build(deps): bump the github-dependencies group with 12 updates

[dependabot[bot]]

Bumps the github-dependencies group with 12 updates:

Package	From	To
github.com/prometheus/client_golang	1.17.0	1.18.0
google.golang.org/grpc	1.60.0	1.60.1
google.golang.org/protobuf	1.31.0	1.32.0
github.com/emicklei/go-restful/v3	3.11.0	3.11.1
github.com/go-logr/logr	1.3.0	1.4.1
github.com/go-openapi/jsonpointer	0.20.1	0.20.2
github.com/go-openapi/jsonreference	0.20.3	0.20.4
github.com/go-openapi/swag	0.22.6	0.22.7
github.com/grpc-ecosystem/grpc-gateway/v2	2.18.1	2.19.0
golang.org/x/sync	0.5.0	0.6.0
golang.org/x/sys	0.15.0	0.16.0
golang.org/x/term	0.15.0	0.16.0

Updates github.com/prometheus/client_golang from 1.17.0 to 1.18.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.18.0

What's Changed

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

New Contributors

• @​srenatus made their first contribution in prometheus/client_golang#1350
• @​jadolg made their first contribution in prometheus/client_golang#1342
• @​manas-rust made their first contribution in prometheus/client_golang#1383
• @​bluekeyes made their first contribution in prometheus/client_golang#1378
• @​tsipo made their first contribution in prometheus/client_golang#1387

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

Commits

• 53be91d Revert "change api http.client to interface"
• 1a2d072 Add 1.18 changelog
• 239b123 Merge pull request #1387 from tsipo/main
• 3f8bd73 Merge pull request #1370 from prometheus/dependabot/go_modules/tutorial/whats...
• 5e55b31 Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /tutorial/whatsup
• e96fb18 Merge pull request #1401 from prometheus/dependabot/go_modules/golang.org/x/s...
• 2a8fc90 Bump golang.org/x/sys from 0.13.0 to 0.15.0
• 24d59e9 change client to interface, allow override by other implementations (e.g. git...
• 80d3f0b Normalize empty help values in CollectAndCompare (#1378)
• 3f80cd1 Add example of NewConstMetricWithCreatedTimestamp (#1375)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.60.0 to 1.60.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release v1.60.1

Bug Fixes

• server: fix two bugs that could lead to panics at shutdown when using NumStreamWorkers (experimental feature).

Commits

• dbbcf59 Update version.go to 1.60.1 (#6865)
• 6e384cf Cherry-pick #6856 to v1.60.x release branch (#6864)
• 6430548 Change version to 1.60.1-dev (#6793)
• See full diff in compare view

Updates google.golang.org/protobuf from 1.31.0 to 1.32.0

Updates github.com/emicklei/go-restful/v3 from 3.11.0 to 3.11.1

Changelog

Sourced from github.com/emicklei/go-restful/v3's changelog.

[v3.11.1] - 2024-01-03

• remove the dependency on github.com/json-iterator/go (#539)

Commits

• 6ffc372 update changelist
• 290805f remove the dependency on github.com/json-iterator/go. (#539)
• aaf45fd reduce dependencies, add test code for examples
• a328c20 update all tests to use 3.11
• See full diff in compare view

Updates github.com/go-logr/logr from 1.3.0 to 1.4.1

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.1

What's Changed

• slogr: fix unintended API break in v1.4.0 by @​pohly in go-logr/logr#253

Full Changelog: https://github.com/go-logr/logr/compare/v1.4.0...v1.4.1

v1.4.0

This release dramatically improves interoperability with Go's log/slog package. In particular, logr.NewContext and logr.NewContextWithSlogLogger use the same context key, which allows logr.FromContext and logr.FromContextAsSlogLogger to return logr.Logger or *slog.Logger respectively, including transparently converting each to the other as needed.

Functions logr/slogr.NewLogr and logr/slogr.ToSlogHandler have been superceded by logr.FromSlogHandler and logr.ToSlogHandler respectively, and type logr/slogr.SlogSink has been superceded by logr.SlogSink. All of the old names in logr/slogr remain, for compatibility.

Package logr/funcr now supports logr.SlogSink, meaning that it's output passes all but one of the Slog conformance tests (that exception being that funcr handles the timestamp itself).

Users who have a logr.Logger and need a *slog.Logger can call slog.New(logr.ToSlogHandler(...)) and all output will go through the same stack.

Users who have a *slog.Logger or slog.Handler can call logr.FromSlogHandler(...) and all output will go through the same stack.

What's Changed

• slog context support by @​pohly in go-logr/logr#237
• slog support: fix WithGroup + WithValues combination by @​pohly in go-logr/logr#243
• Add tests for context with slog by @​thockin in go-logr/logr#246
• sloghandler: unnamed groups should be inlined by @​thockin in go-logr/logr#245
• Add SlogSink support to funcr by @​thockin in go-logr/logr#241
• funcr: Add LogInfoLevel Option to skip logging level in the info log by @​spacewander in go-logr/logr#240

New Contributors

• @​spacewander made their first contribution in go-logr/logr#240

Full Changelog: https://github.com/go-logr/logr/compare/v1.3.0...v1.4.0

Commits

• dcdc3f2 slogr: fix unintended API break in v0.8.0 (#253)
• 5d88f52 funcr: Add LogInfoLevel Option to skip logging level in the info log (#240)
• 177005d build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0
• e7f489a build(deps): bump github/codeql-action from 2.22.9 to 3.22.11
• cf56c3b build(deps): bump actions/setup-go from 4 to 5
• 2ad296e build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
• d55b4e2 Merge pull request #241 from thockin/master
• 98ee9d9 Clean up slog testing and restore coverage
• b228ba8 Break examples to new file
• 6432877 Add benchmarks for slogSink
• Additional commits viewable in compare view

Updates github.com/go-openapi/jsonpointer from 0.20.1 to 0.20.2

Commits

• 344388f fix(GetForToken): added support for pointer to interface{}
• See full diff in compare view

Updates github.com/go-openapi/jsonreference from 0.20.3 to 0.20.4

Commits

• 23cc9cc chore(deps): updated go-openapi deps
• See full diff in compare view

Updates github.com/go-openapi/swag from 0.22.6 to 0.22.7

Commits

• b3e7a53 fix(mangling): fixed name mangling when special chars are substituted
• 0ddf107 fix(ci): muted warnings in CI runs due to cache conflicts
• See full diff in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.1 to 2.19.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.19.0

What's Changed

• fix: use req.Body instead of IOReaderFactory when possible by @​leungster in grpc-ecosystem/grpc-gateway#3727
• runtime: Add outgoing trailer matching by @​adriansmares in grpc-ecosystem/grpc-gateway#3725
• Add openapiv2_opt support for passing values to go templates via cli by @​500poundbear in grpc-ecosystem/grpc-gateway#3764
• [Bug #3829] [protoc-gen-openapiv2] consider openapiv2_tag.name attribute when generating ope… by @​omrikiei in grpc-ecosystem/grpc-gateway#3830
• feat: partial message created as named definitions by @​nkcr in grpc-ecosystem/grpc-gateway#3743
• Fix name tags in methods by @​omrikiei in grpc-ecosystem/grpc-gateway#3843
• Revert 4c79b45386348459926176911cb6b35f6f53dcdc by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#3856

New Contributors

• @​leungster made their first contribution in grpc-ecosystem/grpc-gateway#3727
• @​adriansmares made their first contribution in grpc-ecosystem/grpc-gateway#3725
• @​500poundbear made their first contribution in grpc-ecosystem/grpc-gateway#3764
• @​omrikiei made their first contribution in grpc-ecosystem/grpc-gateway#3830
• @​nkcr made their first contribution in grpc-ecosystem/grpc-gateway#3743

Full Changelog: https://github.com/grpc-ecosystem/grpc-gateway/compare/v2.18.1...v2.19.0

Commits

• 5144000 Revert 4c79b45386348459926176911cb6b35f6f53dcdc (#3856)
• 2c837f2 chore(deps): update googleapis digest to 5ce7e9b
• f231356 fix(deps): update google.golang.org/genproto/googleapis/rpc digest to 50ed04b
• 4945533 fix(deps): update google.golang.org/genproto/googleapis/api digest to 50ed04b
• 44ca2bb chore(deps): update googleapis digest to 8681efd
• 368f5e4 chore(deps): update dependency io_bazel_rules_go to v0.44.1
• 19f5377 Fix name tags in methods (#3843)
• 4c10d2a chore(deps): update googleapis digest to 75c4411
• d8c1f72 chore(deps): update googleapis digest to 13c5b68
• c6b4746 chore(deps): update googleapis digest to e56f4b1
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.5.0 to 0.6.0

Commits

• 59c1ca1 errgroup: add reference to sync.WaitGroup
• See full diff in compare view

Updates golang.org/x/sys from 0.15.0 to 0.16.0

Commits

• 0829ab1 windows: add SetFileValidData
• 32cdffc unix: don't redefine constants already defined in glibc headers
• f0c7190 unix: remove extra trailing newlines in zsyscall_openbsd_*.go
• 5ff87d7 unix: add Netfilter and NFTables constants
• See full diff in compare view

Updates golang.org/x/term from 0.15.0 to 0.16.0

Commits

• ae94145 go.mod: update golang.org/x dependencies
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign xing-yang for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-csi/external-provisioner/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.