chore(deps): bump the dev-dependencies group with 6 updates #53

dependabot · 2023-11-01T08:51:03Z

Bumps the dev-dependencies group with 6 updates:

Package	From	To
github.com/hashicorp/consul/api	`1.22.0`	`1.26.1`
github.com/kubernetes-csi/csi-lib-utils	`0.14.0`	`0.15.0`
github.com/prometheus/client_golang	`1.16.0`	`1.17.0`
github.com/spf13/viper	`1.16.0`	`1.17.0`
google.golang.org/grpc	`1.58.2`	`1.59.0`
k8s.io/klog/v2	`2.100.1`	`2.110.1`

Updates github.com/hashicorp/consul/api from 1.22.0 to 1.26.1

Commits

f28c594 build(api): stage api/v1.26.1
731898e Backport of [NET-6138] security: Bump google.golang.org/grpc to 1.56.3 (CVE-2...
54799b9 Manual Backport of NET-6294 - v1 Agentless proxycfg datasource errors after v...
312a38e [1.17.0 backport] [NET-6305] xds: Ensure v2 route match and protocol are popu...
7ff7649 1.17.0 backport: bump raft-wal version to 0.4.1 (#19314) (#19357)
fe5e19c [NET-6295] Backport of Add grpc keepalive configuration. (#19339) (#19355)
c20aa58 [1.17.0 manual backport] mesh: ensure route configs are named uniquely per p...
bdcfbea Backport/net-5930/fix/rate limit config entry snake case (#19297)
6a39ad2 Backport of mesh: provide missing domain to route configurations in ProxyStat...
b1c8a92 release/1.17.0 - Update supported Envoy versions (#19275)
Additional commits viewable in compare view

Updates github.com/kubernetes-csi/csi-lib-utils from 0.14.0 to 0.15.0

Release notes

Sourced from github.com/kubernetes-csi/csi-lib-utils's releases.

v0.15.0

Changelog

https://github.com/kubernetes-csi/csi-lib-utils/blob/v0.15.0/CHANGELOG/CHANGELOG-0.15.md

v0.15.0-rc0

No release notes provided.

Commits

32c3fb3 Merge pull request #146 from xing-yang/changelog_0.15
0f875ae Add changelog for v0.15.0
7b02e8d Merge pull request #140 from DataDog/fricounet/upstream/otel-tracing-grpc
47cfaa9 connection: export timeout and metrics options
c487210 connection: restore ConnectWithoutMetrics
2eb6147 Merge remote-tracking branch 'upstream/master' into fricounet/upstream/otel-t...
0911089 Merge pull request #144 from Sneha-at/module-update-master
fc8ccf5 Update dependency go modules for k8s v1.28.0
1c17c11 Merge commit '95cf84d6d2580a1e18931757c735838e844f7118' into module-update-ma...
95cf84d Squashed 'release-tools/' changes from 1df23db..de2fba8
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.17.0

What's Changed

[CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325

[FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313

[ENHANCEMENT] Enable detection of a native histogram without observations. #1314

Merge v1.16.0 to main by @bwplotka in prometheus/client_golang#1293

Synchronize common files from prometheus/prometheus by @prombot in prometheus/client_golang#1297

ci: define minimal permissions to GitHub workflows by @diogoteles08 in prometheus/client_golang#1295

Do not allocate memory when there's no constraints by @Okhoshi in prometheus/client_golang#1296

Bump golang.org/x/sys from 0.8.0 to 0.9.0 by @dependabot in prometheus/client_golang#1306

Bump google.golang.org/grpc from 1.45.0 to 1.53.0 in /tutorial/whatsup by @dependabot in prometheus/client_golang#1307

histogram: Enable detection of a native histogram without observations by @beorn7 in prometheus/client_golang#1314

Bump github.com/prometheus/procfs from 0.10.1 to 0.11.0 by @dependabot in prometheus/client_golang#1305

Synchronize common files from prometheus/prometheus by @prombot in prometheus/client_golang#1302

Fix data-race in metric without code and method but with WithLabelFromCtx by @tigrato in prometheus/client_golang#1318

Add missing tick "`" in README by @ZiViZiViZ in prometheus/client_golang#1321

Bump golang.org/x/sys from 0.9.0 to 0.10.0 by @dependabot in prometheus/client_golang#1320

Bump github.com/prometheus/procfs from 0.11.0 to 0.11.1 by @dependabot in prometheus/client_golang#1319

docs: trivial grammar fixes to improve readability in promauto Godoc by @sengi in prometheus/client_golang#1322

Add Go 1.21 support by @kakkoyun in prometheus/client_golang#1325

Bump client_model by @ArthurSens in prometheus/client_golang#1323

histogram docs: Fixed minor nit. by @bwplotka in prometheus/client_golang#1324

Update building by @SuperQ in prometheus/client_golang#1326

Bump golang.org/x/sys from 0.10.0 to 0.11.0 by @dependabot in prometheus/client_golang#1331

Bump github.com/prometheus/client_golang from 1.15.1-0.20230416215738-0963f595c689 to 1.16.0 in /tutorial/whatsup by @dependabot in prometheus/client_golang#1329

Bump github.com/prometheus/client_golang from 1.13.1 to 1.16.0 in /examples/middleware by @dependabot in prometheus/client_golang#1328

Bump github.com/prometheus/common from 0.42.0 to 0.44.0 by @dependabot in prometheus/client_golang#1284

Bump github.com/prometheus/common from 0.42.0 to 0.44.0 in /tutorial/whatsup by @dependabot in prometheus/client_golang#1330

Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @dependabot in prometheus/client_golang#1304

Synchronize common files from prometheus/prometheus by @prombot in prometheus/client_golang#1332

Synchronize common files from prometheus/prometheus by @prombot in prometheus/client_golang#1338

Cleanup golangci-lint errcheck by @SuperQ in prometheus/client_golang#1339

Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total by @alexandear in prometheus/client_golang#1348

Extend Counters, Summaries and Histograms with creation timestamp by @ArthurSens in prometheus/client_golang#1313

Fix typos in comments, tests, and errors by @alexandear in prometheus/client_golang#1346

Deprecated comment should begin with "Deprecated:" by @alexandear in prometheus/client_golang#1347

Add changelog entry for 1.17 by @ArthurSens in prometheus/client_golang#1352

New Contributors

@diogoteles08 made their first contribution in prometheus/client_golang#1295

@tigrato made their first contribution in prometheus/client_golang#1318

@ZiViZiViZ made their first contribution in prometheus/client_golang#1321

@sengi made their first contribution in prometheus/client_golang#1322

@ArthurSens made their first contribution in prometheus/client_golang#1323

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.17.0 / 2023-09-27

[CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325

[FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313

[ENHANCEMENT] Enable detection of a native histogram without observations. #1314

Commits

fa1408e Merge pull request #1352 from prometheus/arthursens/cut-1.17.0
24a72b8 Add changelog entry for 1.17
1bae6c1 Deprecated comment should begin with "Deprecated:" (#1347)
bbab8fe Fix typos in comments, tests, and errors (#1346)
df7fa49 Extend Counters, Summaries and Histograms with creation timestamp (#1313)
74cc262 Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total (#1348)
d03abf3 Cleanup golangci-lint errcheck (#1339)
ca6ba04 Update common Prometheus files (#1338)
51d24f8 Update common Prometheus files (#1332)
c17edf0 Merge pull request #1304 from prometheus/dependabot/go_modules/google.golang....
Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.17.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

Minimum Go version: 1.19

Viper now requires Go 1.19

This change ensures we can stay up to date with modern practices and dependencies.

log/slog support [BREAKING]

Viper v1.11.0 added an experimental Logger interface to allow custom implementations (besides jwalterweatherman).

In addition, it also exposed an experimental WithLogger function allowing to set a custom logger.

This release deprecates that interface in favor of log/slog released in Go 1.21.

[!WARNING] WithLogger accepts an *slog.Logger from now on.

To preserve backwards compatibility with older Go versions, prior to Go 1.21 Viper accepts a *golang.org/x/exp/slog.Logger.

The experimental flag is removed.

New finder implementation [BREAKING]

As of this release, Viper uses a new library to look for files, called locafero.

The new library is better covered by tests and has been built from scratch as a general purpose file finder library.

The implementation is experimental and is hidden behind a finder build tag.

[!WARNING] The io/fs based implementation (that used to be hidden behind a finder build tag) has been removed.

What's Changed

Exciting New Features 🎉

Add NATS support by @hooksie1 in spf13/viper#1590

Add slog support by @sagikazarmark in spf13/viper#1627

Enhancements 🚀

chore: add local development environment using nix by @sagikazarmark in spf13/viper#1572

feat: add func GetEnvPrefix by @baruchiro in spf13/viper#1565

Improve dev env by @sagikazarmark in spf13/viper#1575

fix: code optimization by @testwill in spf13/viper#1557

test: remove not needed testutil.Setenv by @alexandear in spf13/viper#1610

new finder library based on afero by @sagikazarmark in spf13/viper#1625

... (truncated)

Commits

f62f86a refactor: make use of strings.Cut
94632fa chore: Use pip3 explicitly to install yamllint
3f6cadc chore: Fix copy-paste error for yamllint target
287507c docs: add set subset KV example
f1cb226 chore(deps): update crypt
c292b55 test: refactor asserts
3d006fe refactor: replace interface{} with any
8a6dc5d build(deps): bump github/codeql-action from 2.21.8 to 2.21.9
96c5c00 chore: remove deprecated build tags
44911d2 build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.58.2 to 1.59.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.58.3

Security

server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Commits

7765221 Change version to 1.59.0 (#6695)
e88f12e server: prohibit more than MaxConcurrentStreams handlers from running at once...
be7919c transport: Pass Header metadata to tap handle. (#6652)
e3f1514 Reapply "status: fix/improve status handling (#6662)" (#6673) (#6688)
696faa9 client: add a test for NewSubConn / StateListener / cc.Close racing (#6678)
318c717 readme: fix badges (#6687)
39972fd github: add code coverage with codecov.io (#6676)
93dbc05 xds: move virtual host matcher test to the xdsresource package (#6680)
2c00469 github: update actions/setup-go and actions/checkout (#6675)
1f73ed5 Replace the gRFC pull request with the permanent link. (#6674)
Additional commits viewable in compare view

