Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update All api dependencies #309

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update All api dependencies #309

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 1, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
github.com/PuerkitoBio/goquery v1.10.0 -> v1.10.1 age adoption passing confidence require patch
github.com/ThreeDotsLabs/watermill v1.4.1 -> v1.4.4 age adoption passing confidence require patch
github.com/dgraph-io/ristretto/v2 v2.0.0 -> v2.1.0 age adoption passing confidence require minor
github.com/gabriel-vasile/mimetype v1.4.7 -> v1.4.8 age adoption passing confidence require patch
github.com/getkin/kin-openapi v0.128.0 -> v0.129.0 age adoption passing confidence require minor
github.com/gosimple/slug v1.14.0 -> v1.15.0 age adoption passing confidence require minor
github.com/jackc/pgx/v5 v5.7.1 -> v5.7.2 age adoption passing confidence require patch
github.com/labstack/echo/v4 v4.12.0 -> v4.13.3 age adoption passing confidence require minor
github.com/minio/minio-go/v7 v7.0.81 -> v7.0.84 age adoption passing confidence require patch
github.com/openai/openai-go v0.1.0-alpha.39 -> v0.1.0-alpha.51 age adoption passing confidence require patch
github.com/pb33f/libopenapi v0.18.7 -> v0.21.2 age adoption passing confidence require minor
github.com/puzpuzpuz/xsync/v3 v3.4.0 -> v3.5.0 age adoption passing confidence require minor
github.com/redis/rueidis v1.0.49 -> v1.0.53 age adoption passing confidence require patch
github.com/samber/lo v1.47.0 -> v1.49.1 age adoption passing confidence require minor
github.com/shirou/gopsutil/v4 v4.24.10 -> v4.25.1 age adoption passing confidence require minor
github.com/twilio/twilio-go v1.23.6 -> v1.23.11 age adoption passing confidence require patch
github.com/weaviate/weaviate v1.27.6 -> v1.28.4 age adoption passing confidence require minor
go (source) 1.23.3 -> 1.23.5 age adoption passing confidence toolchain patch
go.opentelemetry.io/otel v1.33.0 -> v1.34.0 age adoption passing confidence require minor
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.33.0 -> v1.34.0 age adoption passing confidence require minor
go.opentelemetry.io/otel/sdk v1.33.0 -> v1.34.0 age adoption passing confidence require minor
go.opentelemetry.io/otel/trace v1.33.0 -> v1.34.0 age adoption passing confidence require minor
golang.org/x/crypto v0.31.0 -> v0.32.0 age adoption passing confidence require minor
golang.org/x/exp 701f63a -> e0ece0d age adoption passing confidence require digest
golang.org/x/net v0.33.0 -> v0.34.0 age adoption passing confidence require minor
golang.org/x/oauth2 v0.24.0 -> v0.25.0 age adoption passing confidence require minor
google.golang.org/api v0.209.0 -> v0.219.0 age adoption passing confidence require minor
google.golang.org/protobuf v1.36.1 -> v1.36.4 age adoption passing confidence require patch

Release Notes

PuerkitoBio/goquery (github.com/PuerkitoBio/goquery)

v1.10.1

Compare Source

Update go.mod dependencies.

ThreeDotsLabs/watermill (github.com/ThreeDotsLabs/watermill)

v1.4.4

Compare Source

What's Changed

Suggested migration steps for cqrs.ProtobufMarshaler

cqrs.ProtobufMarshaler from this release is backward and forward compatible with cqrs.ProtoMarshaler.
cqrs.ProtobufMarshaler from Watermill versions until v1.4.3 are not forward compatible with cqrs.ProtoMarshaler.
Suggested migration steps:

  1. Update Watermill to v1.4.4 or newer, so all publishers and subscribers will be forward and backward compatible.
  2. Change all usages of cqrs.ProtobufMarshaler to cqrs.ProtoMarshaler.

Full Changelog: ThreeDotsLabs/watermill@v1.4.3...v1.4.4

v1.4.3

Compare Source

What's Changed

New Contributors

Full Changelog: ThreeDotsLabs/watermill@v1.4.2...v1.4.3

v1.4.2

Compare Source

What's Changed

New Contributors

Full Changelog: ThreeDotsLabs/watermill@v1.4.1...v1.4.2

dgraph-io/ristretto (github.com/dgraph-io/ristretto/v2)

v2.1.0: Ristretto v2.1.0

Compare Source

What's Changed

Full Changelog: dgraph-io/ristretto@v2.0.1...v2.1.0

v2.0.1

Compare Source

Fixed
  • Wait for goroutines to finish (#​423)
  • Bump golang.org/x/sys from 0.27.0 to 0.28.0 in the minor group (#​421)
  • Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in the minor group (#​420)
  • Bump golang.org/x/sys from 0.26.0 to 0.27.0 in the minor group (#​419)

Full Changelog: dgraph-io/ristretto@v2.0.0...v2.0.1

gabriel-vasile/mimetype (github.com/gabriel-vasile/mimetype)

v1.4.8: Add support for APK

Compare Source

What's Changed

New Contributors

Full Changelog: gabriel-vasile/mimetype@v1.4.7...v1.4.8

getkin/kin-openapi (github.com/getkin/kin-openapi)

v0.129.0

Compare Source

What's Changed

New Contributors

Full Changelog: getkin/kin-openapi@v0.128.0...v0.129.0

gosimple/slug (github.com/gosimple/slug)

v1.15.0

Compare Source

🚀 New features and improvements

jackc/pgx (github.com/jackc/pgx/v5)

v5.7.2

Compare Source

labstack/echo (github.com/labstack/echo/v4)

v4.13.3

Compare Source

Security

v4.13.2

Compare Source

Security

v4.13.1

Compare Source

Fixes

v4.13.0

Compare Source

BREAKING CHANGE JWT Middleware Removed from Core use labstack/echo-jwt instead

The JWT middleware has been removed from Echo core due to another security vulnerability, CVE-2024-51744. For more details, refer to issue #​2699. A drop-in replacement is available in the labstack/echo-jwt repository.

Important: Direct assignments like token := c.Get("user").(*jwt.Token) will now cause a panic due to an invalid cast. Update your code accordingly. Replace the current imports from "github.com/golang-jwt/jwt" in your handlers to the new middleware version using "github.com/golang-jwt/jwt/v5".

Background:

The version of golang-jwt/jwt (v3.2.2) previously used in Echo core has been in an unmaintained state for some time. This is not the first vulnerability affecting this library; earlier issues were addressed in PR #​1946.
JWT middleware was marked as deprecated in Echo core as of v4.10.0 on 2022-12-27. If you did not notice that, consider leveraging tools like Staticcheck to catch such deprecations earlier in you dev/CI flow. For bonus points - check out gosec.

We sincerely apologize for any inconvenience caused by this change. While we strive to maintain backward compatibility within Echo core, recurring security issues with third-party dependencies have forced this decision.

Enhancements

minio/minio-go (github.com/minio/minio-go/v7)

v7.0.84: Bugfix Release

Compare Source

What's Changed

New Contributors

Full Changelog: minio/minio-go@v7.0.83...v7.0.84

v7.0.83: Bugfix Release

Compare Source

What's Changed

New Contributors

Full Changelog: minio/minio-go@v7.0.82...v7.0.83

v7.0.82: Bugfix Release

Compare Source

What's Changed

New Contributors

Full Changelog: minio/minio-go@v7.0.81...v7.0.82

openai/openai-go (github.com/openai/openai-go)

v0.1.0-alpha.51

Compare Source

0.1.0-alpha.51 (2025-01-31)

Full Changelog: v0.1.0-alpha.50...v0.1.0-alpha.51

Features
Bug Fixes

v0.1.0-alpha.50

Compare Source

0.1.0-alpha.50 (2025-01-29)

Full Changelog: v0.1.0-alpha.49...v0.1.0-alpha.50

Chores

v0.1.0-alpha.49

Compare Source

0.1.0-alpha.49 (2025-01-22)

Full Changelog: v0.1.0-alpha.48...v0.1.0-alpha.49

Features
  • api: update enum values, comments, and examples (#​181) (a074981)
  • Minor text change: Update readme to say beta instead of alpha (2b766ab)
  • support deprecated markers (#​178) (3d6f52f)

v0.1.0-alpha.48

Compare Source

0.1.0-alpha.48 (2025-01-21)

Full Changelog: v0.1.0-alpha.47...v0.1.0-alpha.48

Bug Fixes
Chores

v0.1.0-alpha.47

Compare Source

0.1.0-alpha.47 (2025-01-20)

Full Changelog: v0.1.0-alpha.46...v0.1.0-alpha.47

Bug Fixes

v0.1.0-alpha.46

Compare Source

0.1.0-alpha.46 (2025-01-17)

Full Changelog: v0.1.0-alpha.45...v0.1.0-alpha.46

Chores

v0.1.0-alpha.45

Compare Source

0.1.0-alpha.45 (2025-01-09)

Full Changelog: v0.1.0-alpha.44...v0.1.0-alpha.45

Chores

v0.1.0-alpha.44

Compare Source

0.1.0-alpha.44 (2025-01-08)

Full Changelog: v0.1.0-alpha.43...v0.1.0-alpha.44

Documentation

v0.1.0-alpha.43

Compare Source

0.1.0-alpha.43 (2025-01-03)

Full Changelog: v0.1.0-alpha.42...v0.1.0-alpha.43

Chores

v0.1.0-alpha.42

Compare Source

0.1.0-alpha.42 (2025-01-02)

Full Changelog: v0.1.0-alpha.41...v0.1.0-alpha.42

Chores

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@vercel Vercel
Copy link

vercel bot commented Dec 1, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments
Name Status Preview Comments Updated (UTC)
storyden ⬜️ Ignored (Inspect) Visit Preview Feb 2, 2025 5:38am
storyden-homepage ⬜️ Ignored (Inspect) Visit Preview Feb 2, 2025 5:38am

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Dec 1, 2024
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@renovate renovate bot force-pushed the renovate/all-api-dependencies branch from e8715ed to 6bd8be4 Compare December 2, 2024 18:23
@renovate renovate bot changed the title Update module github.com/shirou/gopsutil/v4 to v4.24.11 Update All api dependencies Dec 2, 2024
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 7 times, most recently from 560fedd to 85c8fed Compare December 10, 2024 18:33
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 10 times, most recently from 1b16563 to 0ed27c0 Compare December 16, 2024 20:56
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Dec 16, 2024
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 24 additional dependencies were updated

Details:

Package Change
cloud.google.com/go/auth v0.10.2 -> v0.14.0
cloud.google.com/go/auth/oauth2adapt v0.2.5 -> v0.2.7
cloud.google.com/go/compute/metadata v0.5.2 -> v0.6.0
github.com/ebitengine/purego v0.8.1 -> v0.8.2
github.com/go-ole/go-ole v1.2.6 -> v1.3.0
github.com/goccy/go-json v0.10.3 -> v0.10.4
github.com/google/s2a-go v0.1.8 -> v0.1.9
github.com/googleapis/gax-go/v2 v2.14.0 -> v2.14.1
github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0 -> v2.25.1
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c -> v0.0.0-20240221224432-82ca36839d55
github.com/tklauser/go-sysconf v0.3.12 -> v0.3.14
github.com/tklauser/numcpus v0.6.1 -> v0.9.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.55.0 -> v0.57.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.33.0 -> v1.34.0
go.opentelemetry.io/otel/metric v1.33.0 -> v1.34.0
go.opentelemetry.io/proto/otlp v1.4.0 -> v1.5.0
golang.org/x/tools v0.25.0 -> v0.29.0
google.golang.org/genproto/googleapis/api v0.0.0-20241230172942-26aa7a208def -> v0.0.0-20250115164207-1a7da9e5054f
google.golang.org/genproto/googleapis/rpc v0.0.0-20241230172942-26aa7a208def -> v0.0.0-20250124145028-65684f501c47
google.golang.org/grpc v1.69.2 -> v1.70.0
github.com/klauspost/cpuid/v2 v2.2.8 -> v2.2.9
golang.org/x/mod v0.21.0 -> v0.22.0
golang.org/x/sys v0.28.0 -> v0.29.0
golang.org/x/time v0.8.0 -> v0.9.0

@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 7 times, most recently from d305d08 to da5dea0 Compare December 25, 2024 13:00
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch from da5dea0 to 15d6a7e Compare December 27, 2024 01:50
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 12 times, most recently from 64b1a94 to 266e158 Compare January 20, 2025 17:45
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 7 times, most recently from 849b083 to 47fff9e Compare January 28, 2025 13:49
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch 9 times, most recently from 84d9a79 to 1ae53b8 Compare February 2, 2025 01:12
@renovate renovate bot force-pushed the renovate/all-api-dependencies branch from 1ae53b8 to ce5b69f Compare February 2, 2025 05:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants