Skip to content

chore(deps): Bump the go-minor-patch group across 1 directory with 10 updates#271

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-35dd1f29e0
Closed

chore(deps): Bump the go-minor-patch group across 1 directory with 10 updates#271
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-35dd1f29e0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026
edited
Loading

Bumps the go-minor-patch group with 6 updates in the / directory:

Package From To
github.com/anchore/bubbly 0.0.0-20230919123500-747f4abea05f 0.2.0
github.com/anchore/clio 0.0.0-20230823172630-c42d666061af 0.1.0
github.com/chainguard-dev/yam 0.2.53 0.2.55
github.com/itchyny/gojq 0.12.18 0.12.19
golang.org/x/net 0.50.0 0.53.0
golang.org/x/oauth2 0.35.0 0.36.0

Updates github.com/anchore/bubbly from 0.0.0-20230919123500-747f4abea05f to 0.2.0

Release notes

Sourced from github.com/anchore/bubbly's releases.

v0.2.0

Initial release 🎉

Commits

Updates github.com/anchore/clio from 0.0.0-20230823172630-c42d666061af to 0.1.0

Release notes

Sourced from github.com/anchore/clio's releases.

v0.1.0

Initial release 🎉

Commits

Updates github.com/anchore/fangs from 0.0.0-20230818131516-2186b10924fe to 0.0.0-20250319155437-a26984174d7d

Commits

Updates github.com/anchore/go-logger from 0.0.0-20230725134548-c21dafa1ec5a to 0.0.0-20250318195838-07ae343dd722

Commits

Updates github.com/chainguard-dev/yam from 0.2.53 to 0.2.55

Commits
  • 2b6bed4 build(deps): bump step-security/action-actionlint from 1.69.1 to 1.72.0 (#206)
  • 10212d1 build(deps): bump step-security/harden-runner from 2.16.0 to 2.17.0 (#205)
  • 27c1ffe chore(workflows): add actionlint and zizmor action linters [SECINT-75] (#204)
  • 4d84634 build(deps): bump actions/setup-go from 6.3.0 to 6.4.0 (#200)
  • eeb3ecb build(deps): bump step-security/harden-runner from 2.16.0 to 2.16.1 (#201)
  • 38cd909 build(deps): bump chainguard-dev/actions from 1.6.10 to 1.6.13 (#203)
  • fbc0768 build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 (#198)
  • c83c246 build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 (#197)
  • See full diff in compare view

Updates github.com/itchyny/gojq from 0.12.18 to 0.12.19

Release notes

Sourced from github.com/itchyny/gojq's releases.

Release v0.12.19

  • fix gsub and sub when the replacement emits multiple values
  • fix fmax, fmin, modf functions against NaN and infinities
  • fix join/1 to use add/0 implementation and handle null separator
  • fix del and delpaths on null to emit null
  • fix arithmetic operations on the minimum integer
  • fix significand function against subnormal numbers
  • fix handling of -- in cli flag parsing for jq compatibility
  • fix flatten/1 to emit error when the depth is NaN
  • fix array slice update to validate index types
  • fix string repetition boundary check to match jq behavior
  • implement splits/2 using match/2 for better jq compatibility
  • implement to_entries and from_entries in jq for simplicity
  • improve performance of regexp functions by caching compiled regexps
Changelog

Sourced from github.com/itchyny/gojq's changelog.

v0.12.19 (2026-04-01)

  • fix gsub and sub when the replacement emits multiple values
  • fix fmax, fmin, modf functions against NaN and infinities
  • fix join/1 to use add/0 implementation and handle null separator
  • fix del and delpaths on null to emit null
  • fix arithmetic operations on the minimum integer
  • fix significand function against subnormal numbers
  • fix handling of -- in cli flag parsing for jq compatibility
  • fix flatten/1 to emit error when the depth is NaN
  • fix array slice update to validate index types
  • fix string repetition boundary check to match jq behavior
  • implement splits/2 using match/2 for better jq compatibility
  • implement to_entries and from_entries in jq for simplicity
  • improve performance of regexp functions by caching compiled regexps
Commits
  • b7ebffb bump up version to 0.12.19
  • b02c97b update CHANGELOG.md for v0.12.19
  • d7ca9b5 implement to_entries and from_entries in jq for simplicity
  • bac8b0b update dependencies
  • 183cbec bump up Docker actions
  • 40707cf fix repeated argument type any
  • b5ece86 fix handling of -- in cli flag parsing for jq compatibility
  • cca2307 re-generate the parser.go file
  • ca5066d fix gsub and sub when the replacement emits multiple values
  • 0878958 improve performance of regexp functions by caching compiled regexps (fix #230)
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.50.0 to 0.53.0

Commits
  • a8d1fc1 go.mod: update golang.org/x dependencies
  • 056ac74 quic: avoid depending on golang.org/x/sys/unix
  • c85f611 http3: add http3 package for testing in std
  • 805fc81 http2: add transport API tests
  • e63b894 http2: support testing via net/http.Transport.RoundTrip
  • 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
  • 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
  • 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
  • 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
  • 228a67a internal/http3: add CloseIdleConnections support in transport
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.35.0 to 0.36.0

Commits
  • 4d954e6 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits
  • ec11c4a errgroup: fix a typo in the documentation
  • 1a58307 all: modernize interface{} -> any
  • 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates golang.org/x/term from 0.40.0 to 0.42.0

Commits
  • 52b71d3 go.mod: update golang.org/x dependencies
  • 9d2dc07 go.mod: update golang.org/x dependencies
  • d954e03 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 20, 2026
@dependabot
chore(deps): Bump the go-minor-patch group across 1 directory with 10…
5732472 
… updates

Bumps the go-minor-patch group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/anchore/bubbly](https://github.com/anchore/bubbly) | `0.0.0-20230919123500-747f4abea05f` | `0.2.0` |
| [github.com/anchore/clio](https://github.com/anchore/clio) | `0.0.0-20230823172630-c42d666061af` | `0.1.0` |
| [github.com/chainguard-dev/yam](https://github.com/chainguard-dev/yam) | `0.2.53` | `0.2.55` |
| [github.com/itchyny/gojq](https://github.com/itchyny/gojq) | `0.12.18` | `0.12.19` |
| [golang.org/x/net](https://github.com/golang/net) | `0.50.0` | `0.53.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.35.0` | `0.36.0` |



Updates `github.com/anchore/bubbly` from 0.0.0-20230919123500-747f4abea05f to 0.2.0
- [Release notes](https://github.com/anchore/bubbly/releases)
- [Commits](https://github.com/anchore/bubbly/commits/v0.2.0)

Updates `github.com/anchore/clio` from 0.0.0-20230823172630-c42d666061af to 0.1.0
- [Release notes](https://github.com/anchore/clio/releases)
- [Commits](https://github.com/anchore/clio/commits/v0.1.0)

Updates `github.com/anchore/fangs` from 0.0.0-20230818131516-2186b10924fe to 0.0.0-20250319155437-a26984174d7d
- [Release notes](https://github.com/anchore/fangs/releases)
- [Commits](https://github.com/anchore/fangs/commits)

Updates `github.com/anchore/go-logger` from 0.0.0-20230725134548-c21dafa1ec5a to 0.0.0-20250318195838-07ae343dd722
- [Release notes](https://github.com/anchore/go-logger/releases)
- [Commits](https://github.com/anchore/go-logger/commits)

Updates `github.com/chainguard-dev/yam` from 0.2.53 to 0.2.55
- [Commits](chainguard-dev/yam@v0.2.53...v0.2.55)

Updates `github.com/itchyny/gojq` from 0.12.18 to 0.12.19
- [Release notes](https://github.com/itchyny/gojq/releases)
- [Changelog](https://github.com/itchyny/gojq/blob/main/CHANGELOG.md)
- [Commits](itchyny/gojq@v0.12.18...v0.12.19)

Updates `golang.org/x/net` from 0.50.0 to 0.53.0
- [Commits](golang/net@v0.50.0...v0.53.0)

Updates `golang.org/x/oauth2` from 0.35.0 to 0.36.0
- [Commits](golang/oauth2@v0.35.0...v0.36.0)

Updates `golang.org/x/sync` from 0.19.0 to 0.20.0
- [Commits](golang/sync@v0.19.0...v0.20.0)

Updates `golang.org/x/term` from 0.40.0 to 0.42.0
- [Commits](golang/term@v0.40.0...v0.42.0)

---
updated-dependencies:
- dependency-name: github.com/anchore/bubbly
  dependency-version: 0.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: github.com/anchore/clio
  dependency-version: 0.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: github.com/anchore/fangs
  dependency-version: 0.0.0-20250319155437-a26984174d7d
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-patch
- dependency-name: github.com/anchore/go-logger
  dependency-version: 0.0.0-20250318195838-07ae343dd722
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-patch
- dependency-name: github.com/chainguard-dev/yam
  dependency-version: 0.2.55
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-patch
- dependency-name: github.com/itchyny/gojq
  dependency-version: 0.12.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
  dependency-version: 0.53.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/sync
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/term
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-minor-patch-35dd1f29e0 branch from e315fe5 to 5732472 Compare April 20, 2026 18:27
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 22, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 22, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/go-minor-patch-35dd1f29e0 branch April 22, 2026 12:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants