Skip to content

build(deps): bump the all-go-deps group across 1 directory with 6 updates #1006

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump the all-go-deps group across 1 directory with 6 updates #1006

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 12, 2025
edited
Loading

Bumps the all-go-deps group with 5 updates in the /backend directory:

Package From To
golang.org/x/sys 0.31.0 0.35.0
google.golang.org/grpc 1.71.0 1.74.2
google.golang.org/protobuf 1.36.6 1.36.7
k8s.io/api 0.32.1 0.33.3
k8s.io/client-go 0.32.1 0.33.3

Updates golang.org/x/sys from 0.31.0 to 0.35.0

Commits
  • 5b936e1 unix/linux: update to Linux kernel 6.16, Go to 1.24.5
  • 3a82703 unix: remove redundant xnu version check for {p}readv/{p}writev
  • 9920300 unix: add missing nft conntrack constants
  • ad4e0fc unix: remove redundant word in comment
  • 084ad87 unix: fix //sys decl after CL 548795
  • 751c3c6 unix: add missing NFT_PAYLOAD_* consts on linux
  • 0c740cc unix: update Go to 1.24.3
  • d62d31c unix: update Linux constants and types to v6.14
  • 3d9a6b8 windows: add WSADuplicateSocket
  • c0a9559 cpu: add crypto extensions detection for riscv64
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.71.0 to 1.74.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.74.2

New Features

  • grpc: introduce new DialOptions and ServerOptions (WithStaticStreamWindowSize, WithStaticConnWindowSize, StaticStreamWindowSize, StaticConnWindowSize) that force fixed window sizes for all HTTP/2 connections. By default, gRPC uses dynamic sizing of these windows based upon a BDP estimation algorithm. The existing options (WithInitialWindowSize, etc) also disable BDP estimation, but this behavior will be changed in a following release. (#8283)

API Changes

  • balancer: add ExitIdle method to Balancer interface. Earlier, implementing this method was optional. (#8367)

Behavior Changes

  • xds: Remove the GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST environment variable that allows disabling the least request balancer with xDS. Least request was made available by default with xDS in v1.72.0. (#8248)
  • server: allow 0s grpc-timeout header values, which older gRPC-Java versions could send. This restores the behavior of grpc-go before v1.73.0. (#8439)

Bug Fixes

  • googledirectpath: avoid logging the error message Attempt to set a bootstrap configuration... when creating multiple directpath channels. (#8419)

Performance Improvements

  • transport: reduce heap allocations by pooling objects and avoiding method-to-closure conversions. (#8361)
  • transport: reduce heap allocations by re-using mem.Reader objects. (#8360)

Documentation

  • examples: add examples to demonstrate enabling experimental metrics using the OpenTelemetry plugin. (#8388)

Release 1.74.1

Version 1.74.1 retracts release v1.74.0 and itself. Release 1.74.0 was accidentally tagged on the wrong commit and should not be used. Version 1.73.0 should be used until 1.74.2 is released.

Release 1.74.0 was accidentally tagged on the wrong commit and should not be used. Version 1.73.0 should be used until 1.74.1 is released.

Release 1.73.0

New Features

  • balancer/ringhash: move LB policy from xds/internal to exported path to facilitate use without xds (#8249)
  • xds: enable least request LB policy by default. It can be disabled by setting GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST=false in your environment. (#8253)
  • grpc: add a CallAuthority Call Option that can be used to overwrite the http :authority header on per-RPC basis. (#8068)
  • stats/opentelemetry: add trace event for name resolution delay. (#8074)
  • health: added List method to gRPC Health service. (#8155)
  • ringhash: implement features from gRFC A76. (#8159)
  • xds: add functionality to support SPIFFE Bundle Maps as roots of trust in XDS which can be enabled by setting GRPC_EXPERIMENTAL_XDS_MTLS_SPIFFE=true. (#8167, #8180, #8229, #8343)

Bug Fixes

  • xds: locality ID metric label is changed to make it consistent with gRFC A78. (#8256)
  • client: fail RPCs on the client when using extremely short contexts that expire before the grpc-timeout header is created. (#8312)

... (truncated)

Commits

Updates google.golang.org/protobuf from 1.36.6 to 1.36.7

Updates k8s.io/api from 0.32.1 to 0.33.3

Commits
  • b40c1ca Update dependencies to v0.33.3 tag
  • 16cedc7 Merge pull request #131088 from atiratree/rename-terminating-replicas-fg
  • dc88679 Merge pull request #131103 from ahrtr/etcd_sdk_20250328
  • 4a456a2 bump etcd 3.5.21 sdk
  • 96e38c9 rename DeploymentPodReplacementPolicy FG to DeploymentReplicaSetTerminatingRe...
  • c21a017 Merge pull request #129970 from mortent/AddResourceV1beta2API
  • d0673db Run make update
  • 118546d Merge pull request #130556 from sreeram-venkitesh/kep-4960-container-stop-sig...
  • f9401a3 Merge pull request #130797 from jm-franc/configurable-tolerance
  • 9b3e544 Generated UPDATE_COMPATIBILITY_FIXTURE_DATA
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.32.1 to 0.33.3

Commits
  • 173776a Merge pull request #131708tigrato/automated-cherry-pick-of-#131702
  • a3d1fde fix: fixes a possible panic in NewYAMLToJSONDecoder
  • 955939f bump etcd 3.5.21 sdk
  • e8a77bd Merge pull request #130910 from googs1025/fix/datarace
  • 7e8c77e Merge pull request #130906 from serathius/streaming-validation
  • 27fd396 flake: fix data race for func TestBackoff_Step
  • 8bcc6f1 Update kube-openapi and integrate streaming tags validation
  • 6ce776c Merge pull request #130857 from thockin/kk_small_vg_diffs
  • f2c94d6 Comment on origin and JSON schema
  • b63ba07 Use origin in validateFalse's own test
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.32.1 to 0.33.3

Commits
  • 23a84e4 Update dependencies to v0.33.3 tag
  • ecbbb06 bump etcd 3.5.21 sdk
  • 2086688 Merge pull request #129970 from mortent/AddResourceV1beta2API
  • dba34c7 Run make update
  • e359642 Merge pull request #130556 from sreeram-venkitesh/kep-4960-container-stop-sig...
  • 3bf0a05 Merge pull request #130797 from jm-franc/configurable-tolerance
  • 7a03a3b Generated files
  • 1676beb Refresh autogenerated files following the configurable tolerance updates.
  • 387edb8 Merge pull request #130967 from aojea/listers
  • 21dc3b4 benchmark to show inefficient linear search lookup
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added ci/dependabot Used by dependabot to mark its changes as coming from itself dependencies Pull requests that update a dependency file kind/enhancement release-note/misc Changes without direct user impact labels Aug 12, 2025
@dependabot dependabot bot requested a review from a team as a code owner August 12, 2025 02:12
@dependabot dependabot bot added dependencies Pull requests that update a dependency file kind/enhancement release-note/misc Changes without direct user impact labels Aug 12, 2025
@dependabot dependabot bot requested review from geakstr and removed request for a team August 12, 2025 02:12
@dependabot dependabot bot added the ci/dependabot Used by dependabot to mark its changes as coming from itself label Aug 12, 2025
@dependabot
build(deps): bump the all-go-deps group across 1 directory with 6 upd…
03f7a01 
…ates

Bumps the all-go-deps group with 5 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.31.0` | `0.35.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.71.0` | `1.74.2` |
| google.golang.org/protobuf | `1.36.6` | `1.36.7` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.32.1` | `0.33.3` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.32.1` | `0.33.3` |



Updates `golang.org/x/sys` from 0.31.0 to 0.35.0
- [Commits](golang/sys@v0.31.0...v0.35.0)

Updates `google.golang.org/grpc` from 1.71.0 to 1.74.2
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.71.0...v1.74.2)

Updates `google.golang.org/protobuf` from 1.36.6 to 1.36.7

Updates `k8s.io/api` from 0.32.1 to 0.33.3
- [Commits](kubernetes/api@v0.32.1...v0.33.3)

Updates `k8s.io/apimachinery` from 0.32.1 to 0.33.3
- [Commits](kubernetes/apimachinery@v0.32.1...v0.33.3)

Updates `k8s.io/client-go` from 0.32.1 to 0.33.3
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.32.1...v0.33.3)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
- dependency-name: google.golang.org/grpc
  dependency-version: 1.74.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-deps
- dependency-name: k8s.io/api
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
- dependency-name: k8s.io/client-go
  dependency-version: 0.33.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/backend/all-go-deps-73988d1283 branch from 3b9c693 to 03f7a01 Compare August 26, 2025 08:35
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 1, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 1, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/backend/all-go-deps-73988d1283 branch September 1, 2025 23:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geakstr geakstr Awaiting requested review from geakstr geakstr is a code owner automatically assigned from cilium/hubble-ui

Assignees
No one assigned
Labels
ci/dependabot Used by dependabot to mark its changes as coming from itself dependencies Pull requests that update a dependency file kind/enhancement release-note/misc Changes without direct user impact
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants