Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the github-dependencies group across 1 directory with 29 updates #1293

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 28, 2024

Bumps the github-dependencies group with 17 updates in the / directory:

Package From To
google.golang.org/grpc 1.65.0 1.67.1
google.golang.org/protobuf 1.34.2 1.35.1
github.com/onsi/ginkgo/v2 2.20.0 2.20.2
github.com/onsi/gomega 1.34.1 1.34.2
github.com/opencontainers/runc 1.1.13 1.2.0
github.com/opencontainers/selinux 1.11.0 1.11.1
go.etcd.io/etcd/api/v3 3.5.15 3.5.16
go.etcd.io/etcd/client/pkg/v3 3.5.15 3.5.16
go.etcd.io/etcd/client/v3 3.5.15 3.5.16
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.53.0 0.56.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 0.53.0 0.56.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace 1.28.0 1.31.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc 1.28.0 1.31.0
golang.org/x/mod 0.20.0 0.21.0
golang.org/x/oauth2 0.22.0 0.23.0
golang.org/x/time 0.6.0 0.7.0
golang.org/x/tools 0.24.0 0.26.0

Updates google.golang.org/grpc from 1.65.0 to 1.67.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.67.1

Bug Fixes

  • transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (#7667)
  • xds/server: Fix xDS Server memory leak. (#7681)

Release 1.67.0

Bug Fixes

  • ringhash: when used with multiple EDS priorities, fix bug that could prevent a higher priority from recovering from transient failure. (#7364)

Behavior Changes

  • In accordance with RFC 7540, clients and servers will now reject TLS connections that don't support ALPN. This can be disabled by setting the environment variable GRPC_ENFORCE_ALPN_ENABLED to false (case insensitive). Please file a bug if you encounter any issues with this behavior. The environment variable to revert this behavior will be removed in an upcoming release. (#7535)

Release 1.66.3

Bug Fixes

  • transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (#7667)
  • xds/server: Fix xDS Server memory leak. (#7681)

Release 1.66.2

Dependencies

  • Remove unintentional dependency on the testing package (#7579)
  • Remove unintentional dependency on the flate package (#7595)

Bug Fixes

  • client: fix a bug that prevented memory reuse after handling unary RPCs (#7571)

Release 1.66.0

New Features

  • metadata: stabilize ValueFromIncomingContext (#7368)
  • client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
  • xds: Implement ADS flow control mechanism (#7458)
  • balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
  • xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

  • grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Updates github.com/onsi/ginkgo/v2 from 2.20.0 to 2.20.2

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.20.2

2.20.2

Require Go 1.22+

Maintenance

  • bump go to v1.22 [a671816]

v2.20.1

2.20.1

Fixes

  • make BeSpecEvent duration matcher more forgiving [d6f9640]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.20.2

Require Go 1.22+

Maintenance

  • bump go to v1.22 [a671816]

2.20.1

Fixes

  • make BeSpecEvent duration matcher more forgiving [d6f9640]
Commits

Updates github.com/onsi/gomega from 1.34.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Commits

Updates github.com/google/pprof from 0.0.0-20240727154555-813a5fbdbec8 to 0.0.0-20240827171923-fa2c70bbbfe5

Commits

Updates github.com/opencontainers/runc from 1.1.13 to 1.2.0

Release notes

Sourced from github.com/opencontainers/runc's releases.

runc v1.2.0 -- "できるときにできることをやるんだ。それが今だ。"

This is the long-awaited release of runc 1.2.0! The primary changes from rc3 are general improvements and fixes for minor regressions related to the new /proc/self/exe cloning logic in runc 1.2, follow-on patches related to CVE-2024-45310, as well as some other minor changes.

