From 475d9ad6bfc90d46a31d49ab9924c472cf4d70bd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 9 Mar 2023 15:04:58 +1100
Subject: [PATCH] Bump github.com/vmware-tanzu/carvel-vendir from 0.32.5 to
 0.33.1 (#6060)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[github.com/vmware-tanzu/carvel-vendir](https://github.com/vmware-tanzu/carvel-vendir)
from 0.32.5 to 0.33.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vmware-tanzu/carvel-vendir/releases">github.com/vmware-tanzu/carvel-vendir's
releases</a>.</em></p>
<blockquote>
<h2>v0.33.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump imgpkg to version 0.36.0 (<a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/224">#224</a>)</li>
<li>Fix parsing empty yaml documents (<a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/228">#228</a>)</li>
<li>Bump go version and dependencies</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/carvel-dev/vendir/compare/v0.32.0...v0.33.1">https://github.com/carvel-dev/vendir/compare/v0.32.0...v0.33.1</a></p>
<h1>:speaker: Callouts</h1>
<p>Thanks to</p>
<ul>
<li>German Lashevich <a
href="https://github.com/Zebradil"><code>@​Zebradil</code></a> for the
contributions in <a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/228">#228</a></li>
</ul>
<h1>:open_file_folder: Files Checksum</h1>

<pre><code>6c9ed811fe9983e03424f2ecfc00a4aaeb19646ef27c42eb2a6c643ea07bd32b
./vendir-linux-amd64
155b6ff8c251b53dfd7e9554ff657b5bf626659dc288012a124a8bdb9186851e
./vendir-darwin-amd64
35e37893eceb625a46c412651b2ca3818aea0fd994cc449fb976c741ccc1e9e9
./vendir-darwin-arm64
b46151fb5c9e9ef43e3db599aa559fc2fc36ddeb978eb195ff77790fa2932aae
./vendir-windows-amd64.exe
79e026faaa1ac75c36414a97ee7e58b4bf9c148b1ce34aee795c667b71745519
./vendir-linux-arm64
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/carvel-dev/vendir/commit/99f8a36cfe4b6bfb09fa7776fd1c64d8b6a77d14"><code>99f8a36</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/237">#237</a>
from carvel-dev/change-org-and-repo-in-develop</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/0dd22220be64328b2036cbbe7fb6ca2469a567db"><code>0dd2222</code></a>
Change org and repo name</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/4d0c8fb6872c9f9e726da5118e3053cfb683d3e7"><code>4d0c8fb</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/236">#236</a>
from carvel-dev/bump-go-version-1.19.6</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/c85d3ee9ea3b99a6910bdfbddf1b1a8759d3770b"><code>c85d3ee</code></a>
Reverting go 1.20 to go 1.19</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/c9b34e0f045b3555c2ea1934bfbbe466ee971bb9"><code>c9b34e0</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/235">#235</a>
from carvel-dev/bump-go-version-1.20.1</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/1b22135c8f4b22f487ba149e9e868af5f83b6721"><code>1b22135</code></a>
Fixing golangci-lint error: rand.Seed has been deprecated since Go
1.20</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/0e70cfd32add75d0b2d7523a3b8a467e675f4037"><code>0e70cfd</code></a>
Bumping golang ci lint version to 0.51.2 as 49.0 doesn't support go
1.20</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/29364e56f7505f3e4e6cc0a8a51f893046166e7f"><code>29364e5</code></a>
Bump go version to 1.20.1</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/85962f9395124a5d1acdbcc308ab52a24024c5ee"><code>85962f9</code></a>
bump imgpkg to 0.36.0 (<a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/233">#233</a>)</li>
<li><a
href="https://github.com/carvel-dev/vendir/commit/e3e67252572e3d5324a50f077d4eb126eafc0c79"><code>e3e6725</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/vmware-tanzu/carvel-vendir/issues/231">#231</a>
from carvel-dev/dependabot/go_modules/golang.org/x/ne...</li>
<li>Additional commits viewable in <a
href="https://github.com/vmware-tanzu/carvel-vendir/compare/v0.32.5...v0.33.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/vmware-tanzu/carvel-vendir&package-manager=go_modules&previous-version=0.32.5&new-version=0.33.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 3 ++-
 go.sum | 6 ++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 19730af46cc..966d83df72f 100644
--- a/go.mod
+++ b/go.mod
@@ -74,7 +74,7 @@ require (
 	github.com/stretchr/testify v1.8.2
 	github.com/vmware-tanzu/carvel-kapp v0.55.0
 	github.com/vmware-tanzu/carvel-kapp-controller v0.44.6
-	github.com/vmware-tanzu/carvel-vendir v0.32.5
+	github.com/vmware-tanzu/carvel-vendir v0.33.1
 	golang.org/x/net v0.8.0
 	golang.org/x/sync v0.1.0
 	google.golang.org/genproto v0.0.0-20230223222841-637eb2293923
@@ -126,6 +126,7 @@ require (
 	github.com/aws/smithy-go v1.13.5 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695 // indirect
 	github.com/cenkalti/backoff/v4 v4.2.0 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
diff --git a/go.sum b/go.sum
index a4aa350b7b6..5317fb7f1d7 100644
--- a/go.sum
+++ b/go.sum
@@ -151,6 +151,8 @@ github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx2
 github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng=
 github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b h1:otBG+dV+YK+Soembjv71DPz3uX/V/6MMlSyD9JBQ6kQ=
 github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXer/kZD8Ri1aaunCxIEsOst1BVJswV0o=
+github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695 h1:naCDnpJeqQq5OHOYR6j01yIVVUk3WI5MuSHpDTy+M1A=
+github.com/carvel-dev/semver/v4 v4.0.1-0.20230221220520-8090ce423695/go.mod h1:4cFTBLAr/U11ykiEEQMccu4uJ1i0GS+atJmeETHCFtI=
 github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
 github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
 github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
@@ -952,8 +954,8 @@ github.com/vmware-tanzu/carvel-kapp v0.55.0 h1:pKLs93bSeDI06ZWCf++lKoz6JnJk/HALC
 github.com/vmware-tanzu/carvel-kapp v0.55.0/go.mod h1:q0U7ex5ylElAw6YiPhjR/7gH+8iUczZh+DXz4zHc6u8=
 github.com/vmware-tanzu/carvel-kapp-controller v0.44.6 h1:OsoZbKK+Ya7R4YKdnHVFB/INIEsmexklv2HEdeWt2Vw=
 github.com/vmware-tanzu/carvel-kapp-controller v0.44.6/go.mod h1:+drZFlRx8ppIl2LRNWb0X/ohWwrfdA9nXGmPKGzvTXs=
-github.com/vmware-tanzu/carvel-vendir v0.32.5 h1:WXbUqnAjAqCN1c6iaEvt3q1UqvfbdGDmLFaoLlZ6BfI=
-github.com/vmware-tanzu/carvel-vendir v0.32.5/go.mod h1:RxEkFL8TfI1L1C1N/2M5BbtYIJ7x1T51hp394CBNg4k=
+github.com/vmware-tanzu/carvel-vendir v0.33.1 h1:5wzx0aRyEiorkWwrpGvACJOpFcgvmCeVqhIY9TPuLvk=
+github.com/vmware-tanzu/carvel-vendir v0.33.1/go.mod h1:cZEa46rwzPt/ROdAuIgrCXLDJ+LqxNZaNxbz8MLtwWc=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=