dependabot[bot]
64e298e737
build(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.43.0
...
Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go ) from 1.39.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.39.0...v1.43.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
dependency-version: 1.43.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-19 00:14:12 +00:00
dependabot[bot]
6c4d7a75f9
build(deps): bump github.com/go-git/go-git/v5 from 5.14.0 to 5.19.1
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.14.0 to 5.19.1.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Changelog](https://github.com/go-git/go-git/blob/main/HISTORY.md )
- [Commits](https://github.com/go-git/go-git/compare/v5.14.0...v5.19.1 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-version: 5.19.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-18 23:26:52 +00:00
dependabot[bot]
e8e3f944ea
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
...
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases )
- [Commits](https://github.com/go-jose/go-jose/compare/v4.1.3...v4.1.4 )
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-18 21:10:07 +00:00
dependabot[bot]
9bb765d048
build(deps): bump go.opentelemetry.io/otel from 1.39.0 to 1.41.0
...
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go ) from 1.39.0 to 1.41.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases )
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.39.0...v1.41.0 )
---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
dependency-version: 1.41.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-18 17:24:49 +00:00
Pierig Le Saux
acc79d2cf6
fix: upgrade ulikunitz/xz to v0.5.15 to fix 32-bit build failures
...
v0.5.14 introduced a `1 << 31` constant assigned to an `int` variable
in lzma/reader.go, which overflows on 32-bit architectures (i386, armhf).
v0.5.15 fixes this by using int64.
2026-06-18 18:18:31 +02:00
Pierig Le Saux
b4a171b3ea
gcs: pin fake-gcs-server to v1.53.1, restore go 1.24 directive
2026-06-17 23:39:27 +02:00
Pierig Le Saux
83b1c1b6cb
gcs: add fake-gcs-server test suite, raise coverage
2026-06-17 23:39:27 +02:00
André Roth
7dd5c34254
go: mod tidy
2026-06-17 23:39:27 +02:00
Pierig Le Saux
ed4af9a0f6
add support for gcs
2026-06-17 23:39:26 +02:00
dependabot[bot]
92bb28149c
build(deps): bump google.golang.org/grpc from 1.64.1 to 1.79.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.64.1 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.64.1...v1.79.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-version: 1.79.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-26 14:43:41 +00:00
dependabot[bot]
3c5e83366a
build(deps): bump github.com/aws/aws-sdk-go-v2/service/s3
...
Bumps [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2 ) from 1.67.1 to 1.97.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.67.1...service/s3/v1.97.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
dependency-version: 1.97.3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-26 13:12:54 +00:00
Tim Foerster
d616977904
Add SOURCE_DATE_EPOCH support for GPG signers
...
Both the external GPG signer (--faked-system-time) and internal Go
OpenPGP signer (signerConfig.Time) now honor SOURCE_DATE_EPOCH,
producing reproducible signatures alongside the plain Release file dates.
Adds system tests for both signer backends verifying byte-identical
Release, Release.gpg and InRelease across repeated publishes.
The signer tests (PublishRepo3[78]Test) are using an ed25519 key because
ed25519 signatures are deterministic by design. The Go openpgp library
uses a random nonce for DSA/ECDSA (see signature.go Sign calls using
config.Random() link below) so those signatures vary across runs
even with a fixed timestamp, making byte-identical verification impossible.
In addition to 49f342878a
Ref: https://github.com/aptly-dev/aptly/pull/1537
Ref: https://github.com/ProtonMail/go-crypto/blob/v1.4.0/openpgp/packet/signature.go#L945-L979
2026-04-26 14:32:23 +02:00
dependabot[bot]
76adbe49e0
build(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.6.1 to 1.6.3.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-version: 1.6.3
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-26 12:00:02 +00:00
André Roth
31fe26de5e
Merge pull request #1461 from aptly-dev/dependabot/go_modules/github.com/cloudflare/circl-1.6.1
...
build(deps): bump github.com/cloudflare/circl from 1.4.0 to 1.6.1
2026-01-04 18:14:13 +01:00
dependabot[bot]
abb2ad635f
build(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.36.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.45.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.45.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-04 16:30:54 +00:00
dependabot[bot]
a75df0a697
build(deps): bump github.com/cloudflare/circl from 1.4.0 to 1.6.1
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.4.0 to 1.6.1.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.4.0...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-version: 1.6.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-04 16:29:56 +00:00
Ato Araki
af483d1165
feat(http): add GCP authentication for ar+https scheme
2025-12-17 12:57:17 +09:00
dependabot[bot]
887ce71005
Bump golang.org/x/net from 0.33.0 to 0.38.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.33.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.33.0...v0.38.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.38.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-01 09:14:39 +00:00
dependabot[bot]
cb72e2d70f
Bump golang.org/x/crypto from 0.31.0 to 0.35.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.31.0 to 0.35.0.
- [Commits](https://github.com/golang/crypto/compare/v0.31.0...v0.35.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-version: 0.35.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-01 08:15:38 +00:00
André Roth
9a217171c8
go: mod tidy
2025-04-26 13:35:49 +02:00
André Roth
9ef217b351
ci: use go 1.23 compatible with gocovmerge
2025-04-20 11:38:33 +02:00
André Roth
2eabc6045f
go mod tidy
2025-01-12 00:05:00 +01:00
André Roth
cc32e79f2a
Merge pull request #1423 from mikelolasagasti/google-uuid
...
Switch to google/uuid module
2025-01-11 23:56:23 +01:00
Mikel Olasagasti Uranga
7074fc8856
Switch to google/uuid module
...
Current used github.com/pborman/uuid hasn't seen any updates in years.
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info >
2025-01-11 23:18:50 +01:00
André Roth
cad4233d0d
Bump github.com/gin-gonic/gin from 1.7.7 to 1.9.1
...
Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin ) from 1.7.7 to 1.9.1.
- [Release notes](https://github.com/gin-gonic/gin/releases )
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md )
- [Commits](https://github.com/gin-gonic/gin/compare/v1.7.7...v1.9.1 )
---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
# Conflicts:
# go.mod
# go.sum
2025-01-11 21:48:14 +01:00
dependabot[bot]
4076941bd7
Bump golang.org/x/net from 0.28.0 to 0.33.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.28.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.28.0...v0.33.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-01-11 15:58:10 +01:00
August Feng
0b5a627c84
update goleveldb dependency
2025-01-11 14:35:28 +01:00
dependabot[bot]
b49630d6fc
Bump golang.org/x/crypto from 0.26.0 to 0.31.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.26.0 to 0.31.0.
- [Commits](https://github.com/golang/crypto/compare/v0.26.0...v0.31.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-12 00:24:55 +00:00
Leigh London
36121e5643
Bulk patch aws/aws-sdk-go-v2 dependencies
2024-11-19 14:59:26 +11:00
André Roth
e2cbd637b8
use new azure-sdk
2024-11-17 17:43:20 +01:00
André Roth
ac2dd1dfd3
go mod tidy
2024-10-08 01:22:10 +02:00
André Roth
8b8eb57555
update etcd go mod
...
to be compatible with debian version
2024-10-03 01:15:56 +02:00
André Roth
bdabfa1071
go mod tidy
2024-10-01 01:32:56 +02:00
dependabot[bot]
96e60ae540
build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.64.0 to 1.64.1.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.64.0...v1.64.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-09-24 16:41:06 +02:00
André Roth
88f4101866
update or downgrade go modules to match debian versions
...
- use go 1.22 (as available also in bookworm-backports)
- do not install go mods in docker
2024-09-24 10:14:39 +02:00
dependabot[bot]
a7690c375e
Bump google.golang.org/grpc from 1.38.0 to 1.56.3
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.38.0 to 1.56.3.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.38.0...v1.56.3 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-08-01 22:15:17 +02:00
André Roth
ff1557afee
update go.mod
2024-07-31 22:16:00 +02:00
Paul Cacheux
5353890b24
use tagged version of ProtonMail/go-crypto in go.mod
2024-05-15 16:41:35 +02:00
André Roth
756c499314
fix go mod tidy and use go 1.19
...
let's be compatible with debian/bookworm
2024-04-24 16:46:16 +02:00
Ryan Gonzalez
8ab8398c50
Use github.com/saracen/walker for file walk operations
...
In some local tests w/ a slowed down filesystem, this massively cut down
on the time to clean up a repository by ~3x, bringing a total 'publish
update' time from ~16s to ~13s.
Signed-off-by: Ryan Gonzalez <ryan.gonzalez@collabora.com >
2024-04-24 16:46:16 +02:00
dependabot[bot]
ff8f79f883
Bump golang.org/x/net from 0.17.0 to 0.23.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.17.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.23.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-04-20 22:51:50 +02:00
dependabot[bot]
940538e39b
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0
...
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-04-11 23:34:38 +02:00
dependabot[bot]
d060ad7200
Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.3.3 to 1.3.7.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.7 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-02-06 20:50:27 +01:00
Paul Cacheux
cfcab13c2a
replace golang.org/x/crypto/openpgp with github.com/ProtonMail/go-crypto/openpgp
2023-11-23 11:40:58 +01:00
dependabot[bot]
f1649a647b
Bump golang.org/x/net from 0.15.0 to 0.17.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-11-01 19:32:49 +00:00
Sylvain Baubeau
3aaf0a8c44
Switch to aws-sdk-go-v2
2023-10-24 15:30:52 +02:00
Mauro Regli
972bf6b3cf
Update Golang to 1.21 and dependencies
2023-09-21 11:25:18 +02:00
Sjoerd Simons
1df8cff842
Update go-xz to 0.1.0
...
Older versions go-xz didn't wait for child processes meaning for exery
unpack action a defunct xz would stick around. This got fixed in 0.1.0
Signed-off-by: Sjoerd Simons <sjoerd@collabora.com >
2023-05-19 19:49:54 +02:00
Markus Muellner
8e62195eb5
implement structured logging
2023-02-20 13:42:50 +01:00
dependabot[bot]
0c749922c9
Bump github.com/aws/aws-sdk-go from 1.33.0 to 1.34.0
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.33.0 to 1.34.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/v1.34.0/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.33.0...v1.34.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-20 13:07:27 +01:00