search

traPtitech / NeoShowcase

PaaS (Platform as a Service) on Docker 🐳 or k8s ☸
MIT License
53 stars 4 forks source link

build(deps): bump the non-majors group with 14 updates #970

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 2 weeks ago

Bumps the non-majors group with 14 updates:

Package From To
github.com/cert-manager/cert-manager 1.15.3 1.16.1
github.com/moby/buildkit 0.16.0 0.17.0
github.com/prometheus/client_golang 1.20.4 1.20.5
github.com/prometheus/common 0.59.1 0.60.1
github.com/tonistiigi/fsutil 0.0.0-20240424095704-91a3fc46842c 0.0.0-20241028165955-397af5306b5c
github.com/traefik/traefik/v3 3.1.4 3.2.0
github.com/volatiletech/strmangle 0.0.6 0.0.8
go.mongodb.org/mongo-driver 1.17.0 1.17.1
golang.org/x/crypto 0.27.0 0.28.0
golang.org/x/net 0.29.0 0.30.0
google.golang.org/protobuf 1.34.2 1.35.1
k8s.io/api 0.31.1 0.31.2
k8s.io/apimachinery 0.31.1 0.31.2
k8s.io/client-go 0.31.1 0.31.2

Updates github.com/cert-manager/cert-manager from 1.15.3 to 1.16.1

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.16.1

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.

📖 Read the complete 1.16 release notes before upgrading.

📜Changes since v1.16.0

Bug or Regression

  • BUGFIX: Helm schema validation: the new schema validation was too strict for the "global" section. Since the global section is shared across all charts and sub-charts, we must also allow unknown fields. (#7348, @inteon)
  • BUGFIX: Helm will now accept percentages for the podDisruptionBudget.minAvailable and podDisruptionBudget.maxAvailable values. (#7345, @inteon)
  • Helm: allow enabled to be set as a value to toggle cert-manager as a dependency. (#7356, @inteon)
  • BUGFIX: A change in v1.16.0 caused cert-manager's ACME ClusterIssuer to look in the wrong namespace for resources required for the issuance (e.g. credential Secrets). This is now fixed in v1.16.1. (#7342, @inteon)

v1.16.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.

📖 Read the complete 1.16 release notes at cert-manager.io.

⚠️ Known issues

  1. Helm Chart: JSON schema prevents the chart being used as a sub-chart on Rancher RKE.
  2. ACME DNS01 ClusterIssuer fail while loading credentials from Secret resources.

❗ Breaking changes

  1. Helm schema validation may reject your existing Helm values files if they contain typos or unrecognized fields.
  2. Venafi Issuer may fail to renew certificates if the requested duration conflicts with the CA’s minimum or maximum policy settings in Venafi.
  3. Venafi Issuer may fail to renew Certificates if the issuer has been configured for TPP with username-password authentication.

📖 Read the complete 1.16 release notes at cert-manager.io.

📜 Changes since v1.15.0

📖 Read the complete 1.16 release notes at cert-manager.io.

Feature

  • Add SecretRef support for Venafi TPP issuer CA Bundle (#7036, @sankalp-at-gh)
  • Add renewBeforePercentage alternative to renewBefore (#6987, @cbroglie)
  • Add a metrics server to the cainjector (#7194, @wallrj)
  • Add a metrics server to the webhook (#7182, @wallrj)
  • Add client certificate auth method for Vault issuer (#4330, @joshmue)
  • Add process and go runtime metrics for controller (#6966, @mindw)
  • Added app.kubernetes.io/managed-by: cert-manager label to the cert-manager-webhook-ca Secret (#7154, @jrcichra)
  • Allow the user to specify a Pod template when using GatewayAPI HTTP01 solver, this mirrors the behavior when using the Ingress HTTP01 solver. (#7211, @ThatsMrTalbot)
  • Create token request RBAC for the cert-manager ServiceAccount by default (#7213, @Jasper-Ben)

... (truncated)

Commits
  • ff50c06 Merge pull request #7356 from cert-manager-bot/cherry-pick-7350-to-release-1.16
  • 2298278 Helm: add enabled to json schema
  • 02f4a60 Merge pull request #7355 from cert-manager-bot/cherry-pick-7351-to-release-1.16
  • 7525267 Helm chart: fix documentation for service accounts annotations
  • b44f375 Merge pull request #7348 from cert-manager/self-upgrade-release-1.16
  • c3bdc1f Run 'make upgrade-klone' and 'make generate'
  • 2d22a92 Merge pull request #7345 from cert-manager-bot/cherry-pick-7343-to-release-1.16
  • 4f4ea8b update schema validation for minAvailable and maxAvailable to accept both str...
  • 17d9d81 Merge pull request #7342 from cert-manager-bot/cherry-pick-7339-to-release-1.16
  • 1144aab add ACME ClusterIssuer resource namespace test
  • Additional commits viewable in compare view


Updates github.com/moby/buildkit from 0.16.0 to 0.17.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.17.0

Welcome to the v0.17.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi
  • CrazyMax
  • Sebastiaan van Stijn
  • Jonathan A. Sternberg
  • David Karlsson
  • Justin Chadwell
  • Talon Bowler
  • Anthony Nandaa
  • Akihiro Suda
  • Shaun Thompson
  • Austin Vazquez
  • Billy Owire
  • Eoin Farrell
  • MohammadHasan Akbari
  • Alberto Garcia Hierro
  • Gabriel-Adrian Samfira
  • Laurent Goderre
  • Marat Radchenko
  • Matt Rickard
  • Paulo Sousa
  • Sergio Garcez
  • Silvin Lubecki
  • castrombithisamm
  • ryio1010

Notable Changes

  • Builtin Dockerfile frontend has been updated to v1.11.0 changelog
  • Garbage collection policies and prune filters have been updated to be more flexible and allow more control over used storage. Users can now define storage controls based on how much empty space is available on disk and define reserved and maximum storage limits separately #5359 #5079
  • FileOp.Copy now supports non-octal values for setting file mode with chmod #5375
  • Protobuf tooling has moved away from GoGo Protobuf. #5356 #5409 #5396 #5342
  • Memory allocations, especially when uploading big build contexts or copying build results back to client, have been reduced #5409 #5442
  • Allow Git builds from SHA references that are not part of a branch or tag #5441
  • Improve OpenTelemetry tracing for authentication routines #5432
  • HTTP requests from build steps now use BuildKit specific user-agent like the Container registry requests #5407
  • ExecOp build steps now supports setting expected non-zero exit codes #5339
  • Parameter options can now be passed to the SBOM scanner #5372
  • Determinism of LLB marshaling has been improved to reduce unnecessary cache lookups #5374
  • Completeness of history records is now validated at startup #5378
  • Debug address now supports new flight recorder endpoints #5337

... (truncated)

Commits
  • fd61877 Merge pull request #5464 from dvdksn/docs-s-parent-base
  • 5f27278 docs: s/parent image/base image/
  • d09c1e2 Merge pull request #5462 from tonistiigi/deps-update-20241028
  • cda279e Merge pull request #5449 from dvdksn/check-undefined-var
  • c9a25c4 pb: regenerate protobuf
  • 3220d67 vendor: revert containerd 1.7.23 because errdefs changes incompatible
  • 22d8eba Dockerfile: update xx to v1.5.0
  • b5c4155 vendor: update compress to v1.17.11
  • 2c5c4a3 vendor: update cli to v1.22.16
  • f01d41c vendor: update azidentity to v1.6.0
  • Additional commits viewable in compare view


Updates github.com/prometheus/client_golang from 1.20.4 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

  • [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.
Commits


Updates github.com/prometheus/common from 0.59.1 to 0.60.1

Release notes

Sourced from github.com/prometheus/common's releases.

v0.60.1

What's Changed

Full Changelog: https://github.com/prometheus/common/compare/v0.60.0...v0.60.1

v0.60.0

What's Changed

Full Changelog: https://github.com/prometheus/common/compare/v0.59.1...v0.60.0

Commits
  • 653e0fa Update common Prometheus files (#701)
  • 0d2e2e5 Reload certificates even when no CA is used (#707)
  • a9d2e3f Merge pull request #705 from roidelapluie/sourcefile
  • fdc50c7 promslog: Only log basename, not full path
  • dae848d Update supported Go versions (#700)
  • 63ff77e Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (#698)
  • b7aa68c Bump golang.org/x/net from 0.28.0 to 0.29.0 (#699)
  • 4e3a6fd feat: add promslog.NewNopLogger() convenience func (#697)
  • d66e745 promslog: use UTC timestamps for go-kit log style (#696)
  • 14bac55 Merge pull request #695 from prometheus/repo_sync
  • Additional commits viewable in compare view


Updates github.com/tonistiigi/fsutil from 0.0.0-20240424095704-91a3fc46842c to 0.0.0-20241028165955-397af5306b5c

Commits


Updates github.com/traefik/traefik/v3 from 3.1.4 to 3.2.0

Release notes

Sourced from github.com/traefik/traefik/v3's releases.

v3.2.0

Important: Please read the migration guide.

Enhancements:

  • [acme] Remove same email requirement for certresolvers (#11019 by Emrio)
  • [acme] Add support for custom CA certificates by certificate resolver (#10816 by ldez)
  • [acme] Add 30 day certificatesDuration step (#10970 by luker983)
  • [docker] Support HTTP BasicAuth for docker and swarm endpoint (#10776 by 985492783)
  • [k8s,k8s/gatewayapi] Add supported features to the Gateway API GatewayClass status (#11056 by rtribotte)
  • [k8s,k8s/gatewayapi] Update sigs.k8s.io/gateway-api to v1.2.0-rc1 (#11124 by rtribotte)
  • [k8s,k8s/gatewayapi] Add support for backend protocol selection in HTTP and GRPC routes (#11051 by rtribotte)
  • [k8s,k8s/gatewayapi] Improve Kubernetes GatewayAPI TCPRoute and TLSRoute support (#11042 by rtribotte)
  • [k8s,k8s/gatewayapi] Support HTTPRoute destination port matching (#11134 by kevinpollet)
  • [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0-rc2 (#11131 by kevinpollet)
  • [k8s,k8s/gatewayapi] Add support for Gateway API BackendTLSPolicies (#11009 by rtribotte)
  • [k8s,k8s/gatewayapi] Support NativeLB option in GatewayAPI provider (#11147 by rtribotte)
  • [k8s,k8s/gatewayapi] Support ResponseHeaderModifier filter (#10987 by kevinpollet)
  • [k8s,k8s/gatewayapi] Support GRPC routes (#10975 by kevinpollet)
  • [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0 (#11167 by rtribotte)
  • [metrics,otel] Allow setting service.name for OTLP metrics (#10917 by cmartell-at-ocp)
  • [middleware,accesslogs] Record trace id and EntryPoint span id into access log (#10921 by weijiany)
  • [middleware,authentication] Support LogUserHeader with forwardAuth middleware (#10833 by GaleHuang)
  • [middleware] Add encodings option to the compression middleware (#10943 by wollomatic)
  • [middleware] Add support for ipv6 subnet in ipStrategy (#9747 by michal-kralik)
  • [nomad] Support for watching instead of polling Nomad (#10997 by deverton-godaddy)
  • [server,performance] Introduce a fast proxy mode to improve HTTP/1.1 performances with backends (#11122 by kevinpollet)
  • [server] Configurable max request header size (#10995 by lucasrod16)
  • [service] Add mirrorBody option to HTTP mirroring (#11032 by MatteoPaier)
  • [service] Add an option to preserve server path (#11193 by mmatur)

Bug fixes:

  • [k8s,k8s/gatewayapi] Ensuring Gateway API reflected Traefik resource name unicity (#11222 by rtribotte)
  • [k8s,k8s/gatewayapi] Preserve GRPCRoute filters order (#11199 by kevinpollet)
  • [k8s,k8s/gatewayapi] Support http and https appProtocol for Kubernetes Service (#11176 by WillDaSilva)
  • [k8s,k8s/gatewayapi] Avoid updating Accepted status for routes matching no Gateways (#11170 by rtribotte)
  • [k8s,k8s/gatewayapi] Do not update gateway status when not selected by a gateway class (#11169 by kevinpollet)
  • [service] Detect and drop broken conns in the fastproxy pool (#11212 by kevinpollet)

Documentation:

Misc:

... (truncated)

Changelog

Sourced from github.com/traefik/traefik/v3's changelog.

v3.2.0 (2024-10-28)

All Commits

Enhancements:

  • [acme] Remove same email requirement for certresolvers (#11019 by Emrio)
  • [acme] Add support for custom CA certificates by certificate resolver (#10816 by ldez)
  • [acme] Add 30 day certificatesDuration step (#10970 by luker983)
  • [docker] Support HTTP BasicAuth for docker and swarm endpoint (#10776 by 985492783)
  • [k8s,k8s/gatewayapi] Add supported features to the Gateway API GatewayClass status (#11056 by rtribotte)
  • [k8s,k8s/gatewayapi] Update sigs.k8s.io/gateway-api to v1.2.0-rc1 (#11124 by rtribotte)
  • [k8s,k8s/gatewayapi] Add support for backend protocol selection in HTTP and GRPC routes (#11051 by rtribotte)
  • [k8s,k8s/gatewayapi] Improve Kubernetes GatewayAPI TCPRoute and TLSRoute support (#11042 by rtribotte)
  • [k8s,k8s/gatewayapi] Support HTTPRoute destination port matching (#11134 by kevinpollet)
  • [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0-rc2 (#11131 by kevinpollet)
  • [k8s,k8s/gatewayapi] Add support for Gateway API BackendTLSPolicies (#11009 by rtribotte)
  • [k8s,k8s/gatewayapi] Support NativeLB option in GatewayAPI provider (#11147 by rtribotte)
  • [k8s,k8s/gatewayapi] Support ResponseHeaderModifier filter (#10987 by kevinpollet)
  • [k8s,k8s/gatewayapi] Support GRPC routes (#10975 by kevinpollet)
  • [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0 (#11167 by rtribotte)
  • [metrics,otel] Allow setting service.name for OTLP metrics (#10917 by cmartell-at-ocp)
  • [middleware,accesslogs] Record trace id and EntryPoint span id into access log (#10921 by weijiany)
  • [middleware,authentication] Support LogUserHeader with forwardAuth middleware (#10833 by GaleHuang)
  • [middleware] Add encodings option to the compression middleware (#10943 by wollomatic)
  • [middleware] Add support for ipv6 subnet in ipStrategy (#9747 by michal-kralik)
  • [nomad] Support for watching instead of polling Nomad (#10997 by deverton-godaddy)
  • [server,performance] Introduce a fast proxy mode to improve HTTP/1.1 performances with backends (#11122 by kevinpollet)
  • [server] Configurable max request header size (#10995 by lucasrod16)
  • [service] Add mirrorBody option to HTTP mirroring (#11032 by MatteoPaier)
  • [service] Add an option to preserve server path (#11193 by mmatur)

Bug fixes:

  • [k8s,k8s/gatewayapi] Ensuring Gateway API reflected Traefik resource name unicity (#11222 by rtribotte)
  • [k8s,k8s/gatewayapi] Preserve GRPCRoute filters order (#11199 by kevinpollet)
  • [k8s,k8s/gatewayapi] Support http and https appProtocol for Kubernetes Service (#11176 by WillDaSilva)
  • [k8s,k8s/gatewayapi] Avoid updating Accepted status for routes matching no Gateways (#11170 by rtribotte)
  • [k8s,k8s/gatewayapi] Do not update gateway status when not selected by a gateway class (#11169 by kevinpollet)
  • [service] Detect and drop broken conns in the fastproxy pool (#11212 by kevinpollet)

Documentation:

Misc:

... (truncated)

Commits
  • 25caa72 Prepare release v3.2.0
  • 8beba9f Merge branch v3.1 into v3.2
  • e90f4a7 Prepare release v3.1.7
  • 20cdbdb Merge branch v2.11 into v3.1
  • 08fe27c Prepare release v2.11.13
  • 0dc3637 Ensuring Gateway API reflected Traefik resource name unicity
  • 2794849 Panic on aborted requests to properly close the connection
  • e3ed52b Detect and drop broken conns in the fastproxy pool
  • b22e081 Merge branch v3.1 into v3.2
  • 62fa5f1 Merge branch v2.11 into v3.1
  • Additional commits viewable in compare view


Updates github.com/volatiletech/strmangle from 0.0.6 to 0.0.8

Commits
  • d7da2ad Fix issue with test
  • 118351e Merge pull request #19 from cubiest/trim_left
  • b805427 Merge pull request #17 from cubiest/revert-15-enum_slash
  • 63da46b Merge pull request #18 from cubiest/improve_sanitizing
  • 76f3eed Merge pull request #20 from cubiest/MJacred-patch-1
  • 3192d18 Fix identification of "just uppercase letters and underscores"
  • 24c6518 Add TrimLeftDigits() and add *Full() versions of TitleCase() and CamelCase()
  • 7d722f4 Fix CamelCase() and harden its sanitizing
  • 55e5298 Revert "Support enum values with slash"
  • 8651789 Merge pull request #15 from starsep/enum_slash
  • Additional commits viewable in compare view


Updates go.mongodb.org/mongo-driver from 1.17.0 to 1.17.1

Release notes

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.17.1

The MongoDB Go Driver Team is pleased to release version 1.17.1 of the official Go driver.

Release Notes

This release improves the behavior of connection checkout by checking for closed connections.

It also fixes a bug where the authSource from a TXT record would be overridden for auth mechanisms that require an authSource of $external.

For a full list of tickets included in this release, please see the links below:

Full Changelog: v1.17.0...v1.17.1

Documentation for the Go driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go driver is greatly appreciated!

Commits
  • 070817d BUMP v1.17.1
  • b45e5d9 GODRIVER-3156 Detect and discard closed idle connections. (#1815) [release/1....
  • b473d1b GODRIVER-3313 [release/1.17] Skip CSOT spec tests on Windows and macOS. (#1838)
  • c0afeee GODRIVER-3358 [release/1.17] Do not override authSource from TXT record (#1840)
  • bd39092 GODRIVER-2589 [release/1.17] Clarify *Cursor.All() behavior in comment. (#1...
  • b7e6686 DEVPROD-10453 Use assume_role for s3 uploads [release/1.17] (#1824) (#1837)
  • 3911a1b update repo metadata
  • See full diff in compare view


Updates golang.org/x/crypto from 0.27.0 to 0.28.0

Commits
  • adef4cc go.mod: update golang.org/x dependencies
  • a0819fb sha3: fix cSHAKE initialization for extremely large N and or S
  • 42ee18b ssh: return ServerAuthError after too many auth failures
  • 9e92970 bn256: add missing symbols in comment
  • See full diff in compare view


Updates golang.org/x/net from 0.29.0 to 0.30.0

Commits
  • 6cc5ac4 go.mod: update golang.org/x dependencies
  • f88258d websocket: update nhooyr.io/websocket to github.com/coder/websocket
  • 7191757 http2: add support for net/http HTTP2 config field
  • 4790dc7 http2: add support for server-originated pings
  • 541dbe5 http2: add Server.WriteByteTimeout
  • 3c333c0 route: fix address parsing of messages on Darwin
  • See full diff in compare view


Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Updates k8s.io/api from 0.31.1 to 0.31.2

Commits


Updates k8s.io/apimachinery from 0.31.1 to 0.31.2

Commits


Updates k8s.io/client-go from 0.31.1 to 0.31.2

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
github-actions[bot] commented 2 weeks ago

Preview (prod backend + PR dashboard) → https://970.ns-preview.trapti.tech/