Skip to content

fix(deps): update all non-major dependencies#644

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch-digest-pin
Open

fix(deps): update all non-major dependencies#644
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch-digest-pin

Conversation

@renovate

@renovate renovate Bot commented Apr 2, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change Age Confidence
actions/checkout action patch v6.0.2v6.0.3 age confidence
actions/setup-go action minor v6.4.0v6.5.0 age confidence
alpine digest 251091828bd5fe
alpine final minor 3.23.33.24.1 age confidence
codecov/codecov-action action patch v6.0.0v6.0.2 age confidence
docker.io/library/alpine minor 3.23.33.24.1 age confidence
docker/build-push-action action minor v7.0.0v7.2.0 age confidence
docker/login-action action minor v4.0.0v4.2.0 age confidence
docker/metadata-action action minor v6.0.0v6.1.0 age confidence
github.com/Masterminds/semver/v3 require minor v3.4.0v3.5.0 age confidence
github.com/alecthomas/chroma/v2 require minor v2.23.1v2.27.0 age confidence
github.com/go-vela/sdk-go require patch v0.28.0v0.28.1 age confidence
github.com/go-vela/server require patch v0.28.0v0.28.8 age confidence
github.com/go-vela/worker require patch v0.28.0v0.28.2 age confidence
github.com/urfave/cli/v3 require minor v3.8.0v3.10.1 age confidence
github/codeql-action action minor v4.35.1v4.36.2 age confidence
golang.org/x/term require minor v0.41.0v0.44.0 age confidence

Release Notes

actions/checkout (actions/checkout)

v6.0.3

Compare Source

actions/setup-go (actions/setup-go)

v6.5.0

Compare Source

codecov/codecov-action (codecov/codecov-action)

v6.0.2

Compare Source

This is a copy of the v7.0.0 release to make updates easier

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

v6.0.1

Compare Source

What's Changed

Full Changelog: codecov/codecov-action@v6.0.0...v6.0.1

docker/build-push-action (docker/build-push-action)

v7.2.0

Compare Source

Full Changelog: docker/build-push-action@v7.1.0...v7.2.0

v7.1.0

Compare Source

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

docker/login-action (docker/login-action)

v4.2.0

Compare Source

Full Changelog: docker/login-action@v4.1.0...v4.2.0

v4.1.0

Compare Source

Full Changelog: docker/login-action@v4.0.0...v4.1.0

docker/metadata-action (docker/metadata-action)

v6.1.0

Compare Source

  • Bump @​docker/actions-toolkit from 0.79.0 to 0.90.0 in #​613
  • Bump brace-expansion from 1.1.12 to 5.0.6 in #​658 #​630
  • Bump csv-parse from 6.1.0 to 6.2.1 in #​617
  • Bump fast-xml-parser from 5.4.2 to 5.8.0 in #​620
  • Bump flatted from 3.3.3 to 3.4.2 in #​623
  • Bump glob from 10.3.15 to 10.5.0 in #​621
  • Bump handlebars from 4.7.8 to 4.7.9 in #​629
  • Bump lodash from 4.17.23 to 4.18.1 in #​639
  • Bump moment-timezone from 0.6.0 to 0.6.1 in #​619
  • Bump picomatch from 4.0.3 to 4.0.4 in #​626
  • Bump postcss from 8.5.6 to 8.5.10 in #​649
  • Bump tar from 6.2.1 to 7.5.15 in #​657
  • Bump undici from 6.23.0 to 6.25.0 in #​614
  • Bump vite from 7.3.1 to 7.3.2 in #​637

Full Changelog: docker/metadata-action@v6.0.0...v6.1.0

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.5.0

Compare Source

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.4.0...v3.5.0

alecthomas/chroma (github.com/alecthomas/chroma/v2)

v2.27.0

Compare Source

Changelog

v2.26.1

Compare Source

Changelog

  • 56c7702 fix: downgrade go.mod version to 1.25

v2.26.0

Compare Source

Changelog

  • a4d3f60 feat(chromad): use style counterparts for theme switching
  • ce159e6 chore: migrate to new bit format
  • 180ea9f perf(colour): replace Sprintf/ParseUint round-trip in NewColour with direct bit arithmetic (#​1274)
  • 68a08b0 docs: how to support dynamic theme switching
  • 6fb9d92 feat(html): tag output with style mode
  • a71fea3 feat(styles): add light/dark mode support

v2.25.0

Compare Source

Changelog

v2.24.1

Compare Source

Changelog

v2.24.0

Compare Source

Changelog

go-vela/sdk-go (github.com/go-vela/sdk-go)

v0.28.1

Compare Source

What's Changed

Full Changelog: go-vela/sdk-go@v0.28.0...v0.28.1

go-vela/server (github.com/go-vela/server)

v0.28.8

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.7...v0.28.8

v0.28.7

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.6...v0.28.7

v0.28.6

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.5...v0.28.6

v0.28.5

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.4...v0.28.5

v0.28.4

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.3...v0.28.4

v0.28.3

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.2...v0.28.3

v0.28.2

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.1...v0.28.2

v0.28.1

Compare Source

What's Changed

Full Changelog: go-vela/server@v0.28.0...v0.28.1

go-vela/worker (github.com/go-vela/worker)

v0.28.2

Compare Source

What's Changed

Full Changelog: go-vela/worker@v0.28.1...v0.28.2

v0.28.1

Compare Source

What's Changed

Full Changelog: go-vela/worker@v0.28.0...v0.28.1

urfave/cli (github.com/urfave/cli/v3)

v3.10.1

Compare Source

v3.10.0

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.9.1...v3.10.0

v3.9.1

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.9.0...v3.9.1

v3.9.0

Compare Source

What's Changed

New Contributors

Full Changelog: urfave/cli@v3.8.0...v3.9.0

github/codeql-action (github/codeql-action)

v4.36.2

Compare Source

  • Cache CodeQL CLI version information across Actions steps. #​3943
  • Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. #​3937
  • Update default CodeQL bundle version to 2.25.6. #​3948

v4.36.1

Compare Source

No user facing changes.

v4.36.0

Compare Source

  • Breaking change: Bump the minimum required CodeQL bundle version to 2.19.4. #​3894
  • Add support for SHA-256 Git object IDs. #​3893
  • Update default CodeQL bundle version to 2.25.5. #​3926

v4.35.5

Compare Source

  • We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #​3899
  • For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #​3791
  • If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #​3892
  • Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #​3880

v4.35.4

Compare Source

v4.35.3

Compare Source

  • Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. #​3837
  • Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. #​3850
  • Best-effort connection tests for private registries now use GET requests instead of HEAD for better compatibility with va

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from a team as a code owner April 2, 2026 19:08
@renovate renovate Bot added the dependencies Indicates a change to dependencies label Apr 2, 2026
@codecov

codecov Bot commented Apr 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.27%. Comparing base (3220a25) to head (913ccba).

❌ Your project check has failed because the head coverage (71.27%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #644   +/-   ##
=======================================
  Coverage   71.27%   71.27%           
=======================================
  Files         174      174           
  Lines        4741     4741           
=======================================
  Hits         3379     3379           
  Misses       1053     1053           
  Partials      309      309           
Files with missing lines Coverage Δ
command/pipeline/exec.go 0.00% <ø> (ø)
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch from 669006f to a978d6a Compare April 7, 2026 21:34
@renovate renovate Bot changed the title chore(deps): update docker/login-action action to v4.1.0 fix(deps): update all non-major dependencies Apr 7, 2026
@renovate

renovate Bot commented Apr 7, 2026

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 59 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.26.1 -> 1.26.3
github.com/adhocore/gronx v1.19.6 -> v1.20.0
github.com/alicebob/miniredis/v2 v2.37.0 -> v2.38.0
github.com/bytedance/gopkg v0.1.3 -> v0.1.4
github.com/bytedance/sonic v1.15.0 -> v1.15.1
github.com/bytedance/sonic/loader v0.5.0 -> v0.5.1
github.com/cloudwego/base64x v0.1.6 -> v0.1.7
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 -> v4.4.1
github.com/docker/go-connections v0.6.0 -> v0.7.0
github.com/emicklei/go-restful/v3 v3.12.2 -> v3.13.0
github.com/fatih/color v1.16.0 -> v1.19.0
github.com/gin-contrib/sse v1.1.0 -> v1.1.1
github.com/go-playground/validator/v10 v10.30.1 -> v10.30.2
github.com/goccy/go-json v0.10.5 -> v0.10.6
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 -> v2.29.0
github.com/invopop/jsonschema v0.13.0 -> v0.14.0
github.com/jackc/pgx/v5 v5.7.6 -> v5.9.2
github.com/klauspost/compress v1.18.2 -> v1.18.6
github.com/lestrrat-go/httprc/v3 v3.0.2 -> v3.0.5
github.com/lestrrat-go/jwx/v3 v3.0.13 -> v3.1.1
github.com/lib/pq v1.12.1 -> v1.12.3
github.com/lucasb-eyer/go-colorful v1.2.0 -> v1.4.0
github.com/mattn/go-colorable v0.1.13 -> v0.1.14
github.com/mattn/go-isatty v0.0.20 -> v0.0.22
github.com/mattn/go-runewidth v0.0.13 -> v0.0.23
github.com/minio/minio-go/v7 v7.0.99 -> v7.2.0
github.com/moby/moby/api v1.54.0 -> v1.55.0
github.com/moby/moby/client v0.3.0 -> v0.5.0
github.com/pelletier/go-toml/v2 v2.2.4 -> v2.3.1
github.com/quic-go/quic-go v0.59.0 -> v0.59.1
github.com/redis/go-redis/v9 v9.18.0 -> v9.20.0
github.com/spf13/pflag v1.0.9 -> v1.0.10
go.mongodb.org/mongo-driver/v2 v2.5.0 -> v2.6.0
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.67.0 -> v0.69.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 -> v0.69.0
go.opentelemetry.io/otel v1.42.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.42.0 -> v1.44.0
go.opentelemetry.io/otel/metric v1.42.0 -> v1.44.0
go.opentelemetry.io/otel/sdk v1.42.0 -> v1.44.0
go.opentelemetry.io/otel/trace v1.42.0 -> v1.44.0
go.opentelemetry.io/proto/otlp v1.9.0 -> v1.10.0
go.starlark.net v0.0.0-20260326113308-fadfc96def35 -> v0.0.0-20260522144826-ec58d4b459e2
golang.org/x/arch v0.24.0 -> v0.27.0
golang.org/x/crypto v0.49.0 -> v0.52.0
golang.org/x/net v0.51.0 -> v0.55.0
golang.org/x/sync v0.20.0 -> v0.21.0
golang.org/x/sys v0.42.0 -> v0.46.0
golang.org/x/text v0.35.0 -> v0.37.0
google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 -> v0.0.0-20260526163538-3dc84a4a5aaa
google.golang.org/genproto/googleapis/rpc v0.0.0-20260209200024-4cfbd4190f57 -> v0.0.0-20260526163538-3dc84a4a5aaa
google.golang.org/grpc v1.79.3 -> v1.81.1
google.golang.org/protobuf v1.36.11 -> v1.36.12-0.20260120151049-f2248ac996af
k8s.io/api v0.35.3 -> v0.36.2
k8s.io/apimachinery v0.35.3 -> v0.36.2
k8s.io/client-go v0.35.3 -> v0.36.2
k8s.io/klog/v2 v2.130.1 -> v2.140.0
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 -> v0.0.0-20260317180543-43fb72c5454a
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 -> v0.0.0-20260210185600-b8788abfbbc2
sigs.k8s.io/structured-merge-diff/v6 v6.3.0 -> v6.3.2

@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from eb973f2 to 217d25e Compare April 16, 2026 08:57
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 2 times, most recently from 0405e11 to c60db64 Compare April 18, 2026 00:55
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from a76f618 to e0616a7 Compare May 1, 2026 18:58
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 423d5e2 to fdebfb7 Compare May 13, 2026 18:26
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 275b42d to caba379 Compare May 21, 2026 16:54
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from 083afdf to e0893fa Compare May 29, 2026 01:54
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 2 times, most recently from b503420 to afbd1d4 Compare June 2, 2026 18:04
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 8 times, most recently from 6861dd4 to c528426 Compare June 10, 2026 23:32
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 4 times, most recently from e2c70f0 to 204a5ab Compare June 17, 2026 05:38
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch 3 times, most recently from 95ff368 to 7d7eb35 Compare June 28, 2026 13:37
@renovate renovate Bot force-pushed the renovate/all-minor-patch-digest-pin branch from 7d7eb35 to 913ccba Compare June 30, 2026 17:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Indicates a change to dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants