Skip to content

Bump the "backend" group with 1 update across multiple ecosystems#4762

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/backend-fc0fec1afd
Open

Bump the "backend" group with 1 update across multiple ecosystems#4762
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/backend-fc0fec1afd

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Bumps the backend group with 12 updates:

Package From To
github.com/aquasecurity/trivy 0.69.3 0.69.4
github.com/go-git/go-git/v5 5.17.0 5.17.2
github.com/google/go-containerregistry 0.21.2 0.21.3
github.com/open-policy-agent/opa 1.14.0 1.15.1
github.com/operator-framework/api 0.41.0 0.42.0
github.com/rs/zerolog 1.34.0 1.35.0
github.com/tektoncd/pipeline 1.10.0 1.11.0
golang.org/x/crypto 0.48.0 0.49.0
golang.org/x/oauth2 0.35.0 0.36.0
golang.org/x/text 0.34.0 0.35.0
google.golang.org/api 0.269.0 0.273.1
helm.sh/helm/v3 3.20.0 3.20.1

Updates github.com/aquasecurity/trivy from 0.69.3 to 0.69.4

Commits

Updates github.com/go-git/go-git/v5 from 5.17.0 to 5.17.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.17.2

What's Changed

⚠️ This release fixes a bug (go-git/go-git#1942) that blocked some users from upgrading to v5.17.1. Thanks @​pskrbasu for reporting it. 🙇

Full Changelog: go-git/go-git@v5.17.1...v5.17.2

v5.17.1

What's Changed

Full Changelog: go-git/go-git@v5.17.0...v5.17.1

Commits
  • 45ae193 Merge pull request #1944 from go-git/fix-perms
  • fda4f74 storage: filesystem/dotgit, Skip writing pack files that already exist on disk
  • 2212dc7 Merge pull request #1941 from go-git/renovate/releases/v5.x-go-gitlite.zycloud.tk-go-...
  • ebb2d7d build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY]
  • 5e23dfd Merge pull request #1937 from pjbgf/idx-v5
  • 6b38a32 Merge pull request #1935 from pjbgf/index-v5
  • cd757fc plumbing: format/idxfile, Fix version and fanout checks
  • 3ec0d70 plumbing: format/index, Fix tree extension invalidated entry parsing
  • dbe10b6 plumbing: format/index, Align V2/V3 long name and V4 prefix encoding with Git
  • e9b65df plumbing: format/index, Improve v4 entry name validation
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.2 to 0.21.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.3

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.21.2...v0.21.3

Commits
  • 3888fb8 bump golang to 1.25.7 (#2236)
  • f439624 tarball: detect symlink cycles in extractFileFromTar (#2232)
  • 400c263 mutate: reject path traversal and symlink escape in Extract (#2227)
  • 47eedc9 Bump goreleaser/goreleaser-action in the actions group (#2220)
  • be0a845 Bump the go-deps group across 4 directories with 7 updates (#2233)
  • e916301 migrate to github.com/moby/moby modules (#2228)
  • 8b2478e Adds local file support to the crane index subcommand (#2223)
  • See full diff in compare view

Updates github.com/open-policy-agent/opa from 1.14.0 to 1.15.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.15.1

This patch release fixes a backwards-incompatible change in the v1/logging.Logger interface that inadvertently made it into Release v1.15.0. When using OPA as Go module, and when providing custom Logger implementations, this change would break your build.

[!TIP] Users of the binaries or Docker images can ignore this, the code is otherwise the same as v1.15.0.

Miscellaneous

  • logging: make WithContext() optional (authored by @​srenatus)

v1.15.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • Add logger plugin interface and file logger implementation with log rotation
  • Custom HTTPAuthPlugin behavior change, all per-request authentication logic must be moved from NewClient() to Prepare()
  • AWS signing supports for web identity for assume role credentials

Logger Plugin Support (#8434) (authored by @​srenatus)

OPA now supports pluggable logging implementations via the logger plugin interface, which is based on Go's standard log/slog.Handler interface. This allows any slog.Handler implementation to be used as a logger plugin. Loggers can be configured via the server.logger_plugin configuration option and used for both runtime logging and decision logs. OPA includes a built-in file logger plugin (file_logger) that writes structured JSON logs with rotation support using lumberjack. Users can also implement and register custom logger plugins when building OPA.

