From 1f9761940c75ff122c68b449ebc6991aaa2c619c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 22:13:22 +0000 Subject: [PATCH] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [github.com/ossf/gemara](https://github.com/ossf/gemara) and [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint). Updates `github.com/ossf/gemara` from 0.15.2 to 0.17.0 - [Release notes](https://github.com/ossf/gemara/releases) - [Changelog](https://github.com/ossf/gemara/blob/main/.goreleaser.yaml) - [Commits](https://github.com/ossf/gemara/compare/v0.15.2...v0.17.0) Updates `github.com/rhysd/actionlint` from 1.7.8 to 1.7.9 - [Release notes](https://github.com/rhysd/actionlint/releases) - [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md) - [Commits](https://github.com/rhysd/actionlint/compare/v1.7.8...v1.7.9) --- updated-dependencies: - dependency-name: github.com/ossf/gemara dependency-version: 0.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/rhysd/actionlint dependency-version: 1.7.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 3f0effa..b8d9e4d 100644 --- a/go.mod +++ b/go.mod @@ -5,10 +5,10 @@ go 1.25.1 require ( github.com/google/go-github/v74 v74.0.0 github.com/migueleliasweb/go-github-mock v1.5.0 - github.com/ossf/gemara v0.15.2 + github.com/ossf/gemara v0.17.0 github.com/ossf/si-tooling/v2 v2.0.5-0.20250508212737-7ddcc8c43db9 github.com/privateerproj/privateer-sdk v1.15.3 - github.com/rhysd/actionlint v1.7.8 + github.com/rhysd/actionlint v1.7.9 github.com/shurcooL/githubv4 v0.0.0-20240727222349-48295856cce7 golang.org/x/oauth2 v0.33.0 ) @@ -42,7 +42,7 @@ require ( github.com/skeema/knownhosts v1.3.1 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - go.yaml.in/yaml/v4 v4.0.0-rc.2 // indirect + go.yaml.in/yaml/v4 v4.0.0-rc.3 // indirect golang.org/x/crypto v0.45.0 // indirect golang.org/x/time v0.11.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect diff --git a/go.sum b/go.sum index a8dccdf..afc0066 100644 --- a/go.sum +++ b/go.sum @@ -115,8 +115,8 @@ github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= -github.com/ossf/gemara v0.15.2 h1:aCnmqSXBJD8GDJN80ZNCs9hMQfQ3m+eL+HXQOsA8Oas= -github.com/ossf/gemara v0.15.2/go.mod h1:rY4YvaWvOSJthTE2jHudjwcCRIQ31Y7GpEc3pyJPIPM= +github.com/ossf/gemara v0.17.0 h1:iycpGdJuqyZjUEpRjZzSPE21LAJPS94AnXXF+gMUEKk= +github.com/ossf/gemara v0.17.0/go.mod h1:rY4YvaWvOSJthTE2jHudjwcCRIQ31Y7GpEc3pyJPIPM= github.com/ossf/si-tooling/v2 v2.0.5-0.20250508212737-7ddcc8c43db9 h1:H8zbVnZ1dbVhoQVGZanbDOSOX91KiCSsge4+GLrcFms= github.com/ossf/si-tooling/v2 v2.0.5-0.20250508212737-7ddcc8c43db9/go.mod h1:I7UDEAfNwoT2iwZrvORukgkGLKeD/cgVhHtcLPpaS6c= github.com/pelletier/go-toml/v2 v2.2.4 h1:mye9XuhQ6gvn5h28+VilKrrPoQVanw5PMw/TB0t5Ec4= @@ -130,8 +130,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/privateerproj/privateer-sdk v1.15.3 h1:T9XzVjdqPYykPewF53BdqcXUB7Ootsr0qHFWMrmAZkI= github.com/privateerproj/privateer-sdk v1.15.3/go.mod h1:dgjEJVSEVJOXeyK2HUmkPBP149Pv5XvftPcmmCL1cO4= -github.com/rhysd/actionlint v1.7.8 h1:3d+N9ourgAxVYG4z2IFxFIk/YiT6V+VnKASfXGwT60E= -github.com/rhysd/actionlint v1.7.8/go.mod h1:3kiS6egcbXG+vQsJIhFxTz+UKaF1JprsE0SKrpCZKvU= +github.com/rhysd/actionlint v1.7.9 h1:oq4uFwcW6pRTk8BhAS4+RhYoUddUkbvRMcqndja0CT0= +github.com/rhysd/actionlint v1.7.9/go.mod h1:H3q8YpD2es7K4c+mibw3OhTXGQQ7HkZX1u+DXaHLwfE= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -190,8 +190,8 @@ go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -go.yaml.in/yaml/v4 v4.0.0-rc.2 h1:/FrI8D64VSr4HtGIlUtlFMGsm7H7pWTbj6vOLVZcA6s= -go.yaml.in/yaml/v4 v4.0.0-rc.2/go.mod h1:aZqd9kCMsGL7AuUv/m/PvWLdg5sjJsZ4oHDEnfPPfY0= +go.yaml.in/yaml/v4 v4.0.0-rc.3 h1:3h1fjsh1CTAPjW7q/EMe+C8shx5d8ctzZTrLcs/j8Go= +go.yaml.in/yaml/v4 v4.0.0-rc.3/go.mod h1:aZqd9kCMsGL7AuUv/m/PvWLdg5sjJsZ4oHDEnfPPfY0= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q= golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=