Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update tool deps #423

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update tool deps #423

wants to merge 1 commit into from
+169 −47

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 31, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
github.com/golangci/golangci-lint v1.59.0 -> v1.59.1 age adoption passing confidence require patch
github.com/google/osv-scanner v1.7.4 -> v1.8.1 age adoption passing confidence require minor
github.com/goreleaser/goreleaser/v2 v2.0.0 -> v2.0.1 age adoption passing confidence require patch
github.com/securego/gosec/v2 5f0084e -> 9a4a741 require digest
go.opentelemetry.io/collector/cmd/builder v0.102.1 -> v0.104.0 age adoption passing confidence require minor
go.opentelemetry.io/collector/cmd/mdatagen v0.101.0 -> v0.104.0 age adoption passing confidence require minor
golang.org/x/tools v0.21.1-0.20240514024235-59d9797072e7 -> v0.22.0 age adoption passing confidence require minor
golang.org/x/vuln v1.1.1 -> v1.1.2 age adoption passing confidence require patch

Release Notes

golangci/golangci-lint (github.com/golangci/golangci-lint)

v1.59.1

Compare Source

  1. Updated linters
    • go-errorlint: from 1.5.1 to 1.5.2
    • gomnd: deprecated configuration compatibility
    • intrange: add style preset
    • misspell: from 0.5.1 to 0.6.0
    • sloglint: from 0.7.0 to 0.7.1
    • testifylint: from 1.3.0 to 1.3.1
    • unparam: bump to HEAD
    • usestdlibvars: from 1.25.0 to 1.26.0
  2. Fixes
    • SARIF: init empty result slice
    • SARIF: issue column >= 1
  3. Documentation
    • update revive configuration
google/osv-scanner (github.com/google/osv-scanner)

v1.8.1

Compare Source

Features:
  • Feature #​35
    OSV-Scanner now scans transitive dependencies in Maven pom.xml files!
    See our documentation for more information.
  • Feature #​944
    The osv-scanner.toml configuration file can now filter specific packages with new [[PackageOverrides]] sections: 
    [[PackageOverrides]]

v1.8.0

Compare Source

Features:
  • Feature #​35
    OSV-Scanner now scans transitive dependencies in Maven pom.xml files!
    See our documentation for more information.
  • Feature #​944
    The osv-scanner.toml configuration file can now filter specific packages with new [[PackageOverrides]] sections: 
    [[PackageOverrides]]
goreleaser/goreleaser (github.com/goreleaser/goreleaser/v2)

v2.0.1

Compare Source

Changelog

Bug fixes
Dependency updates
Documentation updates
Other work

Full Changelog: goreleaser/goreleaser@v2.0.0...v2.0.1

Helping out

This release is only possible thanks to all the support of some awesome people!

Want to be one of them?
You can sponsor, get a Pro License or contribute with code.

Where to go next?

GoReleaser logo

open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/cmd/builder)

v0.104.0

This release includes 2 very important breaking changes.

  1. The otlpreceiver will now use localhost by default instead of 0.0.0.0. This may break the receiver in containerized environments like Kubernetes. If you depend on 0.0.0.0 disable the component.UseLocalHostAsDefaultHost feature gate or explicitly set the endpoint to 0.0.0.0.
  2. Expansion of BASH-style environment variables, such as $FOO will no longer be supported by default. If you depend on this syntax, disable the confmap.unifyEnvVarExpansion feature gate, but know that the feature will be removed in the future in favor of ${env:FOO}.
🛑 Breaking changes 🛑
  • filter: Remove deprecated filter.CombinedFilter (#​10348)
  • otelcol: By default, otelcol.NewCommand and otelcol.NewCommandMustSetProvider will set the DefaultScheme to env. (#​10435)
  • expandconverter: By default expandconverter will now error if it is about to expand $FOO syntax. Update configuration to use ${env:FOO} instead or disable the confmap.unifyEnvVarExpansion feature gate. (#​10435)
  • otlpreceiver: Switch to localhost as the default for all endpoints. (#​8510)
    Disable the component.UseLocalHostAsDefaultHost feature gate to temporarily get the previous default.
💡 Enhancements 💡
  • confighttp: Add support for cookies in HTTP clients with cookies::enabled. (#​10175)
    The method confighttp.ToClient will return a client with a cookiejar.Jar which will reuse cookies from server responses in subsequent requests.
  • exporter/debug: In normal verbosity, display one line of text for each telemetry record (log, data point, span) (#​7806)
  • exporter/debug: Add option use_internal_logger (#​10226)
  • configretry: Mark module as stable. (#​10279)
  • debugexporter: Print Span.TraceState() when present. (#​10421)
    Enables viewing sampling threshold information (as by OTEP 235 samplers).
  • processorhelper: Add "inserted" metrics for processors. (#​10353)
    This includes the following metrics for processors:
    • processor_inserted_spans
    • processor_inserted_metric_points
    • processor_inserted_log_records
🧰 Bug fixes 🧰
  • otlpexporter: Update validation to support both dns:// and dns:/// (#​10449)
  • service: Fixed a bug that caused otel-collector to fail to start with ipv6 metrics endpoint service telemetry. (#​10011)

v0.103.0

Compare Source

🛑 Breaking changes 🛑
  • exporter/debug: Disable sampling by default (#​9921)
    To restore the behavior that was previously the default, set sampling_thereafter to 500.
💡 Enhancements 💡
  • cmd/builder: Allow setting otelcol.CollectorSettings.ResolverSettings.DefaultScheme via the builder's conf_resolver.default_uri_scheme configuration option (#​10296)
  • mdatagen: add support for optional internal metrics (#​10316)
  • otelcol/expandconverter: Add confmap.unifyEnvVarExpansion feature gate to allow enabling Collector/Configuration SIG environment variable expansion rules. (#​10391)
    When enabled, this feature gate will:
  • confmap: Add confmap.unifyEnvVarExpansion feature gate to allow enabling Collector/Configuration SIG environment variable expansion rules. (#​10259)
    When enabled, this feature gate will:
  • confighttp: Allow the compression list to be overridden (#​10295)
    Allows Collector administrators to control which compression algorithms to enable for HTTP-based receivers.
  • configgrpc: Revert the zstd compression for gRPC to the third-party library we were using previously. (#​10394)
    We switched back to our compression logic for zstd when a CVE was found on the third-party library we were using. Now that the third-party library has been fixed, we can revert to that one. For end-users, this has no practical effect. The reproducers for the CVE were tested against this patch, confirming we are not reintroducing the bugs.
  • confmap: Adds alpha confmap.strictlyTypedInput feature gate that enables strict type checks during configuration resolution (#​9532)
    When enabled, the configuration resolution system will:
    • Stop doing most kinds of implicit type casting when resolving configuration values
    • Use the original string representation of configuration values if the ${} syntax is used in inline position
  • confighttp: Use confighttp.ServerConfig as part of zpagesextension. See [https://github.com/open-telemetry/opentelemetry-collector/blob/main/config/confighttp/README.md#server-configuration]\(server configuration) options. (#​9368)
🧰 Bug fixes 🧰
  • exporterhelper: Fix potential deadlock in the batch sender (#​10315)
  • expandconverter: Fix bug where an warning was logged incorrectly. (#​10392)
  • exporterhelper: Fix a bug when the retry and timeout logic was not applied with enabled batching. (#​10166)
  • exporterhelper: Fix a bug where an unstarted batch_sender exporter hangs on shutdown (#​10306)
  • exporterhelper: Fix small batch due to unfavorable goroutine scheduling in batch sender (#​9952)
  • confmap: Fix issue where structs with only yaml tags were not marshaled correctly. (#​10282)

Configuration

📅 Schedule: Branch creation - "before 5am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added dependencies Pull requests that update a dependency file renovatebot labels May 31, 2024
@github-actions github-actions bot added the go label May 31, 2024
@renovate renovate bot force-pushed the renovate/tool-deps branch 22 times, most recently from a1efa10 to a05553e Compare June 4, 2024 13:09
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jun 4, 2024
edited
Loading

ℹ Artifact update notice

File name: internal/tools/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 39 additional dependencies were updated

Details:

Package Change
deps.dev/api/v3 v3.0.0-20240516073147-b352d7eeeae6 -> v3.0.0-20240617015216-b147e04533eb
deps.dev/util/maven v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240617015216-b147e04533eb
deps.dev/util/resolve v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240617015216-b147e04533eb
deps.dev/util/semver v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240617015216-b147e04533eb
github.com/Antonboom/testifylint v1.3.0 -> v1.3.1
github.com/CycloneDX/cyclonedx-go v0.8.0 -> v0.9.0
github.com/caarlos0/log v0.4.4 -> v0.4.5
github.com/cespare/xxhash/v2 v2.2.0 -> v2.3.0
github.com/charmbracelet/bubbletea v0.26.3 -> v0.26.4
github.com/charmbracelet/x/ansi v0.1.1 -> v0.1.2
github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 -> v2.0.0
github.com/golangci/misspell v0.5.1 -> v0.6.0
github.com/google/go-containerregistry v0.19.1 -> v0.19.2
github.com/polyfloyd/go-errorlint v1.5.1 -> v1.5.2
github.com/prometheus/common v0.53.0 -> v0.54.0
github.com/prometheus/procfs v0.12.0 -> v0.15.0
github.com/sashamelentyev/usestdlibvars v1.25.0 -> v1.26.0
github.com/spf13/cobra v1.8.0 -> v1.8.1
go-simpler.org/sloglint v0.7.0 -> v0.7.1
go.opentelemetry.io/collector/component v0.101.0 -> v0.104.0
go.opentelemetry.io/collector/config/configtelemetry v0.101.0 -> v0.104.0
go.opentelemetry.io/collector/confmap v0.101.0 -> v0.104.0
go.opentelemetry.io/collector/confmap/provider/fileprovider v0.101.0 -> v0.104.0
go.opentelemetry.io/collector/filter v0.101.0 -> v0.104.0
go.opentelemetry.io/collector/pdata v1.8.0 -> v1.11.0
go.opentelemetry.io/otel v1.26.0 -> v1.27.0
go.opentelemetry.io/otel/metric v1.26.0 -> v1.27.0
go.opentelemetry.io/otel/trace v1.26.0 -> v1.27.0
golang.org/x/crypto v0.23.0 -> v0.24.0
golang.org/x/exp v0.0.0-20240525044651-4c93da0ed11d -> v0.0.0-20240613232115-7f521ea00fb8
golang.org/x/mod v0.17.0 -> v0.18.0
golang.org/x/net v0.25.0 -> v0.26.0
golang.org/x/oauth2 v0.20.0 -> v0.21.0
golang.org/x/sys v0.20.0 -> v0.21.0
golang.org/x/term v0.20.0 -> v0.21.0
golang.org/x/text v0.15.0 -> v0.16.0
google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be -> v0.0.0-20240520151616-dc85e6b867a5
google.golang.org/protobuf v1.34.1 -> v1.34.2
mvdan.cc/unparam v0.0.0-20240427195214-063aff900ca1 -> v0.0.0-20240528143540-8a5130ca722f

@renovate renovate bot force-pushed the renovate/tool-deps branch 4 times, most recently from 42f3093 to 9aec932 Compare June 5, 2024 16:34
@renovate renovate bot force-pushed the renovate/tool-deps branch 10 times, most recently from 74ac71b to 87b16bf Compare June 11, 2024 21:07
@renovate renovate bot force-pushed the renovate/tool-deps branch 5 times, most recently from 59759fc to 32b66f5 Compare June 25, 2024 13:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go renovatebot
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants