Bump google.golang.org/api from 0.257.0 to 0.258.0 #2505
Conversation
|
@dependabot rebase |
8eb3d21 to
d664448
Compare
There was a problem hiding this comment.
Pull request overview
This PR updates the google.golang.org/api dependency from version 0.257.0 to 0.258.0. The update includes auto-regenerated discovery clients and introduces deprecation warnings for unsafe credentials JSON loading options.
Key changes:
- Updated
google.golang.org/apito v0.258.0 - Replaced deprecated
option.WithCredentialsFile()withoption.WithAuthCredentialsFile()to follow new security recommendations - Updated transitive dependencies (
golang.org/x/oauth2andgoogle.golang.org/genproto/googleapis/rpc)
Reviewed changes
Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| go.mod | Updated google.golang.org/api to v0.258.0 and updated transitive dependencies |
| cas/cloudcas/cloudcas.go | Migrated from deprecated WithCredentialsFile to WithAuthCredentialsFile with ServiceAccount type |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@maraino similar to the update in |
|
@hslatman This should be ok, my working example uses a service_account credentials file, I believe that was our intention at the time. |
|
@dependabot rebase |
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.257.0 to 0.258.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.257.0...v0.258.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-version: 0.258.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
92d4db1 to
9fe50b0
Compare
Bumps google.golang.org/api from 0.257.0 to 0.258.0.
Release notes
Sourced from google.golang.org/api's releases.
Changelog
Sourced from google.golang.org/api's changelog.
Commits
8fbb157chore(main): release 0.258.0 (#3393)90b301bfeat(all): auto-regenerate discovery clients (#3410)046fc2cchore(all): update all (#3397)5d17056feat(all): auto-regenerate discovery clients (#3409)ba64741feat(all): auto-regenerate discovery clients (#3408)41e2f8ffeat(all): auto-regenerate discovery clients (#3407)af03509feat(all): auto-regenerate discovery clients (#3406)a5426fafeat(option): Deprecate unsafe credentials JSON loading options (#3356)453c04afeat(all): auto-regenerate discovery clients (#3404)9e6446afeat(all): auto-regenerate discovery clients (#3402)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)