Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 #175

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 28, 2023

Bumps github.com/prometheus/client_golang from 1.16.0 to 1.17.0.

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.17.0

What's Changed

  • [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
  • [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
  • [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

New Contributors

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.17.0 / 2023-09-27

  • [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
  • [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
  • [ENHANCEMENT] Enable detection of a native histogram without observations. #1314
Commits
  • fa1408e Merge pull request #1352 from prometheus/arthursens/cut-1.17.0
  • 24a72b8 Add changelog entry for 1.17
  • 1bae6c1 Deprecated comment should begin with "Deprecated:" (#1347)
  • bbab8fe Fix typos in comments, tests, and errors (#1346)
  • df7fa49 Extend Counters, Summaries and Histograms with creation timestamp (#1313)
  • 74cc262 Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total (#1348)
  • d03abf3 Cleanup golangci-lint errcheck (#1339)
  • ca6ba04 Update common Prometheus files (#1338)
  • 51d24f8 Update common Prometheus files (#1332)
  • c17edf0 Merge pull request #1304 from prometheus/dependabot/go_modules/google.golang....
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 28, 2023
@github-actions github-actions bot enabled auto-merge (squash) September 28, 2023 11:12
@guardrails
Copy link

guardrails bot commented Sep 28, 2023

⚠️ We detected 5 security issues in this pull request:

Vulnerable Libraries (5)
Severity Details
N/A pkg:golang/github.com/aws/aws-sdk-go@v1.44.228 - no patch available
High pkg:golang/gopkg.in/yaml.v2@v2.3.0 - no patch available
N/A pkg:golang/github.com/aws/aws-sdk-go@v1.44.228 - no patch available
N/A pkg:golang/golang.org/x/net@v0.0.0-20220425223048-2871e0cb64e4 upgrade to: 1.19.6,1.20.1,0.7.0
Medium pkg:golang/golang.org/x/crypto@v0.0.0-20180904163835-0709b304e793 upgrade to: 0.0.0-20190320223903-b7391e95e576,0.0.0-20190320223903-b7391e95e576

More info on how to fix Vulnerable Libraries in Go.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@schmidtw
Copy link
Member

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/prometheus/client_golang-1.17.0 branch from a7574db to fae4a38 Compare October 24, 2023 20:52
@codecov
Copy link

codecov bot commented Oct 24, 2023

Codecov Report

Merging #175 (fae4a38) into main (9ab1f28) will not change coverage.
Report is 1 commits behind head on main.
The diff coverage is n/a.

❗ Current head fae4a38 differs from pull request most recent head fcc0d7f. Consider uploading reports for the commit fcc0d7f to get more accurate results

@@           Coverage Diff           @@
##             main     #175   +/-   ##
=======================================
  Coverage   84.36%   84.36%           
=======================================
  Files          13       13           
  Lines         646      646           
=======================================
  Hits          545      545           
  Misses         88       88           
  Partials       13       13           
Flag Coverage Δ
unittests 84.36% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/v1.17.0/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/prometheus/client_golang-1.17.0 branch from fae4a38 to fcc0d7f Compare October 24, 2023 20:57
@github-actions github-actions bot merged commit c21e030 into main Oct 24, 2023
13 of 14 checks passed
@github-actions github-actions bot deleted the dependabot/go_modules/github.com/prometheus/client_golang-1.17.0 branch October 24, 2023 20:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant