search

kubernetes-csi / external-provisioner

Sidecar container that watches Kubernetes PersistentVolumeClaim objects and triggers CreateVolume/DeleteVolume against a CSI endpoint
Apache License 2.0
328 stars 318 forks source link

build(deps): bump the github-dependencies group with 10 updates #1160

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the github-dependencies group with 10 updates:

Package From To
google.golang.org/grpc 1.61.0 1.61.1
github.com/go-openapi/swag 0.22.6 0.22.9
github.com/prometheus/client_model 0.5.0 0.6.0
github.com/prometheus/common 0.46.0 0.47.0
golang.org/x/crypto 0.18.0 0.19.0
golang.org/x/net 0.20.0 0.21.0
golang.org/x/oauth2 0.16.0 0.17.0
golang.org/x/sys 0.16.0 0.17.0
golang.org/x/term 0.16.0 0.17.0
golang.org/x/tools 0.17.0 0.18.0

Updates google.golang.org/grpc from 1.61.0 to 1.61.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.61.1

Bug Fixes

  • server: wait to close connection until incoming socket is drained (with timeout) to prevent data loss on client-side (#6977)
Commits


Updates github.com/go-openapi/swag from 0.22.6 to 0.22.9

Commits
  • a05020e Bump actions/setup-go from 4 to 5
  • 8ce930b Bump actions/checkout from 3 to 4
  • 76c9b7c Updated dependabot frequency to monthly
  • e181373 Added dependabot
  • 216b00a refreshed go.mod
  • 01194a0 perf(mangling): optimized the processing of initialisms
  • b3e7a53 fix(mangling): fixed name mangling when special chars are substituted
  • 0ddf107 fix(ci): muted warnings in CI runs due to cache conflicts
  • See full diff in compare view


Updates github.com/prometheus/client_model from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/client_model/compare/v0.5.0...v0.6.0

Commits
  • d56cd79 add exemplar to native histogram (#80)
  • f22bbab Merge pull request #79 from prometheus/repo_sync
  • 552c44f Update common Prometheus files
  • f68ef47 Merge pull request #78 from prometheus/dependabot/go_modules/google.golang.or...
  • 2aad054 Bump google.golang.org/protobuf from 1.31.0 to 1.32.0
  • 93dfe21 Merge pull request #77 from prometheus/repo_sync
  • d150866 Update common Prometheus files
  • 9b7b675 Merge pull request #76 from prometheus/repo_sync
  • 734da88 Update common Prometheus files
  • c26a8ee Merge pull request #75 from vesari/add-unit
  • Additional commits viewable in compare view


Updates github.com/prometheus/common from 0.46.0 to 0.47.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.47.0

What's Changed

New Contributors

Full Changelog: https://github.com/prometheus/common/compare/v0.46.0...v0.47.0

Commits
  • 773d566 Merge pull request #570 from ywwg/owilliams/quoted-metric-name-02
  • 319c62c UTF-8 support in metric and label names
  • a3bdb9e Support empty OAuth2 inline secrets (#547)
  • bd0376d UTF-8 support in validation, and some parsers and formatters (#537)
  • See full diff in compare view


Updates golang.org/x/crypto from 0.18.0 to 0.19.0

Commits


Updates golang.org/x/net from 0.20.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • See full diff in compare view


Updates golang.org/x/oauth2 from 0.16.0 to 0.17.0

Commits
  • ebe81ad go.mod: update golang.org/x dependencies
  • adffd94 google/internal/externalaccount: update serviceAccountImpersonationRE to supp...
  • deefa7e google/downscope: add DownscopingConfig.UniverseDomain to support TPC
  • See full diff in compare view


Updates golang.org/x/sys from 0.16.0 to 0.17.0

Commits
  • 914b96c windows: support ill-formed UTF-16 in UTF16PtrToString
  • 511ec84 Revert "windows: support nil done parameter in ReadFile and WriteFile"
  • 628365d windows: support nil done parameter in ReadFile and WriteFile
  • bef1bd8 unix: move mksyscall regexp to package level variables
  • 5710a32 unix/linux: update Linux kernel to 6.7
  • b3ce6a3 windows: build env_windows_test.go only go Go 1.21 and above
  • c3fa2b8 windows: fix parsing of non-ASCII entries in token.Environ
  • f69d32a unix: in TestDirent, make as many ReadDirent calls as are needed
  • 0d9df52 unix: add more SECCOMP constants
  • See full diff in compare view


Updates golang.org/x/term from 0.16.0 to 0.17.0

Commits


Updates golang.org/x/tools from 0.17.0 to 0.18.0

Commits
  • c5643e9 gopls/internal/server: fix two bugs related to dynamic configuration
  • 50b4f1b gopls/internal/golang: close open file
  • f0ef3c6 gopls: update x/telemetry dependency to fix crash
  • 8cf0a8e gopls: record that v0.15 will be the last to support go1.18
  • 730dc3c gopls/internal/settings: add a hidden option to disable zero config
  • 95f04f4 gopls/internal/golang: add resolve support for inline refactorings
  • 9619683 gopls/internal/cache: treat local replaces as workspace modules
  • a5af84e gopls/internal/cache: check views on any on-disk change to go.mod files
  • a7407fa gopls: update telemetry
  • 314368d go/analysis/passes/deepequalerrors: audit for types.Alias safety
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
k8s-ci-robot commented 4 months ago

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
k8s-ci-robot commented 4 months ago

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign xing-yang for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-csi/external-provisioner/blob/master/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
carlory commented 4 months ago

/test pull-kubernetes-csi-external-provisioner-1-29-on-kubernetes-1-29

k8s-ci-robot commented 4 months ago

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kubernetes-csi-external-provisioner-1-29-on-kubernetes-1-29 1d357d80ab45840ddce5de58e9f9799715670c7c link false /test pull-kubernetes-csi-external-provisioner-1-29-on-kubernetes-1-29

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
dependabot[bot] commented 4 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.