chore(deps): bump the all group with 2 updates

[dependabot]

Bumps the all group with 2 updates: charm.land/catwalk and github.com/go-git/go-git/v5.

Updates charm.land/catwalk from 0.33.2 to 0.34.3

Release notes

Sourced from charm.land/catwalk's releases.

v0.34.3

Changelog

Other stuff

• a44074b5978338623b1d8e93bdd0ee14d4fe1967: chore: re-generate copilot (@​andreynering)
• 561143829fefd3d55de6ed312fd478eeb6ae1d0d: ci(update): one generator per command, add continue-on-error: true (@​andreynering)

---

First, download the checksums.txt file and the checksums.txt.sigstore.json file files, for example, with wget:

wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.34.3/checksums.txt'
wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.34.3/checksums.txt.sigstore.json'

Then, verify it using cosign:

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --bundle 'checksums.txt.sigstore.json' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.34.2

Changelog

Other stuff

• b735c901458a5bcdb6b70df1b988b0323aa2a246: chore: new provider: nebius token factory (#227) (@​harmw)

---

... (truncated)

Commits

• e1aead9 v0.34.3
• dcf0898 chore: auto-update generated files
• 5611438 ci(update): one generator per command, add continue-on-error: true
• 5b009a7 chore: auto-update generated files
• a44074b chore: re-generate copilot
• 004526a v0.34.2
• b735c90 chore: new provider: nebius token factory (#227)
• ff1d3d2 v0.34.1
• b827bde chore: re-generate all
• 93a983d chore: add omitzero to options struct
• Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.17.2

What's Changed

• build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1941
• dotgit: skip writing pack files that already exist on disk by @​pjbgf in go-git/go-git#1944

⚠️ This release fixes a bug (go-git/go-git#1942) that blocked some users from upgrading to v5.17.1. Thanks @​pskrbasu for reporting it. 🙇

Full Changelog: go-git/go-git@v5.17.1...v5.17.2

Commits

• 45ae193 Merge pull request #1944 from go-git/fix-perms
• fda4f74 storage: filesystem/dotgit, Skip writing pack files that already exist on disk
• 2212dc7 Merge pull request #1941 from go-git/renovate/releases/v5.x-go-github.com-go-...
• ebb2d7d build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY]
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: area: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.