Skip to content

build(deps): bump github.com/anchore/quill from 0.5.1 to 0.7.1 in /tools#1749

Merged
rcaril merged 1 commit intomainfrom
dependabot/go_modules/tools/github.com/anchore/quill-0.7.1
Apr 27, 2026
Merged

build(deps): bump github.com/anchore/quill from 0.5.1 to 0.7.1 in /tools#1749
rcaril merged 1 commit intomainfrom
dependabot/go_modules/tools/github.com/anchore/quill-0.7.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Bumps github.com/anchore/quill from 0.5.1 to 0.7.1.

Release notes

Sourced from github.com/anchore/quill's releases.

v0.7.1

Security Fixes

(Full Changelog)

v0.7.0

Added Features

Bug Fixes

Additional Changes

(Full Changelog)

Commits
  • 9cdb082 do not allow for unbounded reads for user controlled input (#681)
  • 80cf3fe account for excessive read limits in macho parsing code (#682)
  • e41d66a validate developer log URL requests (#680)
  • 899202c update cred var values for p12 in release (#679)
  • c73a37b remove goreleaser config for release step + update tool refs (#678)
  • 95e119c persist credentials for git (#677)
  • 02e765a chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#663)
  • 530bb7f add test notarize command (#618)
  • 3e8269c Set team ID during signing (#675)
  • 12b3e8e chore(deps): bump github.com/blacktop/go-macho from 1.1.259 to 1.1.263 (#661)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the tools Indicates that a given PR updates the repo tooling. label Apr 27, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 27, 2026 13:01
@dependabot dependabot Bot requested a review from rcaril April 27, 2026 13:01
@github-actions github-actions Bot added the Skip-Changelog do not add a changelog entry for this change label Apr 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/tools/github.com/anchore/quill-0.7.1 branch 12 times, most recently from 5ae176b to c6ab2cf Compare April 27, 2026 16:46
@dependabot
build(deps): bump github.com/anchore/quill from 0.5.1 to 0.7.1 in /tools
b5fccba 
Bumps [github.com/anchore/quill](https://github.com/anchore/quill) from 0.5.1 to 0.7.1.
- [Release notes](https://github.com/anchore/quill/releases)
- [Changelog](https://github.com/anchore/quill/blob/main/RELEASE.md)
- [Commits](anchore/quill@v0.5.1...v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/anchore/quill
  dependency-version: 0.7.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/tools/github.com/anchore/quill-0.7.1 branch from c6ab2cf to b5fccba Compare April 27, 2026 17:01
@rcaril rcaril enabled auto-merge (squash) April 27, 2026 17:05
@rcaril rcaril merged commit f626118 into main Apr 27, 2026
10 checks passed
@rcaril rcaril deleted the dependabot/go_modules/tools/github.com/anchore/quill-0.7.1 branch April 27, 2026 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rcaril rcaril rcaril approved these changes

Assignees

No one assigned

Labels

Skip-Changelog do not add a changelog entry for this change tools Indicates that a given PR updates the repo tooling.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rcaril