Bump github.com/prometheus/client_golang from 1.5.1 to 1.11.1

[dependabot[bot]]

Bumps github.com/prometheus/client_golang from 1.5.1 to 1.11.1.

Release notes

Sourced from github.com/prometheus/client_golang's releases.

1.11.1 / 2022-02-15

• [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed CVE-2022-21698)

What's Changed

• promhttp: Check validity of method and code label values by @​bwplotka and @​kakkoyun in prometheus/client_golang#987

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.11.0...v1.11.1

v1.11.0 / 2021-06-07

• [CHANGE] Add new collectors package. #862
• [CHANGE] prometheus.NewExpvarCollector is deprecated, use collectors.NewExpvarCollector instead. #862
• [CHANGE] prometheus.NewGoCollector is deprecated, use collectors.NewGoCollector instead. #862
• [CHANGE] prometheus.NewBuildInfoCollector is deprecated, use collectors.NewBuildInfoCollector instead. #862
• [FEATURE] Add new collector for database/sql#DBStats. #866
• [FEATURE] API client: Add exemplars API support. #861
• [ENHANCEMENT] API client: Add newer fields to Rules API. #855
• [ENHANCEMENT] API client: Add missing fields to Targets API. #856

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#846
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#849
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#853
• Add newer fields to Rules API by @​gouthamve in prometheus/client_golang#855
• Add missing fields to targets API by @​yeya24 in prometheus/client_golang#856
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#857
• Add exemplars API support by @​yeya24 in prometheus/client_golang#861
• Improve description of MaxAge in summary docs by @​Dean-Coakley in prometheus/client_golang#864
• Add new collectors package by @​johejo in prometheus/client_golang#862
• Add collector for database/sql#DBStats by @​johejo in prometheus/client_golang#866
• Make dbStatsCollector more DRY by @​beorn7 in prometheus/client_golang#867
• Change maintainers from @​beorn7 to @bwplotka/@​kakkoyun by @​beorn7 in prometheus/client_golang#873
• Document implications of negative observations by @​beorn7 in prometheus/client_golang#871
• Update Go modules by @​SuperQ in prometheus/client_golang#875

New Contributors

• @​gouthamve made their first contribution in prometheus/client_golang#855

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.10.0...v1.11.0

1.10.0 / 2021-03-18

• [CHANGE] Minimum required Go version is now 1.13.
• [CHANGE] API client: Add matchers to LabelNames and LabesValues. #828
• [FEATURE] API client: Add buildinfo call. #841
• [BUGFIX] Fix build on riscv64. #833

What's Changed

• Add SECURITY.md by @​roidelapluie in prometheus/client_golang#831
• Bump prometheus/procfs to 0.3.0 to fix building on riscv64 by @​zhsj in prometheus/client_golang#833
• Fix typo in comments in prometheus/client_golang#835

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

1.14.0 / 2022-11-08

• [FEATURE] Add Support for Native Histograms. #1150
• [CHANGE] Extend prometheus.Registry to implement prometheus.Collector interface. #1103

1.13.1 / 2022-11-01

• [BUGFIX] Fix race condition with Exemplar in Counter. #1146
• [BUGFIX] Fix CumulativeCount value of +Inf bucket created from exemplar. #1148
• [BUGFIX] Fix double-counting bug in promhttp.InstrumentRoundTripperCounter. #1118

1.13.0 / 2022-08-05

• [CHANGE] Minimum required Go version is now 1.17 (we also test client_golang against new 1.19 version).
• [ENHANCEMENT] Added prometheus.TransactionalGatherer interface for promhttp.Handler use which allows using low allocation update techniques for custom collectors. #989
• [ENHANCEMENT] Added exemplar support to prometheus.NewConstHistogram. See ExampleNewConstHistogram_WithExemplar example on how to use it. #986
• [ENHANCEMENT] prometheus/push.Pusher has now context aware methods that pass context to HTTP request. #1028
• [ENHANCEMENT] prometheus/push.Pusher has now Error method that retrieve last error. #1075
• [ENHANCEMENT] testutil.GatherAndCompare provides now readable diff on failed comparisons. #998
• [ENHANCEMENT] Query API now supports timeouts. #1014
• [ENHANCEMENT] New MetricVec method DeletePartialMatch(labels Labels) for deleting all metrics that match provided labels. #1013
• [ENHANCEMENT] api.Config now accepts passing custom *http.Client. #1025
• [BUGFIX] Raise exemplar labels limit from 64 to 128 bytes as specified in OpenMetrics spec. #1091
• [BUGFIX] Allow adding exemplar to +Inf bucket to const histograms. #1094
• [ENHANCEMENT] Most promhttp.Instrument* middlewares now supports adding exemplars to metrics. This allows hooking those to your tracing middleware that retrieves trace ID and put it in exemplar if present. #1055
• [ENHANCEMENT] Added testutil.ScrapeAndCompare method. #1043
• [BUGFIX] Fixed GopherJS build support. #897
• [ENHANCEMENT] :warning: Added way to specify what runtime/metrics collectors.NewGoCollector should use. See ExampleGoCollector_WithAdvancedGoMetrics. #1102

1.12.2 / 2022-05-13

• [CHANGE] Added collectors.WithGoCollections that allows to choose what collection of Go runtime metrics user wants: Equivalent of MemStats structure configured using GoRuntimeMemStatsCollection, new based on dedicated runtime/metrics metrics represented by GoRuntimeMetricsCollection option, or both by specifying GoRuntimeMemStatsCollection | GoRuntimeMetricsCollection flag. #1031
• [CHANGE] :warning: Change in collectors.NewGoCollector metrics: Reverting addition of new ~80 runtime metrics by default. You can enable this back with GoRuntimeMetricsCollection option or GoRuntimeMemStatsCollection | GoRuntimeMetricsCollection for smooth transition.
• [BUGFIX] Fixed the bug that causes generated histogram metric names to end with _total. ⚠️ This changes 3 metric names in the new Go collector that was reverted from default in this release.
  • go_gc_heap_allocs_by_size_bytes_total -> go_gc_heap_allocs_by_size_bytes,
  • go_gc_heap_frees_by_size_bytes_total -> go_gc_heap_allocs_by_size_bytes
  • go_gc_pauses_seconds_total -> go_gc_pauses_seconds.
• [CHANCE] Removed -Inf buckets from new Go Collector histograms.

1.12.1 / 2022-01-29

• [BUGFIX] Make the Go 1.17 collector concurrency-safe #969
  • Use simpler locking in the Go 1.17 collector #975
• [BUGFIX] Reduce granularity of histogram buckets for Go 1.17 collector #974
• [ENHANCEMENT] API client: make HTTP reads more efficient #976

1.12.0 / 2022-01-19

... (truncated)

Commits

• 989baa3 promhttp: Check validity of method and code label values (#962) (#987)
• 8184d76 Cut v1.11.0 (#877)
• 2539062 Merge pull request #875 from prometheus/superq/update_mods
• 68cd1e9 Update Go modules
• f22935d Merge pull request #871 from prometheus/beorn7/doc
• 11aba26 Change maintainers from @​beorn7 to @bwplotka/@​kakkoyun (#873)
• f34145a Document implications of negative observations
• a7515ca Merge pull request #867 from prometheus/beorn7/collectors
• 81a9556 Make dbStatsCollector more DRY
• a66da1d Add collector for database/sql#DBStats (#866)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cloudflare/flow-pipeline/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.