chore(deps): security update #8203
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com>
slonka
approved these changes
Oct 31, 2023
bartsmykla
pushed a commit
that referenced
this pull request
Jan 14, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | patch | `v4.2.0` -> `v4.2.2` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.2.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v422) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.2.1...v4.2.2) - `url-helper.ts` now leverages well-known environment variables by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1941](https://redirect.github.com/actions/checkout/pull/1941) - Expand unit test coverage for `isGhes` by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1946](https://redirect.github.com/actions/checkout/pull/1946) ### [`v4.2.1`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v421) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.2.0...v4.2.1) - Check out other refs/\* by commit if provided, fall back to ref by [@​orhantoy](https://redirect.github.com/orhantoy) in [https://github.com/actions/checkout/pull/1924](https://redirect.github.com/actions/checkout/pull/1924) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Jan 14, 2025
…#12551) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | patch | `v1.11.0` -> `v1.11.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.1`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.1) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.0...v1.11.1) #### What's Changed ##### Bug Fixes - **deps:** bump the production-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/create-github-app-token/pull/193](https://redirect.github.com/actions/create-github-app-token/pull/193) **Full Changelog**: actions/create-github-app-token@v1.11.0...v1.11.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Jan 20, 2025
…v2.9.1 (#12594) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [marocchino/sticky-pull-request-comment](https://redirect.github.com/marocchino/sticky-pull-request-comment) | action | patch | `v2.9.0` -> `v2.9.1` | --- ### Release Notes #### [`v2.9.1`](https://redirect.github.com/marocchino/sticky-pull-request-comment/releases/tag/v2.9.1) [Compare Source](https://redirect.github.com/marocchino/sticky-pull-request-comment/compare/v2.9.0...v2.9.1) ##### What's Changed - Fix test action by [@​NoRePercussions](https://redirect.github.com/NoRePercussions) in [https://github.com/marocchino/sticky-pull-request-comment/pull/1364](https://redirect.github.com/marocchino/sticky-pull-request-comment/pull/1364) - PR Test Autocomment: Include Errors by [@​NoRePercussions](https://redirect.github.com/NoRePercussions) in [https://github.com/marocchino/sticky-pull-request-comment/pull/1365](https://redirect.github.com/marocchino/sticky-pull-request-comment/pull/1365) - Always move ID comment to end of message by [@​NoRePercussions](https://redirect.github.com/NoRePercussions) in [https://github.com/marocchino/sticky-pull-request-comment/pull/1373](https://redirect.github.com/marocchino/sticky-pull-request-comment/pull/1373) - Update deps ##### New Contributors - [@​NoRePercussions](https://redirect.github.com/NoRePercussions) made their first contribution in [https://github.com/marocchino/sticky-pull-request-comment/pull/1364](https://redirect.github.com/marocchino/sticky-pull-request-comment/pull/1364) **Full Changelog**: marocchino/sticky-pull-request-comment@v2.9.0...v2.9.1 --- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
lukidzi
pushed a commit
that referenced
this pull request
Mar 5, 2025
This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | `v1.70.0` -> `v1.71.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.71.0`](https://redirect.github.com/grpc/grpc-go/releases/tag/v1.71.0): Release 1.71.0 [Compare Source](https://redirect.github.com/grpc/grpc-go/compare/v1.70.0...v1.71.0) ### API Changes - balancer: Custom LB policies that record metrics must use the new `MetricsRecorder` method on `Balancer.ClientConn` instead of the removed `Balancer.BuildOptions.MetricsRecorder` field to obtain a metrics recorder. ([#​8027](https://redirect.github.com/grpc/grpc-go/issues/8027)) - balancer: `balancer.ClientConn` implementations must now embed a delegate implementation. This allows grpc-go to add new methods to the interface and remain backward compatible. ([#​8026](https://redirect.github.com/grpc/grpc-go/issues/8026)) - balancer/endpointsharding: The constructor accepts the child balancer's builder and a struct with optional configuration. ([#​8052](https://redirect.github.com/grpc/grpc-go/issues/8052)) ### New Features - xds: Add support for dualstack via the [additional_addresses](https://redirect.github.com/envoyproxy/envoy/blob/df394a41c8587d1da4e97e156554e93ceee3c720/api/envoy/config/endpoint/v3/endpoint_components.proto#L91-L96) field in the Endpoint resource. To disable this feature, set the environment variable `GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS=false`. ([#​8134](https://redirect.github.com/grpc/grpc-go/issues/8134)) - stats/opentelemetry: Add experimental support for OpenTelemetry tracing. ([#​7852](https://redirect.github.com/grpc/grpc-go/issues/7852)) - xds/internal/xdsclient: Add counter metrics for valid and invalid resource updates. ([#​8038](https://redirect.github.com/grpc/grpc-go/issues/8038)) - balancer/leastrequest, roundrobin: Add dualstack support. ([#​7969](https://redirect.github.com/grpc/grpc-go/issues/7969), [#​7966](https://redirect.github.com/grpc/grpc-go/issues/7966)) - balancer/endpointsharding: Balancers created with the new `DisableAutoReconnect` option will not attempt to call `ExitIdle` automatically on their children when the children report idle. ([#​8052](https://redirect.github.com/grpc/grpc-go/issues/8052)) ### Bug Fixes - client: Fix support for proxies when using `grpc.NewClient` so the target is resolved by the proxy as expected. ([#​7881](https://redirect.github.com/grpc/grpc-go/issues/7881)) - Added `WithLocalDNSResolution()` dial option to explicitly force target resolution on the client instead. ([#​7881](https://redirect.github.com/grpc/grpc-go/issues/7881)) - weightedtarget: Return erroring picker when no targets are configured. ([#​8070](https://redirect.github.com/grpc/grpc-go/issues/8070)) - xds: Fail RPCs with `UNAVAILABLE` when the EDS resource is missing or contains no endpoints ([#​8070](https://redirect.github.com/grpc/grpc-go/issues/8070)) - xdsclient: Fix a bug where connectivity failures were reported to resource watchers before trying all listed servers. ([#​8075](https://redirect.github.com/grpc/grpc-go/issues/8075)) - grpc: Fix the number of bytes reported in the error message when encoded messages are larger than 4GB. ([#​8033](https://redirect.github.com/grpc/grpc-go/issues/8033)) - rls: Fix a bug where RLS channel updates could be lost during startup. ([#​8055](https://redirect.github.com/grpc/grpc-go/issues/8055)) - xds: Fixed a bug preventing tests from creating multiple servers or channels with different bootstrap configs. ([#​8050](https://redirect.github.com/grpc/grpc-go/issues/8050)) - grpc: Fix message length checks when compression is enabled and `maxReceiveMessageSize` is `MaxInt` ([#​7918](https://redirect.github.com/grpc/grpc-go/issues/7918)) - Special Thanks: [@​vinothkumarr227](https://redirect.github.com/vinothkumarr227) ### Documentation - client: Improve documentation of `grpc.NewClient` and `ClientConn.CanonicalTarget` by providing examples. ([#​8078](https://redirect.github.com/grpc/grpc-go/issues/8078)) - examples/features/dualstack: New example demonstrating usage of endpoints and dualstack functionality. ([#​8098](https://redirect.github.com/grpc/grpc-go/issues/8098)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xODUuNCIsInVwZGF0ZWRJblZlciI6IjM5LjE4NS40IiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 11, 2025
…o v4.1.0 (#13048) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/sca](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/sca%404.1.0/security-actions/sca)) | minor | `4.0.1` -> `4.1.0` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/sca)</summary> ### [`v4.1.0`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/sca%404.1.0) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/sca@4.0.1...@security-actions/sca@4.1.0) ##### ✨ Features - **ci:** gha analyzer action for anti-patterns ([#​214](https://redirect.github.com/Kong/public-shared-actions/issues/214)) ([fc095d4](https://redirect.github.com/Kong/public-shared-actions/commit/fc095d45e81a8107a5b710b4b6a67cf4b0cf6aa5)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 11, 2025
…docker-image to v4.1.1 (#13049) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/scan-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/scan-docker-image%404.1.1/security-actions/scan-docker-image)) | minor | `4.0.1` -> `4.1.1` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/scan-docker-image)</summary> ### [`v4.1.1`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/scan-docker-image%404.1.1) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/scan-docker-image@4.1.0...@security-actions/scan-docker-image@4.1.1) ##### ♻️ Chores - **ci:** bump trivy from v0.57.1 to v0.58.2 ([#​225](https://redirect.github.com/Kong/public-shared-actions/issues/225)) ([7091a73](https://redirect.github.com/Kong/public-shared-actions/commit/7091a73d67a08634ec150129ab3d66f3f0244a21)) ### [`v4.1.0`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/sca%404.1.0) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/scan-docker-image@4.0.1...@security-actions/scan-docker-image@4.1.0) ##### ✨ Features - **ci:** gha analyzer action for anti-patterns ([#​214](https://redirect.github.com/Kong/public-shared-actions/issues/214)) ([fc095d4](https://redirect.github.com/Kong/public-shared-actions/commit/fc095d45e81a8107a5b710b4b6a67cf4b0cf6aa5)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 11, 2025
…docker-image to v4.1.0 (#13050) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/sign-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/sign-docker-image%404.1.0/security-actions/sign-docker-image)) | minor | `4.0.1` -> `4.1.0` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/sign-docker-image)</summary> ### [`v4.1.0`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/sca%404.1.0) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/sign-docker-image@4.0.1...@security-actions/sign-docker-image@4.1.0) ##### ✨ Features - **ci:** gha analyzer action for anti-patterns ([#​214](https://redirect.github.com/Kong/public-shared-actions/issues/214)) ([fc095d4](https://redirect.github.com/Kong/public-shared-actions/commit/fc095d45e81a8107a5b710b4b6a67cf4b0cf6aa5)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 5am every weekday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
jijiechen
pushed a commit
that referenced
this pull request
Mar 20, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/upload-artifact](https://redirect.github.com/actions/upload-artifact) | action | patch | `v4.6.1` -> `v4.6.2` | --- ### Release Notes <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.6.2`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.6.2) [Compare Source](https://redirect.github.com/actions/upload-artifact/compare/v4.6.1...v4.6.2) #### What's Changed - Update to use artifact 2.3.2 package & prepare for new upload-artifact release by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [https://github.com/actions/upload-artifact/pull/685](https://redirect.github.com/actions/upload-artifact/pull/685) #### New Contributors - [@​salmanmkc](https://redirect.github.com/salmanmkc) made their first contribution in [https://github.com/actions/upload-artifact/pull/685](https://redirect.github.com/actions/upload-artifact/pull/685) **Full Changelog**: actions/upload-artifact@v4...v4.6.2 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
jijiechen
pushed a commit
that referenced
this pull request
Mar 21, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/sca](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/sca%404.1.1/security-actions/sca)) | patch | `4.1.0` -> `4.1.1` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/sca)</summary> ### [`v4.1.1`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/sca%404.1.1) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/sca@4.1.0...@security-actions/sca@4.1.1) ##### ♻️ Chores - **ci:** pin actions ([#​231](https://redirect.github.com/Kong/public-shared-actions/issues/231)) ([b20e862](https://redirect.github.com/Kong/public-shared-actions/commit/b20e862374458b5a3be19d2934de79e0529e0c88)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 24, 2025
…[security] (#13168) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/golang-jwt/jwt/v5](https://redirect.github.com/golang-jwt/jwt) | `v5.2.1` -> `v5.2.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2025-30204](https://redirect.github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp) ### Summary Function [`parse.ParseUnverified`](https://redirect.github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) currently splits (via a call to [strings.Split](https://pkg.go.dev/strings#Split)) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose _Authorization_ header consists of `Bearer ` followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. Relevant weakness: [CWE-405: Asymmetric Resource Consumption (Amplification)](https://cwe.mitre.org/data/definitions/405.html) ### Details See [`parse.ParseUnverified`](https://redirect.github.com/golang-jwt/jwt/blob/c035977d9e11c351f4c05dfeae193923cbab49ee/parser.go#L138-L139) ### Impact Excessive memory allocation --- ### Release Notes <details> <summary>golang-jwt/jwt (github.com/golang-jwt/jwt/v5)</summary> ### [`v5.2.2`](https://redirect.github.com/golang-jwt/jwt/releases/tag/v5.2.2) [Compare Source](https://redirect.github.com/golang-jwt/jwt/compare/v5.2.1...v5.2.2) #### What's Changed - Fixed GHSA-mh63-6h87-95cp by [@​mfridman](https://redirect.github.com/mfridman) - Fixed some typos by [@​Ashikpaul](https://redirect.github.com/Ashikpaul) in [https://github.com/golang-jwt/jwt/pull/382](https://redirect.github.com/golang-jwt/jwt/pull/382) - build: add go1.22 to ci workflows by [@​mfridman](https://redirect.github.com/mfridman) in [https://github.com/golang-jwt/jwt/pull/383](https://redirect.github.com/golang-jwt/jwt/pull/383) - Bump golangci/golangci-lint-action from 4 to 5 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/golang-jwt/jwt/pull/387](https://redirect.github.com/golang-jwt/jwt/pull/387) - Bump golangci/golangci-lint-action from 5 to 6 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/golang-jwt/jwt/pull/389](https://redirect.github.com/golang-jwt/jwt/pull/389) - chore: bump ci tests to include go1.23 by [@​mfridman](https://redirect.github.com/mfridman) in [https://github.com/golang-jwt/jwt/pull/405](https://redirect.github.com/golang-jwt/jwt/pull/405) - Fix jwt -show by [@​AlexanderYastrebov](https://redirect.github.com/AlexanderYastrebov) in [https://github.com/golang-jwt/jwt/pull/406](https://redirect.github.com/golang-jwt/jwt/pull/406) - docs: typo by [@​kvii](https://redirect.github.com/kvii) in [https://github.com/golang-jwt/jwt/pull/407](https://redirect.github.com/golang-jwt/jwt/pull/407) - Update SECURITY.md by [@​oxisto](https://redirect.github.com/oxisto) in [https://github.com/golang-jwt/jwt/pull/416](https://redirect.github.com/golang-jwt/jwt/pull/416) - Update `jwt.Parse` example to use `jwt.WithValidMethods` by [@​mattt](https://redirect.github.com/mattt) in [https://github.com/golang-jwt/jwt/pull/425](https://redirect.github.com/golang-jwt/jwt/pull/425) #### New Contributors - [@​Ashikpaul](https://redirect.github.com/Ashikpaul) made their first contribution in [https://github.com/golang-jwt/jwt/pull/382](https://redirect.github.com/golang-jwt/jwt/pull/382) - [@​kvii](https://redirect.github.com/kvii) made their first contribution in [https://github.com/golang-jwt/jwt/pull/407](https://redirect.github.com/golang-jwt/jwt/pull/407) - [@​mattt](https://redirect.github.com/mattt) made their first contribution in [https://github.com/golang-jwt/jwt/pull/425](https://redirect.github.com/golang-jwt/jwt/pull/425) **Full Changelog**: golang-jwt/jwt@v5.2.1...v5.2.2 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 24, 2025
) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/onsi/gomega](https://redirect.github.com/onsi/gomega) | `v1.36.2` -> `v1.36.3` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>onsi/gomega (github.com/onsi/gomega)</summary> ### [`v1.36.3`](https://redirect.github.com/onsi/gomega/releases/tag/v1.36.3) [Compare Source](https://redirect.github.com/onsi/gomega/compare/v1.36.2...v1.36.3) #### 1.36.3 ##### Maintenance - bump all the things \[[`adb8b49`](https://redirect.github.com/onsi/gomega/commit/adb8b49)] - chore: replace `interface{}` with `any` \[[`7613216`](https://redirect.github.com/onsi/gomega/commit/7613216)] - Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 ([#​822](https://redirect.github.com/onsi/gomega/issues/822)) \[[`9fe5259`](https://redirect.github.com/onsi/gomega/commit/9fe5259)] - remove spurious "toolchain" from go.mod ([#​819](https://redirect.github.com/onsi/gomega/issues/819)) \[[`a0e85b9`](https://redirect.github.com/onsi/gomega/commit/a0e85b9)] - Bump golang.org/x/net from 0.33.0 to 0.35.0 ([#​823](https://redirect.github.com/onsi/gomega/issues/823)) \[[`604a8b1`](https://redirect.github.com/onsi/gomega/commit/604a8b1)] - Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs ([#​772](https://redirect.github.com/onsi/gomega/issues/772)) \[[`36fbc84`](https://redirect.github.com/onsi/gomega/commit/36fbc84)] - Bump github-pages from 231 to 232 in /docs ([#​778](https://redirect.github.com/onsi/gomega/issues/778)) \[[`ced70d7`](https://redirect.github.com/onsi/gomega/commit/ced70d7)] - Bump rexml from 3.2.6 to 3.3.9 in /docs ([#​788](https://redirect.github.com/onsi/gomega/issues/788)) \[[`c8b4a07`](https://redirect.github.com/onsi/gomega/commit/c8b4a07)] - Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 ([#​812](https://redirect.github.com/onsi/gomega/issues/812)) \[[`06431b9`](https://redirect.github.com/onsi/gomega/commit/06431b9)] - Bump webrick from 1.8.1 to 1.9.1 in /docs ([#​800](https://redirect.github.com/onsi/gomega/issues/800)) \[[`b55a92d`](https://redirect.github.com/onsi/gomega/commit/b55a92d)] - Fix typos ([#​813](https://redirect.github.com/onsi/gomega/issues/813)) \[[`a1d518b`](https://redirect.github.com/onsi/gomega/commit/a1d518b)] </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 24, 2025
…1.1 (#13177) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/sign-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/sign-docker-image%404.1.1/security-actions/sign-docker-image)) | patch | `4.1.0` -> `4.1.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/sign-docker-image)</summary> ### [`v4.1.1`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/sign-docker-image%404.1.1) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/sign-docker-image@4.1.0...@security-actions/sign-docker-image@4.1.1) ##### ♻️ Chores - **ci:** pin actions ([#​231](https://redirect.github.com/Kong/public-shared-actions/issues/231)) ([b20e862](https://redirect.github.com/Kong/public-shared-actions/commit/b20e862374458b5a3be19d2934de79e0529e0c88)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 24, 2025
…1.3 (#13176) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/scan-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/scan-docker-image%404.1.3/security-actions/scan-docker-image)) | patch | `4.1.2` -> `4.1.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/scan-docker-image)</summary> ### [`v4.1.3`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/scan-docker-image%404.1.3) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/scan-docker-image@4.1.2...@security-actions/scan-docker-image@4.1.3) ##### ♻️ Chores - **ci:** pin actions ([#​231](https://redirect.github.com/Kong/public-shared-actions/issues/231)) ([b20e862](https://redirect.github.com/Kong/public-shared-actions/commit/b20e862374458b5a3be19d2934de79e0529e0c88)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 24, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-go](https://redirect.github.com/actions/setup-go) | action | minor | `v5.3.0` -> `v5.4.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.4.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.4.0) [Compare Source](https://redirect.github.com/actions/setup-go/compare/v5.3.0...v5.4.0) ##### What's Changed ##### Dependency updates : - Upgrade semver from 7.6.0 to 7.6.3 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-go/pull/535](https://redirect.github.com/actions/setup-go/pull/535) - Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-go/pull/536](https://redirect.github.com/actions/setup-go/pull/536) - Upgrade [@​action/cache](https://redirect.github.com/action/cache) from 4.0.0 to 4.0.2 by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [https://github.com/actions/setup-go/pull/568](https://redirect.github.com/actions/setup-go/pull/568) - Upgrade undici from 5.28.4 to 5.28.5 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-go/pull/541](https://redirect.github.com/actions/setup-go/pull/541) ##### New Contributors - [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) made their first contribution in [https://github.com/actions/setup-go/pull/568](https://redirect.github.com/actions/setup-go/pull/568) **Full Changelog**: actions/setup-go@v5...v5.4.0 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 25, 2025
…0.4 (#13188) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [sigs.k8s.io/controller-runtime](https://redirect.github.com/kubernetes-sigs/controller-runtime) | `v0.20.3` -> `v0.20.4` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>kubernetes-sigs/controller-runtime (sigs.k8s.io/controller-runtime)</summary> ### [`v0.20.4`](https://redirect.github.com/kubernetes-sigs/controller-runtime/releases/tag/v0.20.4) [Compare Source](https://redirect.github.com/kubernetes-sigs/controller-runtime/compare/v0.20.3...v0.20.4) #### What's Changed - \[release-0.20] 🐛 Restmapper: Respect preferred version by [@​k8s-infra-cherrypick-robot](https://redirect.github.com/k8s-infra-cherrypick-robot) in [https://github.com/kubernetes-sigs/controller-runtime/pull/3159](https://redirect.github.com/kubernetes-sigs/controller-runtime/pull/3159) - \[release-0.20] 🌱 Mention the SkipNameValidation option in the name validation error by [@​k8s-infra-cherrypick-robot](https://redirect.github.com/k8s-infra-cherrypick-robot) in [https://github.com/kubernetes-sigs/controller-runtime/pull/3172](https://redirect.github.com/kubernetes-sigs/controller-runtime/pull/3172) - \[release-0.20] ✨ Controller: Retain the priority by [@​k8s-infra-cherrypick-robot](https://redirect.github.com/k8s-infra-cherrypick-robot) in [https://github.com/kubernetes-sigs/controller-runtime/pull/3173](https://redirect.github.com/kubernetes-sigs/controller-runtime/pull/3173) - \[release-0.20] ✨Add RELEASE_TAG to tools/setup-envtest to show binary version with setup-envtest version by [@​k8s-infra-cherrypick-robot](https://redirect.github.com/k8s-infra-cherrypick-robot) in [https://github.com/kubernetes-sigs/controller-runtime/pull/3175](https://redirect.github.com/kubernetes-sigs/controller-runtime/pull/3175) - \[release-0.20] 🌱 Handlers: Default to LowPriorityWhenUnchanged without a wrapper by [@​alvaroaleman](https://redirect.github.com/alvaroaleman) in [https://github.com/kubernetes-sigs/controller-runtime/pull/3179](https://redirect.github.com/kubernetes-sigs/controller-runtime/pull/3179) **Full Changelog**: kubernetes-sigs/controller-runtime@v0.20.3...v0.20.4 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 26, 2025
…191833-6125a15c637a to v2.2.1 (#13214) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/josephburnett/jd/v2](https://redirect.github.com/josephburnett/jd) | `v2.0.0-20240818191833-6125a15c637a` -> `v2.2.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>josephburnett/jd (github.com/josephburnett/jd/v2)</summary> ### [`v2.2.1`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.2.1) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.2.0...v2.2.1) **Full Changelog**: josephburnett/jd@v2.2.0...v2.2.1 ### [`v2.2.0`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.2.0) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.1.2...v2.2.0) #### What's Changed - Add character-level diff for strings. by [@​roberthoenig](https://redirect.github.com/roberthoenig) in [https://github.com/josephburnett/jd/pull/92](https://redirect.github.com/josephburnett/jd/pull/92) #### New Contributors - [@​roberthoenig](https://redirect.github.com/roberthoenig) made their first contribution in [https://github.com/josephburnett/jd/pull/92](https://redirect.github.com/josephburnett/jd/pull/92) **Full Changelog**: josephburnett/jd@v2.1.2...v2.2.0 ### [`v2.1.2`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.1.2) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.1.1...v2.1.2) [`1644f50`](https://redirect.github.com/josephburnett/jd/commit/1644f50) Set version 2.1.2 [`ab2d2c2`](https://redirect.github.com/josephburnett/jd/commit/ab2d2c2) Merge branch 'master' into release-2.1 [`ae549aa`](https://redirect.github.com/josephburnett/jd/commit/ae549aa) Update action.yml [`66c6936`](https://redirect.github.com/josephburnett/jd/commit/66c6936) Set version 2.1.1 [`711b0c6`](https://redirect.github.com/josephburnett/jd/commit/711b0c6) Merge branch 'master' into release-2.1 [`5ad59f8`](https://redirect.github.com/josephburnett/jd/commit/5ad59f8) Remove unnecessary dir and err [`1a04f2d`](https://redirect.github.com/josephburnett/jd/commit/1a04f2d) Do not include error in output [`7279de5`](https://redirect.github.com/josephburnett/jd/commit/7279de5) Run in github workspace [`ca93531`](https://redirect.github.com/josephburnett/jd/commit/ca93531) Action uses absolute path to jd [`564fa57`](https://redirect.github.com/josephburnett/jd/commit/564fa57) Output with = not :: [`23552d7`](https://redirect.github.com/josephburnett/jd/commit/23552d7) String split args ### [`v2.1.1`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.1.1): v2.1.1 [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.1.0...v2.1.1) New GitHub Action! ### [`v2.1.0`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.1.0) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.0.2...v2.1.0) [`d966630`](https://redirect.github.com/josephburnett/jd/commit/d966630) Set version 2.1.0 [`ae47fa6`](https://redirect.github.com/josephburnett/jd/commit/ae47fa6) Add action version check [`9ad6986`](https://redirect.github.com/josephburnett/jd/commit/9ad6986) Copy from absolute path [`858755a`](https://redirect.github.com/josephburnett/jd/commit/858755a) Use arg 0 to wrap as action [`f048eda`](https://redirect.github.com/josephburnett/jd/commit/f048eda) GitHub output adaptor [`9108c30`](https://redirect.github.com/josephburnett/jd/commit/9108c30) Update git-diff-driver to V2 [`f79e55c`](https://redirect.github.com/josephburnett/jd/commit/f79e55c) Get GOROOT from go env tool [`4147f1d`](https://redirect.github.com/josephburnett/jd/commit/4147f1d) Bump gopkg.in/yaml.v3 from 3.0.0-20200615113413-eeeca48fe776 to 3.0.0 [`0dc0396`](https://redirect.github.com/josephburnett/jd/commit/0dc0396) Update library usage version note ### [`v2.0.2`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.0.2) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.0.1...v2.0.2) [`02bcafc`](https://redirect.github.com/josephburnett/jd/commit/02bcafc) Set version 2.0.2 [`d5c3d0b`](https://redirect.github.com/josephburnett/jd/commit/d5c3d0b) Get GOROOT from go env tool ### [`v2.0.1`](https://redirect.github.com/josephburnett/jd/releases/tag/v2.0.1) [Compare Source](https://redirect.github.com/josephburnett/jd/compare/v2.0.0...v2.0.1) [`ba67648`](https://redirect.github.com/josephburnett/jd/commit/ba67648) Set version 2.0.1 [`e6fa88b`](https://redirect.github.com/josephburnett/jd/commit/e6fa88b) Bump gopkg.in/yaml.v3 from 3.0.0-20200615113413-eeeca48fe776 to 3.0.0 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 31, 2025
….35.0 to v0.36.0 (#13271) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/testcontainers/testcontainers-go](https://redirect.github.com/testcontainers/testcontainers-go) | `v0.35.0` -> `v0.36.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>testcontainers/testcontainers-go (github.com/testcontainers/testcontainers-go)</summary> ### [`v0.36.0`](https://redirect.github.com/testcontainers/testcontainers-go/releases/tag/v0.36.0) [Compare Source](https://redirect.github.com/testcontainers/testcontainers-go/compare/v0.35.0...v0.36.0) ### What's Changed ####⚠️ Breaking Changes - feat(azure)!: add Azurite, EventHubs and ServiceBus in the new Azure module, deprecating the old Azurite module ([#​3008](https://redirect.github.com/testcontainers/testcontainers-go/issues/3008)) [@​mdelapenya](https://redirect.github.com/mdelapenya) > Users of the old Azurite module must update their code to use the new Azure module instead, which contains the same functionality under the `azurite` sub-package. > We took this opportunity to remove the unnecessarily exported `Settings` field from the `Azurite` container type, > so users of the `Azurite` container type must update their code to simply do not use that field. - chore(deps)!: bump github.com/docker/docker from 27.1.1+incompatible to 28.0.1+incompatible ([#​3017](https://redirect.github.com/testcontainers/testcontainers-go/issues/3017)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) > Bumping the Docker package to a newer major version came with lots of benefits, but also some breaking changes. For that reason, users of the following > container methods and types must update their code to use the new types and methods instead: > > - `Container.Inspect`: the return type has been changed from `types.ContainerJSON` to `container.InspectResponse`. > - `Container.State`: the return type has been changed from `types.ContainerState` to `container.State`. > - `DockerProvider.ContainerFromType`: the method signature has been changed to accept a `container.Summary` instead of a `types.Container`. > At the same time, if consuming Docker types or methods, users must update their code to use the new types and methods instead. > As a good rule of thumb, users of the `"github.com/docker/docker/api/types"` package must update their code to use `"github.com/docker/docker/api/types/container"` instead. - chore!: export DockerCompose type in compose package ([#​2953](https://redirect.github.com/testcontainers/testcontainers-go/issues/2953)) [@​jasonyunicorn](https://redirect.github.com/jasonyunicorn) > Users of the deprecated `DockerCompose` type from the `compose` module must update their code to use `DockerComposer` instead. > The former unexported `dockerCompose` type has been renamed to `DockerCompose`. This breaking change was done because returning > an un-exported type from a constructor function limits the flexibility and usability of the returned instance. Callers could use > the exported methods, but could not declare variables of that type, pass instances to other functions, or embed them in structs > without exposing the constructor itself. This breaking change was needed to improve the usability of the `compose` module. - feat!: log package for consistent output ([#​2979](https://redirect.github.com/testcontainers/testcontainers-go/issues/2979)) [@​KenxinKun](https://redirect.github.com/KenxinKun) > Users of the `testcontainers.Logging` variable and the `testcontainers.TestLogger` function must update their code to use the new `log.Default()` logger instance and the `log.TestLogger()` function instead, and > users of the `testcontainers.Logger` interface must update their code to use the new `log.Logger` interface instead. > The new `log` package allows users to set a custom logger instance calling the `log.SetDefault(l log.Logger)` function. > This breaking change was needed to improve the usability of the logging functionality when using the `testcontainers` package. - chore(nats)!: remove variadic arguments from nats ConnectionString ([#​2967](https://redirect.github.com/testcontainers/testcontainers-go/issues/2967)) [@​jasonyunicorn](https://redirect.github.com/jasonyunicorn) > Users of the NATS module and the `ConnectionString` type must remove the variadic arguments from the `ConnectionString` method. This breaking change was needed because those arguments weren't in use. - chore!: rename EnpointSettingsModifier to EndpointSettingsModifier ([#​2941](https://redirect.github.com/testcontainers/testcontainers-go/issues/2941)) [@​NathanBaulch](https://redirect.github.com/NathanBaulch) > We fixed a typo in the exported field of the `ContainerRequest` struct, so users of the `EnpointSettingsModifier` type must update their code to use the `EndpointSettingsModifier` type instead. #### 🔒 Security - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/dynamodb ([#​3059](https://redirect.github.com/testcontainers/testcontainers-go/issues/3059)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/scylladb ([#​3058](https://redirect.github.com/testcontainers/testcontainers-go/issues/3058)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/databend ([#​3055](https://redirect.github.com/testcontainers/testcontainers-go/issues/3055)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.26.0 to 0.33.0 ([#​2961](https://redirect.github.com/testcontainers/testcontainers-go/issues/2961)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) #### 🚀 Features - feat(azure)!: add Azurite, EventHubs and ServiceBus in the new Azure module, deprecating the old Azurite module ([#​3008](https://redirect.github.com/testcontainers/testcontainers-go/issues/3008)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - feat(modules): add dind module ([#​3004](https://redirect.github.com/testcontainers/testcontainers-go/issues/3004)) [@​acouvreur](https://redirect.github.com/acouvreur) - feat: add ScyllaDB module ([#​2992](https://redirect.github.com/testcontainers/testcontainers-go/issues/2992)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - feat(mssql): add WithInitSQL function ([#​2988](https://redirect.github.com/testcontainers/testcontainers-go/issues/2988)) [@​MattiasMTS](https://redirect.github.com/MattiasMTS) - feat(redpanda): add bootstrap user account option ([#​2975](https://redirect.github.com/testcontainers/testcontainers-go/issues/2975)) [@​bojand](https://redirect.github.com/bojand) - feat!: log package for consistent output ([#​2979](https://redirect.github.com/testcontainers/testcontainers-go/issues/2979)) [@​KenxinKun](https://redirect.github.com/KenxinKun) - feat: adds Pinecone module ([#​2955](https://redirect.github.com/testcontainers/testcontainers-go/issues/2955)) [@​mdelapenya](https://redirect.github.com/mdelapenya) #### 🐛 Bug Fixes - fix(valkey): fix port race ([#​2962](https://redirect.github.com/testcontainers/testcontainers-go/issues/2962)) [@​stevenh](https://redirect.github.com/stevenh) - fix(localstack): more reliable legacy tag detection ([#​2936](https://redirect.github.com/testcontainers/testcontainers-go/issues/2936)) [@​NathanBaulch](https://redirect.github.com/NathanBaulch) #### 📖 Documentation - docs: refine texts on how to set the module image ([#​3012](https://redirect.github.com/testcontainers/testcontainers-go/issues/3012)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - docs: correct container variable ([#​3010](https://redirect.github.com/testcontainers/testcontainers-go/issues/3010)) [@​tacerus](https://redirect.github.com/tacerus) - docs: fix typo of grafanalgtm -> grafana-lgtm module package ([#​2999](https://redirect.github.com/testcontainers/testcontainers-go/issues/2999)) [@​ZackarySantana](https://redirect.github.com/ZackarySantana) - docs: remove duplicated options in the customisers lists ([#​2989](https://redirect.github.com/testcontainers/testcontainers-go/issues/2989)) [@​mdelapenya](https://redirect.github.com/mdelapenya) #### 🧹 Housekeeping - chore: dockerise docs build ([#​3060](https://redirect.github.com/testcontainers/testcontainers-go/issues/3060)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix(ci): update sonar script path in the GH actions ([#​3045](https://redirect.github.com/testcontainers/testcontainers-go/issues/3045)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(ci): manage Sonar projects from Github actions ([#​3039](https://redirect.github.com/testcontainers/testcontainers-go/issues/3039)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(sonar): set main as default branch ([#​3038](https://redirect.github.com/testcontainers/testcontainers-go/issues/3038)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix(sonar): run on ubuntu and the lowest Go version ([#​3037](https://redirect.github.com/testcontainers/testcontainers-go/issues/3037)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix(ci): update core path in sonar build ([#​3036](https://redirect.github.com/testcontainers/testcontainers-go/issues/3036)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix: use empty dir for the core ([#​3035](https://redirect.github.com/testcontainers/testcontainers-go/issues/3035)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix: pass secret to the reusable workflow ([#​3034](https://redirect.github.com/testcontainers/testcontainers-go/issues/3034)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(ci): use new GH action for SonarQube ([#​3007](https://redirect.github.com/testcontainers/testcontainers-go/issues/3007)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore: readd dependabot, including a way to refresh the project files for all the modules ([#​2997](https://redirect.github.com/testcontainers/testcontainers-go/issues/2997)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore: enable empty-block from revive ([#​2994](https://redirect.github.com/testcontainers/testcontainers-go/issues/2994)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - fix(ci): exclude mkdocs.yml file and sonar.properties from the changed-modules script ([#​2993](https://redirect.github.com/testcontainers/testcontainers-go/issues/2993)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(ci): run compose module tests against the upstream compose projects ([#​2990](https://redirect.github.com/testcontainers/testcontainers-go/issues/2990)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(ci): add an end job to verify the pipeline finished with success ([#​2991](https://redirect.github.com/testcontainers/testcontainers-go/issues/2991)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(k6): exclude "modules/k6" from the build ([#​2987](https://redirect.github.com/testcontainers/testcontainers-go/issues/2987)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore: enable var-naming from revive (private vars only) ([#​2978](https://redirect.github.com/testcontainers/testcontainers-go/issues/2978)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - fix(ci): use same condition for sonar steps ([#​2974](https://redirect.github.com/testcontainers/testcontainers-go/issues/2974)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - fix: return unique modified modules ([#​2973](https://redirect.github.com/testcontainers/testcontainers-go/issues/2973)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(ci): run lint in a separate build before running the tests ([#​2876](https://redirect.github.com/testcontainers/testcontainers-go/issues/2876)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore: enable unused-parameter from revive ([#​2949](https://redirect.github.com/testcontainers/testcontainers-go/issues/2949)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore: enable use-any from revive ([#​2948](https://redirect.github.com/testcontainers/testcontainers-go/issues/2948)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore: enable var-declaration from revive linter ([#​2942](https://redirect.github.com/testcontainers/testcontainers-go/issues/2942)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore: enable context-as-argument from revive linter ([#​2946](https://redirect.github.com/testcontainers/testcontainers-go/issues/2946)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore: enable early-return, indent-error-flow and superfluous-else from revive linter ([#​2947](https://redirect.github.com/testcontainers/testcontainers-go/issues/2947)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore: recover from panic in `SkipIfProviderIsNotHealthy` test helper function ([#​2939](https://redirect.github.com/testcontainers/testcontainers-go/issues/2939)) [@​jasonyunicorn](https://redirect.github.com/jasonyunicorn) - chore: fix typos ([#​2940](https://redirect.github.com/testcontainers/testcontainers-go/issues/2940)) [@​NathanBaulch](https://redirect.github.com/NathanBaulch) #### 📦 Dependency updates - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/dynamodb ([#​3059](https://redirect.github.com/testcontainers/testcontainers-go/issues/3059)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 ([#​3057](https://redirect.github.com/testcontainers/testcontainers-go/issues/3057)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.5.2 ([#​3052](https://redirect.github.com/testcontainers/testcontainers-go/issues/3052)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/sys from 0.28.0 to 0.31.0 ([#​3056](https://redirect.github.com/testcontainers/testcontainers-go/issues/3056)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump actions/setup-go from 5.3.0 to 5.4.0 ([#​3054](https://redirect.github.com/testcontainers/testcontainers-go/issues/3054)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/scylladb ([#​3058](https://redirect.github.com/testcontainers/testcontainers-go/issues/3058)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump github/codeql-action from 3.28.11 to 3.28.12 ([#​3053](https://redirect.github.com/testcontainers/testcontainers-go/issues/3053)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/databend ([#​3055](https://redirect.github.com/testcontainers/testcontainers-go/issues/3055)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump github.com/docker/buildx from 0.21.2 to 0.21.3 in /modules/compose ([#​3043](https://redirect.github.com/testcontainers/testcontainers-go/issues/3043)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump github.com/containerd/containerd/v2 from 2.0.3 to 2.0.4 in /modules/compose ([#​3042](https://redirect.github.com/testcontainers/testcontainers-go/issues/3042)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - deps(compose): bump compose to v2.34.0 and compose-go to v2.4.9 ([#​3041](https://redirect.github.com/testcontainers/testcontainers-go/issues/3041)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump golang.org/x/net from 0.23.0 to 0.36.0 in /modules/yugabytedb ([#​3040](https://redirect.github.com/testcontainers/testcontainers-go/issues/3040)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps)!: bump github.com/docker/docker from 27.1.1+incompatible to 28.0.1+incompatible ([#​3017](https://redirect.github.com/testcontainers/testcontainers-go/issues/3017)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 in /modules ([#​3033](https://redirect.github.com/testcontainers/testcontainers-go/issues/3033)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump github.com/opencontainers/image-spec from 1.1.0 to 1.1.1, dario.cat/mergo from 1.0.0 to 1.0.1 ([#​3030](https://redirect.github.com/testcontainers/testcontainers-go/issues/3030)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump github/codeql-action from 3.28.0 to 3.28.11 ([#​3014](https://redirect.github.com/testcontainers/testcontainers-go/issues/3014)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 ([#​3013](https://redirect.github.com/testcontainers/testcontainers-go/issues/3013)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(modules): update Weaviate version to v1.29.0 and Weaviate Go client to v5.0.2 ([#​3006](https://redirect.github.com/testcontainers/testcontainers-go/issues/3006)) [@​antas-marcin](https://redirect.github.com/antas-marcin) - chore(deps): bump docker/setup-docker-action from 4.1.0 to 4.2.0 ([#​3002](https://redirect.github.com/testcontainers/testcontainers-go/issues/3002)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(ci): run compose module tests against the upstream compose projects ([#​2990](https://redirect.github.com/testcontainers/testcontainers-go/issues/2990)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - deps: update go version from 1.22.0 to 1.23.0 ([#​2985](https://redirect.github.com/testcontainers/testcontainers-go/issues/2985)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - chore(ollama): bump default version to 0.5.7 ([#​2966](https://redirect.github.com/testcontainers/testcontainers-go/issues/2966)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump actions/checkout from 4.1.7 to 4.2.2 ([#​2971](https://redirect.github.com/testcontainers/testcontainers-go/issues/2971)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump release-drafter/release-drafter from 6.0.0 to 6.1.0 ([#​2970](https://redirect.github.com/testcontainers/testcontainers-go/issues/2970)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 ([#​2969](https://redirect.github.com/testcontainers/testcontainers-go/issues/2969)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - fix(deps): update to github.com/shirou/gopsutil/v4 ([#​2964](https://redirect.github.com/testcontainers/testcontainers-go/issues/2964)) [@​zchee](https://redirect.github.com/zchee) - chore(deps): bump golang.org/x/net from 0.25.0 to 0.33.0 in /modules/pinecone ([#​2963](https://redirect.github.com/testcontainers/testcontainers-go/issues/2963)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golang.org/x/net from 0.26.0 to 0.33.0 ([#​2961](https://redirect.github.com/testcontainers/testcontainers-go/issues/2961)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - deps(fix): include modulegen templates dir in dependabot updates ([#​2956](https://redirect.github.com/testcontainers/testcontainers-go/issues/2956)) [@​mdelapenya](https://redirect.github.com/mdelapenya) - chore(deps): bump docker/setup-docker-action from 4.0.0 to 4.1.0 ([#​2959](https://redirect.github.com/testcontainers/testcontainers-go/issues/2959)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump actions/setup-go from 5.1.0 to 5.3.0 ([#​2957](https://redirect.github.com/testcontainers/testcontainers-go/issues/2957)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 ([#​2958](https://redirect.github.com/testcontainers/testcontainers-go/issues/2958)) @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) - chore(deps): bump golangci-lint to v1.63.4 ([#​2950](https://redirect.github.com/testcontainers/testcontainers-go/issues/2950)) [@​mmorel-35](https://redirect.github.com/mmorel-35) - deps(compose): bump compose (v2.32.2) and compose-go spec (v2.4.7) ([#​2938](https://redirect.github.com/testcontainers/testcontainers-go/issues/2938)) [@​mdelapenya](https://redirect.github.com/mdelapenya) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 31, 2025
…1.4 (#13269) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/scan-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/scan-docker-image%404.1.4/security-actions/scan-docker-image)) | patch | `4.1.3` -> `4.1.4` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/scan-docker-image)</summary> ### [`v4.1.4`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/scan-docker-image%404.1.4) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/scan-docker-image@4.1.3...@security-actions/scan-docker-image@4.1.4) ##### 🐛 Bug Fixes - **ci:** use embedded compliance checks across trivy runs when cache input is specified ([#​239](https://redirect.github.com/Kong/public-shared-actions/issues/239)) ([7ab471c](https://redirect.github.com/Kong/public-shared-actions/commit/7ab471c4eb15591efde88c5ced2a1ba8c8b3b803)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Mar 31, 2025
…12.0 (#13270) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | minor | `v1.11.7` -> `v1.12.0` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.12.0`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.12.0) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.7...v1.12.0) ##### Features - permissions ([#​168](https://redirect.github.com/actions/create-github-app-token/issues/168)) ([0e0aa99](https://redirect.github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Apr 7, 2025
) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/cilium/ebpf](https://redirect.github.com/cilium/ebpf) | `v0.17.3` -> `v0.18.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>cilium/ebpf (github.com/cilium/ebpf)</summary> ### [`v0.18.0`](https://redirect.github.com/cilium/ebpf/releases/tag/v0.18.0) [Compare Source](https://redirect.github.com/cilium/ebpf/compare/v0.17.3...v0.18.0) #### Initial Windows Support This release adds support for eBPF on Windows through the [eBPF for Windows](https://redirect.github.com/microsoft/ebpf-for-windows) runtime. Users must run a recent build of the `main` branch of eBPF for Windows, version 0.20.0 is not supported. See [the documentation](https://ebpf-go.dev/guides/windows-support/) and how to [contribute to the Windows port](https://ebpf-go.dev/contributing/windows/). Supported: - Basic map and program operations - Support for program loading, including native images (.sys files) - Pin operations use Windows-specific global object table instead of bpffs - Support for retrieving program/attach type from GUID Not supported: - Feature tests - BTF - bpf2go - perf - ringbuf - rlimit - pin - Reading Windows ELFs The Windows port is still very new and won't be as performant or stable as the Linux part of the code base. There is also no guarantee of stability at the moment. #### Build System Improvements - Mounting GOCACHE and GOMODCACHE into containers for faster rebuilds with Podman - Added `-verbose` flag to bpf2go and gentypes tools - Verbosity defaults to Make's `V=` environment variable #### Documentation - Added Windows user-facing documentation - Added instructions for working on the Windows port #### Bugfixes - prog: Fixed program loading loop that would run forever if log size was over kernel maximum - prog: Added limits to program load retry attempts - collection: Fixed missing Map.Close in collectionLoader.loadMap - memory: Fixed off-by-one error in bounds check that prevented accessing the last byte of memory segments - map, program: Names passed to kernel are now automatically sanitized #### Breaking Changes ebpf: - Unexported `SanitizeName` function. Map and program names are now automatically sanitized. - The ELF reader now always allows dots in names but will strip them if necessary when making syscalls. This will break users with pinned objects that have dots in their names on kernels which don't support dots. #### What's Changed - windows: testutils changes by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1666](https://redirect.github.com/cilium/ebpf/pull/1666) - go 1.23 by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1676](https://redirect.github.com/cilium/ebpf/pull/1676) - ebpf: implement PossibleCPU on Windows by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1677](https://redirect.github.com/cilium/ebpf/pull/1677) - sys: hint that structs require host layout by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1681](https://redirect.github.com/cilium/ebpf/pull/1681) - info: don't check Runtime in TestStats on arm64 by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1684](https://redirect.github.com/cilium/ebpf/pull/1684) - btf: use iterators by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1682](https://redirect.github.com/cilium/ebpf/pull/1682) - all: force consistent line endings by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1687](https://redirect.github.com/cilium/ebpf/pull/1687) - sys: add windows support by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1685](https://redirect.github.com/cilium/ebpf/pull/1685) - memory: fix off-by-one in bounds check by [@​ti-mo](https://redirect.github.com/ti-mo) in [https://github.com/cilium/ebpf/pull/1694](https://redirect.github.com/cilium/ebpf/pull/1694) - btf: disable handle API on windows by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1678](https://redirect.github.com/cilium/ebpf/pull/1678) - CI: remove 4.9 by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1698](https://redirect.github.com/cilium/ebpf/pull/1698) - internal/testutils: make TempBPFFS portable by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1688](https://redirect.github.com/cilium/ebpf/pull/1688) - sys: add type safe Pointer wrapper by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1670](https://redirect.github.com/cilium/ebpf/pull/1670) - fix CI failures on main by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1701](https://redirect.github.com/cilium/ebpf/pull/1701) - link: don't use version comparison in tests by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1700](https://redirect.github.com/cilium/ebpf/pull/1700) - ci: bump gotestsum to v1.12.0 by [@​paulcacheux](https://redirect.github.com/paulcacheux) in [https://github.com/cilium/ebpf/pull/1667](https://redirect.github.com/cilium/ebpf/pull/1667) - Remove myself from CODEOWNERS by [@​mejedi](https://redirect.github.com/mejedi) in [https://github.com/cilium/ebpf/pull/1703](https://redirect.github.com/cilium/ebpf/pull/1703) - ci: speed up test of bpf2go by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1707](https://redirect.github.com/cilium/ebpf/pull/1707) - ebpf: clean up tests by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1702](https://redirect.github.com/cilium/ebpf/pull/1702) - build(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.5.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1705](https://redirect.github.com/cilium/ebpf/pull/1705) - all: encode platform in type constants by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1689](https://redirect.github.com/cilium/ebpf/pull/1689) - build(deps): bump mkdocs-material from 9.6.1 to 9.6.6 in /docs in the docs group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1706](https://redirect.github.com/cilium/ebpf/pull/1706) - windows: more test / testutils fixups by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1708](https://redirect.github.com/cilium/ebpf/pull/1708) - windows: even more test fixes by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1709](https://redirect.github.com/cilium/ebpf/pull/1709) - ebpf: add Windows support by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1710](https://redirect.github.com/cilium/ebpf/pull/1710) - map: fix problematic error returns by [@​cuishuang](https://redirect.github.com/cuishuang) in [https://github.com/cilium/ebpf/pull/1715](https://redirect.github.com/cilium/ebpf/pull/1715) - efw: configure CRT error reporting by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1716](https://redirect.github.com/cilium/ebpf/pull/1716) - ebpf: support native images on Windows by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1711](https://redirect.github.com/cilium/ebpf/pull/1711) - build(deps): bump jinja2 from 3.1.5 to 3.1.6 in /docs by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1717](https://redirect.github.com/cilium/ebpf/pull/1717) - examples: update map definition to use new format by [@​florianl](https://redirect.github.com/florianl) in [https://github.com/cilium/ebpf/pull/1719](https://redirect.github.com/cilium/ebpf/pull/1719) - collection: don't copy Maps and Programs twice by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1722](https://redirect.github.com/cilium/ebpf/pull/1722) - prog: avoid verifier loop of death by [@​ti-mo](https://redirect.github.com/ti-mo) in [https://github.com/cilium/ebpf/pull/1693](https://redirect.github.com/cilium/ebpf/pull/1693) - features: return ErrNotSupportedOnOS on windows by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1723](https://redirect.github.com/cilium/ebpf/pull/1723) - ebpf: replace `binary.Read` with `binary.Decode` in `sysenc.Unmarshal` by [@​kolesnikovae](https://redirect.github.com/kolesnikovae) in [https://github.com/cilium/ebpf/pull/1713](https://redirect.github.com/cilium/ebpf/pull/1713) - link: minimal windows support by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1718](https://redirect.github.com/cilium/ebpf/pull/1718) - docs: add instructions for working on the Windows port by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1727](https://redirect.github.com/cilium/ebpf/pull/1727) - windows: update native image testdata by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1730](https://redirect.github.com/cilium/ebpf/pull/1730) - windows: improve dev VM script by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1731](https://redirect.github.com/cilium/ebpf/pull/1731) - build(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1724](https://redirect.github.com/cilium/ebpf/pull/1724) - Add new ≥ 5.11 map/prog types to feature matrix by [@​tklauser](https://redirect.github.com/tklauser) in [https://github.com/cilium/ebpf/pull/1728](https://redirect.github.com/cilium/ebpf/pull/1728) - ebpf: allow retrieving program / attach type from GUID by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1733](https://redirect.github.com/cilium/ebpf/pull/1733) - elf: do not remove dots from names by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1680](https://redirect.github.com/cilium/ebpf/pull/1680) - build(deps): bump the docs group in /docs with 3 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1740](https://redirect.github.com/cilium/ebpf/pull/1740) - docs: add user facing documentation for Windows by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1735](https://redirect.github.com/cilium/ebpf/pull/1735) - ci: reduce bpf2go and gentypes verbosity, mount gomodcache when using podman by [@​ti-mo](https://redirect.github.com/ti-mo) in [https://github.com/cilium/ebpf/pull/1634](https://redirect.github.com/cilium/ebpf/pull/1634) - map, program: always sanitize names passed to the kernel by [@​lmb](https://redirect.github.com/lmb) in [https://github.com/cilium/ebpf/pull/1737](https://redirect.github.com/cilium/ebpf/pull/1737) - build(deps): bump golangci/golangci-lint-action from 6.5.0 to 7.0.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/cilium/ebpf/pull/1739](https://redirect.github.com/cilium/ebpf/pull/1739) #### New Contributors - [@​kolesnikovae](https://redirect.github.com/kolesnikovae) made their first contribution in [https://github.com/cilium/ebpf/pull/1713](https://redirect.github.com/cilium/ebpf/pull/1713) **Full Changelog**: cilium/ebpf@v0.17.3...v0.18.0 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Apr 7, 2025
) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | `v1.71.0` -> `v1.71.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.71.1`](https://redirect.github.com/grpc/grpc-go/releases/tag/v1.71.1): Release 1.71.1 [Compare Source](https://redirect.github.com/grpc/grpc-go/compare/v1.71.0...v1.71.1) ### Bug Fixes - grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor ([#​8178](https://redirect.github.com/grpc/grpc-go/issues/8178)) - xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time ([#​8164](https://redirect.github.com/grpc/grpc-go/issues/8164)) - stats/opentelemetry: use `TextMapPropagator` and `TracerProvider` from `TraceOptions` instead of OpenTelemetry globals ([#​8166](https://redirect.github.com/grpc/grpc-go/issues/8166)) - client: fix races when an http proxy is configured that could lead to deadlocks or panics ([#​8195](https://redirect.github.com/grpc/grpc-go/issues/8195)) - client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated `NewAddress` API ([#​8149](https://redirect.github.com/grpc/grpc-go/issues/8149)) - wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends ([#​8179](https://redirect.github.com/grpc/grpc-go/issues/8179)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
pushed a commit
that referenced
this pull request
Apr 7, 2025
…1.5 (#13327) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [Kong/public-shared-actions/security-actions/scan-docker-image](https://redirect.github.com/Kong/public-shared-actions) ([source](https://redirect.github.com/Kong/public-shared-actions/tree/%40security-actions/scan-docker-image%404.1.5/security-actions/scan-docker-image)) | patch | `4.1.4` -> `4.1.5` | --- ### Release Notes <details> <summary>Kong/public-shared-actions (security-actions/scan-docker-image)</summary> ### [`v4.1.5`](https://redirect.github.com/Kong/public-shared-actions/releases/tag/%40security-actions/scan-docker-image%404.1.5) [Compare Source](https://redirect.github.com/Kong/public-shared-actions/compare/@security-actions/scan-docker-image@4.1.4...@security-actions/scan-docker-image@4.1.5) ##### 🐛 Bug Fixes - **scan-docker-image:** grype outputs ([#​241](https://redirect.github.com/Kong/public-shared-actions/issues/241)) ([971ba65](https://redirect.github.com/Kong/public-shared-actions/commit/971ba6548dc1fd1d9a60dd9527f6596905efff12)) </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImNpL3NraXAtdGVzdCIsImRlcGVuZGVuY2llcyJdfQ==--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
bartsmykla
added a commit
that referenced
this pull request
Apr 7, 2025
…13324) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/onsi/ginkgo/v2](https://redirect.github.com/onsi/ginkgo) | `v2.23.3` -> `v2.23.4` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>onsi/ginkgo (github.com/onsi/ginkgo/v2)</summary> ### [`v2.23.4`](https://redirect.github.com/onsi/ginkgo/releases/tag/v2.23.4) [Compare Source](https://redirect.github.com/onsi/ginkgo/compare/v2.23.3...v2.23.4) #### 2.23.4 Prior to this release Ginkgo would compute the incorrect number of available CPUs when running with `-p` in a linux container. Thanks to [@​emirot](https://redirect.github.com/emirot) for the fix! ##### Features - Add automaxprocs for using CPUQuota \[[`2b9c428`](https://redirect.github.com/onsi/ginkgo/commit/2b9c428)] ##### Fixes - clarify gotchas about -vet flag \[[`1f59d07`](https://redirect.github.com/onsi/ginkgo/commit/1f59d07)] ##### Maintenance - bump dependencies \[[`2d134d5`](https://redirect.github.com/onsi/ginkgo/commit/2d134d5)] </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bart Smykla <bartek@smykla.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Bart Smykla <bartek@smykla.com>
lukidzi
added a commit
that referenced
this pull request
Apr 7, 2025
#13328) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [sigs.k8s.io/controller-tools](https://redirect.github.com/kubernetes-sigs/controller-tools) | `v0.17.2` -> `v0.17.3` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>kubernetes-sigs/controller-tools (sigs.k8s.io/controller-tools)</summary> ### [`v0.17.3`](https://redirect.github.com/kubernetes-sigs/controller-tools/releases/tag/v0.17.3) [Compare Source](https://redirect.github.com/kubernetes-sigs/controller-tools/compare/v0.17.2...v0.17.3) #### What's Changed - 🌱chore: Add golangci-lint linters by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [https://github.com/kubernetes-sigs/controller-tools/pull/1134](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1134) - ✨ markers: add support for optionalOldSelf in XValidation marker by [@​everettraven](https://redirect.github.com/everettraven) in [https://github.com/kubernetes-sigs/controller-tools/pull/1150](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1150) - ✨ Add `--load-build-tags` flag by [@​joelanford](https://redirect.github.com/joelanford) in [https://github.com/kubernetes-sigs/controller-tools/pull/1181](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1181) #### Dependencies - 🌱 Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 in the all-go-mod-patch-and-minor group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/kubernetes-sigs/controller-tools/pull/1151](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1151) - 🌱 Bump the all-go-mod-patch-and-minor group with 5 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/kubernetes-sigs/controller-tools/pull/1148](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1148) - 🌱 Bump golangci/golangci-lint-action from 6.3.1 to 6.5.0 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/kubernetes-sigs/controller-tools/pull/1149](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1149) #### New Contributors - [@​everettraven](https://redirect.github.com/everettraven) made their first contribution in [https://github.com/kubernetes-sigs/controller-tools/pull/1150](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1150) **Full Changelog**: kubernetes-sigs/controller-tools@v0.17.2...v0.17.3 </details> --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMjcuMyIsInVwZGF0ZWRJblZlciI6IjM5LjIyNy4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
renovate bot
added a commit
that referenced
this pull request
Dec 8, 2025
…54.0 (#15194) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/gruntwork-io/terratest](https://redirect.github.com/gruntwork-io/terratest) | require | `v0.53.0` -> `v0.54.0` |  |  | --- ### Release Notes <details> <summary>gruntwork-io/terratest (github.com/gruntwork-io/terratest)</summary> ### [`v0.54.0`](https://redirect.github.com/gruntwork-io/terratest/releases/tag/v0.54.0) [Compare Source](https://redirect.github.com/gruntwork-io/terratest/compare/v0.53.0...v0.54.0) #### What's Changed - Fix TerragruntArgs and TerraformArgs being ignored by [@​james00012](https://redirect.github.com/james00012) in [#​1617](https://redirect.github.com/gruntwork-io/terratest/pull/1617) - Simplify terragrunt function names by [@​james00012](https://redirect.github.com/james00012) in [#​1621](https://redirect.github.com/gruntwork-io/terratest/pull/1621) - Refactor: Extract formatting utilities to internal/lib by [@​james00012](https://redirect.github.com/james00012) in [#​1620](https://redirect.github.com/gruntwork-io/terratest/pull/1620) - Bump golang.org/x/crypto from 0.41.0 to 0.45.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1625](https://redirect.github.com/gruntwork-io/terratest/pull/1625) - Add missing terragrunt commands: ValidateAll, RunAll, FormatAll, OutputListAll by [@​james00012](https://redirect.github.com/james00012) in [#​1622](https://redirect.github.com/gruntwork-io/terratest/pull/1622) - Upgrade terragrunt module tests to v0.93.10 by [@​james00012](https://redirect.github.com/james00012) in [#​1627](https://redirect.github.com/gruntwork-io/terratest/pull/1627) **Full Changelog**: <gruntwork-io/terratest@v0.53.0...v0.54.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 8, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [golangci-lint](https://redirect.github.com/golangci/golangci-lint) | | minor | `v2.6.2` -> `v2.7.2` | | [golangci-lint](https://redirect.github.com/golangci/golangci-lint) | | minor | `2.6.2` -> `2.7.2` | | [golangci/golangci-lint-action](https://redirect.github.com/golangci/golangci-lint-action) | action | minor | `v9.1.0` -> `v9.2.0` | --- ### Release Notes <details> <summary>golangci/golangci-lint (golangci-lint)</summary> ### [`v2.7.2`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v272) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v2.7.1...v2.7.2) *Released on 2025-12-07* 1. Linter bug fixes - `gosec`: from 2.22.10 to [`daccba6`](https://redirect.github.com/golangci/golangci-lint/commit/daccba6b93d7) ### [`v2.7.1`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v271) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v2.7.0...v2.7.1) *Released on 2025-12-04* 1. Linter bug fixes - `modernize`: disable `stringscut` analyzer ### [`v2.7.0`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v270) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v2.6.2...v2.7.0) 1. Bug fixes - fix: clone args used by `custom` command 2. Linters new features or changes - `no-sprintf-host-port`: from 0.2.0 to 0.3.1 (ignore string literals without a colon) - `unqueryvet`: from 1.2.1 to 1.3.0 (handles `const` and `var` declarations) - `revive`: from 1.12.0 to 1.13.0 (new option: `enable-default-rules`, new rules: `forbidden-call-in-wg-go`, `unnecessary-if`, `inefficient-map-lookup`) - `modernize`: from 0.38.0 to 0.39.0 (new analyzers: `plusbuild`, `stringscut`) 3. Linters bug fixes - `perfsprint`: from 0.10.0 to 0.10.1 - `wrapcheck`: from 2.11.0 to 2.12.0 - `godoc-lint`: from 0.10.1 to 0.10.2 4. Misc. - Add some flags to the `custom` command 5. Documentation - docs: split changelog v1 and v2 </details> <details> <summary>golangci/golangci-lint-action (golangci/golangci-lint-action)</summary> ### [`v9.2.0`](https://redirect.github.com/golangci/golangci-lint-action/releases/tag/v9.2.0) [Compare Source](https://redirect.github.com/golangci/golangci-lint-action/compare/v9.1.0...v9.2.0) <!-- Release notes generated using configuration in .github/release.yml at v9.2.0 --> #### What's Changed ##### Changes - feat: add version-file option by [@​ldez](https://redirect.github.com/ldez) in [#​1320](https://redirect.github.com/golangci/golangci-lint-action/pull/1320) - chore: move samples into fixtures by [@​ldez](https://redirect.github.com/ldez) in [#​1321](https://redirect.github.com/golangci/golangci-lint-action/pull/1321) ##### Dependencies - build(deps-dev): bump the dev-dependencies group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1317](https://redirect.github.com/golangci/golangci-lint-action/pull/1317) - build(deps): bump actions/checkout from 5 to 6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1318](https://redirect.github.com/golangci/golangci-lint-action/pull/1318) - build(deps-dev): bump the dev-dependencies group with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1323](https://redirect.github.com/golangci/golangci-lint-action/pull/1323) - build(deps): bump yaml from 2.8.1 to 2.8.2 in the dependencies group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1324](https://redirect.github.com/golangci/golangci-lint-action/pull/1324) **Full Changelog**: <golangci/golangci-lint-action@v9.1.0...v9.2.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Automaat
pushed a commit
that referenced
this pull request
Dec 8, 2025
> **Note:** This PR body was truncated due to platform limits.
