fix(deps): update all dependencies #8985
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
eb4bf81
->b24ee2a
v11.2.2
->v11.3.0
v1.7.23
->v1.7.24
v2.0.0
->v2.0.1
v0.12.7
->v0.12.9
v3.0.3
->v4.0.4
v1.15.8
->v1.15.10
v1.2.2
->v1.2.3
v1.32.0
->v1.33.0
v1.32.0
->v1.33.0
v1.32.0
->v1.33.0
v1.32.0
->v1.33.0
v1.32.0
->v1.33.0
v1.68.1
->v1.69.0
v0.31.3
->v0.32.0
v0.31.3
->v0.32.0
v0.31.3
->v0.32.0
Release Notes
caarlos0/env (github.com/caarlos0/env/v11)
v11.3.0
Compare Source
Changelog
New Features
59284e4
: feat: implement interface { Unwrap() []error } for AggregateError to be compatibility with std errors.Join go1.20 without any breaking change (#336) (@itsabgr-raika)17fdb91
: feat: set custom tag name for envDefault (#324) (@dnovikoff)1cb1967
: feat: set custom tag name for envPrefix (#332) (@sv-kozlov)0136931
: feat: supporttime.Location
(#326) (@BorzdeG)4ab8b37
: feat: support ignored value "-" for env tag (#338) (@sv-kozlov)Bug fixes
6f3a5c0
: fix: better handle envDefault, refactor merge options (#349) (@astak16)3afa723
: fix: improve errors (#329) (@caarlos0)0cbf40b
: fix: map value with : in it (@caarlos0)e55230b
: fix: parsing into ptr fields with value (#340) (@hypnoglow)Documentation updates
84c7739
: docs: DefaultValueTagName example (@caarlos0)0847ba1
: docs: add installation instructions to README.md (#330) (@eduardolat)76faca5
: docs: project state (@caarlos0)Other work
b76caa9
: ci: add EditorConfig (#327) (@BorzdeG)1f955b7
: ci: update (@caarlos0)f68d1dc
: refactor: enable gocritic linter and fix lint issues (#342) (@alexandear)52e7186
: refactor: modify the init logic for env tag options to make it more reasonable (#347) (@astak16)Released with GoReleaser Pro!
containerd/containerd (github.com/containerd/containerd)
v1.7.24
: containerd 1.7.24Compare Source
Welcome to the v1.7.24 release of containerd!
The twenty-fourth patch release for containerd 1.7 contains various fixes
and updates.
Highlights
Container Runtime Interface (CRI)
Image Distribution
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
Changes
36 commits
936f8e2de
Prepare release notes for v1.7.2447ff8e2b6
add info of exited event10af0d60f
Adds a mutex to protect fallback hoste426ec51b
Use unix and windows specific connection error checks49c9f303b
Allow fallback across default portsddf2b03ed
local: avoid writing to content root on readonly store06e72da76
update runc binary to 1.2.223a31ce63
Revert "Disable vagrant strict dependency checking"4bd411f8c
testutil: avoid conflict with continuity/testutil216dc892e
update cri-tools to v1.29.056a7d31cb
update build to go1.22.9, test go1.23.3205940716
ci: disable marking 1.7 releases as latestb7bb8d515
Avoid arch info in the sed/replace when building cri-cni-containerd.tar.gz860a51384
Disable vagrant strict dependency checking710cd3716
update runc binary to 1.2.15bd0834ce
services/snapshots: include name of snapshotter in debug logs455787bf8
Make TestContainerPids more resilientcb82e52a4
Add After=dbus.service to containerd.serviced6f577843
metrics: Use UnmarshalTo instead of UnmarshalAnyDependency Changes
This release has no dependency changes
Previous release can be found at v1.7.23
cyberark/conjur-api-go (github.com/cyberark/conjur-api-go)
v0.12.9
Compare Source
[0.12.9] - 2024-12-13
Added
go-jose/go-jose (github.com/go-jose/go-jose/v3)
v4.0.4
Compare Source
Fixed
breaking change. See #136 / #137.
v4.0.3
Compare Source
Changed
v4.0.2
Compare Source
Changed
argument type (#104)
curves error cases (#117)
v4.0.1
Compare Source
Fixed
amounts of memory and CPU when decompressed by
Decrypt
orDecryptMulti
.Those functions now return an error if the decompressed data would exceed
250kB or 10x the compressed size (whichever is larger). Thanks to
Enze Wang@Alioth and Jianjun Chen@Zhongguancun Lab (@zer0yu and @chenjj)
for reporting.
v4.0.0
Compare Source
This release makes some breaking changes in order to more thoroughly
address the vulnerabilities discussed in Three New Attacks Against JSON Web
Tokens, "Sign/encrypt confusion", "Billion hash attack", and "Polyglot
token".
Changed
ParseSigned, ParseDetached, jwt.ParseEncrypted, jwt.ParseSigned,
jwt.ParseSignedAndEncrypted (#69, #74)
to use and it's a mistake to allow unexpected algorithms. For instance the
"billion hash attack" relies in part on programs accepting the PBES2
encryption algorithm and doing the necessary work even if they weren't
specifically configured to allow PBES2.
Added
ParseEncrypted, which try to automatically detect which serialization was
provided. It's common to require a specific serialization for a specific
protocol - for instance JWT requires Compact serialization.
goccy/go-yaml (github.com/goccy/go-yaml)
v1.15.10
: 1.15.10Compare Source
What's Changed
New Contributors
Full Changelog: goccy/go-yaml@v1.15.9...v1.15.10
v1.15.9
: 1.15.9Compare Source
What's Changed
New Contributors
Full Changelog: goccy/go-yaml@v1.15.8...v1.15.9
opencontainers/runc (github.com/opencontainers/runc)
v1.2.3
: runc v1.2.3 -- "Winter is not a season, it's a celebration."Compare Source
This is the third patch release of the 1.2.z release branch of runc. It
primarily fixes some minor regressions introduced in 1.2.0.
runc processes racing to create the same mountpoint in a shared rootfs
would result in spurious EEXIST errors. In particular, this regression
caused issues with BuildKit. (#4543, #4550)
Cilium's eBPF library version to 0.16 in runc. (#3008, #4551)
Static Linking Notices
The
runc
binary distributed with this release are statically linked withthe following GNU LGPL-2.1 licensed libraries, with
runc
actingas a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to all of the contributors who made this release possible:
Signed-off-by: Aleksa Sarai cyphar@cyphar.com
open-telemetry/opentelemetry-go (go.opentelemetry.io/otel)
v1.33.0
: /v0.55.0/v0.9.0/v0.0.12Compare Source
Overview
Added
Reset
method toSpanRecorder
ingo.opentelemetry.io/otel/sdk/trace/tracetest
. (#5994)EnabledInstrument
interface ingo.opentelemetry.io/otel/sdk/metric/internal/x
. This is an experimental interface that is implemented by synchronous instruments provided bygo.opentelemetry.io/otel/sdk/metric
. Users can use it to avoid performing computationally expensive operations when recording measurements. It does not fall within the scope of the OpenTelemetry Go versioning and stability policy and it may be changed in backwards incompatible ways or removed in feature releases. (#6016)Changed
go.opentelemetry.io/auto
package. See that package for more information. (#5920)go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp
. (#5929)go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
. (#5929)go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
. (#5929)AsStringSlice
,AsFloat64Slice
,AsInt64Slice
,AsBoolSlice
. (#6011)EnabledParameters
to have aSeverity
field instead of a getter and setter ingo.opentelemetry.io/otel/log
. (#6009)Fixed
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp
. (#5954)go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
. (#5954)go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
. (#5954)go.opentelemetry.io/otel/exporters/prometheus
. (#5995)go.opentelemetry.io/otel/sdk/trace
. (#5997)go.opentelemetry.io/otel/sdk/log
. (#6032)What's Changed
2d47ceb
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/5963e0fbfb7
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/597165e8d21
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/5972e639e21
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/5985Reset
method toSpanRecorder
by @flc1125 in https://github.com/open-telemetry/opentelemetry-go/pull/59948dc4a50
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/60052c02b82
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/601019429a9
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/6014AsStringSlice
,AsFloat64Slice
,AsInt64Slice
,AsBoolSlice
by @boekkooi-impossiblecloud in https://github.com/open-telemetry/opentelemetry-go/pull/6011a4fef06
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/6027ca80a95
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/6029e6fa225
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/60281829a12
by @renovate in https://github.com/open-telemetry/opentelemetry-go/pull/6031New Contributors
Full Changelog: open-telemetry/opentelemetry-go@v1.32.0...v1.33.0
grpc/grpc-go (google.golang.org/grpc)
v1.69.0
: Release 1.69.0Compare Source
Known Issues
grpc.NewClient
function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. A fix is expected to be a part of grpc-go v1.70. (#7556)New Features
pickfirst
LB policy (disabled by default) supports Happy Eyeballs, interleaving IPv4 and IPv6 address as described in RFC-8305 section 4, to attempt connections to multiple backends concurrently. The experimentalpickfirst
policy can be enabled by setting the environment variableGRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST
totrue
. (#7725, #7742)pick_first
load balancing policy (#7839)MethodHandler
, which is the type of an already-exported field inMethodDesc
(#7796)Bug Fixes
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.