chore(deps): Bump the gomod group across 1 directory with 4 updates by dependabot[bot] · Pull Request #96 · protobom/storage

dependabot · 2026-04-20T22:51:02Z

Bumps the gomod group with 2 updates in the / directory: entgo.io/ent and github.com/protobom/protobom.

Updates entgo.io/ent from 0.14.2 to 0.14.6

Commits

e0ba79d chore: bump tablewriter to latest version (#4490)
ab05406 entc/gen: support external ValueScanner for id field (#4487)
d056659 dialect/sql/sqlgraph: set schema when clearing foreign key edges (#4429)
2eb3641 entc/gen: add support for collation on edge schema (#4480)
397ebe9 dialect/sql/schema: allow running migration concurrently without copying the ...
49be309 doc: update list of tested pg versions (#4463)
ff2b4a6 doc/md: add the new CollectedFor annotation to graphql fields mapping (#4462)
cf1482e entc/gen: add support for custom collations on ID fields (#4453)
a777c08 Clean up old & irrelevant references to Facebook (#4452)
4d347ca doc: mention how to use schemaconfig with schema annotation (#4444)
Additional commits viewable in compare view

Updates github.com/protobom/protobom from 0.5.0 to 0.5.6

Release notes

Sourced from github.com/protobom/protobom's releases.

v0.5.6

No release notes provided.

v0.5.5

No release notes provided.

v0.5.4

No release notes provided.

v0.5.2

What's Changed

nodelist.NodeDescendants: Fix off-by-one bug by @puerco in protobom/protobom#319

build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot in protobom/protobom#320

set version to 1 from 0 by @viveksahu26 in protobom/protobom#325

Init CycloneDX options in serializer by @puerco in protobom/protobom#327

[Fix]: replace invalid or empty serial id with newly generated valid one by @viveksahu26 in protobom/protobom#324

skip files section with noassert license by @viveksahu26 in protobom/protobom#328

Writer: Use io.Writer instead of WriterCloser by @puerco in protobom/protobom#330

Fix 1-char bug flattening CDX data. by @puerco in protobom/protobom#332

Rewrite cdx recursion by @puerco in protobom/protobom#331

New Contributors

@viveksahu26 made their first contribution in protobom/protobom#325

Full Changelog: protobom/protobom@v0.5.1...v0.5.2

v0.5.1

What's Changed

docs: Add project logo and openssf sandbox badge and display them on README by @GeauxJD in protobom/protobom#282

build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 in the actions group by @dependabot in protobom/protobom#288

build(deps): bump the gomod group with 2 updates by @dependabot in protobom/protobom#295

build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.36.1 by @dependabot in protobom/protobom#296

build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2 in the gomod group by @dependabot in protobom/protobom#299

build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 in the actions group by @dependabot in protobom/protobom#301

build(deps): bump google.golang.org/protobuf from 1.36.2 to 1.36.3 in the gomod group by @dependabot in protobom/protobom#300

fix: assign PackageOriginator under Originators by @Vyom-Yadav in protobom/protobom#306

build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 in the gomod group by @dependabot in protobom/protobom#307

build(deps): bump the actions group with 2 updates by @dependabot in protobom/protobom#308

build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.1 in the actions group by @dependabot in protobom/protobom#312

build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 in the gomod group by @dependabot in protobom/protobom#310

Bump minimal go version to 1.23 by @puerco in protobom/protobom#313

build(deps): bump sigs.k8s.io/release-utils from 0.8.4 to 0.11.0 by @dependabot in protobom/protobom#311

build(deps): bump golangci/golangci-lint-action from 6.3.1 to 6.5.0 in the actions group by @dependabot in protobom/protobom#316

use go1.24 and update golangci-lint by @cpanato in protobom/protobom#318

Parse CycloneDX dependency graph by @puerco in protobom/protobom#315

New Contributors

@Vyom-Yadav made their first contribution in protobom/protobom#306

Full Changelog: protobom/protobom@v0.5.0...v0.5.1

Commits

85bd85b Merge pull request #420 from puerco/drop-issue-expirer
5a1c429 Fix path corruption on windows
e3ec94e Modernize the SBOM generation step
ad70db0 Run tests in matrix
29926a1 Pin SLSA source workflow
9659973 Drop stale issue workflow
a15ddb9 Merge pull request #419 from puerco/cdx17
4b95d12 Use carabiner go/version to setup previous go
06f77e6 Use carabiner go/version to control go version in linter
bff5c1b Fix linter nits
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Backport #1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @brackendawson in stretchr/testify#1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Call stack perf change for CallerInfo by @mikeauclair in stretchr/testify#1614

Lazily render mock diff output on successful match by @mikeauclair in stretchr/testify#1615

assert: check early in Eventually, EventuallyWithT, and Never by @cszczepaniak in stretchr/testify#1427

assert: add IsNotType by @bartventer in stretchr/testify#1730

assert.JSONEq: shortcut if same strings by @dolmen in stretchr/testify#1754

assert.YAMLEq: shortcut if same strings by @dolmen in stretchr/testify#1755

assert: faster and simpler isEmpty using reflect.Value.IsZero by @dolmen in stretchr/testify#1761

suite: faster methods filtering (internal refactor) by @dolmen in stretchr/testify#1758

Fixes

assert.ErrorAs: log target type by @craig65535 in stretchr/testify#1345

Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062

Improve ErrorIs message when error is nil but an error was expected by @tsioftas in stretchr/testify#1681

fix Subset/NotSubset when calling with mixed input types by @siliconbrain in stretchr/testify#1729

Improve ErrorAs failure message when error is nil by @ccoVeille in stretchr/testify#1734

mock.AssertNumberOfCalls: improve error msg by @3scalation in stretchr/testify#1743

Documentation, Build & CI

docs: Fix typo in README by @alexandear in stretchr/testify#1688

Replace deprecated io/ioutil with io and os by @alexandear in stretchr/testify#1684

Document consequences of calling t.FailNow() by @greg0ire in stretchr/testify#1710

chore: update docs for Unset #1621 by @techfg in stretchr/testify#1709

README: apply gofmt to examples by @alexandear in stretchr/testify#1687

refactor: use %q and %T to simplify fmt.Sprintf by @alexandear in stretchr/testify#1674

Propose Christophe Colombier (ccoVeille) as approver by @brackendawson in stretchr/testify#1716

Update documentation for the Error function in assert or require package by @architagr in stretchr/testify#1675

assert: remove deprecated build constraints by @alexandear in stretchr/testify#1671

assert: apply gofumpt to internal test suite by @ccoVeille in stretchr/testify#1739

CI: fix shebang in .ci.*.sh scripts by @dolmen in stretchr/testify#1746

assert,require: enable parallel testing on (almost) all top tests by @dolmen in stretchr/testify#1747

suite.Passed: add one more status test report by @Ararsa-Derese in stretchr/testify#1706

Add Helper() method in internal mocks and assert.CollectT by @dolmen in stretchr/testify#1423

assert.Same/NotSame: improve usage of Sprintf by @ccoVeille in stretchr/testify#1742

mock: enable parallel testing on internal testsuite by @dolmen in stretchr/testify#1756

suite: cleanup use of 'testing' internals at runtime by @dolmen in stretchr/testify#1751

assert: check test failure message for Empty and NotEmpty by @ccoVeille in stretchr/testify#1745

... (truncated)

Commits

2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
af8c912 Backport #1786 to release/1.11
b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
69831f3 build(deps): bump actions/checkout from 4 to 5
a53be35 Improve captureTestingT helper
aafb604 mock: improve formatting of error message
7218e03 improve error msg
929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
bc7459e suite: faster filtering of methods (-testify.m)
7d37b5c suite: refactor methodFilter
Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.5 to 1.36.11

Bumps the gomod group with 2 updates in the / directory: [entgo.io/ent](https://github.com/ent/ent) and [github.com/protobom/protobom](https://github.com/protobom/protobom). Updates `entgo.io/ent` from 0.14.2 to 0.14.6 - [Release notes](https://github.com/ent/ent/releases) - [Commits](ent/ent@v0.14.2...v0.14.6) Updates `github.com/protobom/protobom` from 0.5.0 to 0.5.6 - [Release notes](https://github.com/protobom/protobom/releases) - [Commits](protobom/protobom@v0.5.0...v0.5.6) Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.10.0...v1.11.1) Updates `google.golang.org/protobuf` from 1.36.5 to 1.36.11 --- updated-dependencies: - dependency-name: entgo.io/ent dependency-version: 0.14.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/protobom/protobom dependency-version: 0.5.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/stretchr/testify dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 20, 2026

dependabot Bot force-pushed the dependabot/go_modules/gomod-429d99c9ea branch from fa9bfe7 to 6f8a4ac Compare June 8, 2026 21:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): Bump the gomod group across 1 directory with 4 updates#96

chore(deps): Bump the gomod group across 1 directory with 4 updates#96
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/gomod-429d99c9ea

dependabot Bot commented on behalf of github Apr 20, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 20, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.5.6

v0.5.5

v0.5.4

v0.5.2

What's Changed

New Contributors

v0.5.1

What's Changed

New Contributors

v1.11.1

What's Changed

v1.11.0

What's Changed

Functional Changes

Fixes

Documentation, Build & CI

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 20, 2026 •

edited

Loading