Skip to content

Bump the all-deps group with 7 updates #1701

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 19, 2025
Merged

Bump the all-deps group with 7 updates #1701

merged 1 commit into from
May 19, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 19, 2025

Bumps the all-deps group with 7 updates:

Package From To
github.com/jackc/pgx/v5 5.7.4 5.7.5
go.etcd.io/etcd/client/v3 3.5.21 3.6.0
go.etcd.io/etcd/etcdctl/v3 3.5.21 3.6.0
go.etcd.io/etcd/v3 3.5.21 3.6.0
golang.org/x/crypto 0.37.0 0.38.0
golang.org/x/net 0.39.0 0.40.0
google.golang.org/grpc 1.72.0 1.72.1

Updates github.com/jackc/pgx/v5 from 5.7.4 to 5.7.5

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.7.5 (May 17, 2025)

  • Support sslnegotiation connection option (divyam234)
  • Update golang.org/x/crypto to v0.37.0. This placates security scanners that were unable to see that pgx did not use the behavior affected by https://pkg.go.dev/vuln/GO-2025-3487.
  • TraceLog now logs Acquire and Release at the debug level (dave sinclair)
  • Add support for PGTZ environment variable
  • Add support for PGOPTIONS environment variable
  • Unpin memory used by Rows quicker
  • Remove PlanScan memoization. This resolves a rare issue where scanning could be broken for one type by first scanning another. The problem was in the memoization system and benchmarking revealed that memoization was not providing any meaningful benefit.
Commits
  • 15bca4a Release v5.7.5
  • 1d557f9 Remove PlanScan memoization
  • de7fe81 Use reflect.TypeFor instead of reflect.TypeOf
  • d9eb089 Remove unused function
  • 6be24eb Fix comment typo
  • 07871c0 Zero internal baseRows references to allow GC earlier
  • 777e7e5 Merge pull request #2313 from stampy88/tracelog_pool_additions
  • 151bd02 Switched to LogLevelDebug
  • 540fcaa Add support for PGOPTIONS environment variable
  • 3a248e3 Add support for PGTZ environment variable
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/v3 from 3.5.21 to 3.6.0

Release notes

Sourced from go.etcd.io/etcd/client/v3's releases.

v3.6.0

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits
  • f5d605a Merge pull request #19951 from ahrtr/release_script_20250515
  • a1bcdc7 Update release script to exactly match the target tag
  • 7a7a77c version: bump up to 3.6.0
  • 115f15e version: bump up to 3.6.0-rc.5
  • 53b485a Merge pull request #19890 from k8s-infra-cherrypick-robot/cherry-pick-19862-t...
  • c774d44 Fix the tar unzip command, adding the --no-same-owner option to avoid permiss...
  • 8d1d1a9 Merge pull request #19867 from ivanvc/release-3.6-go-1.23.9-bump
  • cddc9bc Bump Go to 1.23.9
  • 1a1cc66 Merge pull request #19853 from k8s-infra-cherrypick-robot/cherry-pick-19848-t...
  • 9f66823 fix: test-release
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/etcdctl/v3 from 3.5.21 to 3.6.0

Release notes

Sourced from go.etcd.io/etcd/etcdctl/v3's releases.

v3.6.0

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits
  • f5d605a Merge pull request #19951 from ahrtr/release_script_20250515
  • a1bcdc7 Update release script to exactly match the target tag
  • 7a7a77c version: bump up to 3.6.0
  • 115f15e version: bump up to 3.6.0-rc.5
  • 53b485a Merge pull request #19890 from k8s-infra-cherrypick-robot/cherry-pick-19862-t...
  • c774d44 Fix the tar unzip command, adding the --no-same-owner option to avoid permiss...
  • 8d1d1a9 Merge pull request #19867 from ivanvc/release-3.6-go-1.23.9-bump
  • cddc9bc Bump Go to 1.23.9
  • 1a1cc66 Merge pull request #19853 from k8s-infra-cherrypick-robot/cherry-pick-19848-t...
  • 9f66823 fix: test-release
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/v3 from 3.5.21 to 3.6.0

Release notes

Sourced from go.etcd.io/etcd/v3's releases.

v3.6.0

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.6.0
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits
  • f5d605a Merge pull request #19951 from ahrtr/release_script_20250515
  • a1bcdc7 Update release script to exactly match the target tag
  • 7a7a77c version: bump up to 3.6.0
  • 115f15e version: bump up to 3.6.0-rc.5
  • 53b485a Merge pull request #19890 from k8s-infra-cherrypick-robot/cherry-pick-19862-t...
  • c774d44 Fix the tar unzip command, adding the --no-same-owner option to avoid permiss...
  • 8d1d1a9 Merge pull request #19867 from ivanvc/release-3.6-go-1.23.9-bump
  • cddc9bc Bump Go to 1.23.9
  • 1a1cc66 Merge pull request #19853 from k8s-infra-cherrypick-robot/cherry-pick-19848-t...
  • 9f66823 fix: test-release
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.37.0 to 0.38.0

Commits
  • aae6e61 go.mod: update golang.org/x dependencies
  • 9c1aa6a ssh/test: reset the random source before capturing a recording
  • 8819902 ssh/test: enable Diffie-Hellman key exchange algorithms
  • 3f311e4 acme: return error from pre-authorization when unsupported
  • 1f7c62c ssh/test: skip unsupported tests on js/wasm
  • a5f8048 acme/autocert: use standard functions to pick the cache directory
  • 958cde8 Revert "chacha20: add loong64 SIMD implementation"
  • 51f005c Revert "salsa20: add loong64 SIMD implementation"
  • 7c35866 Revert "argon2: add loong64 SIMD implementation"
  • 0091fc8 Revert "blake2s: add loong64 SIMD implementation"
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.39.0 to 0.40.0

Commits
  • 7d6e62a go.mod: update golang.org/x dependencies
  • ea0c1d9 internal/timeseries: use built-in max/min to simplify the code
  • 3e7a445 quic: skip packet numbers for optimistic ack defense
  • 3f563d3 quic: use an enum for sentPacket state
  • a3b6e77 quic: don't re-lose packets when discarding keys
  • 22500a6 quic: decode packet numbers >255 in tests
  • dd0b200 quic: remove go1.21 build constraint
  • See full diff in compare view

Updates google.golang.org/grpc from 1.72.0 to 1.72.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.72.1

Bug Fixes

  • client: HTTP Proxy connections are no longer attempted for addresses with non-TCP network types. (#8215)
  • client: Fix bug that causes RPCs to fail with status INTERNAL instead of CANCELLED or DEADLINE_EXCEEDED when receiving a RST_STREAM frame in the middle of the gRPC message. (#8289)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-deps group with 7 updates
06b30ee 
Bumps the all-deps group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) | `5.7.4` | `5.7.5` |
| [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) | `3.5.21` | `3.6.0` |
| [go.etcd.io/etcd/etcdctl/v3](https://github.com/etcd-io/etcd) | `3.5.21` | `3.6.0` |
| [go.etcd.io/etcd/v3](https://github.com/etcd-io/etcd) | `3.5.21` | `3.6.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.37.0` | `0.38.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.39.0` | `0.40.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.72.0` | `1.72.1` |


Updates `github.com/jackc/pgx/v5` from 5.7.4 to 5.7.5
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](jackc/pgx@v5.7.4...v5.7.5)

Updates `go.etcd.io/etcd/client/v3` from 3.5.21 to 3.6.0
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.21...v3.6.0)

Updates `go.etcd.io/etcd/etcdctl/v3` from 3.5.21 to 3.6.0
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.21...v3.6.0)

Updates `go.etcd.io/etcd/v3` from 3.5.21 to 3.6.0
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.21...v3.6.0)

Updates `golang.org/x/crypto` from 0.37.0 to 0.38.0
- [Commits](golang/crypto@v0.37.0...v0.38.0)

Updates `golang.org/x/net` from 0.39.0 to 0.40.0
- [Commits](golang/net@v0.39.0...v0.40.0)

Updates `google.golang.org/grpc` from 1.72.0 to 1.72.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.72.0...v1.72.1)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-version: 5.7.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: go.etcd.io/etcd/etcdctl/v3
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: go.etcd.io/etcd/v3
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: golang.org/x/crypto
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: golang.org/x/net
  dependency-version: 0.40.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: google.golang.org/grpc
  dependency-version: 1.72.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 19, 2025
@dependabot dependabot bot requested a review from a team as a code owner May 19, 2025 12:47
@dependabot dependabot bot requested review from phbnf and removed request for a team May 19, 2025 12:47
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 19, 2025
@dpebot
Copy link
Collaborator

dpebot commented May 19, 2025

/gcbrun

@phbnf phbnf merged commit dbf4a2b into master May 19, 2025
8 checks passed
@phbnf phbnf deleted the dependabot/go_modules/all-deps-84120157f1 branch May 19, 2025 16:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@phbnf phbnf phbnf approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dpebot @phbnf