Skip to content

Commit

Permalink
Bump github.com/bradleyfalzon/ghinstallation/v2 from 2.11.0 to 2.12.0 (
Browse files Browse the repository at this point in the history
…#619)

Bumps
[github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation)
from 2.11.0 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bradleyfalzon/ghinstallation/releases">github.com/bradleyfalzon/ghinstallation/v2's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update go-github to v66 by <a
href="https://github.com/asvoboda"><code>@​asvoboda</code></a> in <a
href="https://redirect.github.com/bradleyfalzon/ghinstallation/pull/129">bradleyfalzon/ghinstallation#129</a></li>
<li>Bumped github.com/golang-jwt/jwt/v4 due to security CVE-2024-51744
by <a href="https://github.com/bynov"><code>@​bynov</code></a> in <a
href="https://redirect.github.com/bradleyfalzon/ghinstallation/pull/130">bradleyfalzon/ghinstallation#130</a></li>
<li>Bump the actions group across 1 directory with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/bradleyfalzon/ghinstallation/pull/125">bradleyfalzon/ghinstallation#125</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/bynov"><code>@​bynov</code></a> made
their first contribution in <a
href="https://redirect.github.com/bradleyfalzon/ghinstallation/pull/130">bradleyfalzon/ghinstallation#130</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/bradleyfalzon/ghinstallation/compare/v2.11.0...v2.12.0">https://github.com/bradleyfalzon/ghinstallation/compare/v2.11.0...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/bradleyfalzon/ghinstallation/commit/f5c03cda301c38566352f78a9b8bac9f0d22e1ea"><code>f5c03cd</code></a>
Bump the actions group across 1 directory with 2 updates</li>
<li><a
href="https://github.com/bradleyfalzon/ghinstallation/commit/568f2503701c79be81d077ff25d7535503de6b73"><code>568f250</code></a>
Bumped github.com/golang-jwt/jwt/v4 due to security CVE-2024-51744</li>
<li><a
href="https://github.com/bradleyfalzon/ghinstallation/commit/e55c642fc064658677b39ae6685a2c25554c8579"><code>e55c642</code></a>
Update go-github to v66</li>
<li>See full diff in <a
href="https://github.com/bradleyfalzon/ghinstallation/compare/v2.11.0...v2.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/bradleyfalzon/ghinstallation/v2&package-manager=go_modules&previous-version=2.11.0&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: cpanato <ctadeu@gmail.com>
  • Loading branch information
dependabot[bot] and cpanato authored Nov 25, 2024
1 parent 11b9cb3 commit 848997d
Show file tree
Hide file tree
Showing 8 changed files with 18 additions and 16 deletions.
4 changes: 2 additions & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@ require (
chainguard.dev/sdk v0.1.28
cloud.google.com/go/kms v1.20.1
cloud.google.com/go/secretmanager v1.14.2
github.com/bradleyfalzon/ghinstallation/v2 v2.11.0
github.com/bradleyfalzon/ghinstallation/v2 v2.12.0
github.com/chainguard-dev/clog v1.5.1-0.20240811185937-4c523ae4593f
github.com/chainguard-dev/terraform-infra-common v0.6.104
github.com/cloudevents/sdk-go/v2 v2.15.2
github.com/coreos/go-oidc/v3 v3.11.0
github.com/golang-jwt/jwt/v4 v4.5.1
github.com/google/go-cmp v0.6.0
github.com/google/go-github/v62 v62.0.0
github.com/google/go-github/v66 v66.0.0
github.com/hashicorp/go-multierror v1.1.1
github.com/hashicorp/golang-lru/v2 v2.0.7
github.com/kelseyhightower/envconfig v1.4.0
Expand Down
9 changes: 4 additions & 5 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,8 @@ github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZx
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bradleyfalzon/ghinstallation/v2 v2.11.0 h1:R9d0v+iobRHSaE4wKUnXFiZp53AL4ED5MzgEMwGTZag=
github.com/bradleyfalzon/ghinstallation/v2 v2.11.0/go.mod h1:0LWKQwOHewXO/1acI6TtyE0Xc4ObDb2rFN7eHBAG71M=
github.com/bradleyfalzon/ghinstallation/v2 v2.12.0 h1:k8oVjGhZel2qmCUsYwSE34jPNT9DL2wCBOtugsHv26g=
github.com/bradleyfalzon/ghinstallation/v2 v2.12.0/go.mod h1:V4gJcNyAftH0rXpRp1SUVUuh+ACxOH1xOk/ZzkRHltg=
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
Expand Down Expand Up @@ -80,7 +80,6 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
Expand Down Expand Up @@ -110,8 +109,8 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-github/v62 v62.0.0 h1:/6mGCaRywZz9MuHyw9gD1CwsbmBX8GWsbFkwMmHdhl4=
github.com/google/go-github/v62 v62.0.0/go.mod h1:EMxeUqGJq2xRu9DYBMwel/mr7kZrzUOfQmmpYrZn2a4=
github.com/google/go-github/v66 v66.0.0 h1:ADJsaXj9UotwdgK8/iFZtv7MLc8E8WBl62WLd/D/9+M=
github.com/google/go-github/v66 v66.0.0/go.mod h1:+4SO9Zkuyf8ytMj0csN1NR/5OTR+MfqPp8P8dVlcvY4=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
Expand Down
2 changes: 1 addition & 1 deletion pkg/octosts/octosts.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ import (
"github.com/bradleyfalzon/ghinstallation/v2"
cloudevents "github.com/cloudevents/sdk-go/v2"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/google/go-github/v62/github"
"github.com/google/go-github/v66/github"
lru "github.com/hashicorp/golang-lru/v2"
expirablelru "github.com/hashicorp/golang-lru/v2/expirable"

Expand Down
5 changes: 3 additions & 2 deletions pkg/octosts/octosts_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,10 @@ import (
josejwt "github.com/go-jose/go-jose/v4/jwt"
jwt "github.com/golang-jwt/jwt/v4"
"github.com/google/go-cmp/cmp"
"github.com/google/go-github/v62/github"
"github.com/octo-sts/app/pkg/provider"
"github.com/google/go-github/v66/github"
"google.golang.org/grpc/metadata"

"github.com/octo-sts/app/pkg/provider"
)

type fakeGitHub struct {
Expand Down
2 changes: 1 addition & 1 deletion pkg/octosts/trust_policy.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
"slices"

"github.com/coreos/go-oidc/v3/oidc"
"github.com/google/go-github/v62/github"
"github.com/google/go-github/v66/github"
)

type TrustPolicy struct {
Expand Down
5 changes: 3 additions & 2 deletions pkg/prober/prober.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,12 @@ import (

"chainguard.dev/sdk/sts"
"github.com/chainguard-dev/clog"
"github.com/google/go-github/v62/github"
"github.com/google/go-github/v66/github"
"github.com/kelseyhightower/envconfig"
"github.com/octo-sts/app/pkg/octosts"
"golang.org/x/oauth2"
"google.golang.org/api/idtoken"

"github.com/octo-sts/app/pkg/octosts"
)

type envConfig struct {
Expand Down
5 changes: 3 additions & 2 deletions pkg/webhook/webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,12 @@ import (

"github.com/bradleyfalzon/ghinstallation/v2"
"github.com/chainguard-dev/clog"
"github.com/google/go-github/v62/github"
"github.com/google/go-github/v66/github"
"github.com/hashicorp/go-multierror"
"github.com/octo-sts/app/pkg/octosts"
"k8s.io/apimachinery/pkg/util/sets"
"sigs.k8s.io/yaml"

"github.com/octo-sts/app/pkg/octosts"
)

const (
Expand Down
2 changes: 1 addition & 1 deletion pkg/webhook/webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ import (
"github.com/chainguard-dev/clog"
"github.com/chainguard-dev/clog/slogtest"
"github.com/google/go-cmp/cmp"
"github.com/google/go-github/v62/github"
"github.com/google/go-github/v66/github"
)

func TestValidatePolicy(t *testing.T) {
Expand Down

0 comments on commit 848997d

Please sign in to comment.