Sourced from github.com/spf13/viper's releases.

v1.14.0

What's Changed

Enhancements 🚀

• feat: make Viper compile on platforms unsupported by fsnotify by @​sagikazarmark in spf13/viper#1457
• Fsnotify improvements by @​sagikazarmark in spf13/viper#1458
• Disable watch on appengine by @​sagikazarmark in spf13/viper#1460

Breaking Changes 🛠

• Drop support for Go 1.15 by @​sagikazarmark in spf13/viper#1428

Dependency Updates ⬆️

• build(deps): bump github.com/spf13/afero from 1.8.2 to 1.9.2 by @​dependabot in spf13/viper#1406
• build(deps): bump github.com/sagikazarmark/crypt from 0.6.0 to 0.7.0 by @​dependabot in spf13/viper#1437
• build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 by @​dependabot in spf13/viper#1453
• build(deps): bump github.com/fsnotify/fsnotify from 1.5.4 to 1.6.0 by @​dependabot in spf13/viper#1449
• chore: update crypt by @​sagikazarmark in spf13/viper#1461

Full Changelog: https://github.com/spf13/viper/compare/v1.13.0...v1.14.0

• b89e554 chore: update crypt
• db9f89a chore: disable watch on appengine
• 4b8d148 refactor: use new Has fsnotify method for event matching
• 2e99a57 refactor: rename watch file to unsupported
• dcb7f30 feat: fix compilation for all platforms unsupported by fsnotify
• 2e04739 ci: drop dedicated wasm build
• b2234f2 ci: add build for aix
• 52009d3 feat: disable watcher on aix
• b274f63 build(deps): bump github.com/fsnotify/fsnotify from 1.5.4 to 1.6.0
• 7c62cfd build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b747d7c Bump github.com/stretchr/objx from 0.4.0 to 0.5.0 (#1283)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/spf13/viper's releases.

v1.13.0

Important: This is the last release supporting Go 1.15.

What's Changed

Exciting New Features 🎉

• Add etcd3 to supported remote providers by @​franklinkim in spf13/viper#1371

Enhancements 🚀

• Fix go-staticcheck failures (ST1005) by @​mjmaisey in spf13/viper#1373
• Use jsonc in markdown codeblocks for better readability by @​HurSungYun in spf13/viper#1393
• Add Go 1.19 support by @​sagikazarmark in spf13/viper#1424
• Adds support for uint16 with GetUint16 by @​oxisto in spf13/viper#1405
• Add a DebugTo convenience funtion by @​bcrochet in spf13/viper#1414

Bug Fixes 🐛

• Recurse into arrays when converting keys to lowercase by @​awrichar in spf13/viper#1387

Dependency Updates ⬆️

• build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @​dependabot in spf13/viper#1374
• build(deps): bump github.com/subosito/gotenv from 1.3.0 to 1.4.0 by @​dependabot in spf13/viper#1375
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.1 to 2.0.2 by @​dependabot in spf13/viper#1378
• build(deps): bump gopkg.in/yaml.v3 from 3.0.0 to 3.0.1 by @​dependabot in spf13/viper#1360
• build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.3 by @​dependabot in spf13/viper#1381
• build(deps): bump github.com/stretchr/testify from 1.7.3 to 1.7.4 by @​dependabot in spf13/viper#1384
• build(deps): bump mheap/github-action-required-labels from 1 to 2 by @​dependabot in spf13/viper#1383
• build(deps): bump github.com/stretchr/testify from 1.7.4 to 1.8.0 by @​dependabot in spf13/viper#1395
• build(deps): bump github.com/subosito/gotenv from 1.4.0 to 1.4.1 by @​dependabot in spf13/viper#1420
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.2 to 2.0.5 by @​dependabot in spf13/viper#1422
• build(deps): bump gopkg.in/ini.v1 from 1.66.4 to 1.67.0 by @​dependabot in spf13/viper#1412

New Contributors

• @​mjmaisey made their first contribution in spf13/viper#1373
• @​HurSungYun made their first contribution in spf13/viper#1393
• @​franklinkim made their first contribution in spf13/viper#1371
• @​awrichar made their first contribution in spf13/viper#1387
• @​oxisto made their first contribution in spf13/viper#1405
• @​bcrochet made their first contribution in spf13/viper#1414

Full Changelog: https://github.com/spf13/viper/compare/v1.12.0...v1.13.0

• 57cc9a0 test: fix ini tests
• 8030d5b build(deps): bump gopkg.in/ini.v1 from 1.66.4 to 1.67.0
• 312417a Add a DebugTo convenience funtion
• 202060b Adds support for uint16 with GetUint16
• 97591f0 build: fix lint violations
• 9af8dae ci: upgrade golangci-lint
• 7b4f2b2 ci: add Go 1.19 to CI
• 601ec81 test: fix toml tests
• d7f4832 build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.2 to 2.0.5
• c2f42f3 build(deps): bump github.com/subosito/gotenv from 1.4.0 to 1.4.1
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 181cea6 impr: CallerInfo should print full paths to the terminal (#1201)
• cf1284f Allow mock expectations to be ordered (#1106)
• 66eef0e fix: assert.MapSubset (or just support maps in assert.Subset) (#1178)
• 2fab6df Add WithinTimeRange method (#1188)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b5ce165 fixing panic in calls to assertion with nil m.mutex (#1212)
• c206b2e Mock can be deadlocked by a panic (#1157)
• 1b73601 suite: correctly set stats on test panic (#1195)
• ba1076d Add .Unset method to mock (#982)
• c31ea03 Support comparing byte slice (#1202)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 48391ba Fix panic in AssertExpectations for mocks without expectations (#1207)
• 840cb80 arrays value types in a zero-initialized state are considered empty (#1126)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 07dc7ee Bump actions/setup-go from 3.1.0 to 3.2.0 (#1191)
• c33fc8d Bump actions/checkout from 2 to 3 (#1163)
• 3c33e07 Added Go 1.18.1 as a build/supported version (#1182)
• e2b56b3 Bump github.com/stretchr/objx from 0.1.0 to 0.4.0
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 41453c0 Update gopkg.in/yaml.v3
• 285adcc Update go versions in build matrix
• 6e7fab4 Bump actions/setup-go from 2 to 3.1.0
• 106ec21 use RWMutex
• a409ccf fix data race in the suit
• 3586478 assert: fix typo
• 7797738 Update versions supported to include go 1.16
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/spf13/viper's releases.

v1.12.0

This release makes YAML v3 and TOML v2 the default versions used for encoding.

You can switch back to the old versions by adding viper_yaml2 and viper_toml1 to the build tags.

Please note that YAML v2 and TOML v1 are considered deprecated from this release and may be removed in a future release.

Please provide feedback in discussions and report bugs on the issue tracker. Thanks!

What's Changed

Exciting New Features 🎉

• Add etcd3 support to remote by @​sagikazarmark in spf13/viper#1356
• Make YAML 3 the default by @​sagikazarmark in spf13/viper#1357
• Make TOML 2 the default by @​sagikazarmark in spf13/viper#1358

Enhancements 🚀

• chore: fix Error log calls in mergeMaps by @​wwade in spf13/viper#1341
• Add MustBindEnv by @​meowfaceman in spf13/viper#1301

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 1 to 2 by @​dependabot in spf13/viper#1336
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0-beta.8 to 2.0.0 by @​dependabot in spf13/viper#1339
• build(deps): bump github.com/mitchellh/mapstructure from 1.4.3 to 1.5.0 by @​dependabot in spf13/viper#1332
• build(deps): bump github.com/pelletier/go-toml from 1.9.4 to 1.9.5 by @​dependabot in spf13/viper#1335
• build(deps): bump github.com/fsnotify/fsnotify from 1.5.1 to 1.5.4 by @​dependabot in spf13/viper#1338
• build(deps): bump github.com/spf13/cast from 1.4.1 to 1.5.0 by @​dependabot in spf13/viper#1344
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0 to 2.0.1 by @​dependabot in spf13/viper#1343
• build(deps): bump github.com/subosito/gotenv from 1.2.0 to 1.3.0 by @​dependabot in spf13/viper#1349

New Contributors

• @​meowfaceman made their first contribution in spf13/viper#1301
• @​wwade made their first contribution in spf13/viper#1341

Full Changelog: https://github.com/spf13/viper/compare/v1.11.0...v1.12.0

• 4322cf2 feat: make toml2 the default
• 8d02999 feat: make yaml3 the default
• 7c35aa9 chore(deps): update yaml3
• 433821f feat: add etcd3 support to remote
• 2080d43 chore: update crypt
• da55858 chore: fix Error log calls in mergeMaps
• f50ce90 Add in MustBindEnv.
• 3b836e5 build(deps): bump github.com/subosito/gotenv from 1.2.0 to 1.3.0
• 5d65186 build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0 to 2.0.1
• 9f85518 build(deps): bump github.com/spf13/cast from 1.4.1 to 1.5.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/lestrrat-go/jwx's releases.

v1.2.25

v1.2.25 23 May 2022
[Bug Fixes][Security]
  * [jwe] An old bug from at least 7 years ago existed in handling AES-CBC unpadding,
    where the unpad operation might remove more bytes than necessary ([#744](https://github.com/lestrrat-go/jwx/issues/744))
    This affects all jwx code that is available before v2.0.2 and v1.2.25.

Sourced from github.com/lestrrat-go/jwx's changelog.

v1.2.25 23 May 2022 [Bug Fixes][Security]

• [jwe] An old bug from at least 7 years ago existed in handling AES-CBC unpadding, where the unpad operation might remove more bytes than necessary (#744) This affects all jwx code that is available before v2.0.2 and v1.2.25.

• ad8c29d merge develop/v1 (#747)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)