Skip to content

fix(deps): update go dependencies #476

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate-sh-app wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix(deps): update go dependencies #476

renovate-sh-app wants to merge 3 commits into from
+144 −124

Conversation

@renovate-sh-app
Copy link
Contributor

@renovate-sh-app renovate-sh-app bot commented Dec 11, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
github.com/google/osv-scanner/v2 v2.2.4 -> v2.3.0 age confidence require minor v2.3.1
github.com/hashicorp/go-version v1.7.0 -> v1.8.0 age confidence require minor
go (source) 1.25.4 -> 1.25.5 age confidence toolchain patch
golang.org/x/mod v0.29.0 -> v0.30.0 age confidence require minor v0.31.0
google.golang.org/api v0.255.0 -> v0.257.0 age confidence require minor v0.258.0

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

google/osv-scanner (github.com/google/osv-scanner/v2)

v2.3.0

Compare Source

This release migrates to the new osv.dev and osv-schema proto bindings for its internal data models (#​2328). This is primarily an internal change and should not impact users.

Features:
Fixes:
hashicorp/go-version (github.com/hashicorp/go-version)

v1.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: hashicorp/go-version@v1.7.0...v1.8.0

golang/go (go)

v1.25.5

googleapis/google-api-go-client (google.golang.org/api)

v0.257.0

Compare Source

Features

v0.256.0

Compare Source

Features

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

Need help?

You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section.

@renovate-sh-app renovate-sh-app bot requested review from a team as code owners December 11, 2025 17:53
@renovate-sh-app renovate-sh-app bot requested a review from Ukochka December 11, 2025 17:53
@grafana-plugins-platform-bot grafana-plugins-platform-bot bot moved this from 📬 Triage to 🔬 In review in Plugins Platform / Grafana Community Dec 11, 2025
@renovate-sh-app renovate-sh-app bot force-pushed the renovate/go-dependencies branch from 9a76e46 to 2f9bdc1 Compare December 16, 2025 02:23
@renovate-sh-app
Copy link
Contributor Author

renovate-sh-app bot commented Dec 16, 2025
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 21 additional dependencies were updated

Details:

Package Change
github.com/ossf/osv-schema/bindings/go v0.0.0-20251012234424-434020c6442f -> v0.0.0-20251112210320-9fb6c8870ac1
github.com/ianlancetaylor/demangle v0.0.0-20250628045327-2d64ad6b7ec5 -> v0.0.0-20251114061303-68c556c8ce09
github.com/jedib0t/go-pretty/v6 v6.6.8 -> v6.7.2
deps.dev/api/v3 v3.0.0-20250917073939-6ff3dd7d2eea -> v3.0.0-20251104021112-20ad94767ddf
deps.dev/api/v3alpha v0.0.0-20250903005441-604c45d5b44b -> v0.0.0-20251104021112-20ad94767ddf
deps.dev/util/maven v0.0.0-20250917073939-6ff3dd7d2eea -> v0.0.0-20251104021112-20ad94767ddf
deps.dev/util/resolve v0.0.0-20250917073939-6ff3dd7d2eea -> v0.0.0-20251104021112-20ad94767ddf
deps.dev/util/semver v0.0.0-20250917073939-6ff3dd7d2eea -> v0.0.0-20251104021112-20ad94767ddf
github.com/google/osv-scalibr v0.3.7-0.20251023161426-90e9ac9cc1b3 -> v0.3.7-0.20251118161533-ed0917ecede1
github.com/googleapis/enterprise-certificate-proxy v0.3.6 -> v0.3.7
github.com/owenrumney/go-sarif/v3 v3.2.3 -> v3.3.0
go.opentelemetry.io/auto/sdk v1.1.0 -> v1.2.1
go.opentelemetry.io/otel v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/metric v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/trace v1.37.0 -> v1.38.0
golang.org/x/oauth2 v0.32.0 -> v0.33.0
google.golang.org/genproto/googleapis/api v0.0.0-20250804133106-a7a43d27e69b -> v0.0.0-20251111163417-95abcf5c77ba
google.golang.org/genproto/googleapis/rpc v0.0.0-20251029180050-ab9386a59fda -> v0.0.0-20251124214823-79d6a2a48846
google.golang.org/grpc v1.76.0 -> v1.77.0
osv.dev/bindings/go v0.0.0-20251013010847-b847e93bd9b0 -> v0.0.0-20251114023950-43ef4fb673ff
sigs.k8s.io/yaml v1.5.0 -> v1.6.0

@renovate-sh-app renovate-sh-app bot force-pushed the renovate/go-dependencies branch from 2f9bdc1 to 8722d2d Compare December 16, 2025 23:32
@renovate-sh-app
fix(deps): update go dependencies
0ba70ee 
| datasource     | package                          | from     | to       |
| -------------- | -------------------------------- | -------- | -------- |
| go             | github.com/google/osv-scanner/v2 | v2.2.4   | v2.3.0   |
| go             | github.com/hashicorp/go-version  | v1.7.0   | v1.8.0   |
| golang-version | go                               | 1.25.4   | 1.25.5   |
| go             | golang.org/x/mod                 | v0.29.0  | v0.30.0  |
| go             | google.golang.org/api            | v0.255.0 | v0.257.0 |


Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com>
@renovate-sh-app renovate-sh-app bot force-pushed the renovate/go-dependencies branch from 8722d2d to 0ba70ee Compare December 18, 2025 14:25
@renovate-sh-app
Copy link
Contributor Author

renovate-sh-app bot commented Dec 19, 2025

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ukochka Ukochka Awaiting requested review from Ukochka Ukochka is a code owner automatically assigned from grafana/plugins-platform-frontend

@wbrowne wbrowne Awaiting requested review from wbrowne wbrowne is a code owner automatically assigned from grafana/plugins-platform-backend

@oshirohugo oshirohugo Awaiting requested review from oshirohugo oshirohugo is a code owner automatically assigned from grafana/plugins-platform-backend

@xnyo xnyo Awaiting requested review from xnyo xnyo is a code owner automatically assigned from grafana/plugins-platform-backend

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

update-minor update-patch

Projects

Plugins Platform / Grafana Community
Status: 🔬 In review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@academo