Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc.6 #3991

Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc.6 #3991

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 30, 2024
edited
Loading

Bumps github.com/opencontainers/image-spec from 1.1.0-rc5 to 1.1.0-rc.6.

Release notes

Sourced from github.com/opencontainers/image-spec's releases.

v1.1.0-rc.6

Vote passed [+6 -0] - https://groups.google.com/a/opencontainers.org/g/dev/c/HOxZlfhr9-o

For changeset and diff please see - opencontainers/image-spec#1157

(Note: this is a duplicate of the v1.1.0-rc6 release for historical and semver reasons.)

v1.1.0-rc6

Vote passed [+6 -0] - https://groups.google.com/a/opencontainers.org/g/dev/c/HOxZlfhr9-o

For changeset and diff please see - opencontainers/image-spec#1157

Commits
  • 6c2b5fa version: release v1.1.0-rc6
  • 56fb783 Merge pull request #1107 from sudo-bmitch/pr-release-notice
  • a6d741a Merge pull request #1148 from dejanu/update_oci_implementations
  • 53d9855 new section for projects no longer maintained
  • ceeb2eb Merge pull request #1114 from sudo-bmitch/pr-go-1.21
  • 90f826d Merge pull request #1133 from sudo-bmitch/pr-gotoolchain
  • 162a9c8 Merge pull request #1146 from ardabbour/patch-1
  • b391bc0 fix: SPDX licenses URL
  • dd66b54 Test older versions of Go with toolchain=local
  • 93f6e65 Makefile: remove stray trailing space (#1126)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jan 30, 2024
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 30, 2024

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a crc-org member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Jan 30, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign praveenkumar for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc.6 branch from c345198 to 16f594d Compare January 30, 2024 07:53
@openshift-merge-robot
Copy link
Contributor

rebase

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dependabot
build(deps): bump github.com/opencontainers/image-spec
2a87810 
Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc5 to 1.1.0-rc.6.
- [Release notes](https://github.com/opencontainers/image-spec/releases)
- [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md)
- [Commits](opencontainers/image-spec@v1.1.0-rc5...v1.1.0-rc6)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/image-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc.6 branch from 16f594d to 2a87810 Compare January 30, 2024 07:55
@cfergeau
Copy link
Contributor

Unexpected that this one comes with a bunch of downgrades:

-	github.com/containers/image/v5 v5.29.1
+	github.com/containers/image/v5 v5.22.1

-	github.com/google/go-containerregistry v0.16.1 // indirect
+	github.com/google/go-containerregistry v0.11.0 // indirect

-	github.com/sigstore/sigstore v1.7.5 // indirect
+	github.com/sigstore/sigstore v1.4.4 // indirect

-	github.com/vbauerster/mpb/v8 v8.6.2 // indirect
+	github.com/vbauerster/mpb/v7 v7.4.2 // indirect

@cfergeau
Copy link
Contributor

After this PR, changing github.com/containers/image/v5 back to v5.29.1 downgrades github.com/opencontainers/image-spec to 1.1.0-rc5. Imo we can stick to 1.1.0-rc5 for now, and upgrade it when github.com/containers/image/v5 upgrades it.

@cfergeau
Copy link
Contributor

@dependabot ignore this minor version

@dependabot dependabot bot closed this Jan 30, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 30, 2024

OK, I won't notify you about version 1.1.x again, unless you re-open this PR.

@dependabot dependabot bot deleted the dependabot/go_modules/github.com/opencontainers/image-spec-1.1.0-rc.6 branch January 30, 2024 09:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfergeau cfergeau Awaiting requested review from cfergeau

@evidolob evidolob Awaiting requested review from evidolob

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code needs-ok-to-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@openshift-merge-robot @cfergeau