Release 0.11.0

[sagikazarmark]

The last go-kit version was released more than a year ago. Given the recent (and upcoming) changes it might make sense to release a new version:

• Log package moved to a separate module
• etcd update reducing the dependency graph
• Relocating examples to a separate repo (further reducing dependencies)
• Updating dependencies to latest versions

Here is a rough list that I think should go into 0.11:

Must-have

• Update dependencies #1109 (Update dependencies)
• Relocate examples to a separate repository #1100 (Relocate examples)

Optional

• High severity issue in github.com/dgrijalva/jwt-go #1026 (Move away from vulnerable JWT library)

Future release

• Extract github.com/go-kit/kit/log to github.com/go-kit/log #1055 (Figure out what to do with the remaining log package)
• Add linters #1107 (linters)
• Go1.17beta lazy modules test #1105 (Lazy modules test)

Haven't looked into other pending issues/PRs in too much detail. Some of those might also worth checking out.

WDYT @peterbourgon @ChrisHines

[ChrisHines]

Yes, a new release is in order. Your list looks pretty good, although I think we should consider a two release sequence. First release for low risk stuff and a second for higher risk stuff. That way people have a newer place to roll back to if the high risk release causes them problems.

[sagikazarmark]

What constitutes as a risky change from the above list in your opinion?

The log package change maybe. Anything else?

[ChrisHines]

What constitutes as a risky change from the above list in your opinion?

The log package change maybe. Anything else?

Yes, that for sure. I think we should make a new release before tackling that change. We should also hold lazy module changes until Go 1.17 is actually released. I will probably rebase that branch as we go along, especially as we shrink the dependency tree.

We can add linters at any time. If they are going to create some work to clean up anything they flag we can keep that work on a branch until it's done. I don't think of that as a releasable thing.

[sagikazarmark]

Agreed. Updated the list.

[sagikazarmark]

I'll create a GitHub milestone to track these issues.

[sagikazarmark]

What about #1070 ? It's a breaking change as well. Should it be delayed to a later release?

[ChrisHines]

I didn't think #1070 was a breaking change since the original constant was only deprecated, not removed, and the rest of the changes are in the docs and error messages. Did I miss something?

If it's not breaking I would vote to include it in the low risk release.

[sagikazarmark]

Not sure why I thought it was a breaking change. It doesn't seem to be.

[sagikazarmark]

Most of the above list is cleared. I looked at the JWT thing, but unfortunately it's not that trivial, requires breaking changes. The vulnerability can be worked around by a drop-in replacement though, so I'd vote for delaying it.

I'd wait for #1121 . It's deprecated for some time now. I suggested moving it out from the repo, but @peterbourgon voted for removing it instead. I couldn't find any references to it in go-kit repos.

Anything else to be considered for 0.11.0?

[ChrisHines]

LGTM, but I wouldn't tag a release until @peterbourgon signs off on it.

[sagikazarmark]

Sure!

[peterbourgon]

Thanks for your patience. I'm back in action starting tomorrow so I'll get to as much of the backlog as I can.

[sagikazarmark]

I've created a milestone for the next release: https://github.com/go-kit/kit/milestone/1

The items in there need decision whether they should be delayed and merged for the current version.

Let me know if I can help with anything.

[sagikazarmark]

@peterbourgon I've merged all PRs in the 0.11.0 milestone. Do you want to go ahead and tag it? Or is there anything else to do?

I've prepared the release notes:

A new release with several improvements and enhancements.

Major changes:

- The log package was extracted to a separate [repository](https://github.com/go-kit/log)
- Examples were moved to a separate [repository](https://github.com/go-kit/examples)
- Deprecated kitgen was removed

Thanks to the 23 contributors who contributed to this release! 🏌️‍♂️

# Bug fixes

* metrics/cloudwatch: log CloudWatch response error (#961) (thanks @Trane9991)
* log: defer mutex unlocks for panic safety in SyncLogger (#974) (thanks @peterbourgon)
* util/conn: close old connection before reconnect (#982) (thanks @chikaku)
* log/term: fix build on GOOS=js GOARCH=wasm (#993) (thanks @mvdan)
* transport/http/jsonrpc: move the ClientAfter calls to before the decode (#1008) (thanks @directionless)
* sd/etcdv3: fix etcdv3 client won't return error when no endpoint is available (#1009) (thanks @wayjam)
* metrics/generic: fix uint64 alignment (#1007) (thanks @ldez)
* log: fix stdlibadapter when prefixed (#1036) (thanks @soven)
* log: capture newlines in log stdlib (#1041) (thanks @SuperQ)

# Enhancements

* metrics/cloudwatch: use batch values API for CloudWatch PutMetric data call (#960) (thanks @Trane9991)
* log: allow to use specific logrus level in the adaptor (#962) (thanks @Trane9991)
* transport/http: add NewExplicitClient (#971) (thanks @peterbourgon)
* transport/http/jsonrpc: add RequestID in error body when using the DefaultErrorEncoder (#969) (thanks @esenac)
* transport/http/jsonrpc: add Version to JSON-RPC client request (#990) (thanks @shirolimit)
* log: add WithSuffix to append key-value pairs to those passed to Log (#992) (thanks @vinayvinay)
* sd/consul: improve inconsistent Consul SD index handling (#999) (thanks @vinayvinay)
* all: dependency updates (#1029, #1095, #1097, #1098, #1106, #1118, #1115, #1119, #1124) (thanks @ChrisHines, @peterbourgon, @Enrico204, @sagikazarmark)
* tracing/opencensus: add support for JSONRPC (#1022) (thanks @ryan-lang)
* tracing/opentracing: improve endpoint middleware options (#1072) (thanks @alebabai)
* auth/jwt: fix repetition of the word "token" in JWT (#1070) (thanks @amidam)
* sd/zk: replace unmaintained zk library with drop-in replacement (#1120) (thanks @sagikazarmark)
* cmd/kitgen: remove deprecated kitgen (#1121) (thanks @sagikazarmark)

# Documentation, examples, tests

* readme: change godoc to pkg.go.dev (#963) (thanks @relunctance)
* readme: add links to generator tools (#964) (thanks @peterbourgon)
* metrics/cloudwatch: fix bad Gauge test (#975) (thanks @Trane9991)
* readme: update the link and description for go-micro (#989) (thanks @asim)
* examples: add missing "to" preposition (#1014) (thanks @peterbourgon)
* tracing/opencensus: fix failing tests (#1021) (thanks @ryan-lang)
* log: fix doc comment (#1028) (thanks @vrazdalovschi)
* ci: upgrade to the latest version of the setup-go github action (#1040) (thanks @AntonNguyen)
* ci: update Go versions for CI (#1054, #1062) (thanks @peterbourgon, @codefromthecrypt)
* examples: relocate examples to a separate repository (#1100) (thanks @sagikazarmark)
* transport/awslambda: replace aws lambda structs with stubs in tests (#1117) (thanks @sagikazarmark)
* transport/nats: fix panic in tests (#1122) (thanks @sagikazarmark)
* tracing: add a link to opentelemetry instrumentation (#1112) (thanks @sagikazarmark)

See more details in the [0.11.0](https://github.com/go-kit/kit/milestone/1?closed=1) milestone.

I'd also suggest to merge the website PRs with the release (updates log and example references).

[peterbourgon]

That's amazing. Thank you so much. Let me review — give me a day.

[sagikazarmark]

Sure! Let me know if you need anything else for the release.

[peterbourgon]

A note in the major changes section that the existing log package still exists would be good. Also, please remove my name from all of the "thanks" attributions. Otherwise, SGTM — I'll do the release work, including using your (updated) changelog. What rev can I tag? Current master?

[sagikazarmark]

Updated change log:

A new release with several improvements and enhancements.