  • In order to alleviate the remaining concerns around the memory usage and (arguably somewhat unimportant, but measurable) performance overhead of memfds for cloning /proc/self/exe, we have added a new protection using overlayfs that is used if you have enough privileges and the running kernel supports it. It has effectively no performance nor memory overhead (compared to no cloning at all). (#4448)
  • The original fix for CVE-2024-45310 was intentionally very limited in scope to make it easier to review, however it also did not handle all possible os.MkdirAll cases and thus could lead to regressions. We have switched to the more complete implementation in the newer versions of github.com/cyphar/filepath-securejoin. (#4393, #4400, #4421, #4430)
  • In certain situations (a system with lots of mounts or racing mounts) we could accidentally end up leaking mounts from the container into the host. This has been fixed. (#4417)
  • The fallback logic for O_TMPFILE clones of /proc/self/exe had a minor bug that would cause us to miss non-noexec directories and thus fail to start containers on some systems. (#4444)
  • Sometimes the cloned /proc/self/exe file descriptor could be placed in a way that it would get clobbered by the Go runtime. We had a fix for this already but it turns out it could still break in rare circumstances, but it has now been fixed. (#4294, #4452)
  • It is not possible for runc kill to work properly in some specific configurations (such as rootless containers with no cgroups and a shared pid namespace). We now output a warning for such configurations. (#4398)
  • memfd-bind: update the documentation and make path handling with the systemd unit more idiomatic. (#4428)
  • We now use v0.16 of Cilium's eBPF library, including fixes that quite a few downstreams asked for. (#4397, #4396)
  • Some internal runc init synchronisation that was no longer necessary (due to the /proc/self/exe cloning move to Go) was removed. (#4441)

Static Linking Notices

The runc binary distributed with this release are statically linked with the following GNU LGPL-2.1 licensed libraries, with runc acting as a "work that uses the Library":

The versions of these libraries were not modified from their upstream versions, but in order to comply with the LGPL-2.1 (§6(a)), we have attached the

... (truncated)

Changelog

Sourced from github.com/opencontainers/runc's changelog.

[1.2.0] - 2024-10-22

できるときにできることをやるんだ。それが今だ。

Added

  • In order to alleviate the remaining concerns around the memory usage and (arguably somewhat unimportant, but measurable) performance overhead of memfds for cloning /proc/self/exe, we have added a new protection using overlayfs that is used if you have enough privileges and the running kernel supports it. It has effectively no performance nor memory overhead (compared to no cloning at all). (#4448)

Fixed

  • The original fix for CVE-2024-45310 was intentionally very limited in scope to make it easier to review, however it also did not handle all possible os.MkdirAll cases and thus could lead to regressions. We have switched to the more complete implementation in the newer versions of github.com/cyphar/filepath-securejoin. (#4393, #4400, #4421, #4430)
  • In certain situations (a system with lots of mounts or racing mounts) we could accidentally end up leaking mounts from the container into the host. This has been fixed. (#4417)
  • The fallback logic for O_TMPFILE clones of /proc/self/exe had a minor bug that would cause us to miss non-noexec directories and thus fail to start containers on some systems. (#4444)
  • Sometimes the cloned /proc/self/exe file descriptor could be placed in a way that it would get clobbered by the Go runtime. We had a fix for this already but it turns out it could still break in rare circumstances, but it has now been fixed. (#4294, #4452)

Changed

  • It is not possible for runc kill to work properly in some specific configurations (such as rootless containers with no cgroups and a shared pid namespace). We now output a warning for such configurations. (#4398)
  • memfd-bind: update the documentation and make path handling with the systemd unit more idiomatic. (#4428)
  • We now use v0.16 of Cilium's eBPF library, including fixes that quite a few downstreams asked for. (#4397, #4396)
  • Some internal runc init synchronisation that was no longer necessary (due to the /proc/self/exe cloning move to Go) was removed. (#4441)

[1.2.0-rc.3] - 2024-09-02

The supreme happiness of life is the conviction that we are loved.

Security

  • Fix CVE-2024-45310, a low-severity attack that allowed maliciously configured containers to create empty files and directories on

... (truncated)

Commits
  • 0b9fa21 VERSION: release v1.2.0
  • 5190d61 Merge pull request #4452 from lifubang/fix-fd-reuse-race
  • ca45a2c merge #4446 into opencontainers/runc:main
  • 568231c Revert "increase memory.max in cgroups.bats"
  • e669926 fix an error caused by fd reuse race when starting runc init
  • ca8ca3c Merge pull request #4448 from cyphar/cloned-binary-overlayfs
  • 08faf15 Merge pull request #4429 from kolyshkin/cap-load
  • 515f09f dmz: use overlayfs to write-protect /proc/self/exe if possible
  • 8cfbccb tests: integration: add helper to check if we're in a userns
  • 8bebdba Merge pull request #4456 from kolyshkin/misc-ci-cleanups
  • Additional commits viewable in compare view

Updates github.com/opencontainers/selinux from 1.11.0 to 1.11.1

Release notes

Sourced from github.com/opencontainers/selinux's releases.

v1.11.1

What's Changed

New Contributors

Full Changelog: opencontainers/selinux@v1.11.0...v1.11.1

Commits
  • 44b3337 Merge pull request #216 from rhatdan/main
  • 5bdefc7 Show SELinux label on failure
  • bb1ec25 Merge pull request #213 from opencontainers/dependabot/github_actions/golangc...
  • 13c8f76 build(deps): bump golangci/golangci-lint-action from 4 to 6
  • 9dee859 Merge pull request #211 from opencontainers/dependabot/github_actions/tim-act...
  • 5f5e8c2 build(deps): bump tim-actions/get-pr-commits from 1.3.0 to 1.3.1
  • a11dd36 Merge pull request #210 from kolyshkin/add-dep
  • 2d0d092 Add dependabot config
  • 7535250 Merge pull request #208 from austinvazquez/update-github-actions-packages
  • 76d8f98 Merge pull request #209 from austinvazquez/update-go-matrix-in-ci
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/api/v3 from 3.5.15 to 3.5.16

Release notes

Sourced from go.etcd.io/etcd/api/v3's releases.

v3.5.16

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
</tr></table>

... (truncated)

Commits
  • f20bbad version: bump up to 3.5.16
  • 656336e Merge pull request #18570 from lucasrod16/18538-backport-3.5
  • 64a19e4 Backport TestLessorRenewExtendPileup race condition fix for release-3.5
  • 9293b83 Merge pull request #18550 from ivanvc/release-3.5-update-go-to-1.22.7
  • f29ddb8 Bump go toolchain to 1.22.7
  • 1d4372a Merge pull request #18514 from JalinWang/backport/release-3.5
  • 82994d1 Merge pull request #18517 from serathius/kubernetes-3.5
  • 0263597 Introduce compaction sleep interval flag
  • 03ba270 Fix passing default grpc call options in Kubernetes client
  • f739ef4 Merge pull request #18489 from akshaym-3255/bboltbump3.5_1.3.11
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/pkg/v3 from 3.5.15 to 3.5.16

Release notes

Sourced from go.etcd.io/etcd/client/pkg/v3's releases.

v3.5.16

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
</tr></table>

... (truncated)

Commits
  • f20bbad version: bump up to 3.5.16
  • 656336e Merge pull request #18570 from lucasrod16/18538-backport-3.5
  • 64a19e4 Backport TestLessorRenewExtendPileup race condition fix for release-3.5
  • 9293b83 Merge pull request #18550 from ivanvc/release-3.5-update-go-to-1.22.7
  • f29ddb8 Bump go toolchain to 1.22.7
  • 1d4372a Merge pull request #18514 from JalinWang/backport/release-3.5
  • 82994d1 Merge pull request #18517 from serathius/kubernetes-3.5
  • 0263597 Introduce compaction sleep interval flag
  • 03ba270 Fix passing default grpc call options in Kubernetes client
  • f739ef4 Merge pull request #18489 from akshaym-3255/bboltbump3.5_1.3.11
  • Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/v3 from 3.5.15 to 3.5.16

Release notes

Sourced from go.etcd.io/etcd/client/v3's releases.

v3.5.16

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.5.16
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
</tr></table>

... (truncated)

Commits
  • f20bbad version: bump up to 3.5.16
  • 656336e Merge pull request #18570 from lucasrod16/18538-backport-3.5
  • 64a19e4 Backport TestLessorRenewExtendPileup race condition fix for release-3.5
  • 9293b83 Merge pull request #18550 from ivanvc/release-3.5-update-go-to-1.22.7
  • f29ddb8 Bump go toolchain to 1.22.7
  • 1d4372a Merge pull request #18514 from JalinWang/backport/release-3.5
  • 82994d1 Merge pull request #18517 from serathius/kubernetes-3.5
  • 0263597 Introduce compaction sleep interval flag
  • 03ba270 Fix passing default grpc call options in Kubernetes client
  • f739ef4 Merge pull request #18489 from akshaym-3255/bboltbump3.5_1.3.11
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.53.0 to 0.56.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's releases.

Release v1.31.0/v0.56.0/v0.25.0/v0.11.0/v0.6.0/v0.4.0/v0.3.0

Overview

Added

  • The Severitier and SeverityVar types are added to go.opentelemetry.io/contrib/processors/minsev allowing dynamic configuration of the severity used by the LogProcessor. (#6116)
  • Move examples from go.opentelemetry.io/otel to this repository under examples directory. (#6158)
  • Support yaml/json struct tags for generated code in go.opentelemetry.io/contrib/config. (#5433)
  • Add support for parsing YAML configuration via ParseYAML in go.opentelemetry.io/contrib/config. (#5433)
  • Add support for temporality preference configuration in go.opentelemetry.io/contrib/config. (#5860)

Changed

  • The function signature of NewLogProcessor in go.opentelemetry.io/contrib/processors/minsev has changed to accept the added Severitier interface instead of a log.Severity. (#6116)
  • Updated go.opentelemetry.io/contrib/config to use the v0.3.0 release of schema which includes backwards incompatible changes. (#6126)
  • NewSDK in go.opentelemetry.io/contrib/config now returns a no-op SDK if disabled is set to true. (#6185)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho package has found a Code Owner. The package is no longer deprecated. (#6207)

Fixed

  • Possible nil dereference panic in go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace. (#5965)
  • logrus.Level transformed to appropriate log.Severity in go.opentelemetry.io/contrib/bridges/otellogrus. (#6191)

Removed

  • The Minimum field of the LogProcessor in go.opentelemetry.io/contrib/processors/minsev is removed. Use NewLogProcessor to configure this setting. (#6116)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron package is removed. (#6186)
  • The deprecated go.opentelemetry.io/contrib/samplers/aws/xray package is removed. (#6187)

What's Changed

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's changelog.

[1.31.0/0.56.0/0.25.0/0.11.0/0.6.0/0.4.0/0.3.0] - 2024-10-14

Added

  • The Severitier and SeverityVar types are added to go.opentelemetry.io/contrib/processors/minsev allowing dynamic configuration of the severity used by the LogProcessor. (#6116)
  • Move examples from go.opentelemetry.io/otel to this repository under examples directory. (#6158)
  • Support yaml/json struct tags for generated code in go.opentelemetry.io/contrib/config. (#5433)
  • Add support for parsing YAML configuration via ParseYAML in go.opentelemetry.io/contrib/config. (#5433)
  • Add support for temporality preference configuration in go.opentelemetry.io/contrib/config. (#5860)

Changed

  • The function signature of NewLogProcessor in go.opentelemetry.io/contrib/processors/minsev has changed to accept the added Severitier interface instead of a log.Severity. (#6116)
  • Updated go.opentelemetry.io/contrib/config to use the v0.3.0 release of schema which includes backwards incompatible changes. (#6126)
  • NewSDK in go.opentelemetry.io/contrib/config now returns a no-op SDK if disabled is set to true. (#6185)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho package has found a Code Owner. The package is no longer deprecated. (#6207)

Fixed

  • Possible nil dereference panic in go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace. (#5965)
  • logrus.Level transformed to appropriate log.Severity in go.opentelemetry.io/contrib/bridges/otellogrus. (#6191)

Removed

  • The Minimum field of the LogProcessor in go.opentelemetry.io/contrib/processors/minsev is removed. Use NewLogProcessor to configure this setting. (#6116)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron package is removed. (#6186)
  • The deprecated go.opentelemetry.io/contrib/samplers/aws/xray package is removed. (#6187)

[1.30.0/0.55.0/0.24.0/0.10.0/0.5.0/0.3.0/0.2.0] - 2024-09-10

Added

  • Add NewProducer to go.opentelemetry.io/contrib/instrumentation/runtime, which allows collecting the go.schedule.duration histogram metric from the Go runtime. (#5991)
  • Add gRPC protocol support for OTLP log exporter in go.opentelemetry.io/contrib/exporters/autoexport. (#6083)

Removed

Fixed

  • Superfluous call to WriteHeader when flushing after setting a status code in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#6074)
  • Superfluous call to WriteHeader when writing the response body after setting a status code in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#6055)

[1.29.0/0.54.0/0.23.0/0.9.0/0.4.0/0.2.0/0.1.0] - 2024-08-23

This release is the last to support [Go 1.21]. The next release will require at least [Go 1.22].

... (truncated)

Commits
  • 9cf5701 Release v1.31.0/v0.56.0/v0.25.0/v0.11.0/v0.6.0/v0.4.0/v0.3.0 (#6243)
  • d6305c0 chore(deps): update module github.com/klauspost/compress to v1.17.11 (#6232)
  • 09cbf41 fix(deps): update module github.com/aws/aws-sdk-go-v2/service/s3 to v1.65.3 (...
  • c3c8538 Update otel core to the latest release (#6233)
  • 79bb705 otelecho: Add Code Owner and remove deprecation (#6207)
  • 45ba204 config: support v0.3 of the config schema (#6126)
  • 20e45af Revert "chore(deps): update lycheeverse/lychee-action action to v2" (#6229)
  • 5322670 Remove otelmacaron (#6186)
  • 87d0229 feat(instrumentation/http/otelhttp): move client metrics creation into intern...
  • 900fc4b Run the test compatibility check even if tests failed (#6224)
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.53.0 to 0.56.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.

Release v1.31.0/v0.56.0/v0.25.0/v0.11.0/v0.6.0/v0.4.0/v0.3.0

Overview

Added

  • The Severitier and SeverityVar types are added to go.opentelemetry.io/contrib/processors/minsev allowing dynamic configuration of the severity used by the LogProcessor. (

…th 29 updates

Bumps the github-dependencies group with 17 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.65.0` | `1.67.1` |
| google.golang.org/protobuf | `1.34.2` | `1.35.1` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.20.0` | `2.20.2` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.34.1` | `1.34.2` |
| [github.com/opencontainers/runc](https://github.com/opencontainers/runc) | `1.1.13` | `1.2.0` |
| [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) | `1.11.0` | `1.11.1` |
| [go.etcd.io/etcd/api/v3](https://github.com/etcd-io/etcd) | `3.5.15` | `3.5.16` |
| [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) | `3.5.15` | `3.5.16` |
| [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) | `3.5.15` | `3.5.16` |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.53.0` | `0.56.0` |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.53.0` | `0.56.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.28.0` | `1.31.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.28.0` | `1.31.0` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.20.0` | `0.21.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.22.0` | `0.23.0` |
| [golang.org/x/time](https://github.com/golang/time) | `0.6.0` | `0.7.0` |
| [golang.org/x/tools](https://github.com/golang/tools) | `0.24.0` | `0.26.0` |



Updates `google.golang.org/grpc` from 1.65.0 to 1.67.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.65.0...v1.67.1)

Updates `google.golang.org/protobuf` from 1.34.2 to 1.35.1

Updates `github.com/onsi/ginkgo/v2` from 2.20.0 to 2.20.2
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.20.0...v2.20.2)

Updates `github.com/onsi/gomega` from 1.34.1 to 1.34.2
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.34.1...v1.34.2)

Updates `github.com/google/pprof` from 0.0.0-20240727154555-813a5fbdbec8 to 0.0.0-20240827171923-fa2c70bbbfe5
- [Commits](https://github.com/google/pprof/commits)

Updates `github.com/opencontainers/runc` from 1.1.13 to 1.2.0
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/main/CHANGELOG.md)
- [Commits](opencontainers/runc@v1.1.13...v1.2.0)

Updates `github.com/opencontainers/selinux` from 1.11.0 to 1.11.1
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](opencontainers/selinux@v1.11.0...v1.11.1)

Updates `go.etcd.io/etcd/api/v3` from 3.5.15 to 3.5.16
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.15...v3.5.16)

Updates `go.etcd.io/etcd/client/pkg/v3` from 3.5.15 to 3.5.16
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.15...v3.5.16)

Updates `go.etcd.io/etcd/client/v3` from 3.5.15 to 3.5.16
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.5.15...v3.5.16)

Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.53.0 to 0.56.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.53.0...zpages/v0.56.0)

Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.53.0 to 0.56.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.53.0...zpages/v0.56.0)

Updates `go.opentelemetry.io/otel` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `go.opentelemetry.io/otel/metric` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `go.opentelemetry.io/otel/trace` from 1.28.0 to 1.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.28.0...v1.31.0)

Updates `golang.org/x/crypto` from 0.26.0 to 0.28.0
- [Commits](golang/crypto@v0.26.0...v0.28.0)

Updates `golang.org/x/mod` from 0.20.0 to 0.21.0
- [Commits](golang/mod@v0.20.0...v0.21.0)

Updates `golang.org/x/net` from 0.28.0 to 0.30.0
- [Commits](golang/net@v0.28.0...v0.30.0)

Updates `golang.org/x/oauth2` from 0.22.0 to 0.23.0
- [Commits](golang/oauth2@v0.22.0...v0.23.0)

Updates `golang.org/x/sys` from 0.23.0 to 0.26.0
- [Commits](golang/sys@v0.23.0...v0.26.0)

Updates `golang.org/x/term` from 0.23.0 to 0.25.0
- [Commits](golang/term@v0.23.0...v0.25.0)

Updates `golang.org/x/text` from 0.17.0 to 0.19.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.17.0...v0.19.0)

Updates `golang.org/x/time` from 0.6.0 to 0.7.0
- [Commits](golang/time@v0.6.0...v0.7.0)

Updates `golang.org/x/tools` from 0.24.0 to 0.26.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.24.0...v0.26.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20241007155032-5fefd90f89a9
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20241007155032-5fefd90f89a9
- [Commits](https://github.com/googleapis/go-genproto/commits)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: github.com/google/pprof
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: github.com/opencontainers/selinux
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: go.etcd.io/etcd/api/v3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: go.etcd.io/etcd/client/pkg/v3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel/metric
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/mod
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/net
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/oauth2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/sys
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/term
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/text
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/time
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: golang.org/x/tools
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: github-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added area/dependency Issues or PRs related to dependency changes ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. labels Oct 28, 2024
@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Oct 28, 2024
@k8s-ci-robot
Copy link
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign msau42 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Oct 28, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 4, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 4, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/github-dependencies-3d05054bb9 branch November 4, 2024 05:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/dependency Issues or PRs related to dependency changes cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant