Bump the go group in /api with 5 updates #39002

dependabot · 2024-03-05T23:08:09Z

Bumps the go group in /api with 5 updates:

Package	From	To
github.com/stretchr/testify	`1.8.4`	`1.9.0`
golang.org/x/crypto	`0.19.0`	`0.21.0`
golang.org/x/net	`0.21.0`	`0.22.0`
golang.org/x/term	`0.17.0`	`0.18.0`
google.golang.org/grpc	`1.62.0`	`1.62.1`

Updates github.com/stretchr/testify from 1.8.4 to 1.9.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.9.0

What's Changed

Fix Go modules version by @SuperQ in stretchr/testify#1394

Document that require is not safe to call in created goroutines by @programmer04 in stretchr/testify#1392

Remove myself from MAINTAINERS.md by @mvdkleijn in stretchr/testify#1367

Correct spelling/grammar by @echarrod in stretchr/testify#1389

docs: Update URLs in README by @davidjb in stretchr/testify#1349

Update mockery link to Github Pages in README by @LandonTClipp in stretchr/testify#1346

docs: Fix typos in tests and comments by @alexandear in stretchr/testify#1410

CI: tests from go1.17 by @SuperQ in stretchr/testify#1409

Fix adding ? when no values passed by @lesichkovm in stretchr/testify#1320

codegen: use standard header for generated files by @dolmen in stretchr/testify#1406

mock: AssertExpectations log reason only on failure by @hikyaru-suzuki in stretchr/testify#1360

assert: fix flaky TestNeverTrue by @dolmen in stretchr/testify#1417

README: fix typos "set up" vs "setup" by @ossan-dev in stretchr/testify#1428

mock: move regexp compilation outside of Called by @aud10slave in stretchr/testify#631

assert: refactor internal func getLen() by @dolmen in stretchr/testify#1445

mock: deprecate type AnythingOfTypeArgument (#1434) by @dolmen in stretchr/testify#1441

Remove no longer needed assert.canConvert by @alexandear in stretchr/testify#1470

assert: ObjectsAreEqual: use time.Equal for time.Time types by @tscales in stretchr/testify#1464

Bump actions/checkout from 3 to 4 by @dependabot in stretchr/testify#1466

Bump actions/setup-go from 3.2.0 to 4.1.0 by @dependabot in stretchr/testify#1451

fix: make EventuallyWithT concurrency safe by @czeslavo in stretchr/testify#1395

assert: fix httpCode and HTTPBody occur panic when http.Handler read Body by @hidu in stretchr/testify#1484

assert.EqualExportedValues: fix handling of arrays by @zrbecker in stretchr/testify#1473

.github: use latest Go versions by @kevinburkesegment in stretchr/testify#1489

assert: Deprecate EqualExportedValues by @HaraldNordgren in stretchr/testify#1488

suite: refactor test assertions by @alexandear in stretchr/testify#1474

suite: fix SetupSubTest and TearDownSubTest execution order by @linusbarth in stretchr/testify#1471

docs: Fix deprecation comments for http package by @alexandear in stretchr/testify#1335

Add map support doc comments to Subset and NotSubset by @jedevc in stretchr/testify#1306

TestErrorIs/TestNotErrorIs: check error message contents by @craig65535 in stretchr/testify#1435

suite: fix subtest names (fix #1501) by @dolmen in stretchr/testify#1504

assert: improve unsafe.Pointer tests by @dolmen in stretchr/testify#1505

assert: simplify isNil implementation by @dolmen in stretchr/testify#1506

assert.InEpsilonSlice: fix expected/actual order and other improvements by @dolmen in stretchr/testify#1483

Fix dependency cycle with objx #1292 by @dolmen in stretchr/testify#1453

mock: refactor TestIsArgsEqual by @dolmen in stretchr/testify#1444

mock: optimize argument matching checks by @dolmen in stretchr/testify#1416

assert: fix TestEventuallyTimeout by @dolmen in stretchr/testify#1412

CI: add go 1.21 in GitHub Actions by @dolmen in stretchr/testify#1450

suite: fix recoverAndFailOnPanic to report test failure at the right location by @dolmen in stretchr/testify#1502

Update maintainers by @brackendawson in stretchr/testify#1533

assert: Fix EqualValues to handle overflow/underflow by @arjunmahishi in stretchr/testify#1531

assert: better formatting for Len() error by @kevinburkesegment in stretchr/testify#1485

Ensure AssertExpectations does not fail in skipped tests by @ianrose14 in stretchr/testify#1331

suite: fix deadlock in suite.Require()/Assert() by @arjunmahishi in stretchr/testify#1535

Revert "assert: ObjectsAreEqual: use time.Equal for time.Time type" by @brackendawson in stretchr/testify#1537

[chore] Add issue templates by @arjunmahishi in stretchr/testify#1538

Update the build status badge by @brackendawson in stretchr/testify#1540

... (truncated)

Commits

bb548d0 Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...
814075f build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2
e045612 Merge pull request #1339 from bogdandrutu/uintptr
5b6926d Merge pull request #1385 from hslatman/not-implements
9f97d67 Merge pull request #1550 from stretchr/release-notes
bcb0d3f Include the auto-release notes in releases
fb770f8 Merge pull request #1247 from ccoVeille/typos
85d8bb6 fix typos in comments, tests and github templates
e2741fa Merge pull request #1548 from arjunmahishi/msgAndArgs
6e59f20 http_assertions: assert that the msgAndArgs actually works in tests
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.19.0 to 0.21.0

Commits

7067223 go.mod: update golang.org/x dependencies
0d2316b ssh/test: work around for TestCiphers failures on macOS
0aab8d0 all: update go.mod x/net dependency
5bead59 ocsp: don't use iota for externally defined constants
1a86580 x/crypto/internal/poly1305: improve sum_ppc64le.s
1c981e6 ssh/test: don't use DSA keys in integrations tests, update test RSA key
62c9f17 x509roots/nss: manually exclude a confusingly constrained root
See full diff in compare view

Updates golang.org/x/net from 0.21.0 to 0.22.0

Commits

7ee34a0 go.mod: update golang.org/x dependencies
c289c7a websocket: re-add documentation for DialConfig
9fb4a8c http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum octets
3dfd003 websocket: add support for dialing with context
fa11427 quic: move package out of internal
591be7f quic: fix UDP on big-endian Linux, tests on various architectures
34cc446 quic: temporarily disable networking tests failing on various platforms
4bdc6df quic: expand package docs, and document Stream
22cbde9 quic: set ServerName in client connection TLSConfig
57e4cc7 quic: handle PATH_CHALLENGE and PATH_RESPONSE frames
Additional commits viewable in compare view

Updates golang.org/x/term from 0.17.0 to 0.18.0

Commits

c5eaf76 go.mod: update golang.org/x dependencies
See full diff in compare view

Updates google.golang.org/grpc from 1.62.0 to 1.62.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.62.1

Bug Fixes

xds: fix a bug that results in no matching virtual host found RPC errors due to a difference between the target and LDS resource names (#6997)

server: fixed stats handler data InPayload.Length for unary RPC calls (#6766)

Special Thanks: @hueypark

grpc: the experimental RecvBufferPool DialOption and ServerOption are now active during unary RPCs with compression (#6766)

Special Thanks: @hueypark

grpc: trim whitespaces in accept-encoding header before determining compressors

Special Thanks: @sercand

Commits

9952aa8 Change version to 1.62.1 (#7020)
d7334c4 fix enabling compression by trimming whitespaces in accept encoding header (#...
d076e14 rpc_util: Fix RecvBufferPool deactivation issues (#6766)
9d981b0 cherry-pick #6997 to 1.62.x release branch (#6979) (#7018)
7c4b553 Switch version to 1.62.1-dev (#6995)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

codingllama · 2024-03-06T14:45:27Z

I've just triggered another run on the "/" go.mod. Let's see if it works alright this time.

rosstimothy · 2024-03-06T16:30:04Z

It still looks like we are only getting AWS updates for the root module

codingllama · 2024-03-06T16:53:03Z

It still looks like we are only getting AWS updates for the root module

I could spot the following relevant messages in bot logs (https://github.com/gravitational/teleport/network/updates/796707134):

updater | 2024/03/06 14:45:23 INFO <job_796707134> Starting update group for 'go'
updater | 2024/03/06 14:48:29 INFO <job_796707134> Creating a pull request for 'go'

updater | 2024/03/06 14:50:49 INFO <job_796707134> Starting update group for 'aws'
updater | 2024/03/06 14:51:30 INFO <job_796707134> Creating a pull request for 'aws'
# Note: this materialized as https://github.com/gravitational/teleport/pull/39022.

