Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the dependencies group with 7 updates #136

Merged

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 1, 2023

Bumps the dependencies group with 7 updates:

Package From To
github.com/gorilla/mux 1.8.0 1.8.1
github.com/containerd/containerd 1.7.8 1.7.10
github.com/klauspost/compress 1.17.2 1.17.3
github.com/opencontainers/runc 1.1.9 1.1.10
golang.org/x/mod 0.13.0 0.14.0
golang.org/x/sys 0.13.0 0.15.0
golang.org/x/tools 0.14.0 0.16.0

Updates github.com/gorilla/mux from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/gorilla/mux's releases.

Release v1.8.1

What's Changed

New Contributors

Full Changelog: gorilla/mux@v1.8.0...v1.8.1

Commits

Updates github.com/containerd/containerd from 1.7.8 to 1.7.10

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.10

Welcome to the v1.7.10 release of containerd!

The tenth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

  • Enhance container image unpack client logs (#9379)
  • cri: fix using the pinned label to pin image (#9381)
  • fix: ImagePull should close http connection if there is no available data to read. (#9409)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Wei Fu
  • Iceber Gu
  • Austin Vazquez
  • Derek McGowan
  • Phil Estes
  • Samuel Karp
  • ruiwen-zhao

Changes

  • Add release notes for v1.7.10 (#9426)
  • [release/1.7] fix: ImagePull should close http connection if there is no available data to read. (#9409)
    • 206806128 remotes/docker: close connection if no more data
    • 328493962 integration: reproduce #9347
    • d1aab27cb fix: deflake TestCRIImagePullTimeout/HoldingContentOpenWriter
  • [release/1.7] cri: fix using the pinned label to pin image (#9381)
    • a2b16d7f9 cri: fix update of pinned label for images
    • 8dc861844 cri: fix using the pinned label to pin image
  • [release/1.7] Enhance container image unpack client logs (#9379)
    • 5930a3750 Enhance container image unpack client logs

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.7.9

containerd 1.7.9

Welcome to the v1.7.9 release of containerd!

... (truncated)

Commits
  • 4e1fe74 Merge pull request #9426 from ruiwen-zhao/1.7.10
  • a995fe3 Add release notes for v1.7.10
  • 21b85e9 Merge pull request #9409 from ruiwen-zhao/progress-fix-1.7
  • 2068061 remotes/docker: close connection if no more data
  • 3284939 integration: reproduce #9347
  • d1aab27 fix: deflake TestCRIImagePullTimeout/HoldingContentOpenWriter
  • b1c6f01 Merge pull request #9381 from Iceber/fix_pin_image_1.7
  • bb0e42a Merge pull request #9379 from austinvazquez/cherry-pick-v1.7-01c442147fd084cc...
  • a2b16d7 cri: fix update of pinned label for images
  • 8dc8618 cri: fix using the pinned label to pin image
  • Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.17.2 to 1.17.3

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.3

What's Changed

Full Changelog: klauspost/compress@v1.17.2...v1.17.3

Commits

Updates github.com/opencontainers/runc from 1.1.9 to 1.1.10

Changelog

Sourced from github.com/opencontainers/runc's changelog.

[1.1.10] - 2023-10-31

Śruba, przykręcona we śnie, nie zmieni sytuacji, jaka panuje na jawie.

Added

  • Support for hugetlb.<pagesize>.rsvd limiting and accounting. Fixes the issue of postres failing when hugepage limits are set. (#3859, #4077)

Fixed

  • Fixed permissions of a newly created directories to not depend on the value of umask in tmpcopyup feature implementation. (#3991, #4060)
  • libcontainer: cgroup v1 GetStats now ignores missing kmem.limit_in_bytes (fixes the compatibility with Linux kernel 6.1+). (#4028)
  • Fix a semi-arbitrary cgroup write bug when given a malicious hugetlb configuration. This issue is not a security issue because it requires a malicious config.json, which is outside of our threat model. (#4103)
  • Various CI fixes. (#4081, #4055)
Commits
  • 18a0cb0 VERSION: release 1.1.10
  • 7b469c9 Merge pull request from GHSA-5g49-rx9x-qfc6
  • b426e9b libct/cgroups.OpenFile: clean "file" argument
  • e1adc7f Merge pull request #4077 from kolyshkin/1.1-4073
  • 8214e63 libct/cg: support hugetlb rsvd
  • f8be700 [1.1] tests/int/helpers: add get_cgroup_path
  • 5ba0e01 merge #4081 into opencontainers/runc:release-1.1
  • 1f66027 ci/gha: fix downloading Release.key
  • 42acc58 Merge pull request #4060 from kolyshkin/1.1-4056
  • 5a5b2cc Fix directory perms vs umask for tmpcopyup
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.13.0 to 0.14.0

Commits
  • 6e58e47 modfile: improve directory path detection and error text consistency
  • See full diff in compare view

Updates golang.org/x/sys from 0.13.0 to 0.15.0

Commits
  • 13b15b7 unix: add IoctlLoopConfigure on linux
  • 11eadc0 windows: add AddDllDirectory and RemoveDllDirectory
  • e4099bf unix: fix trimmed socket opt string in GetsockoptString
  • 9888904 unix: update BPF constants for Linux kernel 6.6
  • 2d0c736 unix: use fchmodat2 in Fchmodat
  • ec230da unix: use fcntl(2) libc stub on OpenBSD
  • cb378ae syscall: call getfsstat via libc on openbsd
  • 661d749 unix: use libc stubs for OpenBSD pledge+unveil
  • 1168e25 unix/linux: update Linux kernel to v6.6
  • 249e16f unix: require minimum OpenBSD 6.4 for pledge, unveil
  • Additional commits viewable in compare view

Updates golang.org/x/tools from 0.14.0 to 0.16.0

Release notes

Sourced from golang.org/x/tools's releases.

gopls/v0.14.2

This release contains just one change: an upgrade of x/telemetrygolang/go#63832

Previously, when the telemetry mode was "off" (the default), counter data would not be uploaded, but would be written to the os.UserConfigDir()/go/telemetry/local directory of the local file system. We heard from a few users that, as a matter of policy within their organization, they need a way to prevent even this local data from being written. With this release, running gotelemetry off will stop gopls from writing this local counter data. Note that the os.UserConfigDir()/go/telemetry/mode file must be written to record the "off" state.

The new default telemetry mode is "local", which behaves the same way as "off" did before. In "local" mode, counter data is written to the local file system, but not uploaded. Local data can be inspected with the gotelemetry view command.

See golang/go#63832 for more details. Thanks again for helping us support transparent telemetry in gopls. As described in the v0.14.0 release notes, we are confident that this data will help us produce a better, faster, more reliable product. In fact this is already happening.

gopls/v0.14.1

This release contains just two changes:

  • A workaround for a regression affecting some users of GOPACKAGESDRIVER: golang/go#63751, for example those using gopls with an older version of Bazel. When the go/packages driver is missing compiler or architecture information, gopls now assumes a default value rather than failing to load package information.
  • A fix for a minor bug in the new "remove unused parameter" refactoring: golang/go#63755. Notably, this bug was discovered via an automated report from someone who had opted in to Go telemetry.
Commits
  • a9ef4cf go.mod: update golang.org/x dependencies
  • d9b9452 gopls/internal/lsp/cache: move quick-fix bundling logic to the cache pkg
  • 1733061 go/analysis/passes/testinggoroutine: report by enclosing regions
  • b19be0f gopls/internal/cmd/help_test.go: document
  • daa4aa5 gopls/internal/lsp/source: stubmethods: fix out-of-bounds index
  • a586d0d go/types/internal/play: show more types.Scope detail
  • 53ad329 gopls/internal/lsp/source: move edit logic into the protocol package
  • 3c677e3 gopls/internal/lsp/cache: move SuggestedFixFromCommand into cache
  • ab6af7d gopls/internal/lsp/source: extract InDir to a new pathutil package
  • e7d61d9 gopls/internal/lsp/cache: simplify named error values
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/gorilla/mux](https://github.com/gorilla/mux) | `1.8.0` | `1.8.1` |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.8` | `1.7.10` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.2` | `1.17.3` |
| [github.com/opencontainers/runc](https://github.com/opencontainers/runc) | `1.1.9` | `1.1.10` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.13.0` | `0.14.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.13.0` | `0.15.0` |
| [golang.org/x/tools](https://github.com/golang/tools) | `0.14.0` | `0.16.0` |


Updates `github.com/gorilla/mux` from 1.8.0 to 1.8.1
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](gorilla/mux@v1.8.0...v1.8.1)

Updates `github.com/containerd/containerd` from 1.7.8 to 1.7.10
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.8...v1.7.10)

Updates `github.com/klauspost/compress` from 1.17.2 to 1.17.3
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.2...v1.17.3)

Updates `github.com/opencontainers/runc` from 1.1.9 to 1.1.10
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.10/CHANGELOG.md)
- [Commits](opencontainers/runc@v1.1.9...v1.1.10)

Updates `golang.org/x/mod` from 0.13.0 to 0.14.0
- [Commits](golang/mod@v0.13.0...v0.14.0)

Updates `golang.org/x/sys` from 0.13.0 to 0.15.0
- [Commits](golang/sys@v0.13.0...v0.15.0)

Updates `golang.org/x/tools` from 0.14.0 to 0.16.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.14.0...v0.16.0)

---
updated-dependencies:
- dependency-name: github.com/gorilla/mux
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/klauspost/compress
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: golang.org/x/mod
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: golang.org/x/sys
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: golang.org/x/tools
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 1, 2023
@dependabot dependabot bot requested a review from Soulou December 1, 2023 04:50
@github-actions github-actions bot enabled auto-merge December 1, 2023 04:51
@github-actions github-actions bot merged commit 3e8f7f4 into master Dec 1, 2023
2 checks passed
@github-actions github-actions bot deleted the dependabot/go_modules/dependencies-78d9a6f2ea branch December 1, 2023 04:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants