-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0 #738
base: main
Are you sure you want to change the base?
chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0 #738
Conversation
Bumps [github.com/Masterminds/sprig/v3](https://github.com/Masterminds/sprig) from 3.2.3 to 3.3.0. - [Release notes](https://github.com/Masterminds/sprig/releases) - [Changelog](https://github.com/Masterminds/sprig/blob/master/CHANGELOG.md) - [Commits](Masterminds/sprig@v3.2.3...v3.3.0) --- updated-dependencies: - dependency-name: github.com/Masterminds/sprig/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
WalkthroughThe Changes
Sequence Diagram(s)sequenceDiagram
participant A as Developer
participant B as Dependency Manager
participant C as Library Repo
A->>B: Request to update dependencies
B->>C: Fetch latest versions
C-->>B: Return updated versions
B-->>A: Confirm updates applied
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 0
Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Files ignored due to path filters (1)
go.sum
is excluded by!**/*.sum
Files selected for processing (1)
- go.mod (7 hunks)
Additional comments not posted (10)
go.mod (10)
23-23
: Dependency Update:github.com/Masterminds/sprig/v3
The upgrade from
v3.2.3
tov3.3.0
is correctly reflected. Ensure to review the release notes for any breaking changes or new features that might affect the project.
40-40
: Dependency Update:github.com/huandu/xstrings
The upgrade from
v1.4.0
tov1.5.0
is correctly reflected. It's important to verify that the new version does not introduce any compatibility issues with existing string manipulations in the project.
97-97
: Dependency Update:github.com/Masterminds/semver/v3
The upgrade from
v3.2.0
tov3.3.0
is correctly reflected. Given the nature of this library (semantic version parsing), ensure that the new version maintains compatibility with version constraints defined elsewhere in the project.
231-231
: Dependency Update:github.com/mitchellh/copystructure
The upgrade from
v1.0.0
tov1.2.0
is correctly reflected. Review any changes in the library's method of copying structures to ensure it aligns with the project's usage.
235-235
: Dependency Update:github.com/mitchellh/reflectwalk
The upgrade from
v1.0.0
tov1.0.2
is correctly reflected. This library is used for walking through Go structures, and updates often include important fixes or optimizations.
267-267
: Dependency Update:github.com/shopspring/decimal
The upgrade from
v1.2.0
tov1.4.0
is significant and should be reviewed for any changes in the handling of decimal numbers that might affect financial calculations or data accuracy in the project.
294-294
: Dependency Update:golang.org/x/crypto
The upgrade from
v0.25.0
tov0.26.0
is correctly reflected. Given this library's importance for security, thoroughly review the changelog for security fixes or changes that might impact cryptographic functions used in the project.
297-297
: Dependency Update:golang.org/x/sync
The upgrade from
v0.7.0
tov0.8.0
is correctly reflected. Check for any changes in synchronization primitives that might affect concurrency patterns in the project.
299-299
: Dependency Update:golang.org/x/term
The upgrade from
v0.22.0
tov0.23.0
is correctly reflected. Verify that terminal interactions, if any, are still functioning as expected with this update.
300-300
: Dependency Update:golang.org/x/text
The upgrade from
v0.16.0
tov0.17.0
is correctly reflected. This library often includes important updates for text processing, so ensure compatibility with text manipulation features in the project.
Bumps github.com/Masterminds/sprig/v3 from 3.2.3 to 3.3.0.
Release notes
Sourced from github.com/Masterminds/sprig/v3's releases.
Changelog
Sourced from github.com/Masterminds/sprig/v3's changelog.
Commits
e708470
Merge pull request #408 from mattfarina/update-changelog-3.38fc4354
Updating the changelog for the 3.3.0 releasecb81a32
Merge pull request #407 from mattfarina/remove-dup-math-functions2637693
Removing duplicate documentation06b9a87
Merge pull request #290 from zzhu41/patch-1e663ec6
Merge pull request #369 from chey/patch-1bb2f73f
Merge pull request #375 from carlpett/patch-1f07659e
Merge pull request #400 from itzik-elayev/master98b35c1
Add closing bracket7a88928
Merge pull request #406 from mattfarina/update-mergoDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Summary by CodeRabbit
New Features
Bug Fixes
Chores