diff --git a/aws-c-auth.yaml b/aws-c-auth.yaml index 2b3ab9023f3..ca058151c84 100644 --- a/aws-c-auth.yaml +++ b/aws-c-auth.yaml @@ -1,6 +1,6 @@ package: name: aws-c-auth - version: 0.7.16 + version: 0.7.17 epoch: 0 description: "C99 library implementation of AWS client-side authentication: standard credentials providers and signing" copyright: @@ -26,7 +26,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 7ee5afe05482f750dd0406b8b5b55dafb446fc21288f98c0b4118d62795003ba + expected-sha256: 8fe380255a71a2d5c9acd4979c135f9842135ce6385010ea562bc0b532bf5b84 uri: https://github.com/awslabs/aws-c-auth/archive/refs/tags/v${{package.version}}.tar.gz - runs: | diff --git a/aws-cli-v2.yaml b/aws-cli-v2.yaml index 178a8fa8901..deb1099e4d3 100644 --- a/aws-cli-v2.yaml +++ b/aws-cli-v2.yaml @@ -2,7 +2,7 @@ #nolint:documentation package: name: aws-cli-v2 - version: 2.15.34 + version: 2.15.35 epoch: 0 description: "Universal Command Line Interface for Amazon Web Services (v2)" copyright: @@ -30,7 +30,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/aws/aws-cli - expected-commit: 7ecadff7d989fae41c000698d48a2b64d8bcab98 + expected-commit: 332863ed0faec08188e21bd171ba60aa676ddd3e tag: ${{package.version}} - runs: | diff --git a/aws-crt-cpp.yaml b/aws-crt-cpp.yaml index dc876763b97..67d0d4731a6 100644 --- a/aws-crt-cpp.yaml +++ b/aws-crt-cpp.yaml @@ -1,6 +1,6 @@ package: name: aws-crt-cpp - version: 0.26.4 + version: 0.26.5 epoch: 0 description: "C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/awslabs/aws-crt-cpp tag: v${{package.version}} - expected-commit: 4d9e36d561079506272cff59b52d998b6ae81e85 + expected-commit: b4eb207b6f1b0e1a36cb48240ab39b084df6d995 - runs: | if [ "$CBUILD" != "$CHOST" ]; then diff --git a/caddy.yaml b/caddy.yaml index 1a7f682678f..3185cd9c113 100644 --- a/caddy.yaml +++ b/caddy.yaml @@ -1,7 +1,7 @@ package: name: caddy version: 2.7.6 - epoch: 5 + epoch: 6 description: Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS copyright: - license: Apache-2.0 @@ -25,9 +25,13 @@ pipeline: install -m644 -D "./Caddyfile" "${{targets.destdir}}/etc/caddy/Caddyfile" install -m755 -D "./index.html" "${{targets.destdir}}/usr/share/caddy/index.html" + - uses: patch + with: + patches: quic-go.patch + - uses: go/bump with: - deps: golang.org/x/crypto@v0.17.0 github.com/quic-go/quic-go@v0.40.1 google.golang.org/protobuf@v1.33.0 github.com/jackc/pgx/v4@v4.18.2 + deps: golang.org/x/crypto@v0.17.0 github.com/quic-go/quic-go@v0.42.0 google.golang.org/protobuf@v1.33.0 github.com/jackc/pgx/v4@v4.18.2 - uses: go/build with: diff --git a/caddy/quic-go.patch b/caddy/quic-go.patch new file mode 100644 index 00000000000..3be277083bd --- /dev/null +++ b/caddy/quic-go.patch @@ -0,0 +1,26 @@ +diff --git a/listeners.go b/listeners.go +index 84a32e45..c3bd1d8b 100644 +--- a/listeners.go ++++ b/listeners.go +@@ -474,10 +474,6 @@ func (na NetworkAddress) ListenQUIC(ctx context.Context, portOffset uint, config + quicTlsConfig := &tls.Config{GetConfigForClient: sqs.getConfigForClient} + earlyLn, err := quic.ListenEarly(h3ln, http3.ConfigureTLSConfig(quicTlsConfig), &quic.Config{ + Allow0RTT: true, +- RequireAddressValidation: func(clientAddr net.Addr) bool { +- // TODO: make tunable? +- return sqs.getActiveRequests() > 1000 +- }, + }) + if err != nil { + return nil, err +@@ -513,10 +509,6 @@ func ListenQUIC(ln net.PacketConn, tlsConf *tls.Config, activeRequests *int64) ( + quicTlsConfig := &tls.Config{GetConfigForClient: sqs.getConfigForClient} + earlyLn, err := quic.ListenEarly(ln, http3.ConfigureTLSConfig(quicTlsConfig), &quic.Config{ + Allow0RTT: true, +- RequireAddressValidation: func(clientAddr net.Addr) bool { +- // TODO: make tunable? +- return sqs.getActiveRequests() > 1000 +- }, + }) + if err != nil { + return nil, err diff --git a/cloudflared.yaml b/cloudflared.yaml index 93b7d30aeb7..01bf91dad69 100644 --- a/cloudflared.yaml +++ b/cloudflared.yaml @@ -1,7 +1,7 @@ package: name: cloudflared version: 2024.1.0 - epoch: 6 + epoch: 7 description: Cloudflare Tunnel client copyright: - license: Apache-2.0 @@ -22,7 +22,7 @@ pipeline: - uses: go/bump with: - deps: golang.org/x/crypto@v0.17.0 github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 + deps: golang.org/x/crypto@v0.17.0 github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 github.com/quic-go/quic-go@v0.42.0 - uses: go/build with: diff --git a/flyte.yaml b/flyte.yaml index a216115c0d0..254d422006e 100644 --- a/flyte.yaml +++ b/flyte.yaml @@ -1,7 +1,7 @@ package: name: flyte version: 1.11.0 - epoch: 0 + epoch: 1 description: Scalable and flexible workflow orchestration platform that seamlessly unifies data, ML and analytics stacks. copyright: - license: Apache-2.0 diff --git a/fq.yaml b/fq.yaml index 3334bad66bf..abb3aacfb7a 100644 --- a/fq.yaml +++ b/fq.yaml @@ -1,7 +1,7 @@ package: name: fq version: 0.10.0 - epoch: 1 + epoch: 2 description: "jq for binary formats - tool, language and decoders for working with binary and text formats" copyright: - license: MIT diff --git a/frp.yaml b/frp.yaml index 0b15b2b07e8..b5551a01cf3 100644 --- a/frp.yaml +++ b/frp.yaml @@ -1,7 +1,7 @@ package: name: frp version: 0.56.0 - epoch: 0 + epoch: 2 description: A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. copyright: - license: Apache-2.0 diff --git a/fuse-overlayfs-snapshotter.yaml b/fuse-overlayfs-snapshotter.yaml index 75a4f8e38a9..7edafa3c40d 100644 --- a/fuse-overlayfs-snapshotter.yaml +++ b/fuse-overlayfs-snapshotter.yaml @@ -1,7 +1,7 @@ package: name: fuse-overlayfs-snapshotter version: 1.0.8 - epoch: 5 + epoch: 6 description: fuse-overlayfs plugin for rootless containerd copyright: - license: Apache-2.0 diff --git a/fzf.yaml b/fzf.yaml index c5aa7078a89..06ca6e146fe 100644 --- a/fzf.yaml +++ b/fzf.yaml @@ -1,7 +1,7 @@ package: name: fzf version: 0.48.1 - epoch: 0 + epoch: 1 description: A command-line fuzzy finder copyright: - license: MIT diff --git a/gatekeeper-3.12.yaml b/gatekeeper-3.12.yaml index 2fbcfc50ae5..f9aa919fd61 100644 --- a/gatekeeper-3.12.yaml +++ b/gatekeeper-3.12.yaml @@ -1,7 +1,7 @@ package: name: gatekeeper-3.12 version: 3.12.0 - epoch: 13 + epoch: 14 description: Gatekeeper - Policy Controller for Kubernetes copyright: - license: Apache-2.0 diff --git a/gatekeeper-3.13.yaml b/gatekeeper-3.13.yaml index a303f976ecc..d335207b78e 100644 --- a/gatekeeper-3.13.yaml +++ b/gatekeeper-3.13.yaml @@ -1,7 +1,7 @@ package: name: gatekeeper-3.13 version: 3.13.4 - epoch: 4 + epoch: 5 description: Gatekeeper - Policy Controller for Kubernetes copyright: - license: Apache-2.0 diff --git a/gatekeeper-3.14.yaml b/gatekeeper-3.14.yaml index f6eeb409fcb..c9fd36963eb 100644 --- a/gatekeeper-3.14.yaml +++ b/gatekeeper-3.14.yaml @@ -1,7 +1,7 @@ package: name: gatekeeper-3.14 version: 3.14.1 - epoch: 1 + epoch: 2 description: Gatekeeper - Policy Controller for Kubernetes copyright: - license: Apache-2.0 diff --git a/gcsfuse.yaml b/gcsfuse.yaml index 66c651684be..fef02b5b4ee 100644 --- a/gcsfuse.yaml +++ b/gcsfuse.yaml @@ -1,7 +1,7 @@ package: name: gcsfuse version: 1.4.2 - epoch: 1 + epoch: 2 description: A user-space file system for interacting with Google Cloud Storage copyright: - license: Apache-2.0 diff --git a/gh.yaml b/gh.yaml index 557363c45fa..2a5b6b5d002 100644 --- a/gh.yaml +++ b/gh.yaml @@ -1,7 +1,7 @@ package: name: gh version: 2.46.0 - epoch: 0 + epoch: 1 description: GitHub's official command line tool copyright: - license: MIT diff --git a/ghaudit.yaml b/ghaudit.yaml index 11d5d3f6d04..9aeba775044 100644 --- a/ghaudit.yaml +++ b/ghaudit.yaml @@ -1,7 +1,7 @@ package: name: ghaudit version: 0.4.0 - epoch: 0 + epoch: 1 description: Experimental tool for evaluating Chainguard's GitHub policies. copyright: - license: Apache-2.0 diff --git a/git-lfs.yaml b/git-lfs.yaml index 5b952c54400..b870dd10bbf 100644 --- a/git-lfs.yaml +++ b/git-lfs.yaml @@ -1,7 +1,7 @@ package: name: git-lfs version: 3.5.1 - epoch: 0 + epoch: 1 description: "large file support for git" copyright: - license: MIT diff --git a/gitlab-kas.yaml b/gitlab-kas.yaml index d7754bf2064..abf4d61d033 100644 --- a/gitlab-kas.yaml +++ b/gitlab-kas.yaml @@ -1,7 +1,7 @@ package: name: gitlab-kas version: 16.10.1 - epoch: 0 + epoch: 1 description: GitLab Kas is a component installed together with GitLab. It is required to manage the GitLab agent for Kubernetes. copyright: - license: MIT diff --git a/gitlab-logger.yaml b/gitlab-logger.yaml index 6270ef4bf95..8d6be95138a 100644 --- a/gitlab-logger.yaml +++ b/gitlab-logger.yaml @@ -1,7 +1,7 @@ package: name: gitlab-logger version: 3.0.0 - epoch: 4 + epoch: 5 description: GitLab Logger provides a means of wrapping non-structured log files within structure JSON. copyright: - license: MIT diff --git a/gitlab-pages.yaml b/gitlab-pages.yaml index 0f87cb9940a..ba59e96d666 100644 --- a/gitlab-pages.yaml +++ b/gitlab-pages.yaml @@ -3,7 +3,7 @@ package: name: gitlab-pages version: 16.9.2 - epoch: 1 + epoch: 2 description: GitLab Pages daemon used to serve static websites for GitLab users. copyright: - license: MIT diff --git a/gitlab-runner.yaml b/gitlab-runner.yaml index cb6f75ee169..7c30ee220c7 100644 --- a/gitlab-runner.yaml +++ b/gitlab-runner.yaml @@ -5,7 +5,7 @@ package: name: gitlab-runner version: 16.8.0 - epoch: 2 + epoch: 3 description: GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab copyright: - license: MIT diff --git a/gitlab-shell.yaml b/gitlab-shell.yaml index 286c7384ae2..e7b71b5fc36 100644 --- a/gitlab-shell.yaml +++ b/gitlab-shell.yaml @@ -5,7 +5,7 @@ package: name: gitlab-shell version: 14.34.0 - epoch: 2 + epoch: 3 description: SSH access for GitLab copyright: - license: MIT diff --git a/gitleaks.yaml b/gitleaks.yaml index b575cb60396..2e89ef48ba0 100644 --- a/gitleaks.yaml +++ b/gitleaks.yaml @@ -1,7 +1,7 @@ package: name: gitleaks version: 8.18.2 - epoch: 1 + epoch: 2 description: SAST tool for detecting and preventing hardcoded secrets like passwords, api keys, and tokens in git repos copyright: - license: MIT diff --git a/gitness.yaml b/gitness.yaml index be756fd68f6..20d7357010a 100644 --- a/gitness.yaml +++ b/gitness.yaml @@ -1,7 +1,7 @@ package: name: gitness version: 3.0.0_beta6 - epoch: 0 + epoch: 1 description: Gitness is an Open Source developer platform with Source Control management, Continuous Integration and Continuous Delivery. copyright: - license: Apache-2.0 diff --git a/gitsign.yaml b/gitsign.yaml index 232ae87b393..0942c8faf37 100644 --- a/gitsign.yaml +++ b/gitsign.yaml @@ -1,7 +1,7 @@ package: name: gitsign version: 0.10.1 - epoch: 0 + epoch: 1 description: Keyless Git signing with Sigstore! copyright: - license: Apache-2.0 diff --git a/gke-gcloud-auth-plugin.yaml b/gke-gcloud-auth-plugin.yaml index 79f00a35f20..6761a5b6f32 100644 --- a/gke-gcloud-auth-plugin.yaml +++ b/gke-gcloud-auth-plugin.yaml @@ -1,7 +1,7 @@ package: name: gke-gcloud-auth-plugin version: 0.0.2 - epoch: 7 + epoch: 8 description: "kubectl plugin for GKE authentication" copyright: - license: Apache-2.0 diff --git a/glab.yaml b/glab.yaml index 8f337fc85b2..fee17805a3b 100644 --- a/glab.yaml +++ b/glab.yaml @@ -5,7 +5,7 @@ package: name: glab version: 1.37.0 - epoch: 0 + epoch: 1 description: A GitLab CLI tool bringing GitLab to your command line copyright: - license: MIT diff --git a/go-bindata.yaml b/go-bindata.yaml index b2f0eb2c8ae..bc0b94dc9c1 100644 --- a/go-bindata.yaml +++ b/go-bindata.yaml @@ -1,7 +1,7 @@ package: name: go-bindata version: 3.1.3 - epoch: 16 + epoch: 17 description: A small utility which generates Go code from any file copyright: - license: Apache-2.0 diff --git a/go-licenses.yaml b/go-licenses.yaml index 027c525b8e7..d82efc39585 100644 --- a/go-licenses.yaml +++ b/go-licenses.yaml @@ -1,7 +1,7 @@ package: name: go-licenses version: 1.6.0 - epoch: 10 + epoch: 11 description: A lightweight tool to report on the licenses used by a Go package and its dependencies. Highlight! Versioned external URL to licenses can be found at the same time. copyright: - license: Apache-2.0 diff --git a/go-md2man.yaml b/go-md2man.yaml index 54952dc971b..10dfc9adb67 100644 --- a/go-md2man.yaml +++ b/go-md2man.yaml @@ -1,7 +1,7 @@ package: name: go-md2man version: 2.0.4 - epoch: 0 + epoch: 1 description: Utility to convert markdown to man pages copyright: - license: MIT diff --git a/gobump.yaml b/gobump.yaml index 1c09ae4b787..20b2ce7f2f6 100644 --- a/gobump.yaml +++ b/gobump.yaml @@ -1,7 +1,7 @@ package: name: gobump version: 0.7.7 - epoch: 0 + epoch: 1 description: Go tool to declaratively bump dependencies copyright: - license: Apache-2.0 diff --git a/gobuster.yaml b/gobuster.yaml index 18f2a103156..47b3a76ff62 100644 --- a/gobuster.yaml +++ b/gobuster.yaml @@ -1,7 +1,7 @@ package: name: gobuster version: 3.6.0 - epoch: 5 + epoch: 6 description: "a tool used to brute force attack for URIs, DNS, etc." copyright: - license: Apache-2.0 diff --git a/golangci-lint.yaml b/golangci-lint.yaml index f9ebb1201e5..5c5dfa91c02 100644 --- a/golangci-lint.yaml +++ b/golangci-lint.yaml @@ -1,7 +1,7 @@ package: name: golangci-lint version: 1.57.2 - epoch: 0 + epoch: 1 description: Fast linters Runner for Go copyright: - license: Apache-2.0 diff --git a/gomplate.yaml b/gomplate.yaml index eba72d11189..e113d89921b 100644 --- a/gomplate.yaml +++ b/gomplate.yaml @@ -1,7 +1,7 @@ package: name: gomplate version: 3.11.7 - epoch: 1 + epoch: 2 description: A go templating utility. copyright: - license: MIT diff --git a/gops.yaml b/gops.yaml index 1b950e59b48..d2e183193ed 100644 --- a/gops.yaml +++ b/gops.yaml @@ -1,7 +1,7 @@ package: name: gops version: 0.3.28 - epoch: 5 + epoch: 6 description: gops is a command to list and diagnose Go processes currently running on your system. copyright: - license: BSD-3-Clause diff --git a/goreleaser-1.18.yaml b/goreleaser-1.18.yaml index 480c8b2e20c..4c7bb391a77 100644 --- a/goreleaser-1.18.yaml +++ b/goreleaser-1.18.yaml @@ -1,7 +1,7 @@ package: name: goreleaser-1.18 version: 1.18.2 - epoch: 6 + epoch: 7 description: Deliver Go binaries as fast and easily as possible copyright: - license: Apache-2.0 diff --git a/goreleaser.yaml b/goreleaser.yaml index b693d775c9b..6cd3ed09628 100644 --- a/goreleaser.yaml +++ b/goreleaser.yaml @@ -1,7 +1,7 @@ package: name: goreleaser version: 1.25.0 - epoch: 0 + epoch: 1 description: Deliver Go binaries as fast and easily as possible copyright: - license: Apache-2.0 diff --git a/gosu.yaml b/gosu.yaml index c06a98a5ef6..ea14381f3ab 100644 --- a/gosu.yaml +++ b/gosu.yaml @@ -1,7 +1,7 @@ package: name: gosu version: "1.17" - epoch: 3 + epoch: 4 description: Simple Go-based setuid+setgid+setgroups+exec copyright: - license: Apache-2.0 diff --git a/govulncheck.yaml b/govulncheck.yaml index 937ea190f60..0f47df0152b 100644 --- a/govulncheck.yaml +++ b/govulncheck.yaml @@ -1,7 +1,7 @@ package: name: govulncheck version: 1.0.2 - epoch: 2 + epoch: 3 description: Go Vulnerability Management copyright: - license: BSD-3-Clause diff --git a/gptscript.yaml b/gptscript.yaml index 918d37bc08a..f73a5ae3d4b 100644 --- a/gptscript.yaml +++ b/gptscript.yaml @@ -1,7 +1,7 @@ package: name: gptscript version: 0.3.0 - epoch: 0 + epoch: 1 description: Develop LLM Apps in Natural Language copyright: - license: Apache-2.0 diff --git a/grafana-10.4.yaml b/grafana-10.4.yaml index d7393b0dc41..46016080852 100644 --- a/grafana-10.4.yaml +++ b/grafana-10.4.yaml @@ -1,7 +1,7 @@ package: name: grafana-10.4 version: 10.4.1 - epoch: 0 + epoch: 1 description: The open and composable observability and data visualization platform. copyright: - license: AGPL-3.0-or-later diff --git a/grafana-agent-operator.yaml b/grafana-agent-operator.yaml index 77d69b1439f..529e9abf06e 100644 --- a/grafana-agent-operator.yaml +++ b/grafana-agent-operator.yaml @@ -1,7 +1,7 @@ package: name: grafana-agent-operator version: 0.40.3 - epoch: 0 + epoch: 1 description: Grafana Agent Operator is a Kubernetes operator for the static mode of Grafana Agent. It makes it easier to deploy and configure static mode to collect telemetry data from Kubernetes resources. copyright: - license: Apache-2.0 diff --git a/grafana-operator.yaml b/grafana-operator.yaml index 9710683145d..1b5e3ef6571 100644 --- a/grafana-operator.yaml +++ b/grafana-operator.yaml @@ -1,7 +1,7 @@ package: name: grafana-operator version: 5.8.0 - epoch: 0 + epoch: 1 description: An operator for Grafana that installs and manages Grafana instances, Dashboards and Datasources through Kubernetes/OpenShift CRs copyright: - license: Apache-2.0 diff --git a/grpc-health-probe.yaml b/grpc-health-probe.yaml index 09b9e7229a2..1f06c07218e 100644 --- a/grpc-health-probe.yaml +++ b/grpc-health-probe.yaml @@ -1,7 +1,7 @@ package: name: grpc-health-probe version: 0.4.25 - epoch: 0 + epoch: 1 description: A command-line tool to perform health-checks for gRPC applications in Kubernetes and elsewhere copyright: - license: Apache-2.0 diff --git a/grpcurl.yaml b/grpcurl.yaml index 1455b744cc2..edc1b6aefdf 100644 --- a/grpcurl.yaml +++ b/grpcurl.yaml @@ -1,7 +1,7 @@ package: name: grpcurl version: 1.8.9 - epoch: 4 + epoch: 5 description: CLI tool to interact with gRPC servers copyright: - license: MIT diff --git a/grype.yaml b/grype.yaml index 80d2794b9c4..dfd5741f0c3 100644 --- a/grype.yaml +++ b/grype.yaml @@ -1,7 +1,7 @@ package: name: grype version: 0.74.7 - epoch: 3 + epoch: 4 description: Vulnerability scanner for container images, filesystems, and SBOMs copyright: - license: Apache-2.0 diff --git a/guac.yaml b/guac.yaml index a2de53d50c0..2ed17d75641 100644 --- a/guac.yaml +++ b/guac.yaml @@ -1,7 +1,7 @@ package: name: guac version: 0.5.2 - epoch: 0 + epoch: 1 description: GUAC aggregates software security metadata into a high fidelity graph database. copyright: - license: Apache-2.0 diff --git a/haproxy-ingress.yaml b/haproxy-ingress.yaml index bbbb1b7bd29..acaa441b007 100644 --- a/haproxy-ingress.yaml +++ b/haproxy-ingress.yaml @@ -1,7 +1,7 @@ package: name: haproxy-ingress version: 0.14.6 - epoch: 2 + epoch: 3 description: HAProxy Ingress copyright: - license: Apache-2.0 diff --git a/harbor-2.10.yaml b/harbor-2.10.yaml index 05a0fd58a7a..424ee9d7c78 100644 --- a/harbor-2.10.yaml +++ b/harbor-2.10.yaml @@ -1,7 +1,7 @@ package: name: harbor-2.10 version: 2.10.1 - epoch: 0 + epoch: 1 description: An open source trusted cloud native registry project that stores, signs, and scans content copyright: - license: Apache-2.0 diff --git a/hcloud.yaml b/hcloud.yaml index 4ee5f8369f7..1a02cb846b7 100644 --- a/hcloud.yaml +++ b/hcloud.yaml @@ -1,7 +1,7 @@ package: name: hcloud version: 1.43.0 - epoch: 0 + epoch: 1 description: A command-line interface for Hetzner Cloud copyright: - license: MIT diff --git a/hello-world-golang.yaml b/hello-world-golang.yaml index add18bde1d6..0fa7731e64a 100644 --- a/hello-world-golang.yaml +++ b/hello-world-golang.yaml @@ -1,7 +1,7 @@ package: name: hello-world-golang version: 1.3 - epoch: 1 + epoch: 2 description: Simple go application that prints 'hello world' in a loop when built and invoked. copyright: - license: Apache-2.0 diff --git a/ipfs.yaml b/ipfs.yaml index 6659c4a4dc6..30ebe0e163f 100644 --- a/ipfs.yaml +++ b/ipfs.yaml @@ -30,7 +30,7 @@ pipeline: - uses: go/bump with: - deps: google.golang.org/protobuf@v1.33.0 + deps: google.golang.org/protobuf@v1.33.0 github.com/quic-go/quic-go@v0.42.0 github.com/libp2p/go-libp2p@v0.33.2 - runs: | CGO_ENABLED=1 GOOS=$(go env GOOS) GOARCH=$(go env GOARCH) GOFLAGS=-buildvcs=false make build GOTAGS=openssl diff --git a/mycli.yaml b/mycli.yaml index 12e833e1261..545c50bb9e5 100644 --- a/mycli.yaml +++ b/mycli.yaml @@ -1,6 +1,6 @@ package: name: mycli - version: 1.27.1 + version: 1.27.2 epoch: 0 description: "static code and composition analysis tool for IaC" copyright: @@ -35,7 +35,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/m/mycli/mycli-${{package.version}}.tar.gz - expected-sha256: e9f527a3e6192e7b87fe7b708aa3bd5b1eb7ac3489c1c159567e5ff5c98ca899 + expected-sha256: d11da4e614640096ea8066443d75946f8f281714ca30a89065c91fdc5f950b72 - runs: | python3 -m gpep517 build-wheel --wheel-dir dist --output-fd 1 diff --git a/nuclei.yaml b/nuclei.yaml index 87a9341a46a..77fcc49b767 100644 --- a/nuclei.yaml +++ b/nuclei.yaml @@ -1,7 +1,7 @@ package: name: nuclei version: 3.2.2 - epoch: 1 + epoch: 2 description: "yaml based vulnerability scanner" copyright: - license: MIT @@ -22,6 +22,10 @@ pipeline: repository: https://github.com/projectdiscovery/nuclei tag: v${{package.version}} + - uses: go/bump + with: + deps: github.com/quic-go/quic-go@v0.42.0 + - runs: | mkdir -p "${{targets.destdir}}"/usr/bin go mod edit -replace=github.com/mholt/archiver@v3.1.1+incompatible=github.com/mholt/archiver/v3@v3.3.2 # CVE-2019-10743 Fixed diff --git a/prometheus-pushgateway.yaml b/prometheus-pushgateway.yaml index fb9a1eaab0a..ced8885b028 100644 --- a/prometheus-pushgateway.yaml +++ b/prometheus-pushgateway.yaml @@ -1,7 +1,7 @@ package: name: prometheus-pushgateway - version: 1.7.0 - epoch: 4 + version: 1.8.0 + epoch: 0 description: Push acceptor for ephemeral and batch jobs. copyright: - license: Apache-2.0 @@ -21,11 +21,7 @@ pipeline: with: repository: https://github.com/prometheus/pushgateway tag: v${{package.version}} - expected-commit: 109280c17d29059623c6f5dbf1d6babab34166cf - - - uses: go/bump - with: - deps: google.golang.org/protobuf@v1.33.0 + expected-commit: 5aef87129c8d9ecebcc8b2fb0e97a31980680e8c - runs: | make build diff --git a/py3-boto3.yaml b/py3-boto3.yaml index 93b59240eeb..87429cc3928 100644 --- a/py3-boto3.yaml +++ b/py3-boto3.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/boto3/ package: name: py3-boto3 - version: 1.34.76 + version: 1.34.77 epoch: 0 description: The AWS SDK for Python copyright: @@ -24,7 +24,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 8c598382e8fb61cfa8f75056197e9b509eb52039ebc291af3b1096241ba2542c + expected-sha256: 8ebed4fa5a3b84dd4037f28226985af00e00fb860d739fc8b1ed6381caa4b330 uri: https://files.pythonhosted.org/packages/source/b/boto3/boto3-${{package.version}}.tar.gz - name: Python Build diff --git a/py3-botocore.yaml b/py3-botocore.yaml index ad0ec2ad725..c49175b1049 100644 --- a/py3-botocore.yaml +++ b/py3-botocore.yaml @@ -1,6 +1,6 @@ package: name: py3-botocore - version: 1.34.76 + version: 1.34.77 epoch: 0 description: The low-level, core functionality of Boto3 copyright: @@ -27,7 +27,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz - expected-sha256: 68be44487a95132fccbc0b836fded4190dae30324f6bf822e1b6efd385ffdc83 + expected-sha256: 6dab60261cdbfb7d0059488ea39408d5522fad419c004ba5db3484e6df854ea8 - runs: | python3 setup.py build diff --git a/py3-libcst.yaml b/py3-libcst.yaml index 7a626c61246..ca071504c70 100644 --- a/py3-libcst.yaml +++ b/py3-libcst.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/libcst/ package: name: py3-libcst - version: 1.2.0 + version: 1.3.0 epoch: 0 description: A concrete syntax tree with AST-like properties for Python 3.5, 3.6, 3.7, 3.8, 3.9, and 3.10 programs. copyright: @@ -29,7 +29,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 627bb0c4ab4ec875d5b683db4825a321b9c9072d + expected-commit: 8b334740015d248e0ee90072b5d64a4cd7cd6e7b repository: https://github.com/Instagram/LibCST tag: v${{package.version}} diff --git a/py3-xyzservices.yaml b/py3-xyzservices.yaml index 6d8f9477704..ae120326ada 100644 --- a/py3-xyzservices.yaml +++ b/py3-xyzservices.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/xyzservices/ package: name: py3-xyzservices - version: 2023.10.1 - epoch: 1 + version: 2024.4.0 + epoch: 0 description: Source of XYZ tiles providers copyright: - license: BSD-3-Clause @@ -23,7 +23,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: de9baed662123fc2f44d5627a7ed05925f5eff9f + expected-commit: 8ee9104264bcecda5fd8e2fedbb0f330ea3410c1 repository: https://github.com/geopandas/xyzservices tag: ${{package.version}} diff --git a/traefik.yaml b/traefik.yaml index 80ba30f0266..f5be3a92a1a 100644 --- a/traefik.yaml +++ b/traefik.yaml @@ -1,7 +1,7 @@ package: name: traefik version: 2.11.0 - epoch: 5 + epoch: 6 description: The Cloud Native Application Proxy copyright: - license: MIT @@ -24,7 +24,7 @@ pipeline: - uses: go/bump with: - deps: github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 github.com/docker/docker@v24.0.9 + deps: github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 github.com/docker/docker@v24.0.9 github.com/quic-go/quic-go@v0.42.0 - runs: | mkdir -p "${{targets.destdir}}/usr/bin"