Skip to content

chore(deps): Bump the gomod group across 1 directory with 5 updates#878

Merged
richardcase merged 1 commit intomainfrom
dependabot/go_modules/gomod-27f46fd0c7
Jul 10, 2024
Merged

chore(deps): Bump the gomod group across 1 directory with 5 updates#878
richardcase merged 1 commit intomainfrom
dependabot/go_modules/gomod-27f46fd0c7

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 10, 2024

Bumps the gomod group with 3 updates in the / directory: github.com/containerd/containerd, github.com/carlmjohnson/requests and github.com/gorilla/mux.

Updates github.com/containerd/containerd from 1.7.2 to 1.7.19

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd API 1.7.19

Welcome to the api/v1.7.19 release of containerd!

The first dedicated release for the containerd 1.7 API. This release is separately tagged from the main 1.7.x releases after the v1.7.18 release but follows the versioning.

Highlights

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akhil Mohan
  • Phil Estes
  • Sebastiaan van Stijn

Changes

  • Prepare release notes for api v1.7.19 (#10386)
  • : api: update github.com/containerd/ttrpc v1.2.5 to align with containerd 1.7 module (#10364)
    • 2a6aa6ddf [release/1.7] api: update github.com/containerd/ttrpc v1.2.5
  • Add API go module (#10189)

Dependency Changes

  • github.com/containerd/ttrpc v1.2.4 -> v1.2.5
  • github.com/golang/protobuf v1.5.4 -> v1.5.3
  • google.golang.org/genproto/googleapis/rpc d307bd883b97 -> b8732ec3820d

Previous release can be found at v1.7.18

containerd 1.7.19

Welcome to the v1.7.19 release of containerd!

The nineteenth patch release for containerd 1.7 contains various updates and splits the main module from the api module in preparation for the same change in containerd 2.0. Splitting the modules will allow 1.7 and 2.x to both exist

... (truncated)

Commits
  • 2bf793e Merge pull request #10391 from dmcgowan/prepare-v1.7.19
  • 74a3d29 Prepare release notes for v1.7.19
  • 043c712 Merge pull request #10406 from samuelkarp/nri-panic-1.7
  • 5a587e8 Merge pull request #10403 from thaJeztah/1.7_backport_hcsshim_version
  • 7f5d3c5 cri: ensure NRI API never has nil CRI
  • aea977f Merge pull request #10397 from thaJeztah/1.7_backport_deprecate_reference_Spl...
  • 6efc5bb update runhcs binary to v0.11.7
  • 945ae09 Windows: Supply windows shim version via file
  • bb84d90 Merge pull request #10396 from yyatmsft/updatehcsshim-release17
  • dba5357 pkg/reference: deprecate SplitObject
  • Additional commits viewable in compare view

Updates github.com/opencontainers/image-spec from 1.1.0-rc4 to 1.1.0

Release notes

Sourced from github.com/opencontainers/image-spec's releases.

v1.1.0

Vote Passed [+7-0] - https://groups.google.com/a/opencontainers.org/g/dev/c/Cnk6H9C4aag Release PR : opencontainers/image-spec#1161 Full Changelog: opencontainers/image-spec@v1.0.2...v1.1.0

Associated Distribution Specification Release - https://github.com/opencontainers/distribution-spec/releases/tag/v1.1.0

v1.1.0-rc6

Vote passed [+6 -0] - https://groups.google.com/a/opencontainers.org/g/dev/c/HOxZlfhr9-o

For changeset and diff please see - opencontainers/image-spec#1157

v1.1.0-rc5

For changeset and diff please see - opencontainers/image-spec#1109

Vote - https://groups.google.com/a/opencontainers.org/g/dev/c/KIwyzExcjZ8

Commits
  • e7f7c0c version: release v1.1.0
  • 365fa41 Merge pull request #1160 from sudo-bmitch/pr-subject-dag-association
  • d0f90e6 Clarify that subject references a separate DAG
  • 9703222 Merge pull request #1157 from sudo-bmitch/pr-v1.1.0-rc6
  • 8b1e951 version: bump back to +dev
  • 6c2b5fa version: release v1.1.0-rc6
  • 56fb783 Merge pull request #1107 from sudo-bmitch/pr-release-notice
  • a6d741a Merge pull request #1148 from dejanu/update_oci_implementations
  • 53d9855 new section for projects no longer maintained
  • ceeb2eb Merge pull request #1114 from sudo-bmitch/pr-go-1.21
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.56.2 to 1.59.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.59.0

Behavior Changes

  • balancer: grpc will switch to case-sensitive balancer names soon; log a warning if a capital letter is encountered in an LB policy name (#6647)
  • server: allow applications to send arbitrary data in the grpc-status-details-bin trailer (#6662)
  • client: validate grpc-status-details-bin trailer and pass through the trailer to the application directly (#6662)

New Features

  • tap (experimental): Add Header metadata to tap handler (#6652)
  • grpc: channel idleness enabled by default with an idle_timeout of 30m (#6585)

Documentation

  • examples: add an example of flow control behavior (#6648)

Bug Fixes

  • xds: fix hash policy header to skip "-bin" headers and read content-type header as expected (#6609)

Release 1.58.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.58.2

Bug Fixes

  • balancer/weighted_round_robin: fix ticker leak on update

    A new ticker is created every time there is an update of addresses or configuration, but was not properly stopped. This change stops the ticker when it is no longer needed.

Release 1.58.1

Bug Fixes

  • grpc: fix a bug that was decrementing active RPC count too early for streaming RPCs; leading to channel moving to IDLE even though it had open streams
  • grpc: fix a bug where transports were not being closed upon channel entering IDLE

Release 1.58.0

API Changes

See #6472 for details about these changes.

  • balancer: add StateListener to NewSubConnOptions for SubConn state updates and deprecate Balancer.UpdateSubConnState (#6481)
    • UpdateSubConnState will be deleted in the future.
  • balancer: add SubConn.Shutdown and deprecate Balancer.RemoveSubConn (#6493)
    • RemoveSubConn will be deleted in the future.

... (truncated)

Commits
  • 7765221 Change version to 1.59.0 (#6695)
  • e88f12e server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • be7919c transport: Pass Header metadata to tap handle. (#6652)
  • e3f1514 Reapply "status: fix/improve status handling (#6662)" (#6673) (#6688)
  • 696faa9 client: add a test for NewSubConn / StateListener / cc.Close racing (#6678)
  • 318c717 readme: fix badges (#6687)
  • 39972fd github: add code coverage with codecov.io (#6676)
  • 93dbc05 xds: move virtual host matcher test to the xdsresource package (#6680)
  • 2c00469 github: update actions/setup-go and actions/checkout (#6675)
  • 1f73ed5 Replace the gRFC pull request with the permanent link. (#6674)
  • Additional commits viewable in compare view

Updates github.com/carlmjohnson/requests from 0.23.4 to 0.23.5

Release notes

Sourced from github.com/carlmjohnson/requests's releases.

v0.23.5

What's Changed

Full Changelog: earthboundkid/requests@v0.23.4...v0.23.5

Commits
  • 976948d More cleanup of ExampleBuilder_BodyJSON
  • d87154a Docs: More comments on ExampleBuilder_BodyJSON
  • 0aefa30 Docs: Fix ExampleBuilder_ToDeserializer
  • 1393bf3 Docs: More serializer documentation
  • 2c42bf3 Docs: Better JSONSerializer docs
  • 77d422f Add example JSONSerializer
  • b38e637 Docs: Document Serializer/Deserializer
  • 9485e7d Rename json.go to serializer.go
  • 4010c30 Docs: Mention JSONSerialer with ToJSON/BodyJSON
  • 219bc7a ExampleBuilder_ToDeserializer: Fix typo
  • Additional commits viewable in compare view

Updates github.com/gorilla/mux from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/gorilla/mux's releases.

Release v1.8.1

What's Changed

New Contributors

Full Changelog: gorilla/mux@v1.8.0...v1.8.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the gomod group across 1 directory with 5 updates
68d7ae7 
Bumps the gomod group with 3 updates in the / directory: [github.com/containerd/containerd](https://github.com/containerd/containerd), [github.com/carlmjohnson/requests](https://github.com/carlmjohnson/requests) and [github.com/gorilla/mux](https://github.com/gorilla/mux).


Updates `github.com/containerd/containerd` from 1.7.2 to 1.7.19
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.2...v1.7.19)

Updates `github.com/opencontainers/image-spec` from 1.1.0-rc4 to 1.1.0
- [Release notes](https://github.com/opencontainers/image-spec/releases)
- [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md)
- [Commits](opencontainers/image-spec@v1.1.0-rc4...v1.1.0)

Updates `google.golang.org/grpc` from 1.56.2 to 1.59.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.56.2...v1.59.0)

Updates `github.com/carlmjohnson/requests` from 0.23.4 to 0.23.5
- [Release notes](https://github.com/carlmjohnson/requests/releases)
- [Commits](earthboundkid/requests@v0.23.4...v0.23.5)

Updates `github.com/gorilla/mux` from 1.8.0 to 1.8.1
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](gorilla/mux@v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/opencontainers/image-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/carlmjohnson/requests
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/gorilla/mux
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added area/dependency Issues or PRs related to dependency changes kind/cleanup Removing things previously overlooked labels Jul 10, 2024
@cpanato
Copy link
Contributor

cpanato commented Jul 10, 2024

cc @richardcase

@richardcase richardcase merged commit 9e02a73 into main Jul 10, 2024
@richardcase richardcase deleted the dependabot/go_modules/gomod-27f46fd0c7 branch July 10, 2024 09:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@richardcase richardcase richardcase approved these changes

+1 more reviewer

@cpanato cpanato cpanato approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area/dependency Issues or PRs related to dependency changes kind/cleanup Removing things previously overlooked

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cpanato @richardcase

Comments