updater | 2024/03/06 15:08:27 INFO <job_796707134> Starting update group for 'k8s'
updater | 2024/03/06 15:08:31 INFO <job_796707134> Nothing to update for Dependency Group: 'k8s'

updater | 2024/03/06 15:08:31 INFO <job_796707134> Starting update group for 'otel'
updater | 2024/03/06 15:08:34 INFO <job_796707134> Nothing to update for Dependency Group: 'otel'

My theory is that the next group is overriding the previous, so in this case we only get 'aws' while we should be getting 'go' and 'aws'. Could be a bug, but who knows how this is meant to work. I don't wanna throw even more time at it right now, so maybe it's best to just revert the configs to before any of my grouping attempts. 🤷‍♂️

Bumps the go group in /api with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.8.4` | `1.9.0` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.19.0` | `0.21.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.21.0` | `0.22.0` | | [golang.org/x/term](https://github.com/golang/term) | `0.17.0` | `0.18.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.62.0` | `1.62.1` | Updates `github.com/stretchr/testify` from 1.8.4 to 1.9.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) Updates `golang.org/x/crypto` from 0.19.0 to 0.21.0 - [Commits](golang/crypto@v0.19.0...v0.21.0) Updates `golang.org/x/net` from 0.21.0 to 0.22.0 - [Commits](golang/net@v0.21.0...v0.22.0) Updates `golang.org/x/term` from 0.17.0 to 0.18.0 - [Commits](golang/term@v0.17.0...v0.18.0) Updates `google.golang.org/grpc` from 1.62.0 to 1.62.1 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.62.0...v1.62.1) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com>

codingllama · 2024-03-07T16:48:24Z

I finally caved and updated the root modules by hand. PTAL @rosstimothy @zmb3.

dependabot bot added dependencies Pull requests that update a dependency file go Issues related to Go builds/tooling no-changelog Indicates that a PR does not require a changelog entry labels Mar 5, 2024

dependabot bot requested review from codingllama, jentfoo, rosstimothy and zmb3 March 5, 2024 23:08

jentfoo approved these changes Mar 5, 2024

View reviewed changes

codingllama approved these changes Mar 6, 2024

View reviewed changes

jentfoo approved these changes Mar 6, 2024

View reviewed changes

codingllama mentioned this pull request Mar 6, 2024

fix: Remove multiple group attempts from Dependabot #39025

Merged

dependabot bot force-pushed the dependabot/go_modules/api/go-7dbd253ec1 branch from 0b2c059 to 8357332 Compare March 7, 2024 14:23

Bump root modules

6e4fa03

codingllama added this pull request to the merge queue Mar 7, 2024

codingllama removed this pull request from the merge queue due to a manual request Mar 7, 2024

jakule approved these changes Mar 7, 2024

View reviewed changes

public-teleport-github-review-bot bot removed request for zmb3 and rosstimothy March 7, 2024 21:30

codingllama added this pull request to the merge queue Mar 7, 2024

tigrato approved these changes Mar 7, 2024

View reviewed changes

Merged via the queue into master with commit 825f474 Mar 7, 2024
36 checks passed

codingllama deleted the dependabot/go_modules/api/go-7dbd253ec1 branch March 7, 2024 22:08

This was referenced Mar 27, 2024

[v14] Update github.com/stretchr/testify to latest to fix data race #39919

Merged

[v15] Update github.com/stretchr/testify to latest to fix data race #39917

Merged

Joerger mentioned this pull request Mar 27, 2024

[v13] Update github.com/stretchr/testify to latest to fix data race #39920

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go group in /api with 5 updates #39002

Bump the go group in /api with 5 updates #39002

dependabot bot commented on behalf of github Mar 5, 2024 •

edited

codingllama commented Mar 6, 2024

rosstimothy commented Mar 6, 2024

codingllama commented Mar 6, 2024

codingllama commented Mar 7, 2024

Bump the go group in /api with 5 updates #39002

Bump the go group in /api with 5 updates #39002

Conversation

dependabot bot commented on behalf of github Mar 5, 2024 • edited

v1.9.0

What's Changed

Release 1.62.1

Bug Fixes

codingllama commented Mar 6, 2024

rosstimothy commented Mar 6, 2024

codingllama commented Mar 6, 2024

codingllama commented Mar 7, 2024

dependabot bot commented on behalf of github Mar 5, 2024 •

edited