chore(deps): bump the gomod group with 4 updates

[dependabot]

Bumps the gomod group with 4 updates: github.com/prometheus/client_golang, github.com/prometheus/common, github.com/secure-systems-lab/go-securesystemslib and golang.org/x/crypto.

Updates github.com/prometheus/client_golang from 1.17.0 to 1.18.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.18.0

What's Changed

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

New Contributors

• @​srenatus made their first contribution in prometheus/client_golang#1350
• @​jadolg made their first contribution in prometheus/client_golang#1342
• @​manas-rust made their first contribution in prometheus/client_golang#1383
• @​bluekeyes made their first contribution in prometheus/client_golang#1378
• @​tsipo made their first contribution in prometheus/client_golang#1387

Full Changelog: prometheus/client_golang@v1.17.0...v1.18.0

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

Commits

• 53be91d Revert "change api http.client to interface"
• 1a2d072 Add 1.18 changelog
• 239b123 Merge pull request #1387 from tsipo/main
• 3f8bd73 Merge pull request #1370 from prometheus/dependabot/go_modules/tutorial/whats...
• 5e55b31 Bump google.golang.org/grpc from 1.53.0 to 1.56.3 in /tutorial/whatsup
• e96fb18 Merge pull request #1401 from prometheus/dependabot/go_modules/golang.org/x/s...
• 2a8fc90 Bump golang.org/x/sys from 0.13.0 to 0.15.0
• 24d59e9 change client to interface, allow override by other implementations (e.g. git...
• 80d3f0b Normalize empty help values in CollectAndCompare (#1378)
• 3f80cd1 Add example of NewConstMetricWithCreatedTimestamp (#1375)
• Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.45.0 to 0.46.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.46.0

What's Changed

• Add golangci-lint config by @​SuperQ in prometheus/common#517
• model: add metric type values by @​bboreham in prometheus/common#533
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#532
• Bump github.com/aws/aws-sdk-go from 1.45.19 to 1.47.0 in /sigv4 by @​dependabot in prometheus/common#529
• Update modules by @​SuperQ in prometheus/common#534
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#535
• Allow using empty Authorization credentials by @​TheSpiritXIII in prometheus/common#546
• enable errorlint linter by @​mmorel-35 in prometheus/common#550
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#548
• Bump github.com/aws/aws-sdk-go from 1.47.0 to 1.48.10 in /sigv4 by @​dependabot in prometheus/common#539
• Bump github.com/alecthomas/kingpin/v2 from 2.3.2 to 2.4.0 by @​dependabot in prometheus/common#542
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#552
• Bump golang.org/x/net from 0.18.0 to 0.19.0 by @​dependabot in prometheus/common#541
• Bump golang.org/x/oauth2 from 0.14.0 to 0.15.0 by @​dependabot in prometheus/common#540
• Add hints for promlog by @​lucacome in prometheus/common#556
• Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 by @​dependabot in prometheus/common#560
• Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 in /sigv4 by @​dependabot in prometheus/common#558
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#555
• Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @​dependabot in prometheus/common#559
• Bump github.com/aws/aws-sdk-go from 1.48.10 to 1.49.13 in /sigv4 by @​dependabot in prometheus/common#557
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#561
• Make version getRevision public by @​SuperQ in prometheus/common#563
• enable gofumpt, goimports, testifylint linters by @​mmorel-35 in prometheus/common#551
• version: make GetTegs() public by @​ArthurSens in prometheus/common#565
• switch to protodelim package (which pbutil now calls) by @​stapelberg in prometheus/common#567
• Bump Go modules by @​SuperQ in prometheus/common#568

New Contributors

• @​TheSpiritXIII made their first contribution in prometheus/common#546
• @​mmorel-35 made their first contribution in prometheus/common#550
• @​ArthurSens made their first contribution in prometheus/common#565
• @​stapelberg made their first contribution in prometheus/common#567

Full Changelog: prometheus/common@v0.45.0...v0.46.0

Commits

• 7e44242 Bump Go modules (#568)
• 0e201e4 Merge pull request #567 from stapelberg/protodelim
• 53f76e7 version: make GetTegs() public (#565)
• 1143fec switch to protodelim package (which pbutil now calls)
• 21a37ca enable gofumpt, goimports, testifylint linters (#551)
• 256500d Make version getRevision public (#563)
• 0949959 Update common Prometheus files (#561)
• e56a9b7 Bump github.com/aws/aws-sdk-go from 1.48.10 to 1.49.13 in /sigv4 (#557)
• 46ef093 Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 (#559)
• e21e8b5 Update common Prometheus files (#555)
• Additional commits viewable in compare view

Updates github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0

Commits

• 7e48227 Merge pull request #66 from secure-systems-lab/dependabot/go_modules/golang.o...
• e615bd3 chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0
• c55c6a6 Merge pull request #65 from adityasaky/sigstore-support
• a0c6afa Support sigstore fields in public key
• 2eb6599 Merge pull request #64 from secure-systems-lab/dependabot/github_actions/acti...
• 7e04bd5 chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0
• a8e3b1f Merge pull request #63 from secure-systems-lab/dependabot/go_modules/golang.o...
• 7539050 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.16.0
• 8613a43 Merge pull request #59 from secure-systems-lab/dependabot/github_actions/acti...
• 8402a9f Merge pull request #60 from neilnaveen/neil/signerverifier/utils
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.17.0 to 0.18.0

Commits

• dbb6ec1 ssh/test: skip tests on darwin that fail on the darwin-amd64-longtest LUCI bu...
• 403f699 ssh/test: avoid leaking a net.UnixConn in server.TryDialWithAddr
• 055043d go.mod: update golang.org/x dependencies
• 08396bb internal/poly1305: drop Go 1.12 compatibility
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[06kellyjac]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.