chore(deps): bump github.com/evanphx/json-patch from 4.2.0+incompatible to 4.9.0+incompatible

[dependabot]

Bumps github.com/evanphx/json-patch from 4.2.0+incompatible to 4.9.0+incompatible.

Release notes

Sourced from github.com/evanphx/json-patch's releases.

Module fixup

This gets v4 back in shape properly.

Fix nil deref

Fixes an issue where an unexpected null can cause a nil deref.

v4.6.0

No release notes provided.

Improve Errors

This release improves the errors returned by using github.com/pkg/errors to allow for better error taxonomy detection.

Operation(alized)

This exports the Operation type so that folks can manually audit a patch if need be.

Commits

• d05b386 Merge pull request #113 from liggitt/4.x-module
• 4ac3b69 Remove 4.x go.mod to make semantic versions addressable by tag
• fbc6277 Merge pull request #105 from ChrsMark/patch-1
• 162e562 Merge pull request #108 from liggitt/map-compare
• 1d4c88e Merge pull request #111 from thaJeztah/revert_RFC6902
• 4c18d30 Revert "Conform to RFC6902 replacement semantics."
• 42bcdf2 Revert "Test for copying non-existent key."
• 9b58b85 Revert "Test for testing non-existent and null-value keys."
• b237418 Revert "Test for copying null-value key."
• 44b01e1 Fix map comparison of nil values and missing keys
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #125 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #125   +/-   ##
=======================================
  Coverage   55.95%   55.95%           
=======================================
  Files          25       25           
  Lines        2688     2688           
=======================================
  Hits         1504     1504           
  Misses       1043     1043           
  Partials      141      141           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bf8e17f...900bf45. Read the comment docs.

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 0 Security Hotspots to review)
0 Code Smells

No Coverage information
No Duplication information

[alexmt]

LGTM

[alexmt]

@ash2k FYI: v4.9.0 fixes a nasty bug in http://github.com/evanphx/json-patch that causes serious performance issues (fix: evanphx/json-patch#108)

I suggest bumping this dependency in https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent as well

[ash2k]

@alexmt I'll bump it up, thanks!