build(deps): bump github.com/quic-go/quic-go from 0.37.6 to 0.42.0 in /tests/upgrade/post

dependabot[bot] commented 7 months ago

Bumps github.com/quic-go/quic-go from 0.37.6 to 0.42.0.

Release notes

Sourced from github.com/quic-go/quic-go's releases.

v0.42.0

New Features

added a qlog tracer for events that happen before / outside of established connection: #4305

Notable Changes

added a ClientHelloInfo.AddrVerified field: #4360

move callback controlling address verification (VerifySourceAddress) to the Transport: #4253 and #4362

connections that are closed before being accepted are not removed from the server's accept queue: #4245

http3: added a RoundTripOpt.CheckSettings callback to check the server's SETTINGS: #4355

http3: send the HTTP/3 settings value for Extended CONNECT (RFC 9220): #4341

http3: don't modify the user's quic.Config to enable QUIC datagram support: #4340

Fixes

mitigate a memory exhaustion attack against QUIC's connection ID mechanism: #4369

don't delay acknowledgments for packets during the handshake: #4279

fix deadlock when closing both Listener and Transport: #4332

fix handling of IPv4-mapped IPv6 addresses: #4309

fix duplicate logging of the key_discarded event for Handshake packets: #4274

send CONNECTION_REFUSED when refusing connections: #4250

http3: tighten validation logic for the :protocol pseudo header: #4261

What's Changed

remove shutdown method on the Connection by @marten-seemann in quic-go/quic-go#4249

send the CONNECTION_REFUSED error when refusing a connection by @marten-seemann in quic-go/quic-go#4250

don't remove closed connections from the server's accept queue by @marten-seemann in quic-go/quic-go#4245

handshake: unexport Set{Read,Write}Key methods on the cryptoSetup by @marten-seemann in quic-go/quic-go#4254

handshake: fix documentation for updatableAEAD.SetWriteKey by @putyWang in quic-go/quic-go#4256

add Transport config options to limit the number of handshakes by @marten-seemann in quic-go/quic-go#4248

remove the RequireAddressValidation callback from the Config by @marten-seemann in quic-go/quic-go#4253

fix incorrect statement about connection ID lengths in the Transport by @marten-seemann in quic-go/quic-go#4247

remove unneeded nil check for new connections in the server by @marten-seemann in quic-go/quic-go#4260

ci: update to Go 1.22rc2 by @marten-seemann in quic-go/quic-go#4267

fix flaky handshake limiting test by @marten-seemann in quic-go/quic-go#4270

http3: only use :protocol pseudo-header for Extended CONNECT by @taoso in quic-go/quic-go#4261

fix flaky accept queue test by @marten-seemann in quic-go/quic-go#4280

fix flaky handshake limiting test by @marten-seemann in quic-go/quic-go#4281

only log the discarding of Handshake keys once by @marten-seemann in quic-go/quic-go#4274

testutils: add a perspective function parameter to ComposeInitialPacket by @marten-seemann in quic-go/quic-go#4276

fix flaky outgoing streams map test by @marten-seemann in quic-go/quic-go#4283

wire: remove FrameParser interface, expose FrameParser struct by @marten-seemann in quic-go/quic-go#4284

ackhandler: remove unused RTTStats from the received packet handler by @marten-seemann in quic-go/quic-go#4287

testutils: make the package public by @marten-seemann in quic-go/quic-go#4290

ci: remove unused depguard check for qtls by @marten-seemann in quic-go/quic-go#4291

ci: make Codecov ignore testutils and testdata by @marten-seemann in quic-go/quic-go#4292

testutils: expose aliases for all frames by @marten-seemann in quic-go/quic-go#4293

ackhandler: don't delay ACKs for Initial and Handshake packets by @marten-seemann in quic-go/quic-go#4288

protocol: rename VersionNumber to Version by @marten-seemann in quic-go/quic-go#4295

... (truncated)

Commits

4a99b81 close connection when an abnormally large number of frames are queued (#4369)
9971fed use Transport.VerifySourceAddress to control the Retry Mechanism (#4362)
497d3f5 http3: add a RoundTripOpt to check the server's SETTINGS frame (#4355)
ca787d6 add an AddrVerified field to the ClientHelloInfo (#4360)
f147639 update gomock to v0.4.0 (#4361)
06b4214 remove unused ReceiveStream.CloseRemote method (#4357)
5fd5d77 Merge pull request #4305 from quic-go/qlog-tracer
30e01b9 use the transport tracer in integration tests
55c05ac qlog: log sent packets outside of a QUIC connection
aff90a6 qlog: log sent Version Negotiation packets
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/oasisprotocol/oasis-core/network/alerts).

netlify[bot] commented 7 months ago

Deploy Preview for oasisprotocol-oasis-core canceled.

Name	Link
Latest commit	80d4e3851dbf3867c12556865f144bf479b02b87
Latest deploy log	https://app.netlify.com/sites/oasisprotocol-oasis-core/deploys/660c142ab5bed900085290f6

dependabot[bot] commented 7 months ago

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot[bot] commented 6 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

oasisprotocol / oasis-core