Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all dependencies #6

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Oct 11, 2024

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
aquasecurity/trivy-action action minor 0.9.1 -> 0.29.0 age adoption passing confidence
github.com/fsnotify/fsnotify require minor v1.5.4 -> v1.8.0 age adoption passing confidence
github.com/prometheus/client_golang require minor v1.13.0 -> v1.20.5 age adoption passing confidence
golang stage patch 1.23.1 -> 1.23.5 age adoption passing confidence

Release Notes

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.29.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.28.0...0.29.0

v0.28.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.27.0...0.28.0

v0.27.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.26.0...0.27.0

v0.26.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.25.0...0.26.0

v0.25.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.24.0...0.25.0

v0.24.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.23.0...0.24.0

v0.23.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.22.0...0.23.0

v0.22.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.21.0...0.22.0

v0.21.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.20.0...0.21.0

v0.20.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.19.0...0.20.0

v0.19.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.18.0...0.19.0

v0.18.0

Compare Source

v0.17.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.16.1...0.17.0

v0.16.1

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.16.0...0.16.1

v0.16.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.15.0...0.16.0

v0.15.0

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.14.0...0.15.0

v0.14.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.13.1...0.14.0

v0.13.1

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.13.0...0.13.1

v0.13.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.12.0...0.13.0

v0.12.0

Compare Source

What's Changed
New Contributors

Full Changelog: aquasecurity/trivy-action@0.11.2...0.12.0

v0.11.2

Compare Source

Full Changelog: aquasecurity/trivy-action@0.11.1...0.11.2

v0.11.1

Compare Source

What's Changed

Full Changelog: aquasecurity/trivy-action@0.11.0...0.11.1

v0.11.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.10.0...0.11.0

v0.10.0

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.9.2...0.10.0

v0.9.2

Compare Source

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@0.9.1...0.9.2

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.8.0

Compare Source

Additions

  • all: add FSNOTIFY_DEBUG to print debug logs to stderr (#​619)
Changes and fixes
  • windows: fix behaviour of WatchList() to be consistent with other platforms (#​610)

  • kqueue: ignore events with Ident=0 (#​590)

  • kqueue: set O_CLOEXEC to prevent passing file descriptors to children (#​617)

  • kqueue: emit events as "/path/dir/file" instead of "path/link/file" when watching a symlink (#​625)

  • inotify: don't send event for IN_DELETE_SELF when also watching the parent (#​620)

  • inotify: fix panic when calling Remove() in a goroutine (#​650)

  • fen: allow watching subdirectories of watched directories (#​621)

v1.7.0

Compare Source

This version of fsnotify needs Go 1.17.

Additions
  • illumos: add FEN backend to support illumos and Solaris. (#​371)

  • all: add NewBufferedWatcher() to use a buffered channel, which can be useful in cases where you can't control the kernel buffer and receive a large number of events in bursts. (#​550, #​572)

  • all: add AddWith(), which is identical to Add() but allows passing options. (#​521)

  • windows: allow setting the ReadDirectoryChangesW() buffer size with fsnotify.WithBufferSize(); the default of 64K is the highest value that works on all platforms and is enough for most purposes, but in some cases a highest buffer is needed. (#​521)

Changes and fixes
  • inotify: remove watcher if a watched path is renamed (#​518)

    After a rename the reported name wasn't updated, or even an empty string. Inotify doesn't provide any good facilities to update it, so just remove the watcher. This is already how it worked on kqueue and FEN.

    On Windows this does work, and remains working.

  • windows: don't listen for file attribute changes (#​520)

    File attribute changes are sent as FILE_ACTION_MODIFIED by the Windows API, with no way to see if they're a file write or attribute change, so would show up as a fsnotify.Write event. This is never useful, and could result in many spurious Write events.

  • windows: return ErrEventOverflow if the buffer is full (#​525)

    Before it would merely return "short read", making it hard to detect this error.

  • kqueue: make sure events for all files are delivered properly when removing a watched directory (#​526)

    Previously they would get sent with "" (empty string) or "." as the path name.

  • kqueue: don't emit spurious Create events for symbolic links (#​524)

    The link would get resolved but kqueue would "forget" it already saw the link itself, resulting on a Create for every Write event for the directory.

  • all: return ErrClosed on Add() when the watcher is closed (#​516)

  • other: add Watcher.Errors and Watcher.Events to the no-op Watcher in backend_other.go, making it easier to use on unsupported platforms such as WASM, AIX, etc. (#​528)

  • other: use the backend_other.go no-op if the appengine build tag is set; Google AppEngine forbids usage of the unsafe package so the inotify backend won't compile there.

v1.6.0

Compare Source

This version of fsnotify needs Go 1.16 (this was already the case since 1.5.1, but not documented). It also increases the minimum Linux version to 2.6.32.

Additions
  • all: add Event.Has() and Op.Has() (#​477)

    This makes checking events a lot easier; for example:

      if event.Op&Write == Write && !(event.Op&Remove == Remove) {
      }
    

    Becomes:

      if event.Has(Write) && !event.Has(Remove) {
      }
    
  • all: add cmd/fsnotify (#​463)

    A command-line utility for testing and some examples.

Changes and fixes
  • inotify: don't ignore events for files that don't exist (#​260, #​470)

    Previously the inotify watcher would call os.Lstat() to check if a file still exists before emitting events.

    This was inconsistent with other platforms and resulted in inconsistent event reporting (e.g. when a file is quickly removed and re-created), and generally a source of confusion. It was added in 2013 to fix a memory leak that no longer exists.

  • all: return ErrNonExistentWatch when Remove() is called on a path that's
    not watched (#​460)

  • inotify: replace epoll() with non-blocking inotify (#​434)

    Non-blocking inotify was not generally available at the time this library was written in 2014, but now it is. As a result, the minimum Linux version is bumped from 2.6.27 to 2.6.32. This hugely simplifies the code and is faster.

  • kqueue: don't check for events every 100ms (#​480)

    The watcher would wake up every 100ms, even when there was nothing to do. Now it waits until there is something to do.

  • macos: retry opening files on EINTR (#​475)

  • kqueue: skip unreadable files (#​479)

    kqueue requires a file descriptor for every file in a directory; this would fail if a file was unreadable by the current user. Now these files are simply skipped.

  • windows: fix renaming a watched directory if the parent is also watched (#​370)

  • windows: increase buffer size from 4K to 64K (#​485)

  • windows: close file handle on Remove() (#​288)

  • kqueue: put pathname in the error if watching a file fails (#​471)

  • inotify, windows: calling Close() more than once could race (#​465)

  • kqueue: improve Close() performance (#​233)

  • all: various documentation additions and clarifications.

prometheus/client_golang (github.com/prometheus/client_golang)

v1.20.5: / 2024-10-15

Compare Source

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #​1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #​1645

v1.20.4

Compare Source

  • [BUGFIX] histograms: Fix a possible data race when appending exemplars vs metrics gather. #​1623

v1.20.3

Compare Source

  • [BUGFIX] histograms: Fix possible data race when appending exemplars. #​1608

v1.20.2

Compare Source

  • [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #​1596

v1.20.1

Compare Source

  • [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #​1587

v1.20.0

Compare Source

Thanks everyone for contributions!

⚠️ In this release we remove one (broken anyway, given Go runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT and GOMAXPROCS flags) to the default collectors.NewGoCollector() collector. Given its popular usage, expect your binary to expose two additional metric.

Changes

  • [CHANGE] ⚠️ go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #​1577
  • [FEATURE] ⚠️ go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #​1559
  • [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #​1568 #​1578
  • [FEATURE] testutil: Add CollectAndFormat method. #​1503
  • [FEATURE] histograms: Add support for exemplars in native histograms. #​1471
  • [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #​1496
  • [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #​1544
  • [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #​1537
  • [FEATURE] process-collectors: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #​1555
  • [FEATURE] promlint: Add duplicated metric lint rule. #​1472
  • [BUGFIX] promlint: Relax metric type in name linter rule. #​1455
  • [BUGFIX] promhttp: Make sure server
    instrumentation wrapping supports new and future extra responseWriter methods. #​1480
  • [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #​1424
All commits

Configuration

📅 Schedule: Branch creation - "* 0-3 * * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Copy link
Author

renovate bot commented Oct 11, 2024

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 6 additional dependencies were updated

Details:

Package Change
github.com/cespare/xxhash/v2 v2.1.2 -> v2.3.0
github.com/prometheus/client_model v0.2.0 -> v0.6.1
github.com/prometheus/common v0.37.0 -> v0.55.0
github.com/prometheus/procfs v0.8.0 -> v0.15.1
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a -> v0.22.0
google.golang.org/protobuf v1.28.1 -> v1.34.2

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 921db47 to 9ca8dad Compare October 16, 2024 02:57
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from dfd3e83 to 046b30b Compare November 7, 2024 08:48
@renovate renovate bot changed the title chore(deps): update all dependencies fix(deps): update all dependencies Dec 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants