fix(deps): update all

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/cache	action	minor	v3.2.6 → v3.5.0
alpine	final	minor	3.16.0 → 3.23.3
github.com/dustin/go-humanize	require	patch	v1.0.0 → v1.0.1
github.com/imdario/mergo	require	patch	v0.3.12 → v0.3.16
github.com/mattn/go-zglob	require	patch	v0.0.3 → v0.0.6
github.com/smartystreets/goconvey	require	minor	v1.7.2 → v1.8.1
github.com/spf13/pflag	require	patch	v1.0.5 → v1.0.10
github.com/spf13/viper	require	minor	v1.8.1 → v1.21.0
github.com/urfave/cli	require	patch	v1.22.9 → v1.22.17
go.uber.org/zap	require	minor	v1.21.0 → v1.27.1
golang	stage	minor	1.19.2-alpine → 1.25.6-alpine
golang.org/x/crypto	require	minor	v0.0.0-20201112155050-0c6587e931a9 → v0.47.0
golang.org/x/net	require	minor	v0.0.0-20210405180319-a5a99cb37ef4 → v0.49.0
golang.org/x/time	require	minor	v0.0.0-20200630173020-3af7569d3a1e → v0.14.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

actions/cache (actions/cache)

v3.5.0

Compare Source

• Bump actions/cache to v4.1.0

Full Changelog: actions/cache@v3...v3.5.0

v3.4.3

Compare Source

What's Changed

• Bump @​actions/cache to v4.0.2 by @​robherley

Full Changelog: actions/cache@v3.4.2...v3.4.3

v3.4.2

Compare Source

What's Changed

[!IMPORTANT]
As a reminder, there were important backend changes to release v3.4.0, see those release notes and the announcement for more details.

• Bump @​actions/cache to v4.0.1 by @​robherley in #​1554

Full Changelog: actions/cache@v3.4.0...v3.4.2

v3.4.1

Compare Source

[!WARNING]
This version was incorrectly released using a SHA pointing to a newer version for immutable actions only. Please use v3.4.2 (or v3) instead.

v3.4.0

Compare Source

⚠️ Important Changes

The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

Read more about the change & access the migration guide: reference to the announcement.

Minor changes

Minor and patch version updates for these dependencies:

• @​actions/core: 1.11.1
• @​actions/io: 1.1.3
• @​vercel/ncc: 0.38.3

Full Changelog: actions/cache@v3.3.3...v3.4.0

v3.3.3

Compare Source

What's Changed

• Cache v3.3.3 by @​robherley in #​1302

New Contributors

• @​robherley made their first contribution in #​1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

Compare Source

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in #​1133
• Readme fixes by @​kotewar in #​1134
• Updated description of the lookup-only input for main action by @​kotewar in #​1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in #​1131
• Update Cross-OS Caching tips by @​pdotl in #​1122
• Bazel example (Take #​2️⃣) by @​vorburger in #​1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in #​1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in #​1217
• Bump action version to 3.3.2 by @​bethanyj28 in #​1236

New Contributors

• @​vorburger made their first contribution in #​1132
• @​jorendorff made their first contribution in #​1187
• @​chkimes made their first contribution in #​1217
• @​bethanyj28 made their first contribution in #​1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

Compare Source

What's Changed

• Reduced download segment size to 128 MB and timeout to 10 minutes by @​kotewar in #​1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

Compare Source

What's Changed

• Bug: Permission is missing in cache delete example by @​kotokaze in #​1123
• Add lookup-only option by @​cdce8p in #​1041

New Contributors

• @​kotokaze made their first contribution in #​1123

Full Changelog: actions/cache@v3...v3.3.0

dustin/go-humanize (github.com/dustin/go-humanize)

v1.0.1

Compare Source

imdario/mergo (github.com/imdario/mergo)

v0.3.16: Announcement: v1.0.0 will be released on June 18th

Compare Source

This release doesn't contain code changes.

After 10 years, with many corner cases covered, very few issues pending (at least, comparing them with the usage of the library as part of Docker, Kubernetes, Datadog's agent, etc.), and a very stable API, I think it's time to release a 1.0.0 version.

This version will be released under a vanity URL: dario.cat/mergo

PS: although I'll make sure that github.com/imdario/mergo will be available, I'm going to also change my GitHub handle, so expect for a few minutes to not be able to pull from github.com/imdario as I fork it from the new handle to the old one.

PS2: I'm creating a discussion for this release to make sure we can have a conversation around the topic, and anything else about Mergo that you care about.

v0.3.15: Issues #​131, #​170, #​220, and #​202 fixed

Compare Source

v0.3.14: fix: Respect overwriteWithEmptySrc when merging maps #​231

Compare Source

v0.3.13: Merging same-type slices supported, YAML upgraded to v3 (only used in tests), and more flexibility for transformers

Compare Source

What's Changed

• Fix typo in README.md by @​eltociear in #​184
• Adding StructBot to Mergo in the wild section by @​tjpnz in #​193
• Add Goreleaser to featured projects by @​marcauberer in #​191
• fix: gate transformers on valid non-nil destinations by @​zaquestion in #​211
• Support slices of same type by @​heaths in #​210
• Upgrade yaml to v3 by @​imdario in #​212

New Contributors

• @​eltociear made their first contribution in #​184
• @​tjpnz made their first contribution in #​193
• @​marcauberer made their first contribution in #​191
• @​zaquestion made their first contribution in #​211
• @​heaths made their first contribution in #​210

Full Changelog: darccio/mergo@0.3.12...v0.3.13

mattn/go-zglob (github.com/mattn/go-zglob)

v0.0.6

Compare Source

v0.0.5

Compare Source

v0.0.4

Compare Source

smartystreets/goconvey (github.com/smartystreets/goconvey)

v1.8.1

Compare Source

v1.8.0: - Updating to Go 1.18

Compare Source

What's Changed

• Automatically generate assertions.go by @​riannucci in #​650
• Remove references to http://goconvey.co as malware squatters appear to have taken it by @​mbsulliv in #​673
• upgrade deps, update to go 1.18 by @​srabraham in #​674
• fix document about "go get" by @​weishaopeng in #​671
• added main.goconvey by @​xylophone21 in #​663

New Contributors

• @​mbsulliv made their first contribution in #​673
• @​srabraham made their first contribution in #​674
• @​weishaopeng made their first contribution in #​671
• @​xylophone21 made their first contribution in #​663

Full Changelog: smartystreets/goconvey@v1.7.2...v1.8.0

spf13/pflag (github.com/spf13/pflag)

v1.0.10

Compare Source

What's Changed

• fix deprecation comment for (FlagSet.)ParseErrorsWhitelist by @​thaJeztah in #​447
• remove uses of errors.Is, which requires go1.13, move go1.16/go1.21 tests to separate file by @​thaJeztah in #​448

New Contributors

• @​thaJeztah made their first contribution in #​447

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

v1.0.9

Compare Source

What's Changed

• fix: Restore ParseErrorsWhitelist name for now by @​tomasaschan in #​446

Full Changelog: spf13/pflag@v1.0.8...v1.0.9

v1.0.8

Compare Source

⚠️ Breaking Change

This version, while only a patch bump, includes a (very minor) breaking change: the flag.ParseErrorsWhitelist struct and corresponding FlagSet.parseErrorsWhitelist field have been renamed to ParseErrorsAllowlist.

This should result in compilation errors in any code that uses these fields, which can be fixed by adjusting the names at call sites. There is no change in semantics or behavior of the struct or field referred to by these names. If your code compiles without errors after bumping to/past v1.0.8, you are not affected by this change.

The breaking change was reverted in v1.0.9, by means of re-introducing the old names with deprecation warnings. The plan is still to remove them in a future release, so if your code does depend on the old names, please change them to use the new names at your earliest convenience.

What's Changed

• Remove Redundant "Unknown-Flag" Error by @​vaguecoder in #​364
• Switching from whitelist to Allowlist terminology by @​dubrie in #​261
• Omit zero time.Time default from usage line by @​mologie in #​438
• implement CopyToGoFlagSet by @​pohly in #​330
• flag: Emulate stdlib behavior and do not print ErrHelp by @​tmc in #​407
• Print Default Values of String-to-String in Sorted Order by @​vaguecoder in #​365
• fix: Don't print ErrHelp in ParseAll by @​tomasaschan in #​443
• Reset args on re-parse even if empty by @​tomasaschan in #​444

New Contributors

• @​vaguecoder made their first contribution in #​364
• @​dubrie made their first contribution in #​261
• @​mologie made their first contribution in #​438
• @​pohly made their first contribution in #​330
• @​tmc made their first contribution in #​407
• @​tomasaschan made their first contribution in #​443

Full Changelog: spf13/pflag@v1.0.7...v1.0.8

v1.0.7

Compare Source

What's Changed

• Fix defaultIsZeroValue check for generic Value types by @​MidnightRocket in #​422
• feat: Use structs for errors returned by pflag. by @​eth-p in #​425
• Fix typos by @​co63oc in #​428
• fix #​423 : Add helper function and some documentation to parse shorthand go test flags. by @​valdar in #​424
• add support equivalent to golang flag.TextVar(), also fixes the test failure as described in #​368 by @​hujun-open in #​418
• add support for Func() and BoolFunc() #​426 by @​LeGEC in #​429
• fix: correct argument length check in FlagSet.Parse by @​ShawnJeffersonWang in #​409
• fix usage message for func flags, fix arguments order by @​LeGEC in #​431
• Add support for time.Time flags by @​max-frank in #​348

New Contributors

• @​MidnightRocket made their first contribution in #​422
• @​eth-p made their first contribution in #​425
• @​co63oc made their first contribution in #​428
• @​valdar made their first contribution in #​424
• @​hujun-open made their first contribution in #​418
• @​LeGEC made their first contribution in #​429
• @​ShawnJeffersonWang made their first contribution in #​409
• @​max-frank made their first contribution in #​348

Full Changelog: spf13/pflag@v1.0.6...v1.0.7

v1.0.6

Compare Source

What's Changed

• Add exported functions to preserve pkg/flag compatibility by @​mckern in #​220
• remove dead code for checking error nil by @​yashbhutwala in #​282
• Add IPNetSlice and unit tests by @​rpothier in #​170
• allow for blank ip addresses by @​duhruh in #​316
• add github actions by @​sagikazarmark in #​419

New Contributors

• @​mckern made their first contribution in #​220
• @​yashbhutwala made their first contribution in #​282
• @​rpothier made their first contribution in #​170
• @​duhruh made their first contribution in #​316
• @​sagikazarmark made their first contribution in #​419

Full Changelog: spf13/pflag@v1.0.5...v1.0.6

spf13/viper (github.com/spf13/viper)

v1.21.0

Compare Source

What's Changed

Enhancements 🚀

• Add support for flags pflag.BoolSlice, pflag.UintSlice and pflag.Float64Slice by @​nmvalera in #​2015
• feat: use maintained yaml library by @​sagikazarmark in #​2040

Bug Fixes 🐛

• fix(config): get config type from v.configType or config file ext by @​GuillaumeBAECHLER in #​2003
• fix: config type check when loading any config by @​sagikazarmark in #​2007

Dependency Updates ⬆️

• Update dependencies by @​sagikazarmark in #​1993
• build(deps): bump github.com/spf13/cast from 1.7.1 to 1.8.0 by @​dependabot[bot] in #​2017
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.3 to 2.2.4 by @​dependabot[bot] in #​2013
• build(deps): bump github.com/sagikazarmark/locafero from 0.8.0 to 0.9.0 by @​dependabot[bot] in #​2008
• build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in /remote by @​dependabot[bot] in #​2016
• build(deps): bump github.com/spf13/cast from 1.8.0 to 1.9.2 by @​dependabot[bot] in #​2020
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @​dependabot[bot] in #​2028
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @​dependabot[bot] in #​2035
• build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @​dependabot[bot] in #​2036
• build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0 by @​dependabot[bot] in #​2012
• build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @​dependabot[bot] in #​2052
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /remote by @​dependabot[bot] in #​2048
• build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 by @​dependabot[bot] in #​2056
• chore: update dependencies by @​sagikazarmark in #​2057

Other Changes

• Update update guide with mapstructure package replacement. by @​aldas in #​2004
• refactor: use the built-in max/min to simplify the code by @​yingshanghuangqiao in #​2029

New Contributors

• @​GuillaumeBAECHLER made their first contribution in #​2003
• @​aldas made their first contribution in #​2004
• @​nmvalera made their first contribution in #​2015
• @​yingshanghuangqiao made their first contribution in #​2029
• @​ccoVeille made their first contribution in #​2046
• @​spacez320 made their first contribution in #​2050

Full Changelog: spf13/viper@v1.20.0...v1.21.0

v1.20.1

Compare Source

What's Changed

Bug Fixes 🐛

• Backport config type fixes to 1.20.x by @​sagikazarmark in #​2005

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

Compare Source

[!WARNING]
This release includes a few minor breaking changes. Read the upgrade guide for details.

What's Changed

Exciting New Features 🎉

• New encoding layer by @​sagikazarmark in #​1869

Enhancements 🚀

• Drop Go 1.20 support by @​sagikazarmark in #​1846
• Drop slog shim by @​sagikazarmark in #​1848
• Replace file searching API with a finder by @​sagikazarmark in #​1849
• Finder feature flag by @​sagikazarmark in #​1852
• Allow setting options on the global Viper instance by @​sagikazarmark in #​1856
• Add experimental flag for bind struct by @​sagikazarmark in #​1854
• Make the remote package a separate module by @​sagikazarmark in #​1860
• Add decoder hook option by @​sagikazarmark in #​1872
• Encoder improvements by @​sagikazarmark in #​1885
• Get uint8 by @​martinconic in #​1894

Bug Fixes 🐛

• Fix missing config type when reading from a buffer by @​sagikazarmark in #​1857
• fix: do not allow setting dependencies to nil values by @​sagikazarmark in #​1871
• feat: copy keydelim from parent chart in viper.Sub() by @​obs-gh-alexlew in #​1887

Breaking Changes 🛠

• Drop encoding formats: HCL, Java properties, INI by @​sagikazarmark in #​1870

Dependency Updates ⬆️

• chore: update mapstructure by @​sagikazarmark in #​1723
• chore: update crypt by @​sagikazarmark in #​1834
• build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @​dependabot in #​1853
• Revert to go-difflib and go-spew releases by @​skitt in #​1861
• build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @​dependabot in #​1862
• build(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @​dependabot in #​1865
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @​dependabot in #​1864
• chore: update crypt by @​sagikazarmark in #​1866
• build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @​dependabot in #​1876
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /remote by @​dependabot in #​1878
• build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @​dependabot in #​1879
• build(deps): bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @​dependabot in #​1881
• build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @​dependabot in #​1880
• build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @​dependabot in #​1883
• chore(deps): update crypt by @​sagikazarmark in #​1884
• chore: update dependencies by @​sagikazarmark in #​1888
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0 to 2.1.0 by @​dependabot in #​1901
• build(deps): bump github.com/spf13/cast from 1.6.0 to 1.7.0 by @​dependabot in #​1899
• build(deps): bump github/codeql-action from 3.25.13 to 3.26.0 by @​dependabot in #​1897
• build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @​dependabot in #​1893
• build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @​dependabot in #​1903
• build(deps): bump github/codeql-action from 3.26.2 to 3.26.3 by @​dependabot in #​1905
• build(deps): bump github/codeql-action from 3.26.3 to 3.26.5 by @​dependabot in #​1909
• Update Go by @​sagikazarmark in #​1913
• chore: update crypt package by @​sagikazarmark in #​1914
• build(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @​dependabot in #​1915
• build(deps): bump mheap/github-action-required-labels from 5.4.1 to 5.4.2 by @​dependabot in #​1916
• build(deps): bump cachix/install-nix-action from 27 to 28 by @​dependabot in #​1919
• build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 by @​dependabot in #​1920
• chore: update crypt by @​sagikazarmark in #​1921
• build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by @​dependabot in #​1923
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.1.0 to 2.2.1 by @​dependabot in #​1925
• build(deps): bump github/codeql-action from 3.26.8 to 3.26.11 by @​dependabot in #​1932
• build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @​dependabot in #​1930
• build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @​dependabot in #​1928
• build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @​dependabot in #​1936
• build(deps): bump github/codeql-action from 3.26.11 to 3.27.2 by @​dependabot in #​1948
• build(deps): bump github.com/fsnotify/fsnotify from 1.7.0 to 1.8.0 by @​dependabot in #​1944
• build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @​dependabot in #​1942
• build(deps): bump actions/dependency-review-action from 4.3.4 to 4.4.0 by @​dependabot in #​1943
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @​dependabot in #​1941
• build(deps): bump github/codeql-action from 3.27.2 to 3.27.3 by @​dependabot in #​1949
• build(deps): bump github/codeql-action from 3.27.3 to 3.27.7 by @​dependabot in #​1958
• build(deps): bump mheap/github-action-required-labels from 5.4.2 to 5.5.0 by @​dependabot in #​1957
• build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0 by @​dependabot in #​1953
• build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by @​dependabot in #​1959
• build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @​dependabot in #​1954
• build(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /remote by @​dependabot in #​1960
• build(deps): bump github/codeql-action from 3.27.7 to 3.27.9 by @​dependabot in #​1964
• chore: update afero by @​sagikazarmark in #​1973
• build(deps): bump github.com/spf13/cast from 1.7.0 to 1.7.1 by @​dependabot in #​1968
• build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by @​dependabot in #​1979
• ci: add Go 1.24 to the test matrix by @​sagikazarmark in #​1983

Other Changes

• refactor: move remote code to separate file by @​sagikazarmark in #​1847
• refactor: cleanup unused encoding code by @​sagikazarmark in #​1889
• Fix issues reported by testifylint by @​deining in #​1965
• docs: add update instructions for 1.20 by @​sagikazarmark in #​1992

New Contributors

• @​obs-gh-alexlew made their first contribution in #​1887
• @​martinconic made their first contribution in #​1894
• @​deining made their first contribution in #​1965

Full Changelog: spf13/viper@v1.19.0...v1.20.0

v1.19.0

Compare Source

What's Changed

Bug Fixes 🐛

• fix!: hide struct binding behind a feature flag by @​sagikazarmark in #​1720

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.22.8 to 2.22.9 by @​dependabot in #​1705
• build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @​dependabot in #​1703
• build(deps): bump github/codeql-action from 2.22.9 to 3.22.11 by @​dependabot in #​1713
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.1.0 to 2.1.1 by @​dependabot in #​1711
• build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @​dependabot in #​1722
• build(deps): bump github/codeql-action from 3.22.11 to 3.23.0 by @​dependabot in #​1734
• build(deps): bump actions/dependency-review-action from 3.1.4 to 3.1.5 by @​dependabot in #​1731
• build(deps): bump mheap/github-action-required-labels from 5.1.0 to 5.2.0 by @​dependabot in #​1743
• build(deps): bump github/codeql-action from 3.23.0 to 3.23.2 by @​dependabot in #​1742
• build(deps): bump actions/dependency-review-action from 3.1.5 to 4.0.0 by @​dependabot in #​1739
• build(deps): bump cachix/install-nix-action from 24 to 25 by @​dependabot in #​1737
• build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @​dependabot in #​1751
• build(deps): bump github/codeql-action from 3.24.0 to 3.24.1 by @​dependabot in #​1760
• build(deps): bump actions/dependency-review-action from 4.0.0 to 4.1.0 by @​dependabot in #​1761
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in #​1757
• build(deps): bump mheap/github-action-required-labels from 5.2.0 to 5.3.0 by @​dependabot in #​1759
• build(deps): bump github/codeql-action from 3.24.1 to 3.24.3 by @​dependabot in #​1763
• build(deps): bump github.com/sagikazarmark/crypt from 0.17.0 to 0.18.0 by @​dependabot in #​1774
• build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @​dependabot in #​1770
• build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @​dependabot in #​1776
• build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @​dependabot in #​1775
• build(deps): bump cachix/install-nix-action from 25 to 26 by @​dependabot in #​1778
• build(deps): bump actions/dependency-review-action from 4.1.0 to 4.1.3 by @​dependabot in #​1767
• build(deps): bump github/codeql-action from 3.24.6 to 3.24.9 by @​dependabot in #​1790
• build(deps): bump mheap/github-action-required-labels from 5.3.0 to 5.4.0 by @​dependabot in #​1789
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in #​1780
• build(deps): bump actions/dependency-review-action from 4.1.3 to 4.2.4 by @​dependabot in #​1793
• chore: upgrade crypt by @​sagikazarmark in [#​1794](https://redirect.github.com

