fix(deps): update all non-major dependencies

zarf-dev · Mar 30, 2023 · 4f8aaa5 · 4f8aaa5
1 parent 9a7cd42
commit 4f8aaa5
Show file tree

Hide file tree

Showing 9 changed files with 659 additions and 640 deletions.
diff --git a/.github/actions/install-tools/action.yaml b/.github/actions/install-tools/action.yaml
@@ -6,7 +6,7 @@ runs:
   steps:
     - uses: sigstore/cosign-installer@v2.8.1
 
-    - uses: anchore/sbom-action/download-syft@v0.13.3
+    - uses: anchore/sbom-action/download-syft@v0.13.4
 
     - run: "curl -sSfL https://github.com/raw/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin"
       shell: bash

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
@@ -22,12 +22,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba # v2.2.7
+        uses: github/codeql-action/upload-sarif@04df1262e6247151b5ac09cd2c303ac36ad3f62b # v2.2.9
         with:
           sarif_file: results.sarif
diff --git a/docs-website/package-lock.json b/docs-website/package-lock.json
diff --git a/docs-website/package.json b/docs-website/package.json
@@ -14,9 +14,9 @@
     "write-heading-ids": "docusaurus write-heading-ids"
   },
   "dependencies": {
-    "@docusaurus/core": "2.3.1",
-    "@docusaurus/preset-classic": "2.3.1",
-    "@docusaurus/theme-mermaid": "2.3.1",
+    "@docusaurus/core": "2.4.0",
+    "@docusaurus/preset-classic": "2.4.0",
+    "@docusaurus/theme-mermaid": "2.4.0",
     "@easyops-cn/docusaurus-search-local": "0.35.0",
     "@mdx-js/react": "1.6.22",
     "clsx": "1.2.1",
@@ -25,7 +25,7 @@
     "react-dom": "17.0.2"
   },
   "devDependencies": {
-    "@docusaurus/module-type-aliases": "2.3.1"
+    "@docusaurus/module-type-aliases": "2.4.0"
   },
   "browserslist": {
     "production": [

diff --git a/go.mod b/go.mod
@@ -4,7 +4,7 @@ go 1.19
 
 replace (
 	// TODO (@WSTARR) use the OG syft once they merge in https://github.com/anchore/syft/pull/1668
-	github.com/anchore/syft => github.com/defenseunicorns/syft v0.75.0-DU
+	github.com/anchore/syft => github.com/defenseunicorns/syft v0.75.0
 	// TODO (@WSTARR) remove this temporary replacement of oras-go 1.2.2 with defenseunicorns version due to upgraded docker lib
 	oras.land/oras-go v1.2.2 => github.com/defenseunicorns/oras-go v1.2.3
 	// TODO (@JMCCOY) not updating due to bug in kyaml, https://github.com/kubernetes-sigs/kustomize/issues/4896
@@ -18,21 +18,21 @@ require (
 	github.com/anchore/syft v0.75.0
 	github.com/derailed/k9s v0.27.3
 	github.com/distribution/distribution v2.8.1+incompatible
-	github.com/docker/cli v23.0.1+incompatible
+	github.com/docker/cli v23.0.2+incompatible
 	github.com/fatih/color v1.15.0
-	github.com/fluxcd/helm-controller/api v0.31.1
-	github.com/fluxcd/source-controller/api v0.36.0
+	github.com/fluxcd/helm-controller/api v0.31.2
+	github.com/fluxcd/source-controller/api v0.36.1
 	github.com/go-chi/chi/v5 v5.0.8
 	github.com/go-git/go-git/v5 v5.6.1
-	github.com/go-logr/logr v1.2.3
-	github.com/goccy/go-yaml v1.10.0
+	github.com/go-logr/logr v1.2.4
+	github.com/goccy/go-yaml v1.10.1
 	github.com/google/go-containerregistry v0.14.0
 	github.com/mholt/archiver/v3 v3.5.1
-	github.com/moby/moby v23.0.1+incompatible
+	github.com/moby/moby v23.0.2+incompatible
 	github.com/opencontainers/image-spec v1.1.0-rc2
 	github.com/otiai10/copy v1.9.0
 	github.com/pkg/errors v0.9.1
-	github.com/pterm/pterm v0.12.56
+	github.com/pterm/pterm v0.12.57
 	github.com/sigstore/cosign v1.13.1
 	github.com/spf13/cobra v1.6.1
 	github.com/spf13/viper v1.15.0
@@ -46,7 +46,7 @@ require (
 	k8s.io/klog/v2 v2.90.1
 	k8s.io/kubectl v0.26.3
 	oras.land/oras-go/v2 v2.0.2
-	sigs.k8s.io/kustomize/api v0.12.1
+	sigs.k8s.io/kustomize/api v0.13.2
 	sigs.k8s.io/kustomize/kyaml v0.13.9
 	sigs.k8s.io/yaml v1.3.0
 )