Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update tool deps #423

Merged
merged 8 commits into from
Aug 14, 2024
Merged

fix(deps): update tool deps #423

merged 8 commits into from
Aug 14, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented May 31, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
github.com/golangci/golangci-lint v1.59.0 -> v1.60.1 age adoption passing confidence require minor
github.com/google/osv-scanner v1.7.4 -> v1.8.3 age adoption passing confidence require minor
github.com/goreleaser/goreleaser/v2 v2.0.0 -> v2.1.0 age adoption passing confidence require minor
github.com/securego/gosec/v2 5f0084e -> 56f943b require digest
go.opentelemetry.io/build-tools/crosslink v0.13.0 -> v0.14.0 age adoption passing confidence require minor
go.opentelemetry.io/build-tools/multimod v0.13.0 -> v0.14.0 age adoption passing confidence require minor
go.opentelemetry.io/collector/cmd/builder v0.102.1 -> v0.107.0 age adoption passing confidence require minor
go.opentelemetry.io/collector/cmd/mdatagen v0.101.0 -> v0.107.0 age adoption passing confidence require minor
golang.org/x/tools v0.21.1-0.20240514024235-59d9797072e7 -> v0.24.0 age adoption passing confidence require minor
golang.org/x/vuln v1.1.1 -> v1.1.3 age adoption passing confidence require patch
honnef.co/go/tools v0.4.7 -> v0.5.0 age adoption passing confidence require minor

Release Notes

golangci/golangci-lint (github.com/golangci/golangci-lint)

v1.60.1

Compare Source

v1.60.0

Compare Source

v1.59.1

Compare Source

  1. Updated linters
    • go-errorlint: from 1.5.1 to 1.5.2
    • gomnd: deprecated configuration compatibility
    • intrange: add style preset
    • misspell: from 0.5.1 to 0.6.0
    • sloglint: from 0.7.0 to 0.7.1
    • testifylint: from 1.3.0 to 1.3.1
    • unparam: bump to HEAD
    • usestdlibvars: from 1.25.0 to 1.26.0
  2. Fixes
    • SARIF: init empty result slice
    • SARIF: issue column >= 1
  3. Documentation
    • update revive configuration
google/osv-scanner (github.com/google/osv-scanner)

v1.8.3

Compare Source

Features:
Fixes:
  • Bug #​1115 Ensure that semantic is passed a valid models.Ecosystem.
  • Bug #​1140 Add Maven dependency management to override client.
  • Bug #​1149 Handle Maven parent relative path.
Misc:

v1.8.2

Compare Source

Features:
Fixes:
  • Bug #​769 Fixed missing vulnerabilities for debian purls for --experimental-local-db.
  • Bug #​1055 Ensure that package exists in affected property.
  • Bug #​1072 Filter out unimportant vulnerabilities from vuln group.
  • Bug #​1077 Fix rate osv-scanner deadlock.
  • Bug #​924 Ensure that npm dependencies retain their "production" grouping.

v1.8.1

Compare Source

Features:
  • Feature #​35
    OSV-Scanner now scans transitive dependencies in Maven pom.xml files!
    See our documentation for more information.
  • Feature #​944
    The osv-scanner.toml configuration file can now filter specific packages with new [[PackageOverrides]] sections: 
    [[PackageOverrides]]

v1.8.0

Compare Source

Features:
  • Feature #​35
    OSV-Scanner now scans transitive dependencies in Maven pom.xml files!
    See our documentation for more information.
  • Feature #​944
    The osv-scanner.toml configuration file can now filter specific packages with new [[PackageOverrides]] sections: 
    [[PackageOverrides]]
goreleaser/goreleaser (github.com/goreleaser/goreleaser/v2)

v2.1.0

Compare Source

Changelog

New Features
Bug fixes
Dependency updates
Documentation updates
Build process updates
Other work

Full Changelog: goreleaser/goreleaser@v2.0.1...v2.1.0

Helping out

This release is only possible thanks to all the support of some awesome people!

Want to be one of them?
You can sponsor, get a Pro License or contribute with code.

Where to go next?

GoReleaser logo

v2.0.1

Compare Source

Changelog

Bug fixes
Dependency updates
Documentation updates
Other work

Full Changelog: goreleaser/goreleaser@v2.0.0...v2.0.1

Helping out

This release is only possible thanks to all the support of some awesome people!

Want to be one of them?
You can sponsor, get a Pro License or contribute with code.

Where to go next?

GoReleaser logo

open-telemetry/opentelemetry-go-build-tools (go.opentelemetry.io/build-tools/crosslink)

v0.14.0

Compare Source

💡 Enhancements 💡
  • semconvgen: Add --capitalizations-path to allow users to add additional strings to the static capitalizations slice in generator.go (#​528)
🧰 Bug fixes 🧰
  • multimod: Get pseudoversion for each module in a module set separately to support moving modules between module sets. (#​582)
open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/cmd/builder)

v0.107.0

Compare Source

🛑 Breaking changes 🛑
  • service: Remove OpenCensus bridge completely, mark feature gate as stable. (#​10414)
  • confmap: Set the confmap.unifyEnvVarExpansion feature gate to Stable. Expansion of $FOO env vars is no longer supported. Use ${FOO} or ${env:FOO} instead. (#​10508)
💡 Enhancements 💡

  • mdatagen: export ScopeName in internal/metadata package (#​10845)
    This can be used by components that need to set their scope name manually. Will save component owners from having to store a variable, which may diverge from the scope name used by the component for emitting its own telemetry.

  • semconv: Add v1.26.0 semantic conventions package (#​10249, #​10829)

  • mdatagen: Expose a setting on tests::host to set up your own host initialization code (#​10765)
    Some receivers require a host that has additional capabilities such as exposing exporters.
    For those, we can expose a setting that allows them to place a different host in the generated code.

  • confmap: Allow using any YAML structure as a string when loading configuration. (#​10800)
    Previous to this change, slices could not be used as strings in configuration.

  • ocb: migrate build and release of ocb binaries to opentelemetry-collector-releases repository (#​10710)
    ocb binaries will now be released under open-telemetry/opentelemetry-collector-releases tagged as "cmd/builder/vX.XXX.X"

  • semconv: Add semantic conventions version v1.27.0 (#​10837)

  • client: Mark module as stable. (#​10775)

🧰 Bug fixes 🧰

  • configtelemetry: Add 10s read header timeout on the configtelemetry Prometheus HTTP server. (#​5699)

  • service: Allow users to disable the tracer provider via the feature gate service.noopTracerProvider (#​10858)
    The service is returning an instance of a SDK tracer provider regardless of whether there were any processors configured causing resources to be consumed unnecessarily.

  • processorhelper: Fix processor metrics not being reported initially with 0 values. (#​10855)

  • service: Implement the temporality_preference setting for internal telemetry exported via OTLP (#​10745)

  • configauth: Fix unmarshaling of authentication in HTTP servers. (#​10750)

  • confmap: If loading an invalid YAML string through a provider, use it verbatim instead of erroring out. (#​10759)
    This makes the ${env:ENV} syntax closer to how ${ENV} worked before unifying syntaxes.

  • component: Allow component names of up to 1024 characters in length. (#​10816)

  • confmap: Remove original string representation if invalid. (#​10787)

v0.106.1

Compare Source

🧰 Bug fixes 🧰
  • configauth: Fix unmarshaling of authentication in HTTP servers. (#​10750)

v0.106.0

Compare Source

🛑 Breaking changes 🛑

  • service: Update all metrics to include otelcol_ prefix to ensure consistency across OTLP and Prometheus metrics (#​9759)
    This change is marked as a breaking change as anyone that was using OTLP for metrics will
    see the new prefix which was not present before. Prometheus generated metrics remain
    unchanged.

  • confighttp: Delete ClientConfig.CustomRoundTripper (#​8627)
    Set (*http.Client).Transport on the *http.Client returned from ToClient to configure this.

  • confmap: When passing configuration for a string field using any provider, use the verbatim string representation as the value. (#​10605, #​10405)
    This matches the behavior of ${ENV} syntax prior to the promotion of the confmap.unifyEnvVarExpansion feature gate
    to beta. It changes the behavior of the ${env:ENV} syntax with escaped strings.

  • component: Adds restrictions on the character set for component.ID name. (#​10673)

  • processor/memorylimiter: The memory limiter processor will no longer account for ballast size. (#​10696)
    If you are already using GOMEMLIMIT instead of the ballast extension this does not affect you.

  • extension/memorylimiter: The memory limiter extension will no longer account for ballast size. (#​10696)
    If you are already using GOMEMLIMIT instead of the ballast extension this does not affect you.

  • service: The service will no longer be able to get a ballast size from the deprecated ballast extension. (#​10696)
    If you are already using GOMEMLIMIT instead of the ballast extension this does not affect you.

🚀 New components 🚀
  • client: Create a new go module go.opentelemetry.io/collector/client (#​9804)
    This module contains generic representations of clients connecting to different receivers.
💡 Enhancements 💡
  • exporterhelper: Add data_type attribute to otelcol_exporter_queue_size metric to report the type of data being processed. (#​9943)
  • confighttp: Add option to include query params in auth context (#​4806)
  • configgrpc: gRPC auth errors now return gRPC status code UNAUTHENTICATED (16) (#​7646)
  • httpprovider, httpsprovider: Validate URIs in HTTP and HTTPS providers before fetching. (#​10468)
🧰 Bug fixes 🧰
  • processorhelper: update units for internal telemetry (#​10647)
  • confmap: Increase the amount of recursion and URI expansions allowed in a single line (#​10712)
  • exporterhelper: There is no guarantee that after the exporterhelper sends the plog/pmetric/ptrace data downstream that the data won't be mutated in some way. (e.g by the batch_sender) This mutation could result in the proceeding call to req.ItemsCount() to provide inaccurate information to be logged. (#​10033)
  • exporterhelper: Update units for internal telemetry (#​10648)
  • receiverhelper: Update units for internal telemetry (#​10650)
  • scraperhelper: Update units for internal telemetry (#​10649)
  • service: Use Command/Version to populate service name/version attributes (#​10644)

v0.105.0

Compare Source

🛑 Breaking changes 🛑
  • service: add service.disableOpenCensusBridge feature gate which is enabled by default to remove the dependency on OpenCensus (#​10414)
  • confmap: Promote confmap.strictlyTypedInput feature gate to beta. (#​10552)
    This feature gate changes the following:
    • Configurations relying on the implicit type casting behaviors listed on #​9532 will start to fail.
    • Configurations using URI expansion (i.e. field: ${env:ENV}) for string-typed fields will use the value passed in ENV verbatim without intermediate type casting.
💡 Enhancements 💡
  • configtls: Mark module as stable. (#​9377)
  • confmap: Remove extra closing parenthesis in sub-config error (#​10480)
  • configgrpc: Update the default load balancer strategy to round_robin (#​10319)
    To restore the behavior that was previously the default, set balancer_name to pick_first.
  • cmd/builder: Add go module info the builder generated code. (#​10570)
  • otelcol: Add go module to components subcommand. (#​10570)
  • confmap: Add explanation to errors related to confmap.strictlyTypedInput feature gate. (#​9532)
  • confmap: Allow using map[string]any values in string interpolation (#​10605)
🧰 Bug fixes 🧰
  • builder: provide context when a module in the config is missing its gomod value (#​10474)
  • confmap: Fixes issue where confmap could not escape $$ when confmap.unifyEnvVarExpansion is enabled. (#​10560)
  • mdatagen: fix generated comp test for extensions and unused imports in templates (#​10477)
  • otlpreceiver: Fixes a bug where the otlp receiver's http response was not properly translating grpc error codes to http status codes. (#​10574)
  • exporterhelper: Fix incorrect deduplication of otelcol_exporter_queue_size and otelcol_exporter_queue_capacity metrics if multiple exporters are used. (#​10444)
  • service/telemetry: Add ability to set service.name for spans emitted by the Collector (#​10489)
  • internal/localhostgate: Correctly log info message when component.UseLocalHostAsDefaultHost is enabled (#​8510)

v0.104.0

This release includes 2 very important breaking changes.

  1. The otlpreceiver will now use localhost by default instead of 0.0.0.0. This may break the receiver in containerized environments like Kubernetes. If you depend on 0.0.0.0 disable the component.UseLocalHostAsDefaultHost feature gate or explicitly set the endpoint to 0.0.0.0.
  2. Expansion of BASH-style environment variables, such as $FOO will no longer be supported by default. If you depend on this syntax, disable the confmap.unifyEnvVarExpansion feature gate, but know that the feature will be removed in the future in favor of ${env:FOO}.
🛑 Breaking changes 🛑
  • filter: Remove deprecated filter.CombinedFilter (#​10348)
  • otelcol: By default, otelcol.NewCommand and otelcol.NewCommandMustSetProvider will set the DefaultScheme to env. (#​10435)
  • expandconverter: By default expandconverter will now error if it is about to expand $FOO syntax. Update configuration to use ${env:FOO} instead or disable the confmap.unifyEnvVarExpansion feature gate. (#​10435)
  • otlpreceiver: Switch to localhost as the default for all endpoints. (#​8510)
    Disable the `componen

Configuration

📅 Schedule: Branch creation - "before 5am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added dependencies Pull requests that update a dependency file renovatebot labels May 31, 2024
@github-actions github-actions bot added the go label May 31, 2024
@renovate renovate bot force-pushed the renovate/tool-deps branch 22 times, most recently from a1efa10 to a05553e Compare June 4, 2024 13:09
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jun 4, 2024
edited
Loading

ℹ Artifact update notice

File name: internal/tools/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 85 additional dependencies were updated

Details:

Package Change
cloud.google.com/go v0.112.2 -> v0.115.0
cloud.google.com/go/auth v0.2.1 -> v0.6.0
cloud.google.com/go/auth/oauth2adapt v0.2.1 -> v0.2.2
cloud.google.com/go/iam v1.1.7 -> v1.1.8
cloud.google.com/go/kms v1.15.8 -> v1.17.1
cloud.google.com/go/storage v1.40.0 -> v1.41.0
deps.dev/api/v3 v3.0.0-20240516073147-b352d7eeeae6 -> v3.0.0-20240730004939-e80e6658c33b
deps.dev/util/maven v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240730004939-e80e6658c33b
deps.dev/util/resolve v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240730004939-e80e6658c33b
deps.dev/util/semver v0.0.0-20240516073147-b352d7eeeae6 -> v0.0.0-20240730004939-e80e6658c33b
github.com/Antonboom/testifylint v1.3.0 -> v1.4.3
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 -> v1.6.0
github.com/Azure/azure-sdk-for-go/sdk/internal v1.6.0 -> v1.8.0
github.com/BurntSushi/toml v1.4.0 -> v1.4.1-0.20240526193622-a339e1f7089c
github.com/Crocmagnon/fatcontext v0.2.2 -> v0.4.0
github.com/CycloneDX/cyclonedx-go v0.8.0 -> v0.9.0
github.com/GaijinEntertainment/go-exhaustruct/v3 v3.2.0 -> v3.3.0
github.com/anchore/quill v0.4.1 -> v0.4.2
github.com/aws/aws-sdk-go v1.53.0 -> v1.54.18
github.com/blacktop/go-dwarf v1.0.9 -> v1.0.10
github.com/blacktop/go-macho v1.1.162 -> v1.1.225
github.com/bombsimon/wsl/v4 v4.2.1 -> v4.4.1
github.com/caarlos0/env/v11 v11.0.1 -> v11.1.0
github.com/caarlos0/log v0.4.4 -> v0.4.5
github.com/cespare/xxhash/v2 v2.2.0 -> v2.3.0
github.com/charmbracelet/bubbletea v0.26.3 -> v0.26.6
github.com/charmbracelet/lipgloss v0.11.0 -> v0.12.1
github.com/charmbracelet/x/ansi v0.1.1 -> v0.1.4
github.com/charmbracelet/x/exp/ordered v0.0.0-20240408110044-525ba71bb562 -> v0.1.0
github.com/docker/docker v26.1.3+incompatible -> v27.1.1+incompatible
github.com/gabriel-vasile/mimetype v1.4.2 -> v1.4.4
github.com/go-logr/logr v1.4.1 -> v1.4.2
github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 -> v2.0.0
github.com/gofrs/flock v0.8.1 -> v0.12.1
github.com/golangci/misspell v0.5.1 -> v0.6.0
github.com/google/go-containerregistry v0.19.1 -> v0.20.1
github.com/googleapis/gax-go/v2 v2.12.3 -> v2.12.5
github.com/goreleaser/nfpm/v2 v2.37.1 -> v2.38.0
github.com/hashicorp/go-retryablehttp v0.7.5 -> v0.7.7
github.com/jjti/go-spancheck v0.6.1 -> v0.6.2
github.com/klauspost/compress v1.17.8 -> v1.17.9
github.com/knadh/koanf/providers/file v0.1.0 -> v1.1.0
github.com/mgechev/revive v1.3.7 -> v1.3.9
github.com/moricho/tparallel v0.3.1 -> v0.3.2
github.com/owenrumney/go-sarif/v2 v2.3.1 -> v2.3.3
github.com/polyfloyd/go-errorlint v1.5.1 -> v1.6.0
github.com/prometheus/common v0.53.0 -> v0.55.0
github.com/prometheus/procfs v0.12.0 -> v0.15.1
github.com/ryancurrah/gomodguard v1.3.2 -> v1.3.3
github.com/sashamelentyev/usestdlibvars v1.25.0 -> v1.27.0
github.com/sivchari/tenv v1.7.1 -> v1.10.0
github.com/spdx/tools-golang v0.5.4 -> v0.5.5
github.com/spf13/cobra v1.8.0 -> v1.8.1
github.com/spf13/viper v1.18.2 -> v1.19.0
github.com/urfave/cli/v2 v2.27.2 -> v2.27.3
github.com/uudashr/gocognit v1.1.2 -> v1.1.3
github.com/xanzy/go-gitlab v0.105.0 -> v0.106.0
github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 -> v0.0.0-20240521201337-686a1a2994c1
go-simpler.org/sloglint v0.7.0 -> v0.7.2
go.opentelemetry.io/build-tools v0.13.0 -> v0.14.0
go.opentelemetry.io/collector/component v0.101.0 -> v0.107.0
go.opentelemetry.io/collector/config/configtelemetry v0.101.0 -> v0.107.0
go.opentelemetry.io/collector/confmap v0.101.0 -> v0.107.0
go.opentelemetry.io/collector/confmap/provider/fileprovider v0.101.0 -> v0.107.0
go.opentelemetry.io/collector/filter v0.101.0 -> v0.107.0
go.opentelemetry.io/collector/pdata v1.8.0 -> v1.13.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.50.0 -> v0.51.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.50.0 -> v0.51.0
go.opentelemetry.io/otel v1.26.0 -> v1.28.0
golang.org/x/crypto v0.23.0 -> v0.26.0
golang.org/x/exp v0.0.0-20240525044651-4c93da0ed11d -> v0.0.0-20240719175910-8a7402abbf56
golang.org/x/mod v0.17.0 -> v0.20.0
golang.org/x/net v0.25.0 -> v0.28.0
golang.org/x/oauth2 v0.20.0 -> v0.21.0
golang.org/x/sync v0.7.0 -> v0.8.0
golang.org/x/sys v0.20.0 -> v0.23.0
golang.org/x/term v0.20.0 -> v0.23.0
golang.org/x/text v0.15.0 -> v0.17.0
google.golang.org/api v0.174.0 -> v0.186.0
google.golang.org/genproto v0.0.0-20240415180920-8c6c420018be -> v0.0.0-20240617180043-68d350f18fd4
google.golang.org/genproto/googleapis/api v0.0.0-20240415180920-8c6c420018be -> v0.0.0-20240617180043-68d350f18fd4
google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be -> v0.0.0-20240701130421-f6361c86f094
google.golang.org/grpc v1.64.0 -> v1.65.0
google.golang.org/protobuf v1.34.1 -> v1.34.2
mvdan.cc/unparam v0.0.0-20240427195214-063aff900ca1 -> v0.0.0-20240528143540-8a5130ca722f

@renovate renovate bot force-pushed the renovate/tool-deps branch 4 times, most recently from 42f3093 to 9aec932 Compare June 5, 2024 16:34
@renovate renovate bot force-pushed the renovate/tool-deps branch 4 times, most recently from 61c757a to ccf9801 Compare July 23, 2024 11:36
@renovate renovate bot force-pushed the renovate/tool-deps branch 3 times, most recently from 97ab11d to 642ea42 Compare July 30, 2024 19:20
@renovate renovate bot force-pushed the renovate/tool-deps branch 5 times, most recently from 76ac0e8 to 1b4623a Compare August 12, 2024 13:47
@renovate renovate bot force-pushed the renovate/tool-deps branch 4 times, most recently from c0a4367 to e855c9e Compare August 14, 2024 05:24
@github-actions github-actions bot added the build label Aug 14, 2024
@adrielp adrielp merged commit 9a70232 into main Aug 14, 2024
14 checks passed
@adrielp adrielp deleted the renovate/tool-deps branch August 14, 2024 13:03
@jburns24 jburns24 mentioned this pull request Aug 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adrielp adrielp adrielp approved these changes

Assignees
No one assigned
Labels
build dependencies Pull requests that update a dependency file go renovatebot
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@adrielp