search

jgeraigery / reviews-imgproxy

Fast and secure standalone server for resizing and converting remote images
https://imgproxy.net
MIT License
0 stars 0 forks source link

Update Mend: high confidence minor and patch dependency updates #20

Open mend-for-github-com[bot] opened 3 months ago

mend-for-github-com[bot] commented 3 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.8.0 -> v1.12.0 age adoption passing confidence
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.1 -> v1.7.0 age adoption passing confidence
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0 -> v1.3.2 age adoption passing confidence
github.com/DataDog/datadog-go/v5 v5.3.0 -> v5.5.0 age adoption passing confidence
github.com/bugsnag/bugsnag-go/v2 v2.2.0 -> v2.4.0 age adoption passing confidence
github.com/felixge/httpsnoop v1.0.3 -> v1.0.4 age adoption passing confidence
github.com/getsentry/sentry-go v0.25.0 -> v0.28.1 age adoption passing confidence
github.com/prometheus/client_golang v1.17.0 -> v1.19.1 age adoption passing confidence
github.com/stretchr/testify v1.8.4 -> v1.9.0 age adoption passing confidence
golang.org/x/image v0.13.0 -> v0.18.0 age adoption passing confidence
golang.org/x/net v0.15.0 -> v0.17.0 age adoption passing confidence
golang.org/x/sys v0.13.0 -> v0.21.0 age adoption passing confidence
gopkg.in/DataDog/dd-trace-go.v1 v1.55.0 -> v1.65.1 age adoption passing confidence

By merging this PR, the issue #19 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2023-39325

Release Notes

DataDog/datadog-go (github.com/DataDog/datadog-go/v5) ### [`v5.5.0`](https://togithub.com/DataDog/datadog-go/releases/tag/v5.5.0) [Compare Source](https://togithub.com/DataDog/datadog-go/compare/v5.4.0...v5.5.0) See the [Changelog](https://togithub.com/DataDog/datadog-go/blob/master/CHANGELOG.md#550--2024-01-24) for the details. ### [`v5.4.0`](https://togithub.com/DataDog/datadog-go/releases/tag/v5.4.0) [Compare Source](https://togithub.com/DataDog/datadog-go/compare/v5.3.0...v5.4.0) See the [Changelog](https://togithub.com/DataDog/datadog-go/blob/master/CHANGELOG.md#540--2023-12-07) for the details.
bugsnag/bugsnag-go (github.com/bugsnag/bugsnag-go/v2) ### [`v2.4.0`](https://togithub.com/bugsnag/bugsnag-go/releases/tag/v2.4.0) [Compare Source](https://togithub.com/bugsnag/bugsnag-go/compare/v2.3.1...v2.4.0) #### 2.4.0 (2024-04-15) ##### Enhancements - Sanitize for metadata should also handler json and \[]byte [#​226](https://togithub.com/bugsnag/bugsnag-go/pull/226) [Chris Duncan](https://togithub.com/veqryn) ### [`v2.3.1`](https://togithub.com/bugsnag/bugsnag-go/releases/tag/v2.3.1) [Compare Source](https://togithub.com/bugsnag/bugsnag-go/compare/v2.3.0...v2.3.1) #### 2.3.1 (2024-03-18) ##### Bug fixes - Handle empty pointers to complex structs in metadata.Add [#​221](https://togithub.com/bugsnag/bugsnag-go/pull/221) ### [`v2.3.0`](https://togithub.com/bugsnag/bugsnag-go/releases/tag/v2.3.0) [Compare Source](https://togithub.com/bugsnag/bugsnag-go/compare/v2.2.1...v2.3.0) #### 2.3.0 (2024-03-05) ##### Bug fixes - Start showing inlined functions in stack trace [#​208](https://togithub.com/bugsnag/bugsnag-go/pull/208) - Handle complex structs in metadata [#​215](https://togithub.com/bugsnag/bugsnag-go/pull/215) [Chris Duncan](https://togithub.com/veqryn) - Stop trimming everything before "main.go" on main packages [#​217](https://togithub.com/bugsnag/bugsnag-go/pull/217) [Chris Duncan](https://togithub.com/veqryn) ### [`v2.2.1`](https://togithub.com/bugsnag/bugsnag-go/releases/tag/v2.2.1) [Compare Source](https://togithub.com/bugsnag/bugsnag-go/compare/v2.2.0...v2.2.1) #### 2.2.1 (2022-02-21) ##### Bug fixes - Fix middleware panic on nil \*http.Request [#​212](https://togithub.com/bugsnag/bugsnag-go/pull/212)
felixge/httpsnoop (github.com/felixge/httpsnoop) ### [`v1.0.4`](https://togithub.com/felixge/httpsnoop/compare/v1.0.3...v1.0.4) [Compare Source](https://togithub.com/felixge/httpsnoop/compare/v1.0.3...v1.0.4)
getsentry/sentry-go (github.com/getsentry/sentry-go) ### [`v0.28.1`](https://togithub.com/getsentry/sentry-go/releases/tag/v0.28.1): 0.28.1 [Compare Source](https://togithub.com/getsentry/sentry-go/compare/v0.28.0...v0.28.1) The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.28.1. ##### Bug Fixes - Implement `http.ResponseWriter` to hook into various parts of the response process ([#​837](https://togithub.com/getsentry/sentry-go/pull/837)) ### [`v0.28.0`](https://togithub.com/getsentry/sentry-go/releases/tag/v0.28.0): 0.28.0 [Compare Source](https://togithub.com/getsentry/sentry-go/compare/v0.27.0...v0.28.0) The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.28.0. ##### Features - Add a `Fiber` performance tracing & error reporting integration ([#​795](https://togithub.com/getsentry/sentry-go/pull/795)) - Add performance tracing to the `Echo` integration ([#​722](https://togithub.com/getsentry/sentry-go/pull/722)) - Add performance tracing to the `FastHTTP` integration ([#​732](https://togithub.com/getsentry/sentry-go/pull/723)) - Add performance tracing to the `Iris` integration ([#​809](https://togithub.com/getsentry/sentry-go/pull/809)) - Add performance tracing to the `Negroni` integration ([#​808](https://togithub.com/getsentry/sentry-go/pull/808)) - Add `FailureIssueThreshold` & `RecoveryThreshold` to `MonitorConfig` ([#​775](https://togithub.com/getsentry/sentry-go/pull/775)) - Use `errors.Unwrap()` to create exception groups ([#​792](https://togithub.com/getsentry/sentry-go/pull/792)) - Add support for matching on strings for `ClientOptions.IgnoreErrors` & `ClientOptions.IgnoreTransactions` ([#​819](https://togithub.com/getsentry/sentry-go/pull/819)) - Add `http.request.method` attribute for performance span data ([#​786](https://togithub.com/getsentry/sentry-go/pull/786)) - Accept `interface{}` for span data values ([#​784](https://togithub.com/getsentry/sentry-go/pull/784)) ##### Fixes - Fix missing stack trace for parsing error in `logrusentry` ([#​689](https://togithub.com/getsentry/sentry-go/pull/689)) ### [`v0.27.0`](https://togithub.com/getsentry/sentry-go/releases/tag/v0.27.0): 0.27.0 [Compare Source](https://togithub.com/getsentry/sentry-go/compare/v0.26.0...v0.27.0) The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.27.0. ##### Breaking Changes - `Exception.ThreadId` is now typed as `uint64`. It was wrongly typed as `string` before. ([#​770](https://togithub.com/getsentry/sentry-go/pull/770)) ##### Misc - Export `Event.Attachments` ([#​771](https://togithub.com/getsentry/sentry-go/pull/771)) ### [`v0.26.0`](https://togithub.com/getsentry/sentry-go/releases/tag/v0.26.0): 0.26.0 [Compare Source](https://togithub.com/getsentry/sentry-go/compare/v0.25.0...v0.26.0) The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.26.0. ##### Breaking Changes As previously announced, this release removes some methods from the SDK. - `sentry.TransactionName()` use `sentry.WithTransactionName()` instead. - `sentry.OpName()` use `sentry.WithOpName()` instead. - `sentry.TransctionSource()` use `sentry.WithTransactionSource()` instead. - `sentry.SpanSampled()` use `sentry.WithSpanSampled()` instead. ##### Features - Add `WithDescription` span option ([#​751](https://togithub.com/getsentry/sentry-go/pull/751)) ```go span := sentry.StartSpan(ctx, "http.client", WithDescription("GET /api/users")) ``` - Add support for package name parsing in Go 1.20 and higher ([#​730](https://togithub.com/getsentry/sentry-go/pull/730)) ##### Bug Fixes - Apply `ClientOptions.SampleRate` only to errors & messages ([#​754](https://togithub.com/getsentry/sentry-go/pull/754)) - Check if git is available before executing any git commands ([#​737](https://togithub.com/getsentry/sentry-go/pull/737))
prometheus/client_golang (github.com/prometheus/client_golang) ### [`v1.19.1`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.1) [Compare Source](https://togithub.com/prometheus/client_golang/compare/v1.19.0...v1.19.1) #### What's Changed - Security patches for `golang.org/x/sys` and `google.golang.org/protobuf` #### New Contributors - [@​lukasauk](https://togithub.com/lukasauk) made their first contribution in [https://github.com/prometheus/client_golang/pull/1494](https://togithub.com/prometheus/client_golang/pull/1494) **Full Changelog**: https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1 ### [`v1.19.0`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.0) [Compare Source](https://togithub.com/prometheus/client_golang/compare/v1.18.0...v1.19.0) #### What's Changed The module `prometheus/common v0.48.0` introduced an incompatibility when used together with client_golang (See [https://github.com/prometheus/client_golang/pull/1448](https://togithub.com/prometheus/client_golang/pull/1448) for more details). If your project uses client_golang and you want to use `prometheus/common v0.48.0` or higher, please update client_golang to v1.19.0. - \[CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). [#​1445](https://togithub.com/prometheus/client_golang/issues/1445) [#​1449](https://togithub.com/prometheus/client_golang/issues/1449) - \[FEATURE] collectors: Add version collector. [#​1422](https://togithub.com/prometheus/client_golang/issues/1422) [#​1427](https://togithub.com/prometheus/client_golang/issues/1427) #### New Contributors - [@​michurin](https://togithub.com/michurin) made their first contribution in [https://github.com/prometheus/client_golang/pull/1423](https://togithub.com/prometheus/client_golang/pull/1423) - [@​kavu](https://togithub.com/kavu) made their first contribution in [https://github.com/prometheus/client_golang/pull/1445](https://togithub.com/prometheus/client_golang/pull/1445) - [@​ywwg](https://togithub.com/ywwg) made their first contribution in [https://github.com/prometheus/client_golang/pull/1448](https://togithub.com/prometheus/client_golang/pull/1448) **Full Changelog**: https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.0 ### [`v1.18.0`](https://togithub.com/prometheus/client_golang/releases/tag/v1.18.0) [Compare Source](https://togithub.com/prometheus/client_golang/compare/v1.17.0...v1.18.0) #### What's Changed - \[FEATURE] promlint: Allow creation of custom metric validations. [#​1311](https://togithub.com/prometheus/client_golang/issues/1311) - \[FEATURE] Go programs using client_golang can be built in wasip1 OS. [#​1350](https://togithub.com/prometheus/client_golang/issues/1350) - \[BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. [#​1367](https://togithub.com/prometheus/client_golang/issues/1367) - \[BUGFIX] testutil: Fix comparison of metrics with empty Help strings. [#​1378](https://togithub.com/prometheus/client_golang/issues/1378) - \[ENHANCEMENT] Improved performance of `MetricVec.WithLabelValues(...)`. [#​1360](https://togithub.com/prometheus/client_golang/issues/1360) #### New Contributors - [@​srenatus](https://togithub.com/srenatus) made their first contribution in [https://github.com/prometheus/client_golang/pull/1350](https://togithub.com/prometheus/client_golang/pull/1350) - [@​jadolg](https://togithub.com/jadolg) made their first contribution in [https://github.com/prometheus/client_golang/pull/1342](https://togithub.com/prometheus/client_golang/pull/1342) - [@​manas-rust](https://togithub.com/manas-rust) made their first contribution in [https://github.com/prometheus/client_golang/pull/1383](https://togithub.com/prometheus/client_golang/pull/1383) - [@​bluekeyes](https://togithub.com/bluekeyes) made their first contribution in [https://github.com/prometheus/client_golang/pull/1378](https://togithub.com/prometheus/client_golang/pull/1378) - [@​tsipo](https://togithub.com/tsipo) made their first contribution in [https://github.com/prometheus/client_golang/pull/1387](https://togithub.com/prometheus/client_golang/pull/1387) **Full Changelog**: https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0
stretchr/testify (github.com/stretchr/testify) ### [`v1.9.0`](https://togithub.com/stretchr/testify/releases/tag/v1.9.0) [Compare Source](https://togithub.com/stretchr/testify/compare/v1.8.4...v1.9.0) #### What's Changed - Fix Go modules version by [@​SuperQ](https://togithub.com/SuperQ) in [https://github.com/stretchr/testify/pull/1394](https://togithub.com/stretchr/testify/pull/1394) - Document that require is not safe to call in created goroutines by [@​programmer04](https://togithub.com/programmer04) in [https://github.com/stretchr/testify/pull/1392](https://togithub.com/stretchr/testify/pull/1392) - Remove myself from MAINTAINERS.md by [@​mvdkleijn](https://togithub.com/mvdkleijn) in [https://github.com/stretchr/testify/pull/1367](https://togithub.com/stretchr/testify/pull/1367) - Correct spelling/grammar by [@​echarrod](https://togithub.com/echarrod) in [https://github.com/stretchr/testify/pull/1389](https://togithub.com/stretchr/testify/pull/1389) - docs: Update URLs in README by [@​davidjb](https://togithub.com/davidjb) in [https://github.com/stretchr/testify/pull/1349](https://togithub.com/stretchr/testify/pull/1349) - Update mockery link to Github Pages in README by [@​LandonTClipp](https://togithub.com/LandonTClipp) in [https://github.com/stretchr/testify/pull/1346](https://togithub.com/stretchr/testify/pull/1346) - docs: Fix typos in tests and comments by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1410](https://togithub.com/stretchr/testify/pull/1410) - CI: tests from go1.17 by [@​SuperQ](https://togithub.com/SuperQ) in [https://github.com/stretchr/testify/pull/1409](https://togithub.com/stretchr/testify/pull/1409) - Fix adding ? when no values passed by [@​lesichkovm](https://togithub.com/lesichkovm) in [https://github.com/stretchr/testify/pull/1320](https://togithub.com/stretchr/testify/pull/1320) - codegen: use standard header for generated files by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1406](https://togithub.com/stretchr/testify/pull/1406) - mock: AssertExpectations log reason only on failure by [@​hikyaru-suzuki](https://togithub.com/hikyaru-suzuki) in [https://github.com/stretchr/testify/pull/1360](https://togithub.com/stretchr/testify/pull/1360) - assert: fix flaky TestNeverTrue by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1417](https://togithub.com/stretchr/testify/pull/1417) - README: fix typos "set up" vs "setup" by [@​ossan-dev](https://togithub.com/ossan-dev) in [https://github.com/stretchr/testify/pull/1428](https://togithub.com/stretchr/testify/pull/1428) - mock: move regexp compilation outside of `Called` by [@​aud10slave](https://togithub.com/aud10slave) in [https://github.com/stretchr/testify/pull/631](https://togithub.com/stretchr/testify/pull/631) - assert: refactor internal func getLen() by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1445](https://togithub.com/stretchr/testify/pull/1445) - mock: deprecate type AnythingOfTypeArgument ([#​1434](https://togithub.com/stretchr/testify/issues/1434)) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1441](https://togithub.com/stretchr/testify/pull/1441) - Remove no longer needed assert.canConvert by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1470](https://togithub.com/stretchr/testify/pull/1470) - assert: ObjectsAreEqual: use time.Equal for time.Time types by [@​tscales](https://togithub.com/tscales) in [https://github.com/stretchr/testify/pull/1464](https://togithub.com/stretchr/testify/pull/1464) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1466](https://togithub.com/stretchr/testify/pull/1466) - Bump actions/setup-go from 3.2.0 to 4.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1451](https://togithub.com/stretchr/testify/pull/1451) - fix: make EventuallyWithT concurrency safe by [@​czeslavo](https://togithub.com/czeslavo) in [https://github.com/stretchr/testify/pull/1395](https://togithub.com/stretchr/testify/pull/1395) - assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by [@​hidu](https://togithub.com/hidu) in [https://github.com/stretchr/testify/pull/1484](https://togithub.com/stretchr/testify/pull/1484) - assert.EqualExportedValues: fix handling of arrays by [@​zrbecker](https://togithub.com/zrbecker) in [https://github.com/stretchr/testify/pull/1473](https://togithub.com/stretchr/testify/pull/1473) - .github: use latest Go versions by [@​kevinburkesegment](https://togithub.com/kevinburkesegment) in [https://github.com/stretchr/testify/pull/1489](https://togithub.com/stretchr/testify/pull/1489) - assert: Deprecate EqualExportedValues by [@​HaraldNordgren](https://togithub.com/HaraldNordgren) in [https://github.com/stretchr/testify/pull/1488](https://togithub.com/stretchr/testify/pull/1488) - suite: refactor test assertions by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1474](https://togithub.com/stretchr/testify/pull/1474) - suite: fix SetupSubTest and TearDownSubTest execution order by [@​linusbarth](https://togithub.com/linusbarth) in [https://github.com/stretchr/testify/pull/1471](https://togithub.com/stretchr/testify/pull/1471) - docs: Fix deprecation comments for http package by [@​alexandear](https://togithub.com/alexandear) in [https://github.com/stretchr/testify/pull/1335](https://togithub.com/stretchr/testify/pull/1335) - Add map support doc comments to Subset and NotSubset by [@​jedevc](https://togithub.com/jedevc) in [https://github.com/stretchr/testify/pull/1306](https://togithub.com/stretchr/testify/pull/1306) - TestErrorIs/TestNotErrorIs: check error message contents by [@​craig65535](https://togithub.com/craig65535) in [https://github.com/stretchr/testify/pull/1435](https://togithub.com/stretchr/testify/pull/1435) - suite: fix subtest names (fix [#​1501](https://togithub.com/stretchr/testify/issues/1501)) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1504](https://togithub.com/stretchr/testify/pull/1504) - assert: improve unsafe.Pointer tests by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1505](https://togithub.com/stretchr/testify/pull/1505) - assert: simplify isNil implementation by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1506](https://togithub.com/stretchr/testify/pull/1506) - assert.InEpsilonSlice: fix expected/actual order and other improvements by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1483](https://togithub.com/stretchr/testify/pull/1483) - Fix dependency cycle with objx [#​1292](https://togithub.com/stretchr/testify/issues/1292) by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1453](https://togithub.com/stretchr/testify/pull/1453) - mock: refactor TestIsArgsEqual by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1444](https://togithub.com/stretchr/testify/pull/1444) - mock: optimize argument matching checks by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1416](https://togithub.com/stretchr/testify/pull/1416) - assert: fix TestEventuallyTimeout by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1412](https://togithub.com/stretchr/testify/pull/1412) - CI: add go 1.21 in GitHub Actions by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1450](https://togithub.com/stretchr/testify/pull/1450) - suite: fix recoverAndFailOnPanic to report test failure at the right location by [@​dolmen](https://togithub.com/dolmen) in [https://github.com/stretchr/testify/pull/1502](https://togithub.com/stretchr/testify/pull/1502) - Update maintainers by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1533](https://togithub.com/stretchr/testify/pull/1533) - assert: Fix EqualValues to handle overflow/underflow by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1531](https://togithub.com/stretchr/testify/pull/1531) - assert: better formatting for Len() error by [@​kevinburkesegment](https://togithub.com/kevinburkesegment) in [https://github.com/stretchr/testify/pull/1485](https://togithub.com/stretchr/testify/pull/1485) - Ensure AssertExpectations does not fail in skipped tests by [@​ianrose14](https://togithub.com/ianrose14) in [https://github.com/stretchr/testify/pull/1331](https://togithub.com/stretchr/testify/pull/1331) - suite: fix deadlock in suite.Require()/Assert() by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1535](https://togithub.com/stretchr/testify/pull/1535) - Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1537](https://togithub.com/stretchr/testify/pull/1537) - \[chore] Add issue templates by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1538](https://togithub.com/stretchr/testify/pull/1538) - Update the build status badge by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1540](https://togithub.com/stretchr/testify/pull/1540) - Update Github workflows setup-go to V5 by [@​hendrywiranto](https://togithub.com/hendrywiranto) in [https://github.com/stretchr/testify/pull/1545](https://togithub.com/stretchr/testify/pull/1545) - Support Pointer to Struct in EqualExportedValues by [@​Lucaber](https://togithub.com/Lucaber) in [https://github.com/stretchr/testify/pull/1517](https://togithub.com/stretchr/testify/pull/1517) - README: drop link to gorc by [@​guettli](https://togithub.com/guettli) in [https://github.com/stretchr/testify/pull/1248](https://togithub.com/stretchr/testify/pull/1248) - http_assertions: honour the msgAndArgs provided with each assertion by [@​arjunmahishi](https://togithub.com/arjunmahishi) in [https://github.com/stretchr/testify/pull/1548](https://togithub.com/stretchr/testify/pull/1548) - fix typos in comments and tests by [@​ccoVeille](https://togithub.com/ccoVeille) in [https://github.com/stretchr/testify/pull/1247](https://togithub.com/stretchr/testify/pull/1247) - Include the auto-release notes in releases by [@​brackendawson](https://togithub.com/brackendawson) in [https://github.com/stretchr/testify/pull/1550](https://togithub.com/stretchr/testify/pull/1550) - Add `NotImplements` and variants by [@​hslatman](https://togithub.com/hslatman) in [https://github.com/stretchr/testify/pull/1385](https://togithub.com/stretchr/testify/pull/1385) - Add support to compare uintptr by [@​bogdandrutu](https://togithub.com/bogdandrutu) in [https://github.com/stretchr/testify/pull/1339](https://togithub.com/stretchr/testify/pull/1339) - build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/stretchr/testify/pull/1552](https://togithub.com/stretchr/testify/pull/1552) #### New Contributors - [@​SuperQ](https://togithub.com/SuperQ) made their first contribution in [https://github.com/stretchr/testify/pull/1394](https://togithub.com/stretchr/testify/pull/1394) - [@​programmer04](https://togithub.com/programmer04) made their first contribution in [https://github.com/stretchr/testify/pull/1392](https://togithub.com/stretchr/testify/pull/1392) - [@​echarrod](https://togithub.com/echarrod) made their first contribution in [https://github.com/stretchr/testify/pull/1389](https://togithub.com/stretchr/testify/pull/1389) - [@​davidjb](https://togithub.com/davidjb) made their first contribution in [https://github.com/stretchr/testify/pull/1349](https://togithub.com/stretchr/testify/pull/1349) - [@​LandonTClipp](https://togithub.com/LandonTClipp) made their first contribution in [https://github.com/stretchr/testify/pull/1346](https://togithub.com/stretchr/testify/pull/1346) - [@​alexandear](https://togithub.com/alexandear) made their first contribution in [https://github.com/stretchr/testify/pull/1410](https://togithub.com/stretchr/testify/pull/1410) - [@​lesichkovm](https://togithub.com/lesichkovm) made their first contribution in [https://github.com/stretchr/testify/pull/1320](https://togithub.com/stretchr/testify/pull/1320) - [@​dolmen](https://togithub.com/dolmen) made their first contribution in [https://github.com/stretchr/testify/pull/1406](https://togithub.com/stretchr/testify/pull/1406) - [@​hikyaru-suzuki](https://togithub.com/hikyaru-suzuki) made their first contribution in [https://github.com/stretchr/testify/pull/1360](https://togithub.com/stretchr/testify/pull/1360) - [@​ossan-dev](https://togithub.com/ossan-dev) made their first contribution in [https://github.com/stretchr/testify/pull/1428](https://togithub.com/stretchr/testify/pull/1428) - [@​aud10slave](https://togithub.com/aud10slave) made their first contribution in [https://github.com/stretchr/testify/pull/631](https://togithub.com/stretchr/testify/pull/631) - [@​tscales](https://togithub.com/tscales) made their first contribution in [https://github.com/stretchr/testify/pull/1464](https://togithub.com/stretchr/testify/pull/1464) - [@​czeslavo](https://togithub.com/czeslavo) made their first contribution in [https://github.com/stretchr/testify/pull/1395](https://togithub.com/stretchr/testify/pull/1395) - [@​hidu](https://togithub.com/hidu) made their first contribution in [https://github.com/stretchr/testify/pull/1484](https://togithub.com/stretchr/testify/pull/1484) - [@​zrbecker](https://togithub.com/zrbecker) made their first contribution in [https://github.com/stretchr/testify/pull/1473](https://togithub.com/stretchr/testify/pull/1473) - [@​kevinburkesegment](https://togithub.com/kevinburkesegment) made their first contribution in [https://github.com/stretchr/testify/pull/1489](https://togithub.com/stretchr/testify/pull/1489) - [@​linusbarth](https://togithub.com/linusbarth) made their first contribution in [https://github.com/stretchr/testify/pull/1471](https://togithub.com/stretchr/testify/pull/1471) - [@​jedevc](https://togithub.com/jedevc) made their first contribution in [https://github.com/stretchr/testify/pull/1306](https://togithub.com/stretchr/testify/pull/1306) - [@​craig65535](https://togithub.com/craig65535) made their first contribution in [https://github.com/stretchr/testify/pull/1435](https://togithub.com/stretchr/testify/pull/1435) - [@​arjunmahishi](https://togithub.com/arjunmahishi) made their first contribution in [https://github.com/stretchr/testify/pull/1531](https://togithub.com/stretchr/testify/pull/1531) - [@​ianrose14](https://togithub.com/ianrose14) made their first contribution in [https://github.com/stretchr/testify/pull/1331](https://togithub.com/stretchr/testify/pull/1331) - [@​hendrywiranto](https://togithub.com/hendrywiranto) made their first contribution in [https://github.com/stretchr/testify/pull/1545](https://togithub.com/stretchr/testify/pull/1545) - [@​Lucaber](https://togithub.com/Lucaber) made their first contribution in [https://github.com/stretchr/testify/pull/1517](https://togithub.com/stretchr/testify/pull/1517) - [@​guettli](https://togithub.com/guettli) made their first contribution in [https://github.com/stretchr/testify/pull/1248](https://togithub.com/stretchr/testify/pull/1248) - [@​ccoVeille](https://togithub.com/ccoVeille) made their first contribution in [https://github.com/stretchr/testify/pull/1247](https://togithub.com/stretchr/testify/pull/1247) - [@​hslatman](https://togithub.com/hslatman) made their first contribution in [https://github.com/stretchr/testify/pull/1385](https://togithub.com/stretchr/testify/pull/1385) - [@​bogdandrutu](https://togithub.com/bogdandrutu) made their first contribution in [https://github.com/stretchr/testify/pull/1339](https://togithub.com/stretchr/testify/pull/1339) **Full Changelog**: https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0
DataDog/dd-trace-go (gopkg.in/DataDog/dd-trace-go.v1) ### [`v1.65.1`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.65.1) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.65.0...v1.65.1) ### Summary This patch release provide two small fixes: - Workaround of a bug found in go 1.20 that concerns all users of the `appsec/events.IsSecurityError()` that made the function always return false. Seeing spans in the DataDog's UI containing errors with the following message can also be a symptom of this issue: `request blocked by WAF` - Removal of a unsolicitated warning log in the form of: `ignoring DD_TRACE_SAMPLE_RATE, error: strconv.ParseFloat: parsing "": invalid syntax` ### Changes #### Application Performance Monitoring (APM) - ddtrace/tracer: update sample rate configuration parsing to avoid logging a warning when empty in [#​2751](https://togithub.com/DataDog/dd-trace-go/issues/2751) #### Application Security Management (ASM) - appsec: fix IsSecurityError in [#​2746](https://togithub.com/DataDog/dd-trace-go/issues/2746) **Full Changelog**: https://github.com/DataDog/dd-trace-go/compare/v1.65.0...v1.65.1 ### [`v1.65.0`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.65.0) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.64.1...v1.65.0) ### Summary In this release, Application Performance Monitoring (APM) improved trace and span IDs generation using `math/rand/v2` for Go 1.22 and later. APM introduced support for Go 1.22 ServeMux patterns and OTel env vars and better OTel HTTP status code remapping. Also, APM fixed a race condition when using spans concurrently and how dropped traces were reported to the agent. Application Security Management (ASM) introduces its new "Exploit Prevention" in public beta, a new type of in-app security monitoring that detects and blocks vulnerability exploits. This release includes Exploit Prevention of Server-Side Request Forgeries (SSRF) for HTTP client requests. Data Streams Monitoring (DSM) updates sketch mapping to improve accuracy and moves to `google.golang.org/protobuf`. And last, multiple dependencies have been upgraded to fixed versions for reported vulnerabilities and to reduce our dependency on `github.com/golang/protobuf`. ### Changes #### Application Performance Monitoring (APM) - go.mod: update github.com/DataDog/sketches-go to v1.4.5 by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2698](https://togithub.com/DataDog/dd-trace-go/pull/2698) - contrib/database/sql: allow peer.service to be set explicitly and add into propagated context by [@​tabgok](https://togithub.com/tabgok) in [https://github.com/DataDog/dd-trace-go/pull/2679](https://togithub.com/DataDog/dd-trace-go/pull/2679) - contrib/net/http: Support go1.22 ServeMux patterns by [@​felixge](https://togithub.com/felixge) in [https://github.com/DataDog/dd-trace-go/pull/2716](https://togithub.com/DataDog/dd-trace-go/pull/2716) - ddtrace/tracer: use math/rand/v2 for SpanID and TraceID by [@​knusbaum](https://togithub.com/knusbaum) in [https://github.com/DataDog/dd-trace-go/pull/2689](https://togithub.com/DataDog/dd-trace-go/pull/2689) - ddtrace/tracer: fix concurrent map writes when applying trace sampling rules and setting tags concurrently by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2727](https://togithub.com/DataDog/dd-trace-go/pull/2727) - w3c: ensure \_dd.parent_id is set using x-datadog-parent-id by [@​mabdinur](https://togithub.com/mabdinur) in [https://github.com/DataDog/dd-trace-go/pull/2696](https://togithub.com/DataDog/dd-trace-go/pull/2696) - ddtrace/tracer: increment droppedP0Traces iff it's not going to be sent by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2713](https://togithub.com/DataDog/dd-trace-go/pull/2713) - ddtrace/tracer: support default origin on dynamic config to support Active Tracing telemetry spec by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2623](https://togithub.com/DataDog/dd-trace-go/pull/2623) - ddtrace/tracer: only finish execution trace task, restore pprof labels once by [@​nsrip-dd](https://togithub.com/nsrip-dd) in [https://github.com/DataDog/dd-trace-go/pull/2708](https://togithub.com/DataDog/dd-trace-go/pull/2708) - ddtrace/tracer: add support for OTEL env vars by [@​mtoffl01](https://togithub.com/mtoffl01) in [https://github.com/DataDog/dd-trace-go/pull/2715](https://togithub.com/DataDog/dd-trace-go/pull/2715) - ddtrace/tracer: report trace and span sampling rules separately by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2718](https://togithub.com/DataDog/dd-trace-go/pull/2718) - ddtrace/opentelemetry: adds http status code remapping for otel trace metrics by [@​zarirhamza](https://togithub.com/zarirhamza) in [https://github.com/DataDog/dd-trace-go/pull/2728](https://togithub.com/DataDog/dd-trace-go/pull/2728) #### Application Security Management (ASM) - appsec: support for SSRF Exploit Prevention by [@​Hellzy](https://togithub.com/Hellzy) in [https://github.com/DataDog/dd-trace-go/pull/2707](https://togithub.com/DataDog/dd-trace-go/pull/2707) - appsec/grpc: fix rpc message blocking by [@​Julio-Guerra](https://togithub.com/Julio-Guerra) in [https://github.com/DataDog/dd-trace-go/pull/2723](https://togithub.com/DataDog/dd-trace-go/pull/2723) #### Data Streams Monitoring - Move to google.golang.org/protobuf by [@​piochelepiotr](https://togithub.com/piochelepiotr) in [https://github.com/DataDog/dd-trace-go/pull/2694](https://togithub.com/DataDog/dd-trace-go/pull/2694) - datastreams: Update mapping by [@​piochelepiotr](https://togithub.com/piochelepiotr) in [https://github.com/DataDog/dd-trace-go/pull/2703](https://togithub.com/DataDog/dd-trace-go/pull/2703) - \[DSMS-19] Fix SNS topic format issue by [@​juliannzhou](https://togithub.com/juliannzhou) in [https://github.com/DataDog/dd-trace-go/pull/2725](https://togithub.com/DataDog/dd-trace-go/pull/2725) #### Genera - internal: stacktrace: skip internal packages by [@​eliottness](https://togithub.com/eliottness) in [https://github.com/DataDog/dd-trace-go/pull/2697](https://togithub.com/DataDog/dd-trace-go/pull/2697) - go.mod: upgrade github.com/mattn/go-sqlite3 up to v1.14.18 ([#​2693](https://togithub.com/DataDog/dd-trace-go/issues/2693)) by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2714](https://togithub.com/DataDog/dd-trace-go/pull/2714) - go.mod: upgrade github.com/go-jose/go-jose/v3 to v3.0.3 by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2700](https://togithub.com/DataDog/dd-trace-go/pull/2700) - go.mod: upgrade google.golang.org/protobuf to v1.33.0 by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2699](https://togithub.com/DataDog/dd-trace-go/pull/2699) - go.mod: upgrade richardartoul/molecule by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2724](https://togithub.com/DataDog/dd-trace-go/pull/2724) #### New Contributors - [@​juliannzhou](https://togithub.com/juliannzhou) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2725](https://togithub.com/DataDog/dd-trace-go/pull/2725) **Full Changelog**: https://github.com/DataDog/dd-trace-go/compare/v1.64.0...v1.65.0 ### [`v1.64.1`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.64.1) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.64.0...v1.64.1) This patch release brings a fix for a data race in `ddtrace/tracer` when applying trace sampling rules and setting tags concurrently. **Full Changelog**: https://github.com/DataDog/dd-trace-go/compare/v1.64.0...v1.64.1 ### [`v1.64.0`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.64.0) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.63.1...v1.64.0) ### Summary In this release, the tracer adds support for tag-based sampling in sampling rules set via remote configuration. See https://docs.datadoghq.com/tracing/trace_collection/runtime_config/ for more on remote configuration. Additionally, the tracer now supports matching numeric values via span sampling rules, in addition to string values. For example, `[{"error_code": "4??", "sampling_rate":"0.01"}]` will now match both the integer 403 and the string \`"403". String matches are now case-insensitive. This release brings several bug fixes to the tracer, contrib packages, and remote configuration. ### Changes #### Application Performance Monitoring (APM) - ddtrace/tracer: added support for metrics tag sampling by [@​dianashevchenko](https://togithub.com/dianashevchenko) in [https://github.com/DataDog/dd-trace-go/pull/2662](https://togithub.com/DataDog/dd-trace-go/pull/2662) - ddtrace/tracer: adding support of tags in remote sampling rules. by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2676](https://togithub.com/DataDog/dd-trace-go/pull/2676) - ddtrace/tracer: added a WithAgentTimeout option to reduce the test suite duration with no agent by [@​dianashevchenko](https://togithub.com/dianashevchenko) in [https://github.com/DataDog/dd-trace-go/pull/2661](https://togithub.com/DataDog/dd-trace-go/pull/2661) ### Fixes #### Application Performance Monitoring (APM) - docs: fix dbStats example in contrib/database/sql by [@​mtoffl01](https://togithub.com/mtoffl01) in [https://github.com/DataDog/dd-trace-go/pull/2669](https://togithub.com/DataDog/dd-trace-go/pull/2669) - contrib/dimfeld/httptreemux.v5: fix route and name for 30X redirects by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2685](https://togithub.com/DataDog/dd-trace-go/pull/2685) - contrib/database/sql: Disable DBStats if statsd client initialization fails by [@​mtoffl01](https://togithub.com/mtoffl01) in [https://github.com/DataDog/dd-trace-go/pull/2682](https://togithub.com/DataDog/dd-trace-go/pull/2682) - fix: Don't call `c.Error(...)` inside echotrace middlewares by [@​nakkamarra](https://togithub.com/nakkamarra) in [https://github.com/DataDog/dd-trace-go/pull/2609](https://togithub.com/DataDog/dd-trace-go/pull/2609) - {ddtrace/tracer,datastreams}: set default agent TO to 10s by [@​ahmed-mez](https://togithub.com/ahmed-mez) in [https://github.com/DataDog/dd-trace-go/pull/2655](https://togithub.com/DataDog/dd-trace-go/pull/2655) - internal/remoteconfig: fixes data race when accessing capabilities by [@​SvenGasterstaedt](https://togithub.com/SvenGasterstaedt) in [https://github.com/DataDog/dd-trace-go/pull/2652](https://togithub.com/DataDog/dd-trace-go/pull/2652) - ddtrace/tracer: fix calculation of `tracestate` length by [@​bouwkast](https://togithub.com/bouwkast) in [https://github.com/DataDog/dd-trace-go/pull/2585](https://togithub.com/DataDog/dd-trace-go/pull/2585) - ddtracer/trace: if tracing disabled don't call agent to get features by [@​bstncartwright](https://togithub.com/bstncartwright) in [https://github.com/DataDog/dd-trace-go/pull/2482](https://togithub.com/DataDog/dd-trace-go/pull/2482) - ddtrace/tracer: fix sampling rule override for manual keep by [@​dianashevchenko](https://togithub.com/dianashevchenko) in [https://github.com/DataDog/dd-trace-go/pull/2666](https://togithub.com/DataDog/dd-trace-go/pull/2666) - internal: Fixing `_dd.p.dm` decision maker collision on number 10. by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2672](https://togithub.com/DataDog/dd-trace-go/pull/2672) - ddtrace/tracer: remove agent_psr when rule_psr is set by [@​dianashevchenko](https://togithub.com/dianashevchenko) in [https://github.com/DataDog/dd-trace-go/pull/2668](https://togithub.com/DataDog/dd-trace-go/pull/2668) #### New Contributors - [@​nakkamarra](https://togithub.com/nakkamarra) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2609](https://togithub.com/DataDog/dd-trace-go/pull/2609) - [@​SvenGasterstaedt](https://togithub.com/SvenGasterstaedt) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2652](https://togithub.com/DataDog/dd-trace-go/pull/2652) - [@​bouwkast](https://togithub.com/bouwkast) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2585](https://togithub.com/DataDog/dd-trace-go/pull/2585) - [@​bstncartwright](https://togithub.com/bstncartwright) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2482](https://togithub.com/DataDog/dd-trace-go/pull/2482) **Full Changelog**: https://github.com/DataDog/dd-trace-go/compare/v1.63.1...v1.64.0 ### [`v1.63.1`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.63.1) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.63.0...v1.63.1) ### Summary Fixed \_dd.p.dm decision maker collision on number 10. ### Changes #### Fixes - \[v1.63.1] internal: Fixing \_dd.p.dm decision maker collision on number 10 by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2673](https://togithub.com/DataDog/dd-trace-go/pull/2673) **Full Changelog**: https://github.com/DataDog/dd-trace-go/compare/v1.63.0...v1.63.1 ### [`v1.63.0`](https://togithub.com/DataDog/dd-trace-go/releases/tag/v1.63.0) [Compare Source](https://togithub.com/DataDog/dd-trace-go/compare/v1.62.0...v1.63.0) #### What's Changed ##### Application Performance Monitoring (APM) **Summary:** `database/sql` integration allows to send DB stats metrics with `WithDBStats`, new options added to `99designs/gqlgen` and `segmentio/kafka.go`, and `google.golang.org/grpc.v12` compilation errors fixed. Also introduces support for remote sampling rules consistent with the current implementation, except sampling by tags. - ddtrace/tracer: populate and propagate remote rules decision maker by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2643](https://togithub.com/DataDog/dd-trace-go/pull/2643) - ddtrace/tracer: support for remote sampling rules by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2596](https://togithub.com/DataDog/dd-trace-go/pull/2596) - contrib/99designs/gqlgen: add WithCustomTag option by [@​samsullivan](https://togithub.com/samsullivan) in [https://github.com/DataDog/dd-trace-go/pull/2598](https://togithub.com/DataDog/dd-trace-go/pull/2598) - contrib/database/sql: implementation of DB Stats feature with unique statsd client by [@​mtoffl01](https://togithub.com/mtoffl01) in [https://github.com/DataDog/dd-trace-go/pull/2629](https://togithub.com/DataDog/dd-trace-go/pull/2629) - contrib/database/sql: use tracer-level tags on contrib's statsd.Client by [@​mtoffl01](https://togithub.com/mtoffl01) in [https://github.com/DataDog/dd-trace-go/pull/2635](https://togithub.com/DataDog/dd-trace-go/pull/2635) - contrib/google.golang.org/grpc.v12: replace missing {From,New}Context with equivalent functions by [@​darccio](https://togithub.com/darccio) in [https://github.com/DataDog/dd-trace-go/pull/2624](https://togithub.com/DataDog/dd-trace-go/pull/2624) - contrib/segmentio/kafka.go.v0: add DSM support by [@​adrien-f](https://togithub.com/adrien-f) in [https://github.com/DataDog/dd-trace-go/pull/2625](https://togithub.com/DataDog/dd-trace-go/pull/2625) ##### Application Security Management (ASM) - Stricter time budget per request by [@​eliottness](https://togithub.com/eliottness) in [https://github.com/DataDog/dd-trace-go/pull/2613](https://togithub.com/DataDog/dd-trace-go/pull/2613) - Collect edge waf headers by [@​Julio-Guerra](https://togithub.com/Julio-Guerra) in [https://github.com/DataDog/dd-trace-go/pull/2637](https://togithub.com/DataDog/dd-trace-go/pull/2637) - Allow enabling SCA with DD_APPSEC_SCA_ENABLED by [@​Julio-Guerra](https://togithub.com/Julio-Guerra) in [https://github.com/DataDog/dd-trace-go/pull/2634](https://togithub.com/DataDog/dd-trace-go/pull/2634) - contrib/chi.v5: add a response header reader option by [@​turettn](https://togithub.com/turettn) in [https://github.com/DataDog/dd-trace-go/pull/2640](https://togithub.com/DataDog/dd-trace-go/pull/2640) ##### Profiling - profiler/internal/fastdelta: remove Go 1.18 + windows fuzz test workaround by [@​nsrip-dd](https://togithub.com/nsrip-dd) in [https://github.com/DataDog/dd-trace-go/pull/2639](https://togithub.com/DataDog/dd-trace-go/pull/2639) ##### General - go.mod: rotate go 1.19 from supported versions by [@​eliottness](https://togithub.com/eliottness) in [https://github.com/DataDog/dd-trace-go/pull/2617](https://togithub.com/DataDog/dd-trace-go/pull/2617) - internal: remove pre-Go 1.18 workaround for reading build info by [@​nsrip-dd](https://togithub.com/nsrip-dd) in [https://github.com/DataDog/dd-trace-go/pull/2638](https://togithub.com/DataDog/dd-trace-go/pull/2638) #### Fixes ##### Application Performance Monitoring (APM) - internal/remoteconfig/: Fixes capability APM_TRACING_SAMPLING_RULES to use the correct reserved number 29. by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2620](https://togithub.com/DataDog/dd-trace-go/pull/2620) - internal/samplernames: fixes a colliding sampler name by [@​yuanyuanzhao3](https://togithub.com/yuanyuanzhao3) in [https://github.com/DataDog/dd-trace-go/pull/2627](https://togithub.com/DataDog/dd-trace-go/pull/2627) ##### Application Security Management (ASM) - Handle bad redirect action parameters by [@​Hellzy](https://togithub.com/Hellzy) in [https://github.com/DataDog/dd-trace-go/pull/2604](https://togithub.com/DataDog/dd-trace-go/pull/2604) - Make redirect actions blocking by [@​Hellzy](https://togithub.com/Hellzy) in [https://github.com/DataDog/dd-trace-go/pull/2628](https://togithub.com/DataDog/dd-trace-go/pull/2628) - Don't enable blocking-related RC features when using local security rules by [@​Hellzy](https://togithub.com/Hellzy) in [https://github.com/DataDog/dd-trace-go/pull/2626](https://togithub.com/DataDog/dd-trace-go/pull/2626) #### New Contributors - [@​samsullivan](https://togithub.com/samsullivan) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2598](https://togithub.com/DataDog/dd-trace-go/pull/2598) - [@​adrien-f](https://togithub.com/adrien-f) made their first contribution in [https://github.com/DataDog/dd-trace-go/pull/2625](https://togithub.com/DataDog/dd-trace-go/pull/2625) - [@​dmellonielet](https://togithub.com/dmellonielet

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

mend-for-github-com[bot] commented 2 days ago

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

Details:

Package Change
go.opentelemetry.io/otel v1.19.0 -> v1.20.0
go.opentelemetry.io/otel/metric v1.19.0 -> v1.20.0
go.opentelemetry.io/otel/trace v1.19.0 -> v1.20.0
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 -> v1.9.0
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 -> v1.2.2
github.com/DataDog/appsec-internal-go v1.0.0 -> v1.6.0
github.com/DataDog/datadog-agent/pkg/obfuscate v0.47.1 -> v0.48.0
github.com/DataDog/sketches-go v1.4.2 -> v1.4.5
github.com/andybalholm/brotli v1.0.5 -> v1.1.0
github.com/ebitengine/purego v0.5.0 -> v0.6.0-alpha.5
github.com/go-logr/logr v1.2.4 -> v1.3.0
github.com/golang-jwt/jwt/v5 v5.0.0 -> v5.2.1
github.com/google/go-cmp v0.5.9 -> v0.6.0
github.com/google/uuid v1.3.1 -> v1.6.0
github.com/klauspost/compress v1.17.0 -> v1.17.7
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 -> v0.0.0-20240102092130-5ac0b6a4141c
github.com/prometheus/common v0.44.0 -> v0.48.0
github.com/valyala/fasthttp v1.50.0 -> v1.52.0
golang.org/x/crypto v0.14.0 -> v0.24.0
golang.org/x/mod v0.13.0 -> v0.17.0
golang.org/x/oauth2 v0.12.0 -> v0.16.0
golang.org/x/sync v0.4.0 -> v0.7.0
golang.org/x/term v0.13.0 -> v0.21.0
golang.org/x/text v0.13.0 -> v0.16.0
golang.org/x/tools v0.13.0 -> v0.21.1-0.20240508182429-e35e4ccd0d2d
google.golang.org/protobuf v1.31.0 -> v1.33.0