chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 #21329

dependabot · 2024-12-30T03:15:55Z

Bumps github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0.

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.13.0

What's Changed

build: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by @dependabot in go-git/go-git#1065

build: bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1068

build: bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in go-git/go-git#1071

Properly support skipping of non-mandatory extensions by @codablock in go-git/go-git#1066

git: Refine some codes in test and non-test. by @onee-only in go-git/go-git#1077

plumbing: protocol/packp, client-side filter capability support by @edigaryev in go-git/go-git#1000

build: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by @dependabot in go-git/go-git#1078

plumbing: fix sideband demux on flush by @aymanbagabas in go-git/go-git#1084

storage: dotgit, head reference usually comes first by @aymanbagabas in go-git/go-git#1085

build: bump golang.org/x/text from 0.14.0 to 0.15.0 by @dependabot in go-git/go-git#1091

build: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1094

build: bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in go-git/go-git#1093

git: Added an example for Repository.Branches by @johnmatthiggins in go-git/go-git#1088

git: worktree_commit, Modify checking empty commit. Fixes #723 by @onee-only in go-git/go-git#1050

plumbing: transport/http, Wrap http errors to return reason. Fixes #1097 by @ggambetti in go-git/go-git#1100

build: bump golang.org/x/sys from 0.20.0 to 0.21.0 by @dependabot in go-git/go-git#1106

build: bump golang.org/x/text from 0.15.0 to 0.16.0 by @dependabot in go-git/go-git#1107

Bumps Go versions and go-billy by @pjbgf in go-git/go-git#1056

_examples: Fixed a dead link COMPATIBILITY.md by @gecko655 in go-git/go-git#1109

build: bump github.com/jessevdk/go-flags from 1.5.0 to 1.6.1 in /cli/go-git by @dependabot in go-git/go-git#1115

build: bump github.com/elazarl/goproxy from v0.0.0-20230808193330-2592e75ae04a to v0.0.0-20240618083138-03be62527ccb by @hbelmiro in go-git/go-git#1124

build: bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in go-git/go-git#1104

Add option approximating git clean -x flag. by @msuozzo in go-git/go-git#995

Revert "Add option approximating git clean -x flag." by @pjbgf in go-git/go-git#1129

Fix reference updated concurrently error for the filesystem storer by @Javier-varez in go-git/go-git#1116

build: bump golang.org/x/net from 0.26.0 to 0.27.0 by @dependabot in go-git/go-git#1134

utils: merkletrie, Align error message with upstream by @pjbgf in go-git/go-git#1142

plumbing: transport/file, Change paths to absolute by @pjbgf in go-git/go-git#1141

plumbing: gitignore, Fix loading of ignored .gitignore files. by @Achilleshiel in go-git/go-git#1114

build: bump github.com/skeema/knownhosts from 1.2.2 to 1.3.0 by @dependabot in go-git/go-git#1147

plumbing: transport/ssh, Add support for SSH @cert-authority. by @Javier-varez in go-git/go-git#1157

build: run example tests during CI workflow by @crazybolillo in go-git/go-git#1030

storage: filesystem, Fix object cache not working due to uninitialised objects being put into cache by @SatelliteMind in go-git/go-git#1138

git: Fix fetching missing commits by @AriehSchneier in go-git/go-git#1032

plumbing: format/packfile, remove duplicate checks in findMatch() by @edigaryev in go-git/go-git#1152

git: worktree, Fix file reported as Untracked while it is committed by @rodrigocam in go-git/go-git#1023

build: bump golang.org/x/sys from 0.22.0 to 0.23.0 by @dependabot in go-git/go-git#1160

plumbing: filemode, Remove check for setting size of .git/index file by @nicholasSUSE in go-git/go-git#1159

build: bump golang.org/x/net from 0.27.0 to 0.28.0 by @dependabot in go-git/go-git#1163

Fix some lint warning and increase stalebot to 180 days by @pjbgf in go-git/go-git#1128

adjust path extracted from file: url on Windows by @tomqwpl in go-git/go-git#416

build: bump golang.org/x/sys from 0.23.0 to 0.24.0 by @dependabot in go-git/go-git#1164

Add RestoreStaged to Worktree that mimics the behaviour of git restore --staged ... by @ben-tbotlabs in go-git/go-git#493

plumbing: signature, support the same x509 signature formats as git by @yoavamit in go-git/go-git#1169

fix: allow discovery of non bare repos in fsLoader by @jakobmoellerdev in go-git/go-git#1170

build: bump golang.org/x/sys from 0.24.0 to 0.25.0 by @dependabot in go-git/go-git#1178

build: bump golang.org/x/text from 0.17.0 to 0.18.0 by @dependabot in go-git/go-git#1179

build: bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in go-git/go-git#1184

... (truncated)

Commits

94bd4af Merge pull request #1261 from BeChris/issue680
8b7f5ba Merge pull request #1262 from go-git/dependabot/go_modules/github.com/elazarl...
41d80a0 build: bump github.com/elazarl/goproxy
4998140 git: worktree_commit, sanitize author and commiter name and email before crea...
9049625 Merge pull request #1260 from go-git/dependabot/github_actions/github/codeql-...
dae48b4 build: bump github/codeql-action from 3.27.9 to 3.28.0
7d6fbc2 Merge pull request #1220 from BeChris/accept_uppercase_hexa_in_pktline_length
62a77b7 plumbing: Fix invalid reference name error while cloning branches containing ...
5e11196 plumbing: format/pktline, accept upercase hexadecimal value as pktline length...
65f5e1a Merge pull request #1256 from go-git/dependabot/go_modules/golang-org-232a611e2d
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

codecov · 2024-12-30T03:54:37Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 55.21%. Comparing base (728b31e) to head (421ca06).
Report is 2 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master   #21329   +/-   ##
=======================================
  Coverage   55.21%   55.21%           
=======================================
  Files         337      337           
  Lines       57058    57058           
=======================================
+ Hits        31503    31504    +1     
- Misses      22855    22857    +2     
+ Partials     2700     2697    -3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

OpenGuidou · 2025-01-07T14:24:46Z

/cherry-pick release-2.13

…21329) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

ishitasequeira · 2025-01-07T15:24:06Z

/cherry-pick release-2.12

gcp-cherry-pick-bot · 2025-01-07T15:24:11Z

Cherry-pick failed with Merge error dd366f56fa9fac94aeb04989a0164742d4e82c22 into temp-cherry-pick-b7e325-release-2.12

crenshaw-dev · 2025-01-07T15:52:27Z

@OpenGuidou why should this be cherry-picked?

ishitasequeira · 2025-01-07T16:12:12Z

There is a CVE https://www.cve.org/CVERecord?id=CVE-2025-21614 that gets fixed by this

…cherry-pick #21329) (#21401) * chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 (#21329) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * tidy Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

…rgoproj#21329) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Brett C. Dudo <brett@dudo.io>

…rgoproj#21329) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.12.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot requested a review from a team as a code owner December 30, 2024 03:15

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 30, 2024

crenshaw-dev approved these changes Dec 30, 2024

View reviewed changes

crenshaw-dev enabled auto-merge (squash) December 30, 2024 03:38

crenshaw-dev merged commit dd366f5 into master Dec 30, 2024
26 of 30 checks passed

crenshaw-dev deleted the dependabot/go_modules/github.com/go-git/go-git/v5-5.13.0 branch December 30, 2024 03:53

gcp-cherry-pick-bot bot mentioned this pull request Jan 7, 2025

chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 (cherry-pick #21329) #21401

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 #21329

chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 #21329

dependabot bot commented on behalf of github Dec 30, 2024

codecov bot commented Dec 30, 2024

OpenGuidou commented Jan 7, 2025

ishitasequeira commented Jan 7, 2025

gcp-cherry-pick-bot bot commented Jan 7, 2025

crenshaw-dev commented Jan 7, 2025

ishitasequeira commented Jan 7, 2025

chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 #21329

chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 #21329

Conversation

dependabot bot commented on behalf of github Dec 30, 2024

v5.13.0

What's Changed

codecov bot commented Dec 30, 2024

Codecov Report

OpenGuidou commented Jan 7, 2025

ishitasequeira commented Jan 7, 2025

gcp-cherry-pick-bot bot commented Jan 7, 2025

crenshaw-dev commented Jan 7, 2025

ishitasequeira commented Jan 7, 2025