From 3364e2c9ec769b3e30dd809c751b92b3b8acbf16 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Aug 2024 11:16:23 -0500
Subject: [PATCH] Bump build.buf:buf from 1.36.0 to 1.38.0 (#169)
Bumps [build.buf:buf](https://github.com/bufbuild/buf) from 1.36.0 to
1.38.0.
Release notes
Sourced from build.buf:buf's
releases.
v1.38.0
- Add
--http3 flag to buf curl which forces
buf curl to use HTTP/3 as the transport.
- Fix issue with directory inputs for v2 workspaces where the
specified directory was not itself
a path to a module, but contained directories with modules, and the
modules would not build.
- Stop creating empty
buf.lock files when buf dep
update does not find new dependencies
to update and there is no existing buf.lock.
- Update
buf push to push the license file or doc file
(e.g. README.md, LICENSE) in the
same directory as buf.yaml if a module does not have a
license file or doc file in the
module's directory.
- Fix constraints of
--path flag for lint and breaking
rules to avoid resolving all files
within a module. This change can result in a performance improvement for
large workspaces.
v1.37.0
- Add
STABLE_PACKAGE_NO_IMPORT_UNSTABLE lint rule which
disallows files from stable packages
to import files from unstable packages.
- Fix plugin push failures when pushing an image built with containerd
image store.
Changelog
Sourced from build.buf:buf's
changelog.
[v1.38.0] - 2024-08-22
- Add
--http3 flag to buf curl which forces
buf curl to use HTTP/3 as the transport.
- Fix issue with directory inputs for v2 workspaces where the
specified directory was not itself
a path to a module, but contained directories with modules, and the
modules would not build.
- Stop creating empty
buf.lock files when buf dep
update does not find new dependencies
to update and there is no existing buf.lock.
- Update
buf push to push the license file or doc file
(e.g. README.md, LICENSE) in the
same directory as buf.yaml if a module does not have a
license file or doc file in the
module's directory.
- Fix constraints of
--path flag for lint and breaking
rules to avoid resolving all files
within a module. This change can result in a performance improvement for
large workspaces.
[v1.37.0] - 2024-08-16
- Add
STABLE_PACKAGE_NO_IMPORT_UNSTABLE lint rule which
disallows files from stable packages
to import files from unstable packages.
- Fix plugin push failures when pushing an image built with containerd
image store.
Commits
ec7b887
Release v1.38.0 (#3261)241370a
Fix constraints of paths on target images (#3235)cb33efb
Fix file locking for the ModuleDataStore (#3139)5bdce5d
Update buf push to include top level license and doc file (#3206)bc5ed90
Separate matchers as a bucket filter (#3229)5b37673
Fix problem with input dir not detecting controlling workspace in
certain cas...915ae13
Improve support for docker plugins built with containerd image store (#3247)ad531ed
Ensure that buf dep update does not create an empty buf.lock when there
are n...5af3f55
Update changelog (#3259)3deb7e8
Add --http3 flag to buf curl (#3127)- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
gradle/libs.versions.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index e81c5816..8f26481d 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -1,6 +1,6 @@
[versions]
assertj = "3.26.3"
-buf = "1.36.0"
+buf = "1.38.0"
cel = "0.5.0"
ipaddress = "5.5.1"
junit = "5.11.0"