Skip to content

Commit

Permalink
Bump carvel.dev/vendir from 0.40.0 to 0.40.1 (#7709)
Browse files Browse the repository at this point in the history 
Bumps [carvel.dev/vendir](https://github.com/carvel-dev/vendir) from
0.40.0 to 0.40.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/carvel-dev/vendir/releases">carvel.dev/vendir's
releases</a>.</em></p>
<blockquote>
<h2>v0.40.1</h2>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<h3>Installation</h3>
<h4>By downloading binary from the release</h4>
<p>For instance, if you are using Linux on an AMD64 architecture:</p>
<pre lang="shell"><code># Download the binary
curl -LO
https://github.com/carvel-dev/vendir/releases/download/v0.40.1/vendir-linux-amd64
<h1>Move the binary in to your PATH</h1>
<p>mv vendir-linux-amd64 /usr/local/bin/vendir</p>
<h1>Make the binary executable</h1>
<p>chmod +x /usr/local/bin/vendir
</code></pre></p>
<h4>Via Homebrew (macOS or Linux)</h4>
<pre lang="shell"><code>$ brew tap carvel-dev/carvel
$ brew install vendir
$ vendir version  
</code></pre>
<h3>Verify checksums file signature</h3>
<p>Install cosign on your system <a
href="https://docs.sigstore.dev/system_config/installation/">https://docs.sigstore.dev/system_config/installation/</a></p>
<p>The checksums file provided within the artifacts attached to this
release is signed using <a
href="https://docs.sigstore.dev/cosign/overview/">Cosign</a> with GitHub
OIDC. To validate the signature of this file, run the following
commands:</p>
<pre lang="shell"><code># Download the checksums file, certificate and
signature
curl -LO
https://github.com/carvel-dev/vendir/releases/download/v0.40.1/checksums.txt
curl -LO
https://github.com/carvel-dev/vendir/releases/download/v0.40.1/checksums.txt.pem
curl -LO
https://github.com/carvel-dev/vendir/releases/download/v0.40.1/checksums.txt.sig
<h1>Verify the checksums file</h1>
<p>cosign verify-blob checksums.txt <br />
--certificate checksums.txt.pem <br />
--signature checksums.txt.sig <br />
--certificate-identity-regexp=<a
href="https://github.com/carvel-dev">https://github.com/carvel-dev</a>
<br />
--certificate-oidc-issuer=<a
href="https://token.actions.githubusercontent.com">https://token.actions.githubusercontent.com</a>
</code></pre></p>
<h3>Verify binary integrity</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/carvel-dev/vendir/commit/ced240e3296ba98a4f2caa046688fa3b417025f2"><code>ced240e</code></a>
Merge pull request <a
href="https://github.com/carvel-dev/vendir/issues/378">#378</a>
from carvel-dev/bump-go-1.22.2</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/e734e90468c3e6dc3be98cc5e2ad5b2408aaf976"><code>e734e90</code></a>
Bump go version 1.22.2</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/abf7f1c95cbb37e42db7df77475cc4f624af6060"><code>abf7f1c</code></a>
Merge pull request <a
href="https://github.com/carvel-dev/vendir/issues/373">#373</a>
from mamachanko/topic/mamachanko/develop/bump-semver</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/408592d0190db7fcabee4a85f1deb788dc6220da"><code>408592d</code></a>
Use latest github.com/carvel-dev/semver</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/0b185de0d4a7717bb1500e225cc157c987a6843c"><code>0b185de</code></a>
Test against kubectl 1.23.x</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/58ff5831092e04ff488f5305699e8aeefd7104e8"><code>58ff583</code></a>
Merge pull request <a
href="https://github.com/carvel-dev/vendir/issues/370">#370</a>
from grokspawn/docker-bump</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/ae68cff5b1fe3edfb2a6d6dd0cbf1cca643e78a3"><code>ae68cff</code></a>
[chore] bump docker/docker, docker/cli to v25.0.5</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/9fa4c21f47d478a8f4b17c1d06414c2485ff6082"><code>9fa4c21</code></a>
Merge pull request <a
href="https://github.com/carvel-dev/vendir/issues/369">#369</a>
from prashantrewar/update-copyright-header</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/4cf9128568ac615c2d2b3ef99ebc154a7548b1a2"><code>4cf9128</code></a>
Update copyright headers</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/bd6adce665b6e3cc68bb6a39bc2aab46047d59dc"><code>bd6adce</code></a>
Merge pull request <a
href="https://github.com/carvel-dev/vendir/issues/368">#368</a>
from carvel-dev/dependabot/go_modules/github.com/dock...</li>
<li>Additional commits viewable in <a
href="https://github.com/carvel-dev/vendir/compare/v0.40.0...v0.40.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=carvel.dev/vendir&package-manager=go_modules&previous-version=0.40.0&new-version=0.40.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Apr 18, 2024
1 parent 3930a5f commit 909b896
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 6 deletions.
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ module github.com/vmware-tanzu/kubeapps
go 1.22

require (
carvel.dev/vendir v0.40.0
carvel.dev/vendir v0.40.1
github.com/DATA-DOG/go-sqlmock v1.5.2
github.com/Masterminds/semver/v3 v3.2.1
github.com/adhocore/gronx v1.8.1
Expand Down Expand Up @@ -96,7 +96,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/sts v1.28.6 // indirect
github.com/aws/smithy-go v1.20.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695 // indirect
github.com/carvel-dev/semver/v4 v4.0.1-0.20240402203627-beb83fbf25e4 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/chai2010/gettext-go v1.0.2 // indirect
github.com/containerd/log v0.1.0 // indirect
Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
carvel.dev/vendir v0.40.0 h1:JdhCp/EjAPGI8F5zoAVYwZHf1sPEFee19RpgGb3ciT8=
carvel.dev/vendir v0.40.0/go.mod h1:XPdluJu7322RZNx05AA4gYnV52aKywBdh7Ma12GuM2Q=
carvel.dev/vendir v0.40.1 h1:w2fIBASZ7X6N2XlN+5xEDOf2Vn8eVRdz0mIZHuM4080=
carvel.dev/vendir v0.40.1/go.mod h1:gW5hdNd033NCV1TFbUtvUE1Kel1eEzyiwnDyDX+y2xE=
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
Expand Down Expand Up @@ -141,8 +141,8 @@ github.com/bufbuild/connect-go v1.10.0 h1:QAJ3G9A1OYQW2Jbk3DeoJbkCxuKArrvZgDt47m
github.com/bufbuild/connect-go v1.10.0/go.mod h1:CAIePUgkDR5pAFaylSMtNK45ANQjp9JvpluG20rhpV8=
github.com/bufbuild/connect-grpchealth-go v1.1.1 h1:ldceS3m7+Qvl3GI4yzB4oCg3uOdD+Y1bytc/5xuMpqo=
github.com/bufbuild/connect-grpchealth-go v1.1.1/go.mod h1:9KbkogLoUIxOTPKyWDv5evkawr1IYXaHax4XoUHCgoQ=
github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695 h1:naCDnpJeqQq5OHOYR6j01yIVVUk3WI5MuSHpDTy+M1A=
github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695/go.mod h1:4cFTBLAr/U11ykiEEQMccu4uJ1i0GS+atJmeETHCFtI=
github.com/carvel-dev/semver/v4 v4.0.1-0.20240402203627-beb83fbf25e4 h1:F4rZiMGZyC66j9VB7doVOE4tFHF1yNEihQlOuht4jmM=
github.com/carvel-dev/semver/v4 v4.0.1-0.20240402203627-beb83fbf25e4/go.mod h1:4cFTBLAr/U11ykiEEQMccu4uJ1i0GS+atJmeETHCFtI=
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
Expand Down

0 comments on commit 909b896

Please sign in to comment.