fix(deps): update go modules

[renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change	Pending
cloud.google.com/go/storage	require	minor	v1.30.1 -> v1.32.0
github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test	require	minor	v0.7.0 -> v0.8.0
github.com/GoogleCloudPlatform/config-validator	require	digest	1130fc5 -> 0da46e6
github.com/go-git/go-git/v5	require	minor	v5.7.0 -> v5.8.1
github.com/gomarkdown/markdown	require	digest	c84983b -> 531d2d7
github.com/google/go-github/v53	require	major	v53.2.0 -> v54.0.0	v55.0.0
github.com/hashicorp/hcl/v2	require	minor	v2.17.0 -> v2.18.0
github.com/hashicorp/terraform-config-inspect	require	digest	f32df32 -> b800820
github.com/iancoleman/strcase	require	minor	v0.2.0 -> v0.3.0
github.com/jedib0t/go-pretty/v6	require	patch	v6.4.6 -> v6.4.7
github.com/open-policy-agent/opa	require	minor	v0.54.0 -> v0.55.0	v0.56.0
golang.org/x/exp	require	digest	97b1e66 -> 9212866
golang.org/x/oauth2	require	minor	v0.9.0 -> v0.11.0	v0.12.0
golang.org/x/text	require	minor	v0.10.0 -> v0.13.0
google.golang.org/api	require	minor	v0.129.0 -> v0.138.0
gopkg.in/yaml.v2	require	major	v2.4.0 -> v3.0.1

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

go-git/go-git (github.com/go-git/go-git/v5)

v5.8.1

Compare Source

What's Changed

• *: Bump dependencies by @​pjbgf in https://github.com/go-git/go-git/pull/815

Full Changelog: go-git/go-git@v5.8.0...v5.8.1

v5.8.0

Compare Source

What's Changed

• git: Fix fetching after shallow clone. Fixes #​305 by @​AriehSchneier in https://github.com/go-git/go-git/pull/778
• git: enable fetch with unqualified references by @​AriehSchneier in https://github.com/go-git/go-git/pull/762
• git: don't add to want if exists, shallow and depth 1 by @​AriehSchneier in https://github.com/go-git/go-git/pull/763
• git: Clone HEAD should not force master. Fixes #​363 by @​AriehSchneier in https://github.com/go-git/go-git/pull/758
• git: fix the issue with submodules having the SCP style URL fail due to the wrong URL parsing by @​matejrisek in https://github.com/go-git/go-git/pull/756
• git: add a clone option to allow for shallow cloning of submodules by @​matejrisek in https://github.com/go-git/go-git/pull/765
• worktree: minor speedup for doAddDirectory by @​ThinkChaos in https://github.com/go-git/go-git/pull/702
• _examples: Remove wrong comment by @​pascal-hofmann in https://github.com/go-git/go-git/pull/357
• *: Handle paths starting with tilde by @​ricci2511 in https://github.com/go-git/go-git/pull/808
• *: Handle paths starting with ~Username by @​AriehSchneier in https://github.com/go-git/go-git/pull/809
• storage: filesystem/dotgit, add support for tmp_objdir prefix by @​L11R in https://github.com/go-git/go-git/pull/812
• plumbing: gitignore, replace user dir in path by @​Jleagle in https://github.com/go-git/go-git/pull/772
• plumbing: gitignore, fix incorrect parsing. Fixes #​500 by @​AriehSchneier in https://github.com/go-git/go-git/pull/781
• plumbing: http, Fix empty repos on Git v2.41+ by @​pjbgf in https://github.com/go-git/go-git/pull/802
• plumbing: packp, A request is not empty if it contains shallows. Fixes #​328 by @​AriehSchneier in https://github.com/go-git/go-git/pull/792
• plumbing: blame, Complete rewrite. Fixes #​603 by @​AriehSchneier in https://github.com/go-git/go-git/pull/789
• plumbing: gitignore, Allow gitconfig to contain a gitignore relative to any user home. Fixes #​578 by @​AriehSchneier in https://github.com/go-git/go-git/pull/785

New Contributors

• @​Jleagle made their first contribution in https://github.com/go-git/go-git/pull/772
• @​pascal-hofmann made their first contribution in https://github.com/go-git/go-git/pull/357
• @​ricci2511 made their first contribution in https://github.com/go-git/go-git/pull/808
• @​L11R made their first contribution in https://github.com/go-git/go-git/pull/812

Full Changelog: go-git/go-git@v5.7.0...v5.7.1

google/go-github (github.com/google/go-github/v53)

v54.0.0

Compare Source

This release contains the following breaking API changes:

• Fix ListPullRequestsWithCommit option type (#​2822)
• Support repository_id in org ruleset conditions (#​2825)
• Fix repo rules bypass settings (#​2831)
• Fix old_name field in AuditEntry (#​2849)

and the following additional changes:

• Bump golang.org/x/net from 0.10.0 to 0.11.0 in /scrape (#​2814)
• Bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#​2812)
• Bump github.com/google/go-github/v53 from 53.0.0 to 53.2.0 in /scrape (#​2813)
• Add Runner to generate-jitconfig method (#​2818)
• Remove unnecessary use of fmt.Sprintf (#​2819)
• Use bytes.Equal instead of bytes.Compare (#​2820)
• Fix CreateOrUpdateOrgSecret regression introduced in v53 (#​2817)
• Add Repository struct to SecretScanningAlert (#​2823)
• Add support for personal access tokens request review API (#​2827)
• Add support for personal_access_token_request webhook event type (#​2826)
• Support line comments on PRs (#​2833)
• Implement installation_target webhook event type (#​2829)
• Add secret type display to secret scanning alert (#​2834)
• Use a sentinel error when blocking paths for RepositoriesServices.GetContents (#​2837)
• Add support for SAML SSO authorization APIs (#​2835)
• Bump golang.org/x/net from 0.11.0 to 0.12.0 in /scrape (#​2839)
• Bump golang.org/x/oauth2 from 0.9.0 to 0.10.0 (#​2840)
• Add Dependabot field in security_and_analysis (#​2846)
• Add new query params for AlertListOptions (#​2848)
• Add old_name field to AuditEntry (#​2843)
• Add OldLogin field to AuditEntryData (#​2850)
• Check for nil pointer in update rule parameters (#​2854)
• Fix dropped test error (#​2858)
• Bump golang.org/x/oauth2 from 0.10.0 to 0.11.0 (#​2859)
• Bump golang.org/x/net from 0.12.0 to 0.14.0 in /scrape (#​2860)
• Add ListOptions pagination for Dependabot alerts (#​2853)
• Add support for Security Advisories Request CVE endpoint (#​2857)
• Add support for the security and analysis webhook event (#​2862)
• Add support for projects_v2 and projects_v2_item webhook events (#​2868)
• Defer closing body before checking HTTP status code (#​2870)
• Add GetAutomatedSecurityFixes to report status (#​2842)
• Adding missing field important to find branch in fork from same owner (#​2873)
• Add WorkflowRun and Workflow to DeploymentEvent (#​2755)
• Replace deprectated crypto/ssh/terminal module in examples (#​2876)
• Update workflow to use Go 1.21 and 1.20 (#​2878)
• Add TriggeringActor to WorkflowRun (#​2879)
• Add WebhookTypes and EventForType methods (#​2865)
• Add support for fetching SBOMs (#​2869)
• Add SubmoduleGitURL to RepositoryContent (#​2880)
• Bump version of go-github to v54.0.0 (#​2881)

hashicorp/hcl (github.com/hashicorp/hcl/v2)

v2.18.0

Compare Source

Enhancements

• HCL now uses the tables from Unicode 15 when performing string normalization and character segmentation. HCL was previously using the Unicode 13 tables.

  For calling applications where consistent Unicode support is important, consider also upgrading to Go 1.21 at the same time as adopting HCL v2.18.0 so that the standard library unicode tables (used for case folding, etc) will also be from Unicode 15.

v2.17.1

Compare Source

Enhancements

• hclsyntax: When evaluating string templates that have a long known constant prefix, HCL will truncate the known prefix to avoid creating excessively-large refinements. String prefix refinements are intended primarily for relatively-short fixed prefixes, such as https:// at the start of a URL known to use that scheme. (#​617)
• ext/tryfunc: The "try" and "can" functions now handle unknown values slightly more precisely, and so can return known values in more situations when given expressions referring to unknown symbols. (#​622)

Bugs Fixed

• ext/typeexpr: Will no longer try to refine unknown values of unknown type when dealing with a user-specified type constraint containing the any keyword, avoiding an incorrect panic at runtime. (#​625)
• ext/typeexpr: Now correctly handles attempts to declare the same object type attribute multiple times by returning an error. Previously this could potentially panic by creating an incoherent internal state. (#​624)

iancoleman/strcase (github.com/iancoleman/strcase)

v0.3.0

Compare Source

jedib0t/go-pretty (github.com/jedib0t/go-pretty/v6)

v6.4.7

Compare Source

Features

• text
  • add hyperlink formatter (#​263) // thanks @​sanyatuning
• progress // thanks @​NathanBaulch for all of the following
  • support rendering trackers that haven't started yet (#​270)
  • secondary sort by start time (#​271)
  • stability fix for descending sorts (#​272)
  • render never started trackers properly (#​273)
  • overall ETA never less than max ETA (#​274)

open-policy-agent/opa (github.com/open-policy-agent/opa)

v0.55.0

Compare Source

NOTES:

• All published OPA images now run with a non-root uid/gid. The uid:gid is set to 1000:1000 for all images. As a result
  there is no longer a need for the -rootless image variant and hence it will be not be published as part of future releases.
  This change is in line with container security best practices. OPA can still be run with root privileges by explicitly setting the user,
  either with the --user argument for docker run, or by specifying the securityContext in the Kubernetes Pod specification.

• The minimum version of Go required to build the OPA module is 1.19

This release contains a mix of new features, bugfixes and a new builtin function.

Honor default keyword on functions

Previously if a function was defined with a default value, OPA would ignore it. Now the default function is honored
if all functions with the same name are undefined. For example,

package example

default clamp_positive(_) := 0

clamp_positive(x) = x {
    x > 0
}

$ opa eval -d example.rego 'data.example.clamp_positive(1)' -f pretty
1

$ opa eval -d example.rego 'data.example.clamp_positive(-1)' -f pretty
0

The value of a default function follows the same conditions as that of a default rule. In addition, a default
function satisfies the following properties:

• same arity as other functions with the same name
• arguments should only be plain variables ie. no composite values
• argument names should not be repeated

NOTE:

default functions used to be previously ignored. If existing policies contain default functions, ensure that they conform
to the properties mentioned above. Otherwise, those policies will fail to evaluate.

Authored by @​ashutosh-narkar.

New Built-In Function: crypto.parse_private_keys

crypto.parse_private_keys returns zero or more private keys from the given encoded string containing DER certificate data.
If the input contains a list of one or more concatenated PEM blocks, then the built-in will output the parsed private keys
represented as objects.

See the documentation on the new built-in
for all the details.

Authored by @​volck.

Runtime, Tooling, SDK

• plugins/rest: Add AWS KMS support for OAuth2 Client Credentials JWT authentication (#​5942) authored by @​prasanthu
• sdk: Update input object to conform to the format expected by decision log masking (#​6090) authored by @​epaulson10
• sdk: Add option for specifying decision ID to SDK. Users can use this to control the ID that gets included in the decision logs (#​6101) authored by @​brianchhun-chime
• cmd: Add discard output format to opa eval which discards the result while still showing the output of eval flags like --profile (#​6103) authored by @​26tanishabanik
• Make rootless deprecation messages more explicit as all published OPA images now run with non-root uid/gid (#​6091) authored by @​charlieegan3
• download/oci: Add support for Docker Registry v2 authentication scheme (#​6045) authored by @​gitu and @​DerGut
• plugins/discovery: Ensure discovery plugin doesn't erase its own config on the plugin manager (#​6070) authored by @​blacksails

Topdown and Rego

• ast: Add WithRoots compiler option that allows callers to set the roots to include in the output bundle manifest (#​6088) authored by @​kubaj
• rego: Parse store modules iff modules set on the Rego object. This change assumes that while using the Rego package, the compiler and store are kept in-sync, and thereby attempts to avoid a race during the compilation process (#​6081) authored by @​ashutosh-narkar

Docs

• docs/envoy: Update the standalone Envoy tutorial to use kind, updated Envoy version etc. (#​6105) authored by @​charlieegan3

Website + Ecosystem

• Ecosystem:

  • Carbonetes BrainIAC (#​6073) authored by @​jaysonsantos05

• Website:

  • Reorganize relevant doc sections and OPA Ecosystem projects to have a closer integration between them (#​6064) authored by @​charlieegan3

Miscellaneous

• chore: Update comments on some exported functions and clean up instances where the same package was imported multiple times (authored by @​testwill)
• Fix issue in the OPA release patch scripts related to CRLF line terminations in the patch output (#​6069) authored by @​johanfylling
• Dependency bumps, notably:
  • golang from 1.20.5 to 1.20.6
  • oras.land/oras-go/v2 from 2.2.0 to 2.2.1
  • google.golang.org/grpc from 1.56.1 to 1.56.2
  • github.com/containerd/containerd from 1.6.19 to 1.7.2
  • golang.org/x/net from 0.11.0 to 0.12.0
  • go.uber.org/automaxprocs from 1.5.2 to 1.5.3
  • go.opentelemetry.io/otel from v1.14.0 to v1.16.0 (#​6062) authored by @​srenatus with feedback from @​ghaskins and @​zregvart

googleapis/google-api-go-client (google.golang.org/api)

v0.138.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2115) (1770219)
• all: Auto-regenerate discovery clients (#​2118) (40ea606)
• all: Auto-regenerate discovery clients (#​2119) (9b75278)

v0.137.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2106) (3f3ed3d)
• all: Auto-regenerate discovery clients (#​2108) (80485e0)
• all: Auto-regenerate discovery clients (#​2110) (4d775db)
• all: Auto-regenerate discovery clients (#​2111) (0cc62ab)
• all: Auto-regenerate discovery clients (#​2112) (f7f1c7b)
• all: Auto-regenerate discovery clients (#​2113) (142ffeb)
• Ok to use S2A with override endpoint (#​2114) (caea956)

v0.136.0

Compare Source

Features

• Add additional checks before using S2A (#​2103) (c62e5c6)
• all: Auto-regenerate discovery clients (#​2104) (8029f73)

v0.135.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2087) (8875932)
• all: Auto-regenerate discovery clients (#​2089) (c4d9f14)
• all: Auto-regenerate discovery clients (#​2090) (8ba6963)
• all: Auto-regenerate discovery clients (#​2091) (597995c)
• all: Auto-regenerate discovery clients (#​2093) (2b1c61f)
• all: Auto-regenerate discovery clients (#​2094) (979195d)
• all: Auto-regenerate discovery clients (#​2095) (1e19c22)
• all: Auto-regenerate discovery clients (#​2096) (e59738c)
• all: Auto-regenerate discovery clients (#​2098) (ff054ff)
• all: Auto-regenerate discovery clients (#​2099) (b16a2d3)
• all: Auto-regenerate discovery clients (#​2100) (262aa70)
• all: Auto-regenerate discovery clients (#​2102) (8fbf572)

v0.134.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2084) (66d077d)
• all: Auto-regenerate discovery clients (#​2086) (aec89b7)

v0.133.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2077) (d9bd05b)
• all: Auto-regenerate discovery clients (#​2079) (b88678a)
• all: Auto-regenerate discovery clients (#​2080) (3a5236c)
• all: Auto-regenerate discovery clients (#​2081) (94f3caf)
• all: Auto-regenerate discovery clients (#​2082) (0846d92)

v0.132.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2065) (25a3230)
• all: Auto-regenerate discovery clients (#​2069) (16cf0c3)
• all: Auto-regenerate discovery clients (#​2072) (52ac522)
• all: Auto-regenerate discovery clients (#​2073) (0011a92)
• all: Auto-regenerate discovery clients (#​2075) (25d96d9)
• all: Auto-regenerate discovery clients (#​2076) (334c07e)

v0.131.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2054) (1b0f818)
• all: Auto-regenerate discovery clients (#​2058) (e871335)
• all: Auto-regenerate discovery clients (#​2059) (24b4d0b)
• all: Auto-regenerate discovery clients (#​2060) (16ad84c)
• all: Auto-regenerate discovery clients (#​2062) (90038ee)
• all: Auto-regenerate discovery clients (#​2063) (524f72b)
• all: Auto-regenerate discovery clients (#​2064) (f391921)
• gensupport: Pass in headers via context (#​2052) (c836da9)

v0.130.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​2041) (dc4d425)
• all: Auto-regenerate discovery clients (#​2043) (7a8816b)
• all: Auto-regenerate discovery clients (#​2044) (380eafd)
• all: Auto-regenerate discovery clients (#​2045) (50d3e98)
• all: Auto-regenerate discovery clients (#​2046) (6711565)
• all: Auto-regenerate discovery clients (#​2049) (5e08be4)
• all: Auto-regenerate discovery clients (#​2050) (d79dfc2)
• all: Auto-regenerate discovery clients (#​2051) (5ec0817)

go-yaml/yaml (gopkg.in/yaml.v2)

v3.0.1

Compare Source

v3.0.0

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun

[dpebot]

/gcbrun