build(deps): Bump the go group with 11 updates #1645

dependabot · 2024-10-07T10:07:43Z

Bumps the go group with 11 updates:

Package	From	To
cloud.google.com/go/storage	`1.43.0`	`1.44.0`
github.com/aws/aws-sdk-go-v2	`1.31.0`	`1.32.0`
github.com/aws/aws-sdk-go-v2/config	`1.27.39`	`1.27.41`
github.com/aws/aws-sdk-go-v2/credentials	`1.17.37`	`1.17.39`
github.com/aws/aws-sdk-go-v2/feature/s3/manager	`1.17.25`	`1.17.28`
github.com/aws/aws-sdk-go-v2/service/kms	`1.36.3`	`1.37.0`
github.com/aws/aws-sdk-go-v2/service/s3	`1.63.3`	`1.65.0`
github.com/aws/aws-sdk-go-v2/service/sts	`1.31.3`	`1.32.0`
golang.org/x/net	`0.29.0`	`0.30.0`
golang.org/x/sys	`0.25.0`	`0.26.0`
golang.org/x/term	`0.24.0`	`0.25.0`

Updates cloud.google.com/go/storage from 1.43.0 to 1.44.0

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.44.0

1.44.0 (2024-10-03)

Features

storage/dataflux: Add dataflux interface (#10748) (cb7b0a1)

storage/dataflux: Add range_splitter #10748 (#10899) (d49da26)

storage/dataflux: Add worksteal algorithm to fast-listing (#10913) (015b52c)

storage/internal: Add managed folder to testIamPermissions method (2f0aec8)

storage/transfermanager: Add option to StripPrefix on directory download (#10894) (607534c)

storage/transfermanager: Add SkipIfExists option (#10893) (7daa1bd)

storage/transfermanager: Checksum full object downloads (#10569) (c366c90)

storage: Add direct google access side-effect imports by default (#10757) (9ad8324)

storage: Add full object checksum to reader.Attrs (#10538) (245d2ea)

storage: Add support for Go 1.23 iterators (84461c0)

storage: Add update time in bucketAttrs (#10710) (5f06ae1), refs #9361

storage: GA gRPC client (#10859) (c7a55a2)

storage: Introduce gRPC client-side metrics (#10639) (437bcb1)

storage: Support IncludeFoldersAsPrefixes for gRPC (#10767) (65bcc59)

Bug Fixes

storage/transfermanager: Correct Attrs.StartOffset for sharded downloads (#10512) (01a5cbb)

storage: Add retryalways policy to encryption test (#10644) (59cfd12), refs #10567

storage: Add unknown host to retriable errors (#10619) (4ec0452)

storage: Bump dependencies (2ddeb15)

storage: Bump google.golang.org/[email protected] (8ecc4e9)

storage: Check for grpc NotFound error in HMAC test (#10645) (3c8e88a)

storage: Disable grpc metrics using emulator (#10870) (35ad73d)

storage: Retry gRPC DEADLINE_EXCEEDED errors (#10635) (0018415)

storage: Update dependencies (257c40b)

storage: Update google.golang.org/api to v0.191.0 (5b32644)

Performance Improvements

storage: GRPC zerocopy codec (#10888) (aeba28f)

Documentation

storage/internal: Clarify possible objectAccessControl roles (2f0aec8)

storage/internal: Update dual-region bucket link (2f0aec8)

Commits

8722d72 chore(main): release spanner 1.44.0 (#7311)
3f118f9 chore(all): auto-regenerate gapics (#7330)
48ba16f feat(spanner): add support for Optimistic Concurrency Control (#7332)
cf1332d chore: release main (#7313)
45c70e3 chore(all): auto-regenerate gapics (#7318)
045a8dc chore: add support_request template (#7328)
c37f9ae refactor(bigquery/storage/managedwriter): introduce send optimizers (#7323)
0bf80d7 fix(bigquery): fetch dst table for jobs when readings with Storage API (#7325)
2f45776 chore(internal/gapicgen): actually freeze cloud dir (#7326)
c88fbdf fix(pubsub): fix bug with AckWithResult with exactly once disabled (#7319)
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.31.0 to 1.32.0

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.39 to 1.27.41

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.37 to 1.17.39

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.25 to 1.17.28

Commits

1d44177 Release 2024-08-15
bab4916 Regenerated Clients
2d4ecf5 Update endpoints model
df4f4e1 Update API model
51ca5b5 bump smithy-go and go version (#2750)
39ddd61 Release 2024-08-14
ffaf282 Regenerated Clients
6beafa8 Update API model
57f6f2d Release 2024-08-13
cdeb8a6 Regenerated Clients
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/kms from 1.36.3 to 1.37.0

Changelog

Sourced from github.com/aws/aws-sdk-go-v2/service/kms's changelog.

Release (2023-07-13)

General Highlights

Feature: Modify user agent syntax and introduce support for optional app identifier in UA header

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider: v1.23.0

Feature: API model updated in Amazon Cognito

github.com/aws/aws-sdk-go-v2/service/connect: v1.61.0

Feature: Add support for deleting Queues and Routing Profiles.

github.com/aws/aws-sdk-go-v2/service/databasemigrationservice: v1.27.0

Feature: Enhanced PostgreSQL target endpoint settings for providing Babelfish support.

github.com/aws/aws-sdk-go-v2/service/datasync: v1.25.0

Feature: Added LunCount to the response object of DescribeStorageSystemResourcesResponse, LunCount represents the number of LUNs on a storage system resource.

github.com/aws/aws-sdk-go-v2/service/ec2: v1.104.0

Feature: This release adds support for the C7gn and Hpc7g instances. C7gn instances are powered by AWS Graviton3 processors and the fifth-generation AWS Nitro Cards. Hpc7g instances are powered by AWS Graviton 3E processors and provide up to 200 Gbps network bandwidth.

github.com/aws/aws-sdk-go-v2/service/fsx: v1.30.0

Feature: Amazon FSx for NetApp ONTAP now supports SnapLock, an ONTAP feature that enables you to protect your files in a volume by transitioning them to a write once, read many (WORM) state.

github.com/aws/aws-sdk-go-v2/service/iam: v1.21.1

Documentation: Documentation updates for AWS Identity and Access Management (IAM).

github.com/aws/aws-sdk-go-v2/service/mediatailor: v1.25.0

Feature: Adds categories to MediaTailor channel assembly alerts

github.com/aws/aws-sdk-go-v2/service/personalize: v1.25.0

Feature: This release provides ability to customers to change schema associated with their datasets in Amazon Personalize

github.com/aws/aws-sdk-go-v2/service/proton: v1.22.0

Feature: This release adds support for deployment history for Proton provisioned resources

github.com/aws/aws-sdk-go-v2/service/s3: v1.37.0

Feature: S3 Inventory now supports Object Access Control List and Object Owner as available object metadata fields in inventory reports.

github.com/aws/aws-sdk-go-v2/service/sagemaker: v1.92.0

Feature: Amazon SageMaker Canvas adds WorkspeceSettings support for CanvasAppSettings

github.com/aws/aws-sdk-go-v2/service/secretsmanager: v1.19.11

Documentation: Documentation updates for Secrets Manager

Release (2023-07-07)

Module Highlights

github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs: v1.22.0

Feature: Add CMK encryption support for CloudWatch Logs Insights query result data

github.com/aws/aws-sdk-go-v2/service/databasemigrationservice: v1.26.0

Feature: Releasing DMS Serverless. Adding support for PostgreSQL 15.x as source and target endpoint. Adding support for DocDB Elastic Clusters with sharded collections, PostgreSQL datatype mapping customization and disabling hostname validation of the certificate authority in Kafka endpoint settings

github.com/aws/aws-sdk-go-v2/service/glue: v1.54.0

Feature: This release enables customers to create new Apache Iceberg tables and associated metadata in Amazon S3 by using native AWS Glue CreateTable operation.

github.com/aws/aws-sdk-go-v2/service/medialive: v1.32.0

Feature: This release enables the use of Thumbnails in AWS Elemental MediaLive.

github.com/aws/aws-sdk-go-v2/service/mediatailor: v1.24.0

Feature: The AWS Elemental MediaTailor SDK for Channel Assembly has added support for EXT-X-CUE-OUT and EXT-X-CUE-IN tags to specify ad breaks in HLS outputs, including support for EXT-OATCLS, EXT-X-ASSET, and EXT-X-CUE-OUT-CONT accessory tags.

Release (2023-07-06)

... (truncated)

Commits

021db04 Release 2023-07-13
afb7460 Regenerated Clients
5963c54 Update partitions file
8b263ec Update endpoints model
52bb208 Update API model
34540e9 Merge pull request #2154 from aws/feat-ua
5f1a82d Update API model
b3e5b29 Release 2023-07-07
7f1fba9 Regenerated Clients
10508e0 Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.63.3 to 1.65.0

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sts from 1.31.3 to 1.32.0

Commits

7a76a2a Release 2024-10-04
e35b8be Regenerated Clients
6e95871 Update endpoints model
0d58df3 Update API model
280579a add HTTP client metrics from smithy-go (#2815)
cb83a1c Release 2024-10-03
8503c83 Regenerated Clients
317e15b Update endpoints model
3ff5168 Update API model
6191b25 Release 2024-10-02
Additional commits viewable in compare view

Updates golang.org/x/net from 0.29.0 to 0.30.0

Commits

6cc5ac4 go.mod: update golang.org/x dependencies
f88258d websocket: update nhooyr.io/websocket to github.com/coder/websocket
7191757 http2: add support for net/http HTTP2 config field
4790dc7 http2: add support for server-originated pings
541dbe5 http2: add Server.WriteByteTimeout
3c333c0 route: fix address parsing of messages on Darwin
See full diff in compare view

Updates golang.org/x/sys from 0.25.0 to 0.26.0

Commits

23b0dab unix: mark vgetrandom as non-escaping
cbf0eb6 unix: fix grep syntax to work on non-GNU greps
e7397b9 unix: update to Linux 6.11
981de40 unix: use vDSO for getrandom() on linux
48aad76 linux: add tcp_cc_info and its related types
d58f986 all: fix some typos in comment
30de352 unix: fix Test{Fd,}Xattr failure on NetBSD
68ed59b windows/svc: fix printf(var) mistake detected by latest printf checker
c08bc6e unix: update Go to 1.23.0
See full diff in compare view

Updates golang.org/x/term from 0.24.0 to 0.25.0

Commits

9d5441a go.mod: update golang.org/x dependencies
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go group with 11 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.43.0` | `1.44.0` | | [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.31.0` | `1.32.0` | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.27.39` | `1.27.41` | | [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.37` | `1.17.39` | | [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.17.25` | `1.17.28` | | [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) | `1.36.3` | `1.37.0` | | [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.63.3` | `1.65.0` | | [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2) | `1.31.3` | `1.32.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.29.0` | `0.30.0` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.25.0` | `0.26.0` | | [golang.org/x/term](https://github.com/golang/term) | `0.24.0` | `0.25.0` | Updates `cloud.google.com/go/storage` from 1.43.0 to 1.44.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.43.0...spanner/v1.44.0) Updates `github.com/aws/aws-sdk-go-v2` from 1.31.0 to 1.32.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@v1.31.0...v1.32.0) Updates `github.com/aws/aws-sdk-go-v2/config` from 1.27.39 to 1.27.41 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.27.39...config/v1.27.41) Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.37 to 1.17.39 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.37...credentials/v1.17.39) Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.25 to 1.17.28 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.25...credentials/v1.17.28) Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.36.3 to 1.37.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/service/s3/v1.37.0/CHANGELOG.md) - [Commits](aws/aws-sdk-go-v2@service/ssm/v1.36.3...service/s3/v1.37.0) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.63.3 to 1.65.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.63.3...service/s3/v1.65.0) Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.31.3 to 1.32.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.31.3...v1.32.0) Updates `golang.org/x/net` from 0.29.0 to 0.30.0 - [Commits](golang/net@v0.29.0...v0.30.0) Updates `golang.org/x/sys` from 0.25.0 to 0.26.0 - [Commits](golang/sys@v0.25.0...v0.26.0) Updates `golang.org/x/term` from 0.24.0 to 0.25.0 - [Commits](golang/term@v0.24.0...v0.25.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/kms dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/sts dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <[email protected]>

This MR contains the following updates: | Package | Update | Change | |---|---|---| | [getsops/sops](https://github.com/getsops/sops) | patch | `v3.9.1` -> `v3.9.2` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>getsops/sops (getsops/sops)</summary> ### [`v3.9.2`](https://github.com/getsops/sops/releases/tag/v3.9.2) [Compare Source](getsops/sops@v3.9.1...v3.9.2) #### Installation To install `sops`, download one of the pre-built binaries provided for your platform from the artifacts attached to this release. For instance, if you are using Linux on an AMD64 architecture: ```shell ### Download the binary curl -LO https://github.com/getsops/sops/releases/download/v3.9.2/sops-v3.9.2.linux.amd64 ### Move the binary in to your PATH mv sops-v3.9.2.linux.amd64 /usr/local/bin/sops ### Make the binary executable chmod +x /usr/local/bin/sops ``` ##### Verify checksums file signature The checksums file provided within the artifacts attached to this release is signed using [Cosign](https://docs.sigstore.dev/cosign/overview/) with GitHub OIDC. To validate the signature of this file, run the following commands: ```shell ### Download the checksums file, certificate and signature curl -LO https://github.com/getsops/sops/releases/download/v3.9.2/sops-v3.9.2.checksums.txt curl -LO https://github.com/getsops/sops/releases/download/v3.9.2/sops-v3.9.2.checksums.pem curl -LO https://github.com/getsops/sops/releases/download/v3.9.2/sops-v3.9.2.checksums.sig ### Verify the checksums file cosign verify-blob sops-v3.9.2.checksums.txt \ --certificate sops-v3.9.2.checksums.pem \ --signature sops-v3.9.2.checksums.sig \ --certificate-identity-regexp=https://github.com/getsops \ --certificate-oidc-issuer=https://token.actions.githubusercontent.com ``` ##### Verify binary integrity To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature: ```shell ### Verify the binary using the checksums file sha256sum -c sops-v3.9.2.checksums.txt --ignore-missing ``` ##### Verify artifact provenance The [SLSA provenance](https://slsa.dev/provenance/v0.2) of the binaries, packages, and SBOMs can be found within the artifacts associated with this release. It is presented through an [in-toto](https://in-toto.io/) link metadata file named `sops-v3.9.2.intoto.jsonl`. To verify the provenance of an artifact, you can utilize the [`slsa-verifier`](https://github.com/slsa-framework/slsa-verifier#artifacts) tool: ```shell ### Download the metadata file curl -LO https://github.com/getsops/sops/releases/download/v3.9.2/sops-v3.9.2.intoto.jsonl ### Verify the provenance of the artifact slsa-verifier verify-artifact <artifact> \ --provenance-path sops-v3.9.2.intoto.jsonl \ --source-uri github.com/getsops/sops \ --source-tag v3.9.2 ``` #### Container Images The `sops` binaries are also available as container images, based on Debian (slim) and Alpine Linux. The Debian-based container images include any dependencies which may be required to make use of certain key services, such as GnuPG, AWS KMS, Azure Key Vault, and Google Cloud KMS. The Alpine-based container images are smaller in size, but do not include these dependencies. These container images are available for the following architectures: `linux/amd64` and `linux/arm64`. ##### GitHub Container Registry - `ghcr.io/getsops/sops:v3.9.2` - `ghcr.io/getsops/sops:v3.9.2-alpine` ##### Quay.io - `quay.io/getsops/sops:v3.9.2` - `quay.io/getsops/sops:v3.9.2-alpine` ##### Verify container image signature The container images are signed using [Cosign](https://docs.sigstore.dev/cosign/overview/) with GitHub OIDC. To validate the signature of an image, run the following command: ```shell cosign verify ghcr.io/getsops/sops:v3.9.2 \ --certificate-identity-regexp=https://github.com/getsops \ --certificate-oidc-issuer=https://token.actions.githubusercontent.com \ -o text ``` ##### Verify container image provenance The container images include [SLSA provenance](https://slsa.dev/provenance/v0.2) attestations. For more information around the verification of this, please refer to the [`slsa-verifier` documentation](https://github.com/slsa-framework/slsa-verifier#containers). #### Software Bill of Materials The Software Bill of Materials (SBOM) for each binary is accessible within the artifacts enclosed with this release. It is presented as an [SPDX](https://spdx.dev/) JSON file, formatted as `<binary>.spdx.sbom.json`. #### What's Changed - build(deps): Bump the go group with 11 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1645 - build(deps): Bump the ci group with 4 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1644 - build(deps): Bump the go group with 12 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1649 - build(deps): Bump the ci group with 5 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1648 - build(deps): Bump the go group with 6 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1653 - build(deps): Bump the ci group with 2 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1654 - build(deps): Bump serde_json from 1.0.128 to 1.0.132 in /functional-tests in the rust group by [@dependabot](https://github.com/dependabot) in getsops/sops#1655 - fix(azkv): handle whitespace in Azure Key Vault URLs by [@sEpt0r](https://github.com/sEpt0r) in getsops/sops#1652 - build(deps): Bump the go group with 7 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1662 - build(deps): Bump the ci group with 5 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1664 - build(deps): Bump the rust group in /functional-tests with 2 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1663 - build(deps): Bump the ci group across 1 directory with 3 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1673 - build(deps): Bump the rust group in /functional-tests with 2 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1670 - build(deps): Bump github/codeql-action from 3.27.1 to 3.27.4 in the ci group by [@dependabot](https://github.com/dependabot) in getsops/sops#1677 - build(deps): Bump the rust group in /functional-tests with 3 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1676 - build(deps): Bump the ci group with 2 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1685 - build(deps): Bump the go group across 1 directory with 18 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1686 - Correctly handle comments during JSON serialization by [@felixfontein](https://github.com/felixfontein) in getsops/sops#1647 - Update Rust dependencies by [@felixfontein](https://github.com/felixfontein) in getsops/sops#1689 - fix(config): remove unused variables and align error casing by [@nicklasfrahm](https://github.com/nicklasfrahm) in getsops/sops#1687 - keyservice: update protobuf to a recent release, and make go code generation reproducible by [@felixfontein](https://github.com/felixfontein) in getsops/sops#1688 - build(deps): Bump the go group with 8 updates by [@dependabot](https://github.com/dependabot) in getsops/sops#1693 - Release 3.9.2 by [@felixfontein](https://github.com/felixfontein) in getsops/sops#1691 #### New Contributors - [@sEpt0r](https://github.com/sEpt0r) made their first contribution in getsops/sops#1652 - [@nicklasfrahm](https://github.com/nicklasfrahm) made their first contribution in getsops/sops#1687 **Full Changelog**: getsops/sops@v3.9.1...v3.9.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 7, 2024

felixfontein approved these changes Oct 8, 2024

View reviewed changes

felixfontein merged commit 975a104 into main Oct 8, 2024
15 checks passed

felixfontein deleted the dependabot/go_modules/go-1dfc648e20 branch October 8, 2024 05:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump the go group with 11 updates #1645

build(deps): Bump the go group with 11 updates #1645

dependabot bot commented on behalf of github Oct 7, 2024

build(deps): Bump the go group with 11 updates #1645

build(deps): Bump the go group with 11 updates #1645

Conversation

dependabot bot commented on behalf of github Oct 7, 2024

storage: v1.44.0

1.44.0 (2024-10-03)

Features

Bug Fixes

Performance Improvements

Documentation

Release (2023-07-13)

General Highlights

Module Highlights

Release (2023-07-07)

Module Highlights

Release (2023-07-06)