Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(deps): update osv-scanner minor (google#978)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/charmbracelet/bubbletea](https://togithub.com/charmbracelet/bubbletea) | `v0.26.1` -> `v0.26.2` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fcharmbracelet%2fbubbletea/v0.26.1/v0.26.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [github.com/package-url/packageurl-go](https://togithub.com/package-url/packageurl-go) | `v0.1.2` -> `v0.1.3` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fpackage-url%2fpackageurl-go/v0.1.2/v0.1.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/exp | `v0.0.0-20240416160154-fe59bbe5cc7f` -> `v0.0.0-20240506185415-9bf2ced13842` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240416160154-fe59bbe5cc7f/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | `v1.63.2` -> `v1.64.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgrpc/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgrpc/v1.63.2/v1.64.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go) | `v1.34.0` -> `v1.34.1` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>charmbracelet/bubbletea (github.com/charmbracelet/bubbletea)</summary> ### [`v0.26.2`](https://togithub.com/charmbracelet/bubbletea/releases/tag/v0.26.2) [Compare Source](https://togithub.com/charmbracelet/bubbletea/compare/v0.26.1...v0.26.2) This fixes a small regression that was introduced in v0.26.0 related to the first line on the first render not being displayed correctly. Thank you [@​mistakenelf](https://togithub.com/mistakenelf) for pointing this out in [https://github.com/charmbracelet/bubbletea/issues/1000](https://togithub.com/charmbracelet/bubbletea/issues/1000)! #### What's Changed - fix: stop and drain timers by [@​caarlos0](https://togithub.com/caarlos0) in [https://github.com/charmbracelet/bubbletea/pull/993](https://togithub.com/charmbracelet/bubbletea/pull/993) - chore(lint): minor lint-related improvements by [@​meowgorithm](https://togithub.com/meowgorithm) in [https://github.com/charmbracelet/bubbletea/pull/1007](https://togithub.com/charmbracelet/bubbletea/pull/1007) - fix: renderer: reset the cursor on the first line by [@​aymanbagabas](https://togithub.com/aymanbagabas) in [https://github.com/charmbracelet/bubbletea/pull/1008](https://togithub.com/charmbracelet/bubbletea/pull/1008) - chore(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/charmbracelet/bubbletea/pull/1003](https://togithub.com/charmbracelet/bubbletea/pull/1003) - chore(deps): bump golangci/golangci-lint-action from 5 to 6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/charmbracelet/bubbletea/pull/1005](https://togithub.com/charmbracelet/bubbletea/pull/1005) - chore(deps): bump golang.org/x/term from 0.19.0 to 0.20.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/charmbracelet/bubbletea/pull/1002](https://togithub.com/charmbracelet/bubbletea/pull/1002) **Full Changelog**: charmbracelet/bubbletea@v0.26.1...v0.26.2 *** <a href="https://charm.sh/"><img alt="The Charm logo" src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a> Thoughts? Questions? We love hearing from you. Feel free to reach out on [Twitter](https://twitter.com/charmcli), [The Fediverse](https://mastodon.social/@​charmcli), or [Discord](https://charm.sh/chat). </details> <details> <summary>package-url/packageurl-go (github.com/package-url/packageurl-go)</summary> ### [`v0.1.3`](https://togithub.com/package-url/packageurl-go/releases/tag/v0.1.3) [Compare Source](https://togithub.com/package-url/packageurl-go/compare/v0.1.2...v0.1.3) #### What's Changed - go.mod: Bump required Go version to 1.18 by [@​magnusbaeck](https://togithub.com/magnusbaeck) in [https://github.com/package-url/packageurl-go/pull/66](https://togithub.com/package-url/packageurl-go/pull/66) - Fix Github Actions by [@​shibumi](https://togithub.com/shibumi) in [https://github.com/package-url/packageurl-go/pull/69](https://togithub.com/package-url/packageurl-go/pull/69) - Adds `./` and `../` as valid subpath prefix by [@​ridhoq](https://togithub.com/ridhoq) in [https://github.com/package-url/packageurl-go/pull/68](https://togithub.com/package-url/packageurl-go/pull/68) #### New Contributors - [@​magnusbaeck](https://togithub.com/magnusbaeck) made their first contribution in [https://github.com/package-url/packageurl-go/pull/66](https://togithub.com/package-url/packageurl-go/pull/66) - [@​ridhoq](https://togithub.com/ridhoq) made their first contribution in [https://github.com/package-url/packageurl-go/pull/68](https://togithub.com/package-url/packageurl-go/pull/68) **Full Changelog**: package-url/packageurl-go@v0.1.2...v0.1.3 </details> <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.64.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.64.0): Release 1.64.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.63.2...v1.64.0) ### API Changes - stats: Deprecate `InPayload.Data` and `OutPayload.Data`; they were experimental and will be deleted in the next release ([#​7121](https://togithub.com/grpc/grpc-go/issues/7121)) ### Behavior Changes - codec: Remove handling of environment variable `GRPC_GO_ADVERTISE_COMPRESSORS` to suppress setting supported compressors in `grpc-accept-encoding` header. Compressors will always be advertised, as they have been by default for some time ([#​7203](https://togithub.com/grpc/grpc-go/issues/7203)) ### New Features - resolver/dns: Add `SetMinResolutionInterval` to set the minimum interval at which DNS re-resolutions may occur ([#​6962](https://togithub.com/grpc/grpc-go/issues/6962)) - Special Thanks: [@​HomayoonAlimohammadi](https://togithub.com/HomayoonAlimohammadi) - peer/peer: Implement the `fmt.Stringer` interface for pretty printing `Peer`, and - metadata/metadata: Implement the `fmt.Stringer` interface for pretty printing `MD` ([#​7137](https://togithub.com/grpc/grpc-go/issues/7137)) - Special Thanks: [@​AnomalRoil](https://togithub.com/AnomalRoil) ### Performance Improvements - client: Improve RPC performance by reducing work while holding a lock ([#​7132](https://togithub.com/grpc/grpc-go/issues/7132)) ### Bug Fixes - transport/server: Display the proper timeout value when keepalive pings are not ack'd in time ([#​7038](https://togithub.com/grpc/grpc-go/issues/7038)) - Special Thanks: [@​BatmanAoD](https://togithub.com/BatmanAoD) - channelz: Fix bug that was causing the subchannel's target to be unset ([#​7189](https://togithub.com/grpc/grpc-go/issues/7189)) - stats: Fix bug where peer was not set in context when calling stats handler for `OutPayload`, `InPayload`, and `End` ([#​7096](https://togithub.com/grpc/grpc-go/issues/7096)) ### Dependencies - deps: Remove dependency on deprecated `github.com/golang/protobuf` module ([#​7122](https://togithub.com/grpc/grpc-go/issues/7122)) ### Documentation - grpc: Deprecate `WithBlock`, `WithReturnConnectionError`, `FailOnNonTempDialError` which are ignored by `NewClient` ([#​7097](https://togithub.com/grpc/grpc-go/issues/7097)) - Special Thanks: [@​pellared](https://togithub.com/pellared) - grpc: Deprecate `Dial` and `DialContext`. These will continue to be supported throughout 1.x, but are deprecated to direct users to `NewClient` (See [#​7090](https://togithub.com/grpc/grpc-go/issues/7090) for more information) - examples: Add custom lb example ([#​6691](https://togithub.com/grpc/grpc-go/issues/6691)) </details> <details> <summary>protocolbuffers/protobuf-go (google.golang.org/protobuf)</summary> ### [`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1) Minor fixes for editions compliance: - [CL/582635](https://go.dev/cl/582635): all: update to protobuf 27.0-rc1 and regenerate protos - [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]: accept lower case names for group-like fields </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --------- Co-authored-by: Xueqin Cui <[email protected]>
- Loading branch information