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻️ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you check the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: docker run --rm --name=renovate_go --label=renovate_child -v "/mnt/renovate/gh/moul/assh":"/mnt/renovate/gh/moul/assh" -v "/tmp/renovate-cache":"/tmp/renovate-cache" -v "/tmp/renovate-cache/others/go":"/tmp/renovate-cache/others/go" -e GOPATH -e CGO_ENABLED -w "/mnt/renovate/gh/moul/assh" docker.io/renovate/go:1.14.15 bash -l -c "git config --global url.\"https://**redacted**@github.com/\".insteadOf \"https://github.com/\" && go get -d ./... && go mod tidy && go mod tidy"
go: downloading golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba
go: downloading github.com/mattn/go-zglob v0.0.3
go: downloading github.com/moul/flexyaml v0.0.0-20171225152558-f458bfa8afe2
go: downloading github.com/docker/libcompose v0.4.0
go: downloading github.com/haklop/gnotifier v0.0.0-20140909091139-0de36badf601
go: downloading github.com/Masterminds/sprig v2.22.0+incompatible
go: downloading github.com/dustin/go-humanize v1.0.0
go: downloading github.com/gin-gonic/gin v1.7.1
go: downloading github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d
go: downloading golang.org/x/net v0.0.0-20210505214959-0714010a04ed
go: downloading github.com/spf13/cobra v1.1.3
go: downloading github.com/docker/go-units v0.4.0
go: downloading gopkg.in/ini.v1 v1.57.0
go: downloading github.com/google/uuid v1.1.1
go: downloading github.com/spf13/jwalterweatherman v1.1.0
go: downloading golang.org/x/sys v0.0.0-20210423082822-04245dca01da
go: downloading github.com/mattn/go-colorable v0.1.6
go: downloading github.com/mitchellh/mapstructure v1.3.1
go: downloading github.com/mitchellh/copystructure v1.0.0
go: downloading github.com/spf13/afero v1.2.2
go: downloading github.com/awalterschulze/gographviz v2.0.3+incompatible
go: downloading github.com/pelletier/go-toml v1.8.0
go: downloading github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/deckarep/gosx-notifier v0.0.0-20180201035817-e127226297fb
go: downloading github.com/mattn/go-isatty v0.0.12
go: downloading github.com/huandu/xstrings v1.3.1
go: downloading github.com/guelfey/go.dbus v0.0.0-20131113121618-f6a3a2366cc3
go: downloading github.com/mitchellh/reflectwalk v1.0.1
go: downloading github.com/docker/docker v1.13.1
go: downloading github.com/golang/protobuf v1.4.2
go: downloading github.com/ugorji/go v1.1.7
go: downloading github.com/Masterminds/goutils v1.1.0
go: downloading github.com/gin-contrib/sse v0.1.0
go: downloading github.com/shirou/gopsutil v2.20.9+incompatible
go: downloading google.golang.org/protobuf v1.24.0
go: downloading github.com/ugorji/go/codec v1.1.7
go: downloading github.com/Masterminds/semver v1.5.0
go: downloading github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d
go: downloading github.com/russross/blackfriday/v2 v2.0.1
go: downloading github.com/shurcooL/sanitized_anchor_name v1.0.0
go: downloading github.com/go-ole/go-ole v1.2.4
go: downloading github.com/stretchr/testify v1.4.0
go: downloading github.com/google/go-cmp v0.4.0
go: downloading honnef.co/go/tools v0.0.1-2019.2.3
go: downloading golang.org/x/lint v0.0.0-20190930215403-16217165b5de
go: downloading github.com/go-playground/assert/v2 v2.0.1
go: downloading go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee
go: downloading golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc
go: downloading golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543
moul.io/assh/v2/pkg/commands imports
	github.com/spf13/viper imports
	gopkg.in/ini.v1: fstatat /tmp/renovate-cache/others/go/pkg/mod/gopkg.in/ini.v1@v1.57.0: permission denied
moul.io/assh/v2/pkg/commands imports
	github.com/spf13/viper imports
	gopkg.in/yaml.v2: fstatat /tmp/renovate-cache/others/go/pkg/mod/gopkg.in/yaml.v2@v2.4.0: permission denied

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.14 -> 1.24.0
golang.org/x/text	v0.3.5 -> v0.32.0

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	golang.org/​x/​crypto@​v0.0.0-20201112155050-0c6587e931a9 ⏵ v0.47.0	+1	+75
	golang.org/​x/​net@​v0.0.0-20210405180319-a5a99cb37ef4 ⏵ v0.49.0	+1	+40
	golang.org/​x/​text@​v0.3.5 ⏵ v0.33.0	+1	+22
	github.com/​urfave/​cli@​v1.22.9 ⏵ v1.22.17	+1
	github.com/​smartystreets/​goconvey@​v1.7.2 ⏵ v1.8.1	+1
	github.com/​spf13/​pflag@​v1.0.5 ⏵ v1.0.10
	go.uber.org/​zap@​v1.21.0 ⏵ v1.27.1	+2
	github.com/​imdario/​mergo@​v0.3.12 ⏵ v0.3.16
	github.com/​spf13/​viper@​v1.8.1 ⏵ v1.21.0	+2
	github.com/​mattn/​go-zglob@​v0.0.3 ⏵ v0.0.6	+1
	github.com/​dustin/​go-humanize@​v1.0.0 ⏵ v1.0.1	+1
	golang.org/​x/​time@​v0.0.0-20200630173020-3af7569d3a1e ⏵ v0.14.0

View full report

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.14 -> 1.24.0
golang.org/x/text	v0.3.5 -> v0.33.0

[moul]

Thank you for this automated update! This meta-PR from 2020 is now superseded by individual dependency PRs. Closing in favor of those more recent, targeted updates.