Will
f7b98c8b01
Merge 2d6c345479 into e95bb7e472
2026-06-24 20:32:34 +00:00
dependabot[bot]
e95bb7e472
Bump golang.org/x/net from 0.55.0 to 0.56.0 ( #2740 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.55.0 to 0.56.0.
- [Commits](https://github.com/golang/net/compare/v0.55.0...v0.56.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.56.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 11:11:00 +10:00
dependabot[bot]
2074319595
Bump golang.org/x/mod from 0.36.0 to 0.37.0 ( #2741 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.36.0 to 0.37.0.
- [Commits](https://github.com/golang/mod/compare/v0.36.0...v0.37.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.37.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 10:04:36 +10:00
dependabot[bot]
be992d8add
Bump alpine from a2d49ea to 28bd5fe ( #2752 )
...
Bumps alpine from `a2d49ea` to `28bd5fe`.
---
updated-dependencies:
- dependency-name: alpine
dependency-version: '3'
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 10:04:28 +10:00
dependabot[bot]
637bb1fecd
Bump golang from 11fd8f7 to 792443b ( #2753 )
...
Bumps golang from `11fd8f7` to `792443b`.
---
updated-dependencies:
- dependency-name: golang
dependency-version: 1.26.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 10:04:05 +10:00
dependabot[bot]
bc23b42789
Bump github.com/pelletier/go-toml/v2 from 2.3.1 to 2.4.0 ( #2754 )
...
Bumps [github.com/pelletier/go-toml/v2](https://github.com/pelletier/go-toml ) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/pelletier/go-toml/releases )
- [Commits](https://github.com/pelletier/go-toml/compare/v2.3.1...v2.4.0 )
---
updated-dependencies:
- dependency-name: github.com/pelletier/go-toml/v2
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 10:03:55 +10:00
dependabot[bot]
8e2c9b612d
Bump golang from 68cb6d6 to 11fd8f7 ( #2738 )
...
Bumps golang from `68cb6d6` to `11fd8f7`.
---
updated-dependencies:
- dependency-name: golang
dependency-version: 1.26.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-16 16:46:10 +10:00
dependabot[bot]
0970cd4b05
Bump alpine from 5b10f43 to a2d49ea ( #2739 )
...
Bumps alpine from `5b10f43` to `a2d49ea`.
---
updated-dependencies:
- dependency-name: alpine
dependency-version: '3'
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-16 16:46:03 +10:00
dependabot[bot]
bf3591a234
Bump golang.org/x/text from 0.37.0 to 0.38.0 ( #2742 )
...
Bumps [golang.org/x/text](https://github.com/golang/text ) from 0.37.0 to 0.38.0.
- [Release notes](https://github.com/golang/text/releases )
- [Commits](https://github.com/golang/text/compare/v0.37.0...v0.38.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/text
dependency-version: 0.38.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-16 16:45:37 +10:00
dependabot[bot]
09f1565d51
Bump github/codeql-action from 4.35.2 to 4.36.2 ( #2743 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.2 to 4.36.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](95e58e9a2c...8aad20d150
2026-06-16 16:29:01 +10:00
dependabot[bot]
13d340ff51
Bump sigstore/cosign-installer from 3.10.1 to 4.1.2 ( #2744 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.10.1 to 4.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](7e8b541eb2...6f9f177880
2026-06-16 16:28:52 +10:00
Mike Farah
5cf0adcc5b
Adding some tests
2026-06-09 14:23:11 +10:00
William Floyd
30e16a33c3
Fix for #2677 ( #2705 )
...
* Update docs given https://github.com/yaml/go-yaml/pull/348
* Fix for https://github.com/mikefarah/yq/issues/2677
Depends on https://github.com/yaml/go-yaml/pull/348
* Test for https://github.com/mikefarah/yq/issues/2677
* Remove redundant check and add test case for explicit `!!merge` on `*+` traversal
* Bump go.yaml.in/yaml/v4 from 4.0.0-rc.4 to 4.0.0-rc.5
2026-06-09 14:08:47 +10:00
Mike Farah
25dfcf280f
Switch to typos from cspell - no more npm
2026-06-07 20:09:44 +10:00
Mike Farah
91a166e8d8
Pinning using hashes
2026-06-07 19:57:15 +10:00
Mike Farah
f9b0d7e45d
Pinning using hashes
2026-06-07 19:49:39 +10:00
Mike Farah
48a851bf57
Fixing toml docs
2026-06-07 19:47:11 +10:00
Mike Farah
131aa0b7cc
pinning deps
2026-06-07 19:46:58 +10:00
Mike Farah
ef3c14f806
project words
2026-06-07 18:21:59 +10:00
Mike Farah
26434e221e
Process for SHA-pin github action
2026-06-07 18:19:13 +10:00
Mike Farah
0eebc242fb
New workflow for github action
2026-06-07 08:56:21 +10:00
Mike Farah
87a62da881
New workflow for github action
2026-06-07 08:54:17 +10:00
Mike Farah
ef507264e1
New workflow for github action
2026-06-07 08:50:24 +10:00
Mike Farah
2a40eb3d04
Bumping github action docker file
2026-06-07 08:45:27 +10:00
Mike Farah
e3cb1dc7c6
Fixing build
2026-06-07 07:03:26 +10:00
Mike Farah
1b9b4ac518
Bumping version
2026-06-06 20:59:47 +10:00
Mike Farah
9b67d655f1
Portable bump version
2026-06-06 20:59:43 +10:00
Mike Farah
f8850c043c
Preparting release
2026-06-06 20:57:28 +10:00
Mike Farah
c5a342359d
Refining
2026-06-06 19:14:59 +10:00
Mike Farah
196a99e912
Agent disclosure
2026-06-06 19:13:33 +10:00
Mike Farah
fa99bf12c3
Merging agents
2026-06-06 18:38:30 +10:00
Mike Farah
71117613d6
docs: add AGENTS.md with Cursor Cloud development instructions ( #2735 )
...
* docs: add AGENTS.md with Cursor Cloud development instructions
Co-authored-by: Mike Farah <mikefarah@users.noreply.github.com>
* docs: fix AGENTS.md spelling and note spellcheck before PR
Co-authored-by: Mike Farah <mikefarah@users.noreply.github.com>
---------
Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Mike Farah <mikefarah@users.noreply.github.com>
2026-06-06 18:25:36 +10:00
Mike Farah
0cb1bbe698
Fixing test
2026-06-06 18:25:12 +10:00
Mike Farah
8fc8eedd3b
Minor doc update
2026-06-06 18:23:24 +10:00
Xie Benyi
7620a727b5
fix: reset INI decoder state on init ( #2719 )
2026-06-06 16:21:13 +10:00
Tony
6f9201a0ca
feat: add --ini-preserve-quotes flag for INI round-trip quote preservation ( #2728 )
...
Add INIPreferences.PreserveSurroundedQuote option that wires through to
go-ini/ini's LoadOptions.PreserveSurroundedQuote. When enabled, existing
surrounding quotes on INI values are preserved during decode/encode
round-trips.
Fixes #2456
Co-authored-by: toller892 <toller892@gmail.com>
2026-06-06 16:20:29 +10:00
dependabot[bot]
5b19ddbcd0
Bump docker/setup-buildx-action from 4.0.0 to 4.1.0 ( #2724 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](4d04d5d948...d7f5e7f509
2026-06-06 16:02:50 +10:00
dependabot[bot]
1ac2a3d96a
Bump docker/setup-qemu-action from 4.0.0 to 4.1.0 ( #2726 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](ce360397dd...06116385d9
2026-06-06 16:00:51 +10:00
dependabot[bot]
4a12c3f908
Bump golang.org/x/net from 0.54.0 to 0.55.0 ( #2725 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.54.0 to 0.55.0.
- [Commits](https://github.com/golang/net/compare/v0.54.0...v0.55.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.55.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-06 16:00:38 +10:00
dependabot[bot]
41377138ef
Bump docker/login-action from 4.1.0 to 4.2.0 ( #2727 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](4907a6ddec...650006c6eb
2026-06-06 15:53:24 +10:00
dependabot[bot]
ae5cf9ff04
Bump golang from 1.26.3 to 1.26.4 ( #2731 )
...
Bumps golang from 1.26.3 to 1.26.4.
---
updated-dependencies:
- dependency-name: golang
dependency-version: 1.26.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-06 15:53:06 +10:00
dependabot[bot]
fe449b956a
Bump actions/checkout from 6.0.2 to 6.0.3 ( #2732 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](de0fac2e45...df4cb1c069
2026-06-06 15:52:53 +10:00
Rayan Salhab
8f3291d316
fix: decode properties array bracket paths ( #2693 )
...
* fix: decode properties array bracket paths
* test: add nested array bracket properties decode case
---------
Co-authored-by: cyphercodes <cyphercodes@users.noreply.github.com>
2026-05-15 22:22:06 +10:00
ChrisJr404
2861815f71
fix(json): preserve floats with trailing zero when encoding YAML to JSON ( #2701 )
...
YAML scalars tagged `!!float` were round-tripped through `float64` and
re-serialized by Go's JSON encoder, which strips the decimal part of
whole-number floats. As a result, `50.0` came out as `50` and a
sequence like `[50.0, 95.0, 99.0, 99.9]` became `[50,95,99,99.9]`,
turning a uniform array of floats into a mixed int/float array that
downstream consumers (Horreum, JSON Schema validators, jq, etc.)
reject.
The JSON spec does not distinguish ints from floats, but every common
JSON library (Go's `encoding/json`, Python's `json`, jq) preserves the
fractional form of values that came in as floats. yq's YAML decoder
already parses these as `!!float` with the original text intact, so we
can emit them verbatim instead of round-tripping.
`MarshalJSON` for `ScalarNode` now special-cases `!!float`:
- if `Value` is already a JSON-shaped number literal containing a `.`
or exponent, emit it verbatim (e.g. `50.0`, `99.9`, `1.5e-3`, `-7.0`);
- if `Value` is an integer-shaped string tagged `!!float` (e.g.
`!!float 5`), format the parsed float and append `.0` so it stays a
JSON number with a fractional part;
- otherwise (empty value, parse error, or non-finite result), fall back
to the existing encoding path so behaviour for `.inf` / `.nan` and
anything unusual is unchanged.
`!!int` nodes still encode as JSON integers.
Closes #2683
Signed-off-by: ChrisJr404 <chris@hacknow.com>
2026-05-14 20:00:34 +10:00
梦曦·花已落
fcb79822dd
feat(toml): fix JSON to TOML root scope and null handling ( #2689 )
...
Ensure root-level TOML attributes are emitted before table sections so fields like sort remain root-scoped. Skip null-valued object fields during TOML encoding
instead of converting them to empty strings.
2026-05-14 19:57:42 +10:00
dependabot[bot]
e9acb9b734
Bump golang.org/x/mod from 0.35.0 to 0.36.0 ( #2709 )
...
Bumps [golang.org/x/mod](https://github.com/golang/mod ) from 0.35.0 to 0.36.0.
- [Commits](https://github.com/golang/mod/compare/v0.35.0...v0.36.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-version: 0.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 19:56:57 +10:00
dependabot[bot]
83b282c413
Bump golang.org/x/net from 0.53.0 to 0.54.0 ( #2707 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.53.0 to 0.54.0.
- [Commits](https://github.com/golang/net/compare/v0.53.0...v0.54.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.54.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 19:38:12 +10:00
dependabot[bot]
54fa4324ea
Bump golang from 1.26.2 to 1.26.3 ( #2706 )
...
Bumps golang from 1.26.2 to 1.26.3.
---
updated-dependencies:
- dependency-name: golang
dependency-version: 1.26.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-14 19:38:00 +10:00
Terminal Chai
ee6c30dac2
fix: reset TOML decoder finished flag on Init to fix multi-doc evaluation ( #2704 )
...
* fix: reset TOML decoder between files
* test: fix TOML regression fixture spelling
2026-05-14 19:37:43 +10:00
Rayan Salhab
722c9aa16c
Fix nested inline YAML merge explode ( #2699 )
...
Co-authored-by: cyphercodes <cyphercodes@users.noreply.github.com>
2026-05-14 19:33:50 +10:00
