXV github.com/buildkite/terminal v3.2.0+incompatible/go.mod h1:iQavkS6X0wlozOmO2rxHYt/9mE5Ij2XTk6yGcclx6hk= github.com/bytecodealliance/wasmtime-go/v39 v39.0.1 h1:RibaT47yiyCRxMOj/l2cvL8cWiWBSqDXHyqsa9sGcCE= github.com/bytecodealliance/wasmtime-go/v39 v39.0.1/go.mod h1:miR4NYIEBXeDNamZIzpskhJ0z/p8al+lwMWylQ/ZJb4= -github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM= -github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cfabianski/viper v1.15.1-0.20231221085120-53a0f7864cd6 h1:HW9hLBTXvVxHrqSgnRsknxVlJfh7IUyxUGv7lmOa4rY= @@ -38,8 +36,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= -github.com/dgraph-io/badger/v4 v4.9.0 h1:tpqWb0NewSrCYqTvywbcXOhQdWcqephkVkbBmaaqHzc= -github.com/dgraph-io/badger/v4 v4.9.0/go.mod h1:5/MEx97uzdPUHR4KtkNt8asfI2T4JiEiQlV7kWUo8c0= +github.com/dgraph-io/badger/v4 v4.9.1 h1:DocZXZkg5JJHJPtUErA0ibyHxOVUDVoXLSCV6t8NC8w= +github.com/dgraph-io/badger/v4 v4.9.1/go.mod h1:5/MEx97uzdPUHR4KtkNt8asfI2T4JiEiQlV7kWUo8c0= github.com/dgraph-io/ristretto/v2 v2.2.0 h1:bkY3XzJcXoMuELV8F+vS8kzNgicwQFAaGINAEJdWGOM= github.com/dgraph-io/ristretto/v2 v2.2.0/go.mod h1:RZrm63UmcBAaYWC1DotLYBmTvgkrs0+XhBd7Npn7/zI= github.com/dgryski/trifles v0.0.0-20230903005119-f50d829f2e54 h1:SG7nF6SRlWhcT7cNTs5R6Hk4V2lcmLz2NsG2VnInyNo= @@ -50,8 +48,6 @@ github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/fatih/semgroup v1.2.0 h1:h/OLXwEM+3NNyAdZEpMiH1OzfplU09i2qXPVThGZvyg= github.com/fatih/semgroup v1.2.0/go.mod h1:1KAD4iIYfXjE4U13B48VM4z9QUwV5Tt8O4rS879kgm8= -github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= -github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/foxcpp/go-mockdns v1.2.0 h1:omK3OrHRD1IWJz1FuFBCFquhXslXoF17OvBS6JPzZF0= @@ -68,7 +64,6 @@ github.com/go-enry/go-enry/v2 v2.9.4 h1:DS4l06/NgMzYjsJ2J52wORo6UsfFDjDCwfAn7w3g github.com/go-enry/go-enry/v2 v2.9.4/go.mod h1:9yrj4ES1YrbNb1Wb7/PWYr2bpaCXUGRt0uafN0ISyG8= github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo= github.com/go-enry/go-oniguruma v1.2.1/go.mod h1:bWDhYP+S6xZQgiRL7wlTScFYBe023B6ilRZbCAD5Hf4= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI= github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= @@ -93,8 +88,6 @@ github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 h1:NmZ1PKzSTQbuGHw9DGPFomqkkLWMC+vZCkfs+FHv1Vg= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3/go.mod h1:zQrxl1YP88HQlA6i9c63DSVPFklWpGX4OWAc9bFuaH4= github.com/h2non/filetype v1.1.3 h1:FKkx9QbD7HR/zjK1Ia5XiBsq9zdLi5Kf3zGyFTAFkGg= github.com/h2non/filetype v1.1.3/go.mod h1:319b3zT68BvV+WRj7cwy856M2ehB3HqNOt6sy1HndBY= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= @@ -155,8 +148,8 @@ github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/open-policy-agent/opa v1.13.2 h1:c72l7DhxP4g8DEUBOdaU9QBKyA24dZxCcIuZNRZ0yP4= -github.com/open-policy-agent/opa v1.13.2/go.mod h1:M3Asy9yp1YTusUU5VQuENDe92GLmamIuceqjw+C8PHY= +github.com/open-policy-agent/opa v1.14.0 h1:sdG94h9GrZQQcTaH70fJhOuU+/C2FAeeAo8mSPssV/U= +github.com/open-policy-agent/opa v1.14.0/go.mod h1:e+JSg7BVV9/vRcD5HYTUeyKIrvigPxYX6T1KcVUaHaM= github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4= github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -264,36 +257,20 @@ github.com/zricethezav/gitleaks/v8 v8.18.1 h1:Jlv3Pu6dritmro5Cy0rbBGW7fvP7izn3NM github.com/zricethezav/gitleaks/v8 v8.18.1/go.mod h1:8Dn6XSzCXjbkxc2e/o1M+dwIHPAoyY7HsYjLWzgg+Zs= go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64= go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0 h1:ssfIgGNANqpVFCndZvcuyKbl0g+UAVcbBcqGkG28H0Y= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0/go.mod h1:GQ/474YrbE4Jx8gZ4q5I4hrhUzM6UPzyrqJYV2AqPoQ= go.opentelemetry.io/otel v1.40.0 h1:oA5YeOcpRTXq6NN7frwmwFR0Cn3RhTVZvXsP4duvCms= go.opentelemetry.io/otel v1.40.0/go.mod h1:IMb+uXZUKkMXdPddhwAHm6UfOwJyh4ct1ybIlV14J0g= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0 h1:f0cb2XPmrqn4XMy9PNliTgRKJgS5WcL/u0/WRYGz4t0= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.39.0/go.mod h1:vnakAaFckOMiMtOIhFI2MNH4FYrZzXCYxmb1LlhoGz8= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0 h1:in9O8ESIOlwJAEGTkkf34DesGRAc/Pn8qJ7k3r/42LM= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.39.0/go.mod h1:Rp0EXBm5tfnv0WL+ARyO/PHBEaEAT8UUHQ6AGJcSq6c= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.39.0 h1:Ckwye2FpXkYgiHX7fyVrN1uA/UYd9ounqqTuSNAv0k4= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.39.0/go.mod h1:teIFJh5pW2y+AN7riv6IBPX2DuesS3HgP39mwOspKwU= go.opentelemetry.io/otel/metric v1.40.0 h1:rcZe317KPftE2rstWIBitCdVp89A2HqjkxR3c11+p9g= go.opentelemetry.io/otel/metric v1.40.0/go.mod h1:ib/crwQH7N3r5kfiBZQbwrTge743UDc7DTFVZrrXnqc= -go.opentelemetry.io/otel/sdk v1.40.0 h1:KHW/jUzgo6wsPh9At46+h4upjtccTmuZCFAc9OJ71f8= -go.opentelemetry.io/otel/sdk v1.40.0/go.mod h1:Ph7EFdYvxq72Y8Li9q8KebuYUr2KoeyHx0DRMKrYBUE= -go.opentelemetry.io/otel/sdk/metric v1.40.0 h1:mtmdVqgQkeRxHgRv4qhyJduP3fYJRMX4AtAlbuWdCYw= -go.opentelemetry.io/otel/sdk/metric v1.40.0/go.mod h1:4Z2bGMf0KSK3uRjlczMOeMhKU2rhUqdWNoKcYrtcBPg= go.opentelemetry.io/otel/trace v1.40.0 h1:WA4etStDttCSYuhwvEa8OP8I5EWu24lkOzp+ZYblVjw= go.opentelemetry.io/otel/trace v1.40.0/go.mod h1:zeAhriXecNGP/s2SEG3+Y8X9ujcJOTqQ5RgdEJcawiA= -go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A= -go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4= -go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= -go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= -golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= +golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo= +golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak= golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60= @@ -319,13 +296,6 @@ golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA= golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc= golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 h1:wpZ8pe2x1Q3f2KyT5f8oP/fa9rHAKgFPr/HZdNuS+PQ= -google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 h1:fCvbg86sFXwdrl5LgVcTEvNC+2txB5mgROGmRL5mrls= -google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:+rXWjjaukWZun3mLfjmVnQi18E1AsFbDN9QdJ5YXLto= -google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 h1:gRkg/vSppuSQoDjxyiGfN4Upv/h/DQmIR10ZU8dh4Ww= -google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217/go.mod h1:7i2o+ce6H/6BluujYR+kqX3GKH+dChPTQU19wjRPiGk= -google.golang.org/grpc v1.78.0 h1:K1XZG/yGDJnzMdd/uZHAkVqJE+xIDOcmdSFZkBUicNc= -google.golang.org/grpc v1.78.0/go.mod h1:I47qjTo4OKbMkjA/aOOwxDIiPSBofUtQUI5EfpWvW7U= google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 28103db45d42b4dbc7a8898da5b991531baea828 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 09:40:00 +0200 Subject: [PATCH 05/18] chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#1909) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.50.0 to 0.51.0. - [Commits](https://github.com/golang/net/compare/v0.50.0...v0.51.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.51.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ef158e099..c38bde4b7 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 github.com/zricethezav/gitleaks/v8 v8.18.1 golang.org/x/mod v0.33.0 - golang.org/x/net v0.50.0 + golang.org/x/net v0.51.0 golang.org/x/oauth2 v0.35.0 sigs.k8s.io/yaml v1.6.0 ) diff --git a/go.sum b/go.sum index b703f051f..68cde8a3b 100644 --- a/go.sum +++ b/go.sum @@ -273,8 +273,8 @@ golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+h golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak= golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= -golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60= -golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM= +golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= +golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= golang.org/x/oauth2 v0.35.0 h1:Mv2mzuHuZuY2+bkyWXIHMfhNdJAdwW3FuWeCPYN5GVQ= golang.org/x/oauth2 v0.35.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= From b72a28275bce3b7cbd4654e5f16bf71e01d9a12f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 10:05:17 +0200 Subject: [PATCH 06/18] chore(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 (#1915) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.35.0 to 0.36.0. - [Commits](https://github.com/golang/oauth2/compare/v0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c38bde4b7..87af8b96a 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( github.com/zricethezav/gitleaks/v8 v8.18.1 golang.org/x/mod v0.33.0 golang.org/x/net v0.51.0 - golang.org/x/oauth2 v0.35.0 + golang.org/x/oauth2 v0.36.0 sigs.k8s.io/yaml v1.6.0 ) diff --git a/go.sum b/go.sum index 68cde8a3b..9d5eec429 100644 --- a/go.sum +++ b/go.sum @@ -275,8 +275,8 @@ golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= -golang.org/x/oauth2 v0.35.0 h1:Mv2mzuHuZuY2+bkyWXIHMfhNdJAdwW3FuWeCPYN5GVQ= -golang.org/x/oauth2 v0.35.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= From 2c38759a7c1791a83b56c5b2caeb943875985f5f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 10:11:20 +0200 Subject: [PATCH 07/18] chore(deps): bump github.com/weppos/publicsuffix-go from 0.50.2 to 0.50.3 (#1916) chore(deps): bump github.com/weppos/publicsuffix-go Bumps [github.com/weppos/publicsuffix-go](https://github.com/weppos/publicsuffix-go) from 0.50.2 to 0.50.3. - [Changelog](https://github.com/weppos/publicsuffix-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/weppos/publicsuffix-go/compare/v0.50.2...v0.50.3) --- updated-dependencies: - dependency-name: github.com/weppos/publicsuffix-go dependency-version: 0.50.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 87af8b96a..890ce1290 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/shirou/gopsutil/v3 v3.24.5 github.com/smacker/go-tree-sitter v0.0.0-20240827094217-dd81d9e9be82 github.com/stretchr/testify v1.11.1 - github.com/weppos/publicsuffix-go v0.50.2 + github.com/weppos/publicsuffix-go v0.50.3 github.com/xeipuuv/gojsonschema v1.2.0 github.com/zricethezav/gitleaks/v8 v8.18.1 golang.org/x/mod v0.33.0 diff --git a/go.sum b/go.sum index 9d5eec429..38adb9f9a 100644 --- a/go.sum +++ b/go.sum @@ -240,8 +240,8 @@ github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpB github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= github.com/vektah/gqlparser/v2 v2.5.31 h1:YhWGA1mfTjID7qJhd1+Vxhpk5HTgydrGU9IgkWBTJ7k= github.com/vektah/gqlparser/v2 v2.5.31/go.mod h1:c1I28gSOVNzlfc4WuDlqU7voQnsqI6OG2amkBAFmgts= -github.com/weppos/publicsuffix-go v0.50.2 h1:KsJFc8IEKTJovM46SRCnGNsM+rFShxcs6VEHjOJcXzE= -github.com/weppos/publicsuffix-go v0.50.2/go.mod h1:CbQCKDtXF8UcT7hrxeMa0MDjwhpOI9iYOU7cfq+yo8k= +github.com/weppos/publicsuffix-go v0.50.3 h1:eT5dcjHQcVDNc0igpFEsGHKIip30feuB2zuuI9eJxiE= +github.com/weppos/publicsuffix-go v0.50.3/go.mod h1:/rOa781xBykZhHK/I3QeHo92qdDKVmKZKF7s8qAEM/4= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= From f46503fca1de95e86b5996545598567ff321feb5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 10:40:27 +0200 Subject: [PATCH 08/18] chore(deps-dev): bump tar from 7.5.9 to 7.5.10 in /docs (#1912) Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-tar/compare/v7.5.9...v7.5.10) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.10 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- docs/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index 2f9b196e7..2b03648a4 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -5993,9 +5993,9 @@ } }, "node_modules/tar": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.9.tgz", - "integrity": "sha512-BTLcK0xsDh2+PUe9F6c2TlRp4zOOBMTkoQHQIWSIzI0R7KG46uEwq4OPk2W7bZcprBMsuaeFsqwYr7pjh6CuHg==", + "version": "7.5.11", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.11.tgz", + "integrity": "sha512-ChjMH33/KetonMTAtpYdgUFr0tbz69Fp2v7zWxQfYZX4g5ZN2nOBXm1R2xyA+lMIKrLKIoKAwFj93jE/avX9cQ==", "dev": true, "dependencies": { "@isaacs/fs-minipass": "^4.0.0", @@ -10559,9 +10559,9 @@ } }, "tar": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.9.tgz", - "integrity": "sha512-BTLcK0xsDh2+PUe9F6c2TlRp4zOOBMTkoQHQIWSIzI0R7KG46uEwq4OPk2W7bZcprBMsuaeFsqwYr7pjh6CuHg==", + "version": "7.5.11", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.11.tgz", + "integrity": "sha512-ChjMH33/KetonMTAtpYdgUFr0tbz69Fp2v7zWxQfYZX4g5ZN2nOBXm1R2xyA+lMIKrLKIoKAwFj93jE/avX9cQ==", "dev": true, "requires": { "@isaacs/fs-minipass": "^4.0.0", From f18ddeff8db0d1bfa20201203c96dbda38f30667 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Mar 2026 16:38:56 +0000 Subject: [PATCH 09/18] chore(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.35.0 (#1913) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.34.1 to 0.35.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/e368e328979b113139d6f9068e03accaed98a518...57a97c7e7821a5776cebc9bb87c984fa69cba8f1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/canary.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 6343394b0..ad7d5ee1d 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -143,7 +143,7 @@ jobs: GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: "docker.io/bearer/bearer:canary-amd64" format: "table" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ad32f7da0..896639d70 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -152,7 +152,7 @@ jobs: FURY_TOKEN: ${{ secrets.FURY_TOKEN }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: "docker.io/bearer/bearer:latest" format: "table" From c39c92f00eaaf1059b51c779d46a986e54d4d6af Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Mar 2026 16:49:47 +0000 Subject: [PATCH 10/18] chore(deps-dev): bump liquidjs from 10.8.4 to 10.25.0 in /docs (#1917) Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.8.4 to 10.25.0. - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](https://github.com/harttle/liquidjs/compare/v10.8.4...v10.25.0) --- updated-dependencies: - dependency-name: liquidjs dependency-version: 10.25.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- docs/package-lock.json | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index 2b03648a4..c629540c1 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -3778,11 +3778,10 @@ } }, "node_modules/liquidjs": { - "version": "10.8.4", - "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.8.4.tgz", - "integrity": "sha512-HSpYAFBVWxhwWsTKPBJgPm3bnwwIzAZjy17XhX7uJCKJ8H6A1YstZSFmPqMmWfSuJOg43RSx+qWVSA1Fu3+B2w==", + "version": "10.25.0", + "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.25.0.tgz", + "integrity": "sha512-XpO7AiGULTG4xcTlwkcTI5JreFG7b6esLCLp+aUSh7YuQErJZEoUXre9u9rbdb0057pfWG4l0VursvLd5Q/eAw==", "dev": true, - "license": "MIT", "dependencies": { "commander": "^10.0.0" }, @@ -3791,7 +3790,7 @@ "liquidjs": "bin/liquid.js" }, "engines": { - "node": ">=14" + "node": ">=16" }, "funding": { "type": "opencollective", @@ -9064,9 +9063,9 @@ } }, "liquidjs": { - "version": "10.8.4", - "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.8.4.tgz", - "integrity": "sha512-HSpYAFBVWxhwWsTKPBJgPm3bnwwIzAZjy17XhX7uJCKJ8H6A1YstZSFmPqMmWfSuJOg43RSx+qWVSA1Fu3+B2w==", + "version": "10.25.0", + "resolved": "https://registry.npmjs.org/liquidjs/-/liquidjs-10.25.0.tgz", + "integrity": "sha512-XpO7AiGULTG4xcTlwkcTI5JreFG7b6esLCLp+aUSh7YuQErJZEoUXre9u9rbdb0057pfWG4l0VursvLd5Q/eAw==", "dev": true, "requires": { "commander": "^10.0.0" From 8ba818ddf83da636c8f326b42495ba147a1f350e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 10:57:35 +0200 Subject: [PATCH 11/18] chore(deps): bump github.com/open-policy-agent/opa from 1.14.0 to 1.14.1 (#1921) Bumps [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) from 1.14.0 to 1.14.1. - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-policy-agent/opa/compare/v1.14.0...v1.14.1) --- updated-dependencies: - dependency-name: github.com/open-policy-agent/opa dependency-version: 1.14.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 890ce1290..cbb90bdf3 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/google/go-github v17.0.0+incompatible github.com/google/uuid v1.6.0 github.com/hhatto/gocloc v0.7.0 - github.com/open-policy-agent/opa v1.14.0 + github.com/open-policy-agent/opa v1.14.1 github.com/rodaine/table v1.3.0 github.com/rs/zerolog v1.34.0 github.com/russross/blackfriday/v2 v2.1.0 @@ -56,7 +56,7 @@ require ( github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect - golang.org/x/sync v0.19.0 // indirect + golang.org/x/sync v0.20.0 // indirect golang.org/x/term v0.40.0 // indirect ) @@ -87,7 +87,7 @@ require ( github.com/tklauser/go-sysconf v0.3.12 // indirect github.com/tklauser/numcpus v0.6.1 // indirect github.com/valyala/fastjson v1.6.7 // indirect - github.com/vektah/gqlparser/v2 v2.5.31 // indirect + github.com/vektah/gqlparser/v2 v2.5.32 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect diff --git a/go.sum b/go.sum index 38adb9f9a..1eea71cb9 100644 --- a/go.sum +++ b/go.sum @@ -148,8 +148,8 @@ github.com/muesli/termenv v0.15.1 h1:UzuTb/+hhlBugQz28rpzey4ZuKcZ03MeKsoG7IJZIxs github.com/muesli/termenv v0.15.1/go.mod h1:HeAQPTzpfs016yGtA4g00CsdYnVLJvxsS4ANqrZs2sQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/open-policy-agent/opa v1.14.0 h1:sdG94h9GrZQQcTaH70fJhOuU+/C2FAeeAo8mSPssV/U= -github.com/open-policy-agent/opa v1.14.0/go.mod h1:e+JSg7BVV9/vRcD5HYTUeyKIrvigPxYX6T1KcVUaHaM= +github.com/open-policy-agent/opa v1.14.1 h1:MhurLB9mSbXmojYFCmGbiC1Uagu1+aFAV4XVotDA86M= +github.com/open-policy-agent/opa v1.14.1/go.mod h1:B5gykwJ2l0g0wZS4ClCcpfSSEx51n4NHpTsWfuPwqnQ= github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4= github.com/pelletier/go-toml/v2 v2.2.4/go.mod h1:2gIqNv+qfxSVS7cM2xJQKtLSTLUE9V8t9Stt+h56mCY= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -238,8 +238,8 @@ github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+F github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY= github.com/valyala/fastjson v1.6.7 h1:ZE4tRy0CIkh+qDc5McjatheGX2czdn8slQjomexVpBM= github.com/valyala/fastjson v1.6.7/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLrsQns1aXY= -github.com/vektah/gqlparser/v2 v2.5.31 h1:YhWGA1mfTjID7qJhd1+Vxhpk5HTgydrGU9IgkWBTJ7k= -github.com/vektah/gqlparser/v2 v2.5.31/go.mod h1:c1I28gSOVNzlfc4WuDlqU7voQnsqI6OG2amkBAFmgts= +github.com/vektah/gqlparser/v2 v2.5.32 h1:k9QPJd4sEDTL+qB4ncPLflqTJ3MmjB9SrVzJrawpFSc= +github.com/vektah/gqlparser/v2 v2.5.32/go.mod h1:c1I28gSOVNzlfc4WuDlqU7voQnsqI6OG2amkBAFmgts= github.com/weppos/publicsuffix-go v0.50.3 h1:eT5dcjHQcVDNc0igpFEsGHKIip30feuB2zuuI9eJxiE= github.com/weppos/publicsuffix-go v0.50.3/go.mod h1:/rOa781xBykZhHK/I3QeHo92qdDKVmKZKF7s8qAEM/4= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -277,8 +277,8 @@ golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= -golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= -golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= +golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= From 05eadac4da14a099826fbf59d615a5fed7a06552 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 11:15:32 +0200 Subject: [PATCH 12/18] chore(deps): bump github.com/rodaine/table from 1.3.0 to 1.3.1 (#1920) Bumps [github.com/rodaine/table](https://github.com/rodaine/table) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/rodaine/table/releases) - [Commits](https://github.com/rodaine/table/compare/v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: github.com/rodaine/table dependency-version: 1.3.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 5 +++-- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index cbb90bdf3..9dbe1f0aa 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/google/uuid v1.6.0 github.com/hhatto/gocloc v0.7.0 github.com/open-policy-agent/opa v1.14.1 - github.com/rodaine/table v1.3.0 + github.com/rodaine/table v1.3.1 github.com/rs/zerolog v1.34.0 github.com/russross/blackfriday/v2 v2.1.0 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 @@ -45,7 +45,7 @@ require ( github.com/lucasb-eyer/go-colorful v1.2.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect - github.com/mattn/go-runewidth v0.0.16 // indirect + github.com/mattn/go-runewidth v0.0.21 // indirect github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect github.com/muesli/reflow v0.3.0 // indirect github.com/muesli/termenv v0.15.1 // indirect @@ -64,6 +64,7 @@ require ( github.com/BobuSumisu/aho-corasick v1.0.3 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/clipperhouse/uax29/v2 v2.2.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect github.com/fsnotify/fsnotify v1.9.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect diff --git a/go.sum b/go.sum index 1eea71cb9..c4bb0007f 100644 --- a/go.sum +++ b/go.sum @@ -28,6 +28,8 @@ github.com/charmbracelet/lipgloss v0.6.0 h1:1StyZB9vBSOyuZxQUcUwGr17JmojPNm87ini github.com/charmbracelet/lipgloss v0.6.0/go.mod h1:tHh2wr34xcHjC2HCXIlGSG1jaDF0S0atAUvBMP6Ppuk= github.com/chengxilo/virtualterm v1.0.4 h1:Z6IpERbRVlfB8WkOmtbHiDbBANU7cimRIof7mk9/PwM= github.com/chengxilo/virtualterm v1.0.4/go.mod h1:DyxxBZz/x1iqJjFxTFcr6/x+jSpqN0iwWCOK1q10rlY= +github.com/clipperhouse/uax29/v2 v2.2.0 h1:ChwIKnQN3kcZteTXMgb1wztSgaU+ZemkgWdohwgs8tY= +github.com/clipperhouse/uax29/v2 v2.2.0/go.mod h1:EFJ2TJMRUaplDxHKj1qAEhCtQPW2tJSwu5BF98AuoVM= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -79,7 +81,6 @@ github.com/google/flatbuffers v25.2.10+incompatible h1:F3vclr7C3HpB1k9mxCGRMXq6F github.com/google/flatbuffers v25.2.10+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= @@ -132,8 +133,8 @@ github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D github.com/mattn/go-runewidth v0.0.10/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= -github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.21 h1:jJKAZiQH+2mIinzCJIaIG9Be1+0NR+5sz/lYEEjdM8w= +github.com/mattn/go-runewidth v0.0.21/go.mod h1:XBkDxAl56ILZc9knddidhrOlY5R/pDhgLpndooCuJAs= github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM= github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ= @@ -172,8 +173,8 @@ github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJ github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/rodaine/table v1.3.0 h1:4/3S3SVkHnVZX91EHFvAMV7K42AnJ0XuymRR2C5HlGE= -github.com/rodaine/table v1.3.0/go.mod h1:47zRsHar4zw0jgxGxL9YtFfs7EGN6B/TaS+/Dmk4WxU= +github.com/rodaine/table v1.3.1 h1:jBVgg1bEu5EzEdYSrwUUlQpayDtkvtTmgFS0FPAxOq8= +github.com/rodaine/table v1.3.1/go.mod h1:VYCJRCHa2DpD25uFALcB6hi5ECF3eEJQVhCXRjHgXc4= github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ= github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= @@ -225,7 +226,6 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= From 1736e7ae0038409bf12abf0e815c5b43d4113cb3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 09:20:35 +0200 Subject: [PATCH 13/18] chore(deps): bump github.com/fatih/color from 1.18.0 to 1.19.0 (#1925) Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.18.0 to 1.19.0. - [Release notes](https://github.com/fatih/color/releases) - [Commits](https://github.com/fatih/color/compare/v1.18.0...v1.19.0) --- updated-dependencies: - dependency-name: github.com/fatih/color dependency-version: 1.19.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 11 ++++++----- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index 9dbe1f0aa..6d36d5af3 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/bradleyjkemp/cupaloy v2.3.0+incompatible github.com/buildkite/terminal v3.2.0+incompatible github.com/dustin/go-humanize v1.0.1 - github.com/fatih/color v1.18.0 + github.com/fatih/color v1.19.0 github.com/gertd/go-pluralize v0.2.1 github.com/gitsight/go-vcsurl v1.0.1 github.com/go-enry/go-enry/v2 v2.9.4 @@ -43,7 +43,7 @@ require ( github.com/h2non/filetype v1.1.3 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-colorable v0.1.14 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.21 // indirect github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect @@ -107,7 +107,7 @@ require ( github.com/spf13/pflag v1.0.10 github.com/spf13/viper v1.21.0 github.com/subosito/gotenv v1.6.0 // indirect - golang.org/x/sys v0.41.0 // indirect + golang.org/x/sys v0.42.0 // indirect golang.org/x/text v0.34.0 // indirect gopkg.in/ini.v1 v1.67.1 // indirect gopkg.in/yaml.v3 v3.0.1 diff --git a/go.sum b/go.sum index c4bb0007f..519be8d0b 100644 --- a/go.sum +++ b/go.sum @@ -46,8 +46,8 @@ github.com/dgryski/trifles v0.0.0-20230903005119-f50d829f2e54 h1:SG7nF6SRlWhcT7c github.com/dgryski/trifles v0.0.0-20230903005119-f50d829f2e54/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= -github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= +github.com/fatih/color v1.19.0 h1:Zp3PiM21/9Ld6FzSKyL5c/BULoe/ONr9KlbYVOfG8+w= +github.com/fatih/color v1.19.0/go.mod h1:zNk67I0ZUT1bEGsSGyCZYZNrHuTkJJB+r6Q9VuMi0LE= github.com/fatih/semgroup v1.2.0 h1:h/OLXwEM+3NNyAdZEpMiH1OzfplU09i2qXPVThGZvyg= github.com/fatih/semgroup v1.2.0/go.mod h1:1KAD4iIYfXjE4U13B48VM4z9QUwV5Tt8O4rS879kgm8= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= @@ -123,8 +123,9 @@ github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= +github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= @@ -287,8 +288,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= -golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= +golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk= From ce675c653933520264642e858230309c2035247c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 12:25:57 +0000 Subject: [PATCH 14/18] chore(deps-dev): bump flatted from 3.2.7 to 3.4.2 in /docs (#1923) Bumps [flatted](https://github.com/WebReflection/flatted) from 3.2.7 to 3.4.2. - [Commits](https://github.com/WebReflection/flatted/compare/v3.2.7...v3.4.2) --- updated-dependencies: - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- docs/package-lock.json | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index c629540c1..7a5b386b5 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -2472,11 +2472,10 @@ } }, "node_modules/flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", - "dev": true, - "license": "ISC" + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz", + "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==", + "dev": true }, "node_modules/follow-redirects": { "version": "1.15.6", @@ -8216,9 +8215,9 @@ } }, "flatted": { - "version": "3.2.7", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz", - "integrity": "sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ==", + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.4.2.tgz", + "integrity": "sha512-PjDse7RzhcPkIJwy5t7KPWQSZ9cAbzQXcafsetQoD7sOJRQlGikNbx7yZp2OotDnJyrDcbyRq3Ttb18iYOqkxA==", "dev": true }, "follow-redirects": { From 2c46d358de439d478495d2d1ee61c93162896d49 Mon Sep 17 00:00:00 2001 From: Philip Hayton Date: Mon, 23 Mar 2026 13:10:16 +0000 Subject: [PATCH 15/18] ci: pin remaining actions (#1926) --- .github/workflows/canary.yml | 18 +- .github/workflows/command_doc_check.yml | 8 +- .github/workflows/docs.yml | 10 +- .github/workflows/e2e_test.yml | 4 +- .github/workflows/lint.yml | 4 +- .github/workflows/lint_docs.yml | 6 +- .github/workflows/release.yml | 18 +- .github/workflows/test.yml | 4 +- .github/workflows/version_comparison.yml | 16 +- .../version_comparison/repositories.json5 | 230 +++++++++--------- 10 files changed, 159 insertions(+), 159 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index ad7d5ee1d..37ff0c04d 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Bump version and push tag if: startsWith(github.ref, 'refs/tags') != true id: tag_version @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} @@ -45,7 +45,7 @@ jobs: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - id: cache - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/linux key: linux-${{ env.sha_short }}-canary @@ -68,13 +68,13 @@ jobs: runs-on: macos-15 steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} - run: git fetch --force --tags - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - name: Setup Gon @@ -90,7 +90,7 @@ jobs: run: | echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - id: cache - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/darwin key: darwin-${{ env.sha_short }}-canary @@ -114,7 +114,7 @@ jobs: needs: [tag, build-darwin, build-linux] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} @@ -124,11 +124,11 @@ jobs: - shell: bash run: | echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - - uses: actions/cache@v5 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/linux key: linux-${{ env.sha_short }}-canary - - uses: actions/cache@v5 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/darwin key: darwin-${{ env.sha_short }}-canary diff --git a/.github/workflows/command_doc_check.yml b/.github/workflows/command_doc_check.yml index 67c515207..9535908f5 100644 --- a/.github/workflows/command_doc_check.yml +++ b/.github/workflows/command_doc_check.yml @@ -15,19 +15,19 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - name: Generate command docs run: go run ./scripts/gen-doc-yaml.go - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "16" - name: Cache dependencies - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 0729557c4..6e0a4d8e2 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -24,13 +24,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "16" - name: Cache dependencies - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} @@ -41,7 +41,7 @@ jobs: - name: Build with eleventy run: npm run build - name: Upload artifact - uses: actions/upload-pages-artifact@v4 + uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 with: path: ./docs/_site @@ -55,4 +55,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@v4 \ No newline at end of file + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 \ No newline at end of file diff --git a/.github/workflows/e2e_test.yml b/.github/workflows/e2e_test.yml index ba4257f4f..84b443e7a 100644 --- a/.github/workflows/e2e_test.yml +++ b/.github/workflows/e2e_test.yml @@ -17,9 +17,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - name: Build binary for integration tests diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 700185c97..90be84998 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -22,10 +22,10 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v6 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: golangci-lint uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9 with: diff --git a/.github/workflows/lint_docs.yml b/.github/workflows/lint_docs.yml index b881f2d0a..57c90cac4 100644 --- a/.github/workflows/lint_docs.yml +++ b/.github/workflows/lint_docs.yml @@ -17,13 +17,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "16" - name: Cache dependencies - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: ~/.npm key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 896639d70..b64308e7a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: client-id: ${{ secrets.CIMON_CLIENT_ID }} secret: ${{ secrets.CIMON_SECRET }} - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Bump version and push tag if: startsWith(github.ref, 'refs/tags') != true id: tag_version @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} @@ -49,7 +49,7 @@ jobs: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - id: cache - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/linux key: linux-${{ env.sha_short }} @@ -73,13 +73,13 @@ jobs: runs-on: macos-15 steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} - run: git fetch --force --tags - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - name: Setup Gon @@ -95,7 +95,7 @@ jobs: run: | echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - id: cache - uses: actions/cache@v5 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/darwin key: darwin-${{ env.sha_short }} @@ -119,7 +119,7 @@ jobs: needs: [tag, build-linux, build-darwin] runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.ref }} @@ -129,11 +129,11 @@ jobs: - shell: bash run: | echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - - uses: actions/cache@v5 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/linux key: linux-${{ env.sha_short }} - - uses: actions/cache@v5 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: dist/darwin key: darwin-${{ env.sha_short }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 63b9981df..646e69648 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,9 +18,9 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - name: Run package tests diff --git a/.github/workflows/version_comparison.yml b/.github/workflows/version_comparison.yml index 660ccfe90..b48a27608 100644 --- a/.github/workflows/version_comparison.yml +++ b/.github/workflows/version_comparison.yml @@ -22,13 +22,13 @@ jobs: matrix: ${{ steps.load_repo_list.outputs.matrix }} cache_key: ${{ steps.cache_key.outputs.value }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - id: load_repo_list name: Load KPI repository list run: | echo "matrix=$(npx --yes json5 ./.github/workflows/version_comparison/repositories.json5)" >> $GITHUB_OUTPUT - name: Set up Go - uses: actions/setup-go@v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 with: go-version: 1.25.0 - id: cache_key @@ -38,13 +38,13 @@ jobs: - name: Create cache folder run: mkdir bearer-comparison - name: Checkout base CLI - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: bearer/bearer ref: ${{ inputs.baseRef }} path: base-cli - name: Checkout base rules - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: bearer/bearer-rules ref: ${{ inputs.baseRulesRef }} @@ -54,13 +54,13 @@ jobs: cd ./base-cli go build -a -o ../bearer-comparison/base-bearer ./cmd/bearer/bearer.go || go build -a -o ../bearer-comparison/base-bearer ./cmd/bearer/main.go - name: Checkout test CLI - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: bearer/bearer ref: ${{ inputs.testRef }} path: test-cli - name: Checkout test rules - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: bearer/bearer-rules ref: ${{ inputs.testRulesRef }} @@ -70,7 +70,7 @@ jobs: cd ./test-cli go build -a -o ../bearer-comparison/test-bearer ./cmd/bearer/bearer.go || go build -a -o ../bearer-comparison/test-bearer ./cmd/bearer/main.go - name: Cache CLIs and rules - uses: actions/cache/save@v5 + uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: bearer-comparison key: ${{ steps.cache_key.outputs.value }} @@ -83,7 +83,7 @@ jobs: fail-fast: false steps: - name: Restore CLIs and rules - uses: actions/cache/restore@v5 + uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: bearer-comparison key: ${{ needs.setup.outputs.cache_key }} diff --git a/.github/workflows/version_comparison/repositories.json5 b/.github/workflows/version_comparison/repositories.json5 index 3e5b662dd..bef5bca1c 100644 --- a/.github/workflows/version_comparison/repositories.json5 +++ b/.github/workflows/version_comparison/repositories.json5 @@ -1,126 +1,126 @@ { "include": [ // ruby - { "name": "railsgoat", "repository_url": "https://github.com/Bearer/railsgoat" }, - { "name": "mastodon", "repository_url": "https://github.com/mastodon/mastodon" }, - { "name": "frab", "repository_url": "https://github.com/frab/frab" }, - { "name": "discourse", "repository_url": "https://github.com/discourse/discourse" }, - { "name": "diaspora", "repository_url": "https://github.com/diaspora/diaspora" }, + { "name": "railsgoat", "repository_url": "https://github.com/sast-playground/railsgoat" }, + { "name": "mastodon", "repository_url": "https://github.com/sast-playground/mastodon" }, + { "name": "frab", "repository_url": "https://github.com/sast-playground/frab" }, + { "name": "discourse", "repository_url": "https://github.com/sast-playground/discourse" }, + { "name": "diaspora", "repository_url": "https://github.com/sast-playground/diaspora" }, { "name": "gitlab", "repository_url": "https://gitlab.com/gitlab-org/gitlab" }, - { "name": "chatwoot", "repository_url": "https://github.com/chatwoot/chatwoot" }, - { "name": "postal", "repository_url": "https://github.com/postalserver/postal" }, - { "name": "forem", "repository_url": "https://github.com/forem/forem" }, - { "name": "openstreetmap-website", "repository_url": "https://github.com/openstreetmap/openstreetmap-website" }, - { "name": "loomio", "repository_url": "https://github.com/loomio/loomio" }, - { "name": "rdv-solidarites.fr", "repository_url": "https://github.com/betagouv/rdv-solidarites.fr" }, + { "name": "chatwoot", "repository_url": "https://github.com/sast-playground/chatwoot" }, + { "name": "postal", "repository_url": "https://github.com/sast-playground/postal" }, + { "name": "forem", "repository_url": "https://github.com/sast-playground/forem" }, + { "name": "openstreetmap-website", "repository_url": "https://github.com/sast-playground/openstreetmap-website" }, + { "name": "loomio", "repository_url": "https://github.com/sast-playground/loomio" }, + { "name": "rdv-solidarites.fr", "repository_url": "https://github.com/sast-playground/rdv-service-public" }, // javascript - { "name": "juice-shop", "repository_url": "https://github.com/Bearer/juice-shop" }, - { "name": "NodeGoat", "repository_url": "https://github.com/Bearer/NodeGoat" }, - { "name": "chapter", "repository_url": "https://github.com/freeCodeCamp/chapter" }, - { "name": "Ghost", "repository_url": "https://github.com/TryGhost/Ghost" }, - { "name": "wekan", "repository_url": "https://github.com/wekan/wekan" }, - { "name": "backstage", "repository_url": "https://github.com/backstage/backstage" }, - { "name": "medusa", "repository_url": "https://github.com/medusajs/medusa" }, - { "name": "ToolJet", "repository_url": "https://github.com/ToolJet/ToolJet" }, - { "name": "grafana", "repository_url": "https://github.com/grafana/grafana" }, - { "name": "mattermost-server", "repository_url": "https://github.com/mattermost/mattermost-server" }, - { "name": "Rocket.Chat", "repository_url": "https://github.com/RocketChat/Rocket.Chat" }, + { "name": "juice-shop", "repository_url": "https://github.com/sast-playground/juice-shop" }, + { "name": "NodeGoat", "repository_url": "https://github.com/sast-playground/NodeGoat" }, + { "name": "chapter", "repository_url": "https://github.com/sast-playground/chapter" }, + { "name": "Ghost", "repository_url": "https://github.com/sast-playground/Ghost" }, + { "name": "wekan", "repository_url": "https://github.com/sast-playground/wekan" }, + { "name": "backstage", "repository_url": "https://github.com/sast-playground/backstage" }, + { "name": "medusa", "repository_url": "https://github.com/sast-playground/medusa" }, + { "name": "ToolJet", "repository_url": "https://github.com/sast-playground/ToolJet" }, + { "name": "grafana", "repository_url": "https://github.com/sast-playground/grafana" }, + { "name": "mattermost-server", "repository_url": "https://github.com/sast-playground/mattermost-1" }, + { "name": "Rocket.Chat", "repository_url": "https://github.com/sast-playground/Rocket.Chat" }, // java - { "name": "WebGoat", "repository_url": "https://github.com/WebGoat/WebGoat" }, - { "name": "BenchmarkJava", "repository_url": "https://github.com/OWASP-Benchmark/BenchmarkJava" }, + { "name": "WebGoat", "repository_url": "https://github.com/sast-playground/WebGoat" }, + { "name": "BenchmarkJava", "repository_url": "https://github.com/sast-playground/BenchmarkJava" }, // php - { "name": "OWASPWebGoatPHP", "repository_url": "https://github.com/OWASP/OWASPWebGoatPHP" }, - { "name": "Vulnerable-Web-Application", "repository_url": "https://github.com/OWASP/Vulnerable-Web-Application" }, - { "name": "mediawiki", "repository_url": "https://github.com/wikimedia/mediawiki" }, - { "name": "PrestaShop", "repository_url": "https://github.com/PrestaShop/PrestaShop" }, - { "name": "WordPress", "repository_url": "https://github.com/WordPress/WordPress" }, - { "name": "phpbb", "repository_url": "https://github.com/phpbb/phpbb" }, - { "name": "monica", "repository_url": "https://github.com/monicahq/monica" }, - { "name": "backdrop", "repository_url": "https://github.com/backdrop/backdrop" }, - { "name": "cms", "repository_url": "https://github.com/craftcms/cms" }, - { "name": "drupal", "repository_url": "https://github.com/drupal/drupal" }, - { "name": "grav", "repository_url": "https://github.com/getgrav/grav" }, - { "name": "joomla-cms", "repository_url": "https://github.com/joomla/joomla-cms" }, - { "name": "magento2", "repository_url": "https://github.com/magento/magento2" }, - { "name": "moodle", "repository_url": "https://github.com/moodle/moodle" }, - { "name": "shopware", "repository_url": "https://github.com/shopware/shopware" }, - { "name": "Sylius", "repository_url": "https://github.com/Sylius/Sylius" }, + { "name": "OWASPWebGoatPHP", "repository_url": "https://github.com/sast-playground/OWASPWebGoatPHP" }, + { "name": "Vulnerable-Web-Application", "repository_url": "https://github.com/sast-playground/Vulnerable-Web-Application" }, + { "name": "mediawiki", "repository_url": "https://github.com/sast-playground/mediawiki" }, + { "name": "PrestaShop", "repository_url": "https://github.com/sast-playground/PrestaShop" }, + { "name": "WordPress", "repository_url": "https://github.com/sast-playground/WordPress" }, + { "name": "phpbb", "repository_url": "https://github.com/sast-playground/phpbb" }, + { "name": "monica", "repository_url": "https://github.com/sast-playground/monica" }, + { "name": "backdrop", "repository_url": "https://github.com/sast-playground/backdrop" }, + { "name": "cms", "repository_url": "https://github.com/sast-playground/cms" }, + { "name": "drupal", "repository_url": "https://github.com/sast-playground/drupal" }, + { "name": "grav", "repository_url": "https://github.com/sast-playground/grav" }, + { "name": "joomla-cms", "repository_url": "https://github.com/sast-playground/joomla-cms" }, + { "name": "magento2", "repository_url": "https://github.com/sast-playground/magento2" }, + { "name": "moodle", "repository_url": "https://github.com/sast-playground/moodle" }, + { "name": "shopware", "repository_url": "https://github.com/sast-playground/shopware" }, + { "name": "Sylius", "repository_url": "https://github.com/sast-playground/Sylius" }, // golang - { "name": "Vulnerability-goapp", "repository_url": "https://github.com/Bearer/Vulnerability-goapp" }, - { "name": "govwa", "repository_url": "https://github.com/0c34/govwa" }, - { "name": "beats", "repository_url": "https://github.com/elastic/beats" }, - { "name": "hugo", "repository_url": "https://github.com/gohugoio/hugo" }, - { "name": "mattermost", "repository_url": "https://github.com/mattermost/mattermost" }, - { "name": "prometheus", "repository_url": "https://github.com/prometheus/prometheus" }, - { "name": "gitea", "repository_url": "https://github.com/go-gitea/gitea" }, - { "name": "traefik", "repository_url": "https://github.com/traefik/traefik" }, - { "name": "caddy", "repository_url": "https://github.com/caddyserver/caddy" }, - { "name": "gitness", "repository_url": "https://github.com/harness/gitness" }, - { "name": "terraform", "repository_url": "https://github.com/hashicorp/terraform" }, - { "name": "loki", "repository_url": "https://github.com/grafana/loki" }, - { "name": "jaeger", "repository_url": "https://github.com/jaegertracing/jaeger" }, - { "name": "VictoriaMetrics", "repository_url": "https://github.com/VictoriaMetrics/VictoriaMetrics" }, - { "name": "gorush", "repository_url": "https://github.com/appleboy/gorush" }, - { "name": "easegress", "repository_url": "https://github.com/easegress-io/easegress" }, - { "name": "wishlist", "repository_url": "https://github.com/charmbracelet/wishlist" }, - { "name": "reviewdog", "repository_url": "https://github.com/reviewdog/reviewdog" }, - { "name": "gotrue", "repository_url": "https://github.com/supabase/gotrue" }, - { "name": "openbao", "repository_url": "https://github.com/openbao/openbao" }, - { "name": "statsviz", "repository_url": "https://github.com/arl/statsviz" }, - { "name": "firewalld-rest", "repository_url": "https://github.com/prashantgupta24/firewalld-rest" }, - { "name": "secure", "repository_url": "https://github.com/unrolled/secure" }, - { "name": "fider", "repository_url": "https://github.com/getfider/fider" }, - { "name": "flagr", "repository_url": "https://github.com/openflagr/flagr" }, - { "name": "flipt", "repository_url": "https://github.com/flipt-io/flipt" }, - { "name": "minio", "repository_url": "https://github.com/minio/minio" }, - { "name": "moxy", "repository_url": "https://github.com/sinhashubham95/moxy" }, - { "name": "roadrunner", "repository_url": "https://github.com/roadrunner-server/roadrunner" }, - { "name": "cryptgo", "repository_url": "https://github.com/Gituser143/cryptgo" }, - { "name": "cli", "repository_url": "https://github.com/create-go-app/cli" }, - { "name": "teleport", "repository_url": "https://github.com/gravitational/teleport" }, - { "name": "etcd", "repository_url": "https://github.com/etcd-io/etcd" }, - { "name": "kubernetes", "repository_url": "https://github.com/kubernetes/kubernetes" }, - { "name": "websocket", "repository_url": "https://github.com/gorilla/websocket" }, - { "name": "helm", "repository_url": "https://github.com/helm/helm" }, - { "name": "consul", "repository_url": "https://github.com/hashicorp/consul" }, - { "name": "vegeta", "repository_url": "https://github.com/tsenart/vegeta" }, - { "name": "tidb", "repository_url": "https://github.com/pingcap/tidb" }, - { "name": "gin", "repository_url": "https://github.com/gin-gonic/gin" }, - { "name": "cilium", "repository_url": "https://github.com/cilium/cilium" }, - { "name": "juju", "repository_url": "https://github.com/juju/juju" }, - { "name": "packer", "repository_url": "https://github.com/hashicorp/packer" }, - { "name": "helmfile", "repository_url": "https://github.com/helmfile/helmfile" }, - { "name": "moby", "repository_url": "https://github.com/moby/moby" }, - { "name": "nats-server", "repository_url": "https://github.com/nats-io/nats-server" }, - { "name": "vault", "repository_url": "https://github.com/hashicorp/vault" }, - { "name": "prometheus-operator", "repository_url": "https://github.com/prometheus-operator/prometheus-operator" }, + { "name": "Vulnerability-goapp", "repository_url": "https://github.com/sast-playground/Vulnerability-goapp" }, + { "name": "govwa", "repository_url": "https://github.com/sast-playground/govwa" }, + { "name": "beats", "repository_url": "https://github.com/sast-playground/beats" }, + { "name": "hugo", "repository_url": "https://github.com/sast-playground/hugo" }, + { "name": "mattermost", "repository_url": "https://github.com/sast-playground/mattermost" }, + { "name": "prometheus", "repository_url": "https://github.com/sast-playground/prometheus" }, + { "name": "gitea", "repository_url": "https://github.com/sast-playground/gitea" }, + { "name": "traefik", "repository_url": "https://github.com/sast-playground/traefik" }, + { "name": "caddy", "repository_url": "https://github.com/sast-playground/caddy" }, + { "name": "gitness", "repository_url": "https://github.com/sast-playground/gitness" }, + { "name": "terraform", "repository_url": "https://github.com/sast-playground/terraform" }, + { "name": "loki", "repository_url": "https://github.com/sast-playground/loki" }, + { "name": "jaeger", "repository_url": "https://github.com/sast-playground/jaeger" }, + { "name": "VictoriaMetrics", "repository_url": "https://github.com/sast-playground/VictoriaMetrics" }, + { "name": "gorush", "repository_url": "https://github.com/sast-playground/gorush" }, + { "name": "easegress", "repository_url": "https://github.com/sast-playground/easegress" }, + { "name": "wishlist", "repository_url": "https://github.com/sast-playground/wishlist" }, + { "name": "reviewdog", "repository_url": "https://github.com/sast-playground/reviewdog" }, + { "name": "gotrue", "repository_url": "https://github.com/sast-playground/auth" }, + { "name": "openbao", "repository_url": "https://github.com/sast-playground/openbao" }, + { "name": "statsviz", "repository_url": "https://github.com/sast-playground/statsviz" }, + { "name": "firewalld-rest", "repository_url": "https://github.com/sast-playground/firewalld-rest" }, + { "name": "secure", "repository_url": "https://github.com/sast-playground/secure" }, + { "name": "fider", "repository_url": "https://github.com/sast-playground/fider" }, + { "name": "flagr", "repository_url": "https://github.com/sast-playground/flagr" }, + { "name": "flipt", "repository_url": "https://github.com/sast-playground/flipt" }, + { "name": "minio", "repository_url": "https://github.com/sast-playground/minio" }, + { "name": "moxy", "repository_url": "https://github.com/sast-playground/moxy" }, + { "name": "roadrunner", "repository_url": "https://github.com/sast-playground/roadrunner" }, + { "name": "cryptgo", "repository_url": "https://github.com/sast-playground/cryptgo" }, + { "name": "cli", "repository_url": "https://github.com/sast-playground/cli" }, + { "name": "teleport", "repository_url": "https://github.com/sast-playground/teleport" }, + { "name": "etcd", "repository_url": "https://github.com/sast-playground/etcd" }, + { "name": "kubernetes", "repository_url": "https://github.com/sast-playground/kubernetes" }, + { "name": "websocket", "repository_url": "https://github.com/sast-playground/websocket" }, + { "name": "helm", "repository_url": "https://github.com/sast-playground/helm" }, + { "name": "consul", "repository_url": "https://github.com/sast-playground/consul" }, + { "name": "vegeta", "repository_url": "https://github.com/sast-playground/vegeta" }, + { "name": "tidb", "repository_url": "https://github.com/sast-playground/tidb" }, + { "name": "gin", "repository_url": "https://github.com/sast-playground/gin" }, + { "name": "cilium", "repository_url": "https://github.com/sast-playground/cilium" }, + { "name": "juju", "repository_url": "https://github.com/sast-playground/juju" }, + { "name": "packer", "repository_url": "https://github.com/sast-playground/packer" }, + { "name": "helmfile", "repository_url": "https://github.com/sast-playground/helmfile" }, + { "name": "moby", "repository_url": "https://github.com/sast-playground/moby" }, + { "name": "nats-server", "repository_url": "https://github.com/sast-playground/nats-server" }, + { "name": "vault", "repository_url": "https://github.com/sast-playground/vault" }, + { "name": "prometheus-operator", "repository_url": "https://github.com/sast-playground/prometheus-operator" }, // python - { "name": "PyGoat", "repository_url": "https://github.com/adeyosemanputra/pygoat" }, - { "name": "Wagtail", "repository_url": "https://github.com/wagtail/wagtail" }, - { "name": "saleor", "repository_url": "https://github.com/saleor/saleor" }, - { "name": "awx", "repository_url": "https://github.com/ansible/awx" }, - { "name": "cookiecutter-django", "repository_url": "https://github.com/cookiecutter/cookiecutter-django" }, - { "name": "django-cms", "repository_url": "https://github.com/django-cms/django-cms" }, - { "name": "django-allauth", "repository_url": "https://github.com/pennersr/django-allauth" }, - { "name": "healthchecks", "repository_url": "https://github.com/healthchecks/healthchecks" }, - { "name": "posthog", "repository_url": "https://github.com/PostHog/posthog" }, - { "name": "Zappa", "repository_url": "https://github.com/zappa/Zappa" }, - { "name": "oncall", "repository_url": "https://github.com/grafana/oncall" }, - { "name": "mealie", "repository_url": "https://github.com/mealie-recipes/mealie" }, - { "name": "taipy", "repository_url": "https://github.com/Avaiga/taipy" }, - { "name": "fabric", "repository_url": "https://github.com/danielmiessler/fabric" }, - { "name": "pypiserver", "repository_url": "https://github.com/pypiserver/pypiserver" }, - { "name": "pip", "repository_url": "https://github.com/pypa/pip" }, - { "name": "indico", "repository_url": "https://github.com/indico/indico" }, - { "name": "feincms", "repository_url": "https://github.com/feincms/feincms" }, - { "name": "django", "repository_url": "https://github.com/django/django" }, - { "name": "yt-dlp", "repository_url": "https://github.com/yt-dlp/yt-dlp" }, - { "name": "kitty", "repository_url": "https://github.com/kovidgoyal/kitty" }, - { "name": "langchain", "repository_url": "https://github.com/langchain-ai/langchain" }, - { "name": "ray", "repository_url": "https://github.com/ray-project/ray" }, - { "name": "pretix", "repository_url": "https://github.com/pretix/pretix" }, - { "name": "unilm", "repository_url": "https://github.com/microsoft/unilm" }, - { "name": "streamlit", "repository_url": "https://github.com/streamlit/streamlit" }, - { "name": "tinygrad", "repository_url": "https://github.com/tinygrad/tinygrad" } + { "name": "PyGoat", "repository_url": "https://github.com/sast-playground/pygoat" }, + { "name": "Wagtail", "repository_url": "https://github.com/sast-playground/wagtail" }, + { "name": "saleor", "repository_url": "https://github.com/sast-playground/saleor" }, + { "name": "awx", "repository_url": "https://github.com/sast-playground/awx" }, + { "name": "cookiecutter-django", "repository_url": "https://github.com/sast-playground/cookiecutter-django" }, + { "name": "django-cms", "repository_url": "https://github.com/sast-playground/django-cms" }, + { "name": "django-allauth", "repository_url": "https://github.com/sast-playground/django-allauth" }, + { "name": "healthchecks", "repository_url": "https://github.com/sast-playground/healthchecks" }, + { "name": "posthog", "repository_url": "https://github.com/sast-playground/posthog" }, + { "name": "Zappa", "repository_url": "https://github.com/sast-playground/Zappa" }, + { "name": "oncall", "repository_url": "https://github.com/sast-playground/oncall" }, + { "name": "mealie", "repository_url": "https://github.com/sast-playground/mealie" }, + { "name": "taipy", "repository_url": "https://github.com/sast-playground/taipy" }, + { "name": "fabric", "repository_url": "https://github.com/sast-playground/fabric" }, + { "name": "pypiserver", "repository_url": "https://github.com/sast-playground/pypiserver" }, + { "name": "pip", "repository_url": "https://github.com/sast-playground/pip" }, + { "name": "indico", "repository_url": "https://github.com/sast-playground/indico" }, + { "name": "feincms", "repository_url": "https://github.com/sast-playground/feincms" }, + { "name": "django", "repository_url": "https://github.com/sast-playground/django" }, + { "name": "yt-dlp", "repository_url": "https://github.com/sast-playground/yt-dlp" }, + { "name": "kitty", "repository_url": "https://github.com/sast-playground/kitty" }, + { "name": "langchain", "repository_url": "https://github.com/sast-playground/langchain" }, + { "name": "ray", "repository_url": "https://github.com/sast-playground/ray" }, + { "name": "pretix", "repository_url": "https://github.com/sast-playground/pretix" }, + { "name": "unilm", "repository_url": "https://github.com/sast-playground/unilm" }, + { "name": "streamlit", "repository_url": "https://github.com/sast-playground/streamlit" }, + { "name": "tinygrad", "repository_url": "https://github.com/sast-playground/tinygrad" } ] } From 84524fbc836e1087e9ea695ca7c013baf0a20684 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 14:39:12 +0000 Subject: [PATCH 16/18] chore(deps): bump golang.org/x/net from 0.51.0 to 0.52.0 (#1919) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.51.0 to 0.52.0. - [Commits](https://github.com/golang/net/compare/v0.51.0...v0.52.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.52.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 8 ++++---- go.sum | 20 ++++++++++---------- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 6d36d5af3..e7d7bf90c 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 github.com/zricethezav/gitleaks/v8 v8.18.1 golang.org/x/mod v0.33.0 - golang.org/x/net v0.51.0 + golang.org/x/net v0.52.0 golang.org/x/oauth2 v0.36.0 sigs.k8s.io/yaml v1.6.0 ) @@ -57,7 +57,7 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect golang.org/x/sync v0.20.0 // indirect - golang.org/x/term v0.40.0 // indirect + golang.org/x/term v0.41.0 // indirect ) require ( @@ -92,7 +92,7 @@ require ( github.com/yusufpapurcu/wmi v1.2.4 // indirect go.yaml.in/yaml/v2 v2.4.2 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/crypto v0.48.0 // indirect + golang.org/x/crypto v0.49.0 // indirect golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect ) @@ -108,7 +108,7 @@ require ( github.com/spf13/viper v1.21.0 github.com/subosito/gotenv v1.6.0 // indirect golang.org/x/sys v0.42.0 // indirect - golang.org/x/text v0.34.0 // indirect + golang.org/x/text v0.35.0 // indirect gopkg.in/ini.v1 v1.67.1 // indirect gopkg.in/yaml.v3 v3.0.1 ) diff --git a/go.sum b/go.sum index 519be8d0b..f67ecdd54 100644 --- a/go.sum +++ b/go.sum @@ -268,14 +268,14 @@ go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts= -golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos= +golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= +golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo= golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak= golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= -golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= -golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= @@ -290,12 +290,12 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/term v0.40.0 h1:36e4zGLqU4yhjlmxEaagx2KuYbJq3EwY8K943ZsHcvg= -golang.org/x/term v0.40.0/go.mod h1:w2P8uVp06p2iyKKuvXIm7N/y0UCRt3UfJTfZ7oOpglM= -golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk= -golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA= -golang.org/x/tools v0.41.0 h1:a9b8iMweWG+S0OBnlU36rzLp20z1Rp10w+IY2czHTQc= -golang.org/x/tools v0.41.0/go.mod h1:XSY6eDqxVNiYgezAVqqCeihT4j1U2CCsqvH3WhQpnlg= +golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= +golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= +golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= +golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k= +golang.org/x/tools v0.42.0/go.mod h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= From def42dc648953d8402957a520a65f4f219f9a408 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 14:42:49 +0000 Subject: [PATCH 17/18] chore(deps): bump Apple-Actions/import-codesign-certs from 6.0.0 to 6.1.0 (#1924) chore(deps): bump Apple-Actions/import-codesign-certs Bumps [Apple-Actions/import-codesign-certs](https://github.com/apple-actions/import-codesign-certs) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/apple-actions/import-codesign-certs/releases) - [Commits](https://github.com/apple-actions/import-codesign-certs/compare/b610f78488812c1e56b20e6df63ec42d833f2d14...fe74d46e82474f87e1ba79832ad28a4013d0e33a) --- updated-dependencies: - dependency-name: Apple-Actions/import-codesign-certs dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/canary.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 37ff0c04d..183452b82 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -80,7 +80,7 @@ jobs: - name: Setup Gon run: brew install Bearer/tap/gon - name: Import Code-Signing Certificates - uses: Apple-Actions/import-codesign-certs@b610f78488812c1e56b20e6df63ec42d833f2d14 # v6 + uses: Apple-Actions/import-codesign-certs@fe74d46e82474f87e1ba79832ad28a4013d0e33a # v6 with: # The certificates in a PKCS12 file encoded as a base64 string p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b64308e7a..c6c8f39fc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -85,7 +85,7 @@ jobs: - name: Setup Gon run: brew install Bearer/tap/gon - name: Import Code-Signing Certificates - uses: Apple-Actions/import-codesign-certs@b610f78488812c1e56b20e6df63ec42d833f2d14 # v6 + uses: Apple-Actions/import-codesign-certs@fe74d46e82474f87e1ba79832ad28a4013d0e33a # v6 with: # The certificates in a PKCS12 file encoded as a base64 string p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} From 4c0b39a66637a1c53fdcfbeb2d688cfc191168c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 14:46:20 +0000 Subject: [PATCH 18/18] chore(deps): bump golang.org/x/mod from 0.33.0 to 0.34.0 (#1918) Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.33.0 to 0.34.0. - [Commits](https://github.com/golang/mod/compare/v0.33.0...v0.34.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-version: 0.34.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index e7d7bf90c..7a17b78a6 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( github.com/weppos/publicsuffix-go v0.50.3 github.com/xeipuuv/gojsonschema v1.2.0 github.com/zricethezav/gitleaks/v8 v8.18.1 - golang.org/x/mod v0.33.0 + golang.org/x/mod v0.34.0 golang.org/x/net v0.52.0 golang.org/x/oauth2 v0.36.0 sigs.k8s.io/yaml v1.6.0 diff --git a/go.sum b/go.sum index f67ecdd54..f23e36039 100644 --- a/go.sum +++ b/go.sum @@ -272,8 +272,8 @@ golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo= golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak= -golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8= -golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w= +golang.org/x/mod v0.34.0 h1:xIHgNUUnW6sYkcM5Jleh05DvLOtwc6RitGHbDk4akRI= +golang.org/x/mod v0.34.0/go.mod h1:ykgH52iCZe79kzLLMhyCUzhMci+nQj+0XkbXpNYtVjY= golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=