build(deps): bump the dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the dependencies group with 10 updates in the / directory:

Package	From	To
github.com/getsentry/sentry-go	0.28.1	0.29.1
github.com/prometheus/client_golang	1.20.0	1.20.5
github.com/prometheus/common	0.55.0	0.60.1
github.com/sagernet/sing	0.4.2	0.5.0
github.com/sagernet/sing-box	1.9.4	1.10.1
github.com/urfave/cli/v2	2.27.4	2.27.5
github.com/xtls/xray-core	1.8.23	1.8.24
golang.org/x/sync	0.8.0	0.9.0
golang.org/x/time	0.6.0	0.8.0
modernc.org/sqlite	1.32.0	1.33.1

Updates github.com/getsentry/sentry-go from 0.28.1 to 0.29.1

Release notes

Sourced from github.com/getsentry/sentry-go's releases.

0.29.1

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.29.1.

Bug Fixes

• Correlate errors to the current trace (#886)
• Set the trace context when the transaction finishes (#888)

Misc

• Update the sentrynegroni integration to use the latest (v3.1.1) version of Negroni (#885)

0.29.0

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.29.0.

Breaking Changes

• Remove the sentrymartini integration (#861)
• The WrapResponseWriter has been moved from the sentryhttp package to the internal/httputils package. If you've imported it previosuly, you'll need to copy the implementation in your project. (#871)

Features

• Add new convenience methods to continue a trace and propagate tracing headers for error-only use cases. (#862)

  If you are not using one of our integrations, you can manually continue an incoming trace by using sentry.ContinueTrace() by providing the sentry-trace and baggage header received from a downstream SDK.

  hub := sentry.CurrentHub()
  sentry.ContinueTrace(hub, r.Header.Get(sentry.SentryTraceHeader), r.Header.Get(sentry.SentryBaggageHeader)),

  You can use hub.GetTraceparent() and hub.GetBaggage() to fetch the necessary header values for outgoing HTTP requests.

  hub := sentry.GetHubFromContext(ctx)
  req, _ := http.NewRequest("GET", "http://localhost:3000", nil)
  req.Header.Add(sentry.SentryTraceHeader, hub.GetTraceparent())
  req.Header.Add(sentry.SentryBaggageHeader, hub.GetBaggage())

Bug Fixes

• Initialize HTTPTransport.limit if nil (#844)
• Fix sentry.StartTransaction() returning a transaction with an outdated context on existing transactions (#854)
• Treat Proxy-Authorization as a sensitive header (#859)
• Add support for the http.Hijacker interface to the sentrynegroni package (#871)
• Go version >= 1.23: Use value from http.Request.Pattern for HTTP transaction names when using sentryhttp & sentrynegroni (#875)
• Go version >= 1.21: Fix closure functions name grouping (#877)

Misc

... (truncated)

Changelog

Sourced from github.com/getsentry/sentry-go's changelog.

0.29.1

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.29.1.

Bug Fixes

• Correlate errors to the current trace (#886)
• Set the trace context when the transaction finishes (#888)

Misc

• Update the sentrynegroni integration to use the latest (v3.1.1) version of Negroni (#885)

0.29.0

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.29.0.

Breaking Changes

• Remove the sentrymartini integration (#861)
• The WrapResponseWriter has been moved from the sentryhttp package to the internal/httputils package. If you've imported it previosuly, you'll need to copy the implementation in your project. (#871)

Features

• Add new convenience methods to continue a trace and propagate tracing headers for error-only use cases. (#862)

  If you are not using one of our integrations, you can manually continue an incoming trace by using sentry.ContinueTrace() by providing the sentry-trace and baggage header received from a downstream SDK.

  hub := sentry.CurrentHub()
  sentry.ContinueTrace(hub, r.Header.Get(sentry.SentryTraceHeader), r.Header.Get(sentry.SentryBaggageHeader)),

  You can use hub.GetTraceparent() and hub.GetBaggage() to fetch the necessary header values for outgoing HTTP requests.

  hub := sentry.GetHubFromContext(ctx)
  req, _ := http.NewRequest("GET", "http://localhost:3000", nil)
  req.Header.Add(sentry.SentryTraceHeader, hub.GetTraceparent())
  req.Header.Add(sentry.SentryBaggageHeader, hub.GetBaggage())

Bug Fixes

• Initialize HTTPTransport.limit if nil (#844)
• Fix sentry.StartTransaction() returning a transaction with an outdated context on existing transactions (#854)
• Treat Proxy-Authorization as a sensitive header (#859)
• Add support for the http.Hijacker interface to the sentrynegroni package (#871)
• Go version >= 1.23: Use value from http.Request.Pattern for HTTP transaction names when using sentryhttp & sentrynegroni (#875)
• Go version >= 1.21: Fix closure functions name grouping (#877)

... (truncated)

Commits

• 4a56cff release: 0.29.1
• 963131a Prepare 0.29.1 (#891)
• 20684c7 Push a new scope when a span is started (#886)
• 2935366 Fix applying the trace context on events (#888)
• 951e363 build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (#890)
• e009c2e build(deps): bump codecov/codecov-action from 4.5.0 to 4.6.0 (#889)
• 0e63d39 upgrade negroni to latest version (#885)
• a6acd05 Merge branch 'release/0.29.0'
• 1c2b1d2 release: 0.29.0
• 17096d2 Prepare 0.29.0 (#883)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.0 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

v1.20.4

• [BUGFIX] histograms: Fix a possible data race when appending exemplars vs metrics gather. #1623

v1.20.3

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

v1.20.2

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

• [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.

1.20.4 / 2024-09-07

• [BUGFIX] histograms: Fix possible data race when appending exemplars vs metrics gather. #1623

1.20.3 / 2024-09-05

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

1.20.2 / 2024-08-23

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

Commits

• 48e12a1 Merge pull request #1645 from prometheus/cut-1204-pr1424
• 504ad9b Cut 1.20.5; update comments.
• 584a7ce Revert "testutil compareMetricFamilies: make less error-prone (#1424)"
• 05fcde9 Merge pull request #1623 from krajorama/data-race-in-histogram-write
• 209f4c0 Add changelog
• 1e398cc native histogram: Fix race between Write and addExemplar
• ef2f87e Merge pull request #1620 from prometheus/arthursens/prepare-1.20.3
• 937ac63 Add changelog entry for 1.20.3
• 6e9914d Merge pull request #1608 from krajorama/index-out-of-range-native-histogram-e...
• d6b8c89 Update comments with more explanations
• Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.55.0 to 0.60.1

Release notes

Sourced from github.com/prometheus/common's releases.

v0.60.1

What's Changed

• promslog: Only log basename, not full path by @​roidelapluie in prometheus/common#705
• Reload certificates even when no CA is used by @​roidelapluie in prometheus/common#707
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#701

Full Changelog: prometheus/common@v0.60.0...v0.60.1

v0.60.0

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#692
• slog: expose io.Writer by @​jkroepke in prometheus/common#694
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#695
• promslog: use UTC timestamps for go-kit log style by @​dswarbrick in prometheus/common#696
• feat: add promslog.NewNopLogger() convenience func by @​tjhop in prometheus/common#697
• Bump golang.org/x/net from 0.28.0 to 0.29.0 by @​dependabot in prometheus/common#699
• Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 by @​dependabot in prometheus/common#698
• Update supported Go versions by @​SuperQ in prometheus/common#700

Full Changelog: prometheus/common@v0.59.1...v0.60.0

v0.59.1

What's Changed

• fix(utf8): Fix multiple metric name inside braces validation by @​fedetorres93 in prometheus/common#691

Full Changelog: prometheus/common@v0.59.0...v0.59.1

v0.59.0

What's Changed

• expfmt: Add WithEscapingScheme to help construct Formats by @​ywwg in prometheus/common#688
• Change the default escape method to UnderscoreEscaping by @​ywwg in prometheus/common#690

Full Changelog: prometheus/common@v0.58.0...v0.59.0

v0.58.0

What's Changed

• docs: mention new promslog package in package list in README by @​tjhop in prometheus/common#683
• Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by @​dependabot in prometheus/common#684
• Bump golang.org/x/net from 0.27.0 to 0.28.0 by @​dependabot in prometheus/common#685
• Remove secret file existence check in Validate for headers by @​roidelapluie in prometheus/common#687

Full Changelog: prometheus/common@v0.57.0...v0.58.0

v0.57.0

What's Changed

... (truncated)

Commits

• 653e0fa Update common Prometheus files (#701)
• 0d2e2e5 Reload certificates even when no CA is used (#707)
• a9d2e3f Merge pull request #705 from roidelapluie/sourcefile
• fdc50c7 promslog: Only log basename, not full path
• dae848d Update supported Go versions (#700)
• 63ff77e Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (#698)
• b7aa68c Bump golang.org/x/net from 0.28.0 to 0.29.0 (#699)
• 4e3a6fd feat: add promslog.NewNopLogger() convenience func (#697)
• d66e745 promslog: use UTC timestamps for go-kit log style (#696)
• 14bac55 Merge pull request #695 from prometheus/repo_sync
• Additional commits viewable in compare view

Updates github.com/sagernet/sing from 0.4.2 to 0.5.0

Commits

• 72db784 Add bind.Interface.Flags
• d59ac57 Add go1.21 compat funcs
• c635464 Add Update() error to control.InterfaceFinder
• 55908be Update linter configuration
• 6567829 Fix cached conn eats up read deadlines
• c324d41 json: Add badoption templates
• 0acb36c Minor fixes
• 26511a2 udpnat: Fix read deadline not initialized
• afd8993 windnsapi: Fix incorrect error checking
• 96bef07 Fix bad group usages
• Additional commits viewable in compare view

Updates github.com/sagernet/sing-box from 1.9.4 to 1.10.1

Release notes

Sourced from github.com/sagernet/sing-box's releases.

1.10.1

📝 Release Notes

• Fixes and improvements

1.10.0

📝 Release Notes

Important changes since 1.9:

• Introducing auto-redirect 1
• Add AdGuard DNS Filter support 2
• TUN address fields are merged 3
• Add custom options for auto-route and auto-redirect 4
• Drop support for go1.18 and go1.19 5
• Add tailing comma support in JSON configuration
• Improve sniffers 6
• Add new inline rule-set type 7
• Add access control options for Clash API 8
• Add rule_set_ip_cidr_accept_empty DNS address filter rule item 9
• Add auto reload support for local rule-set
• Update fsnotify usages 10
• Add IP address support for rule-set match command
• Add rule-set decompile command
• Add process_path_regex rule item
• Update uTLS to v1.6.7 11
• Optimize memory usages of rule-sets 12

1:

The new auto-redirect feature allows TUN to automatically configure connection redirection to improve proxy performance.

When auto-redirect is enabled, new route address set options will allow you to automatically configure destination IP CIDR rules from a specified rule set to the firewall.

Specified or unspecified destinations will bypass the sing-box routes to get better performance (for example, keep hardware offloading of direct traffics on the router).

See TUN.

2:

The new feature allows you to use AdGuard DNS Filter lists in a sing-box without AdGuard Home.

See AdGuard DNS Filter.

3:

See Migration.

4:

... (truncated)

Changelog

Sourced from github.com/sagernet/sing-box's changelog.

1.10.1

• Fixes and improvements

1.10.0

Important changes since 1.9:

• Introducing auto-redirect 1
• Add AdGuard DNS Filter support 2
• TUN address fields are merged 3
• Add custom options for auto-route and auto-redirect 4
• Drop support for go1.18 and go1.19 5
• Add tailing comma support in JSON configuration
• Improve sniffers 6
• Add new inline rule-set type 7
• Add access control options for Clash API 8
• Add rule_set_ip_cidr_accept_empty DNS address filter rule item 9
• Add auto reload support for local rule-set
• Update fsnotify usages 10
• Add IP address support for rule-set match command
• Add rule-set decompile command
• Add process_path_regex rule item
• Update uTLS to v1.6.7 11
• Optimize memory usages of rule-sets 12

1:

The new auto-redirect feature allows TUN to automatically configure connection redirection to improve proxy performance.

When auto-redirect is enabled, new route address set options will allow you to automatically configure destination IP CIDR rules from a specified rule set to the firewall.

Specified or unspecified destinations will bypass the sing-box routes to get better performance (for example, keep hardware offloading of direct traffics on the router).

See TUN.

2:

The new feature allows you to use AdGuard DNS Filter lists in a sing-box without AdGuard Home.

See AdGuard DNS Filter.

3:

See Migration.

4:

... (truncated)

Commits

• b80ec55 Bump version
• 0871811 Retry system forwarder listen
• 956ee36 Fix corrected improper use of reader and bReader
• e93d040 documentation: Fix release notes
• 137832f Bump version
• 3ede29f documentation: Improve theme
• 82ab68b build: Fix find NDK
• e55723d [dependencies] Update actions/checkout digest to eef6144
• 2f4d2d9 auto-redirect: Let fw4 take precedence over prerouting
• 926d6f7 Update utls to v1.6.7
• Additional commits viewable in compare view

Updates github.com/urfave/cli/v2 from 2.27.4 to 2.27.5

Release notes

Sourced from github.com/urfave/cli/v2's releases.

v2.27.5

What's Changed

• docs(flag): add UseShortOptionHandling description by @​BlackHole1 in urfave/cli#1956
• [Backport] Fix: Use $0 env var to correctly retrieve the current active shell by @​asahasrabuddhe in urfave/cli#1970
• Update dependencies in v2-maint by @​meatballhat in urfave/cli#1980

Full Changelog: urfave/cli@v2.27.4...v2.27.5

Commits

• f035ffa Merge pull request #1980 from urfave/v2-update-deps
• 6b0d484 Adjust test data doc to use current md2man format
• 6227bb0 Update dependencies to latest
• bcc6869 Merge pull request #1970 from asahasrabuddhe/backport-issue-1884
• e3ff573 fix: /bin/zsh env variable to retrieve current active shell
• 9114559 Merge pull request #1956 from BlackHole1/improve-flags-docs
• 584e28a Merge branch 'v2-maint' into improve-flags-docs
• 376a256 Update docs/v2/examples/flags.md
• 43eafe1 docs(flag): add UseShortOptionHandling description
• See full diff in compare view

Updates github.com/xtls/xray-core from 1.8.23 to 1.8.24

Release notes

Sourced from github.com/xtls/xray-core's releases.

Xray-core v1.8.24

Donation & NFTs

在等待 SplitHTTP multiplex controller 期间，main 分支已经积累了大量重要更新，所以我们决定先发一个版本，主要有：

• SplitHTTP 的 header padding，H3 支持 dialerProxy，以及一些修复
• Socks 入站默认兼容 HTTP 代理请求（mixed）
• Fragment 支持 tlshello 被分片后在同一个 TCP 帧中发送
• UDP noise（preview，下个版本可能会改）

And we have created Project VLESS for non-Chinese participants (Russian mainly).

此外，我们开始通过 NFT 的形式接受捐款，详见 [Announcement of NFTs by Project X #3633](XTLS/Xray-core#3633)

正如大家所看到的，Xray-core v1.8 已经不小心持续了一年多的时间，我们发现流式更新是一个不错的形式。然而由于传统版本号的存在，为每个版本规划功能、进行排期已经严重阻碍了新功能的开发、合并、发布。就像这次本来在等 multiplex controller，以及已经有很多 PR 在等 v1.9，并且我们还给 v1.10 及以后的版本号规划了更多功能，要很久才能排到。

所以我们决定从下个版本开始弃用传统的版本号，改用发版日期作为版本号，如 v24.8.30，并取消版本规划，全面采用流式更新，写好的功能直接合并，不再等待，预计每月月底发一个版本。 毕竟对于反审查软件来说，相较于传统的版本号，新功能的及时性、每月更新更为重要，而不是发一个功能确定的版本并长期维护，我们也没有过这样的习惯。

补充：并不一定按月更新，changes 突然积累多了同样可以发版，如果新版有 bug 的话应当给至少一天冷静期，不会同一天发两个版本。下个版本会移除一些历史久远的代码，以后日常积累新代码、提醒迁移，跨年新版删代码、breaking。

