search

traPtitech / NeoShowcase

PaaS (Platform as a Service) on Docker 🐳 or k8s ☸
MIT License
53 stars 4 forks source link

build(deps): bump the non-majors group with 11 updates #918

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps the non-majors group with 11 updates:

Package From To
connectrpc.com/connect 1.16.1 1.16.2
github.com/aws/aws-sdk-go 1.51.32 1.53.14
github.com/prometheus/client_golang 1.19.0 1.19.1
github.com/regclient/regclient 0.6.0 0.6.1
github.com/traefik/traefik/v3 3.0.0 3.0.1
golang.org/x/crypto 0.22.0 0.23.0
golang.org/x/net 0.24.0 0.25.0
google.golang.org/protobuf 1.34.0 1.34.1
k8s.io/api 0.30.0 0.30.1
k8s.io/apimachinery 0.30.0 0.30.1
k8s.io/client-go 0.30.0 0.30.1

Updates connectrpc.com/connect from 1.16.1 to 1.16.2

Release notes

Sourced from connectrpc.com/connect's releases.

v1.16.2

This is a patch release to make sure that consuming modules won't be vulnerable to CVE-2023-45288.

What's Changed

  • Update the golang.org/x/net dependency to v0.23.0 in #729.

Full Changelog: https://github.com/connectrpc/connect-go/compare/v1.16.1...v1.16.2

Commits
  • 2972b2d Prepare for v1.16.2 (#733)
  • 30cddf8 Update conformance module to use newer version of Go and quic-go dependency (...
  • f7f3814 Bump golang.org/x/net from 0.22.0 to 0.23.0 in /internal/conformance (#730)
  • a6be0d0 Bump golang.org/x/net from 0.21.0 to 0.23.0 (#729)
  • a5906bd Back to development (#728)
  • See full diff in compare view


Updates github.com/aws/aws-sdk-go from 1.51.32 to 1.53.14

Release notes

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.53.14 (2024-05-31)

Service Client Updates

  • service/codebuild: Updates service documentation
    • AWS CodeBuild now supports Self-hosted GitHub Actions runners for Github Enterprise
  • service/codeguru-security: Updates service API and documentation
  • service/elasticache: Updates service API and documentation
    • Update to attributes of TestFailover and minor revisions.
  • service/launch-wizard: Updates service API and documentation

Release v1.53.13 (2024-05-30)

Service Client Updates

  • service/acm: Updates service API
    • add v2 smoke tests and smithy smokeTests trait for SDK testing.
  • service/bedrock-agent: Updates service API and documentation
  • service/bedrock-runtime: Updates service API and documentation
  • service/cloudtrail: Updates service API and documentation
    • CloudTrail Lake returns PartitionKeys in the GetEventDataStore API response. Events are grouped into partitions based on these keys for better query performance. For example, the calendarday key groups events by day, while combining the calendarday key with the hour key groups them by day and hour.
  • service/connect: Updates service API and documentation
  • service/emr-serverless: Updates service API, documentation, and paginators
  • service/rds: Updates service API, documentation, waiters, paginators, and examples
    • Updates Amazon RDS documentation for Aurora Postgres DBname.
  • service/sagemaker: Updates service API and documentation
    • Adds Model Card information as a new component to Model Package. Autopilot launches algorithm selection for TimeSeries modality to generate AutoML candidates per algorithm.

Release v1.53.12 (2024-05-29)

Service Client Updates

  • service/athena: Updates service API and documentation
    • Throwing validation errors on CreateNotebook with Name containing /,:,\
  • service/codebuild: Updates service API and documentation
    • AWS CodeBuild now supports manually creating GitHub webhooks
  • service/connect: Updates service API and documentation
  • service/glue: Updates service API and documentation
    • Add optional field JobMode to CreateJob and UpdateJob APIs.
  • service/securityhub: Updates service API

Release v1.53.11 (2024-05-28)

Service Client Updates

  • service/dynamodb: Updates service API, documentation, waiters, paginators, and examples
    • Doc-only update for DynamoDB. Specified the IAM actions needed to authorize a user to create a table with a resource-based policy.
  • service/ec2: Updates service API and documentation
    • Providing support to accept BgpAsnExtended attribute
  • service/kafka: Updates service API and documentation

... (truncated)

Commits


Updates github.com/prometheus/client_golang from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

  • Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

Full Changelog: https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

Commits


Updates github.com/regclient/regclient from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/regclient/regclient's releases.

v0.6.1

Release v0.6.1

CVEs:

  • Go update fixes CVE-2024-24788. ([PR 739][pr-739])

Breaking:

  • pkg/archive.Compress no longer decompresses the input. (PR 732)

Features:

  • Add the regclient.ImageConfig method. (PR 706)
  • Add ability to modify the layer compression. (PR 730)
  • Add support for zstd compressed layers. (PR 732)
  • Add image mod ability to append layers to an image. (PR 736)
  • regctl image mod add layer from directory. ([PR 740][pr-740])

Fixes:

  • Override the Go version used by the OSV Scanner. (PR 691)
  • Validate media types on regctl artifact put. (PR 707)
  • Use the provided descriptor in the BlobGet/Head to a registry. (PR 724)
  • Replace "whitelist" with "known list" for inclusivity. (PR 725)
  • Handle nil pointer when config file is a directory. (PR 738)

Chores:

  • Limit token permission on the coverage action. (PR 705)
  • Clarify regctl manifest head --platform will trigger a get request. (PR 713)
  • Reenable OSV Scanner weekly check in GitHub Actions. (PR 715)
  • Add fuzzing tests for compression. ([PR 741][pr-741])

Contributors:

... (truncated)

Changelog

Sourced from github.com/regclient/regclient's changelog.

Release v0.6.1

CVEs:

  • Go update fixes CVE-2024-24788. (PR 739)

Breaking:

  • pkg/archive.Compress no longer decompresses the input. (PR 732)

Features:

  • Add the regclient.ImageConfig method. (PR 706)
  • Add ability to modify the layer compression. (PR 730)
  • Add support for zstd compressed layers. (PR 732)
  • Add image mod ability to append layers to an image. (PR 736)
  • regctl image mod add layer from directory. ([PR 740][pr-740])

Fixes:

  • Override the Go version used by the OSV Scanner. (PR 691)
  • Validate media types on regctl artifact put. (PR 707)
  • Use the provided descriptor in the BlobGet/Head to a registry. (PR 724)
  • Replace "whitelist" with "known list" for inclusivity. (PR 725)
  • Handle nil pointer when config file is a directory. (PR 738)

Chores:

  • Limit token permission on the coverage action. (PR 705)
  • Clarify regctl manifest head --platform will trigger a get request. (PR 713)
  • Reenable OSV Scanner weekly check in GitHub Actions. (PR 715)
  • Add fuzzing tests for compression. ([PR 741][pr-741])

Contributors:

... (truncated)

Commits
  • 766ee62 Release v0.6.1
  • aa0e17f Merge for release v0.6.1
  • 1dc1415 Merge pull request #741 from sudo-bmitch/pr-compress-fuzzing
  • 1ba5b82 Chore: Add fuzzing tests for compression
  • 921edf5 Merge pull request #740 from sudo-bmitch/pr-layer-add-dir
  • de0489f Feat: regctl image mod add layer from directory
  • 28f75f3 Merge pull request #739 from sudo-bmitch/pr-update-20240512
  • edfae86 Version bump
  • 17ad1d3 Merge pull request #738 from sudo-bmitch/pr-regctl-conf-dir
  • 0125c58 Fix: Handle nil pointer when config file is a dir
  • Additional commits viewable in compare view


Updates github.com/traefik/traefik/v3 from 3.0.0 to 3.0.1

Release notes

Sourced from github.com/traefik/traefik/v3's releases.

v3.0.1

CVE's:

Bug fixes:

Documentation:

Changelog

Sourced from github.com/traefik/traefik/v3's changelog.

v3.0.1 (2024-05-22)

All Commits

Bug fixes:

Documentation:

v2.11.3 (2024-05-17)

All Commits

Bug fixes:

Documentation:

Commits
  • 736f37c Prepare release v3.0.1
  • cff71ee Merge branch v2.11 into v3.0
  • f02b223 Prepare release v2.11.3
  • d4d23dc Fix UI unit tests
  • 5e4dc78 Allow empty configuration for OpenTelemetry metrics and tracing
  • 440cb11 Add support for IP White list
  • 4292059 Display of Content Security Policy values getting out of screen
  • e68e647 Fix OTel documentation
  • 8b55864 fix: remove providers not more support in documentation
  • f8e45a0 fix: doc consistency forwardauth
  • Additional commits viewable in compare view


Updates golang.org/x/crypto from 0.22.0 to 0.23.0

Commits
  • 905d78a go.mod: update golang.org/x dependencies
  • ebb717d ssh: validate key type in SSH_MSG_USERAUTH_PK_OK response
  • 0da2a6a openpgp: fix function name in comment
  • 5defcc1 sha3: fix Sum results for SHAKE functions on s390x
  • See full diff in compare view


Updates golang.org/x/net from 0.24.0 to 0.25.0

Commits
  • d27919b go.mod: update golang.org/x dependencies
  • e0324fc http2: use net.ErrClosed
  • b20cd59 quic: initiate key rotation earlier in connections
  • f95a3b3 html: fix typo in package doc
  • 0a24555 http/httpguts: speed up ValidHeaderFieldName
  • ec05fdc http2: don't retry the first request on a connection on GOAWAY error
  • b67a0f0 http2: send correct LastStreamID in stream-caused GOAWAY
  • a130fcc quic: don't consider goroutines running when tests start as leaked
  • See full diff in compare view


Updates google.golang.org/protobuf from 1.34.0 to 1.34.1

Updates k8s.io/api from 0.30.0 to 0.30.1

Commits
  • 41b1806 Update dependencies to v0.30.1 tag
  • 0fd470c Merge pull request #124702aojea/automated-cherry-pick-of-#124572
  • a669f18 Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
  • 15001b5 fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
  • d9a08c5 tag service.spec.TrafficDistribution field as alpha
  • See full diff in compare view


Updates k8s.io/apimachinery from 0.30.0 to 0.30.1

Commits


Updates k8s.io/client-go from 0.30.0 to 0.30.1

Commits
  • 8e3349b Update dependencies to v0.30.1 tag
  • 4e1652b Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
  • 2daa31e fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions