Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): Update go deps #1863

Merged
merged 2 commits into from
Nov 6, 2023
Merged

chore(deps): Update go deps #1863

merged 2 commits into from
Nov 6, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 6, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
github.com/aws/aws-sdk-go require minor v1.46.6 -> v1.47.3
github.com/bufbuild/protovalidate-go require minor v0.3.1 -> v0.4.0
github.com/cerbos/cerbos/api/genpb require digest f134903 -> 761a3dc
github.com/cerbos/cloud-api require patch v0.1.8 -> v0.1.9
github.com/go-logr/zapr require minor v1.2.4 -> v1.3.0
github.com/gorilla/mux require patch v1.8.0 -> v1.8.1
github.com/jackc/pgx/v5 require minor v5.4.3 -> v5.5.0
github.com/lestrrat-go/jwx/v2 require patch v2.0.15 -> v2.0.16
github.com/pterm/pterm require patch v0.12.69 -> v0.12.70
github.com/rivo/tview require digest 8b7bcf9 -> 1b91b81
github.com/twmb/franz-go require patch v1.15.1 -> v1.15.2
github.com/vektra/mockery/v2 require patch v2.36.0 -> v2.36.1
golang.org/x/sync require minor v0.4.0 -> v0.5.0
google.golang.org/genproto/googleapis/api require digest 49dd2c1 -> d783a09
modernc.org/sqlite require minor v1.26.0 -> v1.27.0

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

aws/aws-sdk-go (github.com/aws/aws-sdk-go)

v1.47.3

Compare Source

===

Service Client Updates
  • service/config: Updates service API
  • service/connect: Updates service API and documentation
  • service/iotwireless: Updates service API and documentation
  • service/launch-wizard: Adds new service

v1.47.2

Compare Source

===

Service Client Updates
  • service/apprunner: Updates service API and documentation
  • service/connect: Updates service documentation
  • service/gamelift: Updates service API and documentation
    • Amazon GameLift adds support for shared credentials, which allows applications that are deployed on managed EC2 fleets to interact with other AWS resources.
  • service/glue: Updates service API and documentation
    • This release introduces Google BigQuery Source and Target in AWS Glue CodeGenConfigurationNode.
  • service/network-firewall: Updates service API and documentation
  • service/quicksight: Updates service API and documentation
    • Got confirmed from qmeixua@ about custom week features, and tested locally with aws cli and java sdk that the subtypes are showing up.
SDK Enhancements
  • aws/ec2metadata: Added environment and shared config support for disabling IMDSv1 fallback.
    • Use env AWS_EC2_METADATA_V1_DISABLED or shared config ec2_metadata_v1_disabled accordingly.

v1.47.1

Compare Source

===

Service Client Updates
  • service/connect: Updates service API, documentation, and paginators
  • service/globalaccelerator: Updates service API, documentation, and paginators
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • This release adds support for customized networking resources to Amazon RDS Custom.
  • service/redshift: Updates service API and documentation
    • Added support for Multi-AZ deployments for Provisioned RA3 clusters that provide 99.99% SLA availability.
  • service/sagemaker: Updates service API and documentation
    • Support for batch transform input in Model dashboard

v1.47.0

Compare Source

===

Service Client Updates
  • service/amplify: Updates service API, documentation, and paginators
  • service/application-insights: Updates service API and documentation
  • service/ec2: Updates service API, documentation, and paginators
    • Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU instances on a future date to support short duration machine learning (ML) workloads. Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for low-latency, high-throughput networking.
  • service/m2: Updates service API and documentation
  • service/neptunedata: Updates service API and documentation
  • service/translate: Updates service API and documentation
SDK Features

v1.46.7

Compare Source

===

Service Client Updates
  • service/connect: Updates service API and documentation
  • service/dataexchange: Updates service API and documentation
  • service/datasync: Updates service API and documentation
  • service/finspace: Updates service API and documentation
  • service/mediapackagev2: Updates service API and documentation
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • This release launches the CreateIntegration, DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations.
  • service/redshift-serverless: Updates service API, documentation, and paginators
  • service/resiliencehub: Updates service API and documentation
  • service/s3outposts: Updates service API and documentation
  • service/wisdom: Updates service documentation
bufbuild/protovalidate-go (github.com/bufbuild/protovalidate-go)

v0.4.0

Compare Source

What's Changed

New Contributors

Full Changelog: bufbuild/protovalidate-go@v0.3.4...v0.4.0

v0.3.4

Compare Source

What's Changed

New Contributors

Full Changelog: bufbuild/protovalidate-go@v0.3.3...v0.3.4

v0.3.3

Compare Source

What's Changed

New Contributors

Full Changelog: bufbuild/protovalidate-go@v0.3.2...v0.3.3

v0.3.2

Compare Source

What's Changed

New Contributors

Full Changelog: bufbuild/protovalidate-go@v0.3.1...v0.3.2

cerbos/cloud-api (github.com/cerbos/cloud-api)

v0.1.9

Compare Source

go-logr/zapr (github.com/go-logr/zapr)

v1.3.0

Compare Source

This release adds support for slog. zapr implements slogr.SlogSink and therefore can be used through slogr.NewSlogHandler as backend for slog.

What's Changed


New Contributors

Full Changelog: go-logr/zapr@v1.2.4...v1.3.0

google/cel-go (github.com/google/cel-go)

v0.18.1

Compare Source

What's Changed

  • Add support for a relative offset within ast.SourceInfo by [#​836]
  • Fix last optional element to be retained as an optional index while folding [#​841]
  • Fix deprecation notice for string format validation [#​840]
  • Update cel-spec and enable wrappers conformance tests [#​842]
  • refactor: remove lexer and parser pools [#​838]

New Contributors

Full Changelog: google/cel-go@v0.18.0...v0.18.1

v0.18.0

Compare Source

Features

The latest release of CEL introduces validators (#​775) and optimizers (#​804, #​827) and migrates the core CEL internals off of the
protobuf expression and type representations (#​789).

  • String format validator [#​775]
  • Create a Function that Reverses a String [#​796]
  • Introduce pre-order / post-order visitor pattern [#​813]
  • Add Libraries() function to Env [#​822]
  • Static optimizer for constant folding [#​804]
  • Inlining optimizer [#​827]
  • FindStructTypeFields support for types.Provider [#​814]

Breaking Changes

The following PR changes the API signature of the checker.AstNode method Expr to return an ast.Expr.

  • Migrate the checker.Coster to the ast.Expr [#​798]

Fixes

  • Nil safety checks for cel.Ast [#​784]
  • Fix cost estimates to propagate result sizes [#​787]
  • Catch invalid literals created from expression factories [#​810]
  • Ensure stable ordering of overload candidates [#​817]
  • Clarify replace with/by empty string [#​820]
  • Fix functional exemptions for homogeneous literal checks [#​832]
  • Fix logical operator folding that only involve literals [#​833]
  • Upgrade go-genproto to latest [#​831]

New Contributors

Full Changelog: google/cel-go@v0.17.1...v0.18.0

v0.17.7

Compare Source

What's Changed

  • Backport #​850: Sets cost estimation and tracking options [#​852]

Full Changelog: google/cel-go@v0.17.6...v0.17.7

gorilla/mux (github.com/gorilla/mux)

v1.8.1

Compare Source

What's Changed

New Contributors

Full Changelog: gorilla/mux@v1.8.0...v1.8.1

jackc/pgx (github.com/jackc/pgx/v5)

v5.5.0

Compare Source

lestrrat-go/jwx (github.com/lestrrat-go/jwx/v2)

v2.0.16

Compare Source

v2.0.16 31 Oct 2023
[Security]
  * [jws] ECDSA signature verification requires us to check if the signature
    is of the desired length of bytes, but this check that used to exist before
    had been removed in #​65, resulting in certain malformed signatures to pass
    verification.

    One of the ways this could happen if R is a 31 byte integer and S is 32 byte integer,
    both containing the correct signature values, but R is not zero-padded.

       Correct = R: [ 0 , ... ] (32 bytes) S: [ ... ] (32 bytes)
       Wrong   = R: [ ... ] (31 bytes)     S: [ ... ] (32 bytes)

    In order for this check to pass, you would still need to have all 63 bytes
    populated with the correct signature. The only modification a bad actor
    may be able to do is to add one more byte at the end, in which case the
    first 32 bytes (including what would have been S's first byte) is used for R,
    and S would contain the rest. But this will only result in the verification to
    fail. Therefore this in itself should not pose any security risk, albeit
    allowing some illegally formated messages to be verified.

  * [jwk] `jwk.Key` objects now have a `Validate()` method to validate the data
    stored in the keys. However, this still does not necessarily mean that the key's
        are valid for use in cryptographic operations. If `Validate()` is successful,
    it only means that the keys are in the right _format_, including the presence
    of required fields and that certain fields have proper length, etc.

[New Features]
  * [jws] Added `jws.WithValidateKey()` to force calling `key.Validate()` before
    signing or verification.

  * [jws] `jws.Sign()` now returns a special type of error that can hold the
    individual errors from the signers. The stringification is still the same
    as before to preserve backwards compatibility.

  * [jwk] Added `jwk.IsKeyValidationError` that checks if an error is an error
    from `key.Validate()`.

[Bug Fixes]
  * [jwt] `jwt.ParseInsecure()` was running verification if you provided a key
    via `jwt.WithKey()` or `jwt.WithKeySet()` (#​1007)
pterm/pterm (github.com/pterm/pterm)

v0.12.70: Heatmap Printer 🎉

Compare Source

What's Changed

Exciting New Features 🎉
Fixes 🔧

Full Changelog: pterm/pterm@v0.12.69...v0.12.70

twmb/franz-go (github.com/twmb/franz-go)

v1.15.2

Compare Source

===

This patch release fixes two bugs and changes Mark functions to be no-ops when
not using AutoCommitMarks to avoid confusion. This also includes a minor commit
further improving the sticky balancer. See the commits for more details.

  • 72778cb behavior change kgo: no-op mark functions when not using AutoCommitMarks
  • e209bb6 bugfix kgo: pin AddPartitionsToTxn to v3 when using one transaction
  • 36b4437 sticky: further improvements
  • af5bc1f bugfix kgo: be sure to use topics when other topics are paused
vektra/mockery (github.com/vektra/mockery/v2)

v2.36.1

Compare Source

Changelog

  • b648c23 Add additional test
  • 0310201 Add fix for showconfig command
  • d3515d1 Fix bug with sub-package inheritance
  • 77064ad Fix config bug where mockery crashes when package map is nil
  • 5978bc5 Fix test with config initialization
  • deb4860 Merge pull request #​730 from LandonTClipp/issue_726
  • e86d230 Simplifying some config in interface copying code
  • 726d76c Update running.md
  • 2dd8f00 Use gotestsum for better testing output
cznic/sqlite (modernc.org/sqlite)

v1.27.0

Compare Source


Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added area/dependencies Pull requests that update a dependency file bots kind/chore labels Nov 6, 2023
@renovate renovate bot force-pushed the renovate/go-deps branch from 8581b21 to 317b199 Compare November 6, 2023 04:59
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Oğuzhan Durgun <[email protected]>
Copy link
Contributor Author

renovate bot commented Nov 6, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

Signed-off-by: Oğuzhan Durgun <[email protected]>
@oguzhand95 oguzhand95 changed the title chore(deps): update go deps chore(deps): Update go deps Nov 6, 2023
@oguzhand95 oguzhand95 self-requested a review November 6, 2023 09:00
@oguzhand95 oguzhand95 merged commit ebb56d2 into main Nov 6, 2023
18 of 19 checks passed
@oguzhand95 oguzhand95 deleted the renovate/go-deps branch November 6, 2023 09:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/dependencies Pull requests that update a dependency file bots kind/chore
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant