From c086cd65e2432e9f2bbcee0b4e122ff2afaae060 Mon Sep 17 00:00:00 2001 From: paketo-bot Date: Mon, 8 Jul 2024 04:55:19 +0000 Subject: [PATCH 1/5] Updates go mod toolchain version to 1.22.5 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 6f9fef0f..240ade43 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/paketo-buildpacks/php-dist go 1.21 -toolchain go1.22.4 +toolchain go1.22.5 require ( github.com/BurntSushi/toml v1.4.0 From a2875d7b41d513bb5b0ece4e7b74323651997543 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jul 2024 21:54:43 +0000 Subject: [PATCH 2/5] Bump google.golang.org/grpc from 1.64.0 to 1.64.1 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.64.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.64.0...v1.64.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 240ade43..0c919249 100644 --- a/go.mod +++ b/go.mod @@ -148,7 +148,7 @@ require ( golang.org/x/text v0.16.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237 // indirect - google.golang.org/grpc v1.64.0 // indirect + google.golang.org/grpc v1.64.1 // indirect google.golang.org/protobuf v1.34.2 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 9f5ba9a8..33b7f98c 100644 --- a/go.sum +++ b/go.sum @@ -4482,8 +4482,8 @@ google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsA google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY= google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.54.0/go.mod h1:PUSEXI6iWghWaB6lXM4knEgpJNu2qUcKfDtNci3EC2g= -google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= -google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= +google.golang.org/grpc v1.64.1 h1:LKtvyfbX3UGVPFcGqJ9ItpVWW6oN/2XqTxfAnwRRXiA= +google.golang.org/grpc v1.64.1/go.mod h1:hiQF4LFZelK2WKaP6W0L92zGHtiQdZxk8CrSdvyjeP0= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.2.0/go.mod h1:DNq5QpG7LJqD2AamLZ7zvKE0DEpVl2BSEVjFycAAjRY= google.golang.org/grpc/examples v0.0.0-20201130180447-c456688b1860/go.mod h1:Ly7ZA/ARzg8fnPU9TyZIxoz33sEUuWX7txiqs8lPTgE= From 1ec51dad5f902b84dfafc2ad81cd47fa73fa9962 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 2 Aug 2024 01:57:00 +0000 Subject: [PATCH 3/5] Bump rexml in /dependency/actions/compile/binary-builder/cflinuxfs4 Bumps [rexml](https://github.com/ruby/rexml) from 3.2.8 to 3.3.3. - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.2.8...v3.3.3) --- updated-dependencies: - dependency-name: rexml dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../actions/compile/binary-builder/cflinuxfs4/Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock b/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock index a0430235..c99e77af 100644 --- a/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock +++ b/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock @@ -15,8 +15,8 @@ GEM method_source (~> 1.0) rainbow (3.1.1) regexp_parser (2.5.0) - rexml (3.2.8) - strscan (>= 3.0.9) + rexml (3.3.3) + strscan rspec (3.11.0) rspec-core (~> 3.11.0) rspec-expectations (~> 3.11.0) From d7e7de6e36d8a75f31bf580a2adbcc98d7a16df3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 20:49:19 +0000 Subject: [PATCH 4/5] Bump rexml in /dependency/actions/compile/binary-builder/cflinuxfs4 Bumps [rexml](https://github.com/ruby/rexml) from 3.3.3 to 3.3.6. - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.3...v3.3.6) --- updated-dependencies: - dependency-name: rexml dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../actions/compile/binary-builder/cflinuxfs4/Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock b/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock index c99e77af..6487eecd 100644 --- a/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock +++ b/dependency/actions/compile/binary-builder/cflinuxfs4/Gemfile.lock @@ -15,7 +15,7 @@ GEM method_source (~> 1.0) rainbow (3.1.1) regexp_parser (2.5.0) - rexml (3.3.3) + rexml (3.3.6) strscan rspec (3.11.0) rspec-core (~> 3.11.0) From 33d01b957741ac516a0338fe7a3fe0bf78aefebc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Sep 2024 22:42:46 +0000 Subject: [PATCH 5/5] Bump actions/download-artifact from 3 to 4.1.7 in /.github/workflows Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.1.7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v3...v4.1.7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- .github/workflows/update-dependencies-from-metadata.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-dependencies-from-metadata.yml b/.github/workflows/update-dependencies-from-metadata.yml index fc7008a0..7154fe6d 100644 --- a/.github/workflows/update-dependencies-from-metadata.yml +++ b/.github/workflows/update-dependencies-from-metadata.yml @@ -211,7 +211,7 @@ jobs: uses: actions/checkout@v3 - name: Download artifact files - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4.1.7 with: name: '${{ needs.retrieve.outputs.id }}-${{ matrix.includes.version }}-${{ matrix.includes.target }}' @@ -241,7 +241,7 @@ jobs: run: echo "checksum=$(cat ${{ steps.get-file-names.outputs.checksum-file }})" >> "$GITHUB_OUTPUT" - name: Download metadata.json - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4.1.7 with: name: metadata.json @@ -290,7 +290,7 @@ jobs: echo "outputdir=$(mktemp -d)" >> "$GITHUB_OUTPUT" - name: Download metadata.json - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4.1.7 with: name: metadata.json path: "${{ steps.make-outputdir.outputs.outputdir }}"