Skip to content

chore(deps): bump github.com/open-policy-agent/opa from 1.17.1 to 1.18.0 in the go-minor-patch group#18

Merged
jonmartinstorm merged 1 commit into
mainfrom
dependabot/go_modules/go-minor-patch-c57c3fe1e0
Jun 29, 2026
Merged

chore(deps): bump github.com/open-policy-agent/opa from 1.17.1 to 1.18.0 in the go-minor-patch group#18
jonmartinstorm merged 1 commit into
mainfrom
dependabot/go_modules/go-minor-patch-c57c3fe1e0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-minor-patch group with 1 update: github.com/open-policy-agent/opa.

Updates github.com/open-policy-agent/opa from 1.17.1 to 1.18.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.18.0

This release contains a mix of bugfixes and small features. Notably:

  • A breaking fix to the outbound User-Agent header so it conforms to RFC 9110 (see below)
  • Container-aware resource limits: automatic GOMAXPROCS is restored and automatic GOMEMLIMIT is now supported
  • Several opa fmt correctness fixes
  • Improvements to opa test --coverage (ranges in report, inline rule head tracking, conjunction-expression coverage)

Breaking: Fix User-Agent according to RFC9110 (#8792)

OPA's outbound HTTP requests (bundle, discovery, decision log, status, http.send, AWS KMS/ECR) previously sent User-Agent: Open Policy Agent/<version> (<os>, <arch>), which is not a valid RFC 9110 User-Agent value because the product token cannot contain spaces. The header is now Open-Policy-Agent/<version> (<os>, <arch>). Server-side log filters or WAF rules that exact-match the old string will need to be updated.

Authored by @​sspaink, reported by @​SpecLad

Runtime, SDK, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.18.0

This release contains a mix of bugfixes and small features. Notably:

  • A breaking fix to the outbound User-Agent header so it conforms to RFC 9110 (see below)
  • Container-aware resource limits: automatic GOMAXPROCS is restored and automatic GOMEMLIMIT is now supported
  • Several opa fmt correctness fixes
  • Improvements to opa test --coverage (ranges in report, inline rule head tracking, conjunction-expression coverage)

Breaking: Fix User-Agent according to RFC9110 (#8792)

OPA's outbound HTTP requests (bundle, discovery, decision log, status, http.send, AWS KMS/ECR) previously sent User-Agent: Open Policy Agent/<version> (<os>, <arch>), which is not a valid RFC 9110 User-Agent value because the product token cannot contain spaces. The header is now Open-Policy-Agent/<version> (<os>, <arch>). Server-side log filters or WAF rules that exact-match the old string will need to be updated.

Authored by @​sspaink, reported by @​SpecLad

Runtime, SDK, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Commits
  • cc2c5c6 Prepare v1.18 release (#8820)
  • e72a98f format: keep lone with on the closing-bracket line of multi-line expression...
  • 03646dd topdown: Fix PE not namespacing vars in comprehensions nested inside every ...
  • bf2bb52 benchmarks: split off script, emit markdown table
  • 02ce276 version: fix ill-formed User-Agent header (#8796)
  • 1fdbb77 build(deps): bump the dependencies group across 2 directories with 6 updates
  • 954196a cover: Add support for coverage of conjunction exprs (#8809)
  • dec8333 deduplicate change-detection output in pr CI checks (#8808)
  • 09679ab benchmarks: use details+summary comments for benchlab results (#8811)
  • 57742e8 build(deps): bump webpack-dev-server from 5.2.4 to 5.2.5 in /docs (#8807)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-minor-patch group with 1 update: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).


Updates `github.com/open-policy-agent/opa` from 1.17.1 to 1.18.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.17.1...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@jonmartinstorm jonmartinstorm merged commit 6143642 into main Jun 29, 2026
8 checks passed
@dependabot dependabot Bot deleted the dependabot/go_modules/go-minor-patch-c57c3fe1e0 branch June 29, 2026 06:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant