Skip to content

Bump the stable-updates group across 1 directory with 9 updates #28

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the stable-updates group across 1 directory with 9 updates #28

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 1, 2025

Bumps the stable-updates group with 8 updates in the / directory:

Package From To
github.com/aws/aws-sdk-go-v2/config 1.29.9 1.29.14
github.com/aws/aws-sdk-go-v2/service/bedrockruntime 1.26.1 1.30.0
github.com/coreos/go-oidc/v3 3.13.0 3.14.1
github.com/go-playground/validator/v10 10.25.0 10.26.0
github.com/prometheus/client_golang 1.21.1 1.22.0
github.com/spf13/viper 1.20.0 1.20.1
golang.org/x/oauth2 0.28.0 0.29.0
google.golang.org/api 0.226.0 0.231.0

Updates github.com/aws/aws-sdk-go-v2/config from 1.29.9 to 1.29.14

Commits

Updates github.com/aws/aws-sdk-go-v2/service/bedrockruntime from 1.26.1 to 1.30.0

Commits

Updates github.com/coreos/go-oidc/v3 from 3.13.0 to 3.14.1

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.14.1

What's Changed

Full Changelog: coreos/go-oidc@v3.14.0...v3.14.1

v3.14.0

What's Changed

Full Changelog: coreos/go-oidc@v3.13.0...v3.14.0

Commits

Updates github.com/go-playground/validator/v10 from 10.25.0 to 10.26.0

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

v10.26.0

What's Changed

New Contributors

Full Changelog: go-playground/validator@v10.25.0...v10.26.0

Commits

Updates github.com/prometheus/client_golang from 1.21.1 to 1.22.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.22.0 - 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.22.0 / 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765
Commits
  • d50be25 Cut 1.22.0 (#1793)
  • 1043db7 Cut 1.22.0-rc.0 (#1768)
  • e575c9c promhttp: Isolate zstd support and klauspost/compress library use to promhttp...
  • f2276aa Merge pull request #1764 from prometheus/dependabot/github_actions/github-act...
  • 9df772c build(deps): bump peter-evans/create-pull-request
  • a3548c5 Merge pull request #1754 from saswatamcode/exp-eh
  • 60fd2b0 Remove go.work file for now
  • 8f9d0de exp: Add dependabot config
  • c5cf981 Merge pull request #1762 from prometheus/release-1.21
  • e84c305 exp: Reset snappy buf (#1756)
  • Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.20.0 to 1.20.1

Release notes

Sourced from github.com/spf13/viper's releases.

v1.20.1

What's Changed

Bug Fixes 🐛

Full Changelog: spf13/viper@v1.20.0...v1.20.1

Commits
  • 9568cfc fix: config type check when loading any config
  • fd05140 fix(config): get config type from v.configType or config file ext
  • See full diff in compare view

Updates golang.org/x/oauth2 from 0.28.0 to 0.29.0

Commits

Updates google.golang.org/api from 0.226.0 to 0.231.0

Release notes

Sourced from google.golang.org/api's releases.

v0.231.0

0.231.0 (2025-04-29)

Features

v0.230.0

0.230.0 (2025-04-22)

Features

Bug Fixes

v0.229.0

0.229.0 (2025-04-14)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.231.0 (2025-04-29)

Features

0.230.0 (2025-04-22)

Features

Bug Fixes

0.229.0 (2025-04-14)

Features

... (truncated)

Commits

Updates google.golang.org/grpc from 1.71.0 to 1.72.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.72.0

Dependencies

  • Minimum supported Go version is now 1.23 (#8108)

API Changes

  • resolver: add experimental AddressMapV2 with generics to ultimately replace AddressMap. Deprecate AddressMap for deletion (#8187)
  • resolver: convert EndpointMap in place to use generics (#8189)

New Features

  • xds: add grpc.xds_client.server_failure counter metric on xDS client to record connectivity errors (#8203)
  • balancer/rls: allow maxAge to exceed 5 minutes if staleAge is set in the LB policy configuration (#8137)
  • ringhash: implement gRFC A76 improvements. (#8159)
  • pickfirst: The new pick first LB policy is made the default. The new LB policy implements the Happy Eyeballs algorithm. To disable the new policy set the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to false (case insensitive).

