bevel-operator-fabric icon indicating copy to clipboard operation
bevel-operator-fabric copied to clipboard

Published 20 hours ago verified publisher icon hyperledger

Bump the go_modules group across 2 directories with 10 updates

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps the go_modules group with 5 updates in the / directory:

Package From To
github.com/prometheus/client_golang 1.18.0 1.20.2
helm.sh/helm/v3 3.14.0 3.14.3
github.com/consensys/gnark-crypto 0.6.0 0.12.1
github.com/docker/docker 24.0.7+incompatible 25.0.6+incompatible
google.golang.org/grpc 1.58.3 1.66.0

Bumps the go_modules group with 4 updates in the /examples/client/go directory: github.com/prometheus/client_golang, golang.org/x/text, google.golang.org/grpc and google.golang.org/protobuf.

Updates github.com/prometheus/client_golang from 1.18.0 to 1.20.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.2

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

v1.20.0

Thanks everyone for contributions!

:warning: In this release we remove one (broken anyway, given Go runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT and GOMAXPROCS flags) to the default collectors.NewGoCollector() collector. Given its popular usage, expect your binary to expose two additional metric.

Changes

  • [CHANGE] :warning: go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
  • [FEATURE] :warning: go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
  • [FEATURE] testutil: Add CollectAndFormat method. #1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
  • [FEATURE] process-collectors: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #1455
  • [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.2 / 2024-08-23

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

1.20.0 / 2024-08-14

  • [CHANGE] :warning: go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
  • [FEATURE] :warning: go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
  • [FEATURE] testutil: Add CollectAndFormat method. #1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
  • [FEATURE] process-collector: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #1455
  • [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

1.19.0 / 2024-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

  • [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
  • [FEATURE] collectors: Add version collector. #1422 #1427
Commits
  • 67121dc Merge pull request #1596 from mrueg/fix-uncompressed-content-header
  • 187acd4 Cut 1.20.2
  • f7f8f3a fix: Unset Content-Encoding header when uncompressed
  • 2254d6c Merge pull request #1587 from prometheus/fix-processcollector
  • 4a15d05 Cut 1.20.1
  • f2dd7b3 Use pedantic registry in other places too, to double check.
  • 261fe84 bugfix: Pass network metrics to processCollector's Describe() function
  • 5bf3341 Use NewPedanticRegistry in Process' Collector tests
  • 73b811c Cut 1.20.0 release. (#1580)
  • 7ce5089 gocollector: Attach original runtime/metrics metric name to help. (#1578)
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.17.0 to 0.24.0

Commits
  • 332fd65 go.mod: update golang.org/x dependencies
  • 0b431c7 x509roots/fallback: update bundle
  • 349231f ssh: implement CryptoPublicKey on sk keys
  • 44c9b0f ssh: allow server auth callbacks to send additional banners
  • 67b1361 sha3: reenable s390x assembly
  • 477a5b4 sha3: make APIs usable with zero allocations
  • 59b5a86 sha3: disable s390x assembly
  • 10f366e sha3: simplify XOR functions
  • 905d78a go.mod: update golang.org/x dependencies
  • ebb717d ssh: validate key type in SSH_MSG_USERAUTH_PK_OK response
  • Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.14.0 to 3.14.3

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.14.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.14.3. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.14.4 will contain only bug fixes and be released on April 10, 2024.
  • 3.15.0 is the next feature release and will be on May 08, 2024.

Changelog

  • Add a note about --dry-run displaying secrets f03cc04caaa8f6d7c3e67cf918929150cf6f3f12 (Matt Farina)
  • add error messages 1a7330fe3802beeb3f897a1c701d8a4b9c1316c5 (George Jenkins)
  • Fix: Ignore alias validation error for index load d6acc0027dca47dec40ccdd66febd0c8bcf4813f (George Jenkins)
  • chore(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12 b2738fb782d149ffa4748cb0ee78d674986d04b0 (dependabot[bot])
  • chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.5.0 to 1.5.2 5b0847e0e763e98bcbf8a12e8f9c5f7c11d123a1 (dependabot[bot])
  • Update architecture detection method 7e18c39f0753c73e4660f3796f01f5b33f2552b5 (weidongkl)

Helm v3.14.2 is a security (patch) release. Users are strongly recommended to update to this release.

A Helm contributor discovered uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content.

Jakub Ciolek with AlphaSense discovered the vulnerability.

Installation and Upgrading

... (truncated)

Commits
  • f03cc04 Add a note about --dry-run displaying secrets
  • 1a7330f add error messages
  • d6acc00 Fix: Ignore alias validation error for index load
  • b2738fb chore(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.12
  • 5b0847e chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.5.0 to 1.5.2
  • 7e18c39 Update architecture detection method
  • c309b6f Some fixes
  • e8858f8 validation fix
  • See full diff in compare view

Updates github.com/consensys/gnark-crypto from 0.6.0 to 0.12.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.12.1

What's Changed

Full Changelog: https://github.com/Consensys/gnark-crypto/compare/v0.12.0...v0.12.1

v0.12.0

What's Changed

Full Changelog: https://github.com/Consensys/gnark-crypto/compare/v0.11.2...v0.12.0

v0.11.2

What's Changed

... (truncated)

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.11.1] - 2023-07-11

Fix

  • ECDSA HashToInt bytes-bits mismatch (#428)

[v0.11.0] - 2023-05-02

Build

  • go generate
  • generify bn254 changes
  • generify bn254 kzg changes
  • generify marshal changes
  • generify bn254 kzg changes
  • bump go1.20
  • update ci github action dependencies

Chore

  • PR feedback

Docs

  • make comments more godoc friendly
  • remove comment
  • remove DO NOT EDIT from non-autogenerated files

Feat

  • fix v computation in ECDSA signature (#385)
  • make mapToCurve public to allow for custom cofactor clearing (#372)
  • add Double in affine coordinates
  • kzg.Vk.WriteRawTo
  • bn254 encoder to support uint64 slices
  • pairing: return 1 after easy part if result is 1

Fix

  • handle all bitmask in point deserialization
  • littleEndian -> bigEndian
  • import utils
  • don't ignore multiexp error
  • minor errors
  • generation mistake
  • bn254 incorporate evals into kzg batch challenge
  • kzg: nb of digests in BatchVerifyMultiPoints should be nonzeo
  • linter: ineffassign in Fpk marshal

Perf

  • kzg: remove G2 scalar mul in single verification

Refactor

  • break pedersen key into proving (committing) and verifying

... (truncated)

Commits
  • da0317f clean: remove useless snippet in mulWindowed (#453)
  • 65cdb1d Feat/kzg extended transcript (#452)
  • 95e674b perf(fft): introduce cache efficient bit reverse shuffling (#446)
  • ec6be1a Merge pull request #451 from Consensys/fix/glv
  • aef1eef fix: add GT ExpGLV fix to BLS24 + BW6
  • feaf161 fix: merge and fix tests for expGLV
  • ced3076 fix: use max(size(s1), size(s2)) for ExpGLV
  • 4096ad9 feat: discared useless files
  • ace5318 Merge pull request #450 from jsign/jsign-eq-improv
  • dc4e2d4 feat: added test for [-s]G=-[s]G
  • Additional commits viewable in compare view

Updates github.com/docker/docker from 24.0.7+incompatible to 25.0.6+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.6

25.0.6

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a fix for CVE-2024-41110 / GHSA-v23v-6jw2-98fq that impacted setups using authorization plugins (AuthZ) for access control.

Bug fixes and enhancements

  • [25.0] remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47695
  • [25.0 backport] Fix a nil dereference when getting image history for images having layers without the Created value set. moby/moby#47759
  • [25.0 backport] apparmor: Allow confined runc to kill containers. moby/moby#47830
  • [25.0 backport] Fix an issue where rapidly promoting a Swarm node after another node was demoted could cause the promoted node to fail its promotion. moby/moby#47869
  • [25.0 backport] don't depend on containerd platform.Parse to return a typed error. moby/moby#47890
  • [25.0 backport] builder/mobyexporter: Add missing nil check moby/moby#47987

Packaging updates

Full Changelog: https://github.com/moby/moby/compare/v25.0.5...v25.0.6

v25.0.5

25.0.5

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

Bug fixes and enhancements

  • CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589

  • plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#47588

  • rootless: fix open /etc/docker/plugins: permission denied. moby/moby#47587

  • Fix multiple parallel docker build runs leaking disk space. moby/moby#47527

... (truncated)

Commits
  • b08a51f Merge pull request #48231 from austinvazquez/backport-vendor-otel-v0.46.1-to-...
  • d151b0f vendor: OTEL v0.46.1 / v1.21.0
  • c6ba9a5 Merge pull request #48225 from austinvazquez/backport-workflow-artifact-reten...
  • 4673a3c Merge pull request #48227 from austinvazquez/backport-backport-branch-check-t...
  • 30f8908 github/ci: Check if backport is opened against the expected branch
  • 7454d6a ci: update workflow artifacts retention
  • 65cc597 Merge commit from fork
  • b722836 Merge pull request #48199 from austinvazquez/update-containerd-binary-to-1.7.20
  • e8ecb9c update containerd binary to v1.7.20
  • e6cae1f update containerd binary to v1.7.19
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.19.0 to 0.26.0

Commits
  • 66e838c go.mod: update golang.org/x dependencies
  • 6249541 http2: avoid race in server handler SetReadDeadine/SetWriteDeadline
  • 603e3e6 quic: disable X25519Kyber768Draft00 in tests
  • 67e8d0c http2: report an error if goroutines outlive serverTester tests
  • 5608279 http2: avoid corruption in priority write scheduler
  • 0d515a5 http2: factor out frame read/write test functions
  • 9f5b79b http2: drop unused retry function
  • 03c24c2 http2: use synthetic time in server tests
  • 022530c http2: add a more full-featured test net.Conn
  • 410d19e http2: avoid racy access to clientStream.requestedGzip
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.16.0 to 0.22.0

Commits
  • faed7ec unix: add PthreadChdir and PthreadFchdir on darwin
  • c892bb7 unix: fix MmapPtr test failing on OpenBSD
  • a0ef40a unix: fix MremapPtr test failing on NetBSD
  • daa2394 unix: add unsafe mmap, munmap, mremap
  • 7670087 windows: add GetAce Windows API
  • 348425a windows/svc: do not pass theService to windows.RegisterServiceCtrlHandlerEx
  • 673e0f9 unix: skip ethtool driver test for busy interface
  • 6943ab6 unix/linux: update glibc to 2.39
  • 92f3ad6 unix: update to Linux kernel 6.9
  • f34bb9f windows: add net user enum
  • Additional commits viewable in compare view

Updates golang.org/x/text from 0.14.0 to 0.16.0

Commits
  • 434eadc language: reject excessively large Accept-Language strings
  • 23407e7 go.mod: ignore cyclic dependency for tagging
  • b18d3dd secure/precis: replace bytes.Compare with bytes.Equal
  • 795e854 all: replace io/ioutil with io and os package
  • b0ca10f internal/language: bump script types to uint16 and update registry
  • ba9b0e1 go.mod: update x/tools to HEAD
  • d03b418 A+C: delete AUTHORS and CONTRIBUTORS
  • b4bca84 language/display: fix Tag method comment
  • ea49e3e go.mod: update x/tools to HEAD
  • 78819d0 go.mod: update to golang.org/x/text v0.1.10
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.58.3 to 1.66.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.66.0

New Features

  • metadata: stabilize ValueFromIncomingContext (#7368)
  • client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
  • xds: Implement ADS flow control mechanism (#7458)
  • balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
  • xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

  • grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)
  • transport: Fix a bug which could result in writes busy looping when the underlying conn.Write returns errors (#7394)
  • client: fix race that could lead to orphaned connections and associated resources. (#7390)
  • xds: use locality from the connected address for load reporting with pick_first (#7378)
    • without this fix, if a priority contains multiple localities with pick_first, load was reported for the wrong locality
  • client: prevent hanging during ClientConn.Close() when the network is unreachable (#7540)

Performance Improvements

  • transport: double buffering is avoided when using an http connect proxy and the target server waits for client to send the first message. (#7424)
  • codec: Implement a new Codec which uses buffer recycling for encoded message (#7356)

Release 1.65.0

Dependencies

  • Change support policy to cover only the latest TWO releases of Go, matching the policy for Go itself. See #7249 for more information. (#7250)
  • Update x/net/http2 to address CVE-2023-45288 (#7282)

Behavior Changes

  • credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)
    • NOTE: this behavior will become the default in a future release.
  • metadata: remove String method from MD to make printing more consistent (#7373)

New Features

  • grpc: add WithMaxCallAttempts to configure gRPC's retry behavior per-channel. (#7229)

Bug Fixes

  • ringhash: properly apply endpoint weights instead of ignoring them (#7156)
  • xds: fix a bug that could cause xds-enabled servers to stop accepting new connections after handshaking errors (#7128)

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.31.0 to 1.34.2

Updates github.com/prometheus/client_golang from 1.1.0 to 1.11.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.2

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

v1.20.0

Thanks everyone for contributions!

:warning: In this release we remove one (broken anyway, given Go runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT and GOMAXPROCS flags) to the default collectors.NewGoCollector() collector. Given its popular usage, expect your binary to expose two additional metric.

Changes

  • [CHANGE] :warning: go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
  • [FEATURE] :warning: go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
  • [FEATURE] testutil: Add CollectAndFormat method. #1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
  • [FEATURE] process-collectors: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #1455
  • [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

dependabot[bot] avatar Sep 04 '24 17:09 dependabot[bot]