Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/labstack/echo/v4 from 4.3.0 to 4.6.0 #234

Closed
wants to merge 1 commit into from
Closed

build(deps): bump github.com/labstack/echo/v4 from 4.3.0 to 4.6.0 #234

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 21, 2021

Bumps github.com/labstack/echo/v4 from 4.3.0 to 4.6.0.

Release notes

Sourced from github.com/labstack/echo/v4's releases.

v4.6.0

Introduced a new request logger middleware to help with cases when you want to use some other logging library in your application.

Fixes

  • fix timeout middleware warning: superfluous response.WriteHeader #1905

Enhancements

  • Add Cookie to KeyAuth middleware's KeyLookup #1929
  • JWT middleware should ignore case of auth scheme in request header #1951
  • Refactor default error handler to return first if response is already committed #1956
  • Added request logger middleware which helps to use custom logger library for logging requests. #1980
  • Allow escaping of colon in route path so Google Cloud API "custom methods" could be implemented #1988

v4.5.0

Important notes

A BREAKING CHANGE is introduced for JWT middleware users.

The JWT library used for the JWT middleware had to be changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt due former library being unmaintained and affected by security issues. The github.com/golang-jwt/jwt project is a drop-in replacement, but supports only the latest 2 Go versions. So for JWT middleware users Go 1.15+ is required. For detailed information please read #1940

To change the library imports in all .go files in your project replace all occurrences of dgrijalva/jwt-go with golang-jwt/jwt.

For Linux CLI you can use:

find -type f -name "*.go" -exec sed -i "s/dgrijalva\/jwt-go/golang-jwt\/jwt/g" {} \;
go mod tidy

Fixes

  • Change JWT library to github.com/golang-jwt/jwt #1946

v4.4.0

Fixes

  • Split HeaderXForwardedFor header only by comma #1878
  • Fix Timeout middleware Context propagation #1910

Enhancements

  • Allow for custom JSON encoding implementations #1880
  • Adds JWTConfig.ParseTokenFunc to JWT middleware to allow different libraries implementing JWT parsing. #1887
  • Adds RequestIDHandler function to RequestID middleware #1898
  • Bind data using headers as source #1866

... (truncated)

Changelog

Sourced from github.com/labstack/echo/v4's changelog.

v4.6.0 - 2021-09-20

Introduced a new request logger middleware to help with cases when you want to use some other logging library in your application.

Fixes

  • fix timeout middleware warning: superfluous response.WriteHeader #1905

Enhancements

  • Add Cookie to KeyAuth middleware's KeyLookup #1929
  • JWT middleware should ignore case of auth scheme in request header #1951
  • Refactor default error handler to return first if response is already committed #1956
  • Added request logger middleware which helps to use custom logger library for logging requests. #1980
  • Allow escaping of colon in route path so Google Cloud API "custom methods" could be implemented #1988

v4.5.0 - 2021-08-01

Important notes

A BREAKING CHANGE is introduced for JWT middleware users. The JWT library used for the JWT middleware had to be changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt due former library being unmaintained and affected by security issues. The github.com/golang-jwt/jwt project is a drop-in replacement, but supports only the latest 2 Go versions. So for JWT middleware users Go 1.15+ is required. For detailed information please read #1940

To change the library imports in all .go files in your project replace all occurrences of dgrijalva/jwt-go with golang-jwt/jwt.

For Linux CLI you can use:

find -type f -name "*.go" -exec sed -i "s/dgrijalva\/jwt-go/golang-jwt\/jwt/g" {} \;
go mod tidy

Fixes

  • Change JWT library to github.com/golang-jwt/jwt #1946

v4.4.0 - 2021-07-12

Fixes

  • Split HeaderXForwardedFor header only by comma #1878
  • Fix Timeout middleware Context propagation #1910

Enhancements

  • Bind data using headers as source #1866

... (truncated)

Commits
  • 4651c7a Update version and changelog for 4.6.0 (#1990)
  • 6a85f48 Update README.md
  • 9fc4672 Allow escaping of colon in route path so Google Cloud API "custom methods" ht...
  • f6b45f2 CI: test against Go 1.17 (#1984)
  • 1e7e67c Added request logger middleware which helps to use custom logger library for ...
  • 7f502b1 try to fix #1905 and add some notes (#1947)
  • d793521 Update README.md
  • eaba4c3 Delete .all-contributorsrc
  • ac7c134 docs: add aldas as a contributor for review (#1962)
  • 560fca0 Update .all-contributorsrc
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github.com/labstack/echo/v4 from 4.3.0 to 4.6.0
fd544da 
Bumps [github.com/labstack/echo/v4](https://github.com/labstack/echo) from 4.3.0 to 4.6.0.
- [Release notes](https://github.com/labstack/echo/releases)
- [Changelog](https://github.com/labstack/echo/blob/master/CHANGELOG.md)
- [Commits](labstack/echo@v4.3.0...v4.6.0)

---
updated-dependencies:
- dependency-name: github.com/labstack/echo/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 21, 2021
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 27, 2021

Superseded by #236.

@dependabot dependabot bot closed this Sep 27, 2021
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/labstack/echo/v4-4.6.0 branch September 27, 2021 12:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants