search

gin-contrib / sessions

Gin middleware for session management
MIT License
1.46k stars 196 forks source link

chore(deps): bump go.mongodb.org/mongo-driver from 1.9.1 to 1.10.2 #193

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps go.mongodb.org/mongo-driver from 1.9.1 to 1.10.2.

Release notes

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.10.2

The MongoDB Go Driver Team is pleased to release version 1.10.2 of the official Go driver.

Release Notes

This release stops treating context errors as retryable network errors where possible.

For a full list of tickets included in this release, please see the links below:

Documentation for the Go driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go driver is greatly appreciated!

MongoDB Go Driver 1.10.1

The MongoDB Go Driver Team is pleased to release version 1.10.1 of the official Go driver.

Release Notes

This release, along with the libmongocrypt v1.5.2 release, fixes a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services.

This release also removes potentially confusing deprecation warnings added to some existing timeout mechanisms in the v1.10.0 release.

Fix for potential data corruption when rotating encryption keys

Fixes a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services. See the libmongocrypt v1.5.2 release notes for more details about the bug. ClientEncryption.RewrapManyDataKey will now return an error if the linked version of libmongocrypt is less than 1.5.2.

For a full list of tickets included in this release, please see the links below:

Documentation for the Go driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go driver is greatly appreciated!

MongoDB Go Driver 1.10.0

:warning: Retracted

This release has been retracted due to a potential encryption key corruption bug in ClientEncryption.RewrapManyDataKey that can lead to encrypted data corruption when rotating encryption keys backed by GCP or Azure key services.

Please use version 1.10.1 or higher.

The MongoDB Go Driver Team is pleased to release version 1.10.0 of the official Go driver.

... (truncated)

Commits
  • f78a853 Update version to v1.10.2
  • 688e74b Fix new lint failures and drop deprecated linters. (#1055)
  • 0618fdf GODRIVER-2483 Make RTT90 client integration test more reliable. (#1025)
  • c4993a5 Stop treating context errors as network errors where possible. (#1045)
  • 16c2ea0 GODRIVER-2518 Use Go 1.18 for Evergreen CI. (#1047)
  • d593ef8 Update version to v1.10.2-prerelease
  • 9c62b3f Update version to v1.10.1
  • 06579a7 GODRIVER-2489 createPipelineOptionsDoc: return err (#1036)
  • bdfc953 update for libmongocrypt 1.5.2 (#1037)
  • 51ecabd GODRIVER-2489 Return error if createPipelineOptionsDoc() fails (#1035)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 2 years ago

Codecov Report

Merging #193 (fd08648) into master (828f985) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #193   +/-   ##
=======================================
  Coverage   64.00%   64.00%           
=======================================
  Files           8        8           
  Lines          75       75           
=======================================
  Hits           48       48           
  Misses         25       25           
  Partials        2        2

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

dependabot[bot] commented 2 years ago

Superseded by #198.