Updates k8s.io/klog/v2 from 2.100.1 to 2.110.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.29 (Take 1)

What's Changed

fix: SetLogger via klog.SetLogger will output an unexpected newline by @aimuz in kubernetes/klog#378

resolve comments warning by @lowang-bh in kubernetes/klog#379

stderrthreshold: fix flag comment by @pohly in kubernetes/klog#376

enable "go vet" checks for parameters by @pohly in kubernetes/klog#390

promote experimental code to stable by @pohly in kubernetes/klog#392

golangci-lint action by @pohly in kubernetes/klog#380

output: handle WithName like zapr does by @pohly in kubernetes/klog#391

slog support + logr 1.3.0 update by @pohly in kubernetes/klog#384

New Contributors

@aimuz made their first contribution in kubernetes/klog#378

@lowang-bh made their first contribution in kubernetes/klog#379

Full Changelog: kubernetes/klog@v2.100.1...v2.110.1

Commits

e3f75b8 Merge pull request #384 from pohly/slog
44eadc3 add slog support
cc856bb update to logr 1.3.0
02e7b69 Merge pull request #391 from pohly/with-name-output
009a04a output: handle WithName like zapr does
b588475 Merge pull request #380 from pohly/golangci-lint-action
1a0dfc5 github: run golangci-lint via action
ef25537 fix revive issues
edee20c Merge pull request #392 from pohly/promote-experimental
18cdd3a promote experimental code to stable
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dev-dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [github.com/hashicorp/consul/api](https://github.com/hashicorp/consul) | `1.22.0` | `1.26.1` | | [github.com/kubernetes-csi/csi-lib-utils](https://github.com/kubernetes-csi/csi-lib-utils) | `0.14.0` | `0.15.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.16.0` | `1.17.0` | | [github.com/spf13/viper](https://github.com/spf13/viper) | `1.16.0` | `1.17.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.58.2` | `1.59.0` | | [k8s.io/klog/v2](https://github.com/kubernetes/klog) | `2.100.1` | `2.110.1` | Updates `github.com/hashicorp/consul/api` from 1.22.0 to 1.26.1 - [Release notes](https://github.com/hashicorp/consul/releases) - [Changelog](https://github.com/hashicorp/consul/blob/main/CHANGELOG.md) - [Commits](hashicorp/consul@api/v1.22.0...api/v1.26.1) Updates `github.com/kubernetes-csi/csi-lib-utils` from 0.14.0 to 0.15.0 - [Release notes](https://github.com/kubernetes-csi/csi-lib-utils/releases) - [Commits](kubernetes-csi/csi-lib-utils@v0.14.0...v0.15.0) Updates `github.com/prometheus/client_golang` from 1.16.0 to 1.17.0 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.16.0...v1.17.0) Updates `github.com/spf13/viper` from 1.16.0 to 1.17.0 - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.16.0...v1.17.0) Updates `google.golang.org/grpc` from 1.58.2 to 1.59.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.2...v1.59.0) Updates `k8s.io/klog/v2` from 2.100.1 to 2.110.1 - [Release notes](https://github.com/kubernetes/klog/releases) - [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md) - [Commits](kubernetes/klog@v2.100.1...v2.110.1) --- updated-dependencies: - dependency-name: github.com/hashicorp/consul/api dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/kubernetes-csi/csi-lib-utils dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: k8s.io/klog/v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2023-11-01T08:51:04Z

The following labels could not be found: dependencies.

This was referenced Nov 1, 2023

chore(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0 #51

Closed

chore(deps): bump k8s.io/klog/v2 from 2.100.1 to 2.110.1 #52

Closed

m-yosefpor merged commit 4f87afb into main Nov 2, 2023
3 of 4 checks passed

dependabot bot deleted the dependabot/go_modules/dev-dependencies-029c9590c4 branch November 2, 2023 10:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the dev-dependencies group with 6 updates #53

chore(deps): bump the dev-dependencies group with 6 updates #53

dependabot bot commented on behalf of github Nov 1, 2023

dependabot bot commented on behalf of github Nov 1, 2023

chore(deps): bump the dev-dependencies group with 6 updates #53

chore(deps): bump the dev-dependencies group with 6 updates #53

Conversation

dependabot bot commented on behalf of github Nov 1, 2023

v0.15.0

Changelog

v0.15.0-rc0

v1.17.0

What's Changed

New Contributors

1.17.0 / 2023-09-27

v1.17.0

Major changes

Minimum Go version: 1.19

log/slog support [BREAKING]

New finder implementation [BREAKING]

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Release 1.58.3

Security

Prepare klog release for Kubernetes v1.29 (Take 1)

What's Changed

New Contributors

dependabot bot commented on behalf of github Nov 1, 2023

`log/slog` support [BREAKING]