Skip to content

deps(go)(deps): bump the spf13 group with 5 updates#50

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/spf13-f55c046256
Open

deps(go)(deps): bump the spf13 group with 5 updates#50
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/spf13-f55c046256

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Nov 24, 2025

Copy link
Copy Markdown
Contributor

Bumps the spf13 group with 5 updates:

Package From To
github.com/spf13/cobra 1.1.1 1.10.1
github.com/spf13/viper 1.7.1 1.21.0
github.com/spf13/afero 1.1.2 1.15.0
github.com/spf13/cast 1.3.0 1.10.0
github.com/spf13/pflag 1.0.5 1.0.10

Updates github.com/spf13/cobra from 1.1.1 to 1.10.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

  • If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
  • or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: spf13/cobra#2303

✨ Features

🐛 Fix

🪠 Testing

📝 Docs

New Contributors

... (truncated)

Commits
  • 7da941c chore: Bump pflag to v1.0.9 (#2305)
  • 51d6751 Bump pflag to 1.0.8 (#2303)
  • 3f3b818 Update README.md with new logo
  • dcaf42e Add Periscope to the list of projects using Cobra (#2299)
  • 6dec1ae The default ShellCompDirective can be customized for a command and its subcom...
  • c8289c1 chore(golangci-lint): add some exclusion presets
  • 4af7b64 refactor: apply golangci-lint autofixes, work around false positives
  • 75790e4 chore(golangci-lint): upgrade to v2
  • db3ddb5 Adding sponsorship to README.md
  • 67171d6 putting sponsorship below header
  • Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.7.1 to 1.21.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.21.0

What's Changed

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

Other Changes

New Contributors

Full Changelog: spf13/viper@v1.20.0...v1.21.0

v1.20.1

What's Changed

Bug Fixes 🐛

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

... (truncated)

Commits
  • 394040c ci: build on go 1.25
  • 812f548 chore: update dependencies
  • d5271ef ci: update stale workflow
  • dff303b feat: add a stale issue scheduled action
  • 1287976 build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
  • 38932cd build(deps): bump github.com/go-viper/mapstructure/v2 in /remote
  • 6d014be build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1
  • b74c7ee build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
  • acd05e1 fix: linting issues
  • ae5a8e2 ci: upgrade golangci-lint
  • Additional commits viewable in compare view

Updates github.com/spf13/afero from 1.1.2 to 1.15.0

Release notes

Sourced from github.com/spf13/afero's releases.

v1.15.0

What's Changed

New Contributors

Full Changelog: spf13/afero@v1.14.0...v1.15.0

v1.14.0

What's Changed

Full Changelog: spf13/afero@v1.13.0...v1.14.0

v1.13.0

What's Changed

... (truncated)

Commits
  • 399bb34 Merge pull request #523 from MarkRosemaker/fix-spelling
  • 9b67716 Merge pull request #538 from spf13/deps
  • f5f4f7b chore: update deps
  • c245c4f ci: update ci
  • 85c4956 Merge pull request #527 from spf13/dependabot/github_actions/actions/checkout...
  • 41206fd build(deps): bump actions/checkout from 4.2.2 to 5.0.0
  • a583fad Merge pull request #533 from spf13/dependabot/github_actions/actions/dependen...
  • 673c03e Merge pull request #536 from spf13/dependabot/github_actions/actions/setup-go...
  • ac849f6 Merge pull request #537 from spf13/dependabot/github_actions/github/codeql-ac...
  • 9596fe8 build(deps): bump github/codeql-action from 3.29.7 to 3.30.1
  • Additional commits viewable in compare view

Updates github.com/spf13/cast from 1.3.0 to 1.10.0

Release notes

Sourced from github.com/spf13/cast's releases.

v1.10.0

What's Changed

New Contributors

Full Changelog: spf13/cast@v1.9.2...v1.10.0

v1.9.2

What's Changed

Full Changelog: spf13/cast@v1.9.1...v1.9.2

v1.9.1

What's Changed

Full Changelog: spf13/cast@v1.9.0...v1.9.1

v1.9.0

Notable new features 🎉

  • Casting from type aliases is now supported for basic types
  • Added generic functions: To/ToE, Must, ToNumber/ToNumberE
  • Increased test coverage
  • Converting float numbers from string is now supported

[!WARNING] Since cast now supports converting float values from strings, a related edge case behaves differently:

In previous versions, attempting to convert an empty string to a float resulted in an error.

Starting with this version, the same operation no longer raises an error.

To maintain consistency with the rest of the library, an empty string now converts to the float value 0.0.

What's Changed

... (truncated)

Commits
  • fc73346 Merge pull request #283 from andig/patch-1
  • 6002cff Merge pull request #298 from spf13/dependabot/github_actions/actions/dependen...
  • c1c153d Merge pull request #300 from spf13/dependabot/github_actions/actions/setup-go...
  • 39beeac Merge pull request #301 from spf13/dependabot/github_actions/github/codeql-ac...
  • 365e80c build(deps): bump github/codeql-action from 3.29.10 to 3.30.1
  • 9f0f68b build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
  • d45dead build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3
  • 004f51d Merge pull request #293 from spf13/dependabot/github_actions/actions/checkout...
  • 6458e07 Merge pull request #295 from spf13/dependabot/github_actions/actions/dependen...
  • 970d9ea Merge pull request #296 from spf13/dependabot/github_actions/github/codeql-ac...
  • Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.5 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

New Contributors

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

v1.0.9

What's Changed

Full Changelog: spf13/pflag@v1.0.8...v1.0.9

v1.0.8

⚠️ Breaking Change

This version, while only a patch bump, includes a (very minor) breaking change: the flag.ParseErrorsWhitelist struct and corresponding FlagSet.parseErrorsWhitelist field have been renamed to ParseErrorsAllowlist.

This should result in compilation errors in any code that uses these fields, which can be fixed by adjusting the names at call sites. There is no change in semantics or behavior of the struct or field referred to by these names. If your code compiles without errors after bumping to/past v1.0.8, you are not affected by this change.

The breaking change was reverted in v1.0.9, by means of re-introducing the old names with deprecation warnings. The plan is still to remove them in a future release, so if your code does depend on the old names, please change them to use the new names at your earliest convenience.

What's Changed

New Contributors

Full Changelog: spf13/pflag@v1.0.7...v1.0.8

v1.0.7

What's Changed

... (truncated)

Commits
  • 0491e57 Merge pull request #448 from thaJeztah/fix_go_version
  • 72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
  • 7e4dfb1 Test on Go 1.12
  • 18a9d17 move Func, BoolFunc, tests as they require go1.21
  • c5b9e98 remove uses of errors.Is, which requires go1.13
  • 45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
  • 1043857 Merge pull request #446 from spf13/fix-backwards-compat
  • 7412009 fix: Restore ParseErrorsWhitelist name for now
  • b9c16fa Merge pull request #444 from spf13/reset-args-even-if-empty
  • 40abc49 Merge pull request #443 from spf13/silence-errhelp
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the spf13 group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.1.1` | `1.10.1` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.7.1` | `1.21.0` |
| [github.com/spf13/afero](https://github.com/spf13/afero) | `1.1.2` | `1.15.0` |
| [github.com/spf13/cast](https://github.com/spf13/cast) | `1.3.0` | `1.10.0` |
| [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.5` | `1.0.10` |


Updates `github.com/spf13/cobra` from 1.1.1 to 1.10.1
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.1.1...v1.10.1)

Updates `github.com/spf13/viper` from 1.7.1 to 1.21.0
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.7.1...v1.21.0)

Updates `github.com/spf13/afero` from 1.1.2 to 1.15.0
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](spf13/afero@v1.1.2...v1.15.0)

Updates `github.com/spf13/cast` from 1.3.0 to 1.10.0
- [Release notes](https://github.com/spf13/cast/releases)
- [Commits](spf13/cast@v1.3.0...v1.10.0)

Updates `github.com/spf13/pflag` from 1.0.5 to 1.0.10
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](spf13/pflag@v1.0.5...v1.0.10)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: spf13
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: spf13
- dependency-name: github.com/spf13/afero
  dependency-version: 1.15.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: spf13
- dependency-name: github.com/spf13/cast
  dependency-version: 1.10.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: spf13
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: spf13
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Nov 24, 2025

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: security. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Nov 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants