Skip to content

Commit c07a127

Browse files
dependabot[bot]dependabot[bot]
authored
build(deps): bump the chainguard group across 1 directory with 4 updates (#1722)
Bumps the chainguard group with 4 updates in the / directory: [chainguard.dev/apko](https://github.com/chainguard-dev/apko), [chainguard.dev/melange](https://github.com/chainguard-dev/melange), [github.com/chainguard-dev/yam](https://github.com/chainguard-dev/yam) and [github.com/chainguard-dev/advisory-schema](https://github.com/chainguard-dev/advisory-schema). Updates `chainguard.dev/apko` from 0.30.2 to 0.30.4 - [Release notes](https://github.com/chainguard-dev/apko/releases) - [Changelog](https://github.com/chainguard-dev/apko/blob/main/NEWS.md) - [Commits](chainguard-dev/apko@v0.30.2...v0.30.4) Updates `chainguard.dev/melange` from 0.30.4 to 0.30.6 - [Release notes](https://github.com/chainguard-dev/melange/releases) - [Changelog](https://github.com/chainguard-dev/melange/blob/main/NEWS.md) - [Commits](chainguard-dev/melange@v0.30.4...v0.30.6) Updates `github.com/chainguard-dev/yam` from 0.2.27 to 0.2.28 - [Commits](chainguard-dev/yam@v0.2.27...v0.2.28) Updates `github.com/chainguard-dev/advisory-schema` from 0.37.16 to 0.37.17 - [Commits](chainguard-dev/advisory-schema@v0.37.16...v0.37.17) --- updated-dependencies: - dependency-name: chainguard.dev/apko dependency-version: 0.30.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard - dependency-name: chainguard.dev/melange dependency-version: 0.30.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard - dependency-name: github.com/chainguard-dev/yam dependency-version: 0.2.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard - dependency-name: github.com/chainguard-dev/advisory-schema dependency-version: 0.37.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 7288509 commit c07a127

File tree

2 files changed

+21
-27
lines changed

2 files changed

+21
-27
lines changed

go.mod

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -11,15 +11,15 @@ replace github.com/mholt/archiver/v3 => github.com/anchore/archiver/v3 v3.5.2
1111
replace modernc.org/sqlite v1.33.0 => modernc.org/sqlite v1.32.0
1212

1313
require (
14-
chainguard.dev/apko v0.30.2
15-
chainguard.dev/melange v0.30.4
14+
chainguard.dev/apko v0.30.4
15+
chainguard.dev/melange v0.30.6
1616
cloud.google.com/go/storage v1.56.0
1717
github.com/adrg/xdg v0.5.3
1818
github.com/anchore/grype v0.97.1
1919
github.com/anchore/stereoscope v0.1.8
2020
github.com/anchore/syft v1.30.0
2121
github.com/chainguard-dev/clog v1.7.0
22-
github.com/chainguard-dev/yam v0.2.27
22+
github.com/chainguard-dev/yam v0.2.28
2323
github.com/charmbracelet/bubbles v0.21.0
2424
github.com/charmbracelet/bubbletea v1.3.6
2525
github.com/charmbracelet/lipgloss v1.1.1-0.20250319133953-166f707985bc
@@ -67,7 +67,7 @@ require (
6767

6868
require (
6969
github.com/anchore/go-logger v0.0.0-20250318195838-07ae343dd722
70-
github.com/chainguard-dev/advisory-schema v0.37.16
70+
github.com/chainguard-dev/advisory-schema v0.37.17
7171
github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
7272
github.com/spf13/afero v1.14.0
7373
)
@@ -324,7 +324,6 @@ require (
324324
github.com/zclconf/go-cty v1.16.3 // indirect
325325
github.com/zealic/xignore v0.3.3 // indirect
326326
github.com/zeebo/errs v1.4.0 // indirect
327-
gitlab.alpinelinux.org/alpine/go v0.10.1 // indirect
328327
go.opencensus.io v0.24.0 // indirect
329328
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
330329
go.opentelemetry.io/contrib/detectors/gcp v1.36.0 // indirect
@@ -336,7 +335,7 @@ require (
336335
go.opentelemetry.io/otel/sdk v1.37.0 // indirect
337336
go.opentelemetry.io/otel/sdk/metric v1.37.0 // indirect
338337
go.opentelemetry.io/otel/trace v1.37.0 // indirect
339-
go.step.sm/crypto v0.67.0 // indirect
338+
go.step.sm/crypto v0.69.0 // indirect
340339
go.uber.org/multierr v1.11.0 // indirect
341340
go4.org v0.0.0-20230225012048-214862532bf5 // indirect
342341
golang.org/x/crypto v0.41.0 // indirect
@@ -345,10 +344,10 @@ require (
345344
golang.org/x/sys v0.35.0 // indirect
346345
golang.org/x/tools v0.35.0 // indirect
347346
golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect
348-
google.golang.org/api v0.243.0 // indirect
347+
google.golang.org/api v0.246.0 // indirect
349348
google.golang.org/genproto v0.0.0-20250603155806-513f23925822 // indirect
350349
google.golang.org/genproto/googleapis/api v0.0.0-20250721164621-a45f3dfb1074 // indirect
351-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250721164621-a45f3dfb1074 // indirect
350+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250728155136-f173205681a0 // indirect
352351
google.golang.org/grpc v1.74.2 // indirect
353352
google.golang.org/protobuf v1.36.6 // indirect
354353
gopkg.in/ini.v1 v1.67.0 // indirect

go.sum

Lines changed: 14 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
cel.dev/expr v0.24.0 h1:56OvJKSH3hDGL0ml5uSxZmz3/3Pq4tJ+fb1unVLAFcY=
22
cel.dev/expr v0.24.0/go.mod h1:hLPLo1W4QUmuYdA72RBX06QTs6MXw941piREPl3Yfiw=
3-
chainguard.dev/apko v0.30.2 h1:hPNa0EPVly0RToBwNaoaomE3eaB29VWoLp6r/w2Voco=
4-
chainguard.dev/apko v0.30.2/go.mod h1:BbRxG4kPa78w8AcSBZNKX8gbKwS6dQo1gZuqdwd078Q=
3+
chainguard.dev/apko v0.30.4 h1:YAz3MhAFPpBcvNd0SUkxIwBrP2tL2qd98/7wLVXTGF4=
4+
chainguard.dev/apko v0.30.4/go.mod h1:WWlchAz28M73vw/GIoixD4ywoV5vAjzI1UCpZ9L1XWA=
55
chainguard.dev/go-grpc-kit v0.17.11 h1:m4ZL2yg6sSrdPA593qVh9KHTZ+XOmLwqv3Jt5vT0FuU=
66
chainguard.dev/go-grpc-kit v0.17.11/go.mod h1:aYlrvAscMZBtVIA7bykUWfbjhL2fDoUCECHvopC2xWY=
7-
chainguard.dev/melange v0.30.4 h1:vhYUvo8VbA8dYOMhl6OUqXcetgbLLbiubbmj0fMRIEU=
8-
chainguard.dev/melange v0.30.4/go.mod h1:A5EBZPgsJWW0UIL01FQwcQk8UNONieT6aUfcMFRMfgo=
7+
chainguard.dev/melange v0.30.6 h1:2t7dreMOKfQeQC5p+bUlxpXFUyTkbrpWFGYKJ1xyWqg=
8+
chainguard.dev/melange v0.30.6/go.mod h1:PJN4NbL9qnLg5BNzVeSUOtkEZ00fJP34l7QwFiCsoC0=
99
chainguard.dev/sdk v0.1.37 h1:4hZ2enarpA/FZ1JMXE3EOlpzd18LmdWZ7UScwdSlrSs=
1010
chainguard.dev/sdk v0.1.37/go.mod h1:4HOnG9fVNC9ruzkJLMWWUNM1iVxxBL+bKqj0STERbcs=
1111
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
@@ -656,9 +656,6 @@ github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock v0
656656
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.53.0 h1:Ron4zCA/yk6U7WOBXhTJcDpsUBG9npumK6xw2auFltQ=
657657
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.53.0/go.mod h1:cSgYe11MCNYunTnRXrKiR/tHc0eoKjICUuWpNZoVCOo=
658658
github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk=
659-
github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
660-
github.com/MakeNowJust/heredoc/v2 v2.0.1 h1:rlCHh70XXXv7toz95ajQWOWQnN4WNLt0TdpZYIR/J6A=
661-
github.com/MakeNowJust/heredoc/v2 v2.0.1/go.mod h1:6/2Abh5s+hc3g9nbWLe9ObDIOhaRrqsyY9MWy+4JdRM=
662659
github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
663660
github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
664661
github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0=
@@ -795,14 +792,14 @@ github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL
795792
github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
796793
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
797794
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
798-
github.com/chainguard-dev/advisory-schema v0.37.16 h1:VdWhcQ3aZ1Mg7aCkFL3UFgg8AePPBiglrhKovVEZeI8=
799-
github.com/chainguard-dev/advisory-schema v0.37.16/go.mod h1:oq0lpb5b4AC3D45gyBeS0vFm8Oy+rwrtr3D41hi9jeM=
795+
github.com/chainguard-dev/advisory-schema v0.37.17 h1:reAzqzHOzrMXZ99zAioMoM1gDJUZIXruYaFdD/0iRT4=
796+
github.com/chainguard-dev/advisory-schema v0.37.17/go.mod h1:oq0lpb5b4AC3D45gyBeS0vFm8Oy+rwrtr3D41hi9jeM=
800797
github.com/chainguard-dev/clog v1.7.0 h1:guPznsK8vLHvzz1QJe2yU6MFeYaiSOFOQBYw4OXu+g8=
801798
github.com/chainguard-dev/clog v1.7.0/go.mod h1:4+WFhRMsGH79etYXY3plYdp+tCz/KCkU8fAr0HoaPvs=
802799
github.com/chainguard-dev/go-pkgconfig v0.0.0-20240404163941-6351b37b2a10 h1:XR2vgQC024I9/boh9r1ihVv8Z14+pbvWqXeYMCnZJpc=
803800
github.com/chainguard-dev/go-pkgconfig v0.0.0-20240404163941-6351b37b2a10/go.mod h1:1p6+MesLcjKeON5BRWa7I87mvAY0QmKjgginIM3w6BI=
804-
github.com/chainguard-dev/yam v0.2.27 h1:3zqhl2bCq/A3iNrmEaouWrJoGKgiZu1JXqoEw5rq398=
805-
github.com/chainguard-dev/yam v0.2.27/go.mod h1:FBsSbqX1ryE3iOVhxgDGi4tKi835l27xoH8dYWKa4XM=
801+
github.com/chainguard-dev/yam v0.2.28 h1:TRy+vKvVqxyJcxZX5wz10bym1HhE+0YDukIgHMzyRG8=
802+
github.com/chainguard-dev/yam v0.2.28/go.mod h1:FBsSbqX1ryE3iOVhxgDGi4tKi835l27xoH8dYWKa4XM=
806803
github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs=
807804
github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg=
808805
github.com/charmbracelet/bubbletea v1.3.6 h1:VkHIxPJQeDt0aFJIsVxw8BQdh/F/L2KKZGsK6et5taU=
@@ -1741,8 +1738,6 @@ github.com/zeebo/assert v1.3.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN
17411738
github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM=
17421739
github.com/zeebo/errs v1.4.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
17431740
github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA=
1744-
gitlab.alpinelinux.org/alpine/go v0.10.1 h1:QoidnfDyC9yeIMj+CvYVyjlroZD/Kl7JRXGEQBvY5XM=
1745-
gitlab.alpinelinux.org/alpine/go v0.10.1/go.mod h1:zwds+1zTmPDgwf/9lOzzn+oZVBr6jyfVgH3zuwkfkzc=
17461741
go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
17471742
go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
17481743
go.etcd.io/etcd/client/v2 v2.305.1/go.mod h1:pMEacxZW7o8pg4CrFE7pquyCJJzZvkvdD2RibOCCCGs=
@@ -1788,8 +1783,8 @@ go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI
17881783
go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U=
17891784
go.opentelemetry.io/proto/otlp v1.6.0 h1:jQjP+AQyTf+Fe7OKj/MfkDrmK4MNVtw2NpXsf9fefDI=
17901785
go.opentelemetry.io/proto/otlp v1.6.0/go.mod h1:cicgGehlFuNdgZkcALOCh3VE6K/u2tAjzlRhDwmVpZc=
1791-
go.step.sm/crypto v0.67.0 h1:1km9LmxMKG/p+mKa1R4luPN04vlJYnRLlLQrWv7egGU=
1792-
go.step.sm/crypto v0.67.0/go.mod h1:+AoDpB0mZxbW/PmOXuwkPSpXRgaUaoIK+/Wx/HGgtAU=
1786+
go.step.sm/crypto v0.69.0 h1:ELMNQjAGsnwpOeRfX/1phJdWm8Y6RIxAXnDzYlU9AOk=
1787+
go.step.sm/crypto v0.69.0/go.mod h1:mZ0mP4Q4wdoDy+fdEo6cOo0qzDDf7KgkvSIleTLv1+w=
17931788
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
17941789
go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
17951790
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
@@ -2308,8 +2303,8 @@ google.golang.org/api v0.108.0/go.mod h1:2Ts0XTHNVWxypznxWOYUeI4g3WdP9Pk2Qk58+a/
23082303
google.golang.org/api v0.110.0/go.mod h1:7FC4Vvx1Mooxh8C5HWjzZHcavuS2f6pmJpZx60ca7iI=
23092304
google.golang.org/api v0.111.0/go.mod h1:qtFHvU9mhgTJegR31csQ+rwxyUTHOKFqCKWp1J0fdw0=
23102305
google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg=
2311-
google.golang.org/api v0.243.0 h1:sw+ESIJ4BVnlJcWu9S+p2Z6Qq1PjG77T8IJ1xtp4jZQ=
2312-
google.golang.org/api v0.243.0/go.mod h1:GE4QtYfaybx1KmeHMdBnNnyLzBZCVihGBXAmJu/uUr8=
2306+
google.golang.org/api v0.246.0 h1:H0ODDs5PnMZVZAEtdLMn2Ul2eQi7QNjqM2DIFp8TlTM=
2307+
google.golang.org/api v0.246.0/go.mod h1:dMVhVcylamkirHdzEBAIQWUCgqY885ivNeZYd7VAVr8=
23132308
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
23142309
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
23152310
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
@@ -2458,8 +2453,8 @@ google.golang.org/genproto v0.0.0-20250603155806-513f23925822 h1:rHWScKit0gvAPuO
24582453
google.golang.org/genproto v0.0.0-20250603155806-513f23925822/go.mod h1:HubltRL7rMh0LfnQPkMH4NPDFEWp0jw3vixw7jEM53s=
24592454
google.golang.org/genproto/googleapis/api v0.0.0-20250721164621-a45f3dfb1074 h1:mVXdvnmR3S3BQOqHECm9NGMjYiRtEvDYcqAqedTXY6s=
24602455
google.golang.org/genproto/googleapis/api v0.0.0-20250721164621-a45f3dfb1074/go.mod h1:vYFwMYFbmA8vl6Z/krj/h7+U/AqpHknwJX4Uqgfyc7I=
2461-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250721164621-a45f3dfb1074 h1:qJW29YvkiJmXOYMu5Tf8lyrTp3dOS+K4z6IixtLaCf8=
2462-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250721164621-a45f3dfb1074/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
2456+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250728155136-f173205681a0 h1:MAKi5q709QWfnkkpNQ0M12hYJ1+e8qYVDyowc4U1XZM=
2457+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250728155136-f173205681a0/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
24632458
google.golang.org/grpc v1.18.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
24642459
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
24652460
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=

0 commit comments

Comments
 (0)