build(deps): bump the production-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the production-dependencies group with 9 updates in the / directory:

Package	From	To
github.com/antlr4-go/antlr/v4	4.13.0	4.13.1
github.com/google/cel-go	0.20.1	0.21.0
github.com/jackc/pgx/v5	5.5.5	5.6.0
github.com/spf13/cobra	1.8.0	1.8.1
github.com/tetratelabs/wazero	1.7.2	1.7.3
golang.org/x/sync	0.7.0	0.8.0
google.golang.org/grpc	1.63.2	1.65.0
google.golang.org/protobuf	1.34.1	1.34.2
modernc.org/sqlite	1.29.9	1.31.1

Updates github.com/antlr4-go/antlr/v4 from 4.13.0 to 4.13.1

Release notes

Sourced from github.com/antlr4-go/antlr/v4's releases.

Release 4.13.1

The 4.13.1 release has:

• Some minor performance improvements
• An optional build tag -tags antlr.nomutex which allows a build without using mutexes, when the user knows they will not use it with multiple go routines. (Note, somewhat experimental)

Note that I did not remove the sort.Slices calls. They will not be experimental for long and are implemented efficently. Please make a fork if you must use it without this dependency. Maybe review whether you need to do so for the sake of one call.

Commits

• 4d7e188 feat: Update go version.
• 329d984 Merge pull request #5 from antlr4-go/dev
• 9447a08 doc: Fix minor typo
• 2daa7c8 docs: Change the release numbers
• See full diff in compare view

Updates github.com/google/cel-go from 0.20.1 to 0.21.0

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.21.0

Features

• Math extensions update to include bitwise ops and floating point helpers #923
• Better support custom types with custom type registries #931
• repl: implement %parse #933
• Fixed partial variables extended bug and split PartialVarsEnvExtended test into two #955
• Added partial evaluations example #959
• Enable conformance tests for extensions #930
• Update cel-spec and enable optional_type conformance tests #919
• Improve token representation in AST #932
• Add function accessor to Env #978

CEL Policy Compiler

Policies which use CEL often evolve to express complex logic using multiple statements and decision criteria. The CEL Policy Compiler provides an extensible format for parsing, compiling, and composing expression graphs. Below is a simple example which can easily be compiled to a single CEL expression.

name: "my-policy"
rule:
  variables:
    - name: greeting
      expression: "'%s, %s!'"
    - name: people
      expression: >
       ['Tristan', 'Calla', 'Antoine', 'Jonathan', 'Sokwhan', 'Rebecca']
  match:
    - condition: "request.user in variables.people"
      output: "variables.greeting.format(['hello', request.user])"
    - output: "variables.greeting.format(['goodbye', 'stranger'])"

• Simple Policy Compiler #924
• Introduce protobuf message testing to policies #961
• Generate policy explanations during compilation #977
• Variable and nested rule limits #989
• Improved support for nested rules #991]

Fixes

• Delete dangling source info from macro expansion #934
• Do not re-use ID twice in exists_one macro #935
• Avoid iterating over the source multiple times during parse #936
• Fix for working with byte arrays by #958
• Stabilize macro id generation during optimization #962
• String formatting panic fix for non-literal format strings #987
• Add nil checking for wrapperspb's types #960

... (truncated)

Commits

• 3545aac Improved support for nested rules (#991)
• 5bcdb8b Check for output type agreement during the compile phase (#992)
• 1f51886 Use bytes interface value for zero native type struct fields instead of dynam...
• c9164bc Variable and nested rule limits (#989)
• 5cbef66 Prevent self-append for Issues (#988)
• 25457de Add nil checking for wrapperspb's types (#960)
• badfce0 Fix panic in formatting string for non-literal formats (#987)
• 9e64eb7 Decompose the compile and compose methods (#986)
• 37d5b96 Add a function to return a policy whose output is the explanation. (#977)
• bc96f3b Fix math.bitShiftRight for negative int (#983)
• Additional commits viewable in compare view

Updates github.com/jackc/pgx/v5 from 5.5.5 to 5.6.0

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.6.0 (May 25, 2024)

• Add StrictNamedArgs (Tomas Zahradnicek)
• Add support for macaddr8 type (Carlos Pérez-Aradros Herce)
• Add SeverityUnlocalized field to PgError / Notice
• Performance optimization of RowToStructByPos/Name (Zach Olstein)
• Allow customizing context canceled behavior for pgconn
• Add ScanLocation to pgtype.Timestamp[tz]Codec
• Add custom data to pgconn.PgConn
• Fix ResultReader.Read() to handle nil values
• Do not encode interval microseconds when they are 0 (Carlos Pérez-Aradros Herce)
• pgconn.SafeToRetry checks for wrapped errors (tjasko)
• Failed connection attempts include all errors
• Optimize LargeObject.Read (Mitar)
• Add tracing for connection acquire and release from pool (ngavinsir)
• Fix encode driver.Valuer not called when nil
• Add support for custom JSON marshal and unmarshal (Mitar)
• Use Go default keepalive for TCP connections (Hans-Joachim Kliemeck)

Commits

• 572d7ff Release v5.6.0
• b4911f1 Merge pull request #2019 from jackc/fix-encode-driver-valuer-on-pointer
• 24c0a5e remove keepalive and rely on GOLANG default (since go 1.13 default is 15s)
• 9ca9203 Move typed nil handling to Map.Encode from anynil
• 79cab46 Only use anynil inside of pgtype
• 6ea2d24 Remove anynil.NormalizeSlice
• c1075bf Remove some special casing for QueryExecModeExec
• cf6074f Remove unused anynil.Normalize
• 13beb38 Fix encode driver.Valuer on nil-able non-pointers
• fec45c8 Refactor appendParamsForQueryExecModeExec
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

• Add env variable to suppress completion descriptions on create by @​scop in spf13/cobra#1938

🐛 Bug fixes

• Micro-optimizations by @​scop in spf13/cobra#1957

🔧 Maintenance

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @​dependabot in spf13/cobra#2127
• Consistent annotation names by @​nirs in spf13/cobra#2140
• Remove fully inactivated linters by @​nirs in spf13/cobra#2148
• Address golangci-lint deprecation warnings, enable some more linters by @​scop in spf13/cobra#2152

🧪 Testing & CI/CD

• Add test for func in cobra.go by @​korovindenis in spf13/cobra#2094
• ci: test golang 1.22 by @​cyrilico in spf13/cobra#2113
• Optimized and added more linting by @​scop in spf13/cobra#2099
• build(deps): bump actions/setup-go from 4 to 5 by @​dependabot in spf13/cobra#2087
• build(deps): bump actions/labeler from 4 to 5 by @​dependabot in spf13/cobra#2086
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in spf13/cobra#2108
• build(deps): bump actions/cache from 3 to 4 by @​dependabot in spf13/cobra#2102

✏️ Documentation

• Fixes and docs for usage as plugin by @​nirs in spf13/cobra#2070
• flags: clarify documentation that LocalFlags related function do not modify the state by @​niamster in spf13/cobra#2064
• chore: remove repetitive words by @​racerole in spf13/cobra#2122
• Add LXC to the list of projects using Cobra @​VaradBelwalkar in spf13/cobra#2071
• Update projects_using_cobra.md by @​marcuskohlberg in spf13/cobra#2089
• [chore]: update projects using cobra by @​cmwylie19 in spf13/cobra#2093
• Add Taikun CLI to list of projects by @​Smidra in spf13/cobra#2098
• Add Incus to the list of projects using Cobra by @​montag451 in spf13/cobra#2118

... (truncated)

Commits

• e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
• 8003b74 Remove fully inactivated linters (#2148)
• 5c2c1d6 Consistent annotation names (#2140)
• 5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
• 0fc86c2 docs: update user guide (#2128)
• 6b5f577 More linting (#2099)
• bd914e5 fix: remove deprecated io/ioutils package (#2120)
• 1f80fa2 chore: remove repetitive words (#2122)
• c69ae4c ci: test golang 1.22 (#2113)
• a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
• Additional commits viewable in compare view

Updates github.com/tetratelabs/wazero from 1.7.2 to 1.7.3

Release notes

Sourced from github.com/tetratelabs/wazero's releases.

v1.7.3

Time to celebrate the new wazero release! This time has not only the important bugs fixes just like before, but more importantly comes with the drastic "compilation time" performance improvements!

Bug fixes

• Various WASI related bug fixes contributed by @​yagehu #2244 #2229 #2223
• Syscall compatibility fix on Windows by @​ncruces #2218
• api.Memory.Grow call bug introduced in v1.7.0 by @​mathetake #2216 (thanks to @​mark-pictor-csec for reporting)

Compilation perf improvements

@​mathetake worked so hard to improve the compilation performance which some users had raised issue about since the release of the optimizing compiler in 1.7.0. The idea is that even though this is partly because it is "optimizing", there are still rooms for improvements in its codebase to use less CPU/memory.

The below is the compilation time benchmark on the various standard library tests for Zig, Go and TinyGo compared to the previous v1.7.2. You can see the huge results up to like 50% faster and ~50% less memory usage. Note that this doesn't affect any runtime performance -- that means your code runs just exactly like before while having faster compilation!😎

goos: darwin
goarch: arm64
pkg: github.com/tetratelabs/wazero/internal/integration_test/stdlibs
                                                   │   old.txt    │              new.txt               │
                                                   │    sec/op    │   sec/op     vs base               │
Zig/Compile/test-opt.wasm-10                           4.872 ± 2%    3.389 ± 3%  -30.44% (p=0.001 n=7)
Zig/Compile/test.wasm-10                               5.926 ± 2%    4.162 ± 1%  -29.76% (p=0.001 n=7)
TinyGo/Compile/container_heap.test-10                 677.2m ± 0%   306.3m ± 1%  -54.76% (p=0.001 n=7)
TinyGo/Compile/container_list.test-10                 673.2m ± 1%   309.3m ± 8%  -54.05% (p=0.001 n=7)
TinyGo/Compile/container_ring.test-10                 665.1m ± 1%   299.5m ± 0%  -54.97% (p=0.001 n=7)
TinyGo/Compile/crypto_des.test-10                     686.4m ± 0%   311.6m ± 0%  -54.61% (p=0.001 n=7)
TinyGo/Compile/crypto_md5.test-10                     685.5m ± 1%   312.7m ± 4%  -54.38% (p=0.001 n=7)
TinyGo/Compile/crypto_rc4.test-10                     666.5m ± 0%   297.9m ± 0%  -55.31% (p=0.001 n=7)
TinyGo/Compile/crypto_sha1.test-10                    683.7m ± 0%   310.1m ± 0%  -54.65% (p=0.001 n=7)
TinyGo/Compile/crypto_sha256.test-10                  692.0m ± 1%   315.0m ± 2%  -54.48% (p=0.001 n=7)
TinyGo/Compile/crypto_sha512.test-10                  692.7m ± 0%   316.6m ± 1%  -54.29% (p=0.001 n=7)
TinyGo/Compile/encoding_ascii85.test-10               680.6m ± 1%   309.3m ± 1%  -54.55% (p=0.001 n=7)
TinyGo/Compile/encoding_base32.test-10               1637.6m ± 1%   650.8m ± 0%  -60.26% (p=0.001 n=7)
TinyGo/Compile/encoding_csv.test-10                   740.0m ± 1%   333.5m ± 0%  -54.92% (p=0.001 n=7)
TinyGo/Compile/encoding_hex.test-10                   708.7m ± 3%   320.9m ± 0%  -54.72% (p=0.001 n=7)
TinyGo/Compile/go_scanner.test-10                     773.2m ± 1%   347.1m ± 6%  -55.11% (p=0.001 n=7)
TinyGo/Compile/hash.test-10                           951.8m ± 1%   410.8m ± 0%  -56.84% (p=0.001 n=7)
TinyGo/Compile/hash_adler32.test-10                   665.8m ± 1%   297.5m ± 0%  -55.32% (p=0.001 n=7)
TinyGo/Compile/hash_crc64.test-10                     893.9m ± 1%   385.1m ± 1%  -56.92% (p=0.001 n=7)
TinyGo/Compile/hash_fnv.test-10                       695.8m ± 2%   312.4m ± 0%  -55.10% (p=0.001 n=7)
TinyGo/Compile/html.test-10                            2.426 ± 1%    2.012 ± 1%  -17.07% (p=0.001 n=7)
TinyGo/Compile/internal_itoa.test-10                  662.5m ± 1%   296.0m ± 1%  -55.32% (p=0.001 n=7)
TinyGo/Compile/internal_profile.test-10               893.6m ± 1%   417.9m ± 0%  -53.24% (p=0.001 n=7)
TinyGo/Compile/math.test-10                           821.1m ± 0%   398.4m ± 0%  -51.48% (p=0.001 n=7)
TinyGo/Compile/math_cmplx.test-10                     701.7m ± 0%   338.8m ± 1%  -51.71% (p=0.001 n=7)
TinyGo/Compile/net.test-10                            755.4m ± 1%   356.5m ± 3%  -52.81% (p=0.001 n=7)
TinyGo/Compile/net_http_internal_ascii.test-10        661.5m ± 1%   296.8m ± 2%  -55.14% (p=0.001 n=7)
TinyGo/Compile/net_mail.test-10                       927.1m ± 2%   398.9m ± 2%  -56.97% (p=0.001 n=7)
TinyGo/Compile/os.test-10                             754.9m ± 0%   370.5m ± 0%  -50.92% (p=0.001 n=7)
</tr></table> 

... (truncated)

Commits

• 8b3af37 wasi: path_open should accept a dir with RIGHT_FD_WRITE (#2244)
• 0fa14a6 Add wazero user: wescale (#2239)
• 507493b ssa: optimizes findValue function (#2245)
• 5c8366f ssa: optimizes slice allocations (#2242)
• d059981 Fixes flaky TestEngine_sortedCompiledModules (#2241)
• 56e2a43 regalloc: removes map from RegAllocFunction (#2240)
• 981e71d fix typo in the cache example test function name (#2238)
• 9995367 regalloc: removes unnecessary Instruction.Uses (#2237)
• 0649820 Removes non-static locals collection (#2236)
• 747609b ssa: removes map use for block traversals (#2235)
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.7.0 to 0.8.0

Commits

• 411f99e LICENSE: update per Google Legal
• See full diff in compare view

Updates google.golang.org/grpc from 1.63.2 to 1.65.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.65.0

Dependencies

• Change support policy to cover only the latest TWO releases of Go, matching the policy for Go itself. See #7249 for more information. (#7250)
• Update x/net/http2 to address CVE-2023-45288 (#7282)

Behavior Changes

• credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)
  • NOTE: this behavior will become the default in a future release.
• metadata: remove String method from MD to make printing more consistent (#7373)

New Features

• grpc: add WithMaxCallAttempts to configure gRPC's retry behavior per-channel. (#7229)
  • Special Thanks: @​imoore76

Bug Fixes

• ringhash: properly apply endpoint weights instead of ignoring them (#7156)
• xds: fix a bug that could cause xds-enabled servers to stop accepting new connections after handshaking errors (#7128)
  • Special Thanks: @​bozaro

Release 1.64.1

Dependencies

• Update x/net/http2 to address CVE-2023-45288 (#7352)
• metadata: remove String method from MD to make printing consistent (#7374)

Release 1.64.0

API Changes

• stats: Deprecate InPayload.Data and OutPayload.Data; they were experimental and will be deleted in the next release (#7121)

Behavior Changes

• codec: Remove handling of environment variable GRPC_GO_ADVERTISE_COMPRESSORS to suppress setting supported compressors in grpc-accept-encoding header. Compressors will always be advertised, as they have been by default for some time (#7203)

New Features

• resolver/dns: Add SetMinResolutionInterval to set the minimum interval at which DNS re-resolutions may occur (#6962)
  • Special Thanks: @​HomayoonAlimohammadi
• peer/peer: Implement the fmt.Stringer interface for pretty printing Peer, and
• metadata/metadata: Implement the fmt.Stringer interface for pretty printing MD (#7137)
  • Special Thanks: @​AnomalRoil

Performance Improvements

... (truncated)

Commits

• 2da9769 Change version to 1.65.0 (#7306)
• ede96b7 metadata: remove String method (#7373)
• 64be203 grpc: Readd pick first name (#7336) (#7341)
• 25e33a6 examples: Add CSM Observability example (#7302) (#7318)
• 04a5f46 xds/internal/xdsclient: Emit unknown for CSM Labels if not present in CDS (#7...
• cff5c3e stats/opentelemetry: Add e2e testing for CSM Observability (#7279) (#7316)
• 9b970fd dns: fix constant 30s backoff for re-resolution (#7262) (#7311)
• 6d23620 documentation: on server, use FromIncomingContext for retrieving context and...
• 7e5898e xds: unify xDS client creation APIs meant for testing (#7268)
• 5d7bd7a interop/xds: Interop client and server changes for CSM Observability (#7280)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.34.1 to 1.34.2

Updates modernc.org/sqlite from 1.29.9 to 1.31.1

Commits

• b0354f7 fix documentation
• 34bc99b vendor [email protected] /n
• 2708c0b vendor [email protected]
• 53acf59 builder.json: disable autotag
• d9a0871 revert to v1.30.1
• 8496be5 windows adjustments /n
• 77dde24 windows adjustments
• 15d87fe move func_test.go into repo root
• fea7666 WIPS
• 9e07ba9 vendor [email protected], support windows/386 /n
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions