search

openclarity / apiclarity

An API security tool to capture and analyze API traffic, test API endpoints, reconstruct Open API specification, and identify API security risks. 
https://apiclarity.io
Apache License 2.0
498 stars 64 forks source link

Bump the go_modules group across 5 directories with 10 updates #392

Open dependabot[bot] opened 3 months ago

dependabot[bot] commented 3 months ago

Bumps the go_modules group with 1 update in the /api3 directory: golang.org/x/crypto. Bumps the go_modules group with 5 updates in the /backend directory:

Package From To
golang.org/x/crypto 0.1.0 0.17.0
github.com/docker/docker 20.10.14+incompatible 24.0.9+incompatible
github.com/jackc/pgproto3/v2 2.3.1 2.3.3
github.com/jackc/pgx/v4 4.17.2 4.18.2
google.golang.org/grpc 1.43.0 1.56.3

Bumps the go_modules group with 2 updates in the /plugins/gateway/kong directory: golang.org/x/net and google.golang.org/protobuf. Bumps the go_modules group with 3 updates in the /plugins/otel-collector/apiclarityexporter directory: golang.org/x/net, google.golang.org/grpc and go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. Bumps the go_modules group with 2 updates in the /plugins/taper directory: golang.org/x/net and google.golang.org/grpc.

Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view


Updates golang.org/x/crypto from 0.1.0 to 0.17.0

Commits
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • b8ffc16 blake2b: drop Go 1.6, Go 1.8 compatibility
  • 7e6fbd8 ssh: wrap errors from client handshake
  • bda2f3f argon2: avoid clobbering BP
  • 325b735 ssh/test: skip TestSSHCLIAuth on Windows
  • 1eadac5 go.mod: update golang.org/x dependencies
  • b2d7c26 ssh: add (*Client).DialContext method
  • Additional commits viewable in compare view


Updates golang.org/x/net from 0.2.0 to 0.10.0

Commits


Updates golang.org/x/sys from 0.2.0 to 0.15.0

Commits
  • 13b15b7 unix: add IoctlLoopConfigure on linux
  • 11eadc0 windows: add AddDllDirectory and RemoveDllDirectory
  • e4099bf unix: fix trimmed socket opt string in GetsockoptString
  • 9888904 unix: update BPF constants for Linux kernel 6.6
  • 2d0c736 unix: use fchmodat2 in Fchmodat
  • ec230da unix: use fcntl(2) libc stub on OpenBSD
  • cb378ae syscall: call getfsstat via libc on openbsd
  • 661d749 unix: use libc stubs for OpenBSD pledge+unveil
  • 1168e25 unix/linux: update Linux kernel to v6.6
  • 249e16f unix: require minimum OpenBSD 6.4 for pledge, unveil
  • Additional commits viewable in compare view


Updates golang.org/x/text from 0.4.0 to 0.14.0

Commits
  • 6c97a16 all: update go directive to 1.18
  • f488e19 unicode/norm: fix function name on comment
  • fb697c0 cmd/gotext: actually use -dir flag
  • f3e69ed cmd/gotext: fix misbehaviors
  • ab07ad1 all: remove repetitive words
  • e503480 encoding/japanese, language: shorten very long sub-test names
  • 2df65d7 all: regenerate for Unicode 15.0.0
  • e3c038a all: prepare for Unicode 15.0.0
  • 3a7a255 internal/export/idna: make more space for mapping index
  • d61dd50 go.mod: delete repeated "indirect"
  • Additional commits viewable in compare view


Updates github.com/docker/docker from 20.10.14+incompatible to 24.0.9+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.9

24.0.9

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains security fixes for the following CVEs affecting Docker Engine and its components.

CVE Component Fix version Severity
CVE-2024-21626 runc 1.1.12 High, CVSS 8.6
CVE-2024-24557 Docker Engine 24.0.9 Medium, CVSS 6.9

Important ⚠️

Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:

To address these vulnerabilities, upgrade to Docker Engine v25.0.2.

For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the blog post. For details about each vulnerability, see the relevant security advisory:

Packaging updates

v24.0.8

24.0.8

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Live restore: Containers with auto remove (docker run --rm) are no longer forcibly removed on engine restart. moby/moby#46857

... (truncated)

Commits
  • fca702d Merge pull request from GHSA-xw73-rw38-6vjc
  • f78a772 Merge pull request #47281 from thaJeztah/24.0_backport_bump_containerd_binary...
  • 61afffe Merge pull request #47270 from thaJeztah/24.0_backport_bump_runc_binary_1.1.12
  • b38e74c Merge pull request #47276 from thaJeztah/24.0_backport_bump_runc_1.1.12
  • dac5663 update containerd binary to v1.7.13
  • 20e1af3 vendor: github.com/opencontainers/runc v1.1.12
  • 858919d update runc binary to v1.1.12
  • 141ad39 Merge pull request #47266 from vvoland/ci-fix-makeps1-templatefail-24
  • db968c6 hack/make.ps1: Fix go list pattern
  • 61c51fb Merge pull request #47221 from vvoland/pkg-pools-close-noop-24
  • Additional commits viewable in compare view


Updates github.com/jackc/pgproto3/v2 from 2.3.1 to 2.3.3

Commits


Updates github.com/jackc/pgx/v4 from 4.17.2 to 4.18.2

Changelog

Sourced from github.com/jackc/pgx/v4's changelog.

4.18.2 (March 4, 2024)

Fix CVE-2024-27289

SQL injection can occur when all of the following conditions are met:

  1. The non-default simple protocol is used.
  2. A placeholder for a numeric value must be immediately preceded by a minus.
  3. There must be a second placeholder for a string value after the first placeholder; both must be on the same line.
  4. Both parameter values must be user-controlled.

Thanks to Paul Gerste for reporting this issue.

Fix CVE-2024-27304

SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control.

Thanks to Paul Gerste for reporting this issue.

  • Fix *dbTx.Exec not checking if it is already closed

4.18.1 (February 27, 2023)

  • Fix: Support pgx v4 and v5 stdlib in same program (Tomáš Procházka)

4.18.0 (February 11, 2023)

  • Upgrade pgconn to v1.14.0
  • Upgrade pgproto3 to v2.3.2
  • Upgrade pgtype to v1.14.0
  • Fix query sanitizer when query text contains Unicode replacement character
  • Fix context with value in BeforeConnect (David Harju)
  • Support pgx v4 and v5 stdlib in same program (Vitalii Solodilov)
Commits
  • 14690df Update changelog
  • 779548e Update required Go version to 1.17
  • 80e9662 Update github.com/jackc/pgconn to v1.14.3
  • 0bf9ac3 Fix erroneous test case
  • f94eb0e Always wrap arguments in parentheses in the SQL sanitizer
  • 826a892 Fix SQL injection via line comment creation in simple protocol
  • 7d882f9 Fix *dbTx.Exec not checking if it is already closed
  • 1d07b8b go mod tidy
  • 13468eb Release v4.18.1
  • 7fed69b simplify duplicate pgx registration guard
  • Additional commits viewable in compare view


Updates google.golang.org/grpc from 1.43.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view


Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates golang.org/x/net from 0.0.0-20211112202133-69e39bad7dc2 to 0.17.0

Commits


Updates golang.org/x/sys from 0.0.0-20210615035016-665e8c7367d1 to 0.13.0

Commits
  • 13b15b7 unix: add IoctlLoopConfigure on linux
  • 11eadc0 windows: add AddDllDirectory and RemoveDllDirectory
  • e4099bf unix: fix trimmed socket opt string in GetsockoptString
  • 9888904 unix: update BPF constants for Linux kernel 6.6
  • 2d0c736 unix: use fchmodat2 in Fchmodat
  • ec230da unix: use fcntl(2) libc stub on OpenBSD
  • cb378ae syscall: call getfsstat via libc on openbsd
  • 661d749 unix: use libc stubs for OpenBSD pledge+unveil
  • 1168e25 unix/linux: update Linux kernel to v6.6
  • 249e16f unix: require minimum OpenBSD 6.4 for pledge, unveil
  • Additional commits viewable in compare view


Updates golang.org/x/text from 0.3.7 to 0.13.0

Commits
  • 6c97a16 all: update go directive to 1.18
  • f488e19 unicode/norm: fix function name on comment
  • fb697c0 cmd/gotext: actually use -dir flag
  • f3e69ed cmd/gotext: fix misbehaviors
  • ab07ad1 all: remove repetitive words
  • e503480 encoding/japanese, language: shorten very long sub-test names
  • 2df65d7 all: regenerate for Unicode 15.0.0
  • e3c038a all: prepare for Unicode 15.0.0
  • 3a7a255 internal/export/idna: make more space for mapping index
  • d61dd50 go.mod: delete repeated "indirect"
  • Additional commits viewable in compare view


Updates google.golang.org/protobuf from 1.28.0 to 1.33.0

Updates golang.org/x/net from 0.0.0-20220225172249-27dd8689420f to 0.17.0

Commits


Updates golang.org/x/sys from 0.0.0-20220808155132-1c4a2a72c664 to 0.13.0

Commits
  • 13b15b7 unix: add IoctlLoopConfigure on linux
  • 11eadc0 windows: add AddDllDirectory and RemoveDllDirectory
  • e4099bf unix: fix trimmed socket opt string in GetsockoptString
  • 9888904 unix: update BPF constants for Linux kernel 6.6
  • 2d0c736 unix: use fchmodat2 in Fchmodat
  • ec230da unix: use fcntl(2) libc stub on OpenBSD
  • cb378ae syscall: call getfsstat via libc on openbsd
  • 661d749 unix: use libc stubs for OpenBSD pledge+unveil
  • 1168e25 unix/linux: update Linux kernel to v6.6
  • 249e16f unix: require minimum OpenBSD 6.4 for pledge, unveil
  • Additional commits viewable in compare view


Updates golang.org/x/text from 0.3.7 to 0.13.0

Commits
  • 6c97a16 all: update go directive to 1.18
  • f488e19 unicode/norm: fix function name on comment
  • fb697c0 cmd/gotext: actually use -dir flag
  • f3e69ed cmd/gotext: fix misbehaviors
  • ab07ad1 all: remove repetitive words
  • e503480 encoding/japanese, language: shorten very long sub-test names
  • 2df65d7 all: regenerate for Unicode 15.0.0
  • e3c038a all: prepare for Unicode 15.0.0
  • 3a7a255 internal/export/idna: make more space for mapping index
  • d61dd50 go.mod: delete repeated "indirect"
  • Additional commits viewable in compare view


Updates google.golang.org/grpc from 1.49.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view


Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.36.0 to 0.44.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.

Release v0.36.2

Changed

  • Upgrade dependencies of the OpenTelemetry Go Metric SDK to use the new v0.32.2 release
  • Avoid getting a new Tracer for every RPC in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#2835)
  • Conditionally compute message size for tracing events using proto v2 API rather than legacy v1 API in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#2647)

Deprecated

  • The Inject function in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc is deprecated. (#2838)
  • The Extract function in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc is deprecated. (#2838)

Release v0.36.1

Changed

  • Upgrade dependencies of the OpenTelemetry Go Metric SDK to use the new v0.32.1 release.
Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's changelog.

[1.19.0/0.44.0/0.13.0] - 2023-09-12

Added

  • Add gcp.gce.instance.name and gcp.gce.instance.hostname resource attributes to go.opentelemetry.io/contrib/detectors/gcp. (#4263)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ec2 have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ecs have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/eks have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/lambda have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda have been upgraded to v1.21.0. (#4265)
    • The faas.execution attribute is now faas.invocation_id.
    • The faas.id attribute is now aws.lambda.invoked_arn.
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws have been upgraded to v1.21.0. (#4265)
  • The http.request.method attribute will only allow known HTTP methods from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)

Removed

  • The high cardinality attributes net.sock.peer.addr, net.sock.peer.port, http.user_agent, enduser.id, and http.client_ip were removed from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql module is removed. (#4295)

[1.18.0/0.43.0/0.12.0] - 2023-08-28

Added

  • Add NewMiddleware function in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#2964)
  • The go.opentelemetry.io/contrib/exporters/autoexport package to provide configuration of trace exporters with useful defaults and environment variable support. (#2753, #4100, #4130, #4132, #4134)
  • WithRouteTag in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp adds HTTP route attribute to metrics. (#615)
  • Add WithSpanOptions option in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#3768)
  • Add testing support for Go 1.21. (#4233)
  • Add WithFilter option to go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#4230)

Changed

  • Change interceptors in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to disable SENT/RECEIVED events. Use WithMessageEvents() to turn back on. (#3964)

Changed

  • go.opentelemetry.io/contrib/detectors/gcp: Detect faas.instance instead of faas.id, since faas.id is being removed. (#4198)

Fixed

  • AWS XRay Remote Sampling to cap quotaBalance to 1x quota in go.opentelemetry.io/contrib/samplers/aws/xray. (#3651, #3652)

... (truncated)

Commits


Updates golang.org/x/net from 0.0.0-20211101193420-4a448f8816b3 to 0.17.0

Commits


Updates golang.org/x/sys from 0.0.0-20211025201205-69cdffdb9359 to 0.13.0

Commits
  • 13b15b7 unix: add IoctlLoopConfigure on linux
  • 11eadc0 windows: add AddDllDirectory and RemoveDllDirectory
  • e4099bf unix: fix trimmed socket opt string in GetsockoptString
  • 9888904 unix: update BPF constants for Linux kernel 6.6
  • 2d0c736 unix: use fchmodat2 in Fchmodat
  • ec230da unix: use fcntl(2) libc stub on OpenBSD
  • cb378ae syscall: call getfsstat via libc on openbsd
  • 661d749 unix: use libc stubs for OpenBSD pledge+unveil
  • 1168e25 unix/linux: update Linux kernel to v6.6
  • 249e16f unix: require minimum OpenBSD 6.4 for pledge, unveil
  • Additional commits viewable in compare view


Updates golang.org/x/text from 0.3.7 to 0.13.0

Commits
  • 6c97a16 all: update go directive to 1.18
  • f488e19 unicode/norm: fix function name on comment
  • fb697c0 cmd/gotext: actually use -dir flag
  • f3e69ed cmd/gotext: fix misbehaviors
  • ab07ad1 all: remove repetitive words
  • e503480 encoding/japanese, language: shorten very long sub-test names
  • 2df65d7 all: regenerate for Unicode 15.0.0
  • e3c038a all: prepare for Unicode 15.0.0
  • 3a7a255 internal/export/idna: make more space for mapping index
  • d61dd50 go.mod: delete repeated "indirect"
  • Additional commits viewable in compare view


Updates google.golang.org/grpc from 1.42.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix ... _Description has been truncated_