apiclarity
apiclarity copied to clipboard
Bump the go_modules group across 5 directories with 10 updates
Bumps the go_modules group with 1 update in the /api3 directory: golang.org/x/crypto. Bumps the go_modules group with 5 updates in the /backend directory:
Package | From | To |
---|---|---|
golang.org/x/crypto | 0.1.0 |
0.17.0 |
github.com/docker/docker | 20.10.14+incompatible |
24.0.9+incompatible |
github.com/jackc/pgproto3/v2 | 2.3.1 |
2.3.3 |
github.com/jackc/pgx/v4 | 4.17.2 |
4.18.2 |
google.golang.org/grpc | 1.43.0 |
1.56.3 |
Bumps the go_modules group with 2 updates in the /plugins/gateway/kong directory: golang.org/x/net and google.golang.org/protobuf. | ||
Bumps the go_modules group with 3 updates in the /plugins/otel-collector/apiclarityexporter directory: golang.org/x/net, google.golang.org/grpc and go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. | ||
Bumps the go_modules group with 2 updates in the /plugins/taper directory: golang.org/x/net and google.golang.org/grpc. |
Updates golang.org/x/crypto
from 0.1.0 to 0.17.0
Commits
9d2ee97
ssh: implement strict KEX protocol changes4e5a261
ssh: close net.Conn on all NewServerConn errors152cdb1
x509roots/fallback: update bundlefdfe1f8
ssh: defer channel window adjustmentb8ffc16
blake2b: drop Go 1.6, Go 1.8 compatibility7e6fbd8
ssh: wrap errors from client handshakebda2f3f
argon2: avoid clobbering BP325b735
ssh/test: skip TestSSHCLIAuth on Windows1eadac5
go.mod: update golang.org/x dependenciesb2d7c26
ssh: add (*Client).DialContext method- Additional commits viewable in compare view
Updates golang.org/x/crypto
from 0.1.0 to 0.17.0
Commits
9d2ee97
ssh: implement strict KEX protocol changes4e5a261
ssh: close net.Conn on all NewServerConn errors152cdb1
x509roots/fallback: update bundlefdfe1f8
ssh: defer channel window adjustmentb8ffc16
blake2b: drop Go 1.6, Go 1.8 compatibility7e6fbd8
ssh: wrap errors from client handshakebda2f3f
argon2: avoid clobbering BP325b735
ssh/test: skip TestSSHCLIAuth on Windows1eadac5
go.mod: update golang.org/x dependenciesb2d7c26
ssh: add (*Client).DialContext method- Additional commits viewable in compare view
Updates golang.org/x/net
from 0.2.0 to 0.10.0
Commits
- See full diff in compare view
Updates golang.org/x/sys
from 0.2.0 to 0.15.0
Commits
13b15b7
unix: add IoctlLoopConfigure on linux11eadc0
windows: add AddDllDirectory and RemoveDllDirectorye4099bf
unix: fix trimmed socket opt string in GetsockoptString9888904
unix: update BPF constants for Linux kernel 6.62d0c736
unix: use fchmodat2 in Fchmodatec230da
unix: use fcntl(2) libc stub on OpenBSDcb378ae
syscall: call getfsstat via libc on openbsd661d749
unix: use libc stubs for OpenBSD pledge+unveil1168e25
unix/linux: update Linux kernel to v6.6249e16f
unix: require minimum OpenBSD 6.4 for pledge, unveil- Additional commits viewable in compare view
Updates golang.org/x/text
from 0.4.0 to 0.14.0
Commits
6c97a16
all: update go directive to 1.18f488e19
unicode/norm: fix function name on commentfb697c0
cmd/gotext: actually use -dir flagf3e69ed
cmd/gotext: fix misbehaviorsab07ad1
all: remove repetitive wordse503480
encoding/japanese, language: shorten very long sub-test names2df65d7
all: regenerate for Unicode 15.0.0e3c038a
all: prepare for Unicode 15.0.03a7a255
internal/export/idna: make more space for mapping indexd61dd50
go.mod: delete repeated "indirect"- Additional commits viewable in compare view
Updates github.com/docker/docker
from 20.10.14+incompatible to 24.0.9+incompatible
Release notes
Sourced from github.com/docker/docker's releases.
v24.0.9
24.0.9
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Security
This release contains security fixes for the following CVEs affecting Docker Engine and its components.
CVE Component Fix version Severity CVE-2024-21626 runc 1.1.12 High, CVSS 8.6 CVE-2024-24557 Docker Engine 24.0.9 Medium, CVSS 6.9 Important ⚠️
Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:
To address these vulnerabilities, upgrade to Docker Engine v25.0.2.
For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the blog post. For details about each vulnerability, see the relevant security advisory:
Packaging updates
- Upgrade runc to v1.1.12. moby/moby#47269
- Upgrade containerd to v1.7.13 (static binaries only). moby/moby#47280
v24.0.8
24.0.8
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Bug fixes and enhancements
- Live restore: Containers with auto remove (
docker run --rm
) are no longer forcibly removed on engine restart. moby/moby#46857
... (truncated)
Commits
fca702d
Merge pull request from GHSA-xw73-rw38-6vjcf78a772
Merge pull request #47281 from thaJeztah/24.0_backport_bump_containerd_binary...61afffe
Merge pull request #47270 from thaJeztah/24.0_backport_bump_runc_binary_1.1.12b38e74c
Merge pull request #47276 from thaJeztah/24.0_backport_bump_runc_1.1.12dac5663
update containerd binary to v1.7.1320e1af3
vendor: github.com/opencontainers/runc v1.1.12858919d
update runc binary to v1.1.12141ad39
Merge pull request #47266 from vvoland/ci-fix-makeps1-templatefail-24db968c6
hack/make.ps1: Fix go list pattern61c51fb
Merge pull request #47221 from vvoland/pkg-pools-close-noop-24- Additional commits viewable in compare view
Updates github.com/jackc/pgproto3/v2
from 2.3.1 to 2.3.3
Commits
945c212
Backport fixes from pgx v50c0f7b0
Add pgx v5 notef59ff94
UnmarshalJSON: removing hex decode- See full diff in compare view
Updates github.com/jackc/pgx/v4
from 4.17.2 to 4.18.2
Changelog
Sourced from github.com/jackc/pgx/v4's changelog.
4.18.2 (March 4, 2024)
Fix CVE-2024-27289
SQL injection can occur when all of the following conditions are met:
- The non-default simple protocol is used.
- A placeholder for a numeric value must be immediately preceded by a minus.
- There must be a second placeholder for a string value after the first placeholder; both must be on the same line.
- Both parameter values must be user-controlled.
Thanks to Paul Gerste for reporting this issue.
Fix CVE-2024-27304
SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control.
Thanks to Paul Gerste for reporting this issue.
- Fix *dbTx.Exec not checking if it is already closed
4.18.1 (February 27, 2023)
- Fix: Support pgx v4 and v5 stdlib in same program (Tomáš Procházka)
4.18.0 (February 11, 2023)
- Upgrade pgconn to v1.14.0
- Upgrade pgproto3 to v2.3.2
- Upgrade pgtype to v1.14.0
- Fix query sanitizer when query text contains Unicode replacement character
- Fix context with value in BeforeConnect (David Harju)
- Support pgx v4 and v5 stdlib in same program (Vitalii Solodilov)
Commits
14690df
Update changelog779548e
Update required Go version to 1.1780e9662
Update github.com/jackc/pgconn to v1.14.30bf9ac3
Fix erroneous test casef94eb0e
Always wrap arguments in parentheses in the SQL sanitizer826a892
Fix SQL injection via line comment creation in simple protocol7d882f9
Fix *dbTx.Exec not checking if it is already closed1d07b8b
go mod tidy13468eb
Release v4.18.17fed69b
simplify duplicatepgx
registration guard- Additional commits viewable in compare view
Updates google.golang.org/grpc
from 1.43.0 to 1.56.3
Release notes
Sourced from google.golang.org/grpc's releases.
Release 1.56.3
Security
server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.
Release 1.56.2
- status: To fix a panic,
status.FromError
now returns an error withcodes.Unknown
when the error implements theGRPCStatus()
method, and callingGRPCStatus()
returnsnil
. (#6374)Release 1.56.1
- client: handle empty address lists correctly in addrConn.updateAddrs
Release 1.56.0
New Features
- client: support channel idleness using
WithIdleTimeout
dial option (#6263)
- This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
- client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
- xds: Add support for Custom LB Policies (gRFC A52) (#6224)
- xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
- client: add support for pickfirst address shuffling (gRFC A62) (#6311)
- xds: Add support for String Matcher Header Matcher in RDS (#6313)
- xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
- Special Thanks:
@s-matyukevich
- xds: enable RLS in xDS by default (#6343)
- orca: add support for application_utilization field and missing range checks on several metrics setters
- balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
- authz: add conversion of json to RBAC Audit Logging config (#6192)
- authz: add support for stdout logger (#6230 and #6298)
- authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)
Bug Fixes
- orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
- xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
- xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)
API Changes
- orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)
Release 1.55.1
- status: To fix a panic,
status.FromError
now returns an error withcodes.Unknown
when the error implements theGRPCStatus()
method, and callingGRPCStatus()
returnsnil
. (#6374)Release 1.55.0
Behavior Changes
... (truncated)
Commits
1055b48
Update version.go to 1.56.3 (#6713)5efd7bd
server: prohibit more than MaxConcurrentStreams handlers from running at once...bd1f038
Upgrade version.go to 1.56.3-dev (#6434)faab873
Update version.go to v1.56.2 (#6432)6b0b291
status: fix panic when servers return a wrapped error with status OK (#6374) ...ed56401
[PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)cd6a794
Update version.go to v1.56.2-dev (#6387)5b67e5e
Update version.go to v1.56.1 (#6386)d0f5150
client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...997c1ea
Change version to 1.56.1-dev (#6345)- Additional commits viewable in compare view
Updates google.golang.org/protobuf
from 1.28.1 to 1.30.0
Updates golang.org/x/net
from 0.0.0-20211112202133-69e39bad7dc2 to 0.17.0
Commits
- See full diff in compare view
Updates golang.org/x/sys
from 0.0.0-20210615035016-665e8c7367d1 to 0.13.0
Commits
13b15b7
unix: add IoctlLoopConfigure on linux11eadc0
windows: add AddDllDirectory and RemoveDllDirectorye4099bf
unix: fix trimmed socket opt string in GetsockoptString9888904
unix: update BPF constants for Linux kernel 6.62d0c736
unix: use fchmodat2 in Fchmodatec230da
unix: use fcntl(2) libc stub on OpenBSDcb378ae
syscall: call getfsstat via libc on openbsd661d749
unix: use libc stubs for OpenBSD pledge+unveil1168e25
unix/linux: update Linux kernel to v6.6249e16f
unix: require minimum OpenBSD 6.4 for pledge, unveil- Additional commits viewable in compare view
Updates golang.org/x/text
from 0.3.7 to 0.13.0
Commits
6c97a16
all: update go directive to 1.18f488e19
unicode/norm: fix function name on commentfb697c0
cmd/gotext: actually use -dir flagf3e69ed
cmd/gotext: fix misbehaviorsab07ad1
all: remove repetitive wordse503480
encoding/japanese, language: shorten very long sub-test names2df65d7
all: regenerate for Unicode 15.0.0e3c038a
all: prepare for Unicode 15.0.03a7a255
internal/export/idna: make more space for mapping indexd61dd50
go.mod: delete repeated "indirect"- Additional commits viewable in compare view
Updates google.golang.org/protobuf
from 1.28.0 to 1.33.0
Updates golang.org/x/net
from 0.0.0-20220225172249-27dd8689420f to 0.17.0
Commits
- See full diff in compare view
Updates golang.org/x/sys
from 0.0.0-20220808155132-1c4a2a72c664 to 0.13.0
Commits
13b15b7
unix: add IoctlLoopConfigure on linux11eadc0
windows: add AddDllDirectory and RemoveDllDirectorye4099bf
unix: fix trimmed socket opt string in GetsockoptString9888904
unix: update BPF constants for Linux kernel 6.62d0c736
unix: use fchmodat2 in Fchmodatec230da
unix: use fcntl(2) libc stub on OpenBSDcb378ae
syscall: call getfsstat via libc on openbsd661d749
unix: use libc stubs for OpenBSD pledge+unveil1168e25
unix/linux: update Linux kernel to v6.6249e16f
unix: require minimum OpenBSD 6.4 for pledge, unveil- Additional commits viewable in compare view
Updates golang.org/x/text
from 0.3.7 to 0.13.0
Commits
6c97a16
all: update go directive to 1.18f488e19
unicode/norm: fix function name on commentfb697c0
cmd/gotext: actually use -dir flagf3e69ed
cmd/gotext: fix misbehaviorsab07ad1
all: remove repetitive wordse503480
encoding/japanese, language: shorten very long sub-test names2df65d7
all: regenerate for Unicode 15.0.0e3c038a
all: prepare for Unicode 15.0.03a7a255
internal/export/idna: make more space for mapping indexd61dd50
go.mod: delete repeated "indirect"- Additional commits viewable in compare view
Updates google.golang.org/grpc
from 1.49.0 to 1.56.3
Release notes
Sourced from google.golang.org/grpc's releases.
Release 1.56.3
Security
server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.
Release 1.56.2
- status: To fix a panic,
status.FromError
now returns an error withcodes.Unknown
when the error implements theGRPCStatus()
method, and callingGRPCStatus()
returnsnil
. (#6374)Release 1.56.1
- client: handle empty address lists correctly in addrConn.updateAddrs
Release 1.56.0
New Features
- client: support channel idleness using
WithIdleTimeout
dial option (#6263)
- This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
- client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
- xds: Add support for Custom LB Policies (gRFC A52) (#6224)
- xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
- client: add support for pickfirst address shuffling (gRFC A62) (#6311)
- xds: Add support for String Matcher Header Matcher in RDS (#6313)
- xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
- Special Thanks:
@s-matyukevich
- xds: enable RLS in xDS by default (#6343)
- orca: add support for application_utilization field and missing range checks on several metrics setters
- balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
- authz: add conversion of json to RBAC Audit Logging config (#6192)
- authz: add support for stdout logger (#6230 and #6298)
- authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)
Bug Fixes
- orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
- xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
- xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)
API Changes
- orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)
Release 1.55.1
- status: To fix a panic,
status.FromError
now returns an error withcodes.Unknown
when the error implements theGRPCStatus()
method, and callingGRPCStatus()
returnsnil
. (#6374)Release 1.55.0
Behavior Changes
... (truncated)
Commits
1055b48
Update version.go to 1.56.3 (#6713)5efd7bd
server: prohibit more than MaxConcurrentStreams handlers from running at once...bd1f038
Upgrade version.go to 1.56.3-dev (#6434)faab873
Update version.go to v1.56.2 (#6432)6b0b291
status: fix panic when servers return a wrapped error with status OK (#6374) ...ed56401
[PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)cd6a794
Update version.go to v1.56.2-dev (#6387)5b67e5e
Update version.go to v1.56.1 (#6386)d0f5150
client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...997c1ea
Change version to 1.56.1-dev (#6345)- Additional commits viewable in compare view
Updates google.golang.org/protobuf
from 1.28.1 to 1.30.0
Updates go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
from 0.36.0 to 0.44.0
Release notes
Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.
Release v0.36.2
Changed
- Upgrade dependencies of the OpenTelemetry Go Metric SDK to use the new
v0.32.2
release- Avoid getting a new Tracer for every RPC in
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
. (#2835)- Conditionally compute message size for tracing events using proto v2 API rather than legacy v1 API in
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
. (#2647)Deprecated
- The
Inject
function ingo.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
is deprecated. (#2838)- The
Extract
function ingo.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
is deprecated. (#2838)Release v0.36.1
Changed
- Upgrade dependencies of the OpenTelemetry Go Metric SDK to use the new
v0.32.1
release.
Changelog
Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's changelog.
[1.19.0/0.44.0/0.13.0] - 2023-09-12
Added
- Add
gcp.gce.instance.name
andgcp.gce.instance.hostname
resource attributes togo.opentelemetry.io/contrib/detectors/gcp
. (#4263)Changed
- The semantic conventions used by
go.opentelemetry.io/contrib/detectors/aws/ec2
have been upgraded to v1.21.0. (#4265)- The semantic conventions used by
go.opentelemetry.io/contrib/detectors/aws/ecs
have been upgraded to v1.21.0. (#4265)- The semantic conventions used by
go.opentelemetry.io/contrib/detectors/aws/eks
have been upgraded to v1.21.0. (#4265)- The semantic conventions used by
go.opentelemetry.io/contrib/detectors/aws/lambda
have been upgraded to v1.21.0. (#4265)- The semantic conventions used by
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda
have been upgraded to v1.21.0. (#4265)
- The
faas.execution
attribute is nowfaas.invocation_id
.- The
faas.id
attribute is nowaws.lambda.invoked_arn
.- The semantic conventions used by
go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws
have been upgraded to v1.21.0. (#4265)- The
http.request.method
attribute will only allow known HTTP methods from the metrics generated bygo.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
. (#4277)Removed
- The high cardinality attributes
net.sock.peer.addr
,net.sock.peer.port
,http.user_agent
,enduser.id
, andhttp.client_ip
were removed from the metrics generated bygo.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
. (#4277)- The deprecated
go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego
module is removed. (#4295)- The deprecated
go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit
module is removed. (#4295)- The deprecated
go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama
module is removed. (#4295)- The deprecated
go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache
module is removed. (#4295)- The deprecated
go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql
module is removed. (#4295)[1.18.0/0.43.0/0.12.0] - 2023-08-28
Added
- Add
NewMiddleware
function ingo.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
. (#2964)- The
go.opentelemetry.io/contrib/exporters/autoexport
package to provide configuration of trace exporters with useful defaults and environment variable support. (#2753, #4100, #4130, #4132, #4134)WithRouteTag
ingo.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
adds HTTP route attribute to metrics. (#615)- Add
WithSpanOptions
option ingo.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
. (#3768)- Add testing support for Go 1.21. (#4233)
- Add
WithFilter
option togo.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux
. (#4230)Changed
- Change interceptors in
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
to disableSENT
/RECEIVED
events. UseWithMessageEvents()
to turn back on. (#3964)Changed
go.opentelemetry.io/contrib/detectors/gcp
: Detectfaas.instance
instead offaas.id
, sincefaas.id
is being removed. (#4198)Fixed
... (truncated)
Commits
fdfa6e3
Release v1.19.0/v0.44.0/v0.13.0 (#4299)aea7540
build(deps): bump github.com/aws/aws-sdk-go in /detectors/aws/ec2 (#4297)7e88614
Remove otelbeego, otelkit, otelsarama, otelmemcache, otelgocql (#4295)14f153e
build(deps): bump actions/checkout from 3 to 4 (#4291)01c596d
dependabot updates Mon Sep 11 05:08:50 UTC 2023 (#4294)50ca48f
Remove high cardanility metrics from otelhttp (#4277)b6fc62f
Update go versions used in workflow (#4278)7a8f53c
Add new gcp host attributes (#4263)aab5f49
[mux] Add request filters like otelhttp (#4230)3ad5a2c
Deprecate otelmemcache, otelgocql (#4164)- Additional commits viewable in compare view
Updates golang.org/x/net
from 0.0.0-20211101193420-4a448f8816b3 to 0.17.0
Commits
- See full diff in compare view
Updates golang.org/x/sys
from 0.0.0-20211025201205-69cdffdb9359 to 0.13.0
Commits
13b15b7
unix: add IoctlLoopConfigure on linux11eadc0
windows: add AddDllDirectory and RemoveDllDirectorye4099bf
unix: fix trimmed socket opt string in GetsockoptString9888904
unix: update BPF constants for Linux kernel 6.62d0c736
unix: use fchmodat2 in Fchmodatec230da
unix: use fcntl(2) libc stub on OpenBSDcb378ae
syscall: call getfsstat via libc on openbsd661d749
unix: use libc stubs for OpenBSD pledge+unveil1168e25
unix/linux: update Linux kernel to v6.6249e16f
unix: require minimum OpenBSD 6.4 for pledge, unveil- Additional commits viewable in compare view
Updates golang.org/x/text
from 0.3.7 to 0.13.0
Commits
6c97a16
all: update go directive to 1.18f488e19
unicode/norm: fix function name on commentfb697c0
cmd/gotext: actually use -dir flagf3e69ed
cmd/gotext: fix misbehaviorsab07ad1
all: remove repetitive wordse503480
encoding/japanese, language: shorten very long sub-test names2df65d7
all: regenerate for Unicode 15.0.0e3c038a
all: prepare for Unicode 15.0.03a7a255
internal/export/idna: make more space for mapping indexd61dd50
go.mod: delete repeated "indirect"- Additional commits viewable in compare view
Updates google.golang.org/grpc
from 1.42.0 to 1.56.3
Release notes
Sourced from google.golang.org/grpc's releases.
Release 1.56.3
Security
server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.
Release 1.56.2
- status: To fix a panic,
status.FromError
now returns an error withcodes.Unknown
when the error implements theGRPCStatus()
method, and callingGRPCStatus()
returnsnil
. (#6374)Release 1.56.1
- client: handle empty address lists correctly in addrConn.updateAddrs
Release 1.56.0
New Features
- client: support channel idleness using
WithIdleTimeout
dial option (#6263)
- This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
- client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
- xds: Add support for Custom LB Policies (gRFC A52) (#6224)
- xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
- client: add support for pickfirst address shuffling (gRFC A62) (#6311)
- xds: Add support for String Matcher Header Matcher in RDS (#6313)
- xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
- Special Thanks:
@s-matyukevich
- xds: enable RLS in xDS by default (#6343)
- orca: add support for application_utilization field and missing range checks on several metrics setters
- balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
- authz: add conversion of json to RBAC Audit Logging config (#6192)
- authz: add support for stdout logger (#6230 and #6298)
- authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)
Bug Fixes
- orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
- xds/xdsresource: Fix ...
Description has been truncated