Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all dependencies #238

Merged
merged 1 commit into from
Sep 9, 2024
Merged

chore(deps): update all dependencies #238

merged 1 commit into from
Sep 9, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 21, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@aptre/common 0.18.4 -> 0.18.5 age adoption passing confidence devDependencies patch
github.com/aperturerobotics/common v0.18.4 -> v0.18.5 age adoption passing confidence require patch
github.com/aperturerobotics/starpc v0.33.9 -> v0.33.11 age adoption passing confidence require patch
github.com/coder/websocket e46e020 -> 3dd723a require digest
github.com/libp2p/go-libp2p v0.36.2 -> v0.36.3 age adoption passing confidence require patch
github.com/nats-io/nats-server/v2 v2.10.18 -> v2.10.20 age adoption passing confidence require patch
github.com/quic-go/quic-go v0.46.0 -> v0.47.0 age adoption passing confidence require minor
github/codeql-action v3.26.3 -> v3.26.6 age adoption passing confidence action patch
golang.org/x/crypto v0.26.0 -> v0.27.0 age adoption passing confidence require minor
golang.org/x/exp 0cdaa3a -> e7e105d age adoption passing confidence require digest
starpc 0.33.9 -> 0.33.11 age adoption passing confidence dependencies patch

Release Notes

aperturerobotics/common (@​aptre/common)

v0.18.5

Compare Source

aperturerobotics/starpc (github.com/aperturerobotics/starpc)

v0.33.11

Compare Source

v0.33.10

Compare Source

libp2p/go-libp2p (github.com/libp2p/go-libp2p)

v0.36.3

Compare Source

What's Changed

New Contributors

Full Changelog: libp2p/go-libp2p@v0.36.2...v0.36.3

nats-io/nats-server (github.com/nats-io/nats-server/v2)

v2.10.20

Compare Source

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version
  • 1.22.6
Fixed

JetStream

  • Fix regression in KV CAS operations on R=1 replicas introduced in v2.10.19 (#​5841) Thanks to @​cbrewster for the report!
Complete Changes

v2.10.19

Compare Source

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version
  • 1.22.6
Dependencies
Improved

General

  • Reduced allocations in various code paths that check for subscription interest (#​5736, #​5744)
  • Subscription matching for gateways and reply tracking has been optimized (#​5735)
  • Client outbound queues now limit the number of flushed vectors to ensure that very large outbound buffers don’t unfairly compete with write deadlines (#​5750)
  • In client and leafnode results cache, populate new entry after pruning (#​5760)
  • Use newly-available generic sorting functions (#​5757)
  • Set a HTTP read timeout on profiling, monitoring and OCSP HTTP servers (#​5790)
  • Improve behavior of rate-limited warning logs (#​5793)
  • Use dedicated queues for the handling of statsz and profilez system events (#​5816)

Clustering

  • Reduce the chances of implicit routes being duplicated (#​5602)

JetStream

  • Optimize LoadNextMsg for wildcard consumers that are consuming over a large subject space (#​5710)
  • When sync/sync_interval is set to always, metadata files for streams and consumers are now written using O_SYNC to guarantee flushes to disk (#​5729)
  • Walking an entire subject tree is now faster and allocates less (#​5734)
  • Try to snapshot stream state when a change in the clustered last failed sequence is detected (#​5812)
  • Message blocks are no longer loaded into memory unnecessarily when checking if we can skip ahead when loading the next message (#​5819)
  • Don’t attempt to re-compact blocks that cannot be compacted, reducing unnecessary CPU usage and disk I/Os (#​5831)

Monitoring

  • Add StreamLeaderOnly filter option to return replica results only for groups for which that node is the leader (#​5704)
  • The profilez API endpoint in the system account can now acquire and return CPU profiles (#​5743)

Miscellaneous

Fixed

General

  • Fixed a panic when looking up the account for a client (#​5713)
  • The ClientURL() function now returns correctly formatted IPv6 host literals (#​5725)
  • Fixed incorrect import cycle warnings when subject mapping is in use (#​5755)
  • A race condition that could cause slow consumers to leave behind subscription interest after the connection has been closed has been fixed (#​5754)
  • Corrected an off-by-one condition when growing to or shrinking from node48 in the subject tree (#​5826)

JetStream

  • Retention issue that could cause messages to be incorrectly removed on a WorkQueuePolicy stream when consumers did not cover the entire subject space (#​5697)
  • Fixed a panic when calling the raftz endpoint during shutdown (#​5672)
  • Don’t delete NRG group persistent state on disk when failing to create subscriptions (#​5687)
  • Fixed behavior when checking for the first block that matches a consumer subject filter (#​5709)
  • Reduce the number of compactions made on filestore blocks due to deleted message tombstones (#​5719)
  • Fixed maximum messages per subject exceeded unexpected error on streams using a max messages per subject limit of 1 and discard new retention policy (#​5761)
  • Fixed bad meta state on restart that could cause deletion of assets (#​5767)
  • Fixed R1 streams exceeding quota limits (#​5771)
  • Return the correct sequence for a duplicated message on an interest policy stream when there is no interest (#​5818)
  • Fixed setting the consumer start sequence when that sequence does not yet appear in the stream (#​5785)
  • Connection type in scoped signing keys are now honored correctly (#​5789)
  • Expected last sequence per subject logic has now been harmonized across clustered stream leaders and followers, fixing a potential drift (#​5794)
  • Stream snapshots are now always installed correctly on graceful shutdown (#​5809)
  • A data race between consumer and stream updates has been resolved (#​5820)
  • Avoid increasing the cluster last failed sequence when the message was likely deleted (#​5821)

Leafnodes

  • Leafnode connections will now be rejected when the cluster name contains spaces (#​5732)
Complete Changes
quic-go/quic-go (github.com/quic-go/quic-go)

v0.47.0

Compare Source

New Features

This release adds support for HTTP/3 Trailers, for both the server and the client side (#​4581, #​4630, #​4656, #​4639). Trailers work exactly the same way as for HTTP/1.1 and HTTP/2.

A big thank you to @​sudorandom for contributing this feature!

Fixes

  • idle timeout calculation when the peer sends a max_idle_timeout of 0 (or omits the transport parameter): #​4666
  • fix handling of corrupted coalesced 1-RTT packets: #​4663
  • qpack: don't reject literal field lines with name references if N bit is set to 1: https://github.com/quic-go/qpack/pull/52
  • http3: correctly set the http.Response.ContentLength on responses that don't set the Content-Length header: #​4645
  • http3: reject connection-specific header fields (Connection, Keep-Alive, Proxy-Connection, Transfer-Encoding, Upgrade and TE != "trailers"): #​4646, #​4655

Breaking Changes

  • quic.VersionNumber and logging.VersionNumber were removed: #​4627

Heads-Up

@​sukunrt recently discovered and reported a race condition in the new time.Timer stopping logic introduced in Go 1.23. This manifests as a connection deadlock in quic-go. See #​4659 and https://github.com/golang/go/issues/69312 for more details. The new behavior is enabled when compiling with Go 1.23.x, and when the Go version in go.mod is set to Go 1.23.x.

Until this issue is fixed, it is recommended to either use Go 1.22.x, or to use GODEBUG="asynctimerchan=1" when compiling quic-go.

Changelog

New Contributors

Full Changelog: quic-go/quic-go@v0.46.0...v0.47.0

github/codeql-action (github/codeql-action)

v3.26.6

Compare Source

v3.26.5

Compare Source

v3.26.4

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@socket-security Socket Security
Copy link

socket-security bot commented Aug 21, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@aptre/common@0.18.5 None 0 179 kB paralin
npm/@noble/curves@1.6.0 None 0 1.6 MB paulmillr
npm/@noble/hashes@1.5.0 None 0 837 kB paulmillr
npm/@rollup/rollup-android-arm-eabi@4.21.2 None 0 1.48 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-android-arm64@4.21.2 None 0 2.1 MB lukastaegert
npm/@rollup/rollup-darwin-arm64@4.21.2 None 0 2.21 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-darwin-x64@4.21.2 None 0 2.36 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-arm-gnueabihf@4.21.2 None 0 2.21 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-arm-musleabihf@4.21.2 None 0 2.21 MB lukastaegert
npm/@rollup/rollup-linux-arm64-gnu@4.21.2 None 0 2.22 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-arm64-musl@4.21.2 None 0 2.12 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-powerpc64le-gnu@4.21.2 None 0 2.76 MB lukastaegert
npm/@rollup/rollup-linux-riscv64-gnu@4.21.2 None 0 2.31 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-s390x-gnu@4.21.2 None 0 3.86 MB lukastaegert
npm/@rollup/rollup-linux-x64-gnu@4.21.2 None 0 2.48 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-linux-x64-musl@4.21.2 None 0 2.47 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-win32-arm64-msvc@4.21.2 None 0 2.73 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-win32-ia32-msvc@4.21.2 None 0 2.49 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@rollup/rollup-win32-x64-msvc@4.21.2 None 0 3.3 MB guybedford, lukastaegert, rich_harris, ...1 more
npm/@types/node@22.5.4 None 0 2.2 MB types
npm/@typescript-eslint/eslint-plugin@8.4.0 None 0 2.62 MB jameshenry
npm/@typescript-eslint/parser@8.4.0 None 0 18.9 kB bradzacher, jameshenry
npm/@typescript-eslint/scope-manager@8.4.0 None 0 602 kB jameshenry
npm/@typescript-eslint/type-utils@8.4.0 None 0 114 kB jameshenry
npm/@typescript-eslint/types@8.4.0 None 0 171 kB jameshenry
npm/@typescript-eslint/typescript-estree@8.4.0 None 0 587 kB jameshenry
npm/@typescript-eslint/utils@8.4.0 None 0 282 kB jameshenry
npm/@typescript-eslint/visitor-keys@8.4.0 None 0 19.5 kB jameshenry
npm/debug@4.3.7 environment 0 42.1 kB qix
npm/micromatch@4.0.8 None 0 56.6 kB doowb
npm/ms@2.1.3 None 0 6.72 kB styfle
npm/picocolors@1.1.0 environment 0 11.4 kB alexeyraspopov
npm/postcss@8.4.45 environment, filesystem 0 200 kB ai
npm/rollup@4.21.2 None 0 2.27 MB eventualbuddha, lukastaegert, rich_harris, ...2 more
npm/starpc@0.33.11 None 0 389 kB paralin
npm/tslib@2.7.0 None 0 86.2 kB typescript-bot
npm/vite@5.4.3 environment, eval, filesystem, network, shell, unsafe 0 3.26 MB vitebot

🚮 Removed packages: npm/@aptre/common@0.18.4), npm/@noble/curves@1.5.0), npm/@noble/hashes@1.4.0), npm/@rollup/rollup-android-arm-eabi@4.21.0), npm/@rollup/rollup-android-arm64@4.21.0), npm/@rollup/rollup-darwin-arm64@4.21.0), npm/@rollup/rollup-darwin-x64@4.21.0), npm/@rollup/rollup-linux-arm-gnueabihf@4.21.0), npm/@rollup/rollup-linux-arm-musleabihf@4.21.0), npm/@rollup/rollup-linux-arm64-gnu@4.21.0), npm/@rollup/rollup-linux-arm64-musl@4.21.0), npm/@rollup/rollup-linux-powerpc64le-gnu@4.21.0), npm/@rollup/rollup-linux-riscv64-gnu@4.21.0), npm/@rollup/rollup-linux-s390x-gnu@4.21.0), npm/@rollup/rollup-linux-x64-gnu@4.21.0), npm/@rollup/rollup-linux-x64-musl@4.21.0), npm/@rollup/rollup-win32-arm64-msvc@4.21.0), npm/@rollup/rollup-win32-ia32-msvc@4.21.0), npm/@rollup/rollup-win32-x64-msvc@4.21.0), npm/@types/node@22.4.1), npm/@typescript-eslint/eslint-plugin@8.2.0), npm/@typescript-eslint/parser@8.2.0), npm/@typescript-eslint/scope-manager@8.2.0), npm/@typescript-eslint/type-utils@8.2.0), npm/@typescript-eslint/types@8.2.0), npm/@typescript-eslint/typescript-estree@8.2.0), npm/@typescript-eslint/utils@8.2.0), npm/@typescript-eslint/visitor-keys@8.2.0), npm/debug@4.3.6), npm/dir-glob@3.0.1), npm/globby@11.1.0), npm/micromatch@4.0.7), npm/ms@2.1.2), npm/picocolors@1.0.1), npm/postcss@8.4.41), npm/rollup@4.21.0), npm/slash@3.0.0), npm/starpc@0.33.9), npm/tslib@2.6.3), npm/vite@5.4.1)

View full report↗︎

@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from b4a34f1 to 959ea99 Compare August 28, 2024 06:34
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 19cb206 to 506a76f Compare September 5, 2024 01:42
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Sep 5, 2024
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 2 additional dependencies were updated

Details:

Package Change
github.com/libp2p/go-yamux/v4 v4.0.2-0.20240322071716-53ef5820bd48 -> v4.0.2-0.20240826150533-e92055b23e0e
golang.org/x/sys v0.24.0 -> v0.25.0

@paralin paralin merged commit 4670eb8 into master Sep 9, 2024
8 checks passed
@paralin paralin deleted the renovate/all branch September 9, 2024 07:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@paralin