Bump the github-dependencies group with 7 updates

[dependabot[bot]]

Bumps the github-dependencies group with 7 updates:

Package	From	To
github.com/prometheus/client_golang	1.20.2	1.20.3
github.com/prometheus/common	0.57.0	0.59.1
golang.org/x/net	0.28.0	0.29.0
golang.org/x/oauth2	0.22.0	0.23.0
golang.org/x/sys	0.24.0	0.25.0
golang.org/x/term	0.23.0	0.24.0
golang.org/x/text	0.17.0	0.18.0

Updates github.com/prometheus/client_golang from 1.20.2 to 1.20.3

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.3

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.3 / 2024-09-05

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

Commits

• ef2f87e Merge pull request #1620 from prometheus/arthursens/prepare-1.20.3
• 937ac63 Add changelog entry for 1.20.3
• 6e9914d Merge pull request #1608 from krajorama/index-out-of-range-native-histogram-e...
• d6b8c89 Update comments with more explanations
• 504566f Use simplified solution from #1609 for the data race
• dc8e9a4 fix: native histogram: Simplify and fix addExemplar
• dc819ce Use a trivial solution to #1605
• e061dfa native histogram: use exemplars in concurrency test
• See full diff in compare view

Updates github.com/prometheus/common from 0.57.0 to 0.59.1

Release notes

Sourced from github.com/prometheus/common's releases.

v0.59.1

What's Changed

• fix(utf8): Fix multiple metric name inside braces validation by @​fedetorres93 in prometheus/common#691

Full Changelog: https://github.com/prometheus/common/compare/v0.59.0...v0.59.1

v0.59.0

What's Changed

• expfmt: Add WithEscapingScheme to help construct Formats by @​ywwg in prometheus/common#688
• Change the default escape method to UnderscoreEscaping by @​ywwg in prometheus/common#690

Full Changelog: https://github.com/prometheus/common/compare/v0.58.0...v0.59.0

v0.58.0

What's Changed

• docs: mention new promslog package in package list in README by @​tjhop in prometheus/common#683
• Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by @​dependabot in prometheus/common#684
• Bump golang.org/x/net from 0.27.0 to 0.28.0 by @​dependabot in prometheus/common#685
• Remove secret file existence check in Validate for headers by @​roidelapluie in prometheus/common#687

Full Changelog: https://github.com/prometheus/common/compare/v0.57.0...v0.58.0

Commits

• be8a747 fix(utf8): Fix multiple metric name inside braces validation (#691)
• bf4843e Merge pull request #690 from ywwg/owilliams/default-escaping
• 01da226 Change the default escape method to UnderscoreEscaping
• 4f8e8f4 expfmt: Add WithEscapingScheme to help construct Formats (#688)
• b1880d0 Merge pull request #687 from roidelapluie/checkheader
• 334963d Change the logic for SetDirectory
• d64a747 Remove secret file existence check in Validate for headers
• 06c2425 Bump golang.org/x/net from 0.27.0 to 0.28.0 (#685)
• 4606c0a Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (#684)
• d98411b Merge pull request #683 from tjhop/docs/promslog-README
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.28.0 to 0.29.0

Commits

• 35b4aba go.mod: update golang.org/x dependencies
• 9bf379f websocket: fix printf(var) mistake detected by latest printf checker
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.22.0 to 0.23.0

Commits

• 3e64809 x/oauth2: add Token.ExpiresIn
• 16a9973 jwt: rename example to avoid vet error
• b52af7d endpoints: add GitLab DeviceAuthURL
• See full diff in compare view

Updates golang.org/x/sys from 0.24.0 to 0.25.0

Commits

• a43b625 windows: add SIO_UDP_NETRESET constant
• ed67b15 windows: add console codepage api
• 9cb830b unix: add missing import to syscall_hurd.go
• 71132f5 unix: add POLLRDHUP to FreeBSD
• 3283fc3 cpu: add support for detecting RISC-V extensions
• 29e55b2 unix: use os.Executable rather than os.Args[0] in tests
• a8c5219 unix: rename XDPUmemReg field back to Size
• 59665e5 unix: add Connectx for darwin
• a0c72ef unix: add f_flag member flags on z/OS
• c64c51d unix: update riscv64 hwprobe to Linux kernel 6.10
• Additional commits viewable in compare view

Updates golang.org/x/term from 0.23.0 to 0.24.0

Commits

• 2f7b0dd go.mod: update golang.org/x dependencies
• f867b76 x/term: set missing VIRTUAL_TERMINAL_INPUT flag on Windows
• See full diff in compare view

Updates golang.org/x/text from 0.17.0 to 0.18.0

Commits

• 1e3e9fd all: rename Example test functions to prevent vet errors
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[jsafrane]

/lgtm /approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], jsafrane

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-csi/external-attacher/blob/master/OWNERS)~~ [jsafrane] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment