deps(deps): bump the logging group with 3 updates #14

dependabot · 2025-05-23T22:05:26Z

Bumps the logging group with 3 updates: github.com/go-logr/logr, github.com/go-logr/zapr and go.uber.org/zap.

Updates github.com/go-logr/logr from 1.2.4 to 1.4.2

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.2

What's Changed

Fix lint: named but unused params by @thockin in go-logr/logr#268

Add a Go report card, fix lint by @thockin in go-logr/logr#271

funcr: Handle nested empty groups properly by @thockin in go-logr/logr#274

Dependencies:

build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in go-logr/logr#254

build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in go-logr/logr#256

build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#257

build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in go-logr/logr#259

build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in go-logr/logr#260

build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in go-logr/logr#263

build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in go-logr/logr#262

build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in go-logr/logr#264

build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in go-logr/logr#266

build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in go-logr/logr#267

build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @dependabot in go-logr/logr#270

build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in go-logr/logr#272

build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in go-logr/logr#275

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in go-logr/logr#276

build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in go-logr/logr#277

build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @dependabot in go-logr/logr#278

build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in go-logr/logr#279

build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in go-logr/logr#280

build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in go-logr/logr#281

build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by @dependabot in go-logr/logr#282

build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by @dependabot in go-logr/logr#283

build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in go-logr/logr#284

build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in go-logr/logr#285

build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in go-logr/logr#286

build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in go-logr/logr#288

build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.3.0 by @dependabot in go-logr/logr#289

build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in go-logr/logr#293

build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in go-logr/logr#292

build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in go-logr/logr#291

build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in go-logr/logr#290

build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in go-logr/logr#294

build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in go-logr/logr#295

Full Changelog: go-logr/logr@v1.4.1...v1.4.2

v1.4.1

What's Changed

slogr: fix unintended API break in v1.4.0 by @pohly in go-logr/logr#253

Full Changelog: go-logr/logr@v1.4.0...v1.4.1

... (truncated)

Commits

1205f42 Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...
ccedcbd Merge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...
bead577 build(deps): bump actions/checkout from 4.1.5 to 4.1.6
a492d95 build(deps): bump github/codeql-action from 3.25.4 to 3.25.5
19ad07c build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
1c97a21 build(deps): bump actions/checkout from 4.1.4 to 4.1.5
f70c5b5 build(deps): bump github/codeql-action from 3.25.3 to 3.25.4
4ade8d3 build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1
88d98bd Merge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...
432cd86 Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...
Additional commits viewable in compare view

Updates github.com/go-logr/zapr from 1.2.3 to 1.3.0

Release notes

Sourced from github.com/go-logr/zapr's releases.

v1.3.0

This release adds support for slog. zapr implements slogr.SlogSink and therefore can be used through slogr.NewSlogHandler as backend for slog.

What's Changed

Added dependabot by @Neo2308 in go-logr/zapr#63

Updated min supported version to go 1.18 by @Neo2308 in go-logr/zapr#62

update linter config and fix issues by @pohly in go-logr/zapr#61

Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by @dependabot in go-logr/zapr#71

support slog by @pohly in go-logr/zapr#60

Bump github.com/stretchr/testify from 1.8.0 to 1.8.4 by @dependabot in go-logr/zapr#65

Bump actions/checkout from 2 to 3 by @dependabot in go-logr/zapr#66

Bump actions/setup-go from 2 to 4 by @dependabot in go-logr/zapr#67

Bump golangci/golangci-lint-action from 2 to 3 by @dependabot in go-logr/zapr#68

Bump actions/checkout from 3 to 4 by @dependabot in go-logr/zapr#69

Bump go.uber.org/zap from 1.24.0 to 1.25.0 by @dependabot in go-logr/zapr#64

Bump go.uber.org/zap from 1.25.0 to 1.26.0 by @dependabot in go-logr/zapr#70

New Contributors

@Neo2308 made their first contribution in go-logr/zapr#63

@dependabot made their first contribution in go-logr/zapr#65

Full Changelog: go-logr/zapr@v1.2.4...v1.3.0

v1.2.4

What's Changed

Bump Go version for GH actions by @thockin in go-logr/zapr#54

[fix]fix security yaml.v3 CVE-2022-28948 by @dongjiang1989 in go-logr/zapr#58

New Contributors

@dongjiang1989 made their first contribution in go-logr/zapr#58

Full Changelog: go-logr/zapr@v1.2.3...v1.2.4

Commits

78b8af5 Merge pull request #60 from pohly/slog
ae27dfc support slog + logr 1.3.0
6684601 Merge pull request #71 from go-logr/dependabot/go_modules/github.com/go-logr/...
4d152a1 Bump github.com/go-logr/logr from 1.2.4 to 1.3.0
191bfc4 Merge pull request #61 from pohly/linting
fe8a3cc Merge pull request #70 from go-logr/dependabot/go_modules/go.uber.org/zap-1.26.0
575b337 Bump go.uber.org/zap from 1.25.0 to 1.26.0
437f574 Merge pull request #64 from go-logr/dependabot/go_modules/go.uber.org/zap-1.25.0
203c517 Merge pull request #69 from go-logr/dependabot/github_actions/actions/checkout-4
2aef912 Bump actions/checkout from 3 to 4
Additional commits viewable in compare view

Updates go.uber.org/zap from 1.24.0 to 1.26.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.26.0

Enhancements:

#1297[]: Add Dict as a Field.

#1319[]: Add WithLazy method to Logger which lazily evaluates the structured context.

#1350[]: String encoding is much (~50%) faster now.

Thanks to @hhk7734, @jquirke, @cdvr1993 for their contributions to this release.

#1297: uber-go/zap#1297 #1319: uber-go/zap#1319 #1350: uber-go/zap#1350

v1.25.0

This release contains several improvements including performance, API additions, and two new experimental packages whose APIs are unstable and may change in the future.

Enhancements:

#1246[]: Add zap/exp/zapslog package for integration with slog.

#1273[]: Add Name to Logger which returns the Logger's name if one is set.

#1281[]: Add zap/exp/expfield package which contains helper methods Str and Strs for constructing String-like zap.Fields.

#1310[]: Reduce stack size on Any.

Thanks to @knight42, @dzakaammar, @bcspragu, and @rexywork for their contributions to this release.

#1246: uber-go/zap#1246 #1273: uber-go/zap#1273 #1281: uber-go/zap#1281 #1310: uber-go/zap#1310

Changelog

Sourced from go.uber.org/zap's changelog.

1.26.0 (14 Sep 2023)

Enhancements:

#1297[]: Add Dict as a Field.

#1319[]: Add WithLazy method to Logger which lazily evaluates the structured context.

#1350[]: String encoding is much (~50%) faster now.

Thanks to @hhk7734, @jquirke, and @cdvr1993 for their contributions to this release.

#1297: uber-go/zap#1297 #1319: uber-go/zap#1319 #1350: uber-go/zap#1350

1.25.0 (1 Aug 2023)

This release contains several improvements including performance, API additions, and two new experimental packages whose APIs are unstable and may change in the future.

Enhancements:

#1246[]: Add zap/exp/zapslog package for integration with slog.

#1273[]: Add Name to Logger which returns the Logger's name if one is set.

#1281[]: Add zap/exp/expfield package which contains helper methods Str and Strs for constructing String-like zap.Fields.

#1310[]: Reduce stack size on Any.

Thanks to @knight42, @dzakaammar, @bcspragu, and @rexywork for their contributions to this release.

#1246: uber-go/zap#1246 #1273: uber-go/zap#1273 #1281: uber-go/zap#1281 #1310: uber-go/zap#1310

Commits

96038b7 Prepare for release v1.26.0 (#1355)
c17272e Add WithLazy Logger method (#1319)
99f1811 exp: Add a changelog (#1353)
7728f39 chore(CHANGELOG): Move reference links to sections (#1352)
5a27bab perf: Faster string encoding (#1350)
82c728b Replace benbjohnson/clock with custom MockClock (#1349)
b7aed24 zapslog: Handle empty attrs centrally (#1351)
2b35963 lint: Enable errcheck, fix failures (#1345)
9a36792 test: improve slog coverage (#1347)
e5e8b70 build(deps): bump actions/checkout from 3 to 4 (#1346)
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot · 2025-05-23T22:05:27Z

Labels

The following labels could not be found: security. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot · 2025-05-23T22:05:27Z

The reviewers field in the dependabot.yml file will be removed soon. Please use the code owners file to specify reviewers for Dependabot PRs. For more information, see this blog post.

Bumps the logging group with 3 updates: [github.com/go-logr/logr](https://github.com/go-logr/logr), [github.com/go-logr/zapr](https://github.com/go-logr/zapr) and [go.uber.org/zap](https://github.com/uber-go/zap). Updates `github.com/go-logr/logr` from 1.2.4 to 1.4.2 - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.2.4...v1.4.2) Updates `github.com/go-logr/zapr` from 1.2.3 to 1.3.0 - [Release notes](https://github.com/go-logr/zapr/releases) - [Commits](go-logr/zapr@v1.2.3...v1.3.0) Updates `go.uber.org/zap` from 1.24.0 to 1.26.0 - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.24.0...v1.26.0) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: logging - dependency-name: github.com/go-logr/zapr dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: logging - dependency-name: go.uber.org/zap dependency-version: 1.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: logging ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from johnlam90 May 23, 2025 22:05

dependabot bot assigned johnlam90 May 23, 2025

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 23, 2025

dependabot bot force-pushed the dependabot/go_modules/logging-bc07080ed6 branch 2 times, most recently from 6f10081 to 4389d46 Compare May 27, 2025 08:39

dependabot bot force-pushed the dependabot/go_modules/logging-bc07080ed6 branch 2 times, most recently from 41c6a6a to 59339da Compare June 9, 2025 10:13

dependabot bot force-pushed the dependabot/go_modules/logging-bc07080ed6 branch from 59339da to af5b3c2 Compare June 16, 2025 11:00

dependabot bot force-pushed the dependabot/go_modules/logging-bc07080ed6 branch from af5b3c2 to c1a6175 Compare July 7, 2025 12:20

dependabot bot force-pushed the dependabot/go_modules/logging-bc07080ed6 branch from c1a6175 to 942053e Compare September 15, 2025 10:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps(deps): bump the logging group with 3 updates #14

deps(deps): bump the logging group with 3 updates #14

Uh oh!

dependabot bot commented on behalf of github May 23, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github May 23, 2025

Uh oh!

dependabot bot commented on behalf of github May 23, 2025

Uh oh!

Uh oh!

deps(deps): bump the logging group with 3 updates #14

Are you sure you want to change the base?

deps(deps): bump the logging group with 3 updates #14

Uh oh!

Conversation

dependabot bot commented on behalf of github May 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.4.2

What's Changed

Dependencies:

v1.4.1

What's Changed

v1.3.0

What's Changed

New Contributors

v1.2.4

What's Changed

New Contributors

v1.26.0

v1.25.0

1.26.0 (14 Sep 2023)

1.25.0 (1 Aug 2023)

Uh oh!

dependabot bot commented on behalf of github May 23, 2025

Labels

Uh oh!

dependabot bot commented on behalf of github May 23, 2025

Uh oh!

Uh oh!

dependabot bot commented on behalf of github May 23, 2025 •

edited

Loading