build(deps): bump github.com/google/yamlfmt from 0.13.0 to 0.14.0

[dependabot]

Bumps github.com/google/yamlfmt from 0.13.0 to 0.14.0.

Release notes

Sourced from github.com/google/yamlfmt's releases.

v0.14.0

Shoutouts To The Community Release

I have been in not the best health the last while, which is why this release took so long to cut. On the bright side, this release features more contributions from the community than from myself. Thank you to everyone who contributed!

Features

strip_directives

yaml.v3 does not support directives. The best thing to do would be to add some amount of support for directives, which I will do in the future just taking it as far as the parser not failing upon finding a directive. In the short term, I added a hotfix style feature that will strip the directives before formatting and put them back in. The feature is fraught with edge cases and only works reliably with directives at the top of the file. See the explanations I added in the docs.

gitignore_excludes searches up the directory structure for the nearest .gitignore

Arguably a fix, the gitignore_excludes feature will now look up the directory structure for the nearest .gitignore which unlocks monorepo usage patterns for yamlfmt.

JSON schema

The community has added a JSON Schema! I'm calling it out in release notes, but this is not tied to yamlfmt releases in any way. If you have any fixes or improvements to make, they will not need to be tied to git tags being cut.

I am not super familiar with JSON Schema; I will try my best not to break it and keep it up to date but I'm not gonna be great at addressing potential deeper issues with it.

Validating releases with cosign

The release artifacts now generate other artifacts that allow you to verify releases using the cosign tool.

Fixes

The line_ending setting in the formatter config is respected again

This was a regression in v0.13.0 where I did some refactors to config discovery. I uncovered an edge case in my original code to handle the line_ending setting in the formatter block (vs the global version). This has been fixed in this release.

eof_newline no longer panics on an empty file

If the file was empty, the eof_newline feature would panic. Never thought of that! This has been fixed.

Contributors

@​thiagowfx added the JSON Schema @​Shion1305 fixed the eof_newline panic @​dhth added cosign support to releases @​nikaro added .gitignore discovery

I think this is the most contributors I've had in a release! Thank you everyone!

Changelog (generated)

• feat: introduce a json schema file for yamlfmt by @​thiagowfx in google/yamlfmt#193
• 🐛 panic against empty file with eof_newline feature, resolves: #196 by @​Shion1305 in google/yamlfmt#197
• fix: look for gitignore file until the git root by @​nikaro in google/yamlfmt#200
• fix(json schema): remove additionalProperties any by @​thiagowfx in google/yamlfmt#202
• Add JSON schema validity test by @​braydonk in google/yamlfmt#203

... (truncated)

Commits

• 1c3f200 why did this used to work but not anymore (#219)
• dff9419 This might fix releases (#218)
• 52c3b64 Add feature strip_directives (#217)
• 399324c command: correctly propogate line_ending setting (#216)
• 3e85e19 Update README.md (#212)
• 86b7c4b ci: sign checksum file with cosign (#207)
• e0d7d7a Add JSON schema validity test (#203)
• f66e650 fix schema (#202)
• 44b683a fix: look for gitignore file until the git root (#200)
• 2cdff15 🐛 panic against empty file with eof_newline feature, resolves: #196 (#197)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)