chore(deps): bump the minor-and-patch group across 1 directory with 16 updates

[dependabot[bot]]

Bumps the minor-and-patch group with 12 updates in the / directory:

Package	From	To
github.com/Masterminds/semver/v3	3.3.0	3.3.1
github.com/bits-and-blooms/bitset	1.14.3	1.15.0
github.com/blevesearch/bleve/v2	2.4.2	2.4.3
github.com/dgraph-io/badger/v4	4.3.1	4.4.0
github.com/dgraph-io/dgo/v240	240.0.0	240.0.1
github.com/golang/glog	1.2.2	1.2.3
go.etcd.io/etcd/raft/v3	3.5.16	3.5.17
golang.org/x/crypto	0.28.0	0.29.0
golang.org/x/mod	0.21.0	0.22.0
golang.org/x/net	0.30.0	0.31.0
golang.org/x/tools	0.26.0	0.27.0
google.golang.org/grpc	1.67.1	1.68.0

Updates github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.1

What's Changed

• Fix for allowing some version that were invalid by @​mattfarina in Masterminds/semver#253

Full Changelog: https://github.com/Masterminds/semver/compare/v3.3.0...v3.3.1

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

Changelog

Commits

• 1558ca3 Merge pull request #253 from mattfarina/fix-bad-versions
• 252dd61 Fix for allowing some version that were invalid
• See full diff in compare view

Updates github.com/bits-and-blooms/bitset from 1.14.3 to 1.15.0

Release notes

Sourced from github.com/bits-and-blooms/bitset's releases.

Version 1.15.0

What's Changed

• issue 174 by @​lemire in bits-and-blooms/bitset#175
• add Word method with tests by @​CannibalVox in bits-and-blooms/bitset#177

New Contributors

• @​CannibalVox made their first contribution in bits-and-blooms/bitset#177

Full Changelog: https://github.com/bits-and-blooms/bitset/compare/v1.14.3...v1.15.0

Commits

• 417751b Merge pull request #177 from CannibalVox/master
• 8e4fa49 review comments
• 063e841 add Word method with tests
• 5f9e437 Merge pull request #175 from bits-and-blooms/issue174
• 2ba49f6 fix
• c2536d3 fix
• 43e8b4d issue 174
• 5e0bcef Merge pull request #173 from bits-and-blooms/dependabot/github_actions/github...
• b82d410 Bump the github-actions group across 1 directory with 4 updates
• 11ee155 [no-ci] Update README.md
• See full diff in compare view

Updates github.com/blevesearch/bleve/v2 from 2.4.2 to 2.4.3

Release notes

Sourced from github.com/blevesearch/bleve/v2's releases.

v2.4.3

Bug Fixes

• Address a corner case with ivf_nprobe_pct query parameter (blevesearch/go-faiss#34)
• Several guard rails put in place to avoid array-out-of-bounds-access and divide-by-zero errors: (blevesearch/zapx#263, blevesearch/zapx#270, blevesearch/zapx#271, blevesearch/zapx#273) to overcome blevesearch/bleve#1662
• Handling early exits/optimization for boolean queries (blevesearch/bleve#2065)

Improvements

• Vector search requires faiss dynamic library to be built from blevesearch/faiss@b747c55a which is a modified version of v1.8.0
• Support for cosine similarity distance metric to normalize vectors before indexing/querying for nearest neighbor search (blevesearch/bleve#2051)
• Support for selectivity filters as a pre-cursor to vector search (blevesearch/bleve#2063)

Milestone

• v2.4.3

Commits

• e72f7c2 MB-62230 - Pre-filtering Optimisation (#2098)
• 902051d MB-62230, MB-63992: Upgrade zapx/v16 (#2095)
• cb1810f MB-63334: Fix race condition in NormalizeVector (#2094)
• bed244c MB-57871: Upgrade zapx v15 and v16 (#2092)
• ab10172 MB-57871, MB-62230: Upgrade to zapx/v16@v16.1.7 + go-faiss@v1.0.23 (#2088)
• 02d37a4 MB-57871: Upgrade zapx/v16 and zapx/v15 for fixes (#2091)
• 3c77b49 MB-63736: Yet another shortcoming from an earlier commit (#2087)
• c0e3ff2 Upgrade zapx/v16 to v16.1.6 (#2086)
• fb56d65 MB-63742 - Fix populating the filter hits map (#2085)
• fab6e1e MB-63736: "EligibleDocumentMatchHandler" is for local purposes only (#2084)
• Additional commits viewable in compare view

Updates github.com/dgraph-io/badger/v4 from 4.3.1 to 4.4.0

Release notes

Sourced from github.com/dgraph-io/badger/v4's releases.

Badger v4.4.0

What's Changed

• chore(deps): bump the minor group with 2 updates by @​dependabot in dgraph-io/badger#2119
• fix: sentinel errors should not have stack traces by @​mitar in dgraph-io/badger#2042
• chore(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11 in the patch group by @​dependabot in dgraph-io/badger#2120
• Feature: Allow stream custom maxsize per batch by @​simon28082 in dgraph-io/badger#2063
• retract v4.3.0 due to #2121 and #2113, use ristretto v2 by @​mangalaman93 in dgraph-io/badger#2122
• docs(using-badger) add project to docs by @​thisisdev-patrick in dgraph-io/badger#2124
• upgrade ristretto and use Go 1.21 by @​mangalaman93 in dgraph-io/badger#2125
• set min Go version to v1.21 by @​mangalaman93 in dgraph-io/badger#2126

Full Changelog: https://github.com/dgraph-io/badger/compare/v4.3.1...v4.4.0

Changelog

Sourced from github.com/dgraph-io/badger/v4's changelog.

[4.4.0] - 2024-10-26

• retract v4.3.0 due to #2121 and #2113, upgrade to Go v1.23, use ristretto v2 in dgraph-io/badger#2122
• Allow stream custom maxsize per batch in dgraph-io/badger#2063
• chore(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11 in the patch group in dgraph-io/badger#2120
• fix: sentinel errors should not have stack traces in dgraph-io/badger#2042
• chore(deps): bump the minor group with 2 updates in dgraph-io/badger#2119

Full Changelog: https://github.com/dgraph-io/badger/compare/v4.3.1...v4.4.0

Commits

• b239e99 set min Go version to v1.21 (#2126)
• 2827c68 upgrade ristretto and use Go 1.21 (#2125)
• 8b1f4a9 update changelog till v4.4.0 (#2123)
• ae70aa9 Update stale.yml
• dcaa109 docs(using-badger) add project to docs (#2124)
• 7f657f8 retract v4.3.0 due to #2121 and #2113, upgrade to Go v1.23, use ristretto v2 ...
• 10a09e6 Allow stream custom maxsize per batch (#2063)
• ca7c9d4 chore(deps): bump github.com/klauspost/compress from 1.17.10 to 1.17.11 in th...
• de3932e fix: sentinel errors should not have stack traces (#2042)
• 16b63df chore(deps): bump the minor group with 2 updates (#2119)
• See full diff in compare view

Updates github.com/dgraph-io/dgo/v240 from 240.0.0 to 240.0.1

Release notes

Sourced from github.com/dgraph-io/dgo/v240's releases.

dgo v240.0.1

What's Changed

• Bump google.golang.org/grpc from 1.66.0 to 1.66.1 in the minor-and-patch group by @​dependabot in dgraph-io/dgo#202
• fix euclidean spelling by @​shivaji-kharse in dgraph-io/dgo#204
• Bump google.golang.org/grpc from 1.66.1 to 1.66.2 in the minor-and-patch group by @​dependabot in dgraph-io/dgo#203
• Bump google.golang.org/grpc from 1.66.2 to 1.67.0 in the minor-and-patch group by @​dependabot in dgraph-io/dgo#205
• Bump google.golang.org/grpc from 1.67.0 to 1.67.1 in the minor-and-patch group by @​dependabot in dgraph-io/dgo#206
• declare min Go version to be v1.21 by @​mangalaman93 in dgraph-io/dgo#207

Full Changelog: https://github.com/dgraph-io/dgo/compare/v240.0.0...v240.0.1

Commits

• aacd75b declare min Go version to be v1.21 (#207)
• be2dc4d Update stale.yml
• cf2638d Bump google.golang.org/grpc from 1.67.0 to 1.67.1 in the minor-and-patch grou...
• c366635 Bump google.golang.org/grpc from 1.66.2 to 1.67.0 in the minor-and-patch grou...
• 798a3bb Bump google.golang.org/grpc from 1.66.1 to 1.66.2 in the minor-and-patch grou...
• 0e00a9a fix euclidean spelling (#204)
• 2bcbd91 Delete .github/ISSUE_TEMPLATE
• f4a4e26 Bump google.golang.org/grpc from 1.66.0 to 1.66.1 in the minor-and-patch grou...
• 3c5ad22 Update dependabot.yml
• See full diff in compare view

Updates github.com/golang/glog from 1.2.2 to 1.2.3

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.3

What's Changed

• glog: check that stderr is valid before using it by default by @​chressie in golang/glog#72
• glog: fix typo by @​chressie in golang/glog#73

Full Changelog: https://github.com/golang/glog/compare/v1.2.2...v1.2.3

Commits

• 04dbec0 glog: fix typo (#73)
• 459cf3b glog: check that stderr is valid before using it by default (#72)
• See full diff in compare view

Updates go.etcd.io/etcd/raft/v3 from 3.5.16 to 3.5.17

Release notes

Sourced from go.etcd.io/etcd/raft/v3's releases.

v3.5.17

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.5.17
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd

GITHUB_URL=https://github.com/etcd-io/etcd/releases/download

DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz

tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1

rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version

/tmp/etcd-download-test/etcdctl version

/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar

/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.5.17
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd

GITHUB_URL=https://github.com/etcd-io/etcd/releases/download

DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip

rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip

unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip

mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64

</tr></table>

... (truncated)

Commits

• 507c0de version: bump up to 3.5.17
• 307f9dc Merge pull request #18863 from ghouscht/backport-18812-3.5
• 4f9a1c7 Merge pull request #18876 from ivanvc/release-3.5-backport-18649
• cb970e5 release: use GitHub's gh to create GitHub release
• 76275d6 release: properly change working dir if tmp location already exists
• 4726460 Merge pull request #18854 from ghouscht/backport-defrag-close-temp-3.5
• b2ba488 fix(defrag): close temp file in case of error
• d770310 Merge pull request #18849 from ivanvc/release-3.5-update-go-to-1.22.9
• bceca16 Bump go toolchain to 1.22.9
• ab8bfc2 Merge pull request #18842 from ghouscht/defrag-fixes-backport-3.5
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.28.0 to 0.29.0

Commits

• 6018723 go.mod: update golang.org/x dependencies
• 71ed71b README: don't recommend go get
• 750a45f sha3: add MarshalBinary, AppendBinary, and UnmarshalBinary
• 36b1725 sha3: avoid trailing permutation
• 80ea76e sha3: fix padding for long cSHAKE parameters
• c17aa50 sha3: avoid buffer copy
• 7cfb916 ssh: return unexpected msg error when server fails keyboard-interactive auth ...
• b61b08d chacha20: extend ppc64le support to ppc64
• 6c21748 internal/poly1305: extend ppc64le support to ppc64
• See full diff in compare view

Updates golang.org/x/mod from 0.21.0 to 0.22.0

Commits

• dec0365 sumdb: make data tiles by Server compatible with sum.golang.org
• c8a7319 x/mod: fix handling of vendored packages with '/vendor' in non-top-level paths
• 9cd0e4c x/mod: remove vendor/modules.txt from module download
• See full diff in compare view

Updates golang.org/x/net from 0.30.0 to 0.31.0

Commits

• 334afa0 go.mod: update golang.org/x dependencies
• d7f220d quic: add LocalAddr and RemoteAddr to quic.Conn
• 858db1a http2: surface errors occurring very early in a client conn's lifetime
• 0aa844c http2: support unencrypted HTTP/2 handoff from net/http
• f35fec9 http2: detect hung client connections by confirming stream resets
• e883dae README: don't recommend go get
• 511cc3a html: add Node.{Ancestors,ChildNodes,Descendants}()
• 4783315 http2: limit 1xx based on size, do not limit when delivered
• 5716b98 internal/socket: execute gofmt
• 42b1186 http2: support ResponseController.EnableFullDuplex
• See full diff in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

• 151027e README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/sys from 0.26.0 to 0.27.0

Commits

• e0753d4 Revert "windows/mkwinsyscall: use syscall.SyscallN instead of syscall.Syscall...
• c29efe3 windows: add iphlpapi functions for change notifications
• 8f2aa9f cpu: conditionally re-enable AVX512 support on darwin/amd64
• 054f1fc README: don't recommend go get
• ca04041 unix: extend z/OS support
• 18e038c unix: move NETLINK_* consts to own section
• d045236 windows: implement Ftruncate using a single syscall on Windows
• cff53d5 unix: gofmt after CL 610296
• 123459f unix: update z/OS implementation of fcntl and mmap
• df4a4da unix/linux: adjust Dockerfile ENV key value format
• Additional commits viewable in compare view

Updates golang.org/x/term from 0.25.0 to 0.26.0

Commits

• b725e36 go.mod: update golang.org/x dependencies
• 54df7da README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/text from 0.19.0 to 0.20.0

Commits

• efd25da go.mod: update golang.org/x dependencies
• 8a0e65e README: don't recommend go get
• fefda1a internal/texttest: remove Run and Bench helpers
• a457f47 all: normalize subtest names to NFC
• See full diff in compare view

Updates golang.org/x/tools from 0.26.0 to 0.27.0

Commits

• 4d2b19f go.mod: update golang.org/x dependencies
• 6368677 gopls/internal/golang: strength reduce ComputeImportFixEdits
• 777f155 gopls/internal/golang: show package attributes on hover
• 8a0e08f gopls/doc: add missing doc link
• 61415be gopls/internal/cache: guard against malformed paths in port.matches
• 9a89d3a internal/analysisinternal: avoid sub-token spans in TypeErrorEndPos
• 1115af6 internal/expect: support named arguments f(a, b, c=d, e="f")
• 0b9e499 go/{expect,packages/packagestest}: mention the tag+delete proposal
• efcd2bd internal/packagestest: fork go/packages/packagestest
• 0e9ed3d go/packages: do not mutate Config
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.67.1 to 1.68.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.68.0

Known Issues

• The recently added grpc.NewClient function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. This bug has been present since the introduction of NewClient. A fix is expected to be a part of grpc-go v1.69. (#7556)

---

Behavior Changes

• stats/opentelemetry/csm: Get mesh_id local label from "CSM_MESH_ID" environment variable, rather than parsing from bootstrap file (#7740)
• orca (experimental): if using an ORCA listener, it must now be registered only on a READY SubConn, and the listener will automatically be stopped when the connection is lost. (#7663)
• client: ClientConn.Close() now closes transports simultaneously and waits for transports to be closed before returning. (#7666)
• credentials: TLS credentials created via NewTLS that use tls.Config.GetConfigForClient will now have CipherSuites, supported TLS versions and ALPN configured automatically. These were previously only set for configs not using the GetConfigForClient option. (#7709)

Bug Fixes

• transport: prevent deadlock in client transport shutdown when writing the GOAWAY frame hangs. (#7662)
• mem: reuse buffers more accurately by using slice capacity instead of length (#7702)
  • Special Thanks: @​PapaCharlie
• status: Fix regression caused by #6919 in status.Details() causing it to return a wrapped type when getting proto messages generated with protoc-gen-go < v1. (#7724)

Dependencies

• Bump minimum supported Go version to go1.22.7. (#7624)

Commits

• acba4d3 Change version to 1.68.0 (#7743)
• 5363dca credentials: Apply defaults to TLS configs provided through GetConfigForClien...
• 056dc64 status: Fix status incompatibility introduced by #6919 and move non-regenerat...
• b79fb61 mem: use slice capacity instead of length, to determine whether to pool buffe...
• 54841ef stats/opentelemetry/csm: Get mesh_id local label from "CSM_MESH_ID" environme...
• ad81c20 pickfirstleaf: minor simplification to reconcileSubConnsLocked method (#7731)
• b850ea5 transport : wait for goroutines to exit before transport closes (#7666)
• 00b9e14 pickfirst: New pick first policy for dualstack (#7498)
• 18a4eac testutils: add couple of log statements to the restartable listener type (#7716)
• fdc2ec2 xdsclient: deflake TestADS_ResourcesAreRequestedAfterStreamRestart (#7720)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions