Bump cuelang.org/go from 0.4.2 to 0.4.3

[dependabot]

Bumps cuelang.org/go from 0.4.2 to 0.4.3.

Release notes

Sourced from cuelang.org/go's releases.

v0.4.3

This release includes various bug fixes, including fixing some crashes. It also fixes a memory leak that would cause long-running servers to OOM (see #1418). It also now supports Go 1.18.

It also fixes various builtin extensions.

This release also makes a lot of preparations for the upcoming comprehension rework, which will allow us to do all kinds improvements and performance enhancements.

As a reminder: users can register their projects with unity, our regression and performance testing setup. unity is used to ensure that a project's CUE evaluations do not unexpectedly stop working, or regress in terms of performance. unity continues to catch multiple issues with each release. Adding your project to unity not only guarantees that we will not break your tests (if we do, we will work with you to fix your CUE code), but it also helps to improve the quality of each CUE release. We are in the process of adding support for adding private projects to unity.

Thank you to @​benmoss, @​cuichenli, @​danbison, @​emcfarlane, @​eonpatapon, @​jared-gs, @​jdreaver, @​jlongtine, @​mattmoor, @​mvdan, @​oncilla, @​roidelapluie, @​slewiskelly, @​xinau, and @​yannk for contributing to this release!

Language changes

This release removes all remaining support for quoted identifiers. Although this hasn't been supported for a while, there were still parts of the code that handled them, resulting in cryptic error messages.

Core evaluator

This release sees an overall improvement in error location reporting. These changes are quite substantial but largely, aside from a few resulting bug fixes, do not alter behavior.

Builtins

net

Add CIDR range verification function.

regexp

Add ReplaceAll and ReplaceAllLiteral

time

Fixes a hermeticity issues where a local time zone may be selected. Added FormatString to ultimately replace Format, where Format will first have to be deprecated.

Add FormatString, FormatDuration and Split

tool/file

Add MkdirTemp, RemoveAll

tool/http

Add Support for TLS settings.

Changelog

• 5c43a87a all: apply Go 1.18's gofmt -s
• 41ad3a08 all: bump x/text
• e74624be all: drop golang.org/x/xerrors
• b6cdc743 all: format .cue files in txtar archives
• 054cc312 all: move to go1.17-based go.mod
• f396ea88 all: upgrade github.com/spf13/cobra to v1.4.0
• f26cc29d all: upgrade go-internals
• 83a17005 build: fix typo inclduded -> included
• dc2c9e09 ci: add Go 1.18 and bump action and Go versions

... (truncated)

Commits

• 256f1f9 CI: update to the latest goreleaser version
• 37cc8ac cmd/cue/cmd: support byte in get go
• 5127136 cmd/cue/cmd: support uintptr in get go
• dc2c9e0 internal/ci: add Go 1.18 and bump action and Go versions
• 05f74a8 pkg: remove usage of qgo in go generate
• 5c43a87 all: apply Go 1.18's gofmt -s
• 69e2dcc cmd/cue: make long tests pass with Go 1.18
• 6b138e4 cue/load: remove some unused code
• e74624b all: drop golang.org/x/xerrors
• 935a926 cmd/cue/cmd: make get go work with go 1.18
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #1779 (22615cb) into main (623d50f) will decrease coverage by 0.03%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #1779      +/-   ##
==========================================
- Coverage   31.47%   31.43%   -0.04%     
==========================================
  Files         144      144              
  Lines        8890     8890              
==========================================
- Hits         2798     2795       -3     
- Misses       5756     5758       +2     
- Partials      336      337       +1     

Impacted Files	Coverage Δ
pkg/cosign/tuf/client.go	61.68% <0.00%> (-0.82%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 623d50f...22615cb. Read the comment docs.