Bumps golang from 1.20.4-alpine to 1.20.5-alpine.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[github.com/goreleaser/nfpm/v2](https://github.com/goreleaser/nfpm) from
2.30.0 to 2.30.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/goreleaser/nfpm/releases">github.com/goreleaser/nfpm/v2's
releases</a>.</em></p>
<blockquote>
<h2>v2.30.1</h2>
<h2>Changelog</h2>
<h3>Other work</h3>
<ul>
<li>a72ecd200bcaa81de3fc23f21f8b7f02060ee448: docs: update cmd docs (<a
href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/nfpm/compare/v2.30.0...v2.30.1">https://github.com/goreleaser/nfpm/compare/v2.30.0...v2.30.1</a></p>
<h2>Helping out</h2>
<p>This release is only possible thanks to <strong>all</strong> the
support of <strong>awesome people</strong>!</p>
<p>Want to be one of them?
You can <a href="https://goreleaser.com/sponsors/">sponsor</a> or <a
href="https://goreleaser.com/contributing">contribute with code</a>.</p>
<h2>Where to go next?</h2>
<ul>
<li>nFPM is a satellite project from GoReleaser. <a
href="https://goreleaser.com">Check it out</a>!</li>
<li>Find examples and commented usage of all options in our <a
href="https://nfpm.goreleaser.com/">website</a>.</li>
<li>Reach out on <a href="https://discord.gg/RGEBtg8vQ6">Discord</a> and
<a href="https://twitter.com/goreleaser">Twitter</a>!</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --><!-- raw HTML
omitted --></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3e5d930439"><code>3e5d930</code></a>
chore: remove space from asset name (<a
href="https://redirect.github.com/goreleaser/nfpm/issues/674">#674</a>)</li>
<li><a
href="a72ecd200b"><code>a72ecd2</code></a>
docs: update cmd docs</li>
<li>See full diff in <a
href="https://github.com/goreleaser/nfpm/compare/v2.30.0...v2.30.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
since this will be a late, big release, let's remove the deprecated
stuff that expired
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This should make it easier to use the same config file with both oss and
pro versions when only the nightly feature is used, e.g. in #3501.
Currently, that would fail because `IsNightly` is not a template field,
so you won't really be able to do it without keeping a second
`.goreleaser.yml` file. With this change, `IsNightly` always eval to
false on OSS, and keeps working as before on Pro.
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.9.2
to 0.9.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang/tools/releases">golang.org/x/tools's
releases</a>.</em></p>
<blockquote>
<h2>gopls/v0.9.3</h2>
<p><em>Move fast and fix things...</em><code>golang/go#54395</code></p>
<p>As always, thank you for filing issues!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0dda7d614e"><code>0dda7d6</code></a>
go/pointer: remove replace directive</li>
<li><a
href="98f1b4dee8"><code>98f1b4d</code></a>
gopls/internal/lsp/cache: check number of orphaned files after
filtering</li>
<li><a
href="a260315e30"><code>a260315</code></a>
go/pointer: create submodule</li>
<li>See full diff in <a
href="https://github.com/golang/tools/compare/v0.9.2...v0.9.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2.3.5 to 2.3.6.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="83f0fe6c49"><code>83f0fe6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1713">#1713</a>
from github/update-v2.3.6-96f284028</li>
<li><a
href="5c8f4be0e9"><code>5c8f4be</code></a>
Update changelog for v2.3.6</li>
<li><a
href="96f2840282"><code>96f2840</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1711">#1711</a>
from github/henrymercer/improve-supported-versions-u...</li>
<li><a
href="89c4c9e65c"><code>89c4c9e</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1678">#1678</a>
from github/henrymercer/default-setup-safeguarding</li>
<li><a
href="26f16a5e63"><code>26f16a5</code></a>
Rephrase the still supported calculation to make it clearer</li>
<li><a
href="955f8596ae"><code>955f859</code></a>
Fix sign error</li>
<li><a
href="e7cff66ce1"><code>e7cff66</code></a>
Fix push</li>
<li><a
href="afdba76326"><code>afdba76</code></a>
Wait a week before dropping support for end of life GHES versions</li>
<li><a
href="07e43a2208"><code>07e43a2</code></a>
Open PR with gh CLI</li>
<li><a
href="9632771630"><code>9632771</code></a>
Address review comments</li>
<li>Additional commits viewable in <a
href="0225834cc5...83f0fe6c49">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
this would allow to add the checksums to the body of the release
contents, for example.
refs https://github.com/orgs/goreleaser/discussions/4063
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab)
from 0.83.0 to 0.84.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="46b2e30896"><code>46b2e30</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1727">#1727</a>
from Pvlerick/add-approval_rules-in-protected_enviro...</li>
<li><a
href="cad317938a"><code>cad3179</code></a>
Final few tweaks</li>
<li><a
href="d59139c6d1"><code>d59139c</code></a>
fixup: adding ID to test suite</li>
<li><a
href="542beb6b06"><code>542beb6</code></a>
Review comments</li>
<li><a
href="948b6bf966"><code>948b6bf</code></a>
Add approval_rules in protected_environments</li>
<li><a
href="8f031c3c21"><code>8f031c3</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1725">#1725</a>
from wtertius/add_queued_duration_to_bridge</li>
<li><a
href="0e5a87514a"><code>0e5a875</code></a>
Add <code>queued_duration</code> field to bridge</li>
<li><a
href="32985e37f3"><code>32985e3</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1724">#1724</a>
from mgross-ebner/master</li>
<li><a
href="5b481c92f2"><code>5b481c9</code></a>
fix type for Weight</li>
<li><a
href="f5772c8149"><code>f5772c8</code></a>
adapt test payload</li>
<li>Additional commits viewable in <a
href="https://github.com/xanzy/go-gitlab/compare/v0.83.0...v0.84.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.9.1
to 0.9.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang/tools/releases">golang.org/x/tools's
releases</a>.</em></p>
<blockquote>
<h2>gopls/v0.9.2</h2>
<p>This release contains many bug fixes, particularly related to
problems that would require restarting gopls.</p>
<p><strong>Note about network usage</strong>: among these fixes was a
change to allow network usage when reloading the workspace. Reloading
occurs when a <code>go.mod</code>, <code>go.sum</code>, or
<code>go.work</code> file changes on disk. In the past, gopls would only
allow network during the first workspace load. This resulted in
confusing behavior when, for example, a new dependency is added to a
<code>go.mod</code> file and gopls could not load it, but loading
succeeded on restart. See <a
href="https://go.dev/issues/54069">#54069</a> for more details.</p>
<h2>Configuration changes</h2>
<h3>directoryFilters at arbitrary depth</h3>
<p>The <a
href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#directoryfilters-string"><code>"directoryFilters"</code></a>
setting now supports excluding directories at arbitrary depth, using the
<code>**</code> operator. (note that for v0.9.2, the default value for
this setting is still <code>["-node_modules]"</code>. In the
next release, this will change to
<code>["-**/node_modules"]</code>).</p>
<h2>Bug fixes and Performance improvements...</h2>
<p>This release contains the following notable bug fixes / performance
improvements:</p>
<ul>
<li><strong>Additional change optimization</strong> - Following up on
the work to optimize change processing from the <a
href="https://github.com/golang/tools/releases/tag/gopls%2Fv0.9.0">v0.9.0
release</a>, this release contains additional optimizations that result
in around 50% faster change processing (measured via edits in the
Kubernetes repo).</li>
<li><strong>Fix for a long-standing memory leak</strong> - <a
href="https://go.dev/issues/53780">#53780</a> fixed a long-standing bug
that caused gopls to hold on to its initial state, gradually leaking
memory as state changed during the editing session.</li>
<li><strong>Fewer restarts</strong> - This release contains many fixes
for cache-invalidation bugs that would cause gopls to get confused and
require restarting. Additionally, see the note at top about enabling the
network when reloading the workspace. We believe we are close to our
goal that restarting gopls should never be required to fix workspace
errors. If you encounter such a bug, please file an issue!</li>
</ul>
<p>A full list of all issues fixed can be found in the <a
href="https://github.com/golang/go/milestone/274?closed=1">gopls/v0.9.2
milestone</a>.
To report a new problem, please file a new issue at <a
href="https://go.dev/issues/new">https://go.dev/issues/new</a>.</p>
<h2>Thank you to our contributors!</h2>
<p>Thank you for your contribution, <a
href="https://github.com/alandonovan"><code>@alandonovan</code></a>, <a
href="https://github.com/antoineco"><code>@antoineco</code></a>, <a
href="https://github.com/dle8"><code>@dle8</code></a>, <a
href="https://github.com/euroelessar"><code>@euroelessar</code></a>, <a
href="https://github.com/findleyr"><code>@findleyr</code></a>, <a
href="https://github.com/hyangah"><code>@hyangah</code></a>, <a
href="https://github.com/jamalc"><code>@jamalc</code></a>, <a
href="https://github.com/mssdvd"><code>@mssdvd</code></a>, <a
href="https://github.com/pjweinbgo"><code>@pjweinbgo</code></a>, <a
href="https://github.com/rentziass"><code>@rentziass</code></a>, and <a
href="https://github.com/suzmue"><code>@suzmue</code></a>!</p>
<h2>What's next</h2>
<p>The next planned gopls release is <a
href="https://github.com/golang/go/milestone/278">v0.10.0</a>. We’re
excited about features and improvements on the horizon, for example:</p>
<ul>
<li>Package renaming (<a
href="https://go.dev/issues/41567">#41567</a>)</li>
<li>More accurate static-analysis (<a
href="https://go.dev/issues/48738">#48738</a>)</li>
<li>Improved support for the new 1.19 doc comment format (<a
href="https://go.dev/issues/54260">#54260</a>)</li>
<li>Making it easier to work with <code>go.work</code> files (many
issues, for example <a href="https://go.dev/issues/53880">#53880</a> or
<a href="https://go.dev/issues/54261">#54261</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="96844c3594"><code>96844c3</code></a>
cmd/{guru,callgraph}: stop using go/pointer</li>
<li><a
href="cd694d8db4"><code>cd694d8</code></a>
go/packages: include
"unsafe".GoFiles=["unsafe.go"]</li>
<li><a
href="33c741de78"><code>33c741d</code></a>
gopls/internal/lsp: add min/max builtin</li>
<li><a
href="933c7ccb15"><code>933c7cc</code></a>
internal/lsp/source: use exact match in import highlighting</li>
<li><a
href="5974258e68"><code>5974258</code></a>
gopls/internal/lsp: clear vuln diagnostics on config changes</li>
<li><a
href="f3faea1982"><code>f3faea1</code></a>
go/packages: pass -pgo=off on go1.21 and later</li>
<li><a
href="5f74ec7da5"><code>5f74ec7</code></a>
internal/lsp/debug: add links to profiles and GC</li>
<li><a
href="ed90c6d201"><code>ed90c6d</code></a>
internal/diff: unexport various identifiers</li>
<li><a
href="827f5aa2c3"><code>827f5aa</code></a>
gopls/internal/lsp/source: test references bug on struct{p.T}</li>
<li><a
href="a12e1a6aee"><code>a12e1a6</code></a>
go/ssa/interp: implement min/max builtins</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/tools/compare/v0.9.1...v0.9.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify)
from 1.8.3 to 1.8.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f97607b898"><code>f97607b</code></a>
Create GitHub release when new release tag is pushed (<a
href="https://redirect.github.com/stretchr/testify/issues/1354">#1354</a>)</li>
<li>See full diff in <a
href="https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This allows to open pull requests across repositories on nix, brew, krew
and scoop.
closes#4048
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [github.com/imdario/mergo](https://github.com/imdario/mergo) from
0.3.15 to 0.3.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/imdario/mergo/releases">github.com/imdario/mergo's
releases</a>.</em></p>
<blockquote>
<h2>Announcement: v1.0.0 will be released on June 18th</h2>
<p><em>This release doesn't contain code changes.</em></p>
<p>After 10 years, with many corner cases covered, very few issues
pending (at least, comparing them with the usage of the library as part
of Docker, Kubernetes, Datadog's agent, etc.), and a very stable API, I
think it's time to release a 1.0.0 version.</p>
<p>This version will be released under a vanity URL: dario.cat/mergo</p>
<p>PS: although I'll make sure that github.com/imdario/mergo will be
available, I'm going to also change my GitHub handle, so expect for a
few minutes to not be able to pull from github.com/imdario as I fork it
from the new handle to the old one.</p>
<p>PS2: I'm creating a discussion for this release to make sure we can
have a conversation around the topic, and anything else about Mergo that
you care about.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14fe2b165b"><code>14fe2b1</code></a>
fix: OpenSSF scorecard generation</li>
<li><a
href="4cde94b0b5"><code>4cde94b</code></a>
fix: remove Travis link and fix tests actions</li>
<li><a
href="df62a52b84"><code>df62a52</code></a>
chore: README and GitHub actions</li>
<li>See full diff in <a
href="https://github.com/imdario/mergo/compare/v0.3.15...v0.3.16">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- deprecates `--debug` in favor of `--verbose` which is clearer
- improved some debug log outputs
- docs: update documentation to always use the `release` subcommand
(when it makes sense)
add ko-generated manifests to the artifact list, this way they can be
signed later.
closes#4027
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Empty tag names will then be filtered out. This allows to have optional
tags depending on templates, for example,
`{{if not .Prerelease}}latest{{end}}`, among other use cases.
This already happens in the `dockers` section, and is now implemented in
`kos` too.
refs https://github.com/orgs/goreleaser/discussions/4042