Bug Fixes

  • xds: fix support for circuit breakers and load reporting in LOGICAL_DNS clusters (#8169, #8170)
  • xds/cds: improve RPC error messages when resources are not found (#8122)
  • balancer/priority: fix race that could leak balancers and goroutines during shutdown (#8095)
  • stats/opentelemetry: fix trace attributes message sequence numbers to start from 0 (#8237)
  • balancer/pickfirstleaf: fix panic if deprecated Address.Metadata field is set to a non-comparable value by ignoring the field (#8227)

Behavior Changes

  • transport: make servers send an HTTP/2 RST_STREAM frame to cancel a stream when the deadline expires (#8071)

Documentation

  • stats: clarify the expected sequence of events on a stats handler (#7885)

Release 1.71.1

Bug Fixes

  • grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor (#8178)
  • xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time (#8164)
  • stats/opentelemetry: use TextMapPropagator and TracerProvider from TraceOptions instead of OpenTelemetry globals (#8166)
  • client: fix races when an http proxy is configured that could lead to deadlocks or panics (#8195)
  • client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated NewAddress API (#8149)
  • wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends (#8179)
Commits
  • a43eba6 Change version to 1.72.0 (#8218)
  • 48f48c1 balancer/pickfirstleaf: Avoid reading Address.Metadata (#8227) (#8259)
  • fd6f585 Cherry-pick #8159 and #8243 to v1.72.x (#8255)
  • 79ca174 stats/opentelemetry: fix trace attributes message sequence numbers to start f...
  • 57a2605 xdsclient: fix TestServerFailureMetrics_BeforeResponseRecv test to wait for w...
  • 5edab9e xdsclient: add grpc.xds_client.server_failure counter mertric (#8203)
  • 78ba661 regenerate protos (#8208)
  • 6819ed7 delegatingresolver: Stop calls into delegates once the parent resolver is clo...
  • a51009d resolver: convert EndpointMap to use generics (#8189)
  • b0d1203 resolver: create AddressMapV2 with generics to replace AddressMap (#8187)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the stable-updates group across 1 directory with 9 updates
09483f9 
Bumps the stable-updates group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.29.9` | `1.29.14` |
| [github.com/aws/aws-sdk-go-v2/service/bedrockruntime](https://github.com/aws/aws-sdk-go-v2) | `1.26.1` | `1.30.0` |
| [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) | `3.13.0` | `3.14.1` |
| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.25.0` | `10.26.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.21.1` | `1.22.0` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.20.0` | `1.20.1` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.28.0` | `0.29.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.226.0` | `0.231.0` |



Updates `github.com/aws/aws-sdk-go-v2/config` from 1.29.9 to 1.29.14
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@config/v1.29.9...config/v1.29.14)

Updates `github.com/aws/aws-sdk-go-v2/service/bedrockruntime` from 1.26.1 to 1.30.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.26.1...v1.30.0)

Updates `github.com/coreos/go-oidc/v3` from 3.13.0 to 3.14.1
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.13.0...v3.14.1)

Updates `github.com/go-playground/validator/v10` from 10.25.0 to 10.26.0
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](go-playground/validator@v10.25.0...v10.26.0)

Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.21.1...v1.22.0)

Updates `github.com/spf13/viper` from 1.20.0 to 1.20.1
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.20.0...v1.20.1)

Updates `golang.org/x/oauth2` from 0.28.0 to 0.29.0
- [Commits](golang/oauth2@v0.28.0...v0.29.0)

Updates `google.golang.org/api` from 0.226.0 to 0.231.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.226.0...v0.231.0)

Updates `google.golang.org/grpc` from 1.71.0 to 1.72.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.71.0...v1.72.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.29.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: stable-updates
- dependency-name: github.com/aws/aws-sdk-go-v2/service/bedrockruntime
  dependency-version: 1.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-version: 3.14.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: github.com/go-playground/validator/v10
  dependency-version: 10.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: github.com/spf13/viper
  dependency-version: 1.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: stable-updates
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: google.golang.org/api
  dependency-version: 0.231.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
- dependency-name: google.golang.org/grpc
  dependency-version: 1.72.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: stable-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 1, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented May 1, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@shahariaazam shahariaazam

Labels
dependencies Pull requests that update a dependency file go Pull requests that update go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@shahariaazam