chore(deps): Bump the production-dependencies group across 1 directory with 7 updates

[dependabot[bot]]

Bumps the production-dependencies group with 5 updates in the / directory:

Package	From	To
github.com/containerd/errdefs	0.2.0	0.3.0
github.com/cyphar/filepath-securejoin	0.3.3	0.3.4
github.com/klauspost/compress	1.17.10	1.17.11
go.opentelemetry.io/otel	1.30.0	1.31.0
google.golang.org/protobuf	1.34.2	1.35.1

Updates github.com/containerd/errdefs from 0.2.0 to 0.3.0

Release notes

Sourced from github.com/containerd/errdefs's releases.

v0.3.0

This release splits the errdefs package into the github.com/containerd/errdefs package which only contains error definitions as well as basic functions to check for those definitions and the github.com/containerd/errdefs/pkg package which containers functionality for using the errdefs, such as error serialization and adding more data to errors.

What's Changed

• Update GitHub Actions packages and runners by @​austinvazquez in containerd/errdefs#20
• Add errdefs/pkg package by @​dmcgowan in containerd/errdefs#19

Full Changelog: https://github.com/containerd/errdefs/compare/v0.2.0...v0.3.0

pkg/v0.3.0

What's Changed

• Update pkg errodefs to v0.3.0 by @​dmcgowan in containerd/errdefs#21

Full Changelog: https://github.com/containerd/errdefs/compare/v0.3.0...pkg/v0.3.0

Commits

• 9fd32fc Merge pull request #19 from dmcgowan/pkg-package
• 3dabb2b Merge pull request #20 from austinvazquez/upgrade-ci
• 303a6ea Update to Go 1.22.8 in CI
• e70104e Upgrade to golangci-lint@v1.61.0
• ffe5586 Upgrade to golangci/golangci-lint-action@v6
• 908b04b Upgrade to actions/checkout@v4
• 608b83c Upgrade to actions/setup-go@v5
• 8e82ae4 Upgrade macOS runner image to macOS 13
• 46a6522 Add errdefs/pkg package
• See full diff in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.3 to 0.3.4

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.4

This release primarily includes a fix that blocked using filepath-securejoin in Kubernetes.

• Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

Thanks to all of the contributors who made this release possible:

• Aleksa Sarai cyphar@cyphar.com
• Stephen Kitt skitt@redhat.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.4] - 2024-10-09

Fixed

• Previously, some testing mocks we had resulted in us doing import "testing" in non-_test.go code, which made some downstreams like Kubernetes unhappy. This has been fixed. (#32)

Commits

• fd16ade VERSION: release v0.3.4
• 00e0710 godoc: update package documentation
• 0cd6be1 README: fix reference to open_tree kernel requirements
• 205046f README: add pkg.go.dev badge
• ecb1b8e tests: procfs: clean up mock test hook
• 3ec6eed CHANGELOG: mention #32 fix
• 86e6182 merge #32 into cyphar/filepath-securejoin:main
• 6864912 Isolate the testing import in test code
• 4348fee openat: remove unused function
• d0c7d67 merge #31 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.17.10 to 1.17.11

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.11

What's Changed

• zstd: Fix extra CRC written with multiple Close calls by @​klauspost in klauspost/compress#1017
• s2: Don't use stack for index tables by @​klauspost in klauspost/compress#1014
• gzhttp: No content-type on no body response code by @​juliens in klauspost/compress#1011
• gzhttp: Do not set the content-type when response has no body by @​kevinpollet in klauspost/compress#1013

New Contributors

• @​juliens made their first contribution in klauspost/compress#1011
• @​kevinpollet made their first contribution in klauspost/compress#1013

Full Changelog: https://github.com/klauspost/compress/compare/v1.17.10...v1.17.11

Commits

• 72cd4a9 zstd: Fix extra CRC written with multiple Close calls (#1017)
• dbd6c38 s2: Don't use stack for index tables (#1014)
• f73ab1e Do not set the content-type when response has no body (#1013)
• f2a4f25 build(deps): bump github/codeql-action in the github-actions group (#1012)
• 8e14b1b No content-type on no body response code (#1011)
• 13a1ce6 ci: Match goreleaser version (#1009)
• 6c5a195 Update README.md
• See full diff in compare view

Updates go.opentelemetry.io/otel from 1.30.0 to 1.31.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.31.0/0.53.0/0.7.0/0.0.10] 2024-10-11

Added

• Add go.opentelemetry.io/otel/sdk/metric/exemplar package which includes Exemplar, Filter, TraceBasedFilter, AlwaysOnFilter, HistogramReservoir, FixedSizeReservoir, Reservoir, Value and ValueType types. These will be used for configuring the exemplar reservoir for the metrics sdk. (#5747, #5862)
• Add WithExportBufferSize option to log batch processor.(#5877)

Changed

• Enable exemplars by default in go.opentelemetry.io/otel/sdk/metric. Exemplars can be disabled by setting OTEL_METRICS_EXEMPLAR_FILTER=always_off (#5778)
• Logger.Enabled in go.opentelemetry.io/otel/log now accepts a newly introduced EnabledParameters type instead of Record. (#5791)
• FilterProcessor.Enabled in go.opentelemetry.io/otel/sdk/log/internal/x now accepts EnabledParameters instead of Record. (#5791)
• The Record type in go.opentelemetry.io/otel/log is no longer comparable. (#5847)
• Performance improvements for the trace SDK SetAttributes method in Span. (#5864)
• Reduce memory allocations for the Event and Link lists in Span. (#5858)
• Performance improvements for the trace SDK AddEvent, AddLink, RecordError and End methods in Span. (#5874)

Deprecated

• Deprecate all examples under go.opentelemetry.io/otel/example as they are moved to Contrib repository. (#5854)

Fixed

• The race condition for multiple FixedSize exemplar reservoirs identified in #5814 is resolved. (#5819)
• Fix log records duplication in case of heterogeneous resource attributes by correctly mapping each log record to it's resource and scope. (#5803)
• Fix timer channel drain to avoid hanging on Go 1.23. (#5868)
• Fix delegation for global meter providers, and panic when calling otel.SetMeterProvider. (#5827)
• Change the reflect.TypeOf to use a nil pointer to not allocate on the heap unless necessary. (#5827)

Commits

• bc2fe88 Release v1.31.0/v0.53.0/v0.7.0/v0.0.10 (#5883)
• a7d5c1a Add an option to configure the exporter buffer of the BatchProcessor (#5877)
• eb9279b fix(deps): update golang.org/x/exp digest to f66d83c (#5880)
• 6441653 Performance improvements for the trace SDK in Span. (#5874)
• 8e9baf2 chore(deps): update lycheeverse/lychee-action action to v2 (#5878)
• 8fbaa97 Reduce newEvictedQueueLink and newEvictedQueueEvent memory allocations (#...
• 4a911f9 chore(deps): update googleapis to 5fefd90 (#5876)
• 98cbdcb fix(deps): update module google.golang.org/protobuf to v1.35.1 (#5875)
• 3cbd967 Performance improvements for recordingSpan SetAttributes and `addOverCapA...
• 9e791a6 fix(deps): update golang.org/x (#5872)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/metric from 1.30.0 to 1.31.0

Changelog

Sourced from go.opentelemetry.io/otel/metric's changelog.

[1.31.0/0.53.0/0.7.0/0.0.10] 2024-10-11

Added

• Add go.opentelemetry.io/otel/sdk/metric/exemplar package which includes Exemplar, Filter, TraceBasedFilter, AlwaysOnFilter, HistogramReservoir, FixedSizeReservoir, Reservoir, Value and ValueType types. These will be used for configuring the exemplar reservoir for the metrics sdk. (#5747, #5862)
• Add WithExportBufferSize option to log batch processor.(#5877)

Changed

• Enable exemplars by default in go.opentelemetry.io/otel/sdk/metric. Exemplars can be disabled by setting OTEL_METRICS_EXEMPLAR_FILTER=always_off (#5778)
• Logger.Enabled in go.opentelemetry.io/otel/log now accepts a newly introduced EnabledParameters type instead of Record. (#5791)
• FilterProcessor.Enabled in go.opentelemetry.io/otel/sdk/log/internal/x now accepts EnabledParameters instead of Record. (#5791)
• The Record type in go.opentelemetry.io/otel/log is no longer comparable. (#5847)
• Performance improvements for the trace SDK SetAttributes method in Span. (#5864)
• Reduce memory allocations for the Event and Link lists in Span. (#5858)
• Performance improvements for the trace SDK AddEvent, AddLink, RecordError and End methods in Span. (#5874)

Deprecated

• Deprecate all examples under go.opentelemetry.io/otel/example as they are moved to Contrib repository. (#5854)

Fixed

• The race condition for multiple FixedSize exemplar reservoirs identified in #5814 is resolved. (#5819)
• Fix log records duplication in case of heterogeneous resource attributes by correctly mapping each log record to it's resource and scope. (#5803)
• Fix timer channel drain to avoid hanging on Go 1.23. (#5868)
• Fix delegation for global meter providers, and panic when calling otel.SetMeterProvider. (#5827)
• Change the reflect.TypeOf to use a nil pointer to not allocate on the heap unless necessary. (#5827)

Commits

• bc2fe88 Release v1.31.0/v0.53.0/v0.7.0/v0.0.10 (#5883)
• a7d5c1a Add an option to configure the exporter buffer of the BatchProcessor (#5877)
• eb9279b fix(deps): update golang.org/x/exp digest to f66d83c (#5880)
• 6441653 Performance improvements for the trace SDK in Span. (#5874)
• 8e9baf2 chore(deps): update lycheeverse/lychee-action action to v2 (#5878)
• 8fbaa97 Reduce newEvictedQueueLink and newEvictedQueueEvent memory allocations (#...
• 4a911f9 chore(deps): update googleapis to 5fefd90 (#5876)
• 98cbdcb fix(deps): update module google.golang.org/protobuf to v1.35.1 (#5875)
• 3cbd967 Performance improvements for recordingSpan SetAttributes and `addOverCapA...
• 9e791a6 fix(deps): update golang.org/x (#5872)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/trace from 1.30.0 to 1.31.0

Changelog

Sourced from go.opentelemetry.io/otel/trace's changelog.

[1.31.0/0.53.0/0.7.0/0.0.10] 2024-10-11

Added

• Add go.opentelemetry.io/otel/sdk/metric/exemplar package which includes Exemplar, Filter, TraceBasedFilter, AlwaysOnFilter, HistogramReservoir, FixedSizeReservoir, Reservoir, Value and ValueType types. These will be used for configuring the exemplar reservoir for the metrics sdk. (#5747, #5862)
• Add WithExportBufferSize option to log batch processor.(#5877)

Changed

• Enable exemplars by default in go.opentelemetry.io/otel/sdk/metric. Exemplars can be disabled by setting OTEL_METRICS_EXEMPLAR_FILTER=always_off (#5778)
• Logger.Enabled in go.opentelemetry.io/otel/log now accepts a newly introduced EnabledParameters type instead of Record. (#5791)
• FilterProcessor.Enabled in go.opentelemetry.io/otel/sdk/log/internal/x now accepts EnabledParameters instead of Record. (#5791)
• The Record type in go.opentelemetry.io/otel/log is no longer comparable. (#5847)
• Performance improvements for the trace SDK SetAttributes method in Span. (#5864)
• Reduce memory allocations for the Event and Link lists in Span. (#5858)
• Performance improvements for the trace SDK AddEvent, AddLink, RecordError and End methods in Span. (#5874)

Deprecated

• Deprecate all examples under go.opentelemetry.io/otel/example as they are moved to Contrib repository. (#5854)

Fixed

• The race condition for multiple FixedSize exemplar reservoirs identified in #5814 is resolved. (#5819)
• Fix log records duplication in case of heterogeneous resource attributes by correctly mapping each log record to it's resource and scope. (#5803)
• Fix timer channel drain to avoid hanging on Go 1.23. (#5868)
• Fix delegation for global meter providers, and panic when calling otel.SetMeterProvider. (#5827)
• Change the reflect.TypeOf to use a nil pointer to not allocate on the heap unless necessary. (#5827)

Commits

• bc2fe88 Release v1.31.0/v0.53.0/v0.7.0/v0.0.10 (#5883)
• a7d5c1a Add an option to configure the exporter buffer of the BatchProcessor (#5877)
• eb9279b fix(deps): update golang.org/x/exp digest to f66d83c (#5880)
• 6441653 Performance improvements for the trace SDK in Span. (#5874)
• 8e9baf2 chore(deps): update lycheeverse/lychee-action action to v2 (#5878)
• 8fbaa97 Reduce newEvictedQueueLink and newEvictedQueueEvent memory allocations (#...
• 4a911f9 chore(deps): update googleapis to 5fefd90 (#5876)
• 98cbdcb fix(deps): update module google.golang.org/protobuf to v1.35.1 (#5875)
• 3cbd967 Performance improvements for recordingSpan SetAttributes and `addOverCapA...
• 9e791a6 fix(deps): update golang.org/x (#5872)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Once this PR has been reviewed and has the lgtm label, please assign lyarwood for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubevirt/containerdisks/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[kubevirt-bot]

Hi @dependabot[bot]. Thanks for your PR.

PRs from untrusted users cannot be marked as trusted with /ok-to-test in this repo meaning untrusted PR authors can never trigger tests themselves. Collaborators can still trigger tests on the PR using /test all.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.