From a8104780da5987c60fe33a20db787623db4bdbb1 Mon Sep 17 00:00:00 2001
From: WhiteSource Renovate <bot@renovateapp.com>
Date: Mon, 19 Sep 2022 02:17:38 +0200
Subject: [PATCH] Update tools (#722)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[github.com/CycloneDX/cyclonedx-go](https://togithub.com/CycloneDX/cyclonedx-go)
| require | minor | `v0.5.0` -> `v0.6.0` |
|
[github.com/g-rath/osv-detector](https://togithub.com/g-rath/osv-detector)
| require | patch | `v0.7.1-0.20220815200046-7cbc516ebcad` -> `v0.7.1` |
| [github.com/google/go-cmp](https://togithub.com/google/go-cmp) |
require | patch | `v0.5.8` -> `v0.5.9` |
|
[github.com/jedib0t/go-pretty/v6](https://togithub.com/jedib0t/go-pretty)
| require | patch | `v6.3.7` -> `v6.3.8` |
| [github.com/spdx/tools-golang](https://togithub.com/spdx/tools-golang)
| require | minor | `v0.2.0` -> `v0.3.0` |
| [github.com/urfave/cli/v2](https://togithub.com/urfave/cli) | require
| minor | `v2.11.1` -> `v2.16.3` |
| [go](https://go.dev/) ([source](https://togithub.com/golang/go)) |
golang | minor | `1.18` -> `1.19` |
| [golang.org/x/exp](https://togithub.com/golang/exp) | require | digest
| `145caa8` -> `b168a2c` |

---

### Release Notes

<details>
<summary>CycloneDX/cyclonedx-go</summary>

###
[`v0.6.0`](https://togithub.com/CycloneDX/cyclonedx-go/releases/tag/v0.6.0)

[Compare
Source](https://togithub.com/CycloneDX/cyclonedx-go/compare/v0.5.2...v0.6.0)

#### Changelog

##### Features

-
[`3cc319e`](https://togithub.com/CycloneDX/cyclonedx-go/commit/3cc319e20e6f9f6565c3365b62515575859ccf1f):
feat: add support for bom links
([#&#8203;33](https://togithub.com/CycloneDX/cyclonedx-go/issues/33))
([@&#8203;nscuro](https://togithub.com/nscuro))

##### Fixes

-
[`5f285ff`](https://togithub.com/CycloneDX/cyclonedx-go/commit/5f285ff028c09f67aa62338dc06fe8e5a6932936):
fix: add missing Properties
([#&#8203;39](https://togithub.com/CycloneDX/cyclonedx-go/issues/39))
([@&#8203;desenna](https://togithub.com/desenna))

##### Building and Packaging

-
[`d063798`](https://togithub.com/CycloneDX/cyclonedx-go/commit/d06379863c460d7627bccc0d911e667e867bd029):
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])
-
[`0b1d408`](https://togithub.com/CycloneDX/cyclonedx-go/commit/0b1d408e1e008c9972eac2206108511f98fc0738):
build(deps): bump actions/setup-go from 3.0.0 to 3.1.0
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])
-
[`47702c4`](https://togithub.com/CycloneDX/cyclonedx-go/commit/47702c484c166133a6f5072e975b4351334c238d):
build(deps): bump apache/skywalking-eyes from 0.2.0 to 0.3.0
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])
-
[`5940b17`](https://togithub.com/CycloneDX/cyclonedx-go/commit/5940b17535582a8f9111f5c013dd69c9e07bce53):
build(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])

###
[`v0.5.2`](https://togithub.com/CycloneDX/cyclonedx-go/releases/tag/v0.5.2)

[Compare
Source](https://togithub.com/CycloneDX/cyclonedx-go/compare/v0.5.1...v0.5.2)

