Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/xmidt-org/webpa-common/v2 from 2.2.0 to 2.2.1 #108

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 13, 2023

Bumps github.com/xmidt-org/webpa-common/v2 from 2.2.0 to 2.2.1.

Release notes

Sourced from github.com/xmidt-org/webpa-common/v2's releases.

v2.2.1

Changelog

Other Work

  • 67152463736a7238cfaf61e5119f15eaea88d28e: Bump github.com/aws/aws-sdk-go from 1.44.282 to 1.44.283 (#919) (@​dependabot[bot])
  • 56ca22e65cc032a5c951654f4935c6876449b09f: Bump github.com/aws/aws-sdk-go from 1.44.283 to 1.44.284 (#920) (@​dependabot[bot])
  • 932718bafe6a984c509ba4d51998517f3eb1aab0: Bump github.com/aws/aws-sdk-go from 1.44.284 to 1.44.285 (#923) (@​dependabot[bot])
  • 0caa37308ab5c9f58c9aec3fc90ed36aba484a03: Bump github.com/aws/aws-sdk-go from 1.44.285 to 1.44.286 (#924) (@​dependabot[bot])
  • 288ac7039709cfea5853a1b4706d152defa605a2: Bump github.com/aws/aws-sdk-go from 1.44.286 to 1.44.287 (#926) (@​dependabot[bot])
  • 2a9512d84ddec048b15b2315c04ec5a4fc2f72ae: Bump github.com/aws/aws-sdk-go from 1.44.287 to 1.44.288 (#927) (@​dependabot[bot])
  • 12463528d5ef479493c27fc0e38cce70431571e9: Bump github.com/aws/aws-sdk-go from 1.44.288 to 1.44.289 (#928) (@​dependabot[bot])
  • 8de81738a08881dd0837009ee6915871740221a8: Bump github.com/aws/aws-sdk-go from 1.44.289 to 1.44.290 (#930) (@​dependabot[bot])
  • cca089e1e9eb5b5883e62504d9a0eacac294c0bb: Bump github.com/aws/aws-sdk-go from 1.44.290 to 1.44.291 (#931) (@​dependabot[bot])
  • 04f661eea6c7ac4007d7c36f1a5ff67c5460507a: Bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.292 (#932) (@​dependabot[bot])
  • 61b7dcd7565b68cfcf5907e6903d44f649129ddb: Bump github.com/aws/aws-sdk-go from 1.44.292 to 1.44.293 (#933) (@​dependabot[bot])
  • 51b8452cadecb79aa77cae2776fd026bf1fe4c9d: Bump github.com/aws/aws-sdk-go from 1.44.293 to 1.44.294 (#934) (@​dependabot[bot])
  • 64747ac0f8eb1febb3219bf05f595bdf26d07290: Bump github.com/aws/aws-sdk-go from 1.44.294 to 1.44.296 (#936) (@​dependabot[bot])
  • f659020bcde5d4e40a43ace5db31a1eb88258381: Bump github.com/aws/aws-sdk-go from 1.44.296 to 1.44.298 (#938) (@​dependabot[bot])
  • d3f7f441e9c7b81b4eccc6403024dea9eb87b904: Bump github.com/hashicorp/consul/api from 1.21.0 to 1.22.0 (#929) (@​dependabot[bot])
  • 55fa0f68452b2f43d186286a73d0de05c2557d16: Bump github.com/miekg/dns from 1.1.54 to 1.1.55 (#921) (@​dependabot[bot])
  • 1956094ae80b2ddcc27efa49441db32644b53b04: Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 (#918) (@​dependabot[bot])
Commits
  • f659020 Bump github.com/aws/aws-sdk-go from 1.44.296 to 1.44.298 (#938)
  • 64747ac Bump github.com/aws/aws-sdk-go from 1.44.294 to 1.44.296 (#936)
  • 51b8452 Bump github.com/aws/aws-sdk-go from 1.44.293 to 1.44.294 (#934)
  • 61b7dcd Bump github.com/aws/aws-sdk-go from 1.44.292 to 1.44.293 (#933)
  • 04f661e Bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.292 (#932)
  • cca089e Bump github.com/aws/aws-sdk-go from 1.44.290 to 1.44.291 (#931)
  • 8de8173 Bump github.com/aws/aws-sdk-go from 1.44.289 to 1.44.290 (#930)
  • d3f7f44 Bump github.com/hashicorp/consul/api from 1.21.0 to 1.22.0 (#929)
  • 1246352 Bump github.com/aws/aws-sdk-go from 1.44.288 to 1.44.289 (#928)
  • 2a9512d Bump github.com/aws/aws-sdk-go from 1.44.287 to 1.44.288 (#927)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/xmidt-org/webpa-common/v2](https://github.com/xmidt-org/webpa-common) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/xmidt-org/webpa-common/releases)
- [Changelog](https://github.com/xmidt-org/webpa-common/blob/main/CHANGELOG.md)
- [Commits](xmidt-org/webpa-common@v2.2.0...v2.2.1)

---
updated-dependencies:
- dependency-name: github.com/xmidt-org/webpa-common/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 13, 2023
@github-actions github-actions bot enabled auto-merge (squash) July 13, 2023 12:57
@codecov
Copy link

codecov bot commented Jul 13, 2023

Codecov Report

Merging #108 (d03d458) into main (b7748b0) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #108   +/-   ##
=======================================
  Coverage   68.42%   68.42%           
=======================================
  Files          12       12           
  Lines         361      361           
=======================================
  Hits          247      247           
  Misses        111      111           
  Partials        3        3           
Flag Coverage Δ
unittests 68.42% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@github-actions github-actions bot merged commit d65afa2 into main Jul 13, 2023
@github-actions github-actions bot deleted the dependabot/go_modules/github.com/xmidt-org/webpa-common/v2-2.2.1 branch July 13, 2023 13:00
@guardrails
Copy link

guardrails bot commented Jul 13, 2023

⚠️ We detected 10 security issues in this pull request:

Vulnerable Libraries (10)
Severity Details
High pkg:golang/golang.org/x/net@v0.0.0-20190404232315-eb5bcb51f2a3 upgrade to: 0.0.0-20190813141303-74dc4d7220e7,0.0.0-20190813141303-74dc4d7220e7
High pkg:golang/github.com/miekg/dns@v1.0.14 - no patch available
Critical pkg:golang/github.com/gogo/protobuf@v1.2.1 - no patch available
N/A pkg:golang/github.com/aws/aws-sdk-go@v1.44.177 - no patch available
High pkg:golang/github.com/dgrijalva/jwt-go@v3.2.0+incompatible - no patch available
N/A pkg:golang/golang.org/x/sys@v0.0.0-20180909124046-d0be0721c37e upgrade to: 1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad
Critical pkg:golang/github.com/gogo/protobuf@v1.3.2 - no patch available
High pkg:golang/gopkg.in/yaml.v2@v2.4.0 - no patch available
High pkg:golang/github.com/aws/aws-sdk-go@v1.31.6 - no patch available
Low pkg:golang/github.com/nats-io/nats-server/v2@v2.1.2 - no patch available

More info on how to fix Vulnerable Libraries in Go.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants