chore(deps): bump the dev-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the dev-dependencies group with 6 updates in the / directory:

Package	From	To
github.com/hashicorp/consul/api	1.26.1	1.29.1
github.com/kubernetes-csi/csi-lib-utils	0.15.0	0.18.1
github.com/prometheus/client_golang	1.17.0	1.19.1
github.com/spf13/cobra	1.7.0	1.8.0
github.com/spf13/viper	1.17.0	1.18.2
google.golang.org/grpc	1.59.0	1.64.0

Updates github.com/hashicorp/consul/api from 1.26.1 to 1.29.1

Commits

• e778917 release api/v1.29.1
• 0e191be release api/v1.29.0
• 408ed18 Backport of dns v2 - both empty string and default should be allowed for name...
• f3d1a8b build: set go-build reproducible to false (#21218)
• f70fcab build: bandaid for action-go-build clean flag (#21217)
• d2b107f ci: update BPA to disable inactive CE backports (#21214)
• cf1c030 feat: update supported envoy to 1.29 (#21142)
• 912c5f5 docs: relocate Consul capacity planning page from waf/ to docs/ (#21088)
• 574f53d security: enable go stdlib scans (#20905)
• 6f02144 docs: Fix spelling errors (#21204)
• Additional commits viewable in compare view

Updates github.com/kubernetes-csi/csi-lib-utils from 0.15.0 to 0.18.1

Release notes

Sourced from github.com/kubernetes-csi/csi-lib-utils's releases.

v0.18.1

Bug or Regression

Restored the previous behavior of ProbeForever to do a probe first before sleeping. (#175, @​Fricounet)

v0.18.0

https://github.com/kubernetes-csi/csi-lib-utils/blob/v0.18.0/CHANGELOG/CHANGELOG-0.18.md

v0.17.0

https://github.com/kubernetes-csi/csi-lib-utils/blob/v0.17.0/CHANGELOG/CHANGELOG-0.17.md

v0.16.0

Changelog

https://github.com/kubernetes-csi/csi-lib-utils/blob/v0.16.0/CHANGELOG/CHANGELOG-0.16.md

Commits

• 89214e5 Merge pull request #176 from jsafrane/changelog-0.18.1
• 1afd1a3 Add changelog for v0.18.1
• e2e2abb Merge pull request #175 from DataDog/fricounet/probe-first
• a8003ad [rpc] Run the probe first
• 856c5da [rpc] defer Stop ticker for GC
• 565ff53 Merge pull request #174 from black-dragon74/bump-otelgrpc
• 42e8e54 Bump otelgrpc from 0.44.0 to 0.46.0
• daff2f9 Merge pull request #173 from jsafrane/changelog-1.30
• f4ea36a Add changelog for v0.18
• f827970 Merge pull request #172 from jsafrane/release-tools-1.30
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.17.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

• Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

• @​lukasauk made their first contribution in prometheus/client_golang#1494

Full Changelog: prometheus/client_golang@v1.19.0...v1.19.1

v1.19.0

What's Changed

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

• [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
• [FEATURE] collectors: Add version collector. #1422 #1427

New Contributors

• @​michurin made their first contribution in prometheus/client_golang#1423
• @​kavu made their first contribution in prometheus/client_golang#1445
• @​ywwg made their first contribution in prometheus/client_golang#1448

Full Changelog: prometheus/client_golang@v1.18.0...v1.19.0

v1.18.0

What's Changed

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

New Contributors

• @​srenatus made their first contribution in prometheus/client_golang#1350
• @​jadolg made their first contribution in prometheus/client_golang#1342
• @​manas-rust made their first contribution in prometheus/client_golang#1383
• @​bluekeyes made their first contribution in prometheus/client_golang#1378
• @​tsipo made their first contribution in prometheus/client_golang#1387

Full Changelog: prometheus/client_golang@v1.17.0...v1.18.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

1.19.0 / 2023-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

• [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
• [FEATURE] collectors: Add version collector. #1422 #1427

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

Commits

• 6e3f4b1 Cut 1.19.1 (#1494)
• cad1bfa Merge pull request #1454 from prometheus/small-nits
• 0aa8c9f Rephrase incompatibility with common v0.48.0
• 77d4003 Add 1.19.0 changelog (#1451)
• 14259fa Merge pull request #1448 from ywwg/owilliams/content-negotiation
• 6d03920 deps: bump prometheus/common version
• 353395b Remove support for go 1.19 (#1449)
• 9dd5d2a Merge pull request #1445 from kavu/add_go122_metrics_test
• c906a5e Add support for Go 1.22
• 7ac9036 Merge pull request #1440 from prometheus/dependabot/github_actions/github-act...
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.7.0 to 1.8.0

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.0

✨ Features

• Support usage as plugin for tools like kubectl by @​nirs in spf13/cobra#2018 - this means that programs that utilize a "plugin-like" structure have much better support and usage (like for completions, command paths, etc.)
• Move documentation sources to site/content by @​umarcor in spf13/cobra#1428
• Add 'one required flag' group by @​marevers in spf13/cobra#1952 - this includes a new MarkFlagsOneRequired API for flags which can be used to mark a flag group as required and cause command failure if at least one is not used when invoked.
• Customizable error message prefix by @​5ouma in spf13/cobra#2023 - This adds the SetErrPrefix and ErrPrefix APIs on the Command struct to allow for setting a custom prefix for errors
• feat: add getters for flag completions by @​avirtopeanu-ionos in spf13/cobra#1943
• Feature: allow running persistent run hooks of all parents by @​vkhoroz in spf13/cobra#2044
• Improve API to get flag completion function by @​marckhouzam in spf13/cobra#2063

🐛 Bug fixes

• Fix typo in fish completions by @​twpayne in spf13/cobra#1945
• Fix grammar: 'allows to' by @​supertassu in spf13/cobra#1978
• powershell: escape variable with curly brackets by @​Luap99 in spf13/cobra#1960
• Don't complete --help flag when flag parsing disabled by @​marckhouzam in spf13/cobra#2061
• Replace all non-alphanumerics in active help env var program prefix by @​scop in spf13/cobra#1940

🔧 Maintenance

• build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @​dependabot in spf13/cobra#1971
• build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @​dependabot in spf13/cobra#1976
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot in spf13/cobra#2021
• build(deps): bump actions/setup-go from 3 to 4 by @​dependabot in spf13/cobra#1934
• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 by @​dependabot in spf13/cobra#2047
• build(deps): bump actions/checkout from 3 to 4 by @​dependabot in spf13/cobra#2028
• command: temporarily disable G602 due to securego/gosec#1005 by @​umarcor in spf13/cobra#2022

🧪 Testing & CI/CD

• test: make fish_completions_test more robust by @​branchvincent in spf13/cobra#1980
• golangci: enable 'unused' and disable deprecated replaced by it by @​umarcor in spf13/cobra#1983
• cleanup: minor corrections to unit tests by @​JunNishimura in spf13/cobra#2003
• ci: test golang 1.21 by @​nunoadrego in spf13/cobra#2024
• Fix linter errors by @​marckhouzam in spf13/cobra#2052
• Add tests for flag completion registration by @​marckhouzam in spf13/cobra#2053

✏️ Documentation

• doc: fix typo, Deperecated -> Deprecated by @​callthingsoff in spf13/cobra#2000
• Add notes to doc about the execution condition of *PreRun and *PostRun functions by @​haoming29 in spf13/cobra#2041

---

Thank you everyone who contributed to this release and all your hard work! Cobra and this community would never be possible without all of you!!!! 🐍

Full Changelog: spf13/cobra@v1.7.0...v1.8.0

Commits

• a0a6ae0 Improve API to get flag completion function (#2063)
• 890302a Support usage as plugin for tools like kubectl (#2018)
• 48cea5c build(deps): bump actions/checkout from 3 to 4 (#2028)
• 22953d8 Replace all non-alphanumerics in active help env var program prefix (#1940)
• 00b68a1 Add tests for flag completion registration (#2053)
• b711e87 Don't complete --help flag when flag parsing disabled (#2061)
• 8b1eba4 Fix linter errors (#2052)
• 4cafa37 Allow running persistent run hooks of all parents (#2044)
• 5c962a2 build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 (#2047)
• efe8fa3 build(deps): bump actions/setup-go from 3 to 4 (#1934)
• Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.17.0 to 1.18.2

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.2

tl;dr Skip 1.18.0 and 1.18.1 and upgrade to this version instead.

This release fixes a regression that appears in rare circumstances when using Unmarshal or UnmarshalExact to decode values onto pointers with multiple indirection (eg. pointer to a pointer, etc). The change was introduced in 1.18.0 as a means to resolve a long-standing bug when decoding environment variables to structs.

The feature is now disabled by default and can be enabled using the viper_bind_struct build tag. It's also considered experimental at this point, so breaking changes may be introduced in the future.

What's Changed

Bug Fixes 🐛

• feat!: hide struct binding behind a feature flag by @​sagikazarmark in spf13/viper#1715

Full Changelog: spf13/viper@v1.18.1...v1.18.2

v1.18.1

What's Changed

Bug Fixes 🐛

• Merge missing struct keys inside UnmarshalExact by @​krakowski in spf13/viper#1704

Full Changelog: spf13/viper@v1.18.0...v1.18.1

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

• chore: rename files according to enabled build tags by @​alexandear in spf13/viper#1642
• test: replace ifs with asserts to simplify tests by @​alexandear in spf13/viper#1656
• ci: enable test shuffle and fix tests by @​alexandear in spf13/viper#1643
• fix: gocritic lint issues by @​alexandear in spf13/viper#1696

Bug Fixes 🐛

• Implement viper.BindStruct for automatic unmarshalling from environment variables by @​krakowski in spf13/viper#1429
• fix isPathShadowedInFlatMap type cast bug by @​linuxsong in spf13/viper#1585

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @​dependabot in spf13/viper#1661
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in spf13/viper#1659

... (truncated)

Commits

• ab3a50c fix!: hide struct binding behind a feature flag
• 9154b90 build(deps): bump actions/setup-go from 4.1.0 to 5.0.0
• 08e4a00 build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
• fb6eb1e fix: merge missing struct keys inside UnmarshalExact
• f5fcb4a chore: update crypt
• f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
• 36a3868 Review changes
• f0c4ccd fix: gocritic lint issues
• 3a23b80 ci: enable test shuffle; fix tests
• 73dfb94 feat: make Unmarshal work with AutomaticEnv
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.17.0 to 0.24.0

Commits

• 7bbe320 go.mod: update golang.org/x dependencies
• c48da13 http2: fix TestServerContinuationFlood flakes
• 762b58d http2: fix tipos in comment
• ba87210 http2: close connections when receiving too many headers
• ebc8168 all: fix some typos
• 3678185 http2: make TestCanonicalHeaderCacheGrowth faster
• 448c44f http2: remove clientTester
• c7877ac http2: convert the remaining clientTester tests to testClientConn
• d8870b0 http2: use synthetic time in TestIdleConnTimeout
• d73acff http2: only set up deadline when Server.IdleTimeout is positive
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.59.0 to 1.64.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.64.0

API Changes

• stats: Deprecate InPayload.Data and OutPayload.Data; they were experimental and will be deleted in the next release (#7121)

Behavior Changes

• codec: Remove handling of environment variable GRPC_GO_ADVERTISE_COMPRESSORS to suppress setting supported compressors in grpc-accept-encoding header. Compressors will always be advertised, as they have been by default for some time (#7203)

New Features

• resolver/dns: Add SetMinResolutionInterval to set the minimum interval at which DNS re-resolutions may occur (#6962)
  • Special Thanks: @​HomayoonAlimohammadi
• peer/peer: Implement the fmt.Stringer interface for pretty printing Peer, and
• metadata/metadata: Implement the fmt.Stringer interface for pretty printing MD (#7137)
  • Special Thanks: @​AnomalRoil

Performance Improvements

• client: Improve RPC performance by reducing work while holding a lock (#7132)

Bug Fixes

• transport/server: Display the proper timeout value when keepalive pings are not ack'd in time (#7038)
  • Special Thanks: @​BatmanAoD
• channelz: Fix bug that was causing the subchannel's target to be unset (#7189)
• stats: Fix bug where peer was not set in context when calling stats handler for OutPayload, InPayload, and End (#7096)

Dependencies

• deps: Remove dependency on deprecated github.com/golang/protobuf module (#7122)

Documentation

• grpc: Deprecate WithBlock, WithReturnConnectionError, FailOnNonTempDialError which are ignored by NewClient (#7097)
  • Special Thanks: @​pellared
• grpc: Deprecate Dial and DialContext. These will continue to be supported throughout 1.x, but are deprecated to direct users to NewClient (See #7090 for more information)
• examples: Add custom lb example (#6691)

Release 1.63.2

Bugs

• Fix the user agent string

Release 1.63.1

Bugs

• grpc: fixed subchannel log messages to properly reference the parent channel (#7101)
  • Special thanks: @​daniel-weisse

API Changes

... (truncated)

Commits

• fa274d7 Change version to 1.64.0 (#7218)
• 6b413c8 xds: Surround two Infof calls that use pretty.ToJSON with V(2) checks (...
• 2dbbcef resolver/dns: Add docstring to SetMinResolutionInterval (#7217)
• 070d9c7 codes: replace %q to %d in error string when invalid code is an integer (#7188)
• 5d24ee2 xds: store server config for LRS server in xdsresource.ClusterUpdate (#7191)
• c76f686 advancedTLS: Rename get root certs related pieces (#7207)
• f591e3b codec: remove option to suppress setting supported compressors in headers (#7...
• b4f7947 github: remove dependabot (#7208)
• 0561c78 client: add user-friendly error message of LB policy update timed out (#7206)
• 9d9c1fb peer: remove change detector test (#7204)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.31.0 to 1.33.0

Updates k8s.io/klog/v2 from 2.110.1 to 2.120.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.30 (Take 2)

What's Changed

• textlogger: allow caller to override stack unwinding by @​pohly in kubernetes/klog#397

Full Changelog: kubernetes/klog@v2.120.0...v2.120.1

Prepare klog release for Kubernetes v1.30 (Take 1)

What's Changed

• OWNERS: remove serathius, add mengjiao-liu, promote pohly by @​pohly in kubernetes/klog#394
• docs: clarify relationship between different features by @​pohly in kubernetes/klog#395
• Add SafePtr wrapper by @​kaisoz in kubernetes/klog#393
• logr v1.4.1 + SetSlogLogger by @​pohly in kubernetes/klog#396

New Contributors

• @​kaisoz made their first contribution in kubernetes/klog#393

Full Changelog: kubernetes/klog@v2.110.1...v2.120.0

Commits

• 007e661 textlogger: allow caller to override stack unwinding
• 2d08296 Merge pull request #396 from pohly/slog-helper
• e4deee8 slog: use main logr package instead of logr/slogr
• 5d1d2d5 add SetSlogLogger
• 39afdba dependencies: logr v1.4.1
• 2086216 Merge pull request #393 from kaisoz/add-safeptr
• 881fa0b Add SafePtr wrapper
• 8dd3f2e Merge pull request #395 from pohly/readme-update
• d3dd725 docs: clarify relationship between different features
• 761b630 Merge pull request #394 from pohly/owners-update
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependencies.