Skip to content

fix(deps): update non-major deps#572

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/non-major-deps
Open

fix(deps): update non-major deps#572
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/non-major-deps

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate Bot commented Apr 6, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update
cloud.google.com/go/pubsub/v2 v2.5.1v2.6.0 age confidence require minor
docker.io/alpine 3.23.33.23.4 age confidence final patch
docker.io/golang 1.26.1-alpine1.26.3-alpine age confidence stage patch
docker.io/golang 1.26.1-alpine1.26.3-alpine age confidence final patch
docker.io/python 3.14.3-alpine3.14.5-alpine age confidence final patch
docker.io/ruby 45bdd958a962e9 final digest
github.com/Masterminds/semver/v3 v3.4.0v3.5.0 age confidence require minor
github.com/golangci/golangci-lint v2.11.4v2.12.2 age confidence minor
github.com/mattermost/mattermost/server/public v0.3.0v0.4.0 age confidence require minor
github.com/rs/zerolog v1.35.0v1.35.1 age confidence require patch
github/codeql-action v4.35.1v4.35.5 age confidence action patch
google.golang.org/api v0.274.0v0.279.0 age confidence require minor

Release Notes

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.5.0

Compare Source

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.4.0...v3.5.0

golangci/golangci-lint (github.com/golangci/golangci-lint)

v2.12.2

Compare Source

Released on 2026-05-06

  1. Linters bug fixes
    • gomodguard_v2: fix blocked configuration
    • gomodguard_v2: from 2.1.0 to 2.1.3
    • iface: from 1.4.1 to 1.4.2

v2.12.1

Compare Source

Released on 2026-05-01

  1. Linters bug fixes
    • gomodguard_v2: fix panic with migration suggestion
  2. Misc.
    • fix install.sh script (if you are still using an URL based on the branch master, please update to use https://golangci-lint.run/install.sh)

v2.12.0

Compare Source

Released on 2026-05-01

  1. New linters
  2. Linters new features or changes
    • dupl: from f665c8d to c99c5cf (extended detection)
    • funcorder: from 0.5.0 to 0.6.0 (new option: function)
    • goconst: add an option to ignore strings from tests
    • goconst: from 1.8.2 to 1.10.0 (extended detection)
    • gomodguard_v2: from 1.4.1 to 2.1.0 (major version with new configuration)
    • gosec: from 619ce21 to 2.26.1 (new checks: G124, G708, G709, G710)
    • govet: add inline analyzer
    • makezero: from 2.1.0 to 2.2.1 (support slice type aliases)
    • paralleltest: expose checkcleanup option
    • sloglint: from 0.11.1 to 0.12.0 (new options: allowed-keys, custom-funcs)
    • wsl_v5: from 5.6.0 to 5.8.0 (new option: cuddle-max-statements; new checks: after-decl, after-defer, after-expr, after-go, cuddle-group)
  3. Linters bug fixes
    • forbidigo: from 2.3.0 to 2.3.1
    • godot: from 1.5.4 to 1.5.6
    • govet-modernize: from 0.43.0 to 0.44.0
    • ireturn: from 0.4.0 to 0.4.1
    • rowserrcheck: from 1.1.1 to c5f79b8
  4. Misc.
    • Decrease cache entropy
    • Embed the JSON schema in the binary
    • Filter env vars when cloning the repository with the custom command
rs/zerolog (github.com/rs/zerolog)

v1.35.1

Compare Source

github/codeql-action (github/codeql-action)

v4.35.5

Compare Source

  • We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #​3899
  • For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #​3791
  • If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #​3892
  • Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #​3880

v4.35.4

Compare Source

v4.35.3

Compare Source

  • Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. #​3837
  • Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. #​3850
  • Best-effort connection tests for private registries now use GET requests instead of HEAD for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. #​3853
  • Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. #​3852
  • Update default CodeQL bundle version to 2.25.3. #​3865

v4.35.2

Compare Source

  • The undocumented TRAP cache cleanup feature that could be enabled using the CODEQL_ACTION_CLEANUP_TRAP_CACHES environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the trap-caching: false input to the init Action. #​3795
  • The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. #​3789
  • Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. #​3794
  • Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. #​3807
  • Update default CodeQL bundle version to 2.25.2. #​3823
googleapis/google-api-go-client (google.golang.org/api)

v0.279.0

Compare Source

Features

v0.278.0

Compare Source

Features

v0.277.0

Compare Source

Features
Bug Fixes

v0.276.0

Compare Source

Features

v0.275.0

Compare Source

Features

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label Apr 6, 2026
@coveralls
Copy link
Copy Markdown

coveralls commented Apr 6, 2026
edited
Loading

Coverage Report for CI Build 25943042861

Coverage remained the same at 0.0%

Details

  • Coverage remained the same as the base build.
  • Patch coverage: No coverable lines changed in this PR.
  • No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.

Coverage Stats

Coverage Status
Relevant Lines: 0
Covered Lines: 0
Line Coverage: NaN%
Coverage Strength: 0.0 hits per line
💛 - Coveralls

@renovate renovate Bot changed the title fix(deps): update module github.com/slack-go/slack to v0.21.0 fix(deps): update non-major deps Apr 7, 2026
@renovate renovate Bot force-pushed the renovate/non-major-deps branch from ebe9c5a to ebacf95 Compare April 7, 2026 17:47
@renovate
Copy link
Copy Markdown
Contributor Author

renovate Bot commented Apr 7, 2026
edited
Loading

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 17 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.25.8 -> 1.25.9
cloud.google.com/go/auth v0.18.2 -> v0.20.0
cloud.google.com/go/iam v1.5.3 -> v1.7.0
github.com/googleapis/enterprise-certificate-proxy v0.3.14 -> v0.3.15
github.com/googleapis/gax-go/v2 v2.19.0 -> v2.22.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 -> v0.67.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 -> v0.67.0
go.opentelemetry.io/otel v1.42.0 -> v1.43.0
go.opentelemetry.io/otel/metric v1.42.0 -> v1.43.0
go.opentelemetry.io/otel/trace v1.42.0 -> v1.43.0
golang.org/x/crypto v0.49.0 -> v0.50.0
golang.org/x/net v0.52.0 -> v0.53.0
golang.org/x/sys v0.42.0 -> v0.43.0
golang.org/x/text v0.35.0 -> v0.36.0
google.golang.org/genproto v0.0.0-20260316180232-0b37fe3546d5 -> v0.0.0-20260319201613-d00831a3d3e7
google.golang.org/genproto/googleapis/api v0.0.0-20260316180232-0b37fe3546d5 -> v0.0.0-20260401024825-9d38bb4040a9
google.golang.org/genproto/googleapis/rpc v0.0.0-20260319201613-d00831a3d3e7 -> v0.0.0-20260427160629-7cedc36a6bc4
google.golang.org/grpc v1.79.3 -> v1.80.0

@renovate renovate Bot force-pushed the renovate/non-major-deps branch 7 times, most recently from 9c42dca to f200644 Compare April 14, 2026 16:41
@renovate renovate Bot force-pushed the renovate/non-major-deps branch 7 times, most recently from 90c09f2 to 149aa7e Compare April 21, 2026 01:52
@renovate renovate Bot force-pushed the renovate/non-major-deps branch from 149aa7e to ba0d38a Compare April 22, 2026 20:38
@renovate renovate Bot force-pushed the renovate/non-major-deps branch 7 times, most recently from 84a827c to f99feae Compare May 5, 2026 10:00
@renovate renovate Bot force-pushed the renovate/non-major-deps branch 7 times, most recently from 4c1ae8d to f3eb84b Compare May 12, 2026 04:43
@renovate renovate Bot force-pushed the renovate/non-major-deps branch 5 times, most recently from 6458dc6 to eecd411 Compare May 15, 2026 12:49
@renovate renovate Bot force-pushed the renovate/non-major-deps branch from eecd411 to 0285894 Compare May 15, 2026 21:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wass3rw3rk wass3rw3rk Awaiting requested review from wass3rw3rk wass3rw3rk is a code owner

@sjqnn sjqnn Awaiting requested review from sjqnn sjqnn is a code owner

@JordanSussman JordanSussman Awaiting requested review from JordanSussman JordanSussman is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@coveralls