Skip to content

Comments

build(deps): bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.5.0#109

Closed
dependabot[bot] wants to merge 44 commits intomasterfrom
dependabot/go_modules/github.com/coreos/go-oidc/v3-3.5.0
Closed

build(deps): bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.5.0#109
dependabot[bot] wants to merge 44 commits intomasterfrom
dependabot/go_modules/github.com/coreos/go-oidc/v3-3.5.0

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 4, 2023
edited
Loading

Bumps github.com/coreos/go-oidc/v3 from 3.0.0 to 3.5.0.

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.5.0

What's Changed

New Contributors

Full Changelog: coreos/go-oidc@v3.4.0...v3.5.0

v3.4.0

What's Changed

Full Changelog: coreos/go-oidc@v3.3.0...v3.4.0

v3.3.0

What's Changed

New Contributors

Full Changelog: coreos/go-oidc@v3.2.0...v3.3.0

v3.2.0

What's Changed

Full Changelog: coreos/go-oidc@v3.1.0...v3.2.0

v3.1.0

No release notes provided.

Commits
  • a8ceb9a Bump golang.org/x dependencies
  • 151abff *: update go-jose package to latest
  • fb9e009 oidc: add Config.InsecureSkipSignatureCheck
  • 366ac4a *: update go deps to more recent versions
  • 0a04a64 .github/workflows: update to more reasonable Go version
  • e5d768d oidc: don't parse JWT twice
  • 51187a7 oidc: add verifier benchmark and fix up errors.As in test
  • 2cafe18 feat: export token expiration error
  • 26c5037 Merge pull request #337 from ericchiang/static
  • 5011cdf oidc: add StaticKeySet
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot bot and others added 30 commits July 22, 2021 18:53
@dependabot
build(deps): bump helm/kind-action from 1.1.0 to 1.2.0
f669dc4 
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](helm/kind-action@v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@acohen4
Adding an oidcConnector config to decide whether to validate that the…
bf3b81c 
… Connector Callback must contain the same host as the issuer
@acohen4
Merge pull request #10 from pachyderm/acohen4/relax-callback-issuer-u…
a3bf676 
…rl-check-2

Adding an oidcConnector config to decide whether to validate that the Connector Callback must contain the same host as the issuer
@acohen4
pass login_hint to OIDC connector's /auth endpoint in auth_code flow (#…
56fc504 
…12)

* pass login_hint to OIDC connector's /auth endpoint in auth_code flow

* Also pass non-OIDC Standard params that may be used by specific connectors
@armaanv
add offline_access scope to oidc connector
1efa471
@armaanv
add some logging
f73bd86
@armaanv
dont refresh with connector
2060aa2
@armaanv
lint
825fea7
@armaanv
remove offline acess type
31634c5
@armaanv
Revert "lint"
3f72bb8 
This reverts commit 825fea7.
@armaanv
Revert "dont refresh with connector"
6981cae 
This reverts commit 2060aa2.
@armaanv
remove token logs
37923ca
Merge pull request #30 from pachyderm/armaan/offline-access
ebfeda6 
add offline_access scope to oidc connector
@msteffen
Merge pull request #5 from pachyderm/dependabot/github_actions/helm/k…
8b147da 
…ind-action-1.2.0

build(deps): bump helm/kind-action from 1.1.0 to 1.2.0
@dependabot
build(deps): bump golang from 1.16.5-alpine3.13 to 1.17.3-alpine3.13
f7cfc0b 
Bumps golang from 1.16.5-alpine3.13 to 1.17.3-alpine3.13.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump github.com/mattn/go-sqlite3
12cd7b3 
Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.7 to 2.0.3+incompatible.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.7...v2.0.3)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump actions/checkout from 2 to 3
9670608 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump actions/setup-go from 2 to 3
b1ca9c7 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump github/codeql-action from 1 to 2
d4e0ce7 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump docker/build-push-action from 2 to 3
13ebd9a 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v2...v3)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump docker/login-action from 1 to 2
80d8c5f 
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v1...v2)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump alpine from 3.14.0 to 3.16.0
ed5adfe 
Bumps alpine from 3.14.0 to 3.16.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump github.com/spf13/cobra from 1.1.3 to 1.5.0
62b1ba8 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.1.3 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.1.3...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump google.golang.org/api from 0.49.0 to 0.87.0
8a4719c 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.49.0 to 0.87.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.49.0...v0.87.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump google.golang.org/grpc from 1.38.0 to 1.48.0
888209a 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.38.0 to 1.48.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.38.0...v1.48.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
build(deps): bump entgo.io/ent from 0.8.0 to 0.11.1
39241b9 
Bumps [entgo.io/ent](https://github.com/ent/ent) from 0.8.0 to 0.11.1.
- [Release notes](https://github.com/ent/ent/releases)
- [Commits](ent/ent@v0.8.0...v0.11.1)

---
updated-dependencies:
- dependency-name: entgo.io/ent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@robert-uhl
Fix linter, and delint
36fe38e
@robert-uhl
Update entgo && regenerate files
465168c
@robert-uhl
Update & tidy deps
fda1bb5
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/go_modules/github.com…
7efcfd8 
…/mattn/go-sqlite3-2.0.3incompatible' into ruhl/core-873-update-deps
robert-uhl and others added 14 commits July 15, 2022 14:02
@robert-uhl
Correct version of go-sqlite3
9d57fb5
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/github_actions/action…
f301d91 
…s/checkout-3' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/github_actions/action…
5c5f3c1 
…s/setup-go-3' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/github_actions/github…
e3d4268 
…/codeql-action-2' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/github_actions/docker…
e4ec8b4 
…/build-push-action-3' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/github_actions/docker…
336acfb 
…/login-action-2' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/docker/alpine-3.16.0'…
869b29f 
… into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/go_modules/github.com…
784c6b7 
…/spf13/cobra-1.5.0' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/go_modules/google.gol…
cd68836 
…ang.org/api-0.87.0' into ruhl/core-873-update-deps
@robert-uhl
Delint
a26b9fd
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/go_modules/google.gol…
ee44c5f 
…ang.org/grpc-1.48.0' into ruhl/core-873-update-deps
@robert-uhl
Merge remote-tracking branch 'origin/dependabot/go_modules/entgo.io/e…
6cd2777 
…nt-0.11.1' into ruhl/core-873-update-deps
@robert-uhl
Merge pull request #90 from pachyderm/ruhl/core-873-update-deps
8eefbbc 
[CORE-873] Update deps

This PR pulls in all dependabot commits and ensures that they test cleanly. It does not pull in the latest upstream commits.
@dependabot
build(deps): bump github.com/coreos/go-oidc/v3 from 3.0.0 to 3.5.0
6e4586a 
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.0.0 to 3.5.0.
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.0.0...v3.5.0)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 4, 2023

The following labels could not be found: area/dependencies.

@dependabot dependabot bot mentioned this pull request Jan 4, 2023
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github May 17, 2023

Superseded by #124.

@dependabot dependabot bot closed this May 17, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/coreos/go-oidc/v3-3.5.0 branch May 17, 2023 11:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@acohen4 @armaanv @msteffen @robert-uhl