Bump the github-dependencies group with 2 updates

[dependabot]

Bumps the github-dependencies group with 2 updates: github.com/spf13/cobra and github.com/spf13/viper.

Updates github.com/spf13/cobra from 1.4.0 to 1.8.0

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.0

✨ Features

• Support usage as plugin for tools like kubectl by @​nirs in spf13/cobra#2018 - this means that programs that utilize a "plugin-like" structure have much better support and usage (like for completions, command paths, etc.)
• Move documentation sources to site/content by @​umarcor in spf13/cobra#1428
• Add 'one required flag' group by @​marevers in spf13/cobra#1952 - this includes a new MarkFlagsOneRequired API for flags which can be used to mark a flag group as required and cause command failure if at least one is not used when invoked.
• Customizable error message prefix by @​5ouma in spf13/cobra#2023 - This adds the SetErrPrefix and ErrPrefix APIs on the Command struct to allow for setting a custom prefix for errors
• feat: add getters for flag completions by @​avirtopeanu-ionos in spf13/cobra#1943
• Feature: allow running persistent run hooks of all parents by @​vkhoroz in spf13/cobra#2044
• Improve API to get flag completion function by @​marckhouzam in spf13/cobra#2063

🐛 Bug fixes

• Fix typo in fish completions by @​twpayne in spf13/cobra#1945
• Fix grammar: 'allows to' by @​supertassu in spf13/cobra#1978
• powershell: escape variable with curly brackets by @​Luap99 in spf13/cobra#1960
• Don't complete --help flag when flag parsing disabled by @​marckhouzam in spf13/cobra#2061
• Replace all non-alphanumerics in active help env var program prefix by @​scop in spf13/cobra#1940

🔧 Maintenance

• build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @​dependabot in spf13/cobra#1971
• build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @​dependabot in spf13/cobra#1976
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot in spf13/cobra#2021
• build(deps): bump actions/setup-go from 3 to 4 by @​dependabot in spf13/cobra#1934
• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 by @​dependabot in spf13/cobra#2047
• build(deps): bump actions/checkout from 3 to 4 by @​dependabot in spf13/cobra#2028
• command: temporarily disable G602 due to securego/gosec#1005 by @​umarcor in spf13/cobra#2022

🧪 Testing & CI/CD

• test: make fish_completions_test more robust by @​branchvincent in spf13/cobra#1980
• golangci: enable 'unused' and disable deprecated replaced by it by @​umarcor in spf13/cobra#1983
• cleanup: minor corrections to unit tests by @​JunNishimura in spf13/cobra#2003
• ci: test golang 1.21 by @​nunoadrego in spf13/cobra#2024
• Fix linter errors by @​marckhouzam in spf13/cobra#2052
• Add tests for flag completion registration by @​marckhouzam in spf13/cobra#2053

✏️ Documentation

• doc: fix typo, Deperecated -> Deprecated by @​callthingsoff in spf13/cobra#2000
• Add notes to doc about the execution condition of *PreRun and *PostRun functions by @​haoming29 in spf13/cobra#2041

---

Thank you everyone who contributed to this release and all your hard work! Cobra and this community would never be possible without all of you!!!! 🐍

Full Changelog: spf13/cobra@v1.7.0...v1.8.0

v1.7.0

... (truncated)

Commits

• a0a6ae0 Improve API to get flag completion function (#2063)
• 890302a Support usage as plugin for tools like kubectl (#2018)
• 48cea5c build(deps): bump actions/checkout from 3 to 4 (#2028)
• 22953d8 Replace all non-alphanumerics in active help env var program prefix (#1940)
• 00b68a1 Add tests for flag completion registration (#2053)
• b711e87 Don't complete --help flag when flag parsing disabled (#2061)
• 8b1eba4 Fix linter errors (#2052)
• 4cafa37 Allow running persistent run hooks of all parents (#2044)
• 5c962a2 build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 (#2047)
• efe8fa3 build(deps): bump actions/setup-go from 3 to 4 (#1934)
• Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.12.0 to 1.18.1

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.1

What's Changed

Bug Fixes 🐛

• Merge missing struct keys inside UnmarshalExact by @​krakowski in spf13/viper#1704

Full Changelog: spf13/viper@v1.18.0...v1.18.1

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

• chore: rename files according to enabled build tags by @​alexandear in spf13/viper#1642
• test: replace ifs with asserts to simplify tests by @​alexandear in spf13/viper#1656
• ci: enable test shuffle and fix tests by @​alexandear in spf13/viper#1643
• fix: gocritic lint issues by @​alexandear in spf13/viper#1696

Bug Fixes 🐛

• Implement viper.BindStruct for automatic unmarshalling from environment variables by @​krakowski in spf13/viper#1429
• fix isPathShadowedInFlatMap type cast bug by @​linuxsong in spf13/viper#1585

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @​dependabot in spf13/viper#1661
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in spf13/viper#1659
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in spf13/viper#1663
• build(deps): bump actions/github-script from 6.4.1 to 7.0.1 by @​dependabot in spf13/viper#1686
• build(deps): bump github/codeql-action from 2.22.3 to 2.22.8 by @​dependabot in spf13/viper#1688
• build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 by @​dependabot in spf13/viper#1692
• build(deps): bump actions/dependency-review-action from 3.1.0 to 3.1.4 by @​dependabot in spf13/viper#1690
• build(deps): bump cachix/install-nix-action from 23 to 24 by @​dependabot in spf13/viper#1689
• build(deps): bump github.com/nats-io/nkeys from 0.4.5 to 0.4.6 by @​dependabot in spf13/viper#1672
• build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 by @​dependabot in spf13/viper#1691
• build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 by @​dependabot in spf13/viper#1668
• chore: update dependencies by @​sagikazarmark in spf13/viper#1694
• chore: update crypt by @​sagikazarmark in spf13/viper#1701

Other Changes

• Add info about multiple hosts for remote config by @​KaymeKaydex in spf13/viper#1684
• refactor: drop fsonitfy wrapper by @​sagikazarmark in spf13/viper#1693
• Note Get* behavior on parse failure by @​scop in spf13/viper#1687

... (truncated)

Commits

• fb6eb1e fix: merge missing struct keys inside UnmarshalExact
• f5fcb4a chore: update crypt
• f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
• 36a3868 Review changes
• f0c4ccd fix: gocritic lint issues
• 3a23b80 ci: enable test shuffle; fix tests
• 73dfb94 feat: make Unmarshal work with AutomaticEnv
• 6ea31ae refactor: move all settings code to a getter
• c4dcd31 fix: godot lint issues
• 4c9b2a2 Note Get* behavior on parse failure
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign msau42 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the PR is closed

You can:

• Mark this PR as fresh with /remove-lifecycle stale
• Close this PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[dependabot]

Superseded by #117.