Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(deps): update osv-scanner minor (#392)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) | require | minor | `v1.2.1` -> `v1.3.0` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | require | minor | `v5.6.1` -> `v5.7.0` | | [github.com/spdx/tools-golang](https://github.com/spdx/tools-golang) | require | patch | `v0.5.0` -> `v0.5.1` | | [github.com/urfave/cli/v2](https://github.com/urfave/cli) | require | patch | `v2.25.3` -> `v2.25.5` | | golang.org/x/exp | require | digest | `dd950f8` -> `2e198f4` | | golang.org/x/tools | require | patch | `v0.9.1` -> `v0.9.3` | --- ### Release Notes <details> <summary>BurntSushi/toml</summary> ### [`v1.3.0`](https://github.com/BurntSushi/toml/releases/tag/v1.3.0) [Compare Source](https://github.com/BurntSushi/toml/compare/v1.2.1...v1.3.0) New features: - Support upcoming TOML 1.1 While it looks like TOML 1.1 is mostly stable and I don't expect any further major changes, there are *NO* compatibility guarantees as it is *NOT* yet released and *anything can still change*. To use it, set the `BURNTSUSHI_TOML_110` environment variable to any value, which can be done either with `os.SetEnv()` or by the user running a program. A full list is changes is available in the [TOML ChangeLog]; the two most notable ones are that newlines and trailing commas are now allowed in inline tables, and Unicode in bare keys can now be used – this is now a valid document: lëttërs = { ä = "a with diaeresis", è = "e with accent grave", } [TOML ChangeLog]: https://github.com/toml-lang/toml/blob/main/CHANGELOG.md - Allow MarshalTOML and MarshalText to be used on the document type itself, instead of only fields ([#​383](https://github.com/BurntSushi/toml/issues/383)). Bufixes: - `\` escapes at the end of line weren't processed correctly in multiline strings ([#​372](https://github.com/BurntSushi/toml/issues/372)). - Read over UTF-8 BOM ([#​381](https://github.com/BurntSushi/toml/issues/381)). - `omitempty` struct tag did not work for pointer values ([#​371](https://github.com/BurntSushi/toml/issues/371)). - Fix encoding anonymous structs on 32bit systems ([#​374](https://github.com/BurntSushi/toml/issues/374)). </details> <details> <summary>go-git/go-git</summary> ### [`v5.7.0`](https://github.com/go-git/go-git/releases/tag/v5.7.0) [Compare Source](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0) #### What's Changed - \*: Add support for initializing SHA256 repositories by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#707 - git: add mirror clone option by [@​aymanbagabas](https://github.com/aymanbagabas) in [go-git/go-git#735 - git: Add support to ls-remote with peeled references. Fixes [#​749](https://github.com/go-git/go-git/issues/749) by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#750 - git: fix cloning with branch name by [@​AriehSchneier](https://github.com/AriehSchneier) in [go-git/go-git#755 - git: Worktree, add check to see if file already checked in. Fixes [#​718](https://github.com/go-git/go-git/issues/718) by [@​cbbm142](https://github.com/cbbm142) in [go-git/go-git#719 - git: Worktree, git grep bare repositories by [@​aymanbagabas](https://github.com/aymanbagabas) in [go-git/go-git#728 - git: Add Depth to SubmoduleUpdateOptions by [@​matejrisek](https://github.com/matejrisek) in [go-git/go-git#754 - git: Testing, Fix tests not cleaning temp folders by [@​AriehSchneier](https://github.com/AriehSchneier) in [go-git/go-git#769 - git: remote, add support for a configurable timeout. by [@​andrewpollock](https://github.com/andrewpollock) in [go-git/go-git#753 - git: Allow Initial Branch to be configurable by [@​techknowlogick](https://github.com/techknowlogick) in [go-git/go-git#764 - storage: filesystem/dotgit, Improve load packed-refs by [@​fcharlie](https://github.com/fcharlie) in [go-git/go-git#743 - storage: filesystem, Populate index before use. Fixes [#​148](https://github.com/go-git/go-git/issues/148) by [@​AriehSchneier](https://github.com/AriehSchneier) in [go-git/go-git#722 - plumbing: resolve non-external delta references by [@​ZauberNerd](https://github.com/ZauberNerd) in [go-git/go-git#485 - plumbing/transport: fix regression in scp-like match by [@​jotadrilo](https://github.com/jotadrilo) in [go-git/go-git#715 - plumbing/transport: Add support for custom proxy settings by [@​aryan9600](https://github.com/aryan9600) in [go-git/go-git#744 - \*: small fixes across the codebase by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#770 - \*: bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 by [@​dependabot](https://github.com/dependabot) in [go-git/go-git#776 - \*: bump dependencies by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#748 - \*: bump Go version to 1.18 on go.mod by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#774 - \*: add Codeql workflow and bump dependencies by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#775 - ci: fix upstream git build for master branch by [@​pjbgf](https://github.com/pjbgf) in [go-git/go-git#739 #### New Contributors - [@​ZauberNerd](https://github.com/ZauberNerd) made their first contribution in [go-git/go-git#485 - [@​jotadrilo](https://github.com/jotadrilo) made their first contribution in [go-git/go-git#715 - [@​fcharlie](https://github.com/fcharlie) made their first contribution in [go-git/go-git#743 - [@​AriehSchneier](https://github.com/AriehSchneier) made their first contribution in [go-git/go-git#755 - [@​cbbm142](https://github.com/cbbm142) made their first contribution in [go-git/go-git#719 - [@​aryan9600](https://github.com/aryan9600) made their first contribution in [go-git/go-git#744 - [@​matejrisek](https://github.com/matejrisek) made their first contribution in [go-git/go-git#754 - [@​andrewpollock](https://github.com/andrewpollock) made their first contribution in [go-git/go-git#753 - [@​techknowlogick](https://github.com/techknowlogick) made their first contribution in [go-git/go-git#764 **Full Changelog**: go-git/go-git@v5.6.1...v5.7.0 </details> <details> <summary>spdx/tools-golang</summary> ### [`v0.5.1`](https://github.com/spdx/tools-golang/releases/tag/v0.5.1) [Compare Source](https://github.com/spdx/tools-golang/compare/v0.5.0...v0.5.1) #### What's Changed - Add ability to specify JSON output options by [@​DmitriyLewen](https://github.com/DmitriyLewen) in [spdx/tools-golang#213 - Fix some optional params: `copyrightText`, `licenseListVersion`, `packageVerificationCode` by [@​lumjjb](https://github.com/lumjjb) in [spdx/tools-golang#215 - Properly output and read the `filesAnalyzed` field in JSON/YAML by [@​kzantow](https://github.com/kzantow) in [spdx/tools-golang#210 - Ensure no duplicates in relationships when shortcut fields are used. by [@​lumjjb](https://github.com/lumjjb) in [spdx/tools-golang#218 #### New Contributors - [@​testwill](https://github.com/testwill) made their first contribution in [spdx/tools-golang#212 - [@​DmitriyLewen](https://github.com/DmitriyLewen) made their first contribution in [spdx/tools-golang#213 **Full Changelog**: spdx/tools-golang@v0.5.0...v0.5.1 </details> <details> <summary>urfave/cli</summary> ### [`v2.25.5`](https://github.com/urfave/cli/releases/tag/v2.25.5) [Compare Source](https://github.com/urfave/cli/compare/v2.25.4...v2.25.5) #### What's Changed - Fix:(issue\_1737) Set bool count by taking care of num of aliases by [@​dearchap](https://github.com/dearchap) in [urfave/cli#1740 **Full Changelog**: urfave/cli@v2.25.4...v2.25.5 ### [`v2.25.4`](https://github.com/urfave/cli/releases/tag/v2.25.4) [Compare Source](https://github.com/urfave/cli/compare/v2.25.3...v2.25.4) #### What's Changed - Bug/fix issue 1703 by [@​jojje](https://github.com/jojje) in [urfave/cli#1728 - Fix:(issue\_1734) Show categories for subcommands by [@​dearchap](https://github.com/dearchap) in [urfave/cli#1735 - Fix:(issue\_1610). Keep RunAsSubcommand behaviour as before by [@​dearchap](https://github.com/dearchap) in [urfave/cli#1736 - Fix:(issue\_1731) Add fix for checking if aliases are set by [@​dearchap](https://github.com/dearchap) in [urfave/cli#1732 - Fix func name referenced in doc comment by [@​meatballhat](https://github.com/meatballhat) in [urfave/cli#1738 #### New Contributors - [@​jojje](https://github.com/jojje) made their first contribution in [urfave/cli#1728 **Full Changelog**: urfave/cli@v2.25.3...v2.25.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/google/osv-scanner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS40OC4yIiwidXBkYXRlZEluVmVyIjoiMzUuMTAyLjEwIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
- Loading branch information