#### Changelog

##### Fixes

-
[`0a1487e`](https://togithub.com/CycloneDX/cyclonedx-go/commit/0a1487ee034a465f34a8b9f8a7198d93c4811c45):
fix: edit casing of email
([#&#8203;30](https://togithub.com/CycloneDX/cyclonedx-go/issues/30))
([@&#8203;jspeed-meyers](https://togithub.com/jspeed-meyers))
-
[`644d3e5`](https://togithub.com/CycloneDX/cyclonedx-go/commit/644d3e5e219bcfea92bfbfce354ae95c3f4fed55):
fix: encoding of XML chars in tags
([@&#8203;derkoe](https://togithub.com/derkoe))

##### Building and Packaging

-
[`dea6490`](https://togithub.com/CycloneDX/cyclonedx-go/commit/dea6490495cfeea64fc85e00fa000d9388d60ab9):
build(actions): set permissions and timeouts
([@&#8203;nscuro](https://togithub.com/nscuro))
-
[`22c6201`](https://togithub.com/CycloneDX/cyclonedx-go/commit/22c6201e3ff21d4db95325cd75551ce717be4b6b):
build(actions): update cyclonedx cli to 0.24.0
([@&#8203;nscuro](https://togithub.com/nscuro))
-
[`9d0e58e`](https://togithub.com/CycloneDX/cyclonedx-go/commit/9d0e58ed92da13937f91a87ab763bc9f5e303496):
build(goreleaser): use native sboms feature
([@&#8203;nscuro](https://togithub.com/nscuro))

###
[`v0.5.1`](https://togithub.com/CycloneDX/cyclonedx-go/releases/tag/v0.5.1)

[Compare
Source](https://togithub.com/CycloneDX/cyclonedx-go/compare/v0.5.0...v0.5.1)

#### Changelog

##### Fixes

-
[`1fd9caf`](https://togithub.com/CycloneDX/cyclonedx-go/commit/1fd9caf52906ff41300f8a13e8d1f28fbdefef6d):
fix: make vuln rating score optional
([@&#8203;nscuro](https://togithub.com/nscuro))

##### Building and Packaging

-
[`1f31d49`](https://togithub.com/CycloneDX/cyclonedx-go/commit/1f31d499debebde7a64746ce989478b76c60b8e3):
build(ci): add setup-go to lint job
([@&#8203;nscuro](https://togithub.com/nscuro))
-
[`018dff2`](https://togithub.com/CycloneDX/cyclonedx-go/commit/018dff2c923dd820dda0a1b9a2b05b7e2dcf7078):
build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])
-
[`15708b3`](https://togithub.com/CycloneDX/cyclonedx-go/commit/15708b3ca5da621b37ceddb403c96556b8302ade):
build(deps): bump golangci/golangci-lint-action from 2 to 3.1.0
([@&#8203;dependabot](https://togithub.com/dependabot)\[bot])
-
[`a2abeb6`](https://togithub.com/CycloneDX/cyclonedx-go/commit/a2abeb69f0173b530208c1728e58c2530305574f):
build(deps): update `actions/checkout` to v3.0.0
([@&#8203;nscuro](https://togithub.com/nscuro))
-
[`ba3af87`](https://togithub.com/CycloneDX/cyclonedx-go/commit/ba3af87b824294d93c368ff33e35e32e7f230b80):
build(deps): update `actions/setup-go` to v3.0.0
([@&#8203;nscuro](https://togithub.com/nscuro))

</details>

<details>
<summary>google/go-cmp</summary>

### [`v0.5.9`](https://togithub.com/google/go-cmp/releases/tag/v0.5.9)

[Compare
Source](https://togithub.com/google/go-cmp/compare/v0.5.8...v0.5.9)

Reporter changes:

- ([#&#8203;299](https://togithub.com/google/go-cmp/issues/299)) Adjust
heuristic for line-based versus byte-based diffing
- ([#&#8203;306](https://togithub.com/google/go-cmp/issues/306)) Use
`value.TypeString` in `PathStep.String`

Code cleanup changes:

- ([#&#8203;297](https://togithub.com/google/go-cmp/issues/297)) Use
`reflect.Value.IsZero`
- ([#&#8203;304](https://togithub.com/google/go-cmp/issues/304)) Format
with Go 1.19 formatter
- ([#&#8203;300](https://togithub.com/google/go-cmp/issues/300) )Fix
typo in Result documentation
- ([#&#8203;302](https://togithub.com/google/go-cmp/issues/302))
Pre-declare global type variables
- ([#&#8203;309](https://togithub.com/google/go-cmp/issues/309)) Run
tests on Go 1.19

</details>

<details>
<summary>jedib0t/go-pretty</summary>

###
[`v6.3.8`](https://togithub.com/jedib0t/go-pretty/releases/tag/v6.3.8)

[Compare
Source](https://togithub.com/jedib0t/go-pretty/compare/v6.3.7...v6.3.8)

### Features

-   **progress**
- can now display "speed" of progress for each tracker (thanks
[@&#8203;iyear](https://togithub.com/iyear))

</details>

<details>
<summary>spdx/tools-golang</summary>

###
[`v0.3.0`](https://togithub.com/spdx/tools-golang/releases/tag/v0.3.0)

[Compare
Source](https://togithub.com/spdx/tools-golang/compare/v0.2.0...v0.3.0)

##### New Features and Enhancements

- Add support for saving SPDX JSON:
[#&#8203;92](https://togithub.com/spdx/tools-golang/issues/92),
[#&#8203;94](https://togithub.com/spdx/tools-golang/issues/94),
[#&#8203;97](https://togithub.com/spdx/tools-golang/issues/97),
[#&#8203;98](https://togithub.com/spdx/tools-golang/issues/98),
[#&#8203;104](https://togithub.com/spdx/tools-golang/issues/104),
[#&#8203;106](https://togithub.com/spdx/tools-golang/issues/106),
[#&#8203;113](https://togithub.com/spdx/tools-golang/issues/113)
- Begin OpenSSF Best Practices process and add initial badge:
[#&#8203;111](https://togithub.com/spdx/tools-golang/issues/111)
    -   also enabled branch protection for main branch

##### Bug fixes

- tvsaver: Fix incorrect tag for Snippet IDs:
[#&#8203;95](https://togithub.com/spdx/tools-golang/issues/95)
- GitHub Actions: Fix incorrect branch for code coverage:
[#&#8203;112](https://togithub.com/spdx/tools-golang/issues/112)
- builder: Fix file paths to be relative rather than absolute:
[#&#8203;114](https://togithub.com/spdx/tools-golang/issues/114)
- builder: Add missing mandatory field LicenseInfoInFile:
[#&#8203;119](https://togithub.com/spdx/tools-golang/issues/119)

##### Documentation and Cleanup

- Fix link to release notes:
[#&#8203;91](https://togithub.com/spdx/tools-golang/issues/91)
- Language fixes for JSON documentation:
[#&#8203;108](https://togithub.com/spdx/tools-golang/issues/108)
- Add badges and links for releases and documentation:
[#&#8203;109](https://togithub.com/spdx/tools-golang/issues/109)
- Update documentation for release:
[#&#8203;121](https://togithub.com/spdx/tools-golang/issues/121),
[#&#8203;122](https://togithub.com/spdx/tools-golang/issues/122)
- Fixes for examples and sample run commands:
[#&#8203;123](https://togithub.com/spdx/tools-golang/issues/123),
[#&#8203;125](https://togithub.com/spdx/tools-golang/issues/125),
[#&#8203;126](https://togithub.com/spdx/tools-golang/issues/126),
[#&#8203;127](https://togithub.com/spdx/tools-golang/issues/127)

##### Contributors

-   [@&#8203;CatalinStratu](https://togithub.com/CatalinStratu)
-   [@&#8203;specter25](https://togithub.com/specter25)
-   [@&#8203;swinslow](https://togithub.com/swinslow)

</details>

<details>
<summary>urfave/cli</summary>

### [`v2.16.3`](https://togithub.com/urfave/cli/releases/tag/v2.16.3)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.16.2...v2.16.3)

#### What's Changed

- Move more functionality into internal/build/build.go by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1490](https://togithub.com/urfave/cli/pull/1490)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.16.2...v2.16.3

### [`v2.16.2`](https://togithub.com/urfave/cli/releases/tag/v2.16.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.16.1...v2.16.2)

#### What's Changed

- Fix: Help name consistency among app/commands and subcommands by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1489](https://togithub.com/urfave/cli/pull/1489)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.16.1...v2.16.2

### [`v2.16.1`](https://togithub.com/urfave/cli/releases/tag/v2.16.1)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.16.0...v2.16.1)

#### What's Changed

- Set codecov status thresholds to 5% by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1486](https://togithub.com/urfave/cli/pull/1486)
- Fix: dont generate pointer for dest for Generic flag by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1488](https://togithub.com/urfave/cli/pull/1488)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.16.0...v2.16.1

### [`v2.16.0`](https://togithub.com/urfave/cli/releases/tag/v2.16.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.15.0...v2.16.0)

#### What's Changed

- Feature:(Issue 1334) Add support for uint64slices by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1378](https://togithub.com/urfave/cli/pull/1378)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.15.0...v2.16.0

### [`v2.15.0`](https://togithub.com/urfave/cli/releases/tag/v2.15.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.14.2...v2.15.0)

#### What's Changed

- Add count option for bool flags by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1257](https://togithub.com/urfave/cli/pull/1257)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.14.2...v2.15.0

### [`v2.14.2`](https://togithub.com/urfave/cli/releases/tag/v2.14.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.14.1...v2.14.2)

#### What's Changed

- Update version of codecov action by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1480](https://togithub.com/urfave/cli/pull/1480)
- Add a few notes to release docs by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1479](https://togithub.com/urfave/cli/pull/1479)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.14.1...v2.14.2

### [`v2.14.1`](https://togithub.com/urfave/cli/releases/tag/v2.14.1)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.14.0...v2.14.1)

#### What's Changed

- Fix:(issue\_1272) Generic flag not set from env by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1458](https://togithub.com/urfave/cli/pull/1458)
- GitHub Workflows security hardening by
[@&#8203;sashashura](https://togithub.com/sashashura) in
[https://github.com/urfave/cli/pull/1469](https://togithub.com/urfave/cli/pull/1469)

#### New Contributors

- [@&#8203;sashashura](https://togithub.com/sashashura) made their first
contribution in
[https://github.com/urfave/cli/pull/1469](https://togithub.com/urfave/cli/pull/1469)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.14.0...v2.14.1

### [`v2.14.0`](https://togithub.com/urfave/cli/releases/tag/v2.14.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.13.0...v2.14.0)

#### What's Changed

- Update v2 dead link by
[@&#8203;abousselmi](https://togithub.com/abousselmi) in
[https://github.com/urfave/cli/pull/1466](https://togithub.com/urfave/cli/pull/1466)
- Fix:(issue\_1293) Wrap usage text for commands by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1460](https://togithub.com/urfave/cli/pull/1460)
- Add App.InvalidFlagAccessHandler by
[@&#8203;icholy](https://togithub.com/icholy) in
[https://github.com/urfave/cli/pull/1446](https://togithub.com/urfave/cli/pull/1446)

#### New Contributors

- [@&#8203;abousselmi](https://togithub.com/abousselmi) made their first
contribution in
[https://github.com/urfave/cli/pull/1466](https://togithub.com/urfave/cli/pull/1466)
- [@&#8203;icholy](https://togithub.com/icholy) made their first
contribution in
[https://github.com/urfave/cli/pull/1446](https://togithub.com/urfave/cli/pull/1446)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.13.0...v2.14.0

### [`v2.13.0`](https://togithub.com/urfave/cli/releases/tag/v2.13.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.12.3...v2.13.0)

#### What's Changed

- Fix:(issue\_1094) Dont execute Before/After handlers during shell
comp… by [@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1457](https://togithub.com/urfave/cli/pull/1457)
- Fix:(issue\_1455) Allow bool flags from input altsrc by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1456](https://togithub.com/urfave/cli/pull/1456)
- Add configurable Base to int, uint and uint64 flags by
[@&#8203;ccremer](https://togithub.com/ccremer) in
[https://github.com/urfave/cli/pull/1464](https://togithub.com/urfave/cli/pull/1464)
- fix: allow required flag with one character by
[@&#8203;Gerrard-YNWA](https://togithub.com/Gerrard-YNWA) in
[https://github.com/urfave/cli/pull/1449](https://togithub.com/urfave/cli/pull/1449)
- Add support for alias in YAMLs by
[@&#8203;james-prysm](https://togithub.com/james-prysm) in
[https://github.com/urfave/cli/pull/1448](https://togithub.com/urfave/cli/pull/1448)

#### New Contributors

- [@&#8203;ccremer](https://togithub.com/ccremer) made their first
contribution in
[https://github.com/urfave/cli/pull/1464](https://togithub.com/urfave/cli/pull/1464)
- [@&#8203;Gerrard-YNWA](https://togithub.com/Gerrard-YNWA) made their
first contribution in
[https://github.com/urfave/cli/pull/1449](https://togithub.com/urfave/cli/pull/1449)
- [@&#8203;james-prysm](https://togithub.com/james-prysm) made their
first contribution in
[https://github.com/urfave/cli/pull/1448](https://togithub.com/urfave/cli/pull/1448)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.12.3...v2.13.0

### [`v2.12.3`](https://togithub.com/urfave/cli/releases/tag/v2.12.3)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.12.2...v2.12.3)

#### What's Changed

- issue\_62: Make slice options more posix like by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1454](https://togithub.com/urfave/cli/pull/1454)
- Move genflags tool to cmd/ and pin to previous release by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1451](https://togithub.com/urfave/cli/pull/1451)
- Shift supported go versions by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1452](https://togithub.com/urfave/cli/pull/1452)
- docs: split documentation into individual pages by
[@&#8203;hay-kot](https://togithub.com/hay-kot) in
[https://github.com/urfave/cli/pull/1453](https://togithub.com/urfave/cli/pull/1453)

#### New Contributors

- [@&#8203;hay-kot](https://togithub.com/hay-kot) made their first
contribution in
[https://github.com/urfave/cli/pull/1453](https://togithub.com/urfave/cli/pull/1453)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.12.1...v2.12.3

### [`v2.12.2`](https://togithub.com/urfave/cli/releases/tag/v2.12.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.12.1...v2.12.2)

#### What's Changed

- issue\_62: Make slice options more posix like by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1454](https://togithub.com/urfave/cli/pull/1454)
- Move genflags tool to cmd/ and pin to previous release by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1451](https://togithub.com/urfave/cli/pull/1451)
- Shift supported go versions by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1452](https://togithub.com/urfave/cli/pull/1452)
- docs: split documentation into individual pages by
[@&#8203;hay-kot](https://togithub.com/hay-kot) in
[https://github.com/urfave/cli/pull/1453](https://togithub.com/urfave/cli/pull/1453)

#### New Contributors

- [@&#8203;hay-kot](https://togithub.com/hay-kot) made their first
contribution in
[https://github.com/urfave/cli/pull/1453](https://togithub.com/urfave/cli/pull/1453)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.12.1...v2.12.2

### [`v2.12.1`](https://togithub.com/urfave/cli/releases/tag/v2.12.1)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.12.0...v2.12.1)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.5...v2.12.1

### [`v2.12.0`](https://togithub.com/urfave/cli/releases/tag/v2.12.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.11.5...v2.12.0)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.2...v2.12.0

### [`v2.11.5`](https://togithub.com/urfave/cli/releases/tag/v2.11.5)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.11.4...v2.11.5)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.2...v2.11.5

### [`v2.11.4`](https://togithub.com/urfave/cli/releases/tag/v2.11.4)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.11.3...v2.11.4)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.2...v2.11.4

### [`v2.11.3`](https://togithub.com/urfave/cli/releases/tag/v2.11.3)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.11.2...v2.11.3)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.2...v2.11.3

### [`v2.11.2`](https://togithub.com/urfave/cli/releases/tag/v2.11.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.11.1...v2.11.2)

#### What's Changed

- Fix HideHelp by [@&#8203;Dokiys](https://togithub.com/Dokiys) in
[https://github.com/urfave/cli/pull/1445](https://togithub.com/urfave/cli/pull/1445)
- Fix After not run by [@&#8203;Dokiys](https://togithub.com/Dokiys) in
[https://github.com/urfave/cli/pull/1444](https://togithub.com/urfave/cli/pull/1444)

#### New Contributors

- [@&#8203;Dokiys](https://togithub.com/Dokiys) made their first
contribution in
[https://github.com/urfave/cli/pull/1445](https://togithub.com/urfave/cli/pull/1445)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.11.1...v2.11.2

</details>

<details>
<summary>golang/go</summary>

###
[`v1.19.1`](https://togithub.com/golang/go/compare/go1.19...go1.19.1)

###
[`v1.19.0`](https://togithub.com/golang/go/compare/go1.18.6...go1.19)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click
this checkbox.

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/google/osv.dev).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzMi4xOTUuNSIsInVwZGF0ZWRJblZlciI6IjMyLjE5NS41In0=-->

Co-authored-by: Rex Pan <rexpan@google.com>
---
 tools/osv-scanner/go.mod | 16 ++++++++--------
 tools/osv-scanner/go.sum | 29 ++++++++++++++---------------
 2 files changed, 22 insertions(+), 23 deletions(-)

diff --git a/tools/osv-scanner/go.mod b/tools/osv-scanner/go.mod
index dd53c1a9afa..c4d115b7263 100644
--- a/tools/osv-scanner/go.mod
+++ b/tools/osv-scanner/go.mod
@@ -1,17 +1,17 @@
 module github.com/google/osv.dev/tools/osv-scanner
 
-go 1.18
+go 1.19
 
 require (
-	github.com/CycloneDX/cyclonedx-go v0.5.0
-	github.com/g-rath/osv-detector v0.7.1-0.20220815200046-7cbc516ebcad
-	github.com/google/go-cmp v0.5.8
-	github.com/jedib0t/go-pretty/v6 v6.3.7
+	github.com/CycloneDX/cyclonedx-go v0.6.0
+	github.com/g-rath/osv-detector v0.7.1
+	github.com/google/go-cmp v0.5.9
+	github.com/jedib0t/go-pretty/v6 v6.3.8
 	github.com/package-url/packageurl-go v0.1.0
-	github.com/spdx/tools-golang v0.2.0
-	github.com/urfave/cli/v2 v2.11.1
+	github.com/spdx/tools-golang v0.3.0
+	github.com/urfave/cli/v2 v2.16.3
 	golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90
-	golang.org/x/exp v0.0.0-20220907003533-145caa8ea1d0
+	golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b
 )
 
 require (
diff --git a/tools/osv-scanner/go.sum b/tools/osv-scanner/go.sum
index e04b92fc7c7..6b4ab5b4d60 100644
--- a/tools/osv-scanner/go.sum
+++ b/tools/osv-scanner/go.sum
@@ -1,7 +1,7 @@
 github.com/BurntSushi/toml v1.2.0 h1:Rt8g24XnyGTyglgET/PRUNlrUeu9F5L+7FilkXfZgs0=
 github.com/BurntSushi/toml v1.2.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
-github.com/CycloneDX/cyclonedx-go v0.5.0 h1:RWCnu2OrWUTF5C9DA3L0qVziUD2HlxSUWcL2OXlxfqE=
-github.com/CycloneDX/cyclonedx-go v0.5.0/go.mod h1:nQXAzrejxO39b14JFz2SvsUElegYfwBDowIzqjdUMk4=
+github.com/CycloneDX/cyclonedx-go v0.6.0 h1:SizWGbZzFTC/O/1yh072XQBMxfvsoWqd//oKCIyzFyE=
+github.com/CycloneDX/cyclonedx-go v0.6.0/go.mod h1:nQCiF4Tvrg5Ieu8qPhYMvzPGMu5I7fANZkrSsJjl5mg=
 github.com/bradleyjkemp/cupaloy/v2 v2.7.0 h1:AT0vOjO68RcLyenLCHOGZzSNiuto7ziqzq6Q1/3xzMQ=
 github.com/bradleyjkemp/cupaloy/v2 v2.7.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0=
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
@@ -9,12 +9,12 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/g-rath/osv-detector v0.7.1-0.20220815200046-7cbc516ebcad h1:kzvNix7gMuhpnf7MI8bZlto/mC+UW+sL09Cxs6jtEMs=
-github.com/g-rath/osv-detector v0.7.1-0.20220815200046-7cbc516ebcad/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
-github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/jedib0t/go-pretty/v6 v6.3.7 h1:H3Ulkf7h6A+p0HgKBGzgDn0bZIupRbKKWF4pO4Bs7iA=
-github.com/jedib0t/go-pretty/v6 v6.3.7/go.mod h1:MgmISkTWDSFu0xOqiZ0mKNntMQ2mDgOcwOkwBEkMDJI=
+github.com/g-rath/osv-detector v0.7.1 h1:f6VNrJLWtH54253QTAnwRVspZ8NbmPQsHDbAglWBSI4=
+github.com/g-rath/osv-detector v0.7.1/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/jedib0t/go-pretty/v6 v6.3.8 h1:p5eZqLFMEGr7CC+9915lC4Dk7Gub6mH7NE35jDhkJsQ=
+github.com/jedib0t/go-pretty/v6 v6.3.8/go.mod h1:MgmISkTWDSFu0xOqiZ0mKNntMQ2mDgOcwOkwBEkMDJI=
 github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
 github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
 github.com/package-url/packageurl-go v0.1.0 h1:efWBc98O/dBZRg1pw2xiDzovnlMjCa9NPnfaiBduh8I=
@@ -28,24 +28,23 @@ github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb h1:bLo8hvc8XFm9J47r690TUKBzcjSWdJDxmjXJZ+/f92U=
 github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM=
-github.com/spdx/tools-golang v0.2.0 h1:KBNcw7xvVycRWeCWZK/5xQJA+plymW1+rTCs8ekJDro=
-github.com/spdx/tools-golang v0.2.0/go.mod h1:RO4Y3IFROJnz+43JKm1YOrbtgQNljW4gAPpA/sY2eqo=
+github.com/spdx/tools-golang v0.3.0 h1:rtm+DHk3aAt74Fh0Wgucb4pCxjXV8SqHCPEb2iBd30k=
+github.com/spdx/tools-golang v0.3.0/go.mod h1:RO4Y3IFROJnz+43JKm1YOrbtgQNljW4gAPpA/sY2eqo=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.4 h1:wZRexSlwd7ZXfKINDLsO4r7WBt3gTKONc6K/VesHvHM=
 github.com/stretchr/testify v1.7.4/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/urfave/cli/v2 v2.11.1 h1:UKK6SP7fV3eKOefbS87iT9YHefv7iB/53ih6e+GNAsE=
-github.com/urfave/cli/v2 v2.11.1/go.mod h1:f8iq5LtQ/bLxafbdBSLPPNsgaW0l/2fYYEHhAyPlwvo=
+github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk=
+github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/exp v0.0.0-20220907003533-145caa8ea1d0 h1:17k44ji3KFYG94XS5QEFC8pyuOlMh3IoR+vkmTZmJJs=
-golang.org/x/exp v0.0.0-20220907003533-145caa8ea1d0/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
+golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b h1:SCE/18RnFsLrjydh/R/s5EVvHoZprqEQUuoxK8q2Pc4=
+golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=