Example configuration for server logging:

server:
  logger_plugin: file_logger
plugins:
file_logger:
path: /var/log/opa/server.log
max_size_mb: 100
max_age_days: 28
max_backups: 3
compress: true
level: info

Example configuration for decision logs using the same plugin:

server:
  logger_plugin: file_logger
decision_logs:
plugin: file_logger
plugins:
</tr></table>

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.15.1

This patch release fixes a backwards-incompatible change in the v1/logging.Logger interface that inadvertently made it into Release v1.15.0. When using OPA as Go module, and when providing custom Logger implementations, this change would break your build.

Users of the binaries or Docker images can ignore this, the code is otherwise the same as v1.15.0. Miscellaneous

logging: make WithContext() optional (authored by @srenatus)

1.15.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • Add logger plugin interface and file logger implementation with log rotation
  • Custom HTTPAuthPlugin behavior change, all per-request authentication logic must be moved from NewClient() to Prepare()
  • AWS signing supports for web identity for assume role credentials

Logger Plugin Support (#8434) (authored by @​srenatus)

OPA now supports pluggable logging implementations via the logger plugin interface, which is based on Go's standard log/slog.Handler interface. This allows any slog.Handler implementation to be used as a logger plugin. Loggers can be configured via the server.logger_plugin configuration option and used for both runtime logging and decision logs. OPA includes a built-in file logger plugin (file_logger) that writes structured JSON logs with rotation support using lumberjack. Users can also implement and register custom logger plugins when building OPA.

Example configuration for server logging:

server:
  logger_plugin: file_logger
plugins:
file_logger:
path: /var/log/opa/server.log
max_size_mb: 100
max_age_days: 28
max_backups: 3
compress: true
level: info

Example configuration for decision logs using the same plugin:

server:
  logger_plugin: file_logger
decision_logs:
plugin: file_logger
plugins:
</tr></table>

... (truncated)

Commits
  • 2120bd8 Patch v1.15.1
  • 251ba9d logging: make WithContext() optional
  • f9e7302 Prepare v1.15.0 release (#8446)
  • d0041c6 runtime+server: logger plugins (#8434)
  • 8954525 build(deps): bump picomatch from 2.3.1 to 2.3.2 in /docs (#8443)
  • 39a4c0e optimized bundles: filter metadata comments properly (#8388)
  • 9fd6f93 build(deps): bump the gha-dependencies group with 5 updates (#8440)
  • 01814e9 docs: Update KubeCon event listing (#8439)
  • 857457b build(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /e2e
  • 908ac78 build(deps): bump flatted from 3.4.1 to 3.4.2 in /docs
  • Additional commits viewable in compare view

Updates github.com/operator-framework/api from 0.41.0 to 0.42.0

Release notes

Sourced from github.com/operator-framework/api's releases.

v0.42.0

What's Changed

Full Changelog: operator-framework/api@v0.41.0...v0.42.0

Commits
  • 3b53b73 Bump the k8s-dependencies group with 4 updates (#482)
  • aae9a89 Bump google.golang.org/grpc from 1.78.0 to 1.79.3 (#481)
  • 2b3f088 Bump sigs.k8s.io/controller-runtime in the k8s-dependencies group (#480)
  • 8653fda Bump the k8s-dependencies group with 4 updates (#479)
  • See full diff in compare view

Updates github.com/rs/zerolog from 1.34.0 to 1.35.0

Commits
  • 1396655 Bump CI Go matrix minimum from 1.21 to 1.23
  • 4b65a2f Bump actions/cache from 4 to 5 (#741)
  • b835796 Bump actions/setup-go from 5 to 6 (#742)
  • 134caf8 Added sanitization of journald keys (#751)
  • e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
  • 82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
  • 2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
  • d64c9a7 Add slog.Handler implementation for zerolog (#755)
  • a0d61dc fix: return dict to Event pool (#749)
  • f6fbd33 Test coverage improvements (#748)
  • Additional commits viewable in compare view

Updates github.com/tektoncd/pipeline from 1.10.0 to 1.11.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v1.11.0 "Javanese Jocasta"

🎉 🐱 TaskRun pending parity, multiple Git credentials, and PVC auto-cleanup 🤖 🎉

-Docs @ v1.11.0 -Examples @ v1.11.0

Installation one-liner

kubectl apply -f https://infra.tekton.dev/tekton-releases/pipeline/previous/v1.11.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677ae7cc1db0d04d478cc74a86ca458747f1ca41fe102d4ec5f14a6f8ec59c48facd

Obtain the attestation:

REKOR_UUID=108e9186e8c5677ae7cc1db0d04d478cc74a86ca458747f1ca41fe102d4ec5f14a6f8ec59c48facd
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://infra.tekton.dev/tekton-releases/pipeline/previous/v1.11.0/release.yaml
REKOR_UUID=108e9186e8c5677ae7cc1db0d04d478cc74a86ca458747f1ca41fe102d4ec5f14a6f8ec59c48facd
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v1.11.0@sha256:" + .digest.sha256')
Download the release file
curl -L "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ feat(webhook): Bump knative.dev/pkg to enable centrally managed WEBHOOK_* TLS for the webhook (#9466)

Bump knative.dev/pkg to enable centralized WEBHOOK_* TLS configuration for the webhook (min/max version, cipher suites, curves).

... (truncated)

Commits
  • 383d57b Fix: Add SSH Host aliases to support multiple SSH credentials on same host
  • 2530f24 Add multi-URL support and per-resolution url param to Hub Resolver
  • 0e9378b feat: add optional PVC auto-cleanup annotation for workspaces mode
  • 6d461ee fix: use os.IsExist instead of errors.Is per review feedback
  • 4b8046e fix: handle os.Remove errors and add init idempotency test
  • bc5524c fix: make step-init symlink creation idempotent
  • 1b4a945 ci: fix remaining zizmor findings (permissions, injection, actions)
  • 2ba1b9f ci: add zizmor GitHub Actions security analysis
  • 96c066b ci: fix GitHub Actions security issues found by zizmor
  • 291fdd6 tests: add pending TaskRun lifecycle transition coverage
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.48.0 to 0.49.0

Commits
  • 982eaa6 go.mod: update golang.org/x dependencies
  • 159944f ssh,acme: clean up tautological/impossible nil conditions
  • a408498 acme: only require prompt if server has terms of service
  • cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
  • 2f26647 x509roots/fallback: update bundle
  • See full diff in compare view

Updates golang.org/x/oauth2 from 0.35.0 to 0.36.0

Commits
  • 4d954e6 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates golang.org/x/text from 0.34.0 to 0.35.0

Commits
  • 7ca2c6d go.mod: update golang.org/x dependencies
  • 73d1ba9 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates google.golang.org/api from 0.269.0 to 0.273.1

Release notes

Sourced from google.golang.org/api's releases.

v0.273.1

0.273.1 (2026-03-31)

Bug Fixes

  • Merge duplicate x-goog-request-params header (#3547) (2008108)

v0.273.0

0.273.0 (2026-03-23)

Features

v0.272.0

0.272.0 (2026-03-16)

Features

v0.271.0

0.271.0 (2026-03-10)

Features

v0.270.0

0.270.0 (2026-03-08)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.273.1 (2026-03-31)

Bug Fixes

  • Merge duplicate x-goog-request-params header (#3547) (2008108)

0.273.0 (2026-03-23)

Features

0.272.0 (2026-03-16)

Features

0.271.0 (2026-03-10)

Features

0.270.0 (2026-03-08)

Features

... (truncated)

Commits

Updates helm.sh/helm/v3 from 3.20.0 to 3.20.1

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.20.1 is a patch release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • Backport of #31644: Fixed a bug where user-provided nil value was not preserved when chart has an empty map or no default for a key
  • Backport of #31601: Fixed a bug where OCI references with tag+digest failed with "invalid byte" error

Installation and Upgrading

Download Helm v3.20.1. The common platform binaries are here:

This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at @​scottrigby keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 4.2.0 and 3.21.0 are the next minor releases and will be on May 13, 2026
  • 4.1.4 and 3.20.2 are the next patch releases and will be on April 8, 2026

Changelog

  • chore(deps): bump the k8s-io group with 7 updates a2369ca71c0ef633bf6e4fccd66d634eb379b371 (dependabot[bot])
  • add image index test 90e10564f7ae746a153f3a03006e7061a54ad490 (Pedro Tôrres)
  • fix pulling charts from OCI indices 911f2e908ae40b01ca95b857e94b8894043f64fd (Pedro Tôrres)
  • Remove refactorring changes from coalesce_test.go 76dad33fb1a2b6451920429b4f5f2dd575ea71bb (Evans Mungai)
  • Fix import 45c12f71407b6054a37d3e425d5293ee79a1ab37 (Evans Mungai)
  • Update pkg/chart/common/util/coalesce_test.go 26c6f19f967941dbe53bfb5e52d419b3b3e46075 (Evans Mungai)
  • Fix lint warning 09f5129d49a14c9336cea6f33adf5f52889915ef (Evans Mungai)
  • Preserve nil values in chart already 417deb2b6b7504357b0f580b76f5eed1bb8a5270 (Evans Mungai)

... (truncated)

Commits
  • a2369ca chore(deps): bump the k8s-io group with 7 updates
  • 90e1056 add image index test
  • 911f2e9 fix pulling charts from OCI indices
  • 76dad33 Remove refactorring changes from coalesce_test.go
  • 45c12f7 Fix import
  • 26c6f19 Update pkg/chart/common/util/coalesce_test.go
  • 09f5129 Fix lint warning
  • 417deb2 Preserve nil values in chart already
  • 5417bfa fix(values): preserve nil values when chart default is empty map
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the backend group with 12 updates
94f0566 
Bumps the backend group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.69.3` | `0.69.4` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.17.0` | `5.17.2` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.2` | `0.21.3` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.14.0` | `1.15.1` |
| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.41.0` | `0.42.0` |
| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.34.0` | `1.35.0` |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `1.10.0` | `1.11.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.48.0` | `0.49.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.35.0` | `0.36.0` |
| [golang.org/x/text](https://github.com/golang/text) | `0.34.0` | `0.35.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.269.0` | `0.273.1` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.20.0` | `3.20.1` |


Updates `github.com/aquasecurity/trivy` from 0.69.3 to 0.69.4
- [Release notes](https://github.com/aquasecurity/trivy/releases)
- [Changelog](https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aquasecurity/trivy/commits)

Updates `github.com/go-git/go-git/v5` from 5.17.0 to 5.17.2
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.17.0...v5.17.2)

Updates `github.com/google/go-containerregistry` from 0.21.2 to 0.21.3
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.2...v0.21.3)

Updates `github.com/open-policy-agent/opa` from 1.14.0 to 1.15.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.14.0...v1.15.1)

Updates `github.com/operator-framework/api` from 0.41.0 to 0.42.0
- [Release notes](https://github.com/operator-framework/api/releases)
- [Changelog](https://github.com/operator-framework/api/blob/master/RELEASE.md)
- [Commits](operator-framework/api@v0.41.0...v0.42.0)

Updates `github.com/rs/zerolog` from 1.34.0 to 1.35.0
- [Commits](rs/zerolog@v1.34.0...v1.35.0)

Updates `github.com/tektoncd/pipeline` from 1.10.0 to 1.11.0
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v1.10.0...v1.11.0)

Updates `golang.org/x/crypto` from 0.48.0 to 0.49.0
- [Commits](golang/crypto@v0.48.0...v0.49.0)

Updates `golang.org/x/oauth2` from 0.35.0 to 0.36.0
- [Commits](golang/oauth2@v0.35.0...v0.36.0)

Updates `golang.org/x/text` from 0.34.0 to 0.35.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.34.0...v0.35.0)

Updates `google.golang.org/api` from 0.269.0 to 0.273.1
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.269.0...v0.273.1)

Updates `helm.sh/helm/v3` from 3.20.0 to 3.20.1
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.20.0...v3.20.1)

---
updated-dependencies:
- dependency-name: github.com/aquasecurity/trivy
  dependency-version: 0.69.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.15.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/operator-framework/api
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/rs/zerolog
  dependency-version: 1.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: github.com/tektoncd/pipeline
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: golang.org/x/crypto
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: golang.org/x/text
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: google.golang.org/api
  dependency-version: 0.273.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: backend
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: backend
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants