Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the gomod-version group with 13 updates #308

Closed
wants to merge 3 commits into from
Closed

Bump the gomod-version group with 13 updates #308

wants to merge 3 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 1, 2024
edited
Loading

Bumps the gomod-version group with 13 updates:

Package From To
github.com/cespare/xxhash/v2 2.2.0 2.3.0
github.com/evanphx/json-patch 5.7.0+incompatible 5.9.0+incompatible
github.com/go-logr/logr 1.3.0 1.4.1
github.com/jzelinskie/stringz 0.0.2 0.0.3
github.com/stretchr/testify 1.8.4 1.9.0
k8s.io/api 0.28.3 0.30.0
k8s.io/apimachinery 0.28.3 0.30.0
k8s.io/apiserver 0.28.3 0.30.0
k8s.io/cli-runtime 0.28.3 0.30.0
k8s.io/component-base 0.28.3 0.30.0
k8s.io/controller-manager 0.28.3 0.30.0
k8s.io/klog/v2 2.110.1 2.120.1
k8s.io/kubectl 0.28.3 0.30.0

Updates github.com/cespare/xxhash/v2 from 2.2.0 to 2.3.0

Commits
  • 998dce2 Add initial support for custom seeds
  • 21fc82b feat: add badger to the projects using this package on README.md
  • 66b1409 feat: add ristretto to the Projects using this package on README.md
  • fe2f6e8 Update Go versions for GH action
  • See full diff in compare view

Updates github.com/evanphx/json-patch from 5.7.0+incompatible to 5.9.0+incompatible

Release notes

Sourced from github.com/evanphx/json-patch's releases.

v5.9.0

What's Changed

Full Changelog: evanphx/json-patch@v5.8.1...v5.9.0

Fix API breakage

This PR fixes Operation containing a reference to internal/json and breaking the ability to manually compose one. This restores that ability using a type alias.

Full Changelog: evanphx/json-patch@v5.8.0...v5.8.1

Blargh Phixs and Empathyprovements

This release fixes a few stray panics, addresses large number accuracy, and improves performance!

What's Changed

Full Changelog: evanphx/json-patch@v5.7.0...v5.8.0

Commits
  • b7a4e4a Merge pull request #202 from evanphx/f-html-escape
  • 7eef36c Guard using options to avoid a crash bug
  • 1bcbd0f Merge pull request #201 from evanphx/b-null
  • 9d7ba23 Add option to control if the output is HTMLEscaped
  • 009bc56 Validate that the partialDoc is decoded correctly
  • b82b685 Use a type alias for RawMessage to avoid breaking the public API of Operation
  • 05c9526 Merge pull request #197 from evanphx/f-perf
  • 7a438a6 Minor simplifications
  • 2a122d1 More optimizations
  • 174e1d7 Add MergePatch benchmark
  • Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.3.0 to 1.4.1

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.1

What's Changed

Full Changelog: go-logr/logr@v1.4.0...v1.4.1

v1.4.0

This release dramatically improves interoperability with Go's log/slog package. In particular, logr.NewContext and logr.NewContextWithSlogLogger use the same context key, which allows logr.FromContext and logr.FromContextAsSlogLogger to return logr.Logger or *slog.Logger respectively, including transparently converting each to the other as needed.

Functions logr/slogr.NewLogr and logr/slogr.ToSlogHandler have been superceded by logr.FromSlogHandler and logr.ToSlogHandler respectively, and type logr/slogr.SlogSink has been superceded by logr.SlogSink. All of the old names in logr/slogr remain, for compatibility.

Package logr/funcr now supports logr.SlogSink, meaning that it's output passes all but one of the Slog conformance tests (that exception being that funcr handles the timestamp itself).

Users who have a logr.Logger and need a *slog.Logger can call slog.New(logr.ToSlogHandler(...)) and all output will go through the same stack.

Users who have a *slog.Logger or slog.Handler can call logr.FromSlogHandler(...) and all output will go through the same stack.

What's Changed

New Contributors

Full Changelog: go-logr/logr@v1.3.0...v1.4.0

Commits
  • dcdc3f2 slogr: fix unintended API break in v0.8.0 (#253)
  • 5d88f52 funcr: Add LogInfoLevel Option to skip logging level in the info log (#240)
  • 177005d build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0
  • e7f489a build(deps): bump github/codeql-action from 2.22.9 to 3.22.11
  • cf56c3b build(deps): bump actions/setup-go from 4 to 5
  • 2ad296e build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
  • d55b4e2 Merge pull request #241 from thockin/master
  • 98ee9d9 Clean up slog testing and restore coverage
  • b228ba8 Break examples to new file
  • 6432877 Add benchmarks for slogSink
  • Additional commits viewable in compare view

Updates github.com/jzelinskie/stringz from 0.0.2 to 0.0.3

Release notes

Sourced from github.com/jzelinskie/stringz's releases.

v0.0.3

Full Changelog: jzelinskie/stringz@v0.0.2...v0.0.3

Commits

Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

... (truncated)

Commits
  • bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
  • 814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
  • e045612 Merge pull request #1339 from bogdandrutu/uintptr
  • 5b6926d Merge pull request #1385 from hslatman/not-implements
  • 9f97d67 Merge pull request #1550 from stretchr/release-notes
  • bcb0d3f Include the auto-release notes in releases
  • fb770f8 Merge pull request #1247 from ccoVeille/typos
  • 85d8bb6 fix typos in comments, tests and github templates
  • e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
  • 6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
  • Additional commits viewable in compare view

Updates k8s.io/api from 0.28.3 to 0.30.0

Commits
  • fb932d2 Update dependencies to v0.30.0 tag
  • d014286 Merge remote-tracking branch 'origin/master' into release-1.30
  • 581c1b8 Update x/net for CVE-2023-45288
  • 35ca1f4 Merge pull request #123932 from pohly/dra-api-resource-model-rename
  • b048bd8 Merge pull request #123909 from AkihiroSuda/fix-123906
  • f06d24a dra api: NodeResourceModel -> ResourceModel
  • 30e3187 api: NodeStatus: rename RuntimeClasses to RuntimeHandlers
  • 96558b9 Merge pull request #123792 from mimowo/propose-api-comments-fix
  • 089c7ca Merge pull request #123180 from AkihiroSuda/rro
  • b50824d api: KEP-3857: Recursive Read-only (RRO) mounts
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.28.3 to 0.30.0

Commits
  • 37988e5 Merge remote-tracking branch 'origin/master' into release-1.30
  • c857a38 Update x/net for CVE-2023-45288
  • 0407311 followup to allow special characters
  • 25164f7 Merge pull request #123435 from tallclair/apparmor-ga
  • cbfe0a1 Merge pull request #123758 from liggitt/protobump
  • 21d26b6 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 0c29f84 Merge pull request #123385 from HirazawaUi/allow-special-characters
  • 60d24f2 Merge pull request #123708 from p0lyn0mial/upstream-const-watchlist-bookmark-...
  • 513d23a apimachinery/meta/types.go: define InitialEventsAnnotationKey const
  • 67cb3a8 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • Additional commits viewable in compare view

Updates k8s.io/apiserver from 0.28.3 to 0.30.0

Commits
  • 9b2e61f Update dependencies to v0.30.0 tag
  • 15c77ce Merge remote-tracking branch 'origin/master' into release-1.30
  • 61d3001 Rename cluster to storage_cluster_id for apiserver_storage_size_bytes metric
  • d97582e Merge remote-tracking branch 'origin/master' into release-1.30
  • 2071c4d Update x/net for CVE-2023-45288
  • 341f6df Merge pull request #123994 from serathius/undo-double-run-test-watch-semantics
  • 7a3a726 Undo double run of the TestWatchSemantics test to avoid hitting timeout
  • e166c44 Merge pull request #123785 from seans3/streamtunnel-unit-tests
  • ec72042 Merge pull request #123935 from serathius/consistent-watch-from-etcd
  • 13a815b Serve watch without resourceVersion from cache and introduce a WatchFromStora...
  • Additional commits viewable in compare view

Updates k8s.io/cli-runtime from 0.28.3 to 0.30.0

Commits
  • d57b959 Update dependencies to v0.30.0 tag
  • ceb92ba Merge remote-tracking branch 'origin/master' into release-1.30
  • 60fc039 Update x/net for CVE-2023-45288
  • c8b7f6a Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • eeedba7 Merge pull request #123529 from thockin/go-workspaces
  • ba82cfd Fix up go.mod files after reviews
  • 76839ee Remove old gengo detritus
  • 0e03d76 Re-vendor latest kube-openapi and gengo/v2
  • 5f372cd Generate go.work files
  • c66e3bf Merge pull request #122569 from IvoGoman/wrap-nomatcherror
  • Additional commits viewable in compare view

Updates k8s.io/component-base from 0.28.3 to 0.30.0

Commits
  • 98e79b8 Update dependencies to v0.30.0 tag
  • 0ac84ef Merge remote-tracking branch 'origin/master' into release-1.30
  • 2e27a0c Update x/net for CVE-2023-45288
  • ecbd1b6 Merge pull request #123732 from serathius/parallel-featureflags
  • b0a6e40 Merge pull request #123758 from liggitt/protobump
  • 0e945e3 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • a626a5c Fix SetFeatureGateDuringTest handling of Parallel tests
  • 15d726c Merge pull request #123529 from thockin/go-workspaces
  • f3d8039 Fix up go.mod files after reviews
  • e3050ed Remove old gengo detritus
  • Additional commits viewable in compare view

Updates k8s.io/controller-manager from 0.28.3 to 0.30.0

Commits
  • 911ec76 Update dependencies to v0.30.0 tag
  • 03b86ed Merge remote-tracking branch 'origin/master' into release-1.30
  • abe9d11 Update x/net for CVE-2023-45288
  • c9f34cd Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • 2207feb Merge pull request #123529 from thockin/go-workspaces
  • 794eaf0 Merge pull request #123613 from aojea/revert_ccm
  • f149691 Revert "[cloud-provider] require providerID to initialize node"
  • 05eba06 Merge pull request #123331 from aojea/ccm_update
  • 8135342 Fix up go.mod files after reviews
  • 3c1067c Merge pull request #123562 from jpbetz/bump-cel-go-0_17_8
  • Additional commits viewable in compare view

Updates k8s.io/klog/v2 from 2.110.1 to 2.120.1

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.30 (Take 2)

What's Changed

Full Changelog: kubernetes/klog@v2.120.0...v2.120.1

Prepare klog release for Kubernetes v1.30 (Take 1)

What's Changed

New Contributors

Full Changelog: kubernetes/klog@v2.110.1...v2.120.0

Commits
  • 007e661 textlogger: allow caller to override stack unwinding
  • 2d08296 Merge pull request #396 from pohly/slog-helper
  • e4deee8 slog: use main logr package instead of logr/slogr
  • 5d1d2d5 add SetSlogLogger
  • 39afdba dependencies: logr v1.4.1
  • 2086216 Merge pull request #393 from kaisoz/add-safeptr
  • 881fa0b Add SafePtr wrapper
  • 8dd3f2e Merge pull request #395 from pohly/readme-update
  • d3dd725 docs: clarify relationship between different features
  • 761b630 Merge pull request #394 from pohly/owners-update
  • Additional commits viewable in compare view

Updates k8s.io/kubectl from 0.28.3 to 0.30.0

Commits
  • 321896d Update dependencies to v0.30.0 tag
  • 0fe334a Merge remote-tracking branch 'origin/master' into release-1.30
  • 2050251 Update x/net for CVE-2023-45288
  • f1fd500 Bump github.com/golang/protobuf v1.5.4, google.golang.org/protobuf v1.33.0
  • d982873 Merge pull request #122653 from ardaguclu/interactive-delete-e2e-test
  • 90ec7ff Merge pull request #120346 from ardaguclu/custom-debug-profile
  • 49f3ec9 Add e2e test for kubectl interactive delete
  • 14d23cc Add custom debug profiles on top of static profiles
  • 2855ed1 Merge pull request #123413 from seans3/tunneling-spdy-websockets
  • 18888da adds comments to tunnelingResponseWriter
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gomod-version group with 13 updates
48fc985 
Bumps the gomod-version group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/cespare/xxhash/v2](https://github.com/cespare/xxhash) | `2.2.0` | `2.3.0` |
| [github.com/evanphx/json-patch](https://github.com/evanphx/json-patch) | `5.7.0+incompatible` | `5.9.0+incompatible` |
| [github.com/go-logr/logr](https://github.com/go-logr/logr) | `1.3.0` | `1.4.1` |
| [github.com/jzelinskie/stringz](https://github.com/jzelinskie/stringz) | `0.0.2` | `0.0.3` |
| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.4` | `1.9.0` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.28.3` | `0.30.0` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.28.3` | `0.30.0` |
| [k8s.io/apiserver](https://github.com/kubernetes/apiserver) | `0.28.3` | `0.30.0` |
| [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.28.3` | `0.30.0` |
| [k8s.io/component-base](https://github.com/kubernetes/component-base) | `0.28.3` | `0.30.0` |
| [k8s.io/controller-manager](https://github.com/kubernetes/controller-manager) | `0.28.3` | `0.30.0` |
| [k8s.io/klog/v2](https://github.com/kubernetes/klog) | `2.110.1` | `2.120.1` |
| [k8s.io/kubectl](https://github.com/kubernetes/kubectl) | `0.28.3` | `0.30.0` |


Updates `github.com/cespare/xxhash/v2` from 2.2.0 to 2.3.0
- [Commits](cespare/xxhash@v2.2.0...v2.3.0)

Updates `github.com/evanphx/json-patch` from 5.7.0+incompatible to 5.9.0+incompatible
- [Release notes](https://github.com/evanphx/json-patch/releases)
- [Commits](evanphx/json-patch@v5.7.0...v5.9.0)

Updates `github.com/go-logr/logr` from 1.3.0 to 1.4.1
- [Release notes](https://github.com/go-logr/logr/releases)
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md)
- [Commits](go-logr/logr@v1.3.0...v1.4.1)

Updates `github.com/jzelinskie/stringz` from 0.0.2 to 0.0.3
- [Release notes](https://github.com/jzelinskie/stringz/releases)
- [Commits](jzelinskie/stringz@v0.0.2...v0.0.3)

Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

Updates `k8s.io/api` from 0.28.3 to 0.30.0
- [Commits](kubernetes/api@v0.28.3...v0.30.0)

Updates `k8s.io/apimachinery` from 0.28.3 to 0.30.0
- [Commits](kubernetes/apimachinery@v0.28.3...v0.30.0)

Updates `k8s.io/apiserver` from 0.28.3 to 0.30.0
- [Commits](kubernetes/apiserver@v0.28.3...v0.30.0)

Updates `k8s.io/cli-runtime` from 0.28.3 to 0.30.0
- [Commits](kubernetes/cli-runtime@v0.28.3...v0.30.0)

Updates `k8s.io/component-base` from 0.28.3 to 0.30.0
- [Commits](kubernetes/component-base@v0.28.3...v0.30.0)

Updates `k8s.io/controller-manager` from 0.28.3 to 0.30.0
- [Commits](kubernetes/controller-manager@v0.28.3...v0.30.0)

Updates `k8s.io/klog/v2` from 2.110.1 to 2.120.1
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](kubernetes/klog@v2.110.1...v2.120.1)

Updates `k8s.io/kubectl` from 0.28.3 to 0.30.0
- [Commits](kubernetes/kubectl@v0.28.3...v0.30.0)

---
updated-dependencies:
- dependency-name: github.com/cespare/xxhash/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: github.com/evanphx/json-patch
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: github.com/go-logr/logr
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: github.com/jzelinskie/stringz
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod-version
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/cli-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/component-base
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/controller-manager
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
- dependency-name: k8s.io/kubectl
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner May 1, 2024 16:20
@dependabot dependabot bot added the area/dependencies Affects dependencies label May 1, 2024
@vroldanbet vroldanbet force-pushed the dependabot/go_modules/gomod-version-b25a4a7881 branch from f64da33 to 59c7d6b Compare May 2, 2024 08:25
@vroldanbet
Copy link
Contributor

@ecordell k8s module updates can't proceed due to the client-go replace:

// remove after switching to openapi for patchmeta
k8s.io/client-go => github.com/ecordell/client-go v1.28.0-patchmeta

Perhaps we want to look into this otherwise the operator deps are behind. I'd assume a security vuln could act as forcing function.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 1, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jun 1, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/gomod-version-b25a4a7881 branch June 1, 2024 16:53
@github-actions github-actions bot locked and limited conversation to collaborators Jun 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
area/dependencies Affects dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@vroldanbet