Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the dependabot group with 12 updates #1055

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 13, 2024

Bumps the dependabot group with 12 updates:

Package From To
github.com/logrusorgru/aurora 0.0.0-20200102142835-e9ef32dff381 2.0.3+incompatible
github.com/stretchr/testify 1.8.3 1.9.0
golang.org/x/crypto 0.14.0 0.27.0
golang.org/x/net 0.17.0 0.29.0
golang.org/x/oauth2 0.8.0 0.23.0
golang.org/x/time 0.3.0 0.6.0
google.golang.org/api 0.114.0 0.196.0
google.golang.org/genproto 0.0.0-20230410155749-daa745c078e1 0.0.0-20240903143218-8af14fe29dc1
google.golang.org/grpc 1.56.3 1.66.1
gopkg.in/olivere/elastic.v5 5.0.84 5.0.86
k8s.io/apimachinery 0.28.4 0.31.1
k8s.io/client-go 0.28.4 0.31.1

Updates github.com/logrusorgru/aurora from 0.0.0-20200102142835-e9ef32dff381 to 2.0.3+incompatible

Commits

Updates github.com/stretchr/testify from 1.8.3 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

... (truncated)

Commits
  • bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
  • 814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
  • e045612 Merge pull request #1339 from bogdandrutu/uintptr
  • 5b6926d Merge pull request #1385 from hslatman/not-implements
  • 9f97d67 Merge pull request #1550 from stretchr/release-notes
  • bcb0d3f Include the auto-release notes in releases
  • fb770f8 Merge pull request #1247 from ccoVeille/typos
  • 85d8bb6 fix typos in comments, tests and github templates
  • e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
  • 6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.14.0 to 0.27.0

Commits
  • c9da6b9 all: fix printf(var) mistakes detected by latest printf checker
  • b35ab4f go.mod: update golang.org/x dependencies
  • bcb0f91 internal/poly1305: Port sum_amd64.s to Avo
  • 7eace71 chacha20poly1305: Avo port of chacha20poly1305_amd64.s
  • 620dfbc salsa20/salsa: Port salsa20_amd64.s to Avo
  • 82942cf blake2b: port blake2b_amd64.s to Avo
  • 0484c26 blake2b: port blake2bAVX2_amd64.s to Avo
  • 38ed1bc blake2s: port blake2s_amd64.s to Avo
  • 38a0b5d argon2: Avo port of blamka_amd64.s
  • bf5f14f x509roots/fallback: update bundle
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.17.0 to 0.29.0

Commits
  • 35b4aba go.mod: update golang.org/x dependencies
  • 9bf379f websocket: fix printf(var) mistake detected by latest printf checker
  • 4542a42 go.mod: update golang.org/x dependencies
  • 765c7e8 xsrftoken: create no padding base64 string by RawURLEncoding
  • 032e4e4 LICENSE: update per Google Legal
  • e2310ae go.mod: update golang.org/x dependencies
  • 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
  • 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
  • 66e838c go.mod: update golang.org/x dependencies
  • 6249541 http2: avoid race in server handler SetReadDeadine/SetWriteDeadline
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.8.0 to 0.23.0

Commits
  • 3e64809 x/oauth2: add Token.ExpiresIn
  • 16a9973 jwt: rename example to avoid vet error
  • b52af7d endpoints: add GitLab DeviceAuthURL
  • 6d8340f LICENSE: update per Google Legal
  • 5fd4241 google: update compute token refresh
  • 84cb9f7 oauth2: fix typo in comment
  • 4b7f0bd go.mod: update cloud.google.com/go/compute/metadata dependency
  • e11eea8 microsoft: added DeviceAuthURL to AzureADEndpoint
  • d0e617c google: add Credentials.UniverseDomainProvider
  • 3c9c1f6 oauth2/google: fix the logic of sts 0 value of expires_in
  • Additional commits viewable in compare view

Updates golang.org/x/time from 0.3.0 to 0.6.0

Commits
  • 5d9ef58 LICENSE: update per Google Legal
  • 883aed5 rate: add documentation on Limiter concurrent usage
  • b24d3b5 all: add a go directive, set it to 1.18
  • See full diff in compare view

Updates google.golang.org/api from 0.114.0 to 0.196.0

Release notes

Sourced from google.golang.org/api's releases.

v0.196.0

0.196.0 (2024-09-03)

Features

v0.195.0

0.195.0 (2024-08-28)

Features

v0.194.0

0.194.0 (2024-08-22)

Features

Bug Fixes

  • gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

v0.193.0

0.193.0 (2024-08-20)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.196.0 (2024-09-03)

Features

0.195.0 (2024-08-28)

Features

0.194.0 (2024-08-22)

Features

Bug Fixes

  • gen: Change HttpBody.Data from string to any for monitoring:v1 (#2744) (eda6a59), refs #2304

0.193.0 (2024-08-20)

Features

0.192.0 (2024-08-13)

... (truncated)

Commits

Updates google.golang.org/genproto from 0.0.0-20230410155749-daa745c078e1 to 0.0.0-20240903143218-8af14fe29dc1

Commits

Updates google.golang.org/grpc from 1.56.3 to 1.66.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.66.0

New Features

  • metadata: stabilize ValueFromIncomingContext (#7368)
  • client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
  • xds: Implement ADS flow control mechanism (#7458)
  • balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
  • xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

  • grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)
  • transport: Fix a bug which could result in writes busy looping when the underlying conn.Write returns errors (#7394)
  • client: fix race that could lead to orphaned connections and associated resources. (#7390)
  • xds: use locality from the connected address for load reporting with pick_first (#7378)
    • without this fix, if a priority contains multiple localities with pick_first, load was reported for the wrong locality
  • client: prevent hanging during ClientConn.Close() when the network is unreachable (#7540)

Performance Improvements

  • transport: double buffering is avoided when using an http connect proxy and the target server waits for client to send the first message. (#7424)
  • codec: Implement a new Codec which uses buffer recycling for encoded message (#7356)

Release 1.65.0

Dependencies

  • Change support policy to cover only the latest TWO releases of Go, matching the policy for Go itself. See #7249 for more information. (#7250)
  • Update x/net/http2 to address CVE-2023-45288 (#7282)

Behavior Changes

  • credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)
    • NOTE: this behavior will become the default in a future release.
  • metadata: remove String method from MD to make printing more consistent (#7373)

New Features

  • grpc: add WithMaxCallAttempts to configure gRPC's retry behavior per-channel. (#7229)

Bug Fixes

  • ringhash: properly apply endpoint weights instead of ignoring them (#7156)
  • xds: fix a bug that could cause xds-enabled servers to stop accepting new connections after handshaking errors (#7128)

... (truncated)

Commits

Updates gopkg.in/olivere/elastic.v5 from 5.0.84 to 5.0.86

Updates k8s.io/apimachinery from 0.28.4 to 0.31.1

Commits
  • a8f449e Falls back to SPDY for gorilla/websocket https proxy error
  • 62791ec Merge pull request #125571 from liggitt/filter-auth-02-sar
  • cc2ba35 add field and label selectors to authorization attributes
  • ce76a8f generate
  • 35052c5 add subjectaccessreview field and label selectors
  • ab06869 Merge pull request #126105 from benluddy/cbor-framer
  • 429f4e4 Implement runtime.Framer for CBOR Sequences.
  • d7e1c53 Merge pull request #126018 from aroradaman/bump-k8s-utils
  • 07cb122 Merge pull request #125748 from benluddy/cbor-custom-marshalers
  • dd17456 bump k8s.io/utils
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.28.4 to 0.31.1

Commits
  • c5196eb Update dependencies to v0.31.1 tag
  • 5e3e8ea informers: add comment that Start does not block
  • f71a5cc Call non-blocking informerFactory.Start synchronously to avoid races
  • 4536e5a Merge pull request #124012 from Jefftree/le-controller
  • 93c6a5b Merge pull request #126353 from liggitt/fix-vendor
  • 6a9911a revendor dependencies
  • fe54892 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
  • 825f52e Change PingTime to be persistent
  • f45c451 fix ordering issue in candidates
  • 18dd587 feedback: leasecandidate clients
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependabot group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/logrusorgru/aurora](https://github.com/logrusorgru/aurora) | `0.0.0-20200102142835-e9ef32dff381` | `2.0.3+incompatible` |
| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.3` | `1.9.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.14.0` | `0.27.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.17.0` | `0.29.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.8.0` | `0.23.0` |
| [golang.org/x/time](https://github.com/golang/time) | `0.3.0` | `0.6.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.114.0` | `0.196.0` |
| [google.golang.org/genproto](https://github.com/googleapis/go-genproto) | `0.0.0-20230410155749-daa745c078e1` | `0.0.0-20240903143218-8af14fe29dc1` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.56.3` | `1.66.1` |
| gopkg.in/olivere/elastic.v5 | `5.0.84` | `5.0.86` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.28.4` | `0.31.1` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.28.4` | `0.31.1` |


Updates `github.com/logrusorgru/aurora` from 0.0.0-20200102142835-e9ef32dff381 to 2.0.3+incompatible
- [Changelog](https://github.com/logrusorgru/aurora/blob/master/CHANGELOG.md)
- [Commits](https://github.com/logrusorgru/aurora/commits/v2.0.3)

Updates `github.com/stretchr/testify` from 1.8.3 to 1.9.0
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.3...v1.9.0)

Updates `golang.org/x/crypto` from 0.14.0 to 0.27.0
- [Commits](golang/crypto@v0.14.0...v0.27.0)

Updates `golang.org/x/net` from 0.17.0 to 0.29.0
- [Commits](golang/net@v0.17.0...v0.29.0)

Updates `golang.org/x/oauth2` from 0.8.0 to 0.23.0
- [Commits](golang/oauth2@v0.8.0...v0.23.0)

Updates `golang.org/x/time` from 0.3.0 to 0.6.0
- [Commits](golang/time@v0.3.0...v0.6.0)

Updates `google.golang.org/api` from 0.114.0 to 0.196.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.114.0...v0.196.0)

Updates `google.golang.org/genproto` from 0.0.0-20230410155749-daa745c078e1 to 0.0.0-20240903143218-8af14fe29dc1
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.56.3 to 1.66.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.56.3...v1.66.1)

Updates `gopkg.in/olivere/elastic.v5` from 5.0.84 to 5.0.86

Updates `k8s.io/apimachinery` from 0.28.4 to 0.31.1
- [Commits](kubernetes/apimachinery@v0.28.4...v0.31.1)

Updates `k8s.io/client-go` from 0.28.4 to 0.31.1
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.28.4...v0.31.1)

---
updated-dependencies:
- dependency-name: github.com/logrusorgru/aurora
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependabot
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: golang.org/x/time
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: google.golang.org/genproto
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependabot
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: gopkg.in/olivere/elastic.v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependabot
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependabot
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 13, 2024
Copy link

netlify bot commented Sep 13, 2024

Deploy Preview for ohsu-comp-bio-funnel canceled.

Name Link
🔨 Latest commit 40183c2
🔍 Latest deploy log https://app.netlify.com/sites/ohsu-comp-bio-funnel/deploys/66e420c99580360008285558

Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 17, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 17, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/develop/dependabot-4f19cd1452 branch September 17, 2024 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants