From f48ca8450405bf4981c17d8bb4b8f029922bd6f0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 19 May 2026 02:00:58 +0000 Subject: [PATCH] build(deps): bump the chainguard group with 3 updates Bumps the chainguard group with 3 updates: [chainguard.dev/apko](https://github.com/chainguard-dev/apko), [chainguard.dev/melange](https://github.com/chainguard-dev/melange) and [github.com/chainguard-dev/yam](https://github.com/chainguard-dev/yam). Updates `chainguard.dev/apko` from 1.2.12 to 1.2.13 - [Release notes](https://github.com/chainguard-dev/apko/releases) - [Changelog](https://github.com/chainguard-dev/apko/blob/main/NEWS.md) - [Commits](https://github.com/chainguard-dev/apko/compare/v1.2.12...v1.2.13) Updates `chainguard.dev/melange` from 0.50.6 to 0.50.7 - [Release notes](https://github.com/chainguard-dev/melange/releases) - [Changelog](https://github.com/chainguard-dev/melange/blob/main/NEWS.md) - [Commits](https://github.com/chainguard-dev/melange/compare/v0.50.6...v0.50.7) Updates `github.com/chainguard-dev/yam` from 0.2.59 to 0.2.60 - [Commits](https://github.com/chainguard-dev/yam/compare/v0.2.59...v0.2.60) --- updated-dependencies: - dependency-name: chainguard.dev/apko dependency-version: 1.2.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard - dependency-name: chainguard.dev/melange dependency-version: 0.50.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard - dependency-name: github.com/chainguard-dev/yam dependency-version: 0.2.60 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: chainguard ... Signed-off-by: dependabot[bot] --- go.mod | 14 +++++++------- go.sum | 24 ++++++++++++------------ 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/go.mod b/go.mod index 012a888f..782d9555 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/wolfi-dev/wolfictl -go 1.26.0 +go 1.26.2 // https://github.com/anchore/grype/blob/v0.80.1/go.mod#L266-L269 // Pull in a fix for an unpatched CVE. mholt/archiver appears inactive/unmaintained. @@ -11,14 +11,14 @@ replace github.com/mholt/archiver/v3 => github.com/anchore/archiver/v3 v3.5.2 replace modernc.org/sqlite v1.33.0 => modernc.org/sqlite v1.32.0 require ( - chainguard.dev/apko v1.2.12 - chainguard.dev/melange v0.50.6 + chainguard.dev/apko v1.2.13 + chainguard.dev/melange v0.50.7 cloud.google.com/go/storage v1.62.1 github.com/adrg/xdg v0.5.3 github.com/anchore/stereoscope v0.1.23 github.com/anchore/syft v1.38.0 github.com/chainguard-dev/clog v1.8.0 - github.com/chainguard-dev/yam v0.2.59 + github.com/chainguard-dev/yam v0.2.60 github.com/charmbracelet/bubbles v1.0.0 github.com/charmbracelet/bubbletea v1.3.10 github.com/charmbracelet/lipgloss v1.1.1-0.20250319133953-166f707985bc @@ -340,7 +340,7 @@ require ( go.opentelemetry.io/otel/sdk v1.43.0 // indirect go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect go.opentelemetry.io/otel/trace v1.43.0 // indirect - go.step.sm/crypto v0.77.9 // indirect + go.step.sm/crypto v0.78.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect @@ -352,13 +352,13 @@ require ( golang.org/x/tools v0.44.0 // indirect golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect gonum.org/v1/gonum v0.17.0 // indirect - google.golang.org/api v0.277.0 // indirect + google.golang.org/api v0.278.0 // indirect google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20260427160629-7cedc36a6bc4 // indirect google.golang.org/grpc v1.80.0 // indirect google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect - gopkg.in/ini.v1 v1.67.1 // indirect + gopkg.in/ini.v1 v1.67.2 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect k8s.io/apimachinery v0.36.0 // indirect k8s.io/klog/v2 v2.140.0 // indirect diff --git a/go.sum b/go.sum index 4d61632f..d55f1ad2 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,11 @@ cel.dev/expr v0.25.1 