Bump the go_modules group across 2 directories with 4 updates #15990

dependabot · 2024-04-19T10:12:04Z

Bumps the go_modules group with 4 updates in the /pkg directory: golang.org/x/crypto, golang.org/x/net, google.golang.org/grpc and github.com/go-git/go-git/v5.
Bumps the go_modules group with 4 updates in the /sdk directory: golang.org/x/crypto, golang.org/x/net, google.golang.org/grpc and github.com/go-git/go-git/v5.

Updates golang.org/x/crypto from 0.21.0 to 0.22.0

Commits

d042a39 go.mod: update golang.org/x dependencies
b92bf94 ssh: respect MaxAuthTries also for "none" auth attempts
6f79b5a ssh: add server side multi-step authentication
8d0d405 x/crypto/chacha20: cleanup chacha_ppc64le.s
b91329d all: remove redundant words in comments and fix some typos
See full diff in compare view

Updates golang.org/x/net from 0.22.0 to 0.23.0

Commits

c48da13 http2: fix TestServerContinuationFlood flakes
762b58d http2: fix tipos in comment
ba87210 http2: close connections when receiving too many headers
ebc8168 all: fix some typos
3678185 http2: make TestCanonicalHeaderCacheGrowth faster
448c44f http2: remove clientTester
c7877ac http2: convert the remaining clientTester tests to testClientConn
d8870b0 http2: use synthetic time in TestIdleConnTimeout
d73acff http2: only set up deadline when Server.IdleTimeout is positive
89f602b http2: validate client/outgoing trailers
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.62.1 to 1.63.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.63.2

Bugs

Fix the user agent string

Release 1.63.1

Bugs

grpc: fixed subchannel log messages to properly reference the parent channel (#7101)

Special thanks: @daniel-weisse

API Changes

grpc: remove Deprecated tag from Dial and DialContext; these will be deprecated in v1.64 instead (#7103)

Release 1.63.0

Behavior Changes

grpc: Return canonical target string from resolver.Address.String() (experimental) (#6923)

client & server: when using write buffer pooling, use input value for buffer size instead of size*2 (#6983)

Special Thanks: @raghav-stripe

New Features

grpc: add ClientConn.CanonicalTarget() to return the canonical target string. (#7006)

xds: implement LRS named metrics support (gRFC A64) (#7027)

Special Thanks: @danielzhaotongliu

grpc: introduce grpc.NewClient to allow users to create new clients in idle mode and with "dns" as the default resolver (#7010)

Special Thanks: @bruuuuuuuce

API Changes

grpc: stabilize experimental method ClientConn.Target() (#7006)

Bug Fixes

xds: fix an issue that would cause the client to send an empty list of resources for LDS/CDS upon reconnecting with the management server (#7026)

server: Fix some errors returned by a server when using a grpc.Server as an http.Handler with the Go stdlib HTTP server (#6989)

resolver/dns: add SetResolvingTimeout to allow configuring the DNS resolver's global timeout (#6917)

Special Thanks: @and1truong

Set the security level of Windows named pipes to NoSecurity (#6956)

Special Thanks: @irsl

Release 1.62.2

Dependencies

Update http2 library to address vulnerability CVE-2023-45288

Commits

d32e66c Change version to 1.63.2 (#7104)
92f6dd0 channelz: pass parent pointer instead of parent ID to RegisterSubChannel (#7101)
0f6ef0f grpc: un-deprecate Dial and DialContext
58dc749 Change version to 1.63.1-dev (#7051)
c68f456 Change version to 1.63.0 (#7050)
6369167 *: update http2 dependency (#7082)
8854761 cherry-pick: channelz: fix race accessing channelMap without lock (#7079) (#7...
e62770d channelz: add LocalAddr to listen sockets and test (#7062) (#7063)
4ffccf1 googlec2p: use xdstp style template for client LDS resource name (#7048)
faf9964 gracefulswitch: add ParseConfig and make UpdateClientConnState call SwitchTo ...
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.12.0

What's Changed

git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by @moranCohen26 in go-git/go-git#994

git: Signer: fix usage of crypto.Signer interface by @wlynch in go-git/go-git#1029

git: Remote, fetch, adds the prune option. by @juliens in go-git/go-git#366

git: Add crypto.Signer option to CommitOptions. by @wlynch in go-git/go-git#996

git: Worktree checkout tag hash id (#959) by @aymanbagabas in go-git/go-git#966

git: Worktree, Don't panic on empty or root path when checking if it is valid by @tim775 in go-git/go-git#1042

git: Add commit validation for Reset by @pjbgf in go-git/go-git#1048

git: worktree_commit, Fix amend commit to apply changes. Fixes #1024 by @onee-only in go-git/go-git#1045

git: Implement Merge function with initial FastForwardMerge support by @pjbgf in go-git/go-git#1044

plumbing: object, Make first commit visible on logs filtered with filename. Fixes #191 by @onee-only in go-git/go-git#1036

plumbing: no panic in printStats function. Fixes #177 by @nodivbyzero in go-git/go-git#971

plumbing: object, Optimize logging with file. by @onee-only in go-git/go-git#1046

plumbing: object, check legitimacy in (*Tree).Encode by @niukuo in go-git/go-git#967

plumbing: format/gitattributes, close file in ReadAttributesFile by @prskr in go-git/go-git#1018

plumbing: check setAuth error. Fixes #185 by @nodivbyzero in go-git/go-git#969

plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by @Jerry-yz in go-git/go-git#987

utils: merkletrie, calculate filesystem node's hash lazily. by @candid82 in go-git/go-git#825

utils: update comment in node.go's Hash() by @codablock in go-git/go-git#992

_example: fix 404 link and added ssh-agent clone link by @grinish21 in go-git/go-git#1022

_example: checkout-branch example by @dlambda in go-git/go-git#446

_example: example for git clone using ssh-agent by @pjbgf in go-git/go-git#998

New Contributors

@candid82 made their first contribution in go-git/go-git#825

@codablock made their first contribution in go-git/go-git#992

@Jerry-yz made their first contribution in go-git/go-git#987

@wlynch made their first contribution in go-git/go-git#996

@moranCohen26 made their first contribution in go-git/go-git#994

@grinish21 made their first contribution in go-git/go-git#1022

@prskr made their first contribution in go-git/go-git#1018

@dlambda made their first contribution in go-git/go-git#446

@juliens made their first contribution in go-git/go-git#366

@onee-only made their first contribution in go-git/go-git#1036

@tim775 made their first contribution in go-git/go-git#1042

@niukuo made their first contribution in go-git/go-git#967

@avoidalone made their first contribution in go-git/go-git#1047

Full Changelog: go-git/go-git@v5.11.0...v5.12.0

Commits

302ddde Merge pull request #1060 from go-git/dependabot/go_modules/github.com/gliderl...
6bba34d build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7
feaeb36 Merge pull request #937 from matejrisek/feature/rename-short-fields
7959a42 Merge pull request #1052 from go-git/dependabot/go_modules/github.com/skeema/...
4c17ce7 build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2
3f77e6f Merge pull request #1048 from pjbgf/fix-reset-validation
6af38e0 Merge pull request #1047 from avoidalone/master
e6c3e58 Merge pull request #1044 from pjbgf/ff-merge
04f7b23 *: fix some comments
f4f1a87 Merge pull request #971 from nodivbyzero/fix-177-diff-print-file-stats
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.21.0 to 0.22.0

Commits

d042a39 go.mod: update golang.org/x dependencies
b92bf94 ssh: respect MaxAuthTries also for "none" auth attempts
6f79b5a ssh: add server side multi-step authentication
8d0d405 x/crypto/chacha20: cleanup chacha_ppc64le.s
b91329d all: remove redundant words in comments and fix some typos
See full diff in compare view

Updates golang.org/x/net from 0.21.0 to 0.23.0

Commits

c48da13 http2: fix TestServerContinuationFlood flakes
762b58d http2: fix tipos in comment
ba87210 http2: close connections when receiving too many headers
ebc8168 all: fix some typos
3678185 http2: make TestCanonicalHeaderCacheGrowth faster
448c44f http2: remove clientTester
c7877ac http2: convert the remaining clientTester tests to testClientConn
d8870b0 http2: use synthetic time in TestIdleConnTimeout
d73acff http2: only set up deadline when Server.IdleTimeout is positive
89f602b http2: validate client/outgoing trailers
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.57.1 to 1.63.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.63.2

Bugs

Fix the user agent string

Release 1.63.1

Bugs

grpc: fixed subchannel log messages to properly reference the parent channel (#7101)

Special thanks: @daniel-weisse

API Changes

grpc: remove Deprecated tag from Dial and DialContext; these will be deprecated in v1.64 instead (#7103)

Release 1.63.0

Behavior Changes

grpc: Return canonical target string from resolver.Address.String() (experimental) (#6923)

client & server: when using write buffer pooling, use input value for buffer size instead of size*2 (#6983)

Special Thanks: @raghav-stripe

New Features

grpc: add ClientConn.CanonicalTarget() to return the canonical target string. (#7006)

xds: implement LRS named metrics support (gRFC A64) (#7027)

Special Thanks: @danielzhaotongliu

grpc: introduce grpc.NewClient to allow users to create new clients in idle mode and with "dns" as the default resolver (#7010)

Special Thanks: @bruuuuuuuce

API Changes

grpc: stabilize experimental method ClientConn.Target() (#7006)

Bug Fixes

xds: fix an issue that would cause the client to send an empty list of resources for LDS/CDS upon reconnecting with the management server (#7026)

server: Fix some errors returned by a server when using a grpc.Server as an http.Handler with the Go stdlib HTTP server (#6989)

resolver/dns: add SetResolvingTimeout to allow configuring the DNS resolver's global timeout (#6917)

Special Thanks: @and1truong

Set the security level of Windows named pipes to NoSecurity (#6956)

Special Thanks: @irsl

Release 1.62.2

Dependencies

Update http2 library to address vulnerability CVE-2023-45288

Commits

d32e66c Change version to 1.63.2 (#7104)
92f6dd0 channelz: pass parent pointer instead of parent ID to RegisterSubChannel (#7101)
0f6ef0f grpc: un-deprecate Dial and DialContext
58dc749 Change version to 1.63.1-dev (#7051)
c68f456 Change version to 1.63.0 (#7050)
6369167 *: update http2 dependency (#7082)
8854761 cherry-pick: channelz: fix race accessing channelMap without lock (#7079) (#7...
e62770d channelz: add LocalAddr to listen sockets and test (#7062) (#7063)
4ffccf1 googlec2p: use xdstp style template for client LDS resource name (#7048)
faf9964 gracefulswitch: add ParseConfig and make UpdateClientConnState call SwitchTo ...
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.12.0

What's Changed

git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by @moranCohen26 in go-git/go-git#994

git: Signer: fix usage of crypto.Signer interface by @wlynch in go-git/go-git#1029

git: Remote, fetch, adds the prune option. by @juliens in go-git/go-git#366

git: Add crypto.Signer option to CommitOptions. by @wlynch in go-git/go-git#996

git: Worktree checkout tag hash id (#959) by @aymanbagabas in go-git/go-git#966

git: Worktree, Don't panic on empty or root path when checking if it is valid by @tim775 in go-git/go-git#1042

git: Add commit validation for Reset by @pjbgf in go-git/go-git#1048

git: worktree_commit, Fix amend commit to apply changes. Fixes #1024 by @onee-only in go-git/go-git#1045

git: Implement Merge function with initial FastForwardMerge support by @pjbgf in go-git/go-git#1044

plumbing: object, Make first commit visible on logs filtered with filename. Fixes #191 by @onee-only in go-git/go-git#1036

plumbing: no panic in printStats function. Fixes #177 by @nodivbyzero in go-git/go-git#971

plumbing: object, Optimize logging with file. by @onee-only in go-git/go-git#1046

plumbing: object, check legitimacy in (*Tree).Encode by @niukuo in go-git/go-git#967

plumbing: format/gitattributes, close file in ReadAttributesFile by @prskr in go-git/go-git#1018

plumbing: check setAuth error. Fixes #185 by @nodivbyzero in go-git/go-git#969

plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by @Jerry-yz in go-git/go-git#987

utils: merkletrie, calculate filesystem node's hash lazily. by @candid82 in go-git/go-git#825

utils: update comment in node.go's Hash() by @codablock in go-git/go-git#992

_example: fix 404 link and added ssh-agent clone link by @grinish21 in go-git/go-git#1022

_example: checkout-branch example by @dlambda in go-git/go-git#446

_example: example for git clone using ssh-agent by @pjbgf in go-git/go-git#998

New Contributors

@candid82 made their first contribution in go-git/go-git#825

@codablock made their first contribution in go-git/go-git#992

@Jerry-yz made their first contribution in go-git/go-git#987

@wlynch made their first contribution in go-git/go-git#996

@moranCohen26 made their first contribution in go-git/go-git#994

@grinish21 made their first contribution in go-git/go-git#1022

@prskr made their first contribution in go-git/go-git#1018

@dlambda made their first contribution in go-git/go-git#446

@juliens made their first contribution in go-git/go-git#366

@onee-only made their first contribution in go-git/go-git#1036

@tim775 made their first contribution in go-git/go-git#1042

@niukuo made their first contribution in go-git/go-git#967

@avoidalone made their first contribution in go-git/go-git#1047

Full Changelog: go-git/go-git@v5.11.0...v5.12.0

Commits

302ddde Merge pull request #1060 from go-git/dependabot/go_modules/github.com/gliderl...
6bba34d build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7
feaeb36 Merge pull request #937 from matejrisek/feature/rename-short-fields
7959a42 Merge pull request #1052 from go-git/dependabot/go_modules/github.com/skeema/...
4c17ce7 build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2
3f77e6f Merge pull request #1048 from pjbgf/fix-reset-validation
6af38e0 Merge pull request #1047 from avoidalone/master
e6c3e58 Merge pull request #1044 from pjbgf/ff-merge
04f7b23 *: fix some comments
f4f1a87 Merge pull request #971 from nodivbyzero/fix-177-diff-print-file-stats
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the go_modules group with 4 updates in the /pkg directory: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net), [google.golang.org/grpc](https://github.com/grpc/grpc-go) and [github.com/go-git/go-git/v5](https://github.com/go-git/go-git). Bumps the go_modules group with 4 updates in the /sdk directory: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net), [google.golang.org/grpc](https://github.com/grpc/grpc-go) and [github.com/go-git/go-git/v5](https://github.com/go-git/go-git). Updates `golang.org/x/crypto` from 0.21.0 to 0.22.0 - [Commits](golang/crypto@v0.21.0...v0.22.0) Updates `golang.org/x/net` from 0.22.0 to 0.23.0 - [Commits](golang/net@v0.22.0...v0.23.0) Updates `google.golang.org/grpc` from 1.62.1 to 1.63.2 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.1...v1.63.2) Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) Updates `golang.org/x/crypto` from 0.21.0 to 0.22.0 - [Commits](golang/crypto@v0.21.0...v0.22.0) Updates `golang.org/x/net` from 0.21.0 to 0.23.0 - [Commits](golang/net@v0.22.0...v0.23.0) Updates `google.golang.org/grpc` from 1.57.1 to 1.63.2 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.1...v1.63.2) Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect dependency-group: go_modules - dependency-name: golang.org/x/net dependency-type: direct:production dependency-group: go_modules - dependency-name: google.golang.org/grpc dependency-type: direct:production dependency-group: go_modules - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production dependency-group: go_modules - dependency-name: golang.org/x/crypto dependency-type: direct:production dependency-group: go_modules - dependency-name: golang.org/x/net dependency-type: direct:production dependency-group: go_modules - dependency-name: google.golang.org/grpc dependency-type: direct:production dependency-group: go_modules - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from a team as a code owner April 19, 2024 10:12

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 19, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go_modules group across 2 directories with 4 updates #15990

Bump the go_modules group across 2 directories with 4 updates #15990

dependabot bot commented on behalf of github Apr 19, 2024

Bump the go_modules group across 2 directories with 4 updates #15990

Are you sure you want to change the base?

Bump the go_modules group across 2 directories with 4 updates #15990

Conversation

dependabot bot commented on behalf of github Apr 19, 2024

Release 1.63.2

Bugs

Release 1.63.1

Bugs

API Changes

Release 1.63.0

Behavior Changes

New Features

API Changes

Bug Fixes

Release 1.62.2

Dependencies

v5.12.0

What's Changed

New Contributors

Release 1.63.2

Bugs

Release 1.63.1

Bugs

API Changes

Release 1.63.0

Behavior Changes

New Features

API Changes

Bug Fixes

Release 1.62.2

Dependencies

v5.12.0

What's Changed

New Contributors