Bump github.com/bufbuild/buf from 1.30.0 to 1.54.0

[dependabot]

Bumps github.com/bufbuild/buf from 1.30.0 to 1.54.0.

Release notes

Sourced from github.com/bufbuild/buf's releases.

v1.54.0

• Add CSR category to breaking rules.
• Add support for local bufplugins for protoc-gen-buf-breaking and protoc-gen-buf-lint.
• Add RISC-V (64-bit) binaries for Linux to releases.
• Fix type filtering on buf generate for empty files, files with no declared types.
• Fix CEL check on buf lint for predefined rules variables.
• Fix buf config migrate to filter out removed rules.
• Allow users to set examples without constraints in PROTOVALIDATE lint rule.
• Add ppc64le binaries for Linux to releases.

v1.53.0

• Fix buf breaking annotations for JSON format.

v1.52.1

• Fix language version for pre-commit hooks.

v1.52.0

• Fix exclude_type on a non imported package.
• Fix --exclude-type flag for buf generate when an input is specified.
• Fix type filter import filtering for options.
• Add OS environment when invoking local buf plugins.
• Add file path to buf lint and buf breaking output even when source code info is not available. This allows buf lint and buf breaking to respect ignore and ignore_only configurations when source code info is not available.

v1.51.0

• Fix buf convert to allow for zero length for binpb, txtpb, and yaml formats.
• Fix use of deprecated flag --include-types for buf generate.
• Add --against-registry flag to buf breaking that runs breaking checks against the latest commit on the default branch of the corresponding module in the registry.
• Fix type filter with unused image dependencies for buf generate.
• Improve type filtering for buf generate. Adds the ability to exclude types with the parameter exclude_types in buf.gen.yaml and a flag --exclude-types in the CLI. Type filters may now also be specified as plugin parameters in buf.gen.yaml.

v1.50.1

• Security: Improved input validation to prevent unsafe command execution when running buf registry login. (Reported by Matt Austin)

v1.50.0

• Add input parameter filter for use with git inputs. This sets the filter flag argument for the git fetch command.

v1.49.0

• Fix buf plugin push --label to allow pushing a plugin with a label.
• Add --digest-changes-only flag to buf registry {module,plugin} commit list to filter out commits that have no digest changes.
• Fix buf plugin push --source-control-url to allow pushing a plugin with the source control url.

v1.48.0

• Add buf registry plugin {create,delete,info,update} commands to manage BSR plugins.
• Breaking analysis support for buf beta lsp.
• Fix bug when using the --type flag filter for buf build where import ordering is not determinisitic.
• Add buf plugin push command to push a plugin to the Buf Schema Registry. Only WebAssembly check plugins are supported at this time.
• Add buf plugin update and buf plugin prune command to manage plugins in the buf.lock file. Only WebAssembly check plugins are supported at this time.
• Add buf registry plugin commit {add-label,info,list,resolve} to manage BSR plugin commits.
• Add buf registry plugin label {archive,info,list,unarchive} to manage BSR plugin commits.
• Move buf registry module update to buf registry module settings update. Command buf registry module update is now deprecated.

... (truncated)

Changelog

Sourced from github.com/bufbuild/buf's changelog.

[v1.54.0] - 2025-05-12

• Add CSR category to breaking rules.
• Add support for local bufplugins for protoc-gen-buf-breaking and protoc-gen-buf-lint.
• Add RISC-V (64-bit) binaries for Linux to releases.
• Fix type filtering on buf generate for empty files, files with no declared types.
• Fix CEL check on buf lint for predefined rules variables.
• Fix buf config migrate to filter out removed rules.
• Allow users to set examples without constraints in PROTOVALIDATE lint rule.
• Add ppc64le binaries for Linux to releases.

[v1.53.0] - 2025-04-21

• Fix buf breaking annotations for JSON format.

[v1.52.1] - 2025-04-08

• Fix language version for pre-commit hooks.

[v1.52.0] - 2025-04-07

• Fix exclude_type on a non imported package.
• Fix --exclude-type flag for buf generate when an input is specified.
• Fix type filter import filtering for options.
• Add OS environment when invoking local buf plugins.
• Add file path to buf lint and buf breaking output even when source code info is not available. This allows buf lint and buf breaking to respect ignore and ignore_only configurations when source code info is not available.

[v1.51.0] - 2025-03-28

• Fix buf convert to allow for zero length for binpb, txtpb, and yaml formats.
• Fix use of deprecated flag --include-types for buf generate.
• Add --against-registry flag to buf breaking that runs breaking checks against the latest commit on the default branch of the corresponding module in the registry.
• Fix type filter with unused image dependencies for buf generate.
• Improve type filtering for buf generate. Adds the ability to exclude types with the parameter exclude_types in buf.gen.yaml and a flag --exclude-types in the CLI. Type filters may now also be specified as plugin parameters in buf.gen.yaml.

[v1.50.1] - 2025-03-10

• Minor fixes and dependency updates.

[v1.50.0] - 2025-01-17

• Add input parameter filter for use with git inputs. This sets the filter flag argument for the git fetch command.

[v1.49.0] - 2025-01-07

... (truncated)

Commits

• e399520 Release v1.54.0 (#3842)
• cbdbf63 Allow users to set examples without constraints in PROTOVALIDATE lint rule ...
• de92461 Add CHANGELOG entry for ppc64le Linux binary (#3841)
• 40c0fd3 Add ppc64le Linux binary to releases and README update (#3840)
• 0080105 Move to buf.build/go/standard (#3839)
• 3fbc038 Move first batch of ext-suffixed packages to standard with x prefix (#3838)
• 878a477 Fix check failure message on partial images (#3826)
• c544d37 Make upgrade (#3837)
• 91e71ac Remove private/pkg/app in favor of buf.build/go/app (#3829)
• d8f7c30 Remove interrupt package and make app not depend on other private/pkg package...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: T:dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.