8000 build(deps): Bump the all-go-modules group with 13 updates by dependabot[bot] · Pull Request #5072 · cometbft/cometbft · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

build(deps): Bump the all-go-modules group with 13 updates #5072

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): Bump the all-go-modules group with 13 updates #5072

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor
@dependabot dependabot bot commented on behalf of github Apr 14, 2025

Bumps the all-go-modules group with 13 updates:

Package From To
github.com/BurntSushi/toml 1.4.0 1.5.0
github.com/dgraph-io/badger/v4 4.6.0 4.7.0
github.com/prometheus/client_golang 1.21.1 1.22.0
github.com/prometheus/client_model 0.6.1 0.6.2
github.com/prometheus/common 0.62.0 0.63.0
github.com/spf13/viper 1.19.0 1.20.1
golang.org/x/crypto 0.36.0 0.37.0
golang.org/x/net 0.37.0 0.38.0
google.golang.org/grpc 1.71.0 1.71.1
github.com/go-git/go-git/v5 5.14.0 5.15.0
golang.org/x/sync 0.12.0 0.13.0
gonum.org/v1/gonum 0.15.1 0.16.0
google.golang.org/protobuf 1.36.5 1.36.6

Updates github.com/BurntSushi/toml from 1.4.0 to 1.5.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.5.0

Mostly some small bugfixes, with a few small new features:

  • Add Position.Col, to mark the column an error occurred (#410)

  • Print more detailed errors in the tomlv CLI.

  • Ensure ParseError.Message is always set (#411)

  • Allow custom string types as map keys (#414)

  • Mark meta keys as decoded when using Unmarshaler interface (#426)

  • Fix encoding when nested inline table ends with map (#438)

  • Fix encoding of several layers of embedded structs (#430)

  • Fix ErrorWithPosition panic when there is no newline in the TOML document (#433)

Commits
  • d97def5 Update toml-test
  • d10101f Correct encoding of comma when nested inline table ends with map
  • 75a4f17 Correct encoding of several layers of embedded structs
  • 702f5a6 Minor staticcheck fixes
  • 6f7689d Mar 8000 k meta keys as decoded when using Unmarshaler interface (#426)
  • 8323983 Remove exception for fuzzer
  • 4664468 Fix ErrorWithPosition panic when less than two lines
  • 211c915 Fix typos in comments, tests, error message (#432)
  • c141a29 Test with Go 1.24 in CI
  • 2918ee7 Fix metadata: do not reuse result of append (#418)
  • Additional commits viewable in compare view

Updates github.com/dgraph-io/badger/v4 from 4.6.0 to 4.7.0

Release notes

Sourced from github.com/dgraph-io/badger/v4's releases.

Badger v4.7.0

This release removes the dependency on github.com/pkg/errors. If you rely on errors returned by badger, please proceed with caution.

What's Changed

New Contributors

Full Changelog: hypermodeinc/badger@v4.6.0...v4.7.0

Commits

Updates github.com/prometheus/client_golang from 1.21.1 to 1.22.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.22.0 - 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.22.0 / 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765
Commits
  • d50be25 Cut 1.22.0 (#1793)
  • 1043db7 Cut 1.22.0-rc.0 (#1768)
  • e575c9c promhttp: Isolate zstd support and klauspost/compress library use to promhttp...
  • f2276aa Merge pull request #1764 from prometheus/dependabot/github_actions/github-act...
  • 9df772c build(deps): bump peter-evans/create-pull-request
  • a3548c5 Merge pull request #1754 from saswatamcode/exp-eh
  • 60fd2b0 Remove go.work file for now
  • 8f9d0de exp: Add dependabot config
  • c5cf981 Merge pull request #1762 from prometheus/release-1.21
  • e84c305 exp: Reset snappy buf (#1756)
  • Additional commits viewable in compare view

Updates github.com/prometheus/client_model from 0.6.1 to 0.6.2

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.2

What's Changed

Full Changelog: prometheus/client_model@v0.6.1...v0.6.2

Commits
  • eb136e5 Merge pull request #119 from prometheus/superq/google.golang.org/protobuf
  • bf7f2ca Update golanci-lint to v2.
  • 7e9b56c Bump google.golang.org/protobuf from 1.36.5 to 1.36.6
  • ef699ce Merge pull request #116 from prometheus/repo_sync
  • bf8b12e Update common Prometheus files
  • 5b93968 Merge pull request #115 from prometheus/repo_sync
  • ae83ddc Update common Prometheus files
  • afe0b21 Merge pull request #114 from prometheus/repo_sync
  • 75e1daf Update common Prometheus files
  • 73608e2 Merge pull request #113 from prometheus/dependabot/go_modules/google.golang.o...
  • Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.62.0 to 0.63.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.63.0

What's Changed

New Contributors

Full Changelog: prometheus/common@v0.62.0...v0.63.0

Commits
  • cf3c56f Merge pull request #768 from prometheus/otlp-translator
  • b35ad99 Add test case for BuildCompliantMetricName with a metric that starts with a d...
  • 227989c otlptranslator: Add dependency free package that translator OTLP data into Pr...
  • a9cc7f7 Update common Prometheus files (#767)
  • 0decf1f Fix spelling mistake in godoc (#766)
  • 6b9636c model: Clarify the purpose of model.NameValidationScheme (#765)
  • 56f6f38 build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 (#762)
  • b516f6d build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (#763)
  • 0db99da build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 (#761)
  • ca40aa0 build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 (#756)
  • Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.19.0 to 1.20.1

Release notes

Sourced from github.com/spf13/viper's releases.

v1.20.1

What's Changed

Bug Fixes 🐛

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

[!WARNING] This release includes a few minor breaking changes. Read the upgrade guide for details.

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Bug Fixes 🐛

Breaking Changes 🛠

Dependency Updates ⬆️

... (truncated)

Commits
  • 9568cfc fix: config type check when loading any config
  • fd05140 fix(config): get config type from v.configType or config file ext
  • c038295 docs: add update instructions for 1.20
  • 9c07e0f build: disable unused linters
  • 48112d6 ci: add Go 1.24 to the test matrix
  • 66e3e28 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
  • 17b96ac New Logo
  • 8b223a4 build(deps): bump github.com/spf13/cast from 1.7.0 to 1.7.1
  • 91fd363 chore: update afero
  • e75c48f Fix issues reported by testifylint
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.36.0 to 0.37.0

Commits
  • 959f8f3 go.mod: update golang.org/x dependencies
  • 769bcd6 ssh: use the configured rand in kex init
  • d0a798f cryptobyte: fix typo 'octects' into 'octets' for asn1.go
  • acbcbef acme: remove unnecessary []byte conversion
  • 376eb14 x509roots: support constrained roots
  • b369b72 crypto/internal/poly1305: implement function update in assembly on loong64
  • 6b853fb ssh/knownhosts: check more than one key
  • See full diff in compare view

Updates golang.org/x/net from 0.37.0 to 0.38.0

Commits
  • e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...
  • ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest
  • 1f1fa29 publicsuffix: regenerate table
  • 1215081 http2: improve error when server sends HTTP/1
  • 312450e html: ensure <search> tag closes <p> and update tests
  • 09731f9 http2: improve handling of lost PING in Server
  • 55989e2 http2/h2c: use ResponseController for hijacking connections
  • 2914f46 websocket: re-recommend gorilla/websocket
  • See full diff in compare view

Updates google.golang.org/grpc from 1.71.0 to 1.71.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.71.1

Bug Fixes

  • grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor (#8178)
  • xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time (#8164)
  • stats/opentelemetry: use TextMapPropagator and TracerProvider from TraceOptions instead of OpenTelemetry globals (#8166)
  • client: fix races when an http proxy is configured that could lead to deadlocks or panics (#8195)
  • client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated NewAddress API (#8149)
  • wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends (#8179)
Commits

Updates github.com/go-git/go-git/v5 from 5.14.0 to 5.15.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.15.0

What's Changed

Full Changelog: go-git/go-git@v5.14.0...v5.15.0

Commits
  • 6f444d3 Merge pull request #1505 from pjbgf/bump
  • 9996069 v5: Bump dependencies
  • 768fda7 Merge pull request #1482 from Javier-varez/add-cert-auth-support-v5.x
  • ba9d693 plumbing: support setting custom host key algorithms along with host key call...
  • 61916be plumbing: re-add support for cert-authorities using skeema's HostKeyDB
  • See full diff in compare view

Updates golang.org/x/sync from 0.12.0 to 0.13.0

Commits

Updates gonum.org/v1/gonum from 0.15.1 to 0.16.0

Release notes

Sourced from gonum.org/v1/gonum's releases.

v0.16.0

Release v0.16.0 is a minor release in the v0.16 branch.

API breaking changes:

cf3307fa bc349ecf 061ef9d2 all: migrate to math/rand/v2

Improvements since v0.15.1:

0dd167ea graph/flow: add algorithm for finding intervals in flow graphs 0c3ed0bb dsp/transform: new package and initial Hilbert transform ef1ae5e4 graph/path: improve performance of YenKShortestPaths

Commits
  • 7826ba4 github: add reading check instruction to pr template
  • bbabe75 A+C: add Zhan Shan Mao
  • 808cbd4 lapack: fix eigenvector normalization residual calculation
  • 3b4190a all: bump gonum/plot@v0.15.2
  • 7f45d71 graph/iterator: reflect the swiss map iterator shape
  • d39b80c ci: bump WillAbides/setup-go-faster@1.14
  • 571acd8 blas/testblas,optimize: apply staticcheck suggestions
  • 23cc2a7 ci: bump staticcheck@2025.1
  • 72d9f39 all: use Go-1.24, drop Go-1.22
  • 3f7594a graph/formats/rdf: regenerate with new ragel version
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.5 to 1.36.6

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and s 8000 top Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): Bump the all-go-modules group with 13 updates
b2f35e2 
Bumps the all-go-modules group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) | `1.4.0` | `1.5.0` |
| [github.com/dgraph-io/badger/v4](https://github.com/dgraph-io/badger) | `4.6.0` | `4.7.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.21.1` | `1.22.0` |
| [github.com/prometheus/client_model](https://github.com/prometheus/client_model) | `0.6.1` | `0.6.2` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.62.0` | `0.63.0` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.19.0` | `1.20.1` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.36.0` | `0.37.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.37.0` | `0.38.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.71.0` | `1.71.1` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.14.0` | `5.15.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.12.0` | `0.13.0` |
| [gonum.org/v1/gonum](https://github.com/gonum/gonum) | `0.15.1` | `0.16.0` |
| google.golang.org/protobuf | `1.36.5` | `1.36.6` |


Updates `github.com/BurntSushi/toml` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.4.0...v1.5.0)

Updates `github.com/dgraph-io/badger/v4` from 4.6.0 to 4.7.0
- [Release notes](https://github.com/dgraph-io/badger/releases)
- [Changelog](https://github.com/hypermodeinc/badger/blob/main/CHANGELOG.md)
- [Commits](hypermodeinc/badger@v4.6.0...v4.7.0)

Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.21.1...v1.22.0)

Updates `github.com/prometheus/client_model` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/prometheus/client_model/releases)
- [Commits](prometheus/client_model@v0.6.1...v0.6.2)

Updates `github.com/prometheus/common` from 0.62.0 to 0.63.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](prometheus/common@v0.62.0...v0.63.0)

Updates `github.com/spf13/viper` from 1.19.0 to 1.20.1
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.19.0...v1.20.1)

Updates `golang.org/x/crypto` from 0.36.0 to 0.37.0
- [Commits](golang/crypto@v0.36.0...v0.37.0)

Updates `golang.org/x/net` from 0.37.0 to 0.38.0
- [Commits](golang/net@v0.37.0...v0.38.0)

Updates `google.golang.org/grpc` from 1.71.0 to 1.71.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.71.0...v1.71.1)

Updates `github.com/go-git/go-git/v5` from 5.14.0 to 5.15.0
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.14.0...v5.15.0)

Updates `golang.org/x/sync` from 0.12.0 to 0.13.0
- [Commits](golang/sync@v0.12.0...v0.13.0)

Updates `gonum.org/v1/gonum` from 0.15.1 to 0.16.0
- [Release notes](https://github.com/gonum/gonum/releases)
- [Commits](gonum/gonum@v0.15.1...v0.16.0)

Updates `google.golang.org/protobuf` from 1.36.5 to 1.36.6

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: github.com/dgraph-io/badger/v4
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: github.com/prometheus/client_model
  dependency-version: 0.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-modules
- dependency-name: github.com/prometheus/common
  dependency-version: 0.63.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: github.com/spf13/viper
  dependency-version: 1.20.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.71.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-modules
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: golang.org/x/sync
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: gonum.org/v1/gonum
  dependency-version: 0.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added automerge dependencies Dependency updates labels Apr 14, 2025
@dependabot dependabot bot requested review from a team as code owners April 14, 2025 04:16
@ironbird-prod Ironbird (prod)
Copy link
ironbird-prod bot commented Apr 14, 2025
Ironbird - launch a network To use Ironbird, you can use the following commands:
  • /ironbird start - Launch a testnet with the specified chain and load test configuration.
  • /ironbird chains - List of chain images that ironbird can use to spin-up testnet
  • /ironbird loadtests - List of load test modes that ironbird can run against testnet

mergify[bot]
mergify bot approved these changes Apr 14, 2025
View reviewed changes
Copy link
Contributor
@mergify mergify bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approving dependabot

@zrbecker zrbecker closed this Apr 20, 2025
@dependabot Dependabot
Copy link
Contributor Author
dependabot bot commented on behalf of github Apr 20, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/go_modules/v1.x/all-go-modules-f7bb39f69d branch April 20, 2025 02:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mergify mergify[bot] mergify[bot] approved these changes

Assignees
No one assigned
Labels
automerge dependencies Dependency updates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@zrbecker
0