• 38071ea Add tostr and fromstr modifiers
• ba95ef8 Update SYNTAX.md
• 65bbebb Fixed typo
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/spf13/afero's releases.

v1.7.1: Move GCS into its own package

No release notes provided.

v1.7.0: Add experimental GCS support

Add experimental GCS support in Afero. Experimental because the CI infra of afero does not test with real GCS buckets.

Limitations:

• No Chmod support - The GCS ACL could probably be mapped to *nix style permissions but that would add another level of complexity and is ignored in this version.
• No Chtimes support - Could be simulated with attributes (gcs a/m-times are set implicitly) but that's is left for another version.
• NOTE: Not thread safe - Also assumes all file operations are done through the same instance of the GcsFs. File operations between different GcsFs instances are not guaranteed to be consistent.

Performance implications

• Sequential reads are performant
• Sequential writes are performant.
• Seek + Read or ReadAt is performant after the initial seek. (produces a warning)
• Alternating reads/writes to the same file handler are highly inefficient. To get consistent FS behavior using an API that separates readers and writers we close any open readers before an write as well close open writers before a read (ensure the data is committed).
• Seek + Write such as WriteAt, Truncate, Seek+Write will work as expected but with significant overhead. Doing a seek + write will in effect download the old file/object, overlay it with the new writes and save it back. This is done in a streaming fashion so large files will not clog the memory but will trigger a full download and upload of the file/object.

• d8a4ef9 Merge pull request #333 from drakkan/gcsfs
• 165e3dc GCS fs: move all gcsfs related implementations to its own package
• d70f944 Merge pull request #331 from kargakis/gcs
• 68b7156 Add README section for GCS Fs
• 21b977b Merge branch 'master' into gcs
• 949437f Readme: fix quotes of step 3
• f0ee686 Merge pull request #312 from tklauser/bump-deps
• d461d4f go.mod: bump dependencies to latest version
• 090e652 read GOOGLE_APPLICATION_CREDENTIALS_JSON if it is set
• c122017 Added implementation to cover the new Mkdir & MkdirAll cases
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 3f7d529 Upgrade gjson
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/spf13/cobra's releases.

v1.3.0 - The Fall 2021 release 🍁

Completion fixes & enhancements 💇🏼

In v1.2.0, we introduced a new model for completions. Thanks to everyone for trying it, giving feedback, and providing numerous fixes! Continue to work with the new model as the old one (as noted in code comments) will be deprecated in a coming release.

• DisableFlagParsing now triggers custom completions for flag names #1161
• Fixed unbound variables in bash completions causing edge case errors #1321
• help completion formatting improvements & fixes #1444
• All completions now follow the help example: short desc are now capitalized and removes extra spacing from long description #1455
• Typo fixes in bash & zsh completions #1459
• Fixed mixed tab/spaces indentation in completion scripts. Now just 4 spaces #1473
• Support for different bash completion options. Bash completions v2 supports descriptions and requires descriptions to be removed for menu-complete, menu-complete-backward and insert-completions. These descriptions are now purposefully removed in support of this model. #1509
• Fix for invalid shell completions when using ~/.cobra.yaml. Log message Using config file: ~/.cobra.yaml now printed to stderr #1510
• Removes unnecessary trailing spaces from completion command descriptions #1520
• Option to hid default completion command #1541
• Remove __complete command for programs without subcommands #1563

Generator changes ⚙️

Thanks to @​spf13 for providing a number of changes to the Cobra generator tool, streamlining it for new users!

• The Cobra generator now won't automatically include Viper and cleans up a number of unused imports when not using Viper.
• The Cobra generator's default license is now none
• The Cobra generator now works with Go modules
• Documentation to reflect these changes

New Features ⭐

• License can be specified by their SPDX identifiers #1159
• MatchAll allows combining several PositionalArgs to work in concert. This now allows for enabling composing PositionalArgs #896

Bug Fixes 🐛

• Fixed multiple error message from cobra init boilerplates #1463 #1552 #1557

Testing 👀

• Now testing golang 1.16.x and 1.17.x in CI #1425
• Fix for running diff test to ignore CR for windows #949
• Added helper functions and reduced code reproduction in args_test #1426
• Now using official golangci-lint github action #1477

Security 🔏

• Added GitHub dependabot #1427
• Now using Viper v1.10.0
  • There is a known CVE in an indirect dependency from viper: spf13/cobra#1538. This will be patched in a future release

Documentation 📝

• Multiple projects added to the projects_using_cobra.md file: #1377 #1501 #1454
• Removed ToC from main readme file as it is now automagically displayed by GitHub #1429
• Documentation correct for when the --author flag is specified #1009
• shell_completions.md has an easier to use snippet for copying and pasting shell completions #1372

... (truncated)

• 178edbb Bump github.com/spf13/viper from 1.9.0 to 1.10.0 (#1561)
• 9054739 Remove __complete cmd for program without subcmds (#1563)
• 19c9c74 Always include the os package import when generating the root command (#1557)
• 01e05b8 Bump github.com/spf13/viper from 1.8.1 to 1.9.0 (#1554)
• 36bff0a fix root.go.golden (#1552)
• 1854bb5 Fix some typos (mostly found by codespell) (#1514)
• ff2c55e chore(ci): use golangci-lint-action (#1477)
• 1beb476 fix: Duplicate error message from cobra init boilerplates (#1463)
• 6f84ef4 Provide option to hide default 'completion' cmd (#1541)
• ee75a2b Remove trailing spaces from bash completion command description (#1520)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/pelletier/go-toml/v2's releases.

v2.0.0-beta.5

While this release focused on adding back missing encoder and decoder features, it also comes with a slew of bug fixes, thanks to @​moorereason's awesome differential fuzzing work! This is the last planned pre-release dedicated to the core library. Check out the updated readme for upgrade instructions.

The next milestone is to port the existing tooling (tomljson, tomllint, binary releases) to go-toml v2.

Thank you, and happy holidays!

What's Changed

What's new

• API: Encoder and Decoder options are chainable by @​pelletier in pelletier/go-toml#670
• Decoder: show struct field in type mismatch errors by @​pelletier in pelletier/go-toml#684
• Encoder: omitempty flag by @​pelletier in pelletier/go-toml#692
• Decoder: allow commas in tags by @​pelletier in pelletier/go-toml#693
• Decoder: time allows extra precision by @​pelletier in pelletier/go-toml#710
• Encode: add comment struct tag by @​pelletier in pelletier/go-toml#711

Performance

• Decoder: use lookup table to validate ASCII by @​pelletier in pelletier/go-toml#654
• Decode: code cleanup for struct cache by @​pelletier in pelletier/go-toml#659

Fixed bugs

• Decode: error on underscore before exponent in floats by @​pelletier in pelletier/go-toml#647
• Decode: add missing checks for LocalTime by @​pelletier in pelletier/go-toml#650
• Decoder: flag invalid carriage returns in strings by @​pelletier in pelletier/go-toml#652
• Decode: correctly handle carriage return in comments by @​pelletier in pelletier/go-toml#656
• Decode: prevent comments that look like dates to be accepted by @​pelletier in pelletier/go-toml#657
• Decoder: validate inline tables don't redefine keys by @​pelletier in pelletier/go-toml#660
• Decoder: validate inline tables in arrays don't redefine keys by @​pelletier in pelletier/go-toml#663
• Decode: accept E as exponent notation by @​moorereason in pelletier/go-toml#665
• Decoder: prevent duplicates of inline tables by @​pelletier in pelletier/go-toml#667
• Decoder: flag invalid carriage returns in literal strings by @​moorereason in pelletier/go-toml#673
• Encoder: try to use pointer type TextMarshaler by @​pelletier in pelletier/go-toml#679
• Decoder: validate bounds of day and month in dates by @​pelletier in pelletier/go-toml#680
• Decoder: fail on unescaped \r not followed by \n by @​pelletier in pelletier/go-toml#681
• Decoder: fix panic on table array behind a pointer by @​pelletier in pelletier/go-toml#682
• Decoder: flag bad \r in literal multiline strings by @​pelletier in pelletier/go-toml#687
• Decoder: check timezones start with +,-,z,Z by @​pelletier in pelletier/go-toml#688
• Decoder: check tz has : between hours and minutes by @​pelletier in pelletier/go-toml#691
• Decoder: check for invalid characters in timezone by @​pelletier in pelletier/go-toml#695
• Decode: restrict timezone offset values by @​moorereason in pelletier/go-toml#696
• Decode: ensure signed numbers don't start with an underscore by @​moorereason in pelletier/go-toml#698
• Decode: allow maximum seconds value of 60 by @​moorereason in pelletier/go-toml#700
• Decode: ensure signed exponents don't start with an underscore by @​moorereason in pelletier/go-toml#699
• Decoder: prevent modification of inline tables by @​pelletier in pelletier/go-toml#702
• Decoder: disallow modification of existing table by @​pelletier in pelletier/go-toml#704
• Decode: fix maximum time offset values by @​moorereason in pelletier/go-toml#706
• Decode: allow CRLF as whitespace before line ending backslash by @​pelletier in pelletier/go-toml#709
• Decode: fix index panic on integers with just a sign by @​moorereason in pelletier/go-toml#716
• Decode: check buffer length before parsing simple key by @​moorereason in pelletier/go-toml#717

Documentation

• Encoder: mention "-" to prevent encoding field in doc by @​pelletier in pelletier/go-toml#683
• Readme: document more differences with v1 by @​pelletier in pelletier/go-toml#712

... (truncated)

• 1e85aa6 build: add contents permissions
• 46fa322 build: allows the token to write packages
• 4d51831 build: replace grc.io with ghcr.io
• 5a1a96c build: pass the github token to goreleaser
• ea9040a build: change workflow reference to v2
• 2373685 Docker + goreleaser (#729)
• f139195 Update and move testsuite to internal package (#730)
• 4a73a20 Clean up tools godoc
• 4807229 tomll: port to v2 (#727)
• d8ddc00 jsontoml: port to v2 (#726)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/spf13/afero's releases.

v1.9.3

What's Changed

• Fix concurrency issue in MemMapFs.Mkdir/MkdirAll by @​bep in spf13/afero#379

Full Changelog: https://github.com/spf13/afero/compare/v1.9.2...v1.9.3

• a800a9d Fix concurrency issue in MemMapFs.Mkdir/MkdirAll
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/pelletier/go-toml/v2's releases.

v2.0.6

What's Changed

What's new

• Expose parser API as unstable by @​pelletier in pelletier/go-toml#827

Performance

• Reduce init time allocation when declaring types used for reflect by @​dolmen in pelletier/go-toml#821

Other changes

• refactor: Use typeMismatchError rather than raw string error by @​jidicula in pelletier/go-toml#826
• build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @​dependabot in pelletier/go-toml#825
• build(deps): bump actions/setup-go from 2 to 3 by @​dependabot in pelletier/go-toml#820

New Contributors

• @​dolmen made their first contribution in pelletier/go-toml#821

Full Changelog: https://github.com/pelletier/go-toml/compare/v2.0.5...v2.0.6

• 94bd3dd build(deps): bump actions/setup-go from 2 to 3 (#820)
• e195b58 Expose parser API as unstable (#827)
• c83d001 build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#825)
• b9e3b9c refactor: Use typeMismatchError rather than raw string error (#826)
• d268873 Reduce init time allocation when declaring types used for reflect (#821)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/Masterminds/semver/v3's releases.

v3.2.0

Added

• #190: Added text marshaling and unmarshaling
• #167: Added JSON marshalling for constraints (thanks @​SimonTheLeg)
• #173: Implement encoding.TextMarshaler and encoding.TextUnmarshaler on Version (thanks @​MarkRosemaker)
• #179: Added New() version constructor (thanks @​kazhuravlev)

Changed

• #182/#183: Updated CI testing setup

Fixed

• #186: Fixing issue where validation of constraint section gave false positives
• #176: Fix constraints check with *-0 (thanks @​mtt0)
• #181: Fixed Caret operator (^) gives unexpected results when the minor version in constraint is 0 (thanks @​arshchimni)
• #161: Fixed godoc (thanks @​afirth)

Sourced from github.com/Masterminds/semver/v3's changelog.

3.2.0 (2022-11-28)

Added

• #190: Added text marshaling and unmarshaling
• #167: Added JSON marshalling for constraints (thanks @​SimonTheLeg)
• #173: Implement encoding.TextMarshaler and encoding.TextUnmarshaler on Version (thanks @​MarkRosemaker)
• #179: Added New() version constructor (thanks @​kazhuravlev)

Changed

• #182/#183: Updated CI testing setup

Fixed

• #186: Fixing issue where validation of constraint section gave false positives
• #176: Fix constraints check with *-0 (thanks @​mtt0)
• #181: Fixed Caret operator (^) gives unexpected results when the minor version in constraint is 0 (thanks @​arshchimni)
• #161: Fixed godoc (thanks @​afirth)

• 4694ab0 Merge pull request #191 from mattfarina/update-changelong-3.2.0
• 0ca29f2 Updating changelong for 3.2.0 release
• 3efb84c Merge pull request #190 from mattfarina/constraints-text-marshal
• 3c1d0f2 Adding text marshaling and unmarshaling
• 00300c4 Merge pull request #167 from SimonTheLeg/master
• 2084c82 Merge pull request #173 from MarkRosemaker/implement-encoding.TextMarshaler-a...
• b22e1a4 Updating the Go version in the go.mod file
• b8121eb Merge pull request #186 from mattfarina/test-bug-fix
• ee95afb Fixing issue where validation of constraint setion gave false positives
• 1959065 Merge pull request #176 from mtt0/master
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 7c05a44 sumdb/note: remove dependency on golang.org/x/crypto/ed25519
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• e14b8d3 Add test
• f37cc44 Merge pull request #301 from svher/master
• 1ed0d85 bug fix
• 0fc8539 Merge pull request #299 from bashery/master
• 25df3e6 uint64
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/go-git/go-billy/v5's releases.

v5.4.0

What's Changed

• utils: add Walk function to walk over a filesystem by @​tjamet in go-git/go-billy#17
• *: fix data race when running go-git tests by @​pjbgf in go-git/go-billy#28

Full Changelog: https://github.com/go-git/go-billy/compare/v5.3.1...v5.4.0

• 1b88f62 Merge pull request #26 from cuishuang/master
• 4e5a841 Merge pull request #28 from pjbgf/fix-go-git-data-race
• 38b02ce tests: Fix tests in windows
• 0a54206 Fix go-git data races whilst running tests
• 027fa5a build: Bump dependencies
• 007675e build: Update GitHub workflows
• a71b2d8 fix some typos
• 7ab80d7 Merge pull request #17 from tjamet/feat/walk
• 213e20d utils: Walk, use os.FileInfo
• e0768be utils: Walk, minor style changes
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/go-git/go-git/v5's releases.

v5.5.1

What's Changed

• *: fix error when building with CGO_ENABLED=0 by @​pjbgf in go-git/go-git#625
• plumbing: transport/ssh: fix panic on Windows 10 with paegent as ssh-agent by @​doxsch in go-git/go-git#617
• CommitOptions: AllowEmptyCommits, return an error instead of creating empty commits by @​pjbgf in go-git/go-git#623

Full Changelog: https://github.com/go-git/go-git/compare/v5.5.0...v5.5.1

v5.5.0

What's Changed

• *: add collision resistent SHA1 implementation by @​pjbgf in go-git/go-git#618
• *: replace go-homedir with os.UserHomeDir by @​mvdan in go-git/go-git#535
• Remote: add RemoteURL to {Fetch,Pull,Push}Options by @​noerw in go-git/go-git#375
• Remote: Push, add support to push commits per hashes by @​tjamet in go-git/go-git#325
• Remote: Push, add ForceWithLease Push Option by @​john-cai in go-git/go-git#404
• Remote: PushOptions add push-options by @​S-Bohn in go-git/go-git#399
• Remote: Push, add atomic to push options by @​john-cai in go-git/go-git#406
• Remote: add FollowTags option for pushes by @​john-cai in go-git/go-git#385
• Worktree: use syscall.Timespec.Unix by @​tklauser in go-git/go-git#437
• Worktree: Checkout, simplified sparse checkout by @​john-cai in go-git/go-git#410
• Repository: don't crash accessing invalid pathinfo by @​muesli in go-git/go-git#443
• storage: filesystem, switch from os.SEEK_* to io.Seek* by @​abhinav in go-git/go-git#421
• config: add branch description support by @​ninedraft in go-git/go-git#409
• revision: fix endless looping in revision parser by @​michenriksen in go-git/go-git#475
• pumbling: optimise zlib reader and consolidate sync.Pools by @​pjbgf in go-git/go-git#608
• pumbling: parse optimisations by @​pjbgf in go-git/go-git#602
• plumbing: object, rename calculation uses too much memory by @​jfontan in go-git/go-git#503
• plumbing: protocol/pakp and server, include the contents of GO_GIT_USER_AGENT_EXTRA. Fixes #529 by @​stewing in go-git/go-git#531
• plumbing: protocol/pakp, avoid duplicate encoding when overriding a Capability value. by @​tylerchr in go-git/go-git#521
• plumbing: protocol/pakp, update agent by @​caarlos0 in go-git/go-git#453
• plumbing: protocol/pakp: Actions should have type Action by @​abhinav in go-git/go-git#420
• plumbing: protocol/pakp: allow unsupported multi_ack capability by @​pjbgf in go-git/go-git#613
• plumbing: transport/ssh, auto-populate HostKeyAlgorithms. Fixes #411 by @​evanelias in go-git/go-git#548
• pumbling: format/packfile, resolve external reference delta by @​ga-paul-t in go-git/go-git#392
• plumbing: format/packfile, prevent large objects from being read into memory completely by @​zeripath in go-git/go-git#330
• plumbing: format/index, support v3 index by @​john-cai in go-git/go-git#407
• plumbing: format/gitignore, Read .git/info/exclude file too. by @​enisdenjo in go-git/go-git#402
• plumbing: format/gitattributes, Avoid index out of range by @​To1ne in go-git/go-git#598
• plumbing: format/config, Branch name with hash can be cloned. Fixes #309 by @​dowy in go-git/go-git#354
• go.mod: update github.com/xanzy/ssh-agent to v0.3.1 by @​tklauser in go-git/go-git#403
• go.mod: update dependencies to remove supply chain CVEs by @​pjbgf in go-git/go-git#620
• examples: added "tag find if head is tagged" by @​snebel29 in go-git/go-git#374
• examples: remote fix typo by @​nep-0 in go-git/go-git#408

Full Changelog: https://github.com/go-git/go-git/compare/v5.4.2...v5.5.0

• 736622f .github: test, remove coveralls
• e43edee Merge pull request #617 from doxsch/616-update-ssh-agent-to-master
• f62ac39 Merge pull request #625 from pjbgf/bump-sha1cd-nocgo
• c7050e7 Merge pull request #623 from pjbgf/empty-commit
• 08db65f fix: Upgrade github.com/xanzy/ssh-agent to v0.3.3 to fix panic
• a513415 Return error instead of creating empty commits
• 223e732 build: Bump github.com/pjbgf/sha1cd to v0.2.3
• a0b612a build: Add CI check for CGO_ENABLED=0
• 3e07c50 Merge pull request #620 from fluxcd/update-deps
• f2d68c4 build: bump git workflow to Go 1.19
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)