Bump github.com/onsi/ginkgo/v2 from 2.18.0 to 2.20.2

[dependabot]

Bumps github.com/onsi/ginkgo/v2 from 2.18.0 to 2.20.2.

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.20.2

2.20.2

Require Go 1.22+

Maintenance

• bump go to v1.22 [a671816]

v2.20.1

2.20.1

Fixes

• make BeSpecEvent duration matcher more forgiving [d6f9640]

v2.20.0

2.20.0

Features

• Add buildvcs flag [be5ab95]

Maintenance

• Add update-deps to makefile [d303d14]
• bump all dependencies [7a50221]

v2.19.1

2.19.1

Fixes

• update supported platforms for race conditions [63c8c30]
• [build] Allow custom name for binaries. [ff41e27]

Maintenance

• bump gomega [76f4e0c]
• Bump rexml from 3.2.6 to 3.2.8 in /docs (#1417) [b69c00d]
• Bump golang.org/x/sys from 0.20.0 to 0.21.0 (#1425) [f097741]

v2.19.0

2.19.0

Features

Label Sets allow for more expressive and flexible label filtering.

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.20.2

Require Go 1.22+

Maintenance

• bump go to v1.22 [a671816]

2.20.1

Fixes

• make BeSpecEvent duration matcher more forgiving [d6f9640]

2.20.0

Features

• Add buildvcs flag [be5ab95]

Maintenance

• Add update-deps to makefile [d303d14]
• bump all dependencies [7a50221]

2.19.1

Fixes

• update supported platforms for race conditions [63c8c30]
• [build] Allow custom name for binaries. [ff41e27]

Maintenance

• bump gomega [76f4e0c]
• Bump rexml from 3.2.6 to 3.2.8 in /docs (#1417) [b69c00d]
• Bump golang.org/x/sys from 0.20.0 to 0.21.0 (#1425) [f097741]

2.19.0

Features

Label Sets allow for more expressive and flexible label filtering.

Commits

• 104752f v2.20.2
• a671816 bump go to v1.22
• 4ef0afb v2.20.1
• d6f9640 make BeSpecEvent duration matcher more forgiving
• 265b1a0 v2.20.0
• d303d14 Add update-deps to makefile
• 7a50221 bump all dependencies
• be5ab95 Add buildvcs flag
• 224be5b v2.19.1
• 76f4e0c bump gomega
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

License Issues

go.mod

Package	Version	License	Issue Type
golang.org/x/exp	0.0.0-20240719175910-8a7402abbf56	Null	Unknown License
golang.org/x/sys	0.24.0	Null	Unknown License
golang.org/x/tools	0.24.0	Null	Unknown License

Allowed Licenses: Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSL-1.0, CC0-1.0, ISC, MIT, MPL-2.0, Unlicense

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
gomod/github.com/go-logr/logr	1.4.2	🟢 8.8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 19 out of 19 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 6 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 26 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/github.com/google/pprof	0.0.0-20240827171923-fa2c70bbbfe5	🟢 8.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 3 SAST tool is not run on all commits -- score normalized to 3
gomod/github.com/onsi/ginkgo/v2	2.20.2	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 2 Found 6/22 approved changesets -- score normalized to 2 Maintained 🟢 10 16 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
gomod/github.com/onsi/gomega	1.34.1	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 2 Found 5/18 approved changesets -- score normalized to 2 Maintained 🟢 10 13 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
gomod/golang.org/x/exp	0.0.0-20240719175910-8a7402abbf56	Unknown	Unknown
gomod/golang.org/x/sys	0.24.0	Unknown	Unknown
gomod/golang.org/x/tools	0.24.0	Unknown	Unknown
gomod/github.com/go-logr/logr	1.4.1	🟢 8.8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 19 out of 19 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 6 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 26 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/github.com/google/pprof	0.0.0-20240424215950-a892ee059fd6	🟢 8.1	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 10 all dependencies are pinned Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 10 security policy file detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 3 SAST tool is not run on all commits -- score normalized to 3
gomod/github.com/onsi/ginkgo/v2	2.18.0	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 2 Found 6/22 approved changesets -- score normalized to 2 Maintained 🟢 10 16 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
gomod/github.com/onsi/gomega	1.33.1	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 2 Found 5/18 approved changesets -- score normalized to 2 Maintained 🟢 10 13 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 3 7 existing vulnerabilities detected
gomod/golang.org/x/exp	0.0.0-20230905200255-921286631fa9	Unknown	Unknown
gomod/golang.org/x/sys	0.23.0	Unknown	Unknown
gomod/golang.org/x/tools	0.21.1-0.20240508182429-e35e4ccd0d2d	Unknown	Unknown

Scanned Manifest Files

go.mod

• github.com/go-logr/[email protected]
• github.com/google/[email protected]
• github.com/onsi/ginkgo/[email protected]
• github.com/onsi/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• github.com/go-logr/[email protected]
• github.com/google/[email protected]
• github.com/onsi/ginkgo/[email protected]
• github.com/onsi/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]
• golang.org/x/[email protected]