我们相信有了各位的捐款以及对发版形式的革新，Xray-core 这个项目会发展得更好。

Changes

• Freedom: Add UDP noise #3711 @​dragonbreath2000 @​mmmray
• DNS: Support queryStrategy config for UDP NameServer #3728 @​xiaorouji
• Mux server: Fix data leak between connections #3718 @​mmmray
• Issues template: Add require for latest version XTLS/Xray-core@34e0a2f @​Fangliding
• SplitHTTP: Fix connection leaks and crashes #3710 @​mmmray
• Pin protobuf packages #3715 @​mmmray
• Chore: Fix some comment typos #3716 @​curlwget
• Wireguard inbound: Fix no route when bind to interface #3698 @​chise0713
• SplitHTTP client: Do not produce too large upload #3691 @​mmmray
• Config: Combine filename and format into a new struct #3687 @​jadeydi
• Log: Add "from" before source address XTLS/Xray-core@11b0480 @​RPRX
• Socks inbound: Support HTTP inbound by default #3682 @​Fangliding @​RPRX
• Commands: Use creflect.MarshalToJson() as output #3674 @​yuhan6665
• DialerProxy: Fix SplitHTTP H3 dialerProxy #3570 @​mmmray
• SplitHTTP server: Add "Cache-Control: no-store" to GET response #3652 @​PoneyClairDeLune
• SplitHTTP server: Only "ok" to older clients #3671 @​mmmray
• SplitHTTP: Replace responseOkPadding with xPaddingBytes #3643 @​mmmray
• Commands: Add convert with two sub-commands #3661 @​vrnobody
• SplitHTTP client: Raise idle timeout to 5 minutes, Add h*KeepalivePeriod #3624 @​mmmray
• Freedom: Combine fragmented tlshello if interval is 0 #3663 @​Fangliding @​RPRX @​radioactiveAHM
• API: Improve MarshalToJson() in common/reflect/marshal.go #3655 @​vrnobody
• Docker: Fix permissions of geosite and geodat #3634 @​definitio
• Socks4a server: Check if the client sends an IP address as domain #3628 @​Fangliding

以及更新 README，升级一些依赖，使用 Go 1.23 进行编译。

Commits

• 6baad79 v1.8.24
• 98e85b7 Bump google.golang.org/grpc from 1.65.0 to 1.66.0 (#3740)
• 002d08b UDP noise (#3711)
• 8674ed5 Support DNS queryStrategy config for UDP NameServer (#3728)
• 815a959 Fix freedom PacketReader/PacketWriter type assertion (#3734)
• 1cfed96 README.md: Add Project VLESS to Telegram
• 592c2da Update go 1.23 (#3730)
• 5d7dfbb Bump github.com/vishvananda/netlink from 1.2.1 to 1.3.0 (#3729)
• 3dd3bf9 Fix data leak between mux.cool connections (#3718)
• c0c23fd Bump github.com/vishvananda/netlink (#3719)
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

• 151027e README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/time from 0.6.0 to 0.8.0

Commits

• 3846194 README: don't recommend go get
• 772484e x/time/rate: correctly handle 0 limits
• See full diff in compare view

Updates google.golang.org/grpc from 1.65.0 to 1.66.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.66.0

New Features

• metadata: stabilize ValueFromIncomingContext (#7368)
  • Special Thanks: @​KarthikReddyPuli
• client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
• xds: Implement ADS flow control mechanism (#7458)
  • See grpc/grpc#34099 for context.
• balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
• xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

• grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)
  • Special Thanks: @​Gayathri625
• transport: Fix a bug which could result in writes busy looping when the underlying conn.Write returns errors (#7394)
  • Special Thanks: @​veshij
• client: fix race that could lead to orphaned connections and associated resources. (#7390)
• xds: use locality from the connected address for load reporting with pick_first (#7378)
  • without this fix, if a priority contains multiple localities with pick_first, load was reported for the wrong locality
• client: prevent hanging during ClientConn.Close() when the network is unreachable (#7540)

Performance Improvements

• transport: double buffering is avoided when using an http connect proxy and the target server waits for client to send the first message. (#7424)
• codec: Implement a new Codec which uses buffer recycling for encoded message (#7356)
  • introduce a mem package to facilitate buffer reuse (#7432)
  • Special Thanks: @​PapaCharlie

Release 1.65.1

Bug Fixes

• xds/server: Fix xDS Server memory leak. (grpc/grpc-go#7664)

Commits

• 00d3ec8 Change version to 1.66.0 (#7518)
• 973e3dc xdsclient: Populate total_issued_requests count in LRS load reports (#7544) (...
• 8e3596c cherry-pick #7557 to v1.66.x branch (#7564)
• 62baa5f cherry-pick #7356 to v1.66.x branch (#7546)
• f857020 cherry-pick #7523 to v1.66.x branch (#7547)
• 35e915e cherry-pick: transport: add timeout for writing GOAWAY on http2Client.Close()...
• 63853fd rls: update picker synchronously on configuration update (#7412)
• 86135c3 csds: unskip e2e test (#7502)
• 5d07b63 transport: change *http2Client to interface ClientTransport (#7512)
• c98235b grpclog: refactor to move implementation to grpclog/internal (#7465)
• Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.32.0 to 1.33.1

Commits

• ad49d64 retract v1.33.0
• cc08747 use internal/libc, updates #177
• 8794efa use internal/libc, updates #177
• b550c20 replace modernc.org/libc => ./internal/libc, updates #177
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #388.