Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the security group with 13 updates #1691

Merged
merged 1 commit into from
Nov 19, 2024
Merged

chore(deps): bump the security group with 13 updates #1691

merged 1 commit into from
Nov 19, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 18, 2024

Bumps the security group with 13 updates:

Package From To
github.com/containers/image/v5 5.32.2 5.33.0
github.com/vishvananda/netlink 1.2.1-beta.2 1.3.0
github.com/vishvananda/netns 0.0.4 0.0.5
github.com/vmware-tanzu/velero 1.14.1 1.15.0
go.opentelemetry.io/otel 1.31.0 1.32.0
go.opentelemetry.io/otel/sdk 1.31.0 1.32.0
golang.org/x/exp 0.0.0-20240613232115-7f521ea00fb8 0.0.0-20241009180824-f66d83c29e7c
golang.org/x/mod 0.21.0 0.22.0
golang.org/x/sync 0.8.0 0.9.0
golang.org/x/net 0.30.0 0.31.0
golang.org/x/sys 0.26.0 0.27.0
golang.org/x/text 0.19.0 0.20.0
helm.sh/helm/v3 3.16.2 3.16.3

Updates github.com/containers/image/v5 from 5.32.2 to 5.33.0

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.33.0

What's Changed

... (truncated)

Commits
  • c3a2029 Bump to c/image v5.33.0
  • 04d69d5 Bump to c/storage v1.56.0
  • 59417ae Merge pull request #2609 from mtrmac/copy-resolve-destination
  • 6ba898f HACK: Only return an image ID from ReportResolvedReference for c/storage
  • 125f862 Return a precise reference to the created image when writing to containers-st...
  • 91d22b2 Introduce private.ImageDestination.CommitWithOptions
  • 831269d Rename an options variable to imgOptions
  • ba2a4ae Merge pull request #2616 from containers/renovate/golang.org-x-exp-digest
  • 6bcb929 fix(deps): update golang.org/x/exp digest to f66d83c
  • 228de93 Merge pull request #2615 from containers/renovate/github.com-containers-stora...
  • Additional commits viewable in compare view

Updates github.com/vishvananda/netlink from 1.2.1-beta.2 to 1.3.0

Release notes

Sourced from github.com/vishvananda/netlink's releases.

v1.3.0

  • Fixed backward compatibility breakage of func (h *Handle) ConntrackDeleteFilter.
  • Other fixes and improvements from the community.

v1.2.1

Thanks to the community, this release contains several new functionalities and many bug fixes

Commits
  • 6f57139 Fix recvfrom goroutine leak
  • 298ff27 Handle: add ConntrackDeleteFilter alias for backward compat
  • 5b0b9d8 rule: add Rule.Type to allow adding/listing unreachable (RTN_UNREACHABLE) rules
  • 65a253d link_linux: add support for IFLA_MACVLAN_BC_QUEUE_LEN(_USED)
  • 3b7e16c Add ConntrackDeleteFilters
  • 4317e32 feat: add LinkSetBondSlaveActive()/LinkDelBondSlave()
  • a57a7bd Add handle support for socket
  • aaf4f98 Fix determination of the promiscuity counter for links
  • 7a4f10d fix: updates SizeofVfVlanInfo to address #1003
  • 8f96fd8 # rule: fix 32-bit platforms don't support adding rules with a mark value of ...
  • Additional commits viewable in compare view

Updates github.com/vishvananda/netns from 0.0.4 to 0.0.5

Release notes

Sourced from github.com/vishvananda/netns's releases.

v0.0.5

What's Changed

Externally visible changes

Internal cleanup

New Contributors

Full Changelog: vishvananda/netns@v0.0.4...v0.0.5

Commits
  • 4c46424 Adding file path for nerdctl and finch (#87)
  • d37cca3 Bump golangci/golangci-lint-action from 5 to 6 (#86)
  • 2612885 Bump golangci/golangci-lint-action from 4 to 5 (#83)
  • 9469873 Bump golangci/golangci-lint-action from 3 to 4 (#82)
  • ae79633 Bump actions/setup-go from 4 to 5 (#80)
  • fa01794 Bump actions/checkout from 3 to 4 (#78)
  • 16c2fa0 Bump actions/setup-go from 3 to 4 (#73)
  • df76f81 enable gocritic, gosec, gosimple, govet unconvert, unparam, unused and whites...
  • 364b2a2 ci(lint): enable errcheck, errorlint, gci, misspell, nonamedreturns and stati...
  • 5992098 ci(lint): setup YAML Lint step (#68)
  • See full diff in compare view

Updates github.com/vmware-tanzu/velero from 1.14.1 to 1.15.0

Release notes

Sourced from github.com/vmware-tanzu/velero's releases.

v1.15.0

v1.15

Download

https://github.com/vmware-tanzu/velero/releases/tag/v1.15.0

Container Image

velero/velero:v1.15.0

Documentation

https://velero.io/docs/v1.15/

Upgrading

https://velero.io/docs/v1.15/upgrade-to-1.15/

Highlights

Data mover micro service

Data transfer activities for CSI Snapshot Data Movement are moved from node-agent pods to dedicate backupPods or restorePods. This brings many benefits such as:

  • This avoids to access volume data through host path, while host path access is privileged and may involve security escalations, which are concerned by users.
  • This enables users to to control resource (i.e., cpu, memory) allocations in a granular manner, e.g., control them per backup/restore of a volume.
  • This enhances the resilience, crash of one data movement activity won't affect others.
  • This prevents unnecessary full backup because of host path changes after workload pods restart.
  • For more information, check the design https://github.com/vmware-tanzu/velero/blob/main/design/Implemented/vgdp-micro-service/vgdp-micro-service.md.

Item Block concepts and ItemBlockAction (IBA) plugin

Item Block concepts are introduced for resource backups to help to achieve multiple thread backups. Specifically, correlated resources are categorized in the same item block and item blocks could be processed concurrently in multiple threads.
ItemBlockAction plugin is introduced to help Velero to categorize resources into item blocks. At present, Velero provides built-in IBAs for pods and PVCs and Velero also supports customized IBAs for any resources.
In v1.15, Velero doesn't support multiple thread process of item blocks though item block concepts and IBA plugins are fully supported. The multiple thread support will be delivered in future releases.
For more information, check the design https://github.com/vmware-tanzu/velero/blob/main/design/backup-performance-improvements.md.

Node selection for repository maintenance job

Repository maintenance are resource consuming tasks, Velero now allows you to configure the nodes to run repository maintenance jobs, so that you can run repository maintenance jobs in idle nodes or avoid them to run in nodes hosting critical workloads.
To support the configuration, a new repository maintenance configuration configMap is introduced.
For more information, check the document https://velero.io/docs/v1.15/repository-maintenance/.

Backup PVC read-only configuration

In 1.15, Velero allows you to configure the data mover backupPods to read-only mount the backupPVCs. In this way, the data mover expose process could be significantly accelerated for some storages (i.e., ceph).
To support the configuration, a new backup PVC configuration configMap is introduced.
For more information, check the document https://velero.io/docs/v1.15/data-movement-backup-pvc-configuration/.

Backup PVC storage class configuration

In 1.15, Velero allows you to configure the storageclass used by the data mover backupPods. In this way, the provision of backupPVCs don't need to adhere to the same pattern as workload PVCs, e.g., for a backupPVC, it only needs one replica, whereas, the a workload PVC may have multiple replicas.
To support the configuration, the same backup PVC configuration configMap is used.
For more information, check the document https://velero.io/docs/v1.15/data-movement-backup-pvc-configuration/.

Backup repository data cache configuration

The backup repository may need to cache data on the client side during various repository operations, i.e., read, write, maintenance, etc. The cache consumes the root file system space of the pod where the repository access happens.
In 1.15, Velero allows you to configure the total size of the cache per repository. In this way, if your pod doesn't have enough space in its root file system, the pod won't be evicted due to running out of ephemeral storage.
To support the configuration, a new backup repository configuration configMap is introduced.
For more information, check the document https://velero.io/docs/v1.15/backup-repository-configuration/.

... (truncated)

Commits
  • 1d4f147 Merge pull request #8349 from blackpiglet/fix_v1.15.0_migration_case_error
  • 6f79c54 Fix the KIBISHII_DIRECTORY parameter not working issue.
  • 15ee6a4 Refactor the code to get the plugin images for migration cases.
  • d2dec9d Merge pull request #8336 from Lyndon-Li/release-1.15
  • 7cd92a5 Pin the version of Golang and base image for v1.15.0
  • 706dd13 Merge pull request #8330 from Lyndon-Li/1.15-change-log
  • bdd231c Merge pull request #8333 from Lyndon-Li/add-1.15-doc
  • 6ffe461 add 1.15 changelog
  • 9f17fb3 add doc for 1.15
  • 182478f Merge pull request #8332 from Lyndon-Li/fix-doc-index-for-1.15
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel from 1.31.0 to 1.32.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.32.0/0.54.0/0.8.0/0.0.11] 2024-11-08

Added

  • Add go.opentelemetry.io/otel/sdk/metric/exemplar.AlwaysOffFilter, which can be used to disable exemplar recording. (#5850)
  • Add go.opentelemetry.io/otel/sdk/metric.WithExemplarFilter, which can be used to configure the exemplar filter used by the metrics SDK. (#5850)
  • Add ExemplarReservoirProviderSelector and DefaultExemplarReservoirProviderSelector to go.opentelemetry.io/otel/sdk/metric, which defines the exemplar reservoir to use based on the aggregation of the metric. (#5861)
  • Add ExemplarReservoirProviderSelector to go.opentelemetry.io/otel/sdk/metric.Stream to allow using views to configure the exemplar reservoir to use for a metric. (#5861)
  • Add ReservoirProvider, HistogramReservoirProvider and FixedSizeReservoirProvider to go.opentelemetry.io/otel/sdk/metric/exemplar to make it convenient to use providers of Reservoirs. (#5861)
  • The go.opentelemetry.io/otel/semconv/v1.27.0 package. The package contains semantic conventions from the v1.27.0 version of the OpenTelemetry Semantic Conventions. (#5894)
  • Add Attributes attribute.Set field to Scope in go.opentelemetry.io/otel/sdk/instrumentation. (#5903)
  • Add Attributes attribute.Set field to ScopeRecords in go.opentelemetry.io/otel/log/logtest. (#5927)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc adds instrumentation scope attributes. (#5934)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp adds instrumentation scope attributes. (#5934)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc adds instrumentation scope attributes. (#5935)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp adds instrumentation scope attributes. (#5935)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc adds instrumentation scope attributes. (#5933)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp adds instrumentation scope attributes. (#5933)
  • go.opentelemetry.io/otel/exporters/prometheus adds instrumentation scope attributes in otel_scope_info metric as labels. (#5932)

Changed

  • Support scope attributes and make them as identifying for Tracer in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/trace. (#5924)
  • Support scope attributes and make them as identifying for Meter in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/metric. (#5926)
  • Support scope attributes and make them as identifying for Logger in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/log. (#5925)
  • Make schema URL and scope attributes as identifying for Tracer in go.opentelemetry.io/otel/bridge/opentracing. (#5931)
  • Clear unneeded slice elements to allow GC to collect the objects in go.opentelemetry.io/otel/sdk/metric and go.opentelemetry.io/otel/sdk/trace. (#5804)

Fixed

  • Global MeterProvider registration unwraps global instrument Observers, the undocumented Unwrap() methods are now private. (#5881)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc now keeps the metadata already present in the context when WithHeaders is used. (#5892)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc now keeps the metadata already present in the context when WithHeaders is used. (#5911)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc now keeps the metadata already present in the context when WithHeaders is used. (#5915)
  • Fix go.opentelemetry.io/otel/exporters/prometheus trying to add exemplars to Gauge metrics, which is unsupported. (#5912)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#5944)
  • Fix incorrect metrics generated from callbacks when multiple readers are used in go.opentelemetry.io/otel/sdk/metric. (#5900)

Removed

Commits
  • 7cfbd86 Release v1.32.0/v0.54.0/v0.8.0/v0.0.11 (#5960)
  • 2be617e fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to 51a56...
  • 6db18df fix(deps): update module github.com/opentracing-contrib/go-grpc to v0.1.0 (#5...
  • ef12bf8 chore(deps): update golang.org/x (#5957)
  • 85eb76f Allow GC to collect unneeded slice elements (#5804)
  • 1492efa Fix incorrect metrics getting generated from multiple readers (#5900)
  • d2b0663 fix(deps): update module go.opentelemetry.io/build-tools/multimod to v0.15.0 ...
  • 394cbd2 chore(deps): update lycheeverse/lychee-action action to v2.1.0 (#5950)
  • 37b2537 fix(deps): update github.com/opentracing-contrib/go-grpc digest to e3cbcab (#...
  • 7f68356 fix(deps): update module go.opentelemetry.io/build-tools/semconvgen to v0.15....
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/sdk from 1.31.0 to 1.32.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.32.0/0.54.0/0.8.0/0.0.11] 2024-11-08

Added

  • Add go.opentelemetry.io/otel/sdk/metric/exemplar.AlwaysOffFilter, which can be used to disable exemplar recording. (#5850)
  • Add go.opentelemetry.io/otel/sdk/metric.WithExemplarFilter, which can be used to configure the exemplar filter used by the metrics SDK. (#5850)
  • Add ExemplarReservoirProviderSelector and DefaultExemplarReservoirProviderSelector to go.opentelemetry.io/otel/sdk/metric, which defines the exemplar reservoir to use based on the aggregation of the metric. (#5861)
  • Add ExemplarReservoirProviderSelector to go.opentelemetry.io/otel/sdk/metric.Stream to allow using views to configure the exemplar reservoir to use for a metric. (#5861)
  • Add ReservoirProvider, HistogramReservoirProvider and FixedSizeReservoirProvider to go.opentelemetry.io/otel/sdk/metric/exemplar to make it convenient to use providers of Reservoirs. (#5861)
  • The go.opentelemetry.io/otel/semconv/v1.27.0 package. The package contains semantic conventions from the v1.27.0 version of the OpenTelemetry Semantic Conventions. (#5894)
  • Add Attributes attribute.Set field to Scope in go.opentelemetry.io/otel/sdk/instrumentation. (#5903)
  • Add Attributes attribute.Set field to ScopeRecords in go.opentelemetry.io/otel/log/logtest. (#5927)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc adds instrumentation scope attributes. (#5934)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp adds instrumentation scope attributes. (#5934)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc adds instrumentation scope attributes. (#5935)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp adds instrumentation scope attributes. (#5935)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc adds instrumentation scope attributes. (#5933)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp adds instrumentation scope attributes. (#5933)
  • go.opentelemetry.io/otel/exporters/prometheus adds instrumentation scope attributes in otel_scope_info metric as labels. (#5932)

Changed

  • Support scope attributes and make them as identifying for Tracer in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/trace. (#5924)
  • Support scope attributes and make them as identifying for Meter in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/metric. (#5926)
  • Support scope attributes and make them as identifying for Logger in go.opentelemetry.io/otel and go.opentelemetry.io/otel/sdk/log. (#5925)
  • Make schema URL and scope attributes as identifying for Tracer in go.opentelemetry.io/otel/bridge/opentracing. (#5931)
  • Clear unneeded slice elements to allow GC to collect the objects in go.opentelemetry.io/otel/sdk/metric and go.opentelemetry.io/otel/sdk/trace. (#5804)

Fixed

  • Global MeterProvider registration unwraps global instrument Observers, the undocumented Unwrap() methods are now private. (#5881)
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc now keeps the metadata already present in the context when WithHeaders is used. (#5892)
  • go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc now keeps the metadata already present in the context when WithHeaders is used. (#5911)
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc now keeps the metadata already present in the context when WithHeaders is used. (#5915)
  • Fix go.opentelemetry.io/otel/exporters/prometheus trying to add exemplars to Gauge metrics, which is unsupported. (#5912)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#5944)
  • Fix WithEndpointURL to always use a secure connection when an https URL is passed in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#5944)
  • Fix incorrect metrics generated from callbacks when multiple readers are used in go.opentelemetry.io/otel/sdk/metric. (#5900)

Removed

Commits
  • 7cfbd86 Release v1.32.0/v0.54.0/v0.8.0/v0.0.11 (#5960)
  • 2be617e fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to 51a56...
  • 6db18df fix(deps): update module github.com/opentracing-contrib/go-grpc to v0.1.0 (#5...
  • ef12bf8 chore(deps): update golang.org/x (#5957)
  • 85eb76f Allow GC to collect unneeded slice elements (#5804)
  • 1492efa Fix incorrect metrics getting generated from multiple readers (#5900)
  • d2b0663 fix(deps): update module go.opentelemetry.io/build-tools/multimod to v0.15.0 ...
  • 394cbd2 chore(deps): update lycheeverse/lychee-action action to v2.1.0 (#5950)
  • 37b2537 fix(deps): update github.com/opentracing-contrib/go-grpc digest to e3cbcab (#...
  • 7f68356 fix(deps): update module go.opentelemetry.io/build-tools/semconvgen to v0.15....
  • Additional commits viewable in compare view

Updates golang.org/x/exp from 0.0.0-20240613232115-7f521ea00fb8 to 0.0.0-20241009180824-f66d83c29e7c

Commits

Updates golang.org/x/mod from 0.21.0 to 0.22.0

Commits
  • dec0365 sumdb: make data tiles by Server compatible with sum.golang.org
  • c8a7319 x/mod: fix handling of vendored packages with '/vendor' in non-top-level paths
  • 9cd0e4c x/mod: remove vendor/modules.txt from module download
  • See full diff in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

Updates golang.org/x/net from 0.30.0 to 0.31.0

Commits
  • 334afa0 go.mod: update golang.org/x dependencies
  • d7f220d quic: add LocalAddr and RemoteAddr to quic.Conn
  • 858db1a http2: surface errors occurring very early in a client conn's lifetime
  • 0aa844c http2: support unencrypted HTTP/2 handoff from net/http
  • f35fec9 http2: detect hung client connections by confirming stream resets
  • e883dae README: don't recommend go get
  • 511cc3a html: add Node.{Ancestors,ChildNodes,Descendants}()
  • 4783315 http2: limit 1xx based on size, do not limit when delivered
  • 5716b98 internal/socket: execute gofmt
  • 42b1186 http2: support ResponseController.EnableFullDuplex
  • See full diff in compare view

Updates golang.org/x/sys from 0.26.0 to 0.27.0

Commits
  • e0753d4 Revert "windows/mkwinsyscall: use syscall.SyscallN instead of syscall.Syscall...
  • c29efe3 windows: add iphlpapi functions for change notifications
  • 8f2aa9f cpu: conditionally re-enable AVX512 support on darwin/amd64
  • 054f1fc README: don't recommend go get
  • ca04041 unix: extend z/OS support
  • 18e038c unix: move NETLINK_* consts to own section
  • d045236 windows: implement Ftruncate using a single syscall on Windows
  • cff53d5 unix: gofmt after CL 610296
  • 123459f unix: update z/OS implementation of fcntl and mmap
  • df4a4da unix/linux: adjust Dockerfile ENV key value format
  • Additional commits viewable in compare view

Updates golang.org/x/text from 0.19.0 to 0.20.0

Commits
  • efd25da go.mod: update golang.org/x dependencies
  • 8a0e65e README: don't recommend go get
  • fefda1a internal/texttest: remove Run and Bench helpers
  • a457f47 all: normalize subtest names to NFC
  • See full diff in compare view

Updates helm.sh/helm/v3 from 3.16.2 to 3.16.3

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.3. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.16.4 is the next patch release and will be on December 11, 2024
  • 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

  • fix: fix label name cfd07493f46efc9debd9cc1b02a0961186df7fdf (wangjingcun)
  • Fix typo in pkg/lint/rules/chartfile_test.go a303060fc60bc713cd0757503b3fcb4636b14f34 (Zach Burgess)
  • Increasing the size of the runner used for releases. ab45e8a861e929e40163a7ad5a8636cb41f381ac (Matt Farina)
  • fix(hooks): correct hooks delete order 19fe320ae87e8d1d4bc1952d9da8ea2fe435aa6e (Suleiman Dibirov)
  • Bump github.com/containerd/containerd from 1.7.12 to 1.7.23 4fcc5c2cadf49d1399adfdbc5ab7222b2dff1d5b (dependabot[bot])
Commits
  • cfd0749 fix: fix label name
  • a303060 Fix typo in pkg/lint/rules/chartfile_...

    Description has been truncated

@dependabot
chore(deps): bump the security group with 13 updates
ffcca18 
Bumps the security group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/containers/image/v5](https://github.com/containers/image) | `5.32.2` | `5.33.0` |
| [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) | `1.2.1-beta.2` | `1.3.0` |
| [github.com/vishvananda/netns](https://github.com/vishvananda/netns) | `0.0.4` | `0.0.5` |
| [github.com/vmware-tanzu/velero](https://github.com/vmware-tanzu/velero) | `1.14.1` | `1.15.0` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.31.0` | `1.32.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.31.0` | `1.32.0` |
| [golang.org/x/exp](https://github.com/golang/exp) | `0.0.0-20240613232115-7f521ea00fb8` | `0.0.0-20241009180824-f66d83c29e7c` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.21.0` | `0.22.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.8.0` | `0.9.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.30.0` | `0.31.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.26.0` | `0.27.0` |
| [golang.org/x/text](https://github.com/golang/text) | `0.19.0` | `0.20.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.16.2` | `3.16.3` |


Updates `github.com/containers/image/v5` from 5.32.2 to 5.33.0
- [Release notes](https://github.com/containers/image/releases)
- [Commits](containers/image@v5.32.2...v5.33.0)

Updates `github.com/vishvananda/netlink` from 1.2.1-beta.2 to 1.3.0
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](vishvananda/netlink@v1.2.1-beta.2...v1.3.0)

Updates `github.com/vishvananda/netns` from 0.0.4 to 0.0.5
- [Release notes](https://github.com/vishvananda/netns/releases)
- [Commits](vishvananda/netns@v0.0.4...v0.0.5)

Updates `github.com/vmware-tanzu/velero` from 1.14.1 to 1.15.0
- [Release notes](https://github.com/vmware-tanzu/velero/releases)
- [Changelog](https://github.com/vmware-tanzu/velero/blob/main/CHANGELOG.md)
- [Commits](vmware-tanzu/velero@v1.14.1...v1.15.0)

Updates `go.opentelemetry.io/otel` from 1.31.0 to 1.32.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.31.0...v1.32.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.31.0 to 1.32.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.31.0...v1.32.0)

Updates `golang.org/x/exp` from 0.0.0-20240613232115-7f521ea00fb8 to 0.0.0-20241009180824-f66d83c29e7c
- [Commits](https://github.com/golang/exp/commits)

Updates `golang.org/x/mod` from 0.21.0 to 0.22.0
- [Commits](golang/mod@v0.21.0...v0.22.0)

Updates `golang.org/x/sync` from 0.8.0 to 0.9.0
- [Commits](golang/sync@v0.8.0...v0.9.0)

Updates `golang.org/x/net` from 0.30.0 to 0.31.0
- [Commits](golang/net@v0.30.0...v0.31.0)

Updates `golang.org/x/sys` from 0.26.0 to 0.27.0
- [Commits](golang/sys@v0.26.0...v0.27.0)

Updates `golang.org/x/text` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.19.0...v0.20.0)

Updates `helm.sh/helm/v3` from 3.16.2 to 3.16.3
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.16.2...v3.16.3)

---
updated-dependencies:
- dependency-name: github.com/containers/image/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: github.com/vishvananda/netns
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/vmware-tanzu/velero
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/exp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
...

Signed-off-by: dependabot[bot] <[email protected]>
replicated-ci
replicated-ci approved these changes Nov 19, 2024
View reviewed changes
Copy link

@replicated-ci replicated-ci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action

@replicated-ci replicated-ci merged commit cf10bd0 into main Nov 19, 2024
24 checks passed
@replicated-ci replicated-ci deleted the dependabot/go_modules/security-66973c1935 branch November 19, 2024 00:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@replicated-ci replicated-ci replicated-ci approved these changes

Assignees
No one assigned
Labels
dependencies go type::security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@replicated-ci