Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.2

[dependabot]

Bumps github.com/labstack/echo/v4 from 4.9.1 to 4.10.2.

Release notes

Sourced from github.com/labstack/echo/v4's releases.

v4.10.2

Security

• filepath.Clean behaviour has changed in Go 1.20 - adapt to it #2406
• Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely #2405

Enhancements

• Add more HTTP error values #2277

v4.10.1

Security

• Upgrade deps due to the latest golang.org/x/net vulnerability #2402

Enhancements

• Add new JWT repository to the README #2377
• Return an empty string for ctx.path if there is no registered path #2385
• Add context timeout middleware #2380
• Update link to jaegertracing #2394

v4.10.0

Security

• We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

  JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

• This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

  Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

Enhancements

• Bump x/text to 0.3.8 #2305
• Bump dependencies and add notes about Go releases we support #2336
• Add helper interface for ProxyBalancer interface #2316
• Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
• Refactor func(Context) error to HandlerFunc #2315
• Improve function comments #2329
• Add new method HTTPError.WithInternal #2340
• Replace io/ioutil package usages #2342
• Add staticcheck to CI flow #2343
• Replace relative path determination from proprietary to std #2345
• Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
• Add testcases for some BodyLimit middleware configuration options #2350
• Additional configuration options for RequestLogger and Logger middleware #2341

... (truncated)

Changelog

Sourced from github.com/labstack/echo/v4's changelog.

v4.10.2 - 2023-02-22

Security

• filepath.Clean behaviour has changed in Go 1.20 - adapt to it #2406
• Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UNSAFE usages of wildcard origin + allow cretentials less likely #2405

Enhancements

• Add more HTTP error values #2277

v4.10.1 - 2023-02-19

Security

• Upgrade deps due to the latest golang.org/x/net vulnerability #2402

Enhancements

• Add new JWT repository to the README #2377
• Return an empty string for ctx.path if there is no registered path #2385
• Add context timeout middleware #2380
• Update link to jaegertracing #2394

v4.10.0 - 2022-12-27

Security

• We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

  JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

• This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

  Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

Enhancements

• Bump x/text to 0.3.8 #2305
• Bump dependencies and add notes about Go releases we support #2336
• Add helper interface for ProxyBalancer interface #2316
• Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
• Refactor func(Context) error to HandlerFunc #2315
• Improve function comments #2329

... (truncated)

Commits

• 47844c9 Changelog for v4.10.2
• f909660 Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to make UN...
• ef4aea9 use different variable name so returned function would not accidentally be ab...
• 7c75310 Clean on go1.20 (#2406)
• 04ba8e2 Add more http error values (#2277)
• b888a30 Changelog for v4.10.1
• 2c25767 remediate flaky timeout tests
• a3998ac Upgrade deps due to the latest golang.org/x/net vulnerability
• 45da0f8 remove .travis.yml
• 6b09f3f Update link to jaegertracing
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[ghost]

@dependabot rebase