sieveLau / mosdns

A DNS forwarder, with customizable pipeline. The legacy (v4) version with deps upgrade.
GNU General Public License v3.0
7 stars 1 forks source link

build(deps): bump the dependencies group across 1 directory with 2 updates #56

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the dependencies group with 2 updates in the / directory: github.com/quic-go/quic-go and google.golang.org/protobuf.

Updates github.com/quic-go/quic-go from 0.42.0 to 0.43.0

Release notes

Sourced from github.com/quic-go/quic-go's releases.

v0.43.0

quic-go.net: Launching a new Documentation Site

With this release, we're launching a new documentation site for the quic-go projects (quic-go itself, HTTP/3, webtransport-go, and soon, masque-go): quic-go.net.

The documentation site aims to explain QUIC concepts and how they are made accessible using quic-go's API. This site replaces the wiki, and the ever-growing README files.

A lot of work has gone into the documentation already, but we're by no means done yet. The entire source is public in https://github.com/quic-go/docs/, and we're happy about community contributions.

HTTP Datagrams (RFC 9297)

This release adds support for HTTP Datagrams (RFC 9297), both on the client and on the server side (#4452). HTTP Datagrams are used in WebTransport in CONNECT-UDP (RFC 9298), among others.

The new API for HTTP Datagrams is described on the new documentation page: HTTP Datagrams. The integration of HTTP Datagram support necessitated a comprehensive refactor of the HTTP/3 package, resulting in several breaking API changes listed below.

Breaking Changes

  • quicvarint: functions now return an int instead the internal protocol.ByteCount (#4365)
  • http3: Server.SetQuicHeaders was renamed to SetQUICHeaders (#4377)
  • http3: Server.QuicConfig was renamed to QUICConfig (#4384)
  • http3: RoundTripper.QuicConfig was renamed to QUICConfig (#4385)
  • http3: RoundTripOpt.CheckSettings was removed (#4416). Use the newSingleDestinationRoundTripper API instead.
  • http3: the HTTPStreamer interface is now implemented by the http.ResponseWriter (and not the http.Request.Body) (#4469)
  • include the maximum payload size in the DatagramTooLargeError (#4470)

Other Notable Changes

  • GSO and ECN is disabled on kernel versions older than 5 (#4456)
  • http3: logging can be controlled using an slog.Logger (#4449)
  • http3: HEAD requests can now be sent in 0-RTT (#4378)
  • http3: duplicate QPACK encoder and decoder streams are not rejected as required by the RFC (#4388)
  • http3: Extended CONNECT are blocked until the server's SETTINGS are received, as required by the RFC (#4450)
  • http3: HTTP/3 client connections aren't removed if RoundTrip errors due to a cancelled context (#4448). Thanks to @​GeorgeMac!
  • http3: sniff Content-Type when flushing the ResponseWriter (#4412). Thanks to @​WeidiDeng!
  • The Context exposed on the quic.Stream is now derived from the connection's context (#4414)
  • The UDP send and receive buffer size was increased to 7 MiB (#4455). Thanks to @​bt90!

Clarifications on the QUIC Stream State Machine

Calling CancelWrite after Close

After a long and fruitful discussion (#4404), we decided to clarify that calling CancelWrite after Close on a SendStream (or a bidirectional stream) should cause a state transition from the "Data Sent" to the "Reset Sent" state, as described in section 3.1 of RFC 9000. This matches the current behavior of quic-go, however, it didn't match the API documentation (fixed in #4419).

This means that stream data will not be delivered reliably if CancelWrite is called, and that this applies even if Close was called before.

Garbage Collection of Streams

This release also changes the way streams are garbage-collected (and the peer is granted additional limit to open a new stream), once they're not needed anymore, in a subtle way:

  • for the send direction of streams: #4445

... (truncated)

Commits
  • 93c4785 http3: sniff Content-Type when flushing the ResponseWriter (#4412)
  • c0250ce include the maximum payload size in the DatagramTooLargeError (#4470)
  • 34f4d14 http3: implement on the HTTPStreamer on the ResponseWriter, flush header (#4469)
  • 083ceb4 http3: rename Settings.EnableDatagram to EnableDatagrams (#4466)
  • e1e5b62 README: link to the new documentation site (#4464)
  • 2a37c53 http3: add support for HTTP Datagrams (RFC 9297) (#4452)
  • 11b1159 http3: fix race condition in client unit test (#4463)
  • 4b87539 delay completion of the receive stream until the reset error was read (#4460)
  • bff131e delay completion of the send stream until the reset error was delivered (#4445)
  • 12aa638 disable GSO and ECN on kernels older than version 5 (#4456)
  • Additional commits viewable in compare view


Updates google.golang.org/protobuf from 1.33.0 to 1.34.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 6 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.