build(deps): Bump golang.org/x/term from 0.34.0 to 0.36.0#1328
build(deps): Bump golang.org/x/term from 0.34.0 to 0.36.0#1328dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
dependabot
bot
added
dependencies
dependabot
bot
requested review from
NiazFK,
priteshbandi,
rgnote,
shizhMSFT,
toddysm,
vaninrao10 and
yizha1
as code owners
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #1328 +/- ##
=======================================
Coverage 79.22% 79.22%
=======================================
Files 68 68
Lines 3066 3066
=======================================
Hits 2429 2429
Misses 433 433
Partials 204 204 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
This PR is stale because it has been opened for 45 days with no activity. Remove stale label or comment. Otherwise, it will be closed in 30 days. |
yizha1
left a comment
yizha1
left a comment
There was a problem hiding this comment.
This PR has been stale for over 4 months. The main branch has since moved to module github.com/notaryproject/notation/v2, while this PR targets the old module path. This PR will have merge conflicts and is unmergeable as-is.
Consider closing this PR and letting Dependabot open a fresh one against current main. A fresh PR will correctly target the notation/v2 module path and reflect the current dependency tree, avoiding rebase conflicts entirely.
go.mod
Outdated
There was a problem hiding this comment.
This PR was opened on Oct 13, 2025 and has been stale for over 4 months. The main branch has since moved to module github.com/notaryproject/notation/v2, while this PR targets the old module path github.com/notaryproject/notation. This will cause merge conflicts.
@dependabot rebase or consider closing and letting Dependabot open a fresh PR.
go.mod
Outdated
There was a problem hiding this comment.
nit: The bump skips v0.35.0. Should we verify the x/term changelog between v0.34.0 and v0.36.0 for any breaking changes in the skipped version?
go.mod
Outdated
There was a problem hiding this comment.
The golang.org/x/sys transitive bump from v0.35.0 to v0.37.0 should be verified against the current main branch state. After rebase, the minimum required version may differ depending on what other dependencies have been added or updated.
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/go_modules/golang.org/x/term-0.36.0
branch
from
0849492 to
2d54288
Compare
|
@dependabot recreate |
dependabot
bot
force-pushed
the
dependabot/go_modules/golang.org/x/term-0.36.0
branch
from
2d54288 to
83a8156
Compare
|
@dependabot recreate |
dependabot
bot
force-pushed
the
dependabot/go_modules/golang.org/x/term-0.36.0
branch
from
83a8156 to
c20e815
Compare
|
@dependabot rebase |
Bumps [golang.org/x/term](https://github.com/golang/term) from 0.34.0 to 0.36.0. - [Commits](golang/term@v0.34.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/go_modules/golang.org/x/term-0.36.0
branch
from
c20e815 to
a2ed7d8
Compare
Update Go dependencies: - github.com/spf13/cobra: v1.9.1 -> v1.10.2 (go.mod, test/e2e/plugin/go.mod) - github.com/spf13/pflag: v1.0.7 -> v1.0.10 (go.mod) - golang.org/x/term: v0.37.0 -> v0.40.0 (go.mod) - github.com/onsi/ginkgo/v2: v2.25.2 -> v2.28.1 (test/e2e/go.mod) - github.com/onsi/gomega: v1.38.2 -> v1.39.0 (test/e2e/go.mod) Update GitHub Actions: - actions/setup-go: v5.5.0 -> v6.2.0 - actions/cache: v4.2.4 -> v5.0.3 - codecov/codecov-action: v5.5.0 -> v5.5.2 - github/codeql-action: v3.29.11 -> v4.32.3 - actions/stale: v9.1.0 -> v10.2.0 Consolidates PRs #1312, #1314, #1316, #1317, #1318, #1322, #1323, #1328, #1330, #1331 Co-authored-by: shizhMSFT <32161882+shizhMSFT@users.noreply.github.com>
2 participants
Bumps golang.org/x/term from 0.34.0 to 0.36.0.
Commits
3a0828ago.mod: update golang.org/x dependencies1a11b45go.mod: update golang.org/x dependenciesd862cd5all: upgrade go directive to at least 1.24.0 [generated]You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)