Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the all group across 1 directory with 11 updates #1799

Closed
wants to merge 1 commit into from
Closed

Bump the all group across 1 directory with 11 updates #1799

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 9, 2024
edited
Loading

Bumps the all group with 9 updates in the / directory:

Package From To
chainguard.dev/sdk 0.1.23 0.1.24
github.com/prometheus/client_golang 1.20.2 1.20.3
github.com/rs/cors 1.11.0 1.11.1
github.com/sigstore/sigstore 1.8.8 1.8.9
github.com/sigstore/sigstore/pkg/signature/kms/aws 1.8.8 1.8.9
github.com/sigstore/sigstore/pkg/signature/kms/azure 1.8.8 1.8.9
github.com/sigstore/sigstore/pkg/signature/kms/gcp 1.8.8 1.8.9
github.com/sigstore/sigstore/pkg/signature/kms/hashivault 1.8.8 1.8.9
go.step.sm/crypto 0.51.1 0.51.2

Updates chainguard.dev/sdk from 0.1.23 to 0.1.24

Release notes

Sourced from chainguard.dev/sdk's releases.

v0.1.24

Full Changelog: chainguard-dev/sdk@v0.1.23...v0.1.24

Commits
  • b251ad6 Merge pull request #55 from chainguard-dev/create-pull-request/patch
  • ae47a57 Export 15acec054c57f30d96955c9aca4e512b3356a7b3
  • c881dd3 Export 26a13563decef85693225511e658af1f0cb9a606
  • 4267955 Export 4713f27c9fe2b9d2597019c01ade2754812e816c
  • 75d13d2 Export ce8b5ea63f37fadf791f5b6d5fb2310803c97f01
  • 685970d Export ca9130bf97920785751a4be93f4dc8f6ce72e670
  • 20ff475 Export d88e25182370357d0fcda198791bbd7658bc095f
  • ed56432 Export 786083c5862f259ade24b6a092c71c3ba81c253a
  • 5af6d54 Export acafde8ed57d4308ab482900c4b8ef0b8986822e
  • 177fb3b Export 70d91271a382ac9f03656a67d8ea4ad62e6a4cef
  • Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.2 to 1.20.3

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.3

  • [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608
Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.3 / 2024-09-05

  • [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608
Commits
  • ef2f87e Merge pull request #1620 from prometheus/arthursens/prepare-1.20.3
  • 937ac63 Add changelog entry for 1.20.3
  • 6e9914d Merge pull request #1608 from krajorama/index-out-of-range-native-histogram-e...
  • d6b8c89 Update comments with more explanations
  • 504566f Use simplified solution from #1609 for the data race
  • dc8e9a4 fix: native histogram: Simplify and fix addExemplar
  • dc819ce Use a trivial solution to #1605
  • e061dfa native histogram: use exemplars in concurrency test
  • See full diff in compare view

Updates github.com/rs/cors from 1.11.0 to 1.11.1

Commits
  • a814d79 Re-add support for multiple Access-Control-Request-Headers field (fixes #184)...
  • 1562b17 Removed redundant log nil checks (#178)
  • 3d336ea Update all dependencies to latest in examples (#175)
  • 85fc0ca Make Gin wrapper's status configurable and use 204 as default (fixes #145) (#...
  • See full diff in compare view

Updates github.com/sigstore/sigstore from 1.8.8 to 1.8.9

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.9

What's Changed

Full Changelog: sigstore/sigstore@v1.8.8...v1.8.9

Commits
  • 4c750b7 oauthflow: Add SubjectFromUnverifiedToken (#1826)
  • b27128f build(deps): Bump the all group in /test/e2e with 2 updates (#1824)
  • 65aaa14 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)
  • 21ad778 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)
  • ebbebbf build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)
  • 615304f build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)
  • 6fb1d8b build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)
  • 075e85c build(deps): Bump actions/upload-artifact in the all group (#1825)
  • 0ca1da6 build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)
  • 26aae9d build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.8 to 1.8.9

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.

v1.8.9

What's Changed

Full Changelog: sigstore/sigstore@v1.8.8...v1.8.9

Commits
  • 4c750b7 oauthflow: Add SubjectFromUnverifiedToken (#1826)
  • b27128f build(deps): Bump the all group in /test/e2e with 2 updates (#1824)
  • 65aaa14 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)
  • 21ad778 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)
  • ebbebbf build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)
  • 615304f build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)
  • 6fb1d8b build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)
  • 075e85c build(deps): Bump actions/upload-artifact in the all group (#1825)
  • 0ca1da6 build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)
  • 26aae9d build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/azure from 1.8.8 to 1.8.9

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.

v1.8.9

What's Changed

Full Changelog: sigstore/sigstore@v1.8.8...v1.8.9

Commits
  • 4c750b7 oauthflow: Add SubjectFromUnverifiedToken (#1826)
  • b27128f build(deps): Bump the all group in /test/e2e with 2 updates (#1824)
  • 65aaa14 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)
  • 21ad778 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)
  • ebbebbf build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)
  • 615304f build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)
  • 6fb1d8b build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)
  • 075e85c build(deps): Bump actions/upload-artifact in the all group (#1825)
  • 0ca1da6 build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)
  • 26aae9d build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.8 to 1.8.9

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.

v1.8.9

What's Changed

Full Changelog: sigstore/sigstore@v1.8.8...v1.8.9

Commits
  • 4c750b7 oauthflow: Add SubjectFromUnverifiedToken (#1826)
  • b27128f build(deps): Bump the all group in /test/e2e with 2 updates (#1824)
  • 65aaa14 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)
  • 21ad778 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)
  • ebbebbf build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)
  • 615304f build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)
  • 6fb1d8b build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)
  • 075e85c build(deps): Bump actions/upload-artifact in the all group (#1825)
  • 0ca1da6 build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)
  • 26aae9d build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)
  • Additional commits viewable in compare view

Updates github.com/sigstore/sigstore/pkg/signature/kms/hashivault from 1.8.8 to 1.8.9

Release notes

Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.

v1.8.9

What's Changed

Full Changelog: sigstore/sigstore@v1.8.8...v1.8.9

Commits
  • 4c750b7 oauthflow: Add SubjectFromUnverifiedToken (#1826)
  • b27128f build(deps): Bump the all group in /test/e2e with 2 updates (#1824)
  • 65aaa14 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1822)
  • 21ad778 build(deps): Bump github.com/jellydator/ttlcache/v3 (#1823)
  • ebbebbf build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1821)
  • 615304f build(deps): Bump github.com/jellydator/ttlcache/v3 (#1820)
  • 6fb1d8b build(deps): Bump github.com/jellydator/ttlcache/v3 (#1819)
  • 075e85c build(deps): Bump actions/upload-artifact in the all group (#1825)
  • 0ca1da6 build(deps): Bump the gomod group across 4 directories with 3 updates (#1818)
  • 26aae9d build(deps): Bump cloud.google.com/go/kms in /pkg/signature/kms/gcp (#1817)
  • Additional commits viewable in compare view

Updates go.step.sm/crypto from 0.51.1 to 0.51.2

Commits
  • 32782fa Merge pull request #582 from smallstep/josh/fix-extra-capi-context-free
  • d2a8233 Remove extraneous 'CertFreeCertificateContext' in capi.
  • 1894555 Merge pull request #574 from smallstep/dependabot/go_modules/cloud.google.com...
  • 678449b Bump cloud.google.com/go/kms from 1.18.5 to 1.19.0
  • 3d5f81b Merge pull request #577 from smallstep/dependabot/go_modules/google.golang.or...
  • 4551acc Merge pull request #578 from smallstep/dependabot/go_modules/github.com/aws/a...
  • 2fe8ad3 Bump github.com/aws/aws-sdk-go-v2/config from 1.27.28 to 1.27.31
  • 322d601 Merge pull request #576 from smallstep/dependabot/go_modules/github.com/aws/a...
  • 86666dd Bump google.golang.org/api from 0.192.0 to 0.194.0
  • 1b656a4 Bump github.com/aws/aws-sdk-go-v2/service/kms from 1.35.4 to 1.35.5
  • Additional commits viewable in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20240822170219-fc7c04adadcd

Commits

Updates google.golang.org/grpc from 1.65.0 to 1.66.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.66.0

New Features

  • metadata: stabilize ValueFromIncomingContext (#7368)
  • client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
  • xds: Implement ADS flow control mechanism (#7458)
  • balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
  • xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

  • grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)
  • transport: Fix a bug which could result in writes busy looping when the underlying conn.Write returns errors (#7394)
  • client: fix race that could lead to orphaned connections and associated resources. (#7390)
  • xds: use locality from the connected address for load reporting with pick_first (#7378)
    • without this fix, if a priority contains multiple localities with pick_first, load was reported for the wrong locality
  • client: prevent hanging during ClientConn.Close() when the network is unreachable (#7540)

Performance Improvements

  • transport: double buffering is avoided when using an http connect proxy and the target server waits for client to send the first message. (#7424)
  • codec: Implement a new Codec which uses buffer recycling for encoded message (#7356)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all group across 1 directory with 11 updates
05374ca 
Bumps the all group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk) | `0.1.23` | `0.1.24` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.20.2` | `1.20.3` |
| [github.com/rs/cors](https://github.com/rs/cors) | `1.11.0` | `1.11.1` |
| [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` |
| [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` |
| [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` |
| [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` |
| [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.8.8` | `1.8.9` |
| [go.step.sm/crypto](https://github.com/smallstep/crypto) | `0.51.1` | `0.51.2` |



Updates `chainguard.dev/sdk` from 0.1.23 to 0.1.24
- [Release notes](https://github.com/chainguard-dev/sdk/releases)
- [Commits](chainguard-dev/sdk@v0.1.23...v0.1.24)

Updates `github.com/prometheus/client_golang` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/v1.20.3/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.20.2...v1.20.3)

Updates `github.com/rs/cors` from 1.11.0 to 1.11.1
- [Commits](rs/cors@v1.11.0...v1.11.1)

Updates `github.com/sigstore/sigstore` from 1.8.8 to 1.8.9
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.8...v1.8.9)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.8.8 to 1.8.9
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.8...v1.8.9)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.8.8 to 1.8.9
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.8...v1.8.9)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.8.8 to 1.8.9
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.8...v1.8.9)

Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.8.8 to 1.8.9
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.8...v1.8.9)

Updates `go.step.sm/crypto` from 0.51.1 to 0.51.2
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](smallstep/crypto@v0.51.1...v0.51.2)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20240822170219-fc7c04adadcd
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.65.0 to 1.66.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.65.0...v1.66.0)

---
updated-dependencies:
- dependency-name: chainguard.dev/sdk
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: go.step.sm/crypto
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 9, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 10, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 10, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/all-bd0293c084 branch September 10, 2024 19:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants