Skip to content

chore(deps): bump the all group with 2 updates#225

Merged
patzielinski merged 1 commit into
mainfrom
dependabot/go_modules/all-a53cb6c243
Jul 6, 2026
Merged

chore(deps): bump the all group with 2 updates#225
patzielinski merged 1 commit into
mainfrom
dependabot/go_modules/all-a53cb6c243

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 2 updates: github.com/aws/aws-sdk-go-v2/service/kms and github.com/gittuf/gittuf.

Updates github.com/aws/aws-sdk-go-v2/service/kms from 1.53.4 to 1.53.6

Commits

Updates github.com/gittuf/gittuf from 0.14.1 to 0.15.0

Release notes

Sourced from github.com/gittuf/gittuf's releases.

v0.15.0

This release contains performance and significant testing improvements across the codebase, and includes improvements for the gittuf transport. A new TUI is also included, and is a work-in-progress.

Changelog

Added

  • The TUI has been refreshed with a new coat of paint
  • go-git has been upgraded to v6

Updated

  • Improved bounds checking for git-remote-gittuf
  • Improved RSL entry parsing
  • Increased testing coverage across multiple packages
  • Fixed test various failures on Windows
  • Fixed Git config issues in various tests
  • Updated various dependencies and CI workflows

Removed

  • Removed gittuf dev CLI commands

Contributors

This release includes work by @​theycallmeaabie, @​Aaravanand00, @​kevinpchen, @​IITI-tushar, @​pjbgf, @​Sahil-13082003, @​andrew, @​adityasaky and @​patzielinski. Dependencies courtesy of @​dependabot.

Changelog

Sourced from github.com/gittuf/gittuf's changelog.

v0.15.0

This release contains performance and significant testing improvements across the codebase, and includes improvements for the gittuf transport. A new TUI is also included, and is a work-in-progress.

Added

  • The TUI has been refreshed with a new coat of paint
  • go-git has been upgraded to v6

Updated

  • Improved bounds checking for git-remote-gittuf
  • Improved RSL entry parsing
  • Increased testing coverage across multiple packages
  • Fixed test various failures on Windows
  • Fixed Git config issues in various tests
  • Updated various dependencies and CI workflows

Removed

  • Removed gittuf dev CLI commands
Commits
  • dce66d2 Merge pull request #1468 from gittuf/prepare-v0.15.0
  • 93969ee Prepare v0.15.0
  • 2b0dc49 Merge pull request #1469 from gittuf/bump-deps
  • b55be50 Bump dependencies
  • 324eeb1 Merge pull request #1460 from gittuf/delete-dev-commands
  • ef0761c Merge pull request #1467 from gittuf/fix-test-config
  • bfae251 tests: Fix Git config leakage in signing key tests
  • 62c01a8 Merge pull request #1422 from Aaravanand00/update-tui-ui
  • e26d590 Merge pull request #1465 from git-pkgs/test-cansign-isolate
  • 075f40e Merge pull request #1466 from gittuf/dependabot/github_actions/all-74f5797e96
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 2 updates: [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) and [github.com/gittuf/gittuf](https://github.com/gittuf/gittuf).


Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.53.4 to 1.53.6
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/kms/v1.53.4...service/ecs/v1.53.6)

Updates `github.com/gittuf/gittuf` from 0.14.1 to 0.15.0
- [Release notes](https://github.com/gittuf/gittuf/releases)
- [Changelog](https://github.com/gittuf/gittuf/blob/main/CHANGELOG.md)
- [Commits](gittuf/gittuf@v0.14.1...v0.15.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-version: 1.53.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/gittuf/gittuf
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 6, 2026
@patzielinski patzielinski merged commit d2b5983 into main Jul 6, 2026
2 checks passed
@dependabot dependabot Bot deleted the dependabot/go_modules/all-a53cb6c243 branch July 6, 2026 09:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant