Skip to content

chore(deps): update go dependencies (backplane-2.8) #691

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): update go dependencies (backplane-2.8) #691

wants to merge 1 commit into from

Conversation

red-hat-konflux[bot]
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented May 18, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
dario.cat/mergo indirect patch v1.0.1 -> v1.0.2
github.com/Masterminds/semver/v3 indirect patch v3.3.0 -> v3.3.1
github.com/emicklei/go-restful/v3 indirect patch v3.12.1 -> v3.12.2
github.com/evanphx/json-patch indirect patch v5.9.0+incompatible -> v5.9.11+incompatible
github.com/evanphx/json-patch/v5 indirect patch v5.9.0 -> v5.9.11
github.com/fxamacker/cbor/v2 indirect minor v2.7.0 -> v2.8.0
github.com/getkin/kin-openapi indirect minor v0.128.0 -> v0.132.0
github.com/go-openapi/errors indirect patch v0.22.0 -> v0.22.1
github.com/go-openapi/jsonpointer indirect patch v0.21.0 -> v0.21.1
github.com/go-openapi/swag indirect patch v0.23.0 -> v0.23.1
github.com/golang/glog indirect patch v1.2.4 -> v1.2.5
github.com/google/gnostic-models indirect patch v0.6.9-0.20230804172637-c7be7c783f49 -> v0.6.9
github.com/google/pprof indirect digest a4b03ec -> c008609
github.com/gorilla/css indirect patch v1.0.0 -> v1.0.1
github.com/itchyny/gojq indirect patch v0.12.7 -> v0.12.17
github.com/itchyny/timefmt-go indirect patch v0.1.3 -> v0.1.6
github.com/jackc/pgservicefile indirect digest 091c0ba -> 5a60cdf
github.com/jackc/pgtype indirect patch v1.14.0 -> v1.14.4
github.com/jackc/pgx/v4 indirect patch v4.18.2 -> v4.18.3
github.com/jinzhu/now indirect patch v1.1.4 -> v1.1.5
github.com/mailru/easyjson indirect minor v0.7.7 -> v0.9.0
github.com/microcosm-cc/bluemonday indirect patch v1.0.25 -> v1.0.27
github.com/prometheus/client_golang indirect minor v1.19.1 -> v1.22.0
github.com/prometheus/client_model indirect patch v0.6.1 -> v0.6.2
github.com/prometheus/common indirect minor v0.55.0 -> v0.64.0
github.com/prometheus/procfs indirect minor v0.15.1 -> v0.16.1
github.com/samber/lo indirect minor v1.47.0 -> v1.50.0
github.com/spf13/cast indirect minor v1.7.0 -> v1.8.0
github.com/spf13/cobra indirect minor v1.8.1 -> v1.9.1
go.mongodb.org/mongo-driver indirect minor v1.14.0 -> v1.17.3
go.opentelemetry.io/otel indirect minor v1.28.0 -> v1.36.0
go.opentelemetry.io/otel/trace indirect minor v1.28.0 -> v1.36.0
golang.org/x/crypto indirect minor v0.36.0 -> v0.38.0
golang.org/x/exp indirect digest 8a7402a -> ce4c2cf
golang.org/x/net indirect minor v0.33.0 -> v0.40.0
golang.org/x/oauth2 indirect minor v0.28.0 -> v0.30.0
golang.org/x/sys indirect minor v0.31.0 -> v0.33.0
golang.org/x/term indirect minor v0.30.0 -> v0.32.0
golang.org/x/time indirect minor v0.7.0 -> v0.11.0
golang.org/x/tools indirect minor v0.26.0 -> v0.33.0
gomodules.xyz/jsonpatch/v2 indirect minor v2.4.0 -> v2.5.0
google.golang.org/protobuf indirect minor v1.35.1 -> v1.36.6
gorm.io/gorm indirect minor v1.24.5 -> v1.26.1
k8s.io/kube-aggregator indirect minor v0.29.0 -> v0.33.1
k8s.io/kube-openapi indirect digest 32ad38e -> c8a335a
sigs.k8s.io/json indirect digest 9aa6b5e -> cfa47c3
sigs.k8s.io/structured-merge-diff/v4 indirect minor v4.4.2 -> v4.7.0

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

imdario/mergo (dario.cat/mergo)

v1.0.2

Compare Source

What's Changed

  • Drops gopkg.in/yaml.v3, only used for loading fixtures. Thanks @​trim21 for bringing to my attention (#​262) that this library is no longer maintained.

Full Changelog: darccio/mergo@v1.0.1...v1.0.2

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.3.1

Compare Source

What's Changed

Full Changelog: Masterminds/semver@v3.3.0...v3.3.1

emicklei/go-restful (github.com/emicklei/go-restful/v3)

v3.12.2

Compare Source

  • allow empty payloads in post,put,patch, issue #​580 ( thanks @​liggitt, Jordan Liggitt)
evanphx/json-patch (github.com/evanphx/json-patch)

v5.9.11+incompatible

Compare Source

v5.9.10+incompatible

Compare Source

fxamacker/cbor (github.com/fxamacker/cbor/v2)

v2.8.0

Compare Source

v2.8.0 adds omitzero struct tag option, fixes and deprecates 3 functions, and bumps requirements to go 1.20+.

Many thanks to @​liggitt for contributing the omitzero support!

The "omitzero" option omits zero values from encoding, matching stdlib encoding/json behavior.
When specified in the cbor tag, the option is always honored.
When specified in the json tag, the option is honored when building with Go 1.24+.

This release fixes 3 functions (when called directly by user apps) to use same error handling on bad input as cbor.Unmarshal():

  • RawTag.UnmarshalCBOR() (thanks @​thomas-fossati for reporting this!)
  • ByteString.UnmarshalCBOR()
  • SimpleValue.UnmarshalCBOR()

This release also deprecates those 3 functions because they were initially created for internal use. Please use Unmarshal() or UnmarshalFirst() instead.

To preserve backward compatibility, the deprecated functions were added to fuzz tests and will not be removed in v2.x.

What's Changed

Other Changes
🔍 Details

New Contributors

Full Changelog: fxamacker/cbor@v2.7.0...v2.8.0

v2.7.1

Compare Source

v2.7.1 fixes 3 functions (when called directly by user apps) to use same error handling on bad inputs as cbor.Unmarshal():

  • ByteString.UnmarshalCBOR()
  • RawTag.UnmarshalCBOR()
  • SimpleValue.UnmarshalCBOR()

The above 3 fixed functions are deprecated because they were initially created for internal use. Please use Unmarshal() or UnmarshalFirst() instead.

To preserve backward compatibility, the deprecated functions were added to fuzz tests and will not be removed in v2.x.

Before Upgrading to v2.7.1

v2.8.0 is being fuzz tested and will be released later today. It adds support for omitzero struct tag option.

v2.7.1 is the last version to support go 1.17-1.19. v2.8.0 and newer releases will require go 1.20+.

What's Changed

Special Thanks

Thanks @​thomas-fossati for reporting the bug in RawTag.UnmarshalCBOR() when it is called directly by user apps providing bad input data!

Full Changelog: fxamacker/cbor@v2.7.0...v2.7.1

getkin/kin-openapi (github.com/getkin/kin-openapi)

v0.132.0

Compare Source

What's Changed

New Contributors

Full Changelog: getkin/kin-openapi@v0.131.0...v0.132.0

v0.131.0

Compare Source

What's Changed

Full Changelog: getkin/kin-openapi@v0.130.0...v0.131.0

v0.130.0

Compare Source

What's Changed

New Contributors

Full Changelog: getkin/kin-openapi@v0.129.0...v0.130.0

v0.129.0

Compare Source

What's Changed

New Contributors

Full Changelog: getkin/kin-openapi@v0.128.0...v0.129.0

go-openapi/errors (github.com/go-openapi/errors)

v0.22.1

Compare Source

go-openapi/jsonpointer (github.com/go-openapi/jsonpointer)

v0.21.1

Compare Source

go-openapi/swag (github.com/go-openapi/swag)

v0.23.1

Compare Source

golang/glog (github.com/golang/glog)

v1.2.5

Compare Source

What's Changed

Full Changelog: golang/glog@v1.2.4...v1.2.5

google/gnostic-models (github.com/google/gnostic-models)

v0.6.9

Compare Source

gorilla/css (github.com/gorilla/css)

v1.0.1

Compare Source

What's Changed

New Contributors

Full Changelog: gorilla/css@v1.0.0...v1.0.1

itchyny/gojq (github.com/itchyny/gojq)

v0.12.17

Compare Source

  • implement add/1, skip/2 functions
  • implement --library-path option as the alias of -L option
  • fix reduce syntax to emit results for each initial value
  • fix last/1 to yield no values when the argument yields no values
  • fix limit/2 to emit an error on negative count
  • fix @uri and @urid formats not to convert space between plus sign
  • fix resolving search paths of import statements in the query
  • improve time functions to accept fewer element arrays

v0.12.16

Compare Source

  • fix offset of query parsing error on multi-byte characters
  • fix tests of exp10 and atan2 failing on some platforms
  • fix debug/1 to be available only when debug/0 is defined
  • improve parser to allow binary operators as object values
  • improve compiler to emit error if query is missing

v0.12.15

Compare Source

  • implement ltrim, rtrim, and trim functions
  • implement gojq.ParseError for getting the offset and token of query parsing error
  • implement gojq.HaltError for detecting halt errors and stopping outer iteration
  • fix object construction with duplicate keys ({x:0,y:1} | {a:.x,a:.y})
  • fix halt and halt_error functions to stop the command execution immediately
  • fix variable scope of binding syntax ("a" as $v | def f: $v; "b" as $v | f)
  • fix pre-defined variables to be available in initial modules ($ARGS in ~/.jq)
  • fix ltrimstr and rtrimstr functions to emit error on non-string input
  • fix nearbyint and rint functions to round ties to even
  • improve parser to allow reduce, foreach, if, try-catch syntax as object values
  • remove pow10 in favor of exp10, define scalbn and scalbln by ldexp

v0.12.14

Compare Source

  • implement abs, pick, and debug/1 functions
  • implement --raw-output0 option, and remove --nul-output (-0) option
  • fix string multiplication by zero to emit an empty string
  • fix zero divided by zero to emit an error, not nan
  • fix modulo operator to emit nan if either side is nan
  • fix implode function to emit replacement characters on invalid code points
  • fix stderr function to output strings in raw format
  • fix error function to throw an error even for null
  • fix walk function on multiple outputs arguments
  • fix --from-file option to work with --args and --jsonargs options
  • fix the default module search path ../lib relative to the executable
  • improve query parser to support comment continuation with backslash
  • improve modulemeta function to include defined function names in the module
  • improve search path of import and include directives to support $ORIGIN expansion
  • remove deprecated leaf_paths function

v0.12.13

Compare Source

  • implement @urid format string to decode URI values
  • fix functions returning arrays not to emit nil slices (flatten, group_by,
    unique, unique_by, nth, indices, path, and modulemeta.deps)

v0.12.12

Compare Source

  • fix assignment operator (=) with overlapping paths and multiple values ([[]] | .. = ..)
  • fix crash on multiplying large numbers to an empty string (9223372036854775807 * "")
  • improve zsh completion file

v0.12.11

Compare Source

  • fix crash on assignment operator (=) with multiple values (. = (0,0))
  • fix isnormal and normals functions against subnormal numbers

v0.12.10

Compare Source

  • fix break in try-catch query (label $x | try break $x catch .)
  • fix path value validation for getpath function (path(getpath([[0]][0])))
  • fix path value validation for custom iterator functions
  • fix walk function with argument emitting multiple values ([1],{x:1} | walk(.,0))
  • fix @csv, @tsv, @sh to escape the null character (["\u0000"] | @​csv,@​tsv,@​sh)
  • improve performance of assignment operator (=), update-assignment operator (|=),
    map_values, del, delpaths, walk, ascii_downcase, and ascii_upcase functions

v0.12.9

Compare Source

  • fix fromjson to emit error on unexpected trailing string
  • fix path analyzer on variable argument evaluation (def f($x): .y; path(f(.x)))
  • fix raw input option --raw-input (-R) to keep carriage returns and support 64KiB+ lines

v0.12.8

Compare Source

  • implement gojq.Compare for comparing values in custom internal functions
  • implement gojq.TypeOf for obtaining type name of values in custom internal functions
  • implement gojq.Preview for previewing values for error messages of custom internal functions
  • fix query lexer to parse string literals as JSON to support surrogate pairs ("\ud83d\ude04")
  • fix priority bug of declared and builtin functions (def empty: .; null | select(.))
  • fix string indexing by index out of bounds to emit null ("abc" | .[3])
  • fix array binding pattern not to match against strings ("abc" as [$a] ?// $a | $a)
  • fix sub and gsub functions to emit results in the same order of jq
  • fix fromjson to keep integer precision ("10000000000000000" | fromjson + 1)
  • fix stream option to raise error against incomplete JSON input
  • improve array updating index and string repetition to increase limitations
  • improve mktime to support nanoseconds, just like gmtime and now
  • improve query lexer to report unterminated string literals
  • improve performance of string indexing and slicing by reducing allocations
  • improve performance of object and array indexing, slicing, and iteration,
    by validating path values by comparing data addresses. This change improves jq
    compatibility of path value validation ({} | {}.x = 0, [0] | [.[]][] = 1).
    Also optimize constant indexing and slicing by specialized instruction
  • improve performance of add (on array of strings), flatten, min, max,
    sort, unique, join, to_entries, from_entries, indices, index,
    rindex, startswith, endswith, ltrimstr, rtrimstr, explode,
    capture, sub, and gsub functions
itchyny/timefmt-go (github.com/itchyny/timefmt-go)

v0.1.6

Compare Source

  • support parsing week directives (%A, %a, %w, %u, %V, %U, %W)
  • validate range of values on parsing directives
  • fix formatting %l to show 12 at midnight

v0.1.5

Compare Source

  • support parsing time zone offset with name using both %z and %Z

v0.1.4

Compare Source

  • improve documents
  • drop support for Go 1.16
jackc/pgtype (github.com/jackc/pgtype)

v1.14.4

Compare Source

v1.14.3

Compare Source

v1.14.2

Compare Source

v1.14.1

Compare Source

jackc/pgx (github.com/jackc/pgx/v4)

v4.18.3

Compare Source

jinzhu/now (github.com/jinzhu/now)

v1.1.5

Compare Source

mailru/easyjson (github.com/mailru/easyjson)

v0.9.0

Compare Source

up go version and bugfixes

v0.8.0

Compare Source

stable version before go version bump

microcosm-cc/bluemonday (github.com/microcosm-cc/bluemonday)

v1.0.27

Compare Source

v1.0.26: Update golang.org/x/net to latest and force latest version

Compare Source

Bumping version and ensuring latest golang.org/x/net as the HTTP rapid reset is triggering primitive vuln scanners, we do not implement a HTTP2 server and are not vulnerable but a minor bump can still help reduce noise for those searching for what they need to upgrade and patch.

Nothing else is in this release aside from the dependency updates and some staticcheck messages being resolved that should not modify behaviour.

prometheus/client_golang (github.com/prometheus/client_golang)

v1.22.0: - 2025-04-07

Compare Source

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #​1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header.
It was enabled by default since version 1.20, but now you need to add a blank import to enable it.
The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon,
https://github.com/golang/go/issues/62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #​1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #​1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #​1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #​1765
All Changes

New Contributors

Full Changelog: prometheus/client_golang@v1.21.1...v1.22.0-rc.0

v1.21.1: / 2025-03-04

Compare Source

This release addresses a performance regression introduced in #​1661 -- thanks to all who reported this quickly:
@​chlunde, @​dethi, @​aaronbee @​tsuna @​kakkoyun 💪🏽. This patch release also fixes the iOS build.

We will be hardening the release process even further (#​1759, #​1761) to prevent this in future, sorry for the inconvenience!

The high concurrency optimization is planned to be eventually reintroduced, however in a much safer manner, potentially in a separate API.

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented May 18, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign qiujian16 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/backplane-2.8-backplane-2.8/go-deps branch 3 times, most recently from 0913117 to a2fb3c5 Compare May 25, 2025 04:24
@red-hat-konflux
chore(deps): update go dependencies
dc3fc53 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/backplane-2.8-backplane-2.8/go-deps branch from a2fb3c5 to dc3fc53 Compare May 25, 2025 13:05
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented May 25, 2025

@red-hat-konflux[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/check dc3fc53 link true /test check
ci/prow/sonarcloud dc3fc53 link true /test sonarcloud
ci/prow/unit dc3fc53 link true /test unit
ci/prow/pr-image-mirror dc3fc53 link true /test pr-image-mirror
ci/prow/images dc3fc53 link true /test images
ci/prow/e2e dc3fc53 link true /test e2e

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@xuezhaojun xuezhaojun closed this May 28, 2025
@red-hat-konflux Red Hat Konflux
Copy link
Contributor Author

red-hat-konflux bot commented May 28, 2025
edited
Loading

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.0.2). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@red-hat-konflux red-hat-konflux bot deleted the konflux/mintmaker/backplane-2.8-backplane-2.8/go-deps branch May 28, 2025 06:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dco-signoff: yes ok-to-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@xuezhaojun