h1:1KrZg61W6TWSxuNZ37Xy49ps13NUovb66QLprthtwi4= cel.dev/expr v0.25.1/go.mod h1:hrXvqGP6G6gyx8UAHSHJ5RGk//1Oj5nXQ2NI02Nrsg4= -chainguard.dev/apko v1.2.12 h1:eyKCapecoKooohUz5RcLrVPBEELBZsfJLymk0aS2VzA= -chainguard.dev/apko v1.2.12/go.mod h1:C3LEBo8b4Na46BAStpBZGSVD1pLDZBm90EwXXxdYZdU= +chainguard.dev/apko v1.2.13 h1:EUOk+pIMBOoqotUv4we7QjRvYYyRXDBWSfjnzwG9//g= +chainguard.dev/apko v1.2.13/go.mod h1:EV1+6pBZr/Sp827BtHSpO/WIWcL6u4MXG/epQPQnrA8= chainguard.dev/go-grpc-kit v0.17.17 h1:Jwhc0zyUwQbC2hNcsi+YMeUX/JUnM+dXVCkTw6wtPzs= chainguard.dev/go-grpc-kit v0.17.17/go.mod h1:qn0meP6RtrbLicE1bgBZnnVU9dvX95eLs0x0T6kZ+b4= -chainguard.dev/melange v0.50.6 h1:W254bn72eVdJpjltON8VEemz3lPX0WxctoK6nn9AeV4= -chainguard.dev/melange v0.50.6/go.mod h1:AvH8cjA1BiLOoOdvMCuDTZEkNVLU+tXURQ9tPHfGjvQ= +chainguard.dev/melange v0.50.7 h1:ti2b70PPeJkd0ckc46BOqZfwvgS+hfYS6/MIR7ieuOs= +chainguard.dev/melange v0.50.7/go.mod h1:3LrIFIoZ5SEaBzSQ2hhueiu9h6uKbSEYv6ny0PNA5cE= chainguard.dev/sdk v0.1.54 h1:xXNB9G0dnMyAjhQ8+vQORa7ns1AlclkhImgCUS7+c7I= chainguard.dev/sdk v0.1.54/go.mod h1:WeUO5MQTgLtK8ZDcguIymeIO0UuVAyie8aOvM6ulth8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= @@ -259,8 +259,8 @@ github.com/chainguard-dev/clog v1.8.0 h1:frlTMEdg3XQR+ioQ6O9i92uigY8GTUcWKpuCFkh github.com/chainguard-dev/clog v1.8.0/go.mod h1:5MQOZi+Iu7fV7GcJG8ag8rCB5elEOpqRMKEASgnGVdo= github.com/chainguard-dev/go-pkgconfig v0.0.0-20240404163941-6351b37b2a10 h1:XR2vgQC024I9/boh9r1ihVv8Z14+pbvWqXeYMCnZJpc= github.com/chainguard-dev/go-pkgconfig v0.0.0-20240404163941-6351b37b2a10/go.mod h1:1p6+MesLcjKeON5BRWa7I87mvAY0QmKjgginIM3w6BI= -github.com/chainguard-dev/yam v0.2.59 h1:278hcNOAk2wg4SCetwi1INbLF2KVmvwlMlQGofCoWy8= -github.com/chainguard-dev/yam v0.2.59/go.mod h1:Sbt8pVO8DbHoVly44oF5gg03NRxl9AhEImOkqGyoQCs= +github.com/chainguard-dev/yam v0.2.60 h1:FegGa6VXKO6vH4eBdesk8bVKg5z5ffpfs6KEgoqO5hY= +github.com/chainguard-dev/yam v0.2.60/go.mod h1:Sbt8pVO8DbHoVly44oF5gg03NRxl9AhEImOkqGyoQCs= github.com/charmbracelet/bubbles v1.0.0 h1:12J8/ak/uCZEMQ6KU7pcfwceyjLlWsDLAxB5fXonfvc= github.com/charmbracelet/bubbles v1.0.0/go.mod h1:9d/Zd5GdnauMI5ivUIVisuEm3ave1XwXtD1ckyV6r3E= github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw= @@ -1130,8 +1130,8 @@ go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLh go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v1.10.0 h1:IQRWgT5srOCYfiWnpqUYz9CVmbO8bFmKcwYxpuCSL2g= go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk= -go.step.sm/crypto v0.77.9 h1:gC/z6/XBlLpq9suHQxbcDS32QSGggpisIZVJr65LDJk= -go.step.sm/crypto v0.77.9/go.mod h1:/5BzDlwYA7C1q6h9OIv0+oR8lbQvK+rTGeBmLLl7hIo= +go.step.sm/crypto v0.78.0 h1:ugXXojffTbq6+inEZFhlJ+emSJmgn+gvnTaMLADivAY= +go.step.sm/crypto v0.78.0/go.mod h1:/5BzDlwYA7C1q6h9OIv0+oR8lbQvK+rTGeBmLLl7hIo= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= @@ -1486,8 +1486,8 @@ google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdr google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= -google.golang.org/api v0.277.0 h1:HJfyJUiNeBBUMai7ez8u14wkp/gH/I4wpGbbO9o+cSk= -google.golang.org/api v0.277.0/go.mod h1:B9TqLBwJqVjp1mtt7WeoQwWRwvu/400y5lETOql+giQ= +google.golang.org/api v0.278.0 h1:W7jiRvRi53VYFfZ/HoZjQBtJk7gOFbHD8ot1RzVZU6E= +google.golang.org/api v0.278.0/go.mod h1:B9TqLBwJqVjp1mtt7WeoQwWRwvu/400y5lETOql+giQ= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1617,8 +1617,8 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntN gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.67.1 h1:tVBILHy0R6e4wkYOn3XmiITt/hEVH4TFMYvAX2Ytz6k= -gopkg.in/ini.v1 v1.67.1/go.mod h1:x/cyOwCgZqOkJoDIJ3c1KNHMo10+nLGAhh+kn3Zizss= +gopkg.in/ini.v1 v1.67.2 h1:JtOSMb9OuaCZKr7h5D/h6iii14sK0hLbplTc6frx4Ss= +gopkg.in/ini.v1 v1.67.2/go.mod h1:x/cyOwCgZqOkJoDIJ3c1KNHMo10+nLGAhh+kn3Zizss= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=