Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the gomod group across 1 directory with 11 updates #617

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 3, 2024

Bumps the gomod group with 8 updates in the / directory:

Package From To
github.com/prometheus/client_golang 1.17.0 1.19.1
github.com/yannh/kubeconform 0.6.4 0.6.6
go.uber.org/zap 1.26.0 1.27.0
github.com/cespare/xxhash/v2 2.2.0 2.3.0
github.com/prometheus/client_model 0.5.0 0.6.1
github.com/prometheus/procfs 0.12.0 0.15.1
github.com/secure-systems-lab/go-securesystemslib 0.7.0 0.8.0
google.golang.org/protobuf 1.33.0 1.34.1

Updates github.com/prometheus/client_golang from 1.17.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

  • Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

Full Changelog: prometheus/client_golang@v1.19.0...v1.19.1

v1.19.0

What's Changed

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427

New Contributors

Full Changelog: prometheus/client_golang@v1.18.0...v1.19.0

v1.18.0

What's Changed

  • [FEATURE] promlint: Allow creation of custom metric validations. #1311
  • [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
  • [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
  • [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
  • [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

New Contributors

Full Changelog: prometheus/client_golang@v1.17.0...v1.18.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

1.19.0 / 2023-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427

1.18.0 / 2023-12-22

  • [FEATURE] promlint: Allow creation of custom metric validations. #1311
  • [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
  • [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
  • [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
  • [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360
Commits

Updates github.com/yannh/kubeconform from 0.6.4 to 0.6.6

Release notes

Sourced from github.com/yannh/kubeconform's releases.

v0.6.6

Changelog

  • 142517f fix go.mod

v0.6.5

Changelog

  • 13a78eb Avoid unnecessary type conversions (#222)
  • a4d74ce Fail early on incorrect version of k8s (#254)
  • 452f1fe Fix #130 in a backward-compatible way (#219)
  • b6728f1 Fix junit output, also ensure junit output is deterministic (#253)
  • ae67bb4 Force Draft version of JsonSchema (#221)
  • 71a59d7 Remove deprecated Maintainer tag in Dockerfile (#267)
  • ad166c7 Sanitize csv strings (#258)
  • 7062384 Slightly improve the coverage of the validator test (#271)
  • 20805f6 Stop validating output of closed channel in Validate (#265)
  • 808e6d4 Update GH actions and goreleaser (#252)
  • 14053aa Update Go & Base images (#268)
  • 2e50b79 Update Go and Goreleaser to 1.20, update dependencies (#231)
  • d8f00a3 Update Golang to 1.21.4 (#245)
  • f0a7d52 Update Readme.md
  • b7d7b4d Update Readme.md (#232)
  • 278385f Update Readme.md to add fullgroup explanation (#220)
  • a8000fd Update kubeconform -h output (#260)
  • 9627dd1 Update go version in go.mod (#269)
  • 71fd5f8 fix: add missing output formats in error message (#213)
  • 6ae8c45 openapi2jsonschema.py now correctly fails if no FILE is passed (#244)
Commits

Updates go.uber.org/zap from 1.26.0 to 1.27.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.0

Enhancements:

  • #1378[]: Add WithLazy method for SugaredLogger.
  • #1399[]: zaptest: Add NewTestingWriter for customizing TestingWriter with more flexibility than NewLogger.
  • #1406[]: Add Log, Logw, Logln methods for SugaredLogger.
  • #1416[]: Add WithPanicHook option for testing panic logs.

Thanks to @​defval, @​dimmo, @​arxeiss, and @​MKrupauskas for their contributions to this release.

#1378: uber-go/zap#1378 #1399: uber-go/zap#1399 #1406: uber-go/zap#1406 #1416: uber-go/zap#1416

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.0 (20 Feb 2024)

Enhancements:

  • #1378[]: Add WithLazy method for SugaredLogger.
  • #1399[]: zaptest: Add NewTestingWriter for customizing TestingWriter with more flexibility than NewLogger.
  • #1406[]: Add Log, Logw, Logln methods for SugaredLogger.
  • #1416[]: Add WithPanicHook option for testing panic logs.

Thanks to @​defval, @​dimmo, @​arxeiss, and @​MKrupauskas for their contributions to this release.

#1378: uber-go/zap#1378 #1399: uber-go/zap#1399 #1406: uber-go/zap#1406 #1416: uber-go/zap#1416

Commits

Updates github.com/cespare/xxhash/v2 from 2.2.0 to 2.3.0

Commits
  • 998dce2 Add initial support for custom seeds
  • 21fc82b feat: add badger to the projects using this package on README.md
  • 66b1409 feat: add ristretto to the Projects using this package on README.md
  • fe2f6e8 Update Go versions for GH action
  • See full diff in compare view

Updates github.com/prometheus/client_model from 0.5.0 to 0.6.1

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.1

What's Changed

Full Changelog: prometheus/client_model@v0.6.0...v0.6.1

v0.6.0

What's Changed

New Contributors

Full Changelog: prometheus/client_model@v0.5.0...v0.6.0

Commits
  • 571429e Merge pull request #86 from prometheus/repo_sync
  • cc727ab Update common Prometheus files
  • 6fe5007 Merge pull request #85 from prometheus/repo_sync
  • bce87c1 Update common Prometheus files
  • 64c33c9 Merge pull request #84 from prometheus/dependabot/go_modules/google.golang.or...
  • d954a8a Bump google.golang.org/protobuf from 1.32.0 to 1.33.0
  • 5c25993 Merge pull request #82 from prometheus/repo_sync
  • bb45f95 Update common Prometheus files
  • 01ca24c Merge pull request #81 from prometheus/repo_sync
  • ccd6823 Update common Prometheus files
  • Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.45.0 to 0.48.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.48.0

This release will require changes of code that relies on direct access to content-type format strings. See the PR linked below for work-arounds. Please file an issue if your use case doesn't work anymore.

What's Changed

Full Changelog: prometheus/common@v0.47.0...v0.48.0

v0.47.0

What's Changed

New Contributors

Full Changelog: prometheus/common@v0.46.0...v0.47.0

v0.46.0

What's Changed

New Contributors

... (truncated)

Commits
  • bd41eb6 Merge pull request #576 from ywwg/owilliams/unexport
  • 05d7387 Unexport Format strings
  • 773d566 Merge pull request #570 from ywwg/owilliams/quoted-metric-name-02
  • 319c62c UTF-8 support in metric and label names
  • a3bdb9e Support empty OAuth2 inline secrets (#547)
  • bd0376d UTF-8 support in validation, and some parsers and formatters (#537)
  • 7e44242 Bump Go modules (#568)
  • 0e201e4 Merge pull request #567 from stapelberg/protodelim
  • 53f76e7 version: make GetTegs() public (#565)
  • 1143fec switch to protodelim package (which pbutil now calls)
  • Additional commits viewable in compare view

Updates github.com/prometheus/procfs from 0.12.0 to 0.15.1

Release notes

Sourced from github.com/prometheus/procfs's releases.

v0.15.1

What's Changed

New Contributors

Full Changelog: prometheus/procfs@v0.15.0...v0.15.1

v0.15.0 / 2024-05-14

What's Changed

New Contributors

Full Changelog: prometheus/procfs@v0.14.0...v0.15.0

v0.14.0

What's Changed

New Contributors

Full Changelog: prometheus/procfs@v0.13.0...v0.14.0

... (truncated)

Commits

Updates github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0

Commits
  • 7e48227 Merge pull request #66 from secure-systems-lab/dependabot/go_modules/golang.o...
  • e615bd3 chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0
  • c55c6a6 Merge pull request #65 from adityasaky/sigstore-support
  • a0c6afa Support sigstore fields in public key
  • 2eb6599 Merge pull request #64 from secure-systems-lab/dependabot/github_actions/acti...
  • 7e04bd5 chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0
  • a8e3b1f Merge pull request #63 from secure-systems-lab/dependabot/go_modules/golang.o...
  • 7539050 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0
  • 8613a43 Merge pull request #59 from secure-systems-lab/dependabot/github_actions/acti...
  • 8402a9f Merge pull request #60 from neilnaveen/neil/signerverifier/utils
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.16.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • See full diff in compare view

Updates golang.org/x/sys from 0.15.0 to 0.20.0

Commits
  • 7d69d98 unix: extend support for z/OS
  • 7758090 cpu: add support for sve2 detection
  • 9a28524 windows: drop go version tags for unsupported versions
  • 27dc90b unix: update to Linux kernel 6.4
  • cabba82 windows: use uint32 for serial comm flags for consistency
  • 1a50d97 windows: add serial comm functions
  • 95f07ec x/sys/windows: add func windows.DisconnectNamedPipe(handle Handle) (err error)
  • 4be02d3 unix: expose mmap calls on z/OS
  • 360f961 unix: add API for fsconfig system call
  • 7ff74af unix: drop go version tags for unsupported versions
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.33.0 to 1.34.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.17.0` | `1.19.1` |
| [github.com/yannh/kubeconform](https://github.com/yannh/kubeconform) | `0.6.4` | `0.6.6` |
| [go.uber.org/zap](https://github.com/uber-go/zap) | `1.26.0` | `1.27.0` |
| [github.com/cespare/xxhash/v2](https://github.com/cespare/xxhash) | `2.2.0` | `2.3.0` |
| [github.com/prometheus/client_model](https://github.com/prometheus/client_model) | `0.5.0` | `0.6.1` |
| [github.com/prometheus/procfs](https://github.com/prometheus/procfs) | `0.12.0` | `0.15.1` |
| [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) | `0.7.0` | `0.8.0` |
| google.golang.org/protobuf | `1.33.0` | `1.34.1` |



Updates `github.com/prometheus/client_golang` from 1.17.0 to 1.19.1
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.17.0...v1.19.1)

Updates `github.com/yannh/kubeconform` from 0.6.4 to 0.6.6
- [Release notes](https://github.com/yannh/kubeconform/releases)
- [Changelog](https://github.com/yannh/kubeconform/blob/master/.goreleaser.yml)
- [Commits](yannh/kubeconform@v0.6.4...v0.6.6)

Updates `go.uber.org/zap` from 1.26.0 to 1.27.0
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.26.0...v1.27.0)

Updates `github.com/cespare/xxhash/v2` from 2.2.0 to 2.3.0
- [Commits](cespare/xxhash@v2.2.0...v2.3.0)

Updates `github.com/prometheus/client_model` from 0.5.0 to 0.6.1
- [Release notes](https://github.com/prometheus/client_model/releases)
- [Commits](prometheus/client_model@v0.5.0...v0.6.1)

Updates `github.com/prometheus/common` from 0.45.0 to 0.48.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.45.0...v0.48.0)

Updates `github.com/prometheus/procfs` from 0.12.0 to 0.15.1
- [Release notes](https://github.com/prometheus/procfs/releases)
- [Commits](prometheus/procfs@v0.12.0...v0.15.1)

Updates `github.com/secure-systems-lab/go-securesystemslib` from 0.7.0 to 0.8.0
- [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases)
- [Commits](secure-systems-lab/go-securesystemslib@v0.7.0...v0.8.0)

Updates `golang.org/x/crypto` from 0.16.0 to 0.17.0
- [Commits](golang/crypto@v0.16.0...v0.17.0)

Updates `golang.org/x/sys` from 0.15.0 to 0.20.0
- [Commits](golang/sys@v0.15.0...v0.20.0)

Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.1

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/yannh/kubeconform
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: go.uber.org/zap
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/cespare/xxhash/v2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/client_model
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/common
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/procfs
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/secure-systems-lab/go-securesystemslib
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/sys
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 3, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 17, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jun 17, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/gomod-d23da10f2c branch June 17, 2024 06:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants