-
-
Notifications
You must be signed in to change notification settings - Fork 12
Bump github.com/ory/jsonschema/v3 from 3.0.3 to 3.0.4 #279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump github.com/ory/jsonschema/v3 from 3.0.3 to 3.0.4 #279
Conversation
Codecov Report
@@ Coverage Diff @@ ## main #279 +/- ## ========================================== + Coverage 89.79% 89.94% +0.14% ========================================== Files 44 43 -1 Lines 6626 6464 -162 ========================================== - Hits 5950 5814 -136 + Misses 553 536 -17 + Partials 123 114 -9
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
@dependabot recreate
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
@dependabot rebase
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
@dependabot rebase
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Bumps [github.com/ory/jsonschema/v3](https://github.com/ory/jsonschema) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/ory/jsonschema/releases) - [Commits](ory/jsonschema@v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: github.com/ory/jsonschema/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Since the `docsgen` and `ruledocsgen' modules have a dependency on the root module, they must be tidied after the change to the root module dependencies.
...ndency This is a transitive dependency of `github.com/ory/jsonschema/v3`. `go mod tidy` fails after Dependabot bumps to `github.com/ory/jsonschema/v3@v3.0.4`: ``` go: downloading github.com/jandelgado/gcov2lcov v1.0.4 verifying github.com/jandelgado/gcov2lcov@v1.0.4: checksum mismatch downloaded: h1:ADwQPyNsxguqzznIbfQTENwY9FU88JdXEvpdHR9c48A= go.sum: h1:54+QJDjOQcRMLsC6aFXeYKQ+GEhN2DaYfKEtjDWnOrM= SECURITY ERROR This download does NOT match an earlier download recorded in go.sum. The bits may have been replaced on the origin server, or an attacker may have intercepted the download attempt. For more information, see 'go help module-auth'. ``` I suspect that it was caused by the `github.com/jandelgado/gcov2lcov@v1.0.4` tag having been moved (similar to what happened with `github.com/oleiade/reflections@v1.0.0`). Since `github.com/jandelgado/gcov2lcov` is only a testing tool used by `github.com/ory/jsonschema/v3`, which imports it as blank identifier as a hacky technique to use the Go module system for tool dependency management: https://marcofranssen.nl/manage-go-tools-via-go-modules For this reason, `github.com/jandelgado/gcov2lcov` is not actually a dependency of Arduino Lint and the version specified here is irrelevant other than that v1.0.4 breaks Dependabot. So there is no possible impact from using v1.0.5 in its place. In the interest of keeping the `go.mod` file clean, this line should be removed once `github.com/ory/jsonschema/v3` updates to a non-problematic version of its tool dependency.
fc9782d to
6ab2070
Compare
Uh oh!
There was an error while loading. Please reload this page.
Bumps github.com/ory/jsonschema/v3 from 3.0.3 to 3.0.4.
Commits
a9cfba2feat: always add meta draft meta schemas to compiler (#6)cfa746bchore: bump depsDependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)