Skip to content

fix(deps): update all dependencies#662

Merged
brb merged 1 commit into
mainfrom
renovate/all-dependencies
Mar 18, 2026
Merged

fix(deps): update all dependencies#662
brb merged 1 commit into
mainfrom
renovate/all-dependencies

Conversation

@renovate

@renovate renovate Bot commented Mar 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change Age Confidence
actions/download-artifact action digest 70fc10c484a0b5
actions/setup-go action digest def8c394a36011
docker.io/library/golang stage patch 1.26.01.26.1 age confidence
docker/build-push-action action major v6.19.2v7.0.0 age confidence
docker/login-action action major v3.7.0v4.0.0 age confidence
docker/setup-buildx-action action major v3.12.0v4.0.0 age confidence
github.com/cilium/ebpf require minor v0.20.0v0.21.0 age confidence
go uses-with patch 1.26.01.26.1 age confidence
golang patch 1.26.01.26.1 age confidence
softprops/action-gh-release action minor v2.5.0v2.6.1 age confidence

Release Notes

docker/build-push-action (docker/build-push-action)

v7.0.0

Compare Source

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

docker/login-action (docker/login-action)

v4.0.0

Compare Source

Full Changelog: docker/login-action@v3.7.0...v4.0.0

docker/setup-buildx-action (docker/setup-buildx-action)

v4.0.0

Compare Source

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

cilium/ebpf (github.com/cilium/ebpf)

v0.21.0: : Struct Ops, Weak Symbols and BTF deduplication

Compare Source

Hi, everyone! The Cilium project is proud to announce v0.21.0 of ebpf-go, our first major 2026 feature release. Please note that this version comes with a few breaking changes for XDP users that may require some intervention based on your use case, so please read the following section carefully before upgrading! We've also removed some long-deprecated APIs.

Breaking changes

XDP Attach Type

This release saw a change to the ELF parsing logic, specifically to XDP programs. Previously, XDP programs had their ProgramSpec.AttachType set to AttachNone. Prompted by upstream changes in Linux 6.18, XDP programs now come with an AttachXDP attach type. This change ensures compatibility with kernels going forward, as well as better interoperability with libbpf-based tools using shared PROG_ARRAY maps.

tl;dr: Linux 6.18 and later disallows mixing attach types within the same program array.

If your application uses a pinned program array, you may need to manually change the attach type of your XDP programs to AttachNone before they are loaded to ensure they can still be inserted into maps containing pre-upgrade programs.

The same goes for BPF links. If you're updating an XDP link created by an older version of ebpf-go, you need to ensure your XDP program is loaded with the same attach type the link was initially created with, or updating will fail with EINVAL.

For an example of how to deal with this change, here's the the Cilium PR that implemented logic to try both attach types when updating links.

Windows helper function rename

ebpf-for-windows was upgraded from 0.21.0 to v1.0.0-rc1. efW made breaking changes to the names of helper functions, our API has been updated to match:

New Features

  • Struct ops — The ELF reader can now parse struct ops sections, building MapSpecs and resolving function-pointer members. link.AttachStructOps has been added to allow attaching a StructOpsMap as a link. A sched_ext example can be found here.
  • Weak symbol & ELF linking — Programs and maps defined as weak symbols are now fully supported. The ELF reader performs per-symbol decoding for both ProgramSpec and MapSpec, meaning linked objects (produced via bpftool gen object) are now handled correctly.
  • BTF type deduplication — btf.Builder can now deduplicate types while generating a BTF blob. Deduplication can be enabled by passing BuilderOptions to NewBuilder with the Deduplication field set to true.
  • ProgramSpec.Compatible was added — ProgramSpec.Tag is now deprecated. The new ProgramSpec.Compatible method compares a loaded program's tag against both SHA-1 and SHA-256 hashes of the spec, ensuring correct behaviour across kernels — including kernel v6.18+, which switched to SHA-256 for program hashing.
  • ProgramInfo improvements — The program name as reported by ProgramInfo.Name is now sourced from BTF func info when available to provide the full program name if it's longer than 15 bytes.
  • LinkInfo improvements — Added a number of methods and types related to reading back link info.
  • Reverse symbol lookup — Added Executable.Symbol to resolve addresses to a symbol and relative offset.
  • Uprobe/kprobe link feature probing — HaveBPFLinkKprobeMulti, HaveBPFLinkUprobeMulti, and HaveBPFLinkKprobeSession are now exported from the features package, making it easier to probe for multi-attach support before loading programs.
  • Program run batching — A new RunOptions.BatchSize option has been added to support batching when running programs.

Bug Fixes

  • Allow weak kfuncs loading without CAP_SYS_ADMIN — Loading programs with weak kfuncs on kernels that don't have the kfunc no longer fails with "operation not permitted" when the caller lacks CAP_SYS_ADMIN. The permission error is now treated as "not found" for weak kfuncs.
  • ELF reader nil panic — Fixed a panic that could occur when loading an ELF without BTF due to a nil extInfo pointer. Along with the fix, a suite of regression tests was added that exercises the core loader logic with non-BTF ELFs as well.
  • QueryResult.HaveLinkInfo heuristic — The heuristic has been updated to check for at least one attached program with a non-zero link ID, fixing a false positive introduced by a kernel change that began populating the revision field for cgroup queries.
  • Windows map/program count — Increased the default map and program count on Windows to reduce failures when loading collections with more maps than previously allocated.

More breaking changes

Deprecations

In this release we have removed a number of features which had been deprecated for a while.

Breaking changes to Memory, Variable and VariableSpec
Breaking changes to link info
Breaking changes to BTF API

We exported methods and types from the btf package. This allowed us to directly assign BTF func info, line info and CO-RE relocations to instructions from outside of the btf package, making some methods unneeded and thus got removed.

What's Changed

New Contributors

Full Changelog: cilium/ebpf@v0.20.0...v0.21.0

actions/go-versions (go)

v1.26.1: 1.26.1

Compare Source

Go 1.26.1

softprops/action-gh-release (softprops/action-gh-release)

v2.6.1

Compare Source

2.6.1 is a patch release focused on restoring linked discussion thread creation when
discussion_category_name is set. It fixes #764, where the draft-first publish flow
stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

v2.6.0

Compare Source

2.6.0 is a minor release centered on previous_tag support for generate_release_notes,
which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range.
It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync,
a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where
GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉
Bug fixes 🐛
Other Changes 🔄

v2.5.3

Compare Source

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2.
It fixes #639, #571, #280, #614, #311, #403, and #368.
It also adds documentation clarifications for #541, #645, #542, #393, and #411,
where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛
Other Changes 🔄
  • docs: clarify token precedence by @​chenrui333 in #​752
  • docs: clarify GitHub release limits by @​chenrui333 in #​758
  • documentation clarifications for empty-token handling, preserve_order, and special-character asset filename behavior

Full Changelog: softprops/action-gh-release@v2...v2.5.3

v2.5.2

Compare Source

2.5.2 is a patch release focused on the remaining release-creation and prerelease regressions in the 2.5.x bug-fix cycle.
It fixes #705, fixes #708, fixes #740, fixes #741, and fixes #722.
Regression testing covers the shared-tag race, prerelease event behavior, dotfile asset labels,
same-filename concurrent uploads, and blocked-tag cleanup behavior.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

New Contributors

Full Changelog: softprops/action-gh-release@v2...v2.5.2

v2.5.1

Compare Source

2.5.1 is a patch release focused on regressions introduced in 2.5.0 and on release lookup reliability.
It fixes #713, addresses #703, and fixes #724. Regression testing shows that
current master no longer reproduces the finalize-race behavior reported in #704 and #709.

What's Changed

Bug fixes 🐛
Other Changes 🔄
  • dependency updates, including the ESM/runtime compatibility refresh in #​731

New Contributors

Full Changelog: softprops/action-gh-release@v2...v2.5.1


Configuration

📅 Schedule: Branch creation - "on friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from a team as a code owner March 6, 2026 01:48
@renovate renovate Bot requested review from gentoo-root and removed request for a team March 6, 2026 01:48
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 2809acf to 7cfb8fb Compare March 6, 2026 04:56
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 7cfb8fb to c3a8d84 Compare March 11, 2026 01:15
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from c3a8d84 to 7116a98 Compare March 11, 2026 05:15
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 7116a98 to b866d22 Compare March 11, 2026 13:17
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from b866d22 to 13b8c41 Compare March 11, 2026 17:33
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 13b8c41 to 3d484bd Compare March 12, 2026 17:39
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 3d484bd to 7d7c286 Compare March 15, 2026 01:28
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 7d7c286 to 8d1d87a Compare March 15, 2026 04:50
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 8d1d87a to 03ed3d8 Compare March 15, 2026 08:47
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 03ed3d8 to 06640b2 Compare March 15, 2026 20:34
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 06640b2 to 5ce03be Compare March 16, 2026 01:34
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 5ce03be to 1cf898e Compare March 16, 2026 20:39
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 1cf898e to 2afcfeb Compare March 17, 2026 05:03
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 2afcfeb to 8a44b13 Compare March 17, 2026 09:38
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 8a44b13 to 19c8cfe Compare March 17, 2026 13:59
@renovate renovate Bot force-pushed the renovate/all-dependencies branch from 19c8cfe to 07b6267 Compare March 17, 2026 21:04
@brb brb merged commit 7153bbd into main Mar 18, 2026
9 of 10 checks passed
@brb brb deleted the renovate/all-dependencies branch March 18, 2026 09:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants