Bump golang from 1.21.6 to 1.22.0 #519
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps golang from 1.21.6 to 1.22.0. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
alecthomas
pushed a commit
to TBD54566975/ftl
that referenced
this pull request
Feb 19, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | Type | Update | |---|---|---|---|---|---|---|---| | [@swc/core](https://swc.rs) ([source](https://togithub.com/swc-project/swc)) | [`1.4.0` -> `1.4.1`](https://renovatebot.com/diffs/npm/@swc%2fcore/1.4.0/1.4.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | patch | | [@types/react](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/react) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)) | [`18.2.55` -> `18.2.56`](https://renovatebot.com/diffs/npm/@types%2freact/18.2.55/18.2.56) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | patch | | [connectrpc.com/connect](https://togithub.com/connectrpc/connect-go) | `v1.14.0` -> `v1.15.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [github.com/amacneil/dbmate/v2](https://togithub.com/amacneil/dbmate) | `v2.11.0` -> `v2.12.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | require | minor | | golang.org/x/tools | `v0.17.0` -> `v0.18.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [helm](https://togithub.com/helm/helm) | `3.14.0` -> `3.14.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | patch | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `v1.28.0` -> `v1.29.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | require | minor | | [node](https://togithub.com/nodejs/node) | `21.6.1` -> `21.6.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | patch | | [protoc](https://togithub.com/protocolbuffers/protobuf) | `25.2` -> `25.3` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | minor | | [react-router-dom](https://togithub.com/remix-run/react-router) ([source](https://togithub.com/remix-run/react-router/tree/HEAD/packages/react-router-dom)) | [`6.22.0` -> `6.22.1`](https://renovatebot.com/diffs/npm/react-router-dom/6.22.0/6.22.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | dependencies | patch | | [reactflow](https://togithub.com/xyflow/xyflow) ([source](https://togithub.com/xyflow/xyflow/tree/HEAD/packages/reactflow)) | [`11.10.3` -> `11.10.4`](https://renovatebot.com/diffs/npm/reactflow/11.10.3/11.10.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | dependencies | patch | | [yq](https://togithub.com/mikefarah/yq) | `4.40.7` -> `4.41.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | minor | | [ch.qos.logback:logback-core](http://logback.qos.ch) ([source](https://togithub.com/qos-ch/logback)) | `1.4.14` -> `1.5.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | compile | minor | | [ch.qos.logback:logback-classic](http://logback.qos.ch) ([source](https://togithub.com/qos-ch/logback)) | `1.4.14` -> `1.5.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | compile | minor | --- ### Release Notes <details> <summary>swc-project/swc (@​swc/core)</summary> ### [`v1.4.1`](https://togithub.com/swc-project/swc/blob/HEAD/CHANGELOG.md#141---2024-02-13) [Compare Source](https://togithub.com/swc-project/swc/compare/v1.4.0...v1.4.1) ##### Bug Fixes - **(binding/types)** Update typings for `options.envs` to match implementation ([#​8620](https://togithub.com/swc-project/swc/issues/8620)) ([2a115cf](https://togithub.com/swc-project/swc/commit/2a115cff716b3ac9216d03a4c88649fedff73850)) - **(es/compat)** Visit AssignExpr right branch in FnEnvHoister ([#​8633](https://togithub.com/swc-project/swc/issues/8633)) ([e5d6de0](https://togithub.com/swc-project/swc/commit/e5d6de0ea9fbab0e36791f59b58d6d2c76809ea5)) - **(es/decorators)** Do not insert duplicate constructors ([#​8631](https://togithub.com/swc-project/swc/issues/8631)) ([21a447f](https://togithub.com/swc-project/swc/commit/21a447f35a79cdad4721cdefea26da1d355d34d3)) - **(es/parser)** Set class property to `abstract` or `override` even in error states ([#​8610](https://togithub.com/swc-project/swc/issues/8610)) ([5a77306](https://togithub.com/swc-project/swc/commit/5a773061dbb8674d93fab46681492a7e08f95f2c)) - **(es/parser)** Fix parsing of dynamic source phase imports ([#​8611](https://togithub.com/swc-project/swc/issues/8611)) ([7d724d8](https://togithub.com/swc-project/swc/commit/7d724d8ea3d222721ddc1c2913771c3367b6f689)) - **(es/parser)** Rescan `<<` as `<` when parsing type args ([#​8607](https://togithub.com/swc-project/swc/issues/8607)) ([9e6dad9](https://togithub.com/swc-project/swc/commit/9e6dad9baf900b44591c97c5467494c893f02661)) - **(es/parser)** Fix detection of `use strict` directive ([#​8617](https://togithub.com/swc-project/swc/issues/8617)) ([95236e9](https://togithub.com/swc-project/swc/commit/95236e9abe546c455222a775f9648e82543dfaed)) - **(es/plugin)** Fix schema version issue ([#​8621](https://togithub.com/swc-project/swc/issues/8621)) ([132be95](https://togithub.com/swc-project/swc/commit/132be951733660654b5c0992e19b5f3d414e7350)) - **(es/quote)** Allow variables typed `AssignTarget` ([#​8602](https://togithub.com/swc-project/swc/issues/8602)) ([6a48be4](https://togithub.com/swc-project/swc/commit/6a48be4b6b91c71687c2edc1cf9db9538d9f5650)) - **(es/quote)** Support `AssignTarget`, really ([#​8603](https://togithub.com/swc-project/swc/issues/8603)) ([ef91661](https://togithub.com/swc-project/swc/commit/ef916614f1b714bc765721fd7a35a4a471ac6811)) - **(es/quote)** Fix code generation of `AssignTarget` ([#​8604](https://togithub.com/swc-project/swc/issues/8604)) ([16e9d4c](https://togithub.com/swc-project/swc/commit/16e9d4ca31561caf4fb2a5182337eae78395dbe6)) ##### Features - **(es/minifier)** Implement correct `hoist_props` ([#​8593](https://togithub.com/swc-project/swc/issues/8593)) ([3122e94](https://togithub.com/swc-project/swc/commit/3122e944a8a1720584b43c7f0c4db3508f0cf915)) ##### Miscellaneous Tasks - **(config)** Remove an empty file in `swc_config` ([#​8609](https://togithub.com/swc-project/swc/issues/8609)) ([d87fef0](https://togithub.com/swc-project/swc/commit/d87fef0fea661b3a50e43af85c12db98e978bc82)) - **(preset-env)** Update `browserslist-rs` ([#​8614](https://togithub.com/swc-project/swc/issues/8614)) ([e5585e9](https://togithub.com/swc-project/swc/commit/e5585e99f120eb7c76625d90961fd6e4f12579e5)) ##### Refactor - **(bindings)** Remove bindings for experimental packages ([#​8600](https://togithub.com/swc-project/swc/issues/8600)) ([6c50ff1](https://togithub.com/swc-project/swc/commit/6c50ff1bec9c49d0883016d0b2c0cfa3941290c7)) ##### Testing - **(es)** Update `tsc` conformance test suite ([#​8615](https://togithub.com/swc-project/swc/issues/8615)) ([c0beba7](https://togithub.com/swc-project/swc/commit/c0beba7708f88320617d02ce68f079bbe0252075)) - Update `@swc/plguin-jest` used for plugin e2e testing ([#​8601](https://togithub.com/swc-project/swc/issues/8601)) ([95fe3db](https://togithub.com/swc-project/swc/commit/95fe3dbe931ec42a456fceb2d583d6a04e33edd6)) ##### Build - **(cargo)** Update `rustc` to `nightly-2024-02-06` ([#​8618](https://togithub.com/swc-project/swc/issues/8618)) ([6726b63](https://togithub.com/swc-project/swc/commit/6726b631e68cf7f14612e046c8cf057411e4a3c2)) - **(plugin)** Update `wasmer` to `v4.2.5` ([#​8624](https://togithub.com/swc-project/swc/issues/8624)) ([4e0d240](https://togithub.com/swc-project/swc/commit/4e0d24089588da8952c6986f1bfcc47bcd9f84a2)) </details> <details> <summary>connectrpc/connect-go (connectrpc.com/connect)</summary> ### [`v1.15.0`](https://togithub.com/connectrpc/connect-go/releases/tag/v1.15.0) [Compare Source](https://togithub.com/connectrpc/connect-go/compare/v1.14.0...v1.15.0) #### What's Changed Since the last release, we have been significantly increasing coverage of our [conformance suite](https://togithub.com/connectrpc/conformance). This has identified several inconsistencies with other Connect, gRPC, and gRPC-Web implementations. This release includes several fixes that will help align this implementation with others, behavior that can be verified by the conformance tests going forward. The fixes are backward-compatible with gRPC and Connect clients and servers. They fix some aspects of the wire representation and edge-case handling of spurious requests and responses, and they may affect users directly inspecting HTTP requests and responses. ##### Governance - Add [@​emcfarlane](https://togithub.com/emcfarlane) as a maintainer in [#​680](https://togithub.com/connectrpc/connect-go/issues/680) 🎉 ##### Enhancements - Add transport-level retry support for RPCs with unary and server-stream RPCs. This also improves efficiency by eliminating a goroutine and a message copy. By [@​emcfarlane](https://togithub.com/emcfarlane) in [#​649](https://togithub.com/connectrpc/connect-go/issues/649) - Prefer "application/grpc" over "application/grpc+proto" content-type when issuing gRPC calls. This accommodates Google Cloud Platform servers, which don't fully implement the gRPC specification. By [@​lrewega](https://togithub.com/lrewega) in [#​655](https://togithub.com/connectrpc/connect-go/issues/655) - Small efficiency gains in on all outbound HTTP requests and unary Connect response validation by [@​mattrobenolt](https://togithub.com/mattrobenolt) in [#​682](https://togithub.com/connectrpc/connect-go/issues/682), [#​683](https://togithub.com/connectrpc/connect-go/issues/683) - Improve efficiency handling gRPC-Web and Connect end-of-stream messages by [@​jhump](https://togithub.com/jhump) in [#​678](https://togithub.com/connectrpc/connect-go/issues/678) ##### Bugfixes - Fix HTTP status to Code mapping by [@​emcfarlane](https://togithub.com/emcfarlane) in [#​673](https://togithub.com/connectrpc/connect-go/issues/673) - Client should verify response content-type by [@​jhump](https://togithub.com/jhump) in [#​679](https://togithub.com/connectrpc/connect-go/issues/679) - Omit erroneous `@type` attribute from Connect error detail debug string by [@​jhump](https://togithub.com/jhump) in [#​688](https://togithub.com/connectrpc/connect-go/issues/688) - Use context to correctly classify some errors with Canceled or DeadlineExceeded code by [@​emcfarlane](https://togithub.com/emcfarlane) in [#​659](https://togithub.com/connectrpc/connect-go/issues/659) - Fix trailers-only response handling and some gRPC error coding by [@​jhump](https://togithub.com/jhump) in [#​677](https://togithub.com/connectrpc/connect-go/issues/677), [#​690](https://togithub.com/connectrpc/connect-go/issues/690) **Full Changelog**: connectrpc/connect-go@v1.14.0...v1.15.0 </details> <details> <summary>amacneil/dbmate (github.com/amacneil/dbmate/v2)</summary> ### [`v2.12.0`](https://togithub.com/amacneil/dbmate/releases/tag/v2.12.0) [Compare Source](https://togithub.com/amacneil/dbmate/compare/v2.11.0...v2.12.0) #### What's Changed - Bump alpine from 3.19.0 to 3.19.1 by [@​dependabot](https://togithub.com/dependabot) in [amacneil/dbmate#517 - Bump golang from 1.21.6 to 1.22.0 by [@​dependabot](https://togithub.com/dependabot) in [amacneil/dbmate#519 - Update dependencies by [@​amacneil](https://togithub.com/amacneil) in [amacneil/dbmate#520 **Full Changelog**: amacneil/dbmate@v2.11.0...v2.12.0 </details> <details> <summary>helm/helm (helm)</summary> ### [`v3.14.1`](https://togithub.com/helm/helm/releases/tag/v3.14.1): Helm v3.14.1 Helm v3.14.1 is a security (patch) release. Users are strongly recommended to update to this release. A Helm contributor discovered a path traversal vulnerability when Helm saves a chart including at download time. [Dominykas Blyžė](https://togithub.com/dominykas) with [Nearform Ltd.](https://www.nearform.com/) discovered the vulnerability. #### Installation and Upgrading Download Helm v3.14.1. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v3.14.1-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-darwin-amd64.tar.gz.sha256sum) / 67928236b37c4e780b9fb5e614fb3b9aece90d60f0b1b4cb7406ee292c2dae3b) - [MacOS arm64](https://get.helm.sh/helm-v3.14.1-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-darwin-arm64.tar.gz.sha256sum) / 96468f927cc6efb4a2b92fd9419f40ed21d634af2f3e84fb8efa59526c7a003b) - [Linux amd64](https://get.helm.sh/helm-v3.14.1-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-amd64.tar.gz.sha256sum) / 75496ea824f92305ff7d28af37f4af57536bf5138399c824dff997b9d239dd42) - [Linux arm](https://get.helm.sh/helm-v3.14.1-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-arm.tar.gz.sha256sum) / f50c00c262b74435530e677bcec07637aaeda1ed92ef809b49581a4e6182cbbe) - [Linux arm64](https://get.helm.sh/helm-v3.14.1-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-arm64.tar.gz.sha256sum) / f865b8ad4228fd0990bbc5b50615eb6cb9eb31c9a9ca7238401ed897bbbe9033) - [Linux i386](https://get.helm.sh/helm-v3.14.1-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-386.tar.gz.sha256sum) / 3c94ed0601e0e62c195a7e9b75262b18128c8284662aa0e080bb548dc6d47bcd) - [Linux ppc64le](https://get.helm.sh/helm-v3.14.1-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-ppc64le.tar.gz.sha256sum) / 4d853ab8fe3462287c7272fbadd5f73531ecdd6fa0db37d31630e41ae1ae21de) - [Linux s390x](https://get.helm.sh/helm-v3.14.1-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-s390x.tar.gz.sha256sum) / 19bf07999c7244bfeb0fd27152919b9faa1148cf43910edbb98efa9150058a98) - [Linux riscv64](https://get.helm.sh/helm-v3.14.1-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v3.14.1-linux-riscv64.tar.gz.sha256sum) / 2660bd8eb37aafc071599b788a24bfe244e5d3ffa42da1599da5a5041dafa214) - [Windows amd64](https://get.helm.sh/helm-v3.14.1-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v3.14.1-windows-amd64.zip.sha256sum) / 8a6c78a23a4e497ad8bd288138588adb3e5b49be8dbe82a3200fe7b297dac184) This release was signed with ` 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E ` and can be found at [@​mattfarina](https://togithub.com/mattfarina) [keybase account](https://keybase.io/mattfarina). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.14.2 will contain only bug fixes and be released on March 13, 2024. - 3.15.0 is the next feature release and will be on May 08, 2024. </details> <details> <summary>cznic/sqlite (modernc.org/sqlite)</summary> ### [`v1.29.1`](https://gitlab.com/cznic/sqlite/compare/v1.29.0...v1.29.1) [Compare Source](https://gitlab.com/cznic/sqlite/compare/v1.29.0...v1.29.1) ### [`v1.29.0`](https://gitlab.com/cznic/sqlite/compare/v1.28.0...v1.29.0) [Compare Source](https://gitlab.com/cznic/sqlite/compare/v1.28.0...v1.29.0) </details> <details> <summary>nodejs/node (node)</summary> ### [`v21.6.2`](https://togithub.com/nodejs/node/releases/tag/v21.6.2): 2024-02-14, Version 21.6.2 (Current), @​RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v21.6.1...v21.6.2) ##### Notable changes This is a security release. ##### Notable changes - CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High) - CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) - CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High) - CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High) - CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against [PKCS#1](https://togithub.com/PKCS/node/issues/1) v1.5 padding) - (Medium) - CVE-2024-21891 - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium) - CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium) - CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) - undici version 5.28.3 - libuv version 1.48.0 - OpenSSL version 3.0.13+quic1 ##### Commits - \[[`8344719369`](https://togithub.com/nodejs/node/commit/8344719369)] - **crypto**: disable [PKCS#1](https://togithub.com/PKCS/node/issues/1) padding for privateDecrypt (Michael Dawson) [nodejs-private/node-private#525](https://togithub.com/nodejs-private/node-private/pull/525) - \[[`d093600ac4`](https://togithub.com/nodejs/node/commit/d093600ac4)] - **deps**: update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) [#​51614](https://togithub.com/nodejs/node/pull/51614) - \[[`6cd930e5e8`](https://togithub.com/nodejs/node/commit/6cd930e5e8)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) [#​51614](https://togithub.com/nodejs/node/pull/51614) - \[[`9590c15d3d`](https://togithub.com/nodejs/node/commit/9590c15d3d)] - **deps**: upgrade libuv to 1.48.0 (Santiago Gimeno) [#​51698](https://togithub.com/nodejs/node/pull/51698) - \[[`666096298c`](https://togithub.com/nodejs/node/commit/666096298c)] - **deps**: disable io_uring support in libuv by default (Tobias Nießen) [nodejs-private/node-private#528](https://togithub.com/nodejs-private/node-private/pull/528) - \[[`a4edd22e30`](https://togithub.com/nodejs/node/commit/a4edd22e30)] - **fs**: protect against modified Buffer internals in possiblyTransformPath (Tobias Nießen) [nodejs-private/node-private#497](https://togithub.com/nodejs-private/node-private/pull/497) - \[[`6155a1ffaf`](https://togithub.com/nodejs/node/commit/6155a1ffaf)] - **http**: add maximum chunk extension size (Paolo Insogna) [nodejs-private/node-private#518](https://togithub.com/nodejs-private/node-private/pull/518) - \[[`777509495e`](https://togithub.com/nodejs/node/commit/777509495e)] - **lib**: use cache fs internals against path traversal (RafaelGSS) [nodejs-private/node-private#516](https://togithub.com/nodejs-private/node-private/pull/516) - \[[`9d2ac2b3fc`](https://togithub.com/nodejs/node/commit/9d2ac2b3fc)] - **lib**: update undici to v5.28.3 (Matteo Collina) [nodejs-private/node-private#538](https://togithub.com/nodejs-private/node-private/pull/538) - \[[`208b3940c7`](https://togithub.com/nodejs/node/commit/208b3940c7)] - **src**: fix HasOnly(capability) in node::credentials (Tobias Nießen) [nodejs-private/node-private#505](https://togithub.com/nodejs-private/node-private/pull/505) - \[[`fc2454f29c`](https://togithub.com/nodejs/node/commit/fc2454f29c)] - **src,deps**: disable setuid() etc if io_uring enabled (Tobias Nießen) [nodejs-private/node-private#528](https://togithub.com/nodejs-private/node-private/pull/528) - \[[`ef3eea20be`](https://togithub.com/nodejs/node/commit/ef3eea20be)] - **test,doc**: clarify wildcard usage (RafaelGSS) [nodejs-private/node-private#517](https://togithub.com/nodejs-private/node-private/pull/517) - \[[`8547196964`](https://togithub.com/nodejs/node/commit/8547196964)] - **zlib**: pause stream if outgoing buffer is full (Matteo Collina) [nodejs-private/node-private#540](https://togithub.com/nodejs-private/node-private/pull/540) </details> <details> <summary>protocolbuffers/protobuf (protoc)</summary> ### [`v25.3`](https://togithub.com/protocolbuffers/protobuf/releases/tag/v25.3): Protocol Buffers v25.3 ### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ### Apple Privacy Manifest [Requirement](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api) - \[CPP] Add the privacy manifest to the C++ CocoaPod. (protocolbuffers/protobuf@9d1bc10) - \[ObjC] Add the privacy manifest to the ObjC CocoaPod. (protocolbuffers/protobuf@cec08dc) - Add PrivacyInfo.xcprivacy ([#​15557](https://togithub.com/protocolbuffers/protobuf/issues/15557)) (protocolbuffers/protobuf@cf87faa) ### C++ - Remove use of mach_absolute_time ([#​15554](https://togithub.com/protocolbuffers/protobuf/issues/15554)) (protocolbuffers/protobuf@76d05d4) ### Objective-C - \[ObjC] Use a local to avoid warnings in 32bit builds. (protocolbuffers/protobuf@9dc736d) ### Python - Bump python version to 3.9 for gcloud 460.0.0 (protocolbuffers/protobuf@17ec19d) ### Ruby - Update Ruby GHA to test against Ruby 3.3. (protocolbuffers/protobuf@25b1e81) - Pin bundler version to 2.4.22 for Ruby 2.7 support. (protocolbuffers/protobuf@80b4586) </details> <details> <summary>remix-run/react-router (react-router-dom)</summary> ### [`v6.22.1`](https://togithub.com/remix-run/react-router/compare/react-router-dom@6.22.0...react-router-dom@6.22.1) [Compare Source](https://togithub.com/remix-run/react-router/compare/react-router-dom@6.22.0...react-router-dom@6.22.1) </details> <details> <summary>xyflow/xyflow (reactflow)</summary> ### [`v11.10.4`](https://togithub.com/xyflow/xyflow/releases/tag/11.10.4) [Compare Source](https://togithub.com/xyflow/xyflow/compare/reactflow@11.10.3...reactflow@11.10.4) #### Patch Changes - [#​3918](https://togithub.com/xyflow/xyflow/pull/3918) [`7c8c8574`](https://togithub.com/xyflow/xyflow/commit/7c8c85743dd78656203569567d862f95a6578690) - fix(edge-marker): use quotes for marker urls to support css vars - [#​3897](https://togithub.com/xyflow/xyflow/pull/3897) [`7722305c`](https://togithub.com/xyflow/xyflow/commit/7722305cdfcda77fed97ea93c7d5d6b21f95e94d) - fix(nodes): re-measure/ re-init correctly </details> <details> <summary>mikefarah/yq (yq)</summary> ### [`v4.41.1`](https://togithub.com/mikefarah/yq/releases/tag/v4.41.1) - Can now comment in yq expressions! [#​1919](https://togithub.com/mikefarah/yq/issues/1919) - Added new CSV option to turn off auto-parsing [#​1947](https://togithub.com/mikefarah/yq/issues/1947) - Can now retrieve the alias names of merge anchors [#​1942](https://togithub.com/mikefarah/yq/issues/1942) - Fixed Toml decoding when table array defined before parent [#​1922](https://togithub.com/mikefarah/yq/issues/1922) - Fixing with_entries context [#​1925](https://togithub.com/mikefarah/yq/issues/1925) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/TBD54566975/ftl). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xOTEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjE5MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps golang from 1.21.6 to 1.22.0.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)