Skip to content

chore(deps): bump pkg.package-operator.run/cardboard from 0.0.4 to 0.1.0 #433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump pkg.package-operator.run/cardboard from 0.0.4 to 0.1.0 #433

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 5, 2026

Bumps pkg.package-operator.run/cardboard from 0.0.4 to 0.1.0.

Release notes

Sourced from pkg.package-operator.run/cardboard's releases.

v0.1.0

What's Changed

... (truncated)

Commits
  • 204ea02 Update dependencies (#1004)
  • 767e48a build(deps): bump the golangx group across 3 directories with 3 updates (#996)
  • a2c15ab build(deps): bump the golangx group across 4 directories with 1 update (#994)
  • 0a56b0f build(deps): bump github.com/prometheus/common from 0.67.4 to 0.67.5 in /modu...
  • bba11de build(deps): bump github.com/prometheus/common from 0.67.4 to 0.67.5 in /modu...
  • c13e6bc build(deps): bump github.com/prometheus/common from 0.67.4 to 0.67.5 in /kube...
  • 18d692a build(deps): bump sigs.k8s.io/kind in /modules/kind (#989)
  • f66ee03 build(deps): bump github.com/BurntSushi/toml in /modules/kind (#988)
  • c5706e4 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 in /modu...
  • 54330ee build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 in /modu...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump pkg.package-operator.run/cardboard from 0.0.4 to 0.1.0
e2b8eba 
Bumps [pkg.package-operator.run/cardboard](https://github.com/package-operator/cardboard) from 0.0.4 to 0.1.0.
- [Release notes](https://github.com/package-operator/cardboard/releases)
- [Commits](package-operator/cardboard@v0.0.4...v0.1.0)

---
updated-dependencies:
- dependency-name: pkg.package-operator.run/cardboard
  dependency-version: 0.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner February 5, 2026 16:24
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Feb 5, 2026
@coderabbitai
Copy link

coderabbitai bot commented Feb 5, 2026
edited
Loading

Walkthrough

The Go module dependency pkg.package-operator.run/cardboard was updated from version v0.0.4 to v0.1.0 in the go.mod file. This represents a minor version bump with no other dependency or structural changes.

Changes

Cohort / File(s) Summary
Dependency Version Update
go.mod		 Bumped pkg.package-operator.run/cardboard from v0.0.4 to v0.1.0 in the require block.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1
❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Description check ⚠️ Warning The description lacks required sections from the template (Change Type, Check List Before Merging, Additional Information), though it provides valuable release notes and dependency information. Add the missing template sections: specify Change Type (likely 'Docs/Test'), complete the checklist items, and document any testing performed.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and specifically describes the dependency bump from 0.0.4 to 0.1.0, matching the main change in the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dependabot/go_modules/pkg.package-operator.run/cardboard-0.1.0

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Feb 5, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In `@go.mod`:
- Around line 18-20: The go.mod pins for cardboard submodules are inconsistent:
pkg.package-operator.run/cardboard is at v0.1.0 but
pkg.package-operator.run/cardboard/kubeutils and
pkg.package-operator.run/cardboard/modules/kind remain at v0.0.4; update those
module versions (pkg.package-operator.run/cardboard/kubeutils and
pkg.package-operator.run/cardboard/modules/kind) to v0.1.0 in go.mod so all
cardboard modules match the root and pull in the dependency refresh (including
the modules/kind bump to sigs.k8s.io/kind v0.27.0).

go.mod
Comment on lines +18 to 20
pkg.package-operator.run/cardboard v0.1.0
pkg.package-operator.run/cardboard/kubeutils v0.0.4
pkg.package-operator.run/cardboard/modules/kind v0.0.4
Copy link

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check current versions of cardboard-related modules in go.mod and go.sum
echo "=== cardboard modules in go.mod ==="
rg -n 'pkg\.package-operator\.run/cardboard' go.mod

echo -e "\n=== cardboard modules in go.sum ==="
rg -n 'pkg\.package-operator\.run/cardboard' go.sum | head -20

echo -e "\n=== Full go.mod for context ==="
cat -n go.mod | sed -n '15,25p'

Repository: package-operator/boxcutter

Length of output: 1783

🌐 Web query:

cardboard v0.1.0 release notes pkg.package-operator.run kubeutils modules/kind compatibility

💡 Result:

pkg.package-operator.run/cardboard v0.1.0 was released on Feb 5, 2026. (github.com)

Key points relevant to your query:

  • Release notes (v0.1.0): primarily a broad dependency refresh / “Update all the deps”, plus some small maintenance chores. (github.com)
  • kubeutils (v0.1.0): introduces ContainerRuntime (docker, podman) and ContainerRuntimeOrDetect(...). (pkg.go.dev)
  • modules/kind compatibility in v0.1.0: the modules/kind module was updated and explicitly bumped to sigs.k8s.io/kind v0.27.0, along with multiple other dependency bumps in that module. (github.com)

Citations:

Upgrade cardboard submodules to v0.1.0 to align with root module.

The root pkg.package-operator.run/cardboard is bumped to v0.1.0, but cardboard/kubeutils, cardboard/modules/kind, and cardboard/modules/kubeclients remain at v0.0.4. The v0.1.0 release includes dependency refreshes and explicit updates to modules/kind (bumping to sigs.k8s.io/kind v0.27.0). Both kubeutils and modules/kind have v0.1.0 versions available. Update all related cardboard modules to v0.1.0 for consistency and to pick up the intended dependency updates.

🤖 Prompt for AI Agents 
In `@go.mod` around lines 18 - 20, The go.mod pins for cardboard submodules are
inconsistent: pkg.package-operator.run/cardboard is at v0.1.0 but
pkg.package-operator.run/cardboard/kubeutils and
pkg.package-operator.run/cardboard/modules/kind remain at v0.0.4; update those
module versions (pkg.package-operator.run/cardboard/kubeutils and
pkg.package-operator.run/cardboard/modules/kind) to v0.1.0 in go.mod so all
cardboard modules match the root and pull in the dependency refresh (including
the modules/kind bump to sigs.k8s.io/kind v0.27.0).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

@thetechnick thetechnick

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thetechnick