build(deps): Bump the all-go-modules group with 4 updates #5033

dependabot · 2025-03-17T04:22:58Z

Bumps the all-go-modules group with 4 updates: github.com/creachadair/atomicfile, github.com/creachadair/tomledit, github.com/prometheus/common and github.com/spf13/viper.

Updates github.com/creachadair/atomicfile from 0.3.7 to 0.3.8

Commits

9f111e4 go.mod: remove toolchain, update mds to v0.24.1
bbb7753 cmd/acat: remove (empty) tempfile when --nonempty is true
cda6a5a go.mod: update module dependencies
0e147bc go.mod: update module dependencies
See full diff in compare view

Updates github.com/creachadair/tomledit from 0.0.27 to 0.0.28

Commits

02ca0a9 Release v0.0.28
0380453 go.mod: remove the toolchain directive
487ddba go.mod: update module dependencies
7f3f91a go.mod: update module dependencies
52f48d4 go.mod: update module dependencies
ff068d7 go.mod: update module dependencies
See 10000 full diff in compare view

Updates github.com/prometheus/common from 0.62.0 to 0.63.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.63.0

What's Changed

Making the map a public variable for promtheus-operator by @dongjiang1989 in prometheus/common#741

setup ossf scorecard and codeql workflows by @mmorel-35 in prometheus/common#564

feat(promslog): implement reserved keys, rename duplicates by @tjhop in prometheus/common#746

Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @dependabot in prometheus/common#750

Bump golang.org/x/net from 0.33.0 to 0.34.0 by @dependabot in prometheus/common#749

Bump google.golang.org/protobuf from 1.36.1 to 1.36.3 by @dependabot in prometheus/common#751

promslog: Make AllowedLevel concurrency safe. by @bwplotka in prometheus/common#754

Fix typo 'the an' by @petern48 in prometheus/common#752

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#757

build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @dependabot in prometheus/common#756

build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @dependabot in prometheus/common#761

build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot in prometheus/common#763

build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 by @dependabot in prometheus/common#762

model: Clarify the purpose of model.NameValidationScheme by @ywwg in prometheus/common#765

Fix spelling mistake in godoc by @grobinson-grafana in prometheus/common#766

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#767

otlptranslator: Add dependency free package that translates OTLP data into Prometheus metric/label names by @ArthurSens in prometheus/common#768

New Contributors

@dongjiang1989 made their first contribution in prometheus/common#741

@petern48 made their first contribution in prometheus/common#752

Full Changelog: prometheus/common@v0.62.0...v0.63.0

Commits

cf3c56f Merge pull request #768 from prometheus/otlp-translator
b35ad99 Add test case for BuildCompliantMetricName with a metric that starts with a d...
227989c otlptranslator: Add dependency free package that translator OTLP data into Pr...
a9cc7f7 Update common Prometheus files (#767)
0decf1f Fix spelling mistake in godoc (#766)
6b9636c model: Clarify the purpose of model.NameValidationScheme (#765)
56f6f38 build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 (#762)
b516f6d build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (#763)
0db99da build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 (#761)
ca40aa0 build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 (#756)
Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.19.0 to 1.20.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.20.0

[!WARNING] This release includes a few minor breaking changes. Read the upgrade guide for details.

What's Changed

Exciting New Features 🎉

New encoding layer by @sagikazarmark in spf13/viper#1869

Enhancements 🚀

Drop Go 1.20 support by @sagikazarmark in spf13/viper#1846

Drop slog shim by @sagikazarmark in spf13/viper#1848

Replace file searching API with a finder by @sagikazarmark in spf13/viper#1849

Finder feature flag by @sagikazarmark in spf13/viper#1852

Allow setting options on the global Viper instance by @sagikazarmark in spf13/viper#1856

Add experimental flag for bind struct by @sagikazarmark in spf13/viper#1854

Make the remote package a separate module by @sagikazarmark in spf13/viper#1860

Add decoder hook option by @sagikazarmark in spf13/viper#1872

Encoder improvements by @sagikazarmark in spf13/viper#1885

Get uint8 by @martinconic in spf13/viper#1894

Bug Fixes 🐛

Fix missing config type when reading from a buffer by @sagikazarmark in spf13/viper#1857

fix: do not allow setting dependencies to nil values by @sagikazarmark in spf13/viper#1871

feat: copy keydelim from parent chart in viper.Sub() by @obs-gh-alexlew in spf13/viper#1887

Breaking Changes 🛠

Drop encoding formats: HCL, Java properties, INI by @sagikazarmark in spf13/viper#1870

Dependency Updates ⬆️

chore: update mapstructure by @sagikazarmark in spf13/viper#1723

chore: update crypt by @sagikazarmark in spf13/viper#1834

build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in spf13/viper#1853

Revert to go-difflib and go-spew releases by @skitt in spf13/viper#1861

build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @dependabot in spf13/viper#1862

build(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @dependabot in spf13/viper#1865

build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in spf13/viper#1864

chore: update crypt by @sagikazarmark in spf13/viper#1866

build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in spf13/viper#1876

build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /remote by @dependabot in spf13/viper#1878

build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in spf13/viper#1879

build(deps): bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @dependabot in spf13/viper#1881

build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in spf13/viper#1880

build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in spf13/viper#1883

chore(deps): update crypt by @sagikazarmark in spf13/viper#1884

chore: update dependencies by @sagikazarmark in spf13/viper#1888

build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0 to 2.1.0 by @dependabot in spf13/viper#1901

build(deps): bump github.com/spf13/cast from 1.6.0 to 1.7.0 by @dependabot in spf13/viper#1899

build(deps): bump github/codeql-action from 3.25.13 to 3.26.0 by @dependabot in spf13/viper#1897

build(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot in spf13/viper#1893

build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in spf13/viper#1903

build(deps): bump github/codeql-action from 3.26.2 to 3.26.3 by @dependabot in spf13/viper#1905

... (truncated)

Commits

c038295 docs: add update instructions for 1.20
9c07e0f build: disable unused linters
48112d6 ci: add Go 1.24 to the test matrix
66e3e28 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
17b96ac New Logo
8b223a4 build(deps): bump github.com/spf13/cast from 1.7.0 to 1.7.1
91fd363 chore: update afero
e75c48f Fix issues reported by testifylint
a5ea569 build(deps): bump github/codeql-action from 3.27.7 to 3.27.9
54f2089 build(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /remote
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-go-modules group with 4 updates: [github.com/creachadair/atomicfile](https://github.com/creachadair/atomicfile), [github.com/creachadair/tomledit](https://github.com/creachadair/tomledit), [github.com/prometheus/common](https://github.com/prometheus/common) and [github.com/spf13/viper](https://github.com/spf13/viper). Updates `github.com/creachadair/atomicfile` from 0.3.7 to 0.3.8 - [Commits](creachadair/atomicfile@v0.3.7...v0.3.8) Updates `github.com/creachadair/tomledit` from 0.0.27 to 0.0.28 - [Commits](creachadair/tomledit@v0.0.27...v0.0.28) Updates `github.com/prometheus/common` from 0.62.0 to 0.63.0 - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md) - [Commits](prometheus/common@v0.62.0...v0.63.0) Updates `github.com/spf13/viper` from 1.19.0 to 1.20.0 - [Release notes](https://github.com/spf13/viper/releases) - [Commits](spf13/viper@v1.19.0...v1.20.0) --- updated-dependencies: - dependency-name: github.com/creachadair/atomicfile dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-modules - dependency-name: github.com/creachadair/tomledit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-modules - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-modules - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-modules ... Signed-off-by: dependabot[bot] <support@github.com>

mergify

Automatically approving dependabot

…5d6cd58d

dependabot · 2025-03-24T04:26:50Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added automerge dependencies Dependency updates labels Mar 17, 2025

dependabot bot requested review from a team as code owners March 17, 2025 04:22

mergify bot approved these changes Mar 17, 2025

View reviewed changes

melekes approved these changes Mar 20, 2025

View reviewed changes

mergify bot added 6 commits March 21, 2025 07:36

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

dd66ea3

…5d6cd58d

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

80eec58

…5d6cd58d

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

6c06510

…5d6cd58d

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

886e769

…5d6cd58d

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

6f82549

…5d6cd58d

Merge branch 'main' into dependabot/go_modules/main/all-go-modules-b8…

630d520

…5d6cd58d

dependabot bot closed this Mar 24, 2025

dependabot bot deleted the dependabot/go_modules/main/all-go-modules-b85d6cd58d branch March 24, 2025 04:26

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): Bump the all-go-modules group with 4 updates #5033

build(deps): Bump the all-go-modules group with 4 updates #5033

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

build(deps): Bump the all-go-modules group with 4 updates #5033

build(deps): Bump the all-go-modules group with 4 updates #5033

Uh oh!

Conversation

Uh oh!

v0.63.0

What's Changed

New Contributors

v1.20.0

What's Changed

Exciting New Features 🎉

Enhancements 🚀

Bug Fixes 🐛

Breaking Changes 🛠

Dependency Updates ⬆️

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!