Bump the all-modules group across 1 directory with 6 updates #1191

dependabot · 2024-12-12T19:31:48Z

Bumps the all-modules group with 4 updates in the /sda-download directory: github.com/dgraph-io/ristretto, github.com/lestrrat-go/jwx/v2, github.com/stretchr/testify and google.golang.org/grpc.

Updates github.com/dgraph-io/ristretto from 0.1.1 to 0.2.0

Release notes

Sourced from github.com/dgraph-io/ristretto's releases.

v0.2.0

What's Changed

*`docs(readme): Use new Wait method by @angadn in dgraph-io/ristretto#327

docs: format example on readme by @rfyiamcool in dgraph-io/ristretto#339

Fix flakes in TestDropUpdates by @evanj in dgraph-io/ristretto#334

docs(Cache): document Wait, clarify Get by @evanj in dgraph-io/ristretto#333

chore: fix typo error by @proost in dgraph-io/ristretto#341

fix: support compilation to wasip1 by @achille-roussel in dgraph-io/ristretto#344

remove glog dependency by @jhawk28 in dgraph-io/ristretto#350

add config for cleanup ticker duration by @singhvikash11 in dgraph-io/ristretto#342

fix(OnEvict): Set missing Expiration field on evicted items by @0x1ee7 in dgraph-io/ristretto#345

uint32 -> uint64 in slice methods by @mocurin in dgraph-io/ristretto#323

fix: cleanupTicker not being stopped by @IlyaFloppy in dgraph-io/ristretto#343

Full Changelog: dgraph-io/ristretto@v0.1.1...v0.2.0

Changelog

Sourced from github.com/dgraph-io/ristretto's changelog.

[v0.2.0] - 2024-10-06

Added

fix: support compilation to wasip1 by @achille-roussel

add config for cleanup ticker duration by @singhvikash11

Fixed

docs(readme): Use new Wait method by @angadn

docs: format example on readme by @rfyiamcool

Fix flakes in TestDropUpdates by @evanj

docs(Cache): document Wait, clarify Get by @evanj

chore: fix typo error by @proost

remove glog dependency by @jhawk28

fix(OnEvict): Set missing Expiration field on evicted items by @0x1ee7

uint32 -> uint64 in slice methods by @mocurin

fix: cleanupTicker not being stopped by @IlyaFloppy

Full Changelog: dgraph-io/ristretto@v0.1.1...v0.2.0

Commits

1854617 minor repo cleanup (#352)
9144662 stop cleanupTicker while closing cache (#343)
c00b352 uint32 to uint64 in slice methods (#323)
e6d62cb chore(ci): separate out coverage report workflow (#353)
f0e7027 set missing Expiration field on evicted items (#345)
e8dc5b0 add config for cleanup ticker duration (#342)
c5789d6 update golangci config and cleanup repo (#351)
bdcf5e9 remove glog dependency (#350)
3f6b44a fix: support compilation to wasip1 (#344)
c73d585 chore: fix typo error (#341)
Additional commits viewable in compare view

Updates github.com/lestrrat-go/jwx/v2 from 2.1.1 to 2.1.3

Release notes

Sourced from github.com/lestrrat-go/jwx/v2's releases.

v2.1.3

What's Changed

Remove non-applicable comment by @lestrrat in lestrrat-go/jwx#1223

Bump golang.org/x/crypto from 0.28.0 to 0.29.0 by @dependabot in lestrrat-go/jwx#1232

Change random big value to math.MaxInt by @lestrrat in lestrrat-go/jwx#1242

Full Changelog: lestrrat-go/jwx@v2.1.2...v2.1.3

v2.1.2

What's Changed

Bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in lestrrat-go/jwx#1168

Fix document of how to parse PEM via CLI by @kg0r0 in lestrrat-go/jwx#1174

Wrap the errors from functions called within ParseRequest by @lestrrat in lestrrat-go/jwx#1176

V2 modernize workflows by @lestrrat in lestrrat-go/jwx#1182

Dependabot fixes for v2 by @lestrrat in lestrrat-go/jwx#1183

Use variable by @lestrrat in lestrrat-go/jwx#1186

Bump golang.org/x/crypto from 0.26.0 to 0.27.0 by @dependabot in lestrrat-go/jwx#1177

Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot in lestrrat-go/jwx#1199

Bump golang.org/x/crypto from 0.27.0 to 0.28.0 by @dependabot in lestrrat-go/jwx#1208

update comments to include iat by @cscochris in lestrrat-go/jwx#1216

New Contributors

@kg0r0 made their first contribution in lestrrat-go/jwx#1174

@cscochris made their first contribution in lestrrat-go/jwx#1216

Full Changelog: lestrrat-go/jwx@v2.1.1...v2.1.2

Changelog

Sourced from github.com/lestrrat-go/jwx/v2's changelog.

v2.1.3 24 Nov 2024

[jwe] Test has been fixed to work under 32-bit systems.

v2.1.2 25 Oct 2024

[jwt] jwt.ParseRequest now uses %w to embed errors returned from jwt.ParseHeader, jwt.ParseCookie, and jwt.ParseForm, allowing users to correctly call errors.Is(err, jwt.ErrTokenExpired) and the like. Previously the error returned from jwt.ParseRequest showed in human readable format what the problem was, but it was not programmatically possible to determine the error type using errors.Is (#1175)

Commits

9e379c7 Merge branch 'develop/v2' into v2
9512c34 Update Changes
a8a54fa Change random big value to math.MaxInt (#1242)
bc6070a Bump golang.org/x/crypto from 0.28.0 to 0.29.0 (#1232)
ea75a9a Remove non-applicable comment (#1223)
536b643 Merge branch 'develop/v2' into v2
4f04913 Update Changes
42ae987 update comments to include iat (#1216)
42920f4 Bump golang.org/x/crypto from 0.27.0 to 0.28.0 (#1208)
5728179 Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (#1199)
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.10.0

What's Changed

Functional Changes

Add PanicAssertionFunc by @fahimbagar in stretchr/testify#1337

assert: deprecate CompareType by @dolmen in stretchr/testify#1566

assert: make YAML dependency pluggable via build tags by @dolmen in stretchr/testify#1579

assert: new assertion NotElementsMatch by @hendrywiranto in stretchr/testify#1600

mock: in order mock calls by @ReyOrtiz in stretchr/testify#1637

Add assertion for NotErrorAs by @palsivertsen in stretchr/testify#1129

Record Return Arguments of a Call by @jayd3e in stretchr/testify#1636

assert.EqualExportedValues: accepts everything by @redachl in stretchr/testify#1586

Fixes

assert: make tHelper a type alias by @dolmen in stretchr/testify#1562

Do not get argument again unnecessarily in Arguments.Error() by @TomWright in stretchr/testify#820

Fix time.Time compare by @myxo in stretchr/testify#1582

assert.Regexp: handle []byte array properly by @kevinburkesegment in stretchr/testify#1587

assert: collect.FailNow() should not panic by @marshall-lee in stretchr/testify#1481

mock: simplify implementation of FunctionalOptions by @dolmen in stretchr/testify#1571

mock: caller information for unexpected method call by @spirin in stretchr/testify#1644

suite: fix test failures by @stevenh in stretchr/testify#1421

Fix issue #1662 (comparing infs should fail) by @ybrustin in stretchr/testify#1663

NotSame should fail if args are not pointers #1661 by @sikehish in stretchr/testify#1664

Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI by @sikehish in stretchr/testify#1667

fix: compare functional option names for indirect calls by @arjun-1 in stretchr/testify#1626

Documantation, Build & CI

.gitignore: ignore "go test -c" binaries by @dolmen in stretchr/testify#1565

mock: improve doc by @dolmen in stretchr/testify#1570

mock: fix FunctionalOptions docs by @snirye in stretchr/testify#1433

README: link out to the excellent testifylint by @brackendawson in stretchr/testify#1568

assert: fix typo in comment by @JohnEndson in stretchr/testify#1580

Correct the EventuallyWithT and EventuallyWithTf example by @JonCrowther in stretchr/testify#1588

CI: bump softprops/action-gh-release from 1 to 2 by @dependabot in stretchr/testify#1575

mock: document more alternatives to deprecated AnythingOfTypeArgument by @dolmen in stretchr/testify#1569

assert: Correctly document EqualValues behavior by @brackendawson in stretchr/testify#1593

fix: grammar in godoc by @miparnisari in stretchr/testify#1607

.github/workflows: Run tests for Go 1.22 by @HaraldNordgren in stretchr/testify#1629

Document suite's lack of support for t.Parallel by @brackendawson in stretchr/testify#1645

assert: fix typos in comments by @alexandear in stretchr/testify#1650

mock: fix doc comment for NotBefore by @alexandear in stretchr/testify#1651

Generate better comments for require package by @Neokil in stretchr/testify#1610

README: replace Testify V2 notice with @dolmen's V2 manifesto by @hendrywiranto in stretchr/testify#1518

New Contributors

@fahimbagar made their first contribution in stretchr/testify#1337

@TomWright made their first contribution in stretchr/testify#820

@snirye made their first contribution in stretchr/testify#1433

@myxo made their first contribution in stretchr/testify#1582

@JohnEndson made their first contribution in stretchr/testify#1580

... (truncated)

Commits

89cbdd9 Merge pull request #1626 from arjun-1/fix-functional-options-diff-indirect-calls
07bac60 Merge pull request #1667 from sikehish/flaky
716de8d Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI
118fb83 NotSame should fail if args are not pointers #1661 (#1664)
7d99b2b attempt 2
05f87c0 more similar
ea7129e better fmt
a1b9c9e Merge pull request #1663 from ybrustin/master
8302de9 Merge branch 'master' into master
89352f7 Merge pull request #1518 from hendrywiranto/adjust-readme-remove-v2
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.26.0 to 0.29.0

Commits

6018723 go.mod: update golang.org/x dependencies
71ed71b README: don't recommend go get
750a45f sha3: add MarshalBinary, AppendBinary, and UnmarshalBinary
36b1725 sha3: avoid trailing permutation
80ea76e sha3: fix padding for long cSHAKE parameters
c17aa50 sha3: avoid buffer copy
7cfb916 ssh: return unexpected msg error when server fails keyboard-interactive auth ...
b61b08d chacha20: extend ppc64le support to ppc64
6c21748 internal/poly1305: extend ppc64le support to ppc64
adef4cc go.mod: update golang.org/x dependencies
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.65.0 to 1.69.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.69.0

Known Issues

The recently added grpc.NewClient function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. A fix is expected to be a part of grpc-go v1.70. (#7556)

New Features

stats/opentelemetry: Introduce new APIs to enable OpenTelemetry instrumentation for metrics on servers and clients (#7874)

xdsclient: add support to fallback to lower priority servers when higher priority ones are down (#7701)

dns: Add support for link local IPv6 addresses (#7889)

The new experimental pickfirst LB policy (disabled by default) supports Happy Eyeballs, interleaving IPv4 and IPv6 address as described in RFC-8305 section 4, to attempt connections to multiple backends concurrently. The experimental pickfirst policy can be enabled by setting the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to true. (#7725, #7742)

balancer/pickfirst: Emit metrics from the pick_first load balancing policy (#7839)

grpc: export MethodHandler, which is the type of an already-exported field in MethodDesc (#7796)

Special Thanks: @mohdjishin

Bug Fixes

credentials/google: set scope for application default credentials (#7887)

Special Thanks: @halvards

xds: fix edge-case issues where some clients or servers would not initialize correctly or would not receive errors when resources are invalid or unavailable if another channel or server with the same target was already in use . (#7851, #7853)

examples: fix the debugging example, which was broken by a recent change (#7833)

Behavior Changes

client: update retry attempt backoff to apply jitter per updates to gRFC A6. (#7869)

Special Thanks: @isgj

balancer/weightedroundrobin: use the pick_first LB policy to manage connections (#7826)

API Changes

balancer: An internal method is added to the balancer.SubConn interface to force implementors to embed a delegate implementation. This requirement is present in the interface documentation, but wasn't enforced earlier. (#7840)

Performance Improvements

mem: implement a ReadAll() method for more efficient io.Reader consumption (#7653)

Special Thanks: @ash2k

mem: use slice capacity instead of length to determine whether to pool buffers or directly allocate them (#7702)

Special Thanks: @PapaCharlie

Documentation

examples/csm_observability: Add xDS Credentials and switch server to be xDS enabled (#7875)

Release 1.68.1

Bug Fixes

credentials/alts: avoid SRV and TXT lookups for handshaker service to work around hangs caused by buggy versions of systemd-resolved. (#7861)

Dependencies

... (truncated)

Commits

317271b pickfirst: Register a health listener when used as a leaf policy (#7832)
5565631 balancer/pickfirst: replace grpc.Dial with grpc.NewClient in tests (#7879)
634497b test: Split import paths for generated message and service code (#7891)
78aa51b pickfirst: Stop test servers without closing listeners (#7872)
00272e8 dns: Support link local IPv6 addresses (#7889)
17d08f7 scripts/gen-deps: filter out grpc modules (#7890)
ab189b0 examples/features/csm_observability: Add xDS Credentials (#7875)
3ce87dd credentials/google: Add cloud-platform scope for ADC (#7887)
3c0586a stats/opentelemetry: Cleanup OpenTelemetry API's before stabilization (#7874)
4c07bca stream: add jitter to retry backoff in accordance with gRFC A6 (#7869)
Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-modules group with 4 updates in the /sda-download directory: [github.com/dgraph-io/ristretto](https://github.com/dgraph-io/ristretto), [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx), [github.com/stretchr/testify](https://github.com/stretchr/testify) and [google.golang.org/grpc](https://github.com/grpc/grpc-go). Updates `github.com/dgraph-io/ristretto` from 0.1.1 to 0.2.0 - [Release notes](https://github.com/dgraph-io/ristretto/releases) - [Changelog](https://github.com/dgraph-io/ristretto/blob/main/CHANGELOG.md) - [Commits](dgraph-io/ristretto@v0.1.1...v0.2.0) Updates `github.com/lestrrat-go/jwx/v2` from 2.1.1 to 2.1.3 - [Release notes](https://github.com/lestrrat-go/jwx/releases) - [Changelog](https://github.com/lestrrat-go/jwx/blob/v2.1.3/Changes) - [Commits](lestrrat-go/jwx@v2.1.1...v2.1.3) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `golang.org/x/crypto` from 0.26.0 to 0.29.0 - [Commits](golang/crypto@v0.26.0...v0.29.0) Updates `google.golang.org/grpc` from 1.65.0 to 1.69.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.65.0...v1.69.0) Updates `google.golang.org/protobuf` from 1.34.2 to 1.35.1 --- updated-dependencies: - dependency-name: github.com/dgraph-io/ristretto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-modules - dependency-name: github.com/lestrrat-go/jwx/v2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-modules - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-modules - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-modules - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-modules - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-modules ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 12, 2024

dependabot bot requested a review from a team December 12, 2024 19:31

dependabot bot mentioned this pull request Dec 12, 2024

Bump the all-modules group in /sda-download with 6 updates #1177

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-modules group across 1 directory with 6 updates #1191

Bump the all-modules group across 1 directory with 6 updates #1191

dependabot bot commented on behalf of github Dec 12, 2024 •

edited

Loading

Bump the all-modules group across 1 directory with 6 updates #1191

Are you sure you want to change the base?

Bump the all-modules group across 1 directory with 6 updates #1191

Conversation

dependabot bot commented on behalf of github Dec 12, 2024 • edited Loading

v0.2.0

What's Changed

[v0.2.0] - 2024-10-06

Added

Fixed

v2.1.3

What's Changed

v2.1.2

What's Changed

New Contributors

v1.10.0

What's Changed

Functional Changes

Fixes

Documantation, Build & CI

New Contributors

Release 1.69.0

Known Issues

New Features

Bug Fixes

Behavior Changes

API Changes

Performance Improvements

Documentation

Release 1.68.1

Bug Fixes

Dependencies

dependabot bot commented on behalf of github Dec 12, 2024 •

edited

Loading