chore(deps): bump the gomod group with 8 updates

[dependabot]

Bumps the gomod group with 8 updates:

Package	From	To
github.com/prometheus/client_golang	1.17.0	1.18.0
go.uber.org/zap	1.26.0	1.27.0
github.com/prometheus/client_model	0.5.0	0.6.0
github.com/prometheus/common	0.45.0	0.48.0
github.com/secure-systems-lab/go-securesystemslib	0.7.0	0.8.0
golang.org/x/crypto	0.16.0	0.17.0
golang.org/x/sys	0.15.0	0.16.0
google.golang.org/protobuf	1.31.0	1.32.0

Updates github.com/prometheus/client_golang from 1.17.0 to 1.18.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.18.0

What's Changed

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

New Contributors

• @​srenatus made their first contribution in prometheus/client_golang#1350
• @​jadolg made their first contribution in prometheus/client_golang#1342
• @​manas-rust made their first contribution in prometheus/client_golang#1383
• @​bluekeyes made their first contribution in prometheus/client_golang#1378
• @​tsipo made their first contribution in prometheus/client_golang#1387

Full Changelog: prometheus/client_golang@v1.17.0...v1.18.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

Commits

• 53be91d Revert "change api http.client to interface"
• 1a2d072 Add 1.18 changelog
• 239b123 Merge pull request #1387 from tsipo/main
• 3f8bd73 Merge pull request #1370 from prometheus/dependabot/go_modules/tutorial/whats...
• 5e55b31 Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /tutorial/whatsup
• e96fb18 Merge pull request #1401 from prometheus/dependabot/go_modules/golang.org/x/s...
• 2a8fc90 Bump golang.org/x/sys from 0.13.0 to 0.15.0
• 24d59e9 change client to interface, allow override by other implementations (e.g. git...
• 80d3f0b Normalize empty help values in CollectAndCompare (#1378)
• 3f80cd1 Add example of NewConstMetricWithCreatedTimestamp (#1375)
• Additional commits viewable in compare view

Updates go.uber.org/zap from 1.26.0 to 1.27.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.0

Enhancements:

• #1378[]: Add WithLazy method for SugaredLogger.
• #1399[]: zaptest: Add NewTestingWriter for customizing TestingWriter with more flexibility than NewLogger.
• #1406[]: Add Log, Logw, Logln methods for SugaredLogger.
• #1416[]: Add WithPanicHook option for testing panic logs.

Thanks to @​defval, @​dimmo, @​arxeiss, and @​MKrupauskas for their contributions to this release.

#1378: uber-go/zap#1378 #1399: uber-go/zap#1399 #1406: uber-go/zap#1406 #1416: uber-go/zap#1416

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.0 (20 Feb 2024)

Enhancements:

• #1378[]: Add WithLazy method for SugaredLogger.
• #1399[]: zaptest: Add NewTestingWriter for customizing TestingWriter with more flexibility than NewLogger.
• #1406[]: Add Log, Logw, Logln methods for SugaredLogger.
• #1416[]: Add WithPanicHook option for testing panic logs.

Thanks to @​defval, @​dimmo, @​arxeiss, and @​MKrupauskas for their contributions to this release.

#1378: uber-go/zap#1378 #1399: uber-go/zap#1399 #1406: uber-go/zap#1406 #1416: uber-go/zap#1416

Commits

• fcf8ee5 Release v1.27.0 (#1419)
• e5a56ee Add WithPanicHook logger option for panic log tests (#1416)
• 0e2aa4e assets: Fix logo color profile (#1418)
• 956a21c Add methods for logging with level as argument (#1406)
• 2a893f6 build(deps): bump golangci/golangci-lint-action from 3 to 4 (#1417)
• e5745d6 ci: Test with Go 1.22 (#1409)
• 7db06bc zapslog: rename Option to HandlerOption (#1411)
• 35ded09 zapslog: fix all with slogtest, support inline group, ignore empty group. (#1...
• 27b96e3 Make zaptest.NewTestingWriter public (#1399)
• 70f61bb zapslog: Bump zap from v1.24.0 to v1.26.0 (#1404)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_model from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.0

What's Changed

• Add unit field to MetricFamily proto message by @​vesari in prometheus/client_model#75
• add exemplar to native histogram by @​fatsheep9146 in prometheus/client_model#80

New Contributors

• @​vesari made their first contribution in prometheus/client_model#75
• @​fatsheep9146 made their first contribution in prometheus/client_model#80

Full Changelog: prometheus/client_model@v0.5.0...v0.6.0

Commits

• d56cd79 add exemplar to native histogram (#80)
• f22bbab Merge pull request #79 from prometheus/repo_sync
• 552c44f Update common Prometheus files
• f68ef47 Merge pull request #78 from prometheus/dependabot/go_modules/google.golang.or...
• 2aad054 Bump google.golang.org/protobuf from 1.31.0 to 1.32.0
• 93dfe21 Merge pull request #77 from prometheus/repo_sync
• d150866 Update common Prometheus files
• 9b7b675 Merge pull request #76 from prometheus/repo_sync
• 734da88 Update common Prometheus files
• c26a8ee Merge pull request #75 from vesari/add-unit
• Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.45.0 to 0.48.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.48.0

This release will require changes of code that relies on direct access to content-type format strings. See the PR linked below for work-arounds. Please file an issue if your use case doesn't work anymore.

What's Changed

• Unexport Format strings by @​ywwg in prometheus/common#576

Full Changelog: prometheus/common@v0.47.0...v0.48.0

v0.47.0

What's Changed

• UTF-8 support in validation, and some parsers and formatters by @​ywwg in prometheus/common#537
• Support empty OAuth2 inline secrets by @​TheSpiritXIII in prometheus/common#547
• UTF8: Content negotiation (encoding side) by @​ywwg in prometheus/common#570

New Contributors

• @​ywwg made their first contribution in prometheus/common#537

Full Changelog: prometheus/common@v0.46.0...v0.47.0

v0.46.0

What's Changed

• Add golangci-lint config by @​SuperQ in prometheus/common#517
• model: add metric type values by @​bboreham in prometheus/common#533
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#532
• Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.0 in /sigv4 by @​dependabot in prometheus/common#529
• Update modules by @​SuperQ in prometheus/common#534
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#535
• Allow using empty Authorization credentials by @​TheSpiritXIII in prometheus/common#546
• enable errorlint linter by @​mmorel-35 in prometheus/common#550
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#548
• Bump github.com/aws/aws-sdk-go from 1.47.0 to 1.48.10 in /sigv4 by @​dependabot in prometheus/common#539
• Bump github.com/alecthomas/kingpin/v2 from 2.3.2 to 2.4.0 by @​dependabot in prometheus/common#542
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#552
• Bump golang.org/x/net from 0.18.0 to 0.19.0 by @​dependabot in prometheus/common#541
• Bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 by @​dependabot in prometheus/common#540
• Add hints for promlog by @​lucacome in prometheus/common#556
• Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 by @​dependabot in prometheus/common#560
• Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 in /sigv4 by @​dependabot in prometheus/common#558
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#555
• Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @​dependabot in prometheus/common#559
• Bump github.com/aws/aws-sdk-go from 1.48.10 to 1.49.13 in /sigv4 by @​dependabot in prometheus/common#557
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#561
• Make version getRevision public by @​SuperQ in prometheus/common#563
• enable gofumpt, goimports, testifylint linters by @​mmorel-35 in prometheus/common#551
• version: make GetTegs() public by @​ArthurSens in prometheus/common#565
• switch to protodelim package (which pbutil now calls) by @​stapelberg in prometheus/common#567
• Bump Go modules by @​SuperQ in prometheus/common#568

New Contributors

... (truncated)

Commits

• bd41eb6 Merge pull request #576 from ywwg/owilliams/unexport
• 05d7387 Unexport Format strings
• 773d566 Merge pull request #570 from ywwg/owilliams/quoted-metric-name-02
• 319c62c UTF-8 support in metric and label names
• a3bdb9e Support empty OAuth2 inline secrets (#547)
• bd0376d UTF-8 support in validation, and some parsers and formatters (#537)
• 7e44242 Bump Go modules (#568)
• 0e201e4 Merge pull request #567 from stapelberg/protodelim
• 53f76e7 version: make GetTegs() public (#565)
• 1143fec switch to protodelim package (which pbutil now calls)
• Additional commits viewable in compare view

Updates github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0

Commits

• 7e48227 Merge pull request #66 from secure-systems-lab/dependabot/go_modules/golang.o...
• e615bd3 chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0
• c55c6a6 Merge pull request #65 from adityasaky/sigstore-support
• a0c6afa Support sigstore fields in public key
• 2eb6599 Merge pull request #64 from secure-systems-lab/dependabot/github_actions/acti...
• 7e04bd5 chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0
• a8e3b1f Merge pull request #63 from secure-systems-lab/dependabot/go_modules/golang.o...
• 7539050 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0
• 8613a43 Merge pull request #59 from secure-systems-lab/dependabot/github_actions/acti...
• 8402a9f Merge pull request #60 from neilnaveen/neil/signerverifier/utils
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.16.0 to 0.17.0

Commits

• 9d2ee97 ssh: implement strict KEX protocol changes
• 4e5a261 ssh: close net.Conn on all NewServerConn errors
• 152cdb1 x509roots/fallback: update bundle
• fdfe1f8 ssh: defer channel window adjustment
• b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
• 7e6fbd8 ssh: wrap errors from client handshake
• bda2f3f argon2: avoid clobbering BP
• See full diff in compare view

Updates golang.org/x/sys from 0.15.0 to 0.16.0

Commits

• 0829ab1 windows: add SetFileValidData
• 32cdffc unix: don't redefine constants already defined in glibc headers
• f0c7190 unix: remove extra trailing newlines in zsyscall_openbsd_*.go
• 5ff87d7 unix: add Netfilter and NFTables constants
• See full diff in compare view

Updates google.golang.org/protobuf from 1.31.0 to 1.32.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #592.