tape icon indicating copy to clipboard operation
tape copied to clipboard
verified publisher icon Hyperledger-TWGC

Bump the go-dependencies group with 7 updates

Open dependabot[bot] opened this issue 6 months ago • 2 comments

Bumps the go-dependencies group with 7 updates:

Package From To
github.com/hyperledger/fabric-protos-go-apiv2 0.3.4 0.3.7
github.com/onsi/ginkgo/v2 2.22.2 2.23.4
github.com/onsi/gomega 1.36.2 1.36.3
github.com/prometheus/client_golang 1.20.5 1.22.0
golang.org/x/time 0.9.0 0.11.0
google.golang.org/grpc 1.69.2 1.72.2
google.golang.org/protobuf 1.36.2 1.36.5

Updates github.com/hyperledger/fabric-protos-go-apiv2 from 0.3.4 to 0.3.7

Commits

Updates github.com/onsi/ginkgo/v2 from 2.22.2 to 2.23.4

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.23.4

2.23.4

Prior to this release Ginkgo would compute the incorrect number of available CPUs when running with -p in a linux container. Thanks to @​emirot for the fix!

Features

  • Add automaxprocs for using CPUQuota [2b9c428]

Fixes

  • clarify gotchas about -vet flag [1f59d07]

Maintenance

  • bump dependencies [2d134d5]

v2.23.3

2.23.3

Fixes

  • allow - as a standalone argument [cfcc1a5]
  • Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
  • ignore exit code for symbol test on linux [88e2282]

v2.23.2

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

v2.23.1

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

  • make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
  • emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

... (truncated)

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.23.4

Prior to this release Ginkgo would compute the incorrect number of available CPUs when running with -p in a linux container. Thanks to @​emirot for the fix!

Features

  • Add automaxprocs for using CPUQuota [2b9c428]

Fixes

  • clarify gotchas about -vet flag [1f59d07]

Maintenance

  • bump dependencies [2d134d5]

2.23.3

Fixes

  • allow - as a standalone argument [cfcc1a5]
  • Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
  • ignore exit code for symbol test on linux [88e2282]

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

  • make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
  • emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

This might cause existing CI builds to fail. If so then it's likely that your CI build was misconfigured and should be corrected. Open an issue if you need help.

2.23.0

... (truncated)

Commits
  • 229c981 v2.23.4
  • 2d134d5 bump dependencies
  • 2b9c428 Add automaxprocs for using CPUQuota
  • 31137de Revert "Add automaxprocs to automatically match the linux container CPU Quota"
  • 91b11b8 Add automaxprocs to automatically match the linux container CPU Quota
  • cdfddb6 maybe escape quotes when you put them in a quoted string.
  • 1f59d07 clarify gotchas about -vet flag
  • 7ab7d10 bump all the things
  • 04a9a74 v2.23.3
  • cfcc1a5 allow - as a standalone argument
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.36.2 to 1.36.3

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.3

1.36.3

Maintenance

  • bump all the things [adb8b49]
  • chore: replace interface{} with any [7613216]
  • Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
  • remove spurious "toolchain" from go.mod (#819) [a0e85b9]
  • Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
  • Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
  • Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
  • Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
  • Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
  • Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
  • Fix typos (#813) [a1d518b]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.3

Maintenance

  • bump all the things [adb8b49]
  • chore: replace interface{} with any [7613216]
  • Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
  • remove spurious "toolchain" from go.mod (#819) [a0e85b9]
  • Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
  • Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
  • Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
  • Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
  • Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
  • Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
  • Fix typos (#813) [a1d518b]
Commits
  • 2251143 v1.36.3
  • adb8b49 bump all the things
  • 7613216 chore: replace interface{} with any
  • 9fe5259 Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822)
  • a0e85b9 remove spurious "toolchain" from go.mod (#819)
  • 604a8b1 Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823)
  • 36fbc84 Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772)
  • ced70d7 Bump github-pages from 231 to 232 in /docs (#778)
  • c8b4a07 Bump rexml from 3.2.6 to 3.3.9 in /docs (#788)
  • 06431b9 Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812)
  • Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.5 to 1.22.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.22.0 - 2025-04-07

:warning: This release contains potential breaking change if you use experimental zstd support introduce in #1496 :warning:

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] :warning: promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.22.0 / 2025-04-07

:warning: This release contains potential breaking change if you use experimental zstd support introduce in #1496 :warning:

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] :warning: promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

1.21.1 / 2025-03-04

  • [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
  • [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

1.21.0 / 2025-02-17

:warning: This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang. :warning:

New common version changes model.NameValidationScheme global variable, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change model.NameValidationScheme to old model.LegacyValidation value in your project init function.

  • [BUGFIX] gocollector: Fix help message for runtime/metric metrics. #1583
  • [BUGFIX] prometheus: Fix Desc.String() method for no labels case. #1687
  • [ENHANCEMENT] prometheus: Optimize popular prometheus.BuildFQName function; now up to 30% faster. #1665
  • [ENHANCEMENT] prometheus: Optimize Inc, Add and Observe cumulative metrics; now up to 50% faster under high concurrent contention. #1661
  • [CHANGE] Upgrade prometheus/common to 0.62.0 which changes model.NameValidationScheme global variable. #1712
  • [CHANGE] Add support for Go 1.23. #1602
  • [FEATURE] process_collector: Add support for Darwin systems. #1600 #1616 #1625 #1675 #1715
  • [FEATURE] api: Add ability to invoke CloseIdleConnections on api.Client using api.Client.(CloseIdler).CloseIdleConnections() casting. #1513
  • [FEATURE] promhttp: Add promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). #1408
  • [FEATURE] prometheus: Add NewConstNativeHistogram function. #1654
Commits
  • d50be25 Cut 1.22.0 (#1793)
  • 1043db7 Cut 1.22.0-rc.0 (#1768)
  • e575c9c promhttp: Isolate zstd support and klauspost/compress library use to promhttp...
  • f2276aa Merge pull request #1764 from prometheus/dependabot/github_actions/github-act...
  • 9df772c build(deps): bump peter-evans/create-pull-request
  • a3548c5 Merge pull request #1754 from saswatamcode/exp-eh
  • 60fd2b0 Remove go.work file for now
  • 8f9d0de exp: Add dependabot config
  • c5cf981 Merge pull request #1762 from prometheus/release-1.21
  • 8a42da3 Fix ios build. (#1758)
  • Additional commits viewable in compare view

Updates golang.org/x/time from 0.9.0 to 0.11.0

Commits
  • 0c50ed8 all: upgrade go directive to at least 1.23.0 [generated]
  • 66520f6 rate: simplify function advance only returns new Tokens to caller
  • 2c6c5a2 rate: prevent overflows when calculating durationFromTokens
  • See full diff in compare view

Updates google.golang.org/grpc from 1.69.2 to 1.72.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.72.2

Bug Fixes

  • client: restore support for NO_PROXY environment variable when connecting to locally-resolved addresses (case 2 from gRFC A1). (#8329)
  • balancer/least_request: fix panic on resolver errors. (#8333)

Release 1.72.1

Bug Fixes

  • client: HTTP Proxy connections are no longer attempted for addresses with non-TCP network types. (#8215)
  • client: Fix bug that causes RPCs to fail with status INTERNAL instead of CANCELLED or DEADLINE_EXCEEDED when receiving a RST_STREAM frame in the middle of the gRPC message. (#8289)

Release 1.72.0

Dependencies

  • Minimum supported Go version is now 1.23 (#8108)

API Changes

  • resolver: add experimental AddressMapV2 with generics to ultimately replace AddressMap. Deprecate AddressMap for deletion (#8187)
  • resolver: convert EndpointMap in place to use generics (#8189)

New Features

  • xds: add grpc.xds_client.server_failure counter metric on xDS client to record connectivity errors (#8203)
  • balancer/rls: allow maxAge to exceed 5 minutes if staleAge is set in the LB policy configuration (#8137)
  • ringhash: implement gRFC A76 improvements. (#8159)
  • pickfirst: The new pick first LB policy is made the default. The new LB policy implements the Happy Eyeballs algorithm. To disable the new policy set the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to false (case insensitive).

Bug Fixes

  • xds: fix support for circuit breakers and load reporting in LOGICAL_DNS clusters (#8169, #8170)
  • xds/cds: improve RPC error messages when resources are not found (#8122)
  • balancer/priority: fix race that could leak balancers and goroutines during shutdown (#8095)
  • stats/opentelemetry: fix trace attributes message sequence numbers to start from 0 (#8237)
  • balancer/pickfirstleaf: fix panic if deprecated Address.Metadata field is set to a non-comparable value by ignoring the field (#8227)

Behavior Changes

  • transport: make servers send an HTTP/2 RST_STREAM frame to cancel a stream when the deadline expires (#8071)

Documentation

  • stats: clarify the expected sequence of events on a stats handler (#7885)

Release 1.71.3

Bug Fixes

  • client: restore support for NO_PROXY environment variable when connecting to locally-resolved addresses (case 2 from gRFC A1). (#8329)
  • balancer/least_request: fix panic on resolver errors. (#8333)

Release 1.71.2

... (truncated)

Commits
  • 6135a73 Change version to v1.72.2 (#8357)
  • eef8c9c delegatingresolver: avoid proxy for resolved addresses in NO_PROXY env (#8329...
  • 3b5fa74 balancer/least_request : Fix panic while handling resolver errors (#8333) (#8...
  • edf643f Change version to v1.72.2-dev (#8326)
  • 4cf3cf7 Change version to 1.72.1 (#8319)
  • 537fe8d transport: Propagate status code on receiving RST_STREAM during message read ...
  • f32eab3 cherry-pick #8302 and #8304 to v1.72.x branch (#8303)
  • 7fcfc87 internal/delegatingresolver: avoid proxy if networktype of target address is ...
  • ad1e120 Change version to 1.72.1-dev (#8219)
  • a43eba6 Change version to 1.72.0 (#8218)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.2 to 1.36.5

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar Jun 04 '25 07:06 dependabot[bot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Jun 09 '25 07:06 dependabot[bot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Jun 23 '25 07:06 dependabot[bot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Jun 30 '25 07:06 dependabot[bot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] avatar Jul 01 '25 08:07 dependabot[bot]

@dependabot rebase

SamYuan1990 avatar Jul 01 '25 10:07 SamYuan1990