build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 #244

dependabot · 2023-10-27T13:49:16Z

Bumps github.com/go-logr/logr from 1.2.4 to 1.3.0.

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.3.0

This release adds support for slog in a new, self-contained logr/slogr package. Implementers of a logr.LogSink are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a slog API call.

Breaking change: the call depth for LogSink.Enabled when called via Logger.Enabled was fixed to be the same as for other call paths. Implementers of a LogSink who have worked around this bug will need to remove their workarounds.

Security best practices were improved. Only Go versions >= 1.18 are supported by this release.

What's Changed

Fix golangci-lint fails by @thockin in go-logr/logr#173

Add minimal permissions to workflows by @pnacht in go-logr/logr#177

Add a security policy by @pnacht in go-logr/logr#178

Update security email by @thockin in go-logr/logr#181

docs: explain relationship between Logger{} and Discard() by @pohly in go-logr/logr#182

Add the OpenSSF Scorecard workflow by @pnacht in go-logr/logr#186

README: show of OpenSSF Scorecard badge by @pohly in go-logr/logr#187

Hash-pin workflow Actions by @pnacht in go-logr/logr#189

Bump go versions to 1.18+ by @thockin in go-logr/logr#203

slogr: add glue code for logging to slog.Handler and with slog.Logger by @pohly in go-logr/logr#205

slogr: restore original backend when converting back and forth by @pohly in go-logr/logr#210

slogr: add SlogSink by @pohly in go-logr/logr#211

Use same call depth for Enabled, Info, Error by @thockin in go-logr/logr#218

test: eliminate helper func by @thockin in go-logr/logr#219

docs: interoperability with slog by @pohly in go-logr/logr#222

build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @dependabot in go-logr/logr#190

build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by @dependabot in go-logr/logr#191

build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by @dependabot in go-logr/logr#192

build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by @dependabot in go-logr/logr#193

build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in go-logr/logr#194

build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @dependabot in go-logr/logr#207

build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in go-logr/logr#206

build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in go-logr/logr#209

build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @dependabot in go-logr/logr#208

build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in go-logr/logr#214

build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in go-logr/logr#217

build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in go-logr/logr#220

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in go-logr/logr#221

build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by @dependabot in go-logr/logr#223

build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in go-logr/logr#224

build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in go-logr/logr#225

build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in go-logr/logr#226

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in go-logr/logr#227

build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by @dependabot in go-logr/logr#228

build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by @dependabot in go-logr/logr#229

build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in go-logr/logr#231

build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in go-logr/logr#230

New Contributors

... (truncated)

Commits

8adefbe docs: interoperability with slog
ebabbb9 build(deps): bump github/codeql-action from 2.22.3 to 2.22.4
9c361f0 build(deps): bump actions/checkout from 4.1.0 to 4.1.1
d9b2b78 Merge pull request #229 from go-logr/dependabot/github_actions/github/codeql-...
91cec29 build(deps): bump github/codeql-action from 2.22.0 to 2.22.3
2ea8628 Merge pull request #228 from go-logr/dependabot/github_actions/github/codeql-...
37a4f55 Merge pull request #227 from go-logr/dependabot/github_actions/ossf/scorecard...
ecf310c build(deps): bump github/codeql-action from 2.21.9 to 2.22.0
d73e05e build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
1d1c415 Merge pull request #226 from go-logr/dependabot/github_actions/github/codeql-...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.4 to 1.3.0. - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.2.4...v1.3.0) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 27, 2023

dependabot bot requested a review from damyan October 27, 2023 13:49

github-actions bot added the size/XS label Oct 27, 2023

damyan merged commit ad5d3f5 into main Oct 30, 2023

damyan deleted the dependabot/go_modules/github.com/go-logr/logr-1.3.0 branch October 30, 2023 10:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 #244

build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 #244

dependabot bot commented on behalf of github Oct 27, 2023

build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 #244

build(deps): bump github.com/go-logr/logr from 1.2.4 to 1.3.0 #244

Conversation

dependabot bot commented on behalf of github Oct 27, 2023

v1.3.0

What's Changed

New Contributors