Major changes:

- The log package was extracted to a separate [repository](https://github.com/go-kit/log). (It remains available in this module for the time being, but it will be removed in a future release)
- Examples were moved to a separate [repository](https://github.com/go-kit/examples)
- Deprecated kitgen was removed

Thanks to the 22 contributors who contributed to this release! 🏌️‍♂️

# Bug fixes

* metrics/cloudwatch: log CloudWatch response error (#961) (thanks @Trane9991)
* log: defer mutex unlocks for panic safety in SyncLogger (#974)
* util/conn: close old connection before reconnect (#982) (thanks @chikaku)
* log/term: fix build on GOOS=js GOARCH=wasm (#993) (thanks @mvdan)
* transport/http/jsonrpc: move the ClientAfter calls to before the decode (#1008) (thanks @directionless)
* sd/etcdv3: fix etcdv3 client won't return error when no endpoint is available (#1009) (thanks @wayjam)
* metrics/generic: fix uint64 alignment (#1007) (thanks @ldez)
* log: fix stdlibadapter when prefixed (#1036) (thanks @soven)
* log: capture newlines in log stdlib (#1041) (thanks @SuperQ)

# Enhancements

* metrics/cloudwatch: use batch values API for CloudWatch PutMetric data call (#960) (thanks @Trane9991)
* log: allow to use specific logrus level in the adaptor (#962) (thanks @Trane9991)
* transport/http: add NewExplicitClient (#971)
* transport/http/jsonrpc: add RequestID in error body when using the DefaultErrorEncoder (#969) (thanks @esenac)
* transport/http/jsonrpc: add Version to JSON-RPC client request (#990) (thanks @shirolimit)
* log: add WithSuffix to append key-value pairs to those passed to Log (#992) (thanks @vinayvinay)
* sd/consul: improve inconsistent Consul SD index handling (#999) (thanks @vinayvinay)
* all: dependency updates (#1029, #1095, #1097, #1098, #1106, #1118, #1115, #1119, #1124) (thanks @ChrisHines, @Enrico204, @sagikazarmark)
* tracing/opencensus: add support for JSONRPC (#1022) (thanks @ryan-lang)
* tracing/opentracing: improve endpoint middleware options (#1072) (thanks @alebabai)
* auth/jwt: fix repetition of the word "token" in JWT (#1070) (thanks @amidam)
* sd/zk: replace unmaintained zk library with drop-in replacement (#1120) (thanks @sagikazarmark)
* cmd/kitgen: remove deprecated kitgen (#1121) (thanks @sagikazarmark)

# Documentation, examples, tests

* readme: change godoc to pkg.go.dev (#963) (thanks @relunctance)
* readme: add links to generator tools (#964)
* metrics/cloudwatch: fix bad Gauge test (#975) (thanks @Trane9991)
* readme: update the link and description for go-micro (#989) (thanks @asim)
* examples: add missing "to" preposition (#1014)
* tracing/opencensus: fix failing tests (#1021) (thanks @ryan-lang)
* log: fix doc comment (#1028) (thanks @vrazdalovschi)
* ci: upgrade to the latest version of the setup-go github action (#1040) (thanks @AntonNguyen)
* ci: update Go versions for CI (#1054, #1062) (thanks @codefromthecrypt)
* examples: relocate examples to a separate repository (#1100) (thanks @sagikazarmark)
* transport/awslambda: replace aws lambda structs with stubs in tests (#1117) (thanks @sagikazarmark)
* transport/nats: fix panic in tests (#1122) (thanks @sagikazarmark)
* tracing: add a link to opentelemetry instrumentation (#1112) (thanks @sagikazarmark)

See more details in the [0.11.0](https://github.com/go-kit/kit/milestone/1?closed=1) milestone.

Yes, current master can be tagged. Thanks!

[al8n]

Hi, https://github.com/golang-jwt/jwt is the forked version of https://github.com/dgrijalva/jwt-go, which is actively maintained. How about use golang-jwt/jwt to replace the dgrijalva/jwt-go in auth/jwt?

[sagikazarmark]

If it's a drop-in replacement, you can easily use replace in your go.mod file. I don't think it should block the release. We can consider replacing it in the next release.

[peterbourgon]

Done I think.

[sagikazarmark]

Yep, thanks for the new release!