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [node](https://nodejs.org)
([source](https://redirect.github.com/nodejs/node)) | major | `20` ->
`24` |
---
### Release Notes
<details>
<summary>nodejs/node (node)</summary>
###
[`v24.11.1`](https://redirect.github.com/nodejs/node/compare/v24.11.0...v24.11.1)
[Compare
Source](https://redirect.github.com/nodejs/node/compare/v24.11.0...v24.11.1)
###
[`v24.11.0`](https://redirect.github.com/nodejs/node/compare/v24.10.0...v24.11.0)
[Compare
Source](https://redirect.github.com/nodejs/node/compare/v24.10.0...v24.11.0)
###
[`v24.10.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.10.0):
2025-10-08, Version 24.10.0 (Current), @​RafaelGSS
[Compare
Source](https://redirect.github.com/nodejs/node/compare/v24.9.0...v24.10.0)
##### Notable Changes
-
\[[`31bb476895`](https://redirect.github.com/nodejs/node/commit/31bb476895)]
- **(SEMVER-MINOR)** **console**: allow per-stream `inspectOptions`
option (Anna Henningsen)
[#​60082](https://redirect.github.com/nodejs/node/pull/60082)
-
\[[`3b92be2fb8`](https://redirect.github.com/nodejs/node/commit/3b92be2fb8)]
- **(SEMVER-MINOR)** **lib**: remove util.getCallSite (Rafael Gonzaga)
[#​59980](https://redirect.github.com/nodejs/node/pull/59980)
-
\[[`18c79d9e1c`](https://redirect.github.com/nodejs/node/commit/18c79d9e1c)]
- **(SEMVER-MINOR)** **sqlite**: create authorization api (Guilherme
Araújo)
[#​59928](https://redirect.github.com/nodejs/node/pull/59928)
##### Commits
-
\[[`e8cff3d51e`](https://redirect.github.com/nodejs/node/commit/e8cff3d51e)]
- **benchmark**: remove unused variable from util/priority-queue (Bruno
Rodrigues)
[#​59872](https://redirect.github.com/nodejs/node/pull/59872)
-
\[[`03294252ab`](https://redirect.github.com/nodejs/node/commit/03294252ab)]
- **benchmark**: update count to n in permission startup (Bruno
Rodrigues)
[#​59872](https://redirect.github.com/nodejs/node/pull/59872)
-
\[[`3c8a609d9b`](https://redirect.github.com/nodejs/node/commit/3c8a609d9b)]
- **benchmark**: update num to n in dgram offset-length (Bruno
Rodrigues)
[#​59872](https://redirect.github.com/nodejs/node/pull/59872)
-
\[[`7b2032b13e`](https://redirect.github.com/nodejs/node/commit/7b2032b13e)]
- **benchmark**: adjust dgram offset-length len values (Bruno Rodrigues)
[#​59708](https://redirect.github.com/nodejs/node/pull/59708)
-
\[[`552d887aee`](https://redirect.github.com/nodejs/node/commit/552d887aee)]
- **benchmark**: update num to n in dgram offset-length (Bruno
Rodrigues)
[#​59708](https://redirect.github.com/nodejs/node/pull/59708)
-
\[[`31bb476895`](https://redirect.github.com/nodejs/node/commit/31bb476895)]
- **(SEMVER-MINOR)** **console**: allow per-stream `inspectOptions`
option (Anna Henningsen)
[#​60082](https://redirect.github.com/nodejs/node/pull/60082)
-
\[[`0bf022d4c0`](https://redirect.github.com/nodejs/node/commit/0bf022d4c0)]
- **console,util**: improve array inspection performance (Ruben
Bridgewater)
[#​60037](https://redirect.github.com/nodejs/node/pull/60037)
-
\[[`04d568e591`](https://redirect.github.com/nodejs/node/commit/04d568e591)]
- **deps**: V8: cherry-pick
[`f93055f`](https://redirect.github.com/nodejs/node/commit/f93055fbd5aa)
(Olivier Flückiger)
[#​60105](https://redirect.github.com/nodejs/node/pull/60105)
-
\[[`621058b3bf`](https://redirect.github.com/nodejs/node/commit/621058b3bf)]
- **deps**: update archs files for openssl-3.5.4 (Node.js GitHub Bot)
[#​60101](https://redirect.github.com/nodejs/node/pull/60101)
-
\[[`81b3009fe6`](https://redirect.github.com/nodejs/node/commit/81b3009fe6)]
- **deps**: upgrade openssl sources to openssl-3.5.4 (Node.js GitHub
Bot) [#​60101](https://redirect.github.com/nodejs/node/pull/60101)
-
\[[`dc44c9f349`](https://redirect.github.com/nodejs/node/commit/dc44c9f349)]
- **deps**: upgrade npm to 11.6.1 (npm team)
[#​60012](https://redirect.github.com/nodejs/node/pull/60012)
-
\[[`ec0f137198`](https://redirect.github.com/nodejs/node/commit/ec0f137198)]
- **deps**: update ada to 3.3.0 (Node.js GitHub Bot)
[#​60045](https://redirect.github.com/nodejs/node/pull/60045)
-
\[[`f490f91874`](https://redirect.github.com/nodejs/node/commit/f490f91874)]
- **deps**: update amaro to 1.1.4 (pmarchini)
[#​60044](https://redirect.github.com/nodejs/node/pull/60044)
-
\[[`de7a7cd0d7`](https://redirect.github.com/nodejs/node/commit/de7a7cd0d7)]
- **deps**: update ada to 3.2.9 (Node.js GitHub Bot)
[#​59987](https://redirect.github.com/nodejs/node/pull/59987)
-
\[[`a533e5b5db`](https://redirect.github.com/nodejs/node/commit/a533e5b5db)]
- **doc**: add automated migration info to deprecations (Augustin
Mauroy)
[#​60022](https://redirect.github.com/nodejs/node/pull/60022)
-
\[[`7fb8fe4875`](https://redirect.github.com/nodejs/node/commit/7fb8fe4875)]
- **doc**: fix typo on child\_process.md (Angelo Gazzola)
[#​60114](https://redirect.github.com/nodejs/node/pull/60114)
-
\[[`24c1ef9846`](https://redirect.github.com/nodejs/node/commit/24c1ef9846)]
- **doc**: remove optional title prefixes (Aviv Keller)
[#​60087](https://redirect.github.com/nodejs/node/pull/60087)
-
\[[`08b9eb8e19`](https://redirect.github.com/nodejs/node/commit/08b9eb8e19)]
- **doc**: mark `.env` files support as stable (Santeri Hiltunen)
[#​59925](https://redirect.github.com/nodejs/node/pull/59925)
-
\[[`66d90b8063`](https://redirect.github.com/nodejs/node/commit/66d90b8063)]
- **doc**: mention reverse proxy and include simple example (Steven)
[#​59736](https://redirect.github.com/nodejs/node/pull/59736)
-
\[[`14aa1119cb`](https://redirect.github.com/nodejs/node/commit/14aa1119cb)]
- **doc**: provide alternative to `url.parse()` using WHATWG URL
(Steven)
[#​59736](https://redirect.github.com/nodejs/node/pull/59736)
-
\[[`f9412324f6`](https://redirect.github.com/nodejs/node/commit/f9412324f6)]
- **doc**: fix typo of built-in module specifier in worker\_threads
(Deokjin Kim)
[#​59992](https://redirect.github.com/nodejs/node/pull/59992)
-
\[[`64e738a342`](https://redirect.github.com/nodejs/node/commit/64e738a342)]
- **doc,crypto**: reorder ML-KEM in the asymmetric key types table
(Filip Skokan)
[#​60067](https://redirect.github.com/nodejs/node/pull/60067)
-
\[[`1b25008b41`](https://redirect.github.com/nodejs/node/commit/1b25008b41)]
- **http**: improve writeEarlyHints by avoiding for-of loop (Haram
Jeong)
[#​59958](https://redirect.github.com/nodejs/node/pull/59958)
-
\[[`35f9b6b28f`](https://redirect.github.com/nodejs/node/commit/35f9b6b28f)]
- **inspector**: improve batch diagnostic channel subscriptions
(Chengzhong Wu)
[#​60009](https://redirect.github.com/nodejs/node/pull/60009)
-
\[[`3b92be2fb8`](https://redirect.github.com/nodejs/node/commit/3b92be2fb8)]
- **(SEMVER-MINOR)** **lib**: remove util.getCallSite (Rafael Gonzaga)
[#​59980](https://redirect.github.com/nodejs/node/pull/59980)
-
\[[`c495e1fe57`](https://redirect.github.com/nodejs/node/commit/c495e1fe57)]
- **lib**: optimize priority queue (Gürgün Dayıoğlu)
[#​60039](https://redirect.github.com/nodejs/node/pull/60039)
-
\[[`6be31fb9f3`](https://redirect.github.com/nodejs/node/commit/6be31fb9f3)]
- **lib**: implement passive listener behavior per spec (BCD1me)
[#​59995](https://redirect.github.com/nodejs/node/pull/59995)
-
\[[`c5e4aa763b`](https://redirect.github.com/nodejs/node/commit/c5e4aa763b)]
- **meta**: bump actions/setup-python from 5.6.0 to 6.0.0
(dependabot\[bot])
[#​60090](https://redirect.github.com/nodejs/node/pull/60090)
-
\[[`50fa1f4a76`](https://redirect.github.com/nodejs/node/commit/50fa1f4a76)]
- **meta**: bump ossf/scorecard-action from 2.4.2 to 2.4.3
(dependabot\[bot])
[#​60096](https://redirect.github.com/nodejs/node/pull/60096)
-
\[[`def4ce976c`](https://redirect.github.com/nodejs/node/commit/def4ce976c)]
- **meta**: bump actions/cache from 4.2.4 to 4.3.0 (dependabot\[bot])
[#​60095](https://redirect.github.com/nodejs/node/pull/60095)
-
\[[`24b5abc0e9`](https://redirect.github.com/nodejs/node/commit/24b5abc0e9)]
- **meta**: bump step-security/harden-runner from 2.12.2 to 2.13.1
(dependabot\[bot])
[#​60094](https://redirect.github.com/nodejs/node/pull/60094)
-
\[[`8ccf2b0b34`](https://redirect.github.com/nodejs/node/commit/8ccf2b0b34)]
- **meta**: bump actions/setup-node from 4.4.0 to 5.0.0
(dependabot\[bot])
[#​60093](https://redirect.github.com/nodejs/node/pull/60093)
-
\[[`78580147ef`](https://redirect.github.com/nodejs/node/commit/78580147ef)]
- **meta**: bump actions/stale from 9.1.0 to 10.0.0 (dependabot\[bot])
[#​60092](https://redirect.github.com/nodejs/node/pull/60092)
-
\[[`705686b5c4`](https://redirect.github.com/nodejs/node/commit/705686b5c4)]
- **meta**: bump codecov/codecov-action from 5.5.0 to 5.5.1
(dependabot\[bot])
[#​60091](https://redirect.github.com/nodejs/node/pull/60091)
-
\[[`423a6bc744`](https://redirect.github.com/nodejs/node/commit/423a6bc744)]
- **meta**: bump github/codeql-action from 3.30.0 to 3.30.5
(dependabot\[bot])
[#​60089](https://redirect.github.com/nodejs/node/pull/60089)
-
\[[`9d9bd0fb4f`](https://redirect.github.com/nodejs/node/commit/9d9bd0fb4f)]
- **meta**: move Michael to emeritus (Michael Dawson)
[#​60070](https://redirect.github.com/nodejs/node/pull/60070)
-
\[[`dbeee55824`](https://redirect.github.com/nodejs/node/commit/dbeee55824)]
- **module**: use sync cjs when importing cts (Marco Ippolito)
[#​60072](https://redirect.github.com/nodejs/node/pull/60072)
-
\[[`a722f677ac`](https://redirect.github.com/nodejs/node/commit/a722f677ac)]
- **perf\_hooks**: fix histogram fast call signatures (Renegade334)
[#​59600](https://redirect.github.com/nodejs/node/pull/59600)
-
\[[`b3295b8353`](https://redirect.github.com/nodejs/node/commit/b3295b8353)]
- **process**: fix wrong asyncContext under unhandled-rejections=strict
(Shima Ryuhei)
[#​60103](https://redirect.github.com/nodejs/node/pull/60103)
-
\[[`cff4a7608a`](https://redirect.github.com/nodejs/node/commit/cff4a7608a)]
- **process**: fix default `env` for `process.execve` (Richard Lau)
[#​60029](https://redirect.github.com/nodejs/node/pull/60029)
-
\[[`cd034e927f`](https://redirect.github.com/nodejs/node/commit/cd034e927f)]
- **process**: fix hrtime fast call signatures (Renegade334)
[#​59600](https://redirect.github.com/nodejs/node/pull/59600)
-
\[[`18c79d9e1c`](https://redirect.github.com/nodejs/node/commit/18c79d9e1c)]
- **(SEMVER-MINOR)** **sqlite**: create authorization api (Guilherme
Araújo)
[#​59928](https://redirect.github.com/nodejs/node/pull/59928)
-
\[[`d949222043`](https://redirect.github.com/nodejs/node/commit/d949222043)]
- **sqlite**: replace `ToLocalChecked` and improve filter error handling
(Edy Silva)
[#​60028](https://redirect.github.com/nodejs/node/pull/60028)
-
\[[`6417dc879e`](https://redirect.github.com/nodejs/node/commit/6417dc879e)]
- **src**: bring permissions macros in line with general C/C++ standards
(Anna Henningsen)
[#​60053](https://redirect.github.com/nodejs/node/pull/60053)
-
\[[`e273c2020c`](https://redirect.github.com/nodejs/node/commit/e273c2020c)]
- **src**: update contextify to use DictionaryTemplate (James M Snell)
[#​60059](https://redirect.github.com/nodejs/node/pull/60059)
-
\[[`5f9ff60664`](https://redirect.github.com/nodejs/node/commit/5f9ff60664)]
- **src**: remove `AnalyzeTemporaryDtors` option from .clang-tidy
(iknoom)
[#​60008](https://redirect.github.com/nodejs/node/pull/60008)
-
\[[`9db54adccc`](https://redirect.github.com/nodejs/node/commit/9db54adccc)]
- **src**: update cares\_wrap to use DictionaryTemplates (James M Snell)
[#​60033](https://redirect.github.com/nodejs/node/pull/60033)
-
\[[`fc0ceb7b82`](https://redirect.github.com/nodejs/node/commit/fc0ceb7b82)]
- **src**: correct the error handling in StatementExecutionHelper (James
M Snell)
[#​60040](https://redirect.github.com/nodejs/node/pull/60040)
-
\[[`3e8fdc1d8d`](https://redirect.github.com/nodejs/node/commit/3e8fdc1d8d)]
- **src**: remove unused variables from report (Moonki Choi)
[#​60047](https://redirect.github.com/nodejs/node/pull/60047)
-
\[[`d744324d8e`](https://redirect.github.com/nodejs/node/commit/d744324d8e)]
- **src**: avoid unnecessary string allocations in SPrintF impl (Anna
Henningsen)
[#​60052](https://redirect.github.com/nodejs/node/pull/60052)
-
\[[`de65a5c719`](https://redirect.github.com/nodejs/node/commit/de65a5c719)]
- **src**: make ToLower/ToUpper input args more flexible (Anna
Henningsen)
[#​60052](https://redirect.github.com/nodejs/node/pull/60052)
-
\[[`354026df5a`](https://redirect.github.com/nodejs/node/commit/354026df5a)]
- **src**: allow `std::string_view` arguments to `SPrintF()` and friends
(Anna Henningsen)
[#​60058](https://redirect.github.com/nodejs/node/pull/60058)
-
\[[`42f7d7cb20`](https://redirect.github.com/nodejs/node/commit/42f7d7cb20)]
- **src**: remove unnecessary `std::string` error messages (Anna
Henningsen)
[#​60057](https://redirect.github.com/nodejs/node/pull/60057)
-
\[[`30c2c0fedd`](https://redirect.github.com/nodejs/node/commit/30c2c0fedd)]
- **src**: remove unnecessary shadowed functions on Utf8Value &
BufferValue (Anna Henningsen)
[#​60056](https://redirect.github.com/nodejs/node/pull/60056)
-
\[[`eb99eec09b`](https://redirect.github.com/nodejs/node/commit/eb99eec09b)]
- **src**: avoid unnecessary string -> `char*` -> string round trips
(Anna Henningsen)
[#​60055](https://redirect.github.com/nodejs/node/pull/60055)
-
\[[`c1f1dbdce2`](https://redirect.github.com/nodejs/node/commit/c1f1dbdce2)]
- **src**: remove useless dereferencing in `THROW_...` (Anna Henningsen)
[#​60054](https://redirect.github.com/nodejs/node/pull/60054)
-
\[[`ea0f5e575d`](https://redirect.github.com/nodejs/node/commit/ea0f5e575d)]
- **src**: fill `options_args`, `options_env` after vectors are
finalized (iknoom)
[#​59945](https://redirect.github.com/nodejs/node/pull/59945)
-
\[[`415fff217a`](https://redirect.github.com/nodejs/node/commit/415fff217a)]
- **src**: use RAII for uv\_process\_options\_t (iknoom)
[#​59945](https://redirect.github.com/nodejs/node/pull/59945)
-
\[[`982b03ecbd`](https://redirect.github.com/nodejs/node/commit/982b03ecbd)]
- **test**: mark `test-runner-run-watch` flaky on macOS (Richard Lau)
[#​60115](https://redirect.github.com/nodejs/node/pull/60115)
-
\[[`831a0d3d28`](https://redirect.github.com/nodejs/node/commit/831a0d3d28)]
- **test**: ensure that the message event is fired (Luigi Pinca)
[#​59952](https://redirect.github.com/nodejs/node/pull/59952)
-
\[[`5538cfc1e8`](https://redirect.github.com/nodejs/node/commit/5538cfc1e8)]
- **test**: replace diagnostics\_channel stackframe in output snapshots
(Chengzhong Wu)
[#​60024](https://redirect.github.com/nodejs/node/pull/60024)
-
\[[`77ec400d90`](https://redirect.github.com/nodejs/node/commit/77ec400d90)]
- **test**: mark test-web-locks skip on IBM i (SRAVANI GUNDEPALLI)
[#​59996](https://redirect.github.com/nodejs/node/pull/59996)
-
\[[`1aaadb9e31`](https://redirect.github.com/nodejs/node/commit/1aaadb9e31)]
- **test**: ensure message event fires in worker message port test
(Jarred Sumner)
[#​59885](https://redirect.github.com/nodejs/node/pull/59885)
-
\[[`1d5cc5e57a`](https://redirect.github.com/nodejs/node/commit/1d5cc5e57a)]
- **test**: mark sea tests flaky on macOS x64 (Richard Lau)
[#​60068](https://redirect.github.com/nodejs/node/pull/60068)
-
\[[`c412b1855d`](https://redirect.github.com/nodejs/node/commit/c412b1855d)]
- **test**: expand tls-check-server-identity coverage (Diango Gavidia)
[#​60002](https://redirect.github.com/nodejs/node/pull/60002)
-
\[[`ad87975029`](https://redirect.github.com/nodejs/node/commit/ad87975029)]
- **test**: fix typo of test-benchmark-readline.js (Deokjin Kim)
[#​59993](https://redirect.github.com/nodejs/node/pull/59993)
-
\[[`bad4b9b878`](https://redirect.github.com/nodejs/node/commit/bad4b9b878)]
- **test**: add new `startNewREPLSever` testing utility (Dario
Piotrowicz)
[#​59964](https://redirect.github.com/nodejs/node/pull/59964)
-
\[[`ef90b0f456`](https://redirect.github.com/nodejs/node/commit/ef90b0f456)]
- **test**: verify tracing channel doesn't swallow unhandledRejection
(Gerhard Stöbich)
[#​59974](https://redirect.github.com/nodejs/node/pull/59974)
-
\[[`d7285459fe`](https://redirect.github.com/nodejs/node/commit/d7285459fe)]
- **timers**: fix binding fast call signatures (Renegade334)
[#​59600](https://redirect.github.com/nodejs/node/pull/59600)
-
\[[`6529ae9b0c`](https://redirect.github.com/nodejs/node/commit/6529ae9b0c)]
- **tools**: add message on auto-fixing js lint issues in gh workflow
(Dario Piotrowicz)
[#​59128](https://redirect.github.com/nodejs/node/pull/59128)
-
\[[`1ca116a6ea`](https://redirect.github.com/nodejs/node/commit/1ca116a6ea)]
- **tools**: verify signatures when updating nghttp\* (Antoine du Hamel)
[#​60113](https://redirect.github.com/nodejs/node/pull/60113)
-
\[[`20d10a2398`](https://redirect.github.com/nodejs/node/commit/20d10a2398)]
- **tools**: use dependabot cooldown and move tools/doc (Rafael Gonzaga)
[#​59978](https://redirect.github.com/nodejs/node/pull/59978)
-
\[[`275c07064c`](https://redirect.github.com/nodejs/node/commit/275c07064c)]
- **typings**: update 'types' binding (René)
[#​59692](https://redirect.github.com/nodejs/node/pull/59692)
-
\[[`8c21c4b286`](https://redirect.github.com/nodejs/node/commit/8c21c4b286)]
- **wasi**: fix WasiFunction fast call signature (Renegade334)
[#​59600](https://redirect.github.com/nodejs/node/pull/59600)
-
\[[`b865074641`](https://redirect.github.com/nodejs/node/commit/b865074641)]
- **win,tools**: add description to signature (Martin Costello)
[#​59877](https://redirect.github.com/nodejs/node/pull/59877)
###
[`v24.9.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.9.0):
2025-09-25, Version 24.9.0 (Current), @​targos
[Compare
Source](https://redirect.github.com/nodejs/node/compare/v24.8.0...v24.9.0)
##### Notable Changes
-
\[[`9b043a9096`](https://redirect.github.com/nodejs/node/commit/9b043a9096)]
- **(SEMVER-MINOR)** **http**: add shouldUpgradeCallback to let servers
control HTTP upgrades (Tim Perry)
[#​59824](https://redirect.github.com/nodejs/node/pull/59824)
-
\[[`a6456ab90a`](https://redirect.github.com/nodejs/node/commit/a6456ab90a)]
- **(SEMVER-MINOR)** **sqlite**: cleanup ERM support and export Session
class (James M Snell)
[#​58378](https://redirect.github.com/nodejs/node/pull/58378)
-
\[[`5563361d22`](https://redirect.github.com/nodejs/node/commit/5563361d22)]
- **(SEMVER-MINOR)** **sqlite**: add tagged template (0hm☘️)
[#​58748](https://redirect.github.com/nodejs/node/pull/58748)
-
\[[`04013ee933`](https://redirect.github.com/nodejs/node/commit/04013ee933)]
- **(SEMVER-MINOR)** **worker**: add heap profile API (theanarkh)
[#​59846](https://redirect.github.com/nodejs/node/pull/59846)
##### Commits
-
\[[`cbec4fd6de`](https://redirect.github.com/nodejs/node/commit/cbec4fd6de)]
- **benchmark**: calibrate config dgram multi-buffer (Bruno Rodrigues)
[#​59696](https://redirect.github.com/nodejs/node/pull/59696)
-
\[[`9a4bbdc3c5`](https://redirect.github.com/nodejs/node/commit/9a4bbdc3c5)]
- **benchmark**: calibrate config cluster/echo.js (Nam Yooseong)
[#​59836](https://redirect.github.com/nodejs/node/pull/59836)
-
\[[`0b284d86e8`](https://redirect.github.com/nodejs/node/commit/0b284d86e8)]
- **build**: add the missing macro definitions for OpenHarmony (hqzing)
[#​59804](https://redirect.github.com/nodejs/node/pull/59804)
-
\[[`43e6e54d66`](https://redirect.github.com/nodejs/node/commit/43e6e54d66)]
- **build**: do not include custom ESLint rules testing in tarball
(Antoine du Hamel)
[#​59809](https://redirect.github.com/nodejs/node/pull/59809)
-
\[[`039ac19154`](https://redirect.github.com/nodejs/node/commit/039ac19154)]
- **crypto**: expose signatureAlgorithm on X509Certificate (Patrick
Costa)
[#​59235](https://redirect.github.com/nodejs/node/pull/59235)
-
\[[`647c332704`](https://redirect.github.com/nodejs/node/commit/647c332704)]
- **crypto**: use `return await` when returning Promises from async
functions (Renegade334)
[#​59841](https://redirect.github.com/nodejs/node/pull/59841)
-
\[[`8ed4587cf0`](https://redirect.github.com/nodejs/node/commit/8ed4587cf0)]
- **crypto**: use async functions for non-stub Promise-returning
functions (Renegade334)
[#​59841](https://redirect.github.com/nodejs/node/pull/59841)
-
\[[`bb051c56ef`](https://redirect.github.com/nodejs/node/commit/bb051c56ef)]
- **crypto**: avoid calls to `promise.catch()` (Renegade334)
[#​59841](https://redirect.github.com/nodejs/node/pull/59841)
-
\[[`05e560dd25`](https://redirect.github.com/nodejs/node/commit/05e560dd25)]
- **deps**: update googletest to
[`50b8600`](https://redirect.github.com/nodejs/node/commit/50b8600)
(Node.js GitHub Bot)
[#​59955](https://redirect.github.com/nodejs/node/pull/59955)
-
\[[`fa40d3a785`](https://redirect.github.com/nodejs/node/commit/fa40d3a785)]
- **deps**: update archs files for openssl-3.5.3 (Node.js GitHub Bot)
[#​59901](https://redirect.github.com/nodejs/node/pull/59901)
-
\[[`8c85570d18`](https://redirect.github.com/nodejs/node/commit/8c85570d18)]
- **deps**: upgrade openssl sources to openssl-3.5.3 (Node.js GitHub
Bot) [#​59901](https://redirect.github.com/nodejs/node/pull/59901)
-
\[[`b71125664e`](https://redirect.github.com/nodejs/node/commit/b71125664e)]
- **deps**: update undici to 7.16.0 (Node.js GitHub Bot)
[#​59830](https://redirect.github.com/nodejs/node/pull/59830)
-
\[[`dea5dd7077`](https://redirect.github.com/nodejs/node/commit/dea5dd7077)]
- **dgram**: restore buffer optimization in fixBufferList (Yoo)
[#​59934](https://redirect.github.com/nodejs/node/pull/59934)
-
\[[`b0c1e67532`](https://redirect.github.com/nodejs/node/commit/b0c1e67532)]
- **diagnostics\_channel**: fix race condition with diagnostics\_channel
and GC (Ugaitz Urien)
[#​59910](https://redirect.github.com/nodejs/node/pull/59910)
-
\[[`0b37b594c3`](https://redirect.github.com/nodejs/node/commit/0b37b594c3)]
- **doc**: use "WebAssembly" instead of "Web Assembly" (Tobias Nießen)
[#​59954](https://redirect.github.com/nodejs/node/pull/59954)
-
\[[`1e723f9c6b`](https://redirect.github.com/nodejs/node/commit/1e723f9c6b)]
- **doc**: fix typo in section on microtask order (Tobias Nießen)
[#​59932](https://redirect.github.com/nodejs/node/pull/59932)
-
\[[`a28962a85c`](https://redirect.github.com/nodejs/node/commit/a28962a85c)]
- **doc**: update V8 fast API guidance (René)
[#​58999](https://redirect.github.com/nodejs/node/pull/58999)
-
\[[`bd767c5d1b`](https://redirect.github.com/nodejs/node/commit/bd767c5d1b)]
- **doc**: add security escalation policy (Ulises Gascón)
[#​59806](https://redirect.github.com/nodejs/node/pull/59806)
-
\[[`9df91e59e1`](https://redirect.github.com/nodejs/node/commit/9df91e59e1)]
- **doc**: type improvement of file `http.md` (yusheng chen)
[#​58189](https://redirect.github.com/nodejs/node/pull/58189)
-
\[[`e4f571680b`](https://redirect.github.com/nodejs/node/commit/e4f571680b)]
- **doc**: deprecate closing `fs.Dir` on garbage collection (Livia
Medeiros)
[#​59839](https://redirect.github.com/nodejs/node/pull/59839)
-
\[[`e9cb986fa5`](https://redirect.github.com/nodejs/node/commit/e9cb986fa5)]
- **doc**: rephrase dynamic import() description (Nam Yooseong)
[#​59224](https://redirect.github.com/nodejs/node/pull/59224)
-
\[[`026d4e33f7`](https://redirect.github.com/nodejs/node/commit/026d4e33f7)]
- **doc,crypto**: update subtle.generateKey and subtle.importKey (Filip
Skokan)
[#​59851](https://redirect.github.com/nodejs/node/pull/59851)
-
\[[`2b2591db52`](https://redirect.github.com/nodejs/node/commit/2b2591db52)]
- **esm**: make hasAsyncGraph non-enumerable (Joyee Cheung)
[#​59905](https://redirect.github.com/nodejs/node/pull/59905)
-
\[[`993f05d323`](https://redirect.github.com/nodejs/node/commit/993f05d323)]
- **fs,win**: do not add a second trailing slash in readdir (Gerhard
Stöbich)
[#​59847](https://redirect.github.com/nodejs/node/pull/59847)
-
\[[`7aec53b607`](https://redirect.github.com/nodejs/node/commit/7aec53b607)]
- **(SEMVER-MINOR)** **http**: add shouldUpgradeCallback to let servers
control HTTP upgrades (Tim Perry)
[#​59824](https://redirect.github.com/nodejs/node/pull/59824)
-
\[[`83ae6102e7`](https://redirect.github.com/nodejs/node/commit/83ae6102e7)]
- **http**: optimize checkIsHttpToken for short strings (방진혁)
[#​59832](https://redirect.github.com/nodejs/node/pull/59832)
-
\[[`6695067636`](https://redirect.github.com/nodejs/node/commit/6695067636)]
- **http,https**: handle IPv6 with proxies (Joyee Cheung)
[#​59894](https://redirect.github.com/nodejs/node/pull/59894)
-
\[[`c5d910a0a9`](https://redirect.github.com/nodejs/node/commit/c5d910a0a9)]
- **http2**: fix allowHttp1+Upgrade, broken by shouldUpgradeCallback
(Tim Perry)
[#​59924](https://redirect.github.com/nodejs/node/pull/59924)
-
\[[`acada1fb82`](https://redirect.github.com/nodejs/node/commit/acada1fb82)]
- **inspector**: ensure adequate memory allocation for
`Binary::toBase64` (René)
[#​59870](https://redirect.github.com/nodejs/node/pull/59870)
-
\[[`396cc8ec65`](https://redirect.github.com/nodejs/node/commit/396cc8ec65)]
- **lib**: update inspect output format for subclasses (Miguel Marcondes
Filho)
[#​59687](https://redirect.github.com/nodejs/node/pull/59687)
-
\[[`fed1dac8de`](https://redirect.github.com/nodejs/node/commit/fed1dac8de)]
- **lib**: update isDeepStrictEqual to support options (Miguel Marcondes
Filho)
[#​59762](https://redirect.github.com/nodejs/node/pull/59762)
-
\[[`d785929fd7`](https://redirect.github.com/nodejs/node/commit/d785929fd7)]
- **lib**: add source map support for assert messages (Chengzhong Wu)
[#​59751](https://redirect.github.com/nodejs/node/pull/59751)
-
\[[`ff13d1d61e`](https://redirect.github.com/nodejs/node/commit/ff13d1d61e)]
- **lib,src**: cache ModuleWrap.hasAsyncGraph (Chengzhong Wu)
[#​59703](https://redirect.github.com/nodejs/node/pull/59703)
-
\[[`b200cd8470`](https://redirect.github.com/nodejs/node/commit/b200cd8470)]
- **lib,src**: refactor assert to load error source from memory
(Chengzhong Wu)
[#​59751](https://redirect.github.com/nodejs/node/pull/59751)
-
\[[`e94c57301b`](https://redirect.github.com/nodejs/node/commit/e94c57301b)]
- **meta**: add .npmrc with ignore-scripts=true (Joyee Cheung)
[#​59914](https://redirect.github.com/nodejs/node/pull/59914)
-
\[[`728472a57b`](https://redirect.github.com/nodejs/node/commit/728472a57b)]
- **module**: only put directly require-d ESM into require.cache (Joyee
Cheung)
[#​59874](https://redirect.github.com/nodejs/node/pull/59874)
-
\[[`be48760b93`](https://redirect.github.com/nodejs/node/commit/be48760b93)]
- **node-api**: added SharedArrayBuffer api (Mert Can Altin)
[#​59071](https://redirect.github.com/nodejs/node/pull/59071)
-
\[[`f006a14522`](https://redirect.github.com/nodejs/node/commit/f006a14522)]
- **node-api**: make napi\_delete\_reference use node\_api\_basic\_env
(Jeetu Suthar)
[#​59684](https://redirect.github.com/nodejs/node/pull/59684)
-
\[[`0f46c1c3b0`](https://redirect.github.com/nodejs/node/commit/0f46c1c3b0)]
- **repl**: fix cpu overhead pasting big strings to the REPL (Ruben
Bridgewater)
[#​59857](https://redirect.github.com/nodejs/node/pull/59857)
-
\[[`3eeb7b47ea`](https://redirect.github.com/nodejs/node/commit/3eeb7b47ea)]
- **sqlite**: fix crash session extension callbacks with workers (Bart
Louwers)
[#​59848](https://redirect.github.com/nodejs/node/pull/59848)
-
\[[`0fe53375ec`](https://redirect.github.com/nodejs/node/commit/0fe53375ec)]
- **(SEMVER-MINOR)** **sqlite**: cleanup ERM support and export Session
class (James M Snell)
[#​58378](https://redirect.github.com/nodejs/node/pull/58378)
-
\[[`9a3e58a007`](https://redirect.github.com/nodejs/node/commit/9a3e58a007)]
- **(SEMVER-MINOR)** **sqlite**: add tagged template (0hm☘️)
[#​58748](https://redirect.github.com/nodejs/node/pull/58748)
-
\[[`f14ed5ab7b`](https://redirect.github.com/nodejs/node/commit/f14ed5ab7b)]
- **src**: simplify watchdog instantiations via `std::optional` (Anna
Henningsen)
[#​59960](https://redirect.github.com/nodejs/node/pull/59960)
-
\[[`e330f03f84`](https://redirect.github.com/nodejs/node/commit/e330f03f84)]
- **src**: update crypto objects to use DictionaryTemplate (James M
Snell)
[#​59942](https://redirect.github.com/nodejs/node/pull/59942)
-
\[[`69b5607cf4`](https://redirect.github.com/nodejs/node/commit/69b5607cf4)]
- **src**: simplify is\_callable by making it a concept (Tobias Nießen)
[#​58169](https://redirect.github.com/nodejs/node/pull/58169)
-
\[[`86150f3401`](https://redirect.github.com/nodejs/node/commit/86150f3401)]
- **src**: rename private fields to follow naming convention (Moonki
Choi)
[#​59923](https://redirect.github.com/nodejs/node/pull/59923)
-
\[[`d17f299539`](https://redirect.github.com/nodejs/node/commit/d17f299539)]
- **src**: use DictionaryTemplate more in URLPattern (James M Snell)
[#​59892](https://redirect.github.com/nodejs/node/pull/59892)
-
\[[`ac784912ac`](https://redirect.github.com/nodejs/node/commit/ac784912ac)]
- **src**: reduce the nearest parent package JSON cache size (Michael
Smith)
[#​59888](https://redirect.github.com/nodejs/node/pull/59888)
-
\[[`abecdcb536`](https://redirect.github.com/nodejs/node/commit/abecdcb536)]
- **src**: replace FIXED\_ONE\_BYTE\_STRING with Environment-cached
strings (Moonki Choi)
[#​59891](https://redirect.github.com/nodejs/node/pull/59891)
-
\[[`2bb152500b`](https://redirect.github.com/nodejs/node/commit/2bb152500b)]
- **src**: create strings in `FIXED_ONE_BYTE_STRING` as internalized
(Anna Henningsen)
[#​59826](https://redirect.github.com/nodejs/node/pull/59826)
-
\[[`03116a7cd8`](https://redirect.github.com/nodejs/node/commit/03116a7cd8)]
- **src**: remove `std::array` overload of `FIXED_ONE_BYTE_STRING` (Anna
Henningsen)
[#​59826](https://redirect.github.com/nodejs/node/pull/59826)
-
\[[`8a5325d6e3`](https://redirect.github.com/nodejs/node/commit/8a5325d6e3)]
- **src**: ensure `v8::Eternal` is empty before setting it (Anna
Henningsen)
[#​59825](https://redirect.github.com/nodejs/node/pull/59825)
-
\[[`f0c20ccd81`](https://redirect.github.com/nodejs/node/commit/f0c20ccd81)]
- **src**: remove unnecessary `Environment::GetCurrent()` calls (Moonki
Choi)
[#​59814](https://redirect.github.com/nodejs/node/pull/59814)
-
\[[`213188e491`](https://redirect.github.com/nodejs/node/commit/213188e491)]
- **stream**: use new AsyncResource instead of bind (Matteo Collina)
[#​59867](https://redirect.github.com/nodejs/node/pull/59867)
-
\[[`ce8435b003`](https://redirect.github.com/nodejs/node/commit/ce8435b003)]
- **test**: testcase demonstrating issue 59541 (Eric Rannaud)
[#​59801](https://redirect.github.com/nodejs/node/pull/59801)
-
\[[`8f32746142`](https://redirect.github.com/nodejs/node/commit/8f32746142)]
- **test**: guard write to proxy client if proxy connection is ended
(Joyee Cheung)
[#​59742](https://redirect.github.com/nodejs/node/pull/59742)
-
\[[`6790093fcb`](https://redirect.github.com/nodejs/node/commit/6790093fcb)]
- **tls**: load bundled and extra certificates off-thread (Joyee Cheung)
[#​59856](https://redirect.github.com/nodejs/node/pull/59856)
-
\[[`f5d3f919d8`](https://redirect.github.com/nodejs/node/commit/f5d3f919d8)]
- **tls**: only do off-thread certificate loading on loading tls (Joyee
Cheung)
[#​59856](https://redirect.github.com/nodejs/node/pull/59856)
-
\[[`87bbaa23a0`](https://redirect.github.com/nodejs/node/commit/87bbaa23a0)]
- **tools**: fix `tools/make-v8.sh` for clang (Richard Lau)
[#​59893](https://redirect.github.com/nodejs/node/pull/59893)
-
\[[`0d23fd525b`](https://redirect.github.com/nodejs/node/commit/0d23fd525b)]
- **tools**: skip test-internet workflow for draft PRs (Michaël Zasso)
[#​59817](https://redirect.github.com/nodejs/node/pull/59817)
-
\[[`e17c73731a`](https://redirect.github.com/nodejs/node/commit/e17c73731a)]
- **tools**: copyedit `build-tarball.yml` (Antoine du Hamel)
[#​59808](https://redirect.github.com/nodejs/node/pull/59808)
-
\[[`97c4e1bac9`](https://redirect.github.com/nodejs/node/commit/97c4e1bac9)]
- **typings**: remove unused imports (Nam Yooseong)
[#​59880](https://redirect.github.com/nodejs/node/pull/59880)
-
\[[`8b29bbca76`](https://redirect.github.com/nodejs/node/commit/8b29bbca76)]
- **url**: replaced slice with at (Mikhail)
[#​59181](https://redirect.github.com/nodejs/node/pull/59181)
-
\[[`6458867a6b`](https://redirect.github.com/nodejs/node/commit/6458867a6b)]
- **url**: add type checking to urlToHttpOptions() (simon-id)
[#​59753](https://redirect.github.com/nodejs/node/pull/59753)
-
\[[`3c62b3886f`](https://redirect.github.com/nodejs/node/commit/3c62b3886f)]
- **util**: inspect objects with throwing Symbol.toStringTag (Ruben
Bridgewater)
[#​59860](https://redirect.github.com/nodejs/node/pull/59860)
-
\[[`6133a82875`](https://redirect.github.com/nodejs/node/commit/6133a82875)]
- **util**: fix debuglog.enabled not being present with callback logger
(Ruben Bridgewater)
[#​59858](https://redirect.github.com/nodejs/node/pull/59858)
-
\[[`9347ddddf4`](https://redirect.github.com/nodejs/node/commit/9347ddddf4)]
- **vm**: explain how to share promises between contexts w/
afterEvaluate (Eric Rannaud)
[#​59801](https://redirect.github.com/nodejs/node/pull/59801)
-
\[[`44ce971619`](https://redirect.github.com/nodejs/node/commit/44ce971619)]
- **vm**: "afterEvaluate", evaluate() return a promise from the outer
context (Eric Rannaud)
[#​59801](https://redirect.github.com/nodejs/node/pull/59801)
-
\[[`6e586a1409`](https://redirect.github.com/nodejs/node/commit/6e586a1409)]
- **vm**: expose hasTopLevelAwait on SourceTextModule (Chengzhong Wu)
[#​59865](https://redirect.github.com/nodejs/node/pull/59865)
-
\[[`49747a58a3`](https://redirect.github.com/nodejs/node/commit/49747a58a3)]
- **(SEMVER-MINOR)** **worker**: add heap profile API (theanarkh)
[#​59846](https://redirect.github.com/nodejs/node/pull/59846)
-
\[[`b970c0bbc2`](https://redirect.github.com/nodejs/node/commit/b970c0bbc2)]
- **zlib**: reduce code duplication (jhofstee)
[#​57810](https://redirect.github.com/nodejs/node/pull/57810)
-
\[[`9782ca2b1b`](https://redirect.github.com/nodejs/node/commit/9782ca2b1b)]
- **zlib**: implement fast path for crc32 (Gürgün Dayıoğlu)
[#​59813](https://redirect.github.com/nodejs/node/pull/59813)
###
[`v24.8.0`](https://redirect.github.com/nodejs/node/releases/tag/v24.8.0):
2025-09-10, Version 24.8.0 (Current), @​targos
[Compare
Source](https://redirect.github.com/nodejs/node/compare/v24.7.0...v24.8.0)
##### Notable Changes
##### HTTP/2 Network Inspection Support in Node.js
Node.js now supports inspection of HTTP/2 network calls in Chrome
DevTools for Node.js.
##### Usage
Write a `test.js` script that makes HTTP/2 requests.
```js
const http2 = require('node:http2');
const client = http2.connect('https://nghttp2.org');
const req = client.request([
':path', '/',
':method', 'GET',
]);
```
Run it with these options:
```bash
node --inspect-wait --experimental-network-inspection test.js
```
Open `about:inspect` on Google Chrome and click on `Open dedicated
DevTools for Node`.
The `Network` tab will let you track your HTTP/2 calls.
Contributed by Darshan Sen in
[#​59611](https://redirect.github.com/nodejs/node/pull/59611).
##### Other Notable Changes
-
\[[`7a8e2c251d`](https://redirect.github.com/nodejs/node/commit/7a8e2c251d)]
- **(SEMVER-MINOR)** **crypto**: support Ed448 and ML-DSA context
parameter in node:crypto (Filip Skokan)
[#​59570](https://redirect.github.com/nodejs/node/pull/59570)
-
\[[`4b631be0b0`](https://redirect.github.com/nodejs/node/commit/4b631be0b0)]
- **(SEMVER-MINOR)** **crypto**: support Ed448 and ML-DSA context
parameter in Web Cryptography (Filip Skokan)
[#​59570](https://redirect.github.com/nodejs/node/pull/59570)
-
\[[`3e4b1e732c`](https://redirect.github.com/nodejs/node/commit/3e4b1e732c)]
- **(SEMVER-MINOR)** **crypto**: add KMAC Web Cryptography algorithms
(Filip Skokan)
[#​59647](https://redirect.github.com/nodejs/node/pull/59647)
-
\[[`b1d28785b2`](https://redirect.github.com/nodejs/node/commit/b1d28785b2)]
- **(SEMVER-MINOR)** **crypto**: add Argon2 Web Cryptography algorithms
(Filip Skokan)
[#​59544](https://redirect.github.com/nodejs/node/pull/59544)
-
\[[`430691d1af`](https://redirect.github.com/nodejs/node/commit/430691d1af)]
- **(SEMVER-MINOR)** **crypto**: support SLH-DSA KeyObject, sign, and
verify (Filip Skokan)
[#​59537](https://redirect.github.com/nodejs/node/pull/59537)
-
\[[`d6d05ba397`](https://redirect.github.com/nodejs/node/commit/d6d05ba397)]
- **(SEMVER-MINOR)** **worker**: add cpu profile APIs for worker
(theanarkh)
[#​59428](https://redirect.github.com/nodejs/node/pull/59428)
##### Commits
-
\[[`d913872369`](https://redirect.github.com/nodejs/node/commit/d913872369)]
- **assert**: cap input size in myersDiff to avoid Int32Array overflow
(Haram Jeong)
[#​59578](https://redirect.github.com/nodejs/node/pull/59578)
-
\[[`7bbbcf6666`](https://redirect.github.com/nodejs/node/commit/7bbbcf6666)]
- **benchmark**: sqlite prevent create both tables on prepare selects
(Bruno Rodrigues)
[#​59709](https://redirect.github.com/nodejs/node/pull/59709)
-
\[[`44d7b92271`](https://redirect.github.com/nodejs/node/commit/44d7b92271)]
- **benchmark**: calibrate config array-vs-concat (Rafael Gonzaga)
[#​59587](https://redirect.github.com/nodejs/node/pull/59587)
-
\[[`7f347fc551`](https://redirect.github.com/nodejs/node/commit/7f347fc551)]
- **build**: fix getting OpenSSL version on Windows (Michaël Zasso)
[#​59609](https://redirect.github.com/nodejs/node/pull/59609)
-
\[[`4a317150d5`](https://redirect.github.com/nodejs/node/commit/4a317150d5)]
- **build**: fix 'implicit-function-declaration' on OpenHarmony platform
(hqzing)
[#​59547](https://redirect.github.com/nodejs/node/pull/59547)
-
\[[`bda32af587`](https://redirect.github.com/nodejs/node/commit/bda32af587)]
- **build**: use `windows-2025` runner (Michaël Zasso)
[#​59673](https://redirect.github.com/nodejs/node/pull/59673)
-
\[[`a4a8ed8f6e`](https://redirect.github.com/nodejs/node/commit/a4a8ed8f6e)]
- **build**: compile bundled uvwasi conditionally (Carlo Cabrera)
[#​59622](https://redirect.github.com/nodejs/node/pull/59622)
-
\[[`d944a87761`](https://redirect.github.com/nodejs/node/commit/d944a87761)]
- **crypto**: refactor subtle methods to use synchronous import (Filip
Skokan)
[#​59771](https://redirect.github.com/nodejs/node/pull/59771)
-
\[[`7a8e2c251d`](https://redirect.github.com/nodejs/node/commit/7a8e2c251d)]
- **(SEMVER-MINOR)** **crypto**: support Ed448 and ML-DSA context
parameter in node:crypto (Filip Skokan)
[#​59570](https://redirect.github.com/nodejs/node/pull/59570)
-
\[[`4b631be0b0`](https://redirect.github.com/nodejs/node/commit/4b631be0b0)]
- **(SEMVER-MINOR)** **crypto**: support Ed448 and ML-DSA context
parameter in Web Cryptography (Filip Skokan)
[#​59570](https://redirect.github.com/nodejs/node/pull/59570)
-
\[[`3e4b1e732c`](https://redirect.github.com/nodejs/node/commit/3e4b1e732c)]
- **(SEMVER-MINOR)** **crypto**: add KMAC Web Cryptography algorithms
(Filip Skokan)
[#​59647](https://redirect.github.com/nodejs/node/pull/59647)
-
\[[`b1d28785b2`](https://redirect.github.com/nodejs/node/commit/b1d28785b2)]
- **(SEMVER-MINOR)** **crypto**: add Argon2 Web Cryptography algorithms
(Filip Skokan)
[#​59544](https://redirect.github.com/nodejs/node/pull/59544)
-
\[[`430691d1af`](https://redirect.github.com/nodejs/node/commit/430691d1af)]
- **(SEMVER-MINOR)** **crypto**: support SLH-DSA KeyObject, sign, and
verify (Filip Skokan)
[#​59537](https://redirect.github.com/nodejs/node/pull/59537)
-
\[[`0d1e53d935`](https://redirect.github.com/nodejs/node/commit/0d1e53d935)]
- **deps**: update uvwasi to 0.0.23 (Node.js GitHub Bot)
[#​59791](https://redirect.github.com/nodejs/node/pull/59791)
-
\[[`68732cf426`](https://redirect.github.com/nodejs/node/commit/68732cf426)]
- **deps**: update histogram to 0.11.9 (Node.js GitHub Bot)
[#​59689](https://redirect.github.com/nodejs/node/pull/59689)
-
\[[`f12c1ad961`](https://redirect.github.com/nodejs/node/commit/f12c1ad961)]
- **deps**: update googletest to
[`eb2d85e`](https://redirect.github.com/nodejs/node/commit/eb2d85e)
(Node.js GitHub Bot)
[#​59335](https://redirect.github.com/nodejs/node/pull/59335)
-
\[[`45af6966ae`](https://redirect.github.com/nodejs/node/commit/45af6966ae)]
- **deps**: upgrade npm to 11.6.0 (npm team)
[#​59750](https://redirect.github.com/nodejs/node/pull/59750)
-
\[[`57617244a4`](https://redirect.github.com/nodejs/node/commit/57617244a4)]
- **deps**: V8: cherry-pick
[`6b1b9bc`](https://redirect.github.com/nodejs/node/commit/6b1b9bca2a8)
(Xiao-Tao)
[#​59283](https://redirect.github.com/nodejs/node/pull/59283)
-
\[[`2e6225a747`](https://redirect.github.com/nodejs/node/commit/2e6225a747)]
- **deps**: update amaro to 1.1.2 (Node.js GitHub Bot)
[#​59616](https://redirect.github.com/nodejs/node/pull/59616)
-
\[[`1f7f6dfae6`](https://redirect.github.com/nodejs/node/commit/1f7f6dfae6)]
- **diagnostics\_channel**: revoke DEP0163 (René)
[#​59758](https://redirect.github.com/nodejs/node/pull/59758)
-
\[[`8671a6cdb3`](https://redirect.github.com/nodejs/node/commit/8671a6cdb3)]
- **doc**: stabilize --disable-sigusr1 (Rafael Gonzaga)
[#​59707](https://redirect.github.com/nodejs/node/pull/59707)
-
\[[`583b1b255d`](https://redirect.github.com/nodejs/node/commit/583b1b255d)]
- **doc**: update OpenSSL default security level to 2 (Jeetu Suthar)
[#​59723](https://redirect.github.com/nodejs/node/pull/59723)
-
\[[`9b5eb6eb50`](https://redirect.github.com/nodejs/node/commit/9b5eb6eb50)]
- **doc**: fix missing links in the `errors` page (Nam Yooseong)
[#​59427](https://redirect.github.com/nodejs/node/pull/59427)
-
\[[`e7bf712c57`](https://redirect.github.com/nodejs/node/commit/e7bf712c57)]
- **doc**: update "Type stripping in dependencies" section (Josh Kelley)
[#​59652](https://redirect.github.com/nodejs/node/pull/59652)
-
\[[`96db47f91e`](https://redirect.github.com/nodejs/node/commit/96db47f91e)]
- **doc**: add Miles Guicent as triager (Miles Guicent)
[#​59562](https://redirect.github.com/nodejs/node/pull/59562)
-
\[[`87f829bd0c`](https://redirect.github.com/nodejs/node/commit/87f829bd0c)]
- **doc**: mark `path.matchesGlob` as stable (Aviv Keller)
[#​59572](https://redirect.github.com/nodejs/node/pull/59572)
-
\[[`062b2f705e`](https://redirect.github.com/nodejs/node/commit/062b2f705e)]
- **doc**: improve documentation for raw headers in HTTP/2 APIs (Tim
Perry)
[#​59633](https://redirect.github.com/nodejs/node/pull/59633)
-
\[[`6ab9306370`](https://redirect.github.com/nodejs/node/commit/6ab9306370)]
- **doc**: update install\_tools.bat free disk space (Stefan Stojanovic)
[#​59579](https://redirect.github.com/nodejs/node/pull/59579)
-
\[[`c8d6b60da6`](https://redirect.github.com/nodejs/node/commit/c8d6b60da6)]
- **doc**: fix quic session instance typo (jakecastelli)
[#​59642](https://redirect.github.com/nodejs/node/pull/59642)
-
\[[`61d0a2d1ba`](https://redirect.github.com/nodejs/node/commit/61d0a2d1ba)]
- **doc**: fix filehandle.read typo (Ruy Adorno)
[#​59635](https://redirect.github.com/nodejs/node/pull/59635)
-
\[[`3276bfa0d0`](https://redirect.github.com/nodejs/node/commit/3276bfa0d0)]
- **doc**: update migration recomendations for `util.is**()`
deprecations (Augustin Mauroy)
[#​59269](https://redirect.github.com/nodejs/node/pull/59269)
-
\[[`11de6c7ebb`](https://redirect.github.com/nodejs/node/commit/11de6c7ebb)]
- **doc**: fix missing link to the Error documentation in the `http`
page (Alexander Makarenko)
[#​59080](https://redirect.github.com/nodejs/node/pull/59080)
-
\[[`f5b6829bba`](https://redirect.github.com/nodejs/node/commit/f5b6829bba)]
- **doc,crypto**: add description to the KEM and supports() methods
(Filip Skokan)
[#​59644](https://redirect.github.com/nodejs/node/pull/59644)
-
\[[`5bfdc7ee74`](https://redirect.github.com/nodejs/node/commit/5bfdc7ee74)]
- **doc,crypto**: cleanup unlinked and self method references
webcrypto.md (Filip Skokan)
[#​59608](https://redirect.github.com/nodejs/node/pull/59608)
-
\[[`010458d061`](https://redirect.github.com/nodejs/node/commit/010458d061)]
- **esm**: populate separate cache for require(esm) in imported CJS
(Joyee Cheung)
[#​59679](https://redirect.github.com/nodejs/node/pull/59679)
-
\[[`dbe6e63baf`](https://redirect.github.com/nodejs/node/commit/dbe6e63baf)]
- **esm**: fix missed renaming in ModuleJob.runSync (Joyee Cheung)
[#​59724](https://redirect.github.com/nodejs/node/pull/59724)
-
\[[`8eb0d9d834`](https://redirect.github.com/nodejs/node/commit/8eb0d9d834)]
- **fs**: fix wrong order of file names in cpSync error message
(Nicholas Paun)
[#​59775](https://redirect.github.com/nodejs/node/pull/59775)
-
\[[`e69be5611f`](https://redirect.github.com/nodejs/node/commit/e69be5611f)]
- **fs**: fix dereference: false on cpSync (Nicholas Paun)
[#​59681](https://redirect.github.com/nodejs/node/pull/59681)
-
\[[`2865d2ac20`](https://redirect.github.com/nodejs/node/commit/2865d2ac20)]
- **http**: unbreak keepAliveTimeoutBuffer (Robert Nagy)
[#​59784](https://redirect.github.com/nodejs/node/pull/59784)
-
\[[`ade1175475`](https://redirect.github.com/nodejs/node/commit/ade1175475)]
- **http**: use cached '1.1' http version string (Robert Nagy)
[#​59717](https://redirect.github.com/nodejs/node/pull/59717)
-
\[[`74a09482de`](https://redirect.github.com/nodejs/node/commit/74a09482de)]
- **inspector**: undici as shared-library should pass tests (Aras
Abbasi)
[#​59837](https://redirect.github.com/nodejs/node/pull/59837)
-
\[[`772f8f415a`](https://redirect.github.com/nodejs/node/commit/772f8f415a)]
- **inspector**: add http2 tracking support (Darshan Sen)
[#​59611](https://redirect.github.com/nodejs/node/pull/59611)
-
\[[`3d225572d7`](https://redirect.github.com/nodejs/node/commit/3d225572d7)]
- ***Revert*** "**lib**: optimize writable stream buffer clearing" (Yoo)
[#​59743](https://redirect.github.com/nodejs/node/pull/59743)
-
\[[`4fd213ce73`](https://redirect.github.com/nodejs/node/commit/4fd213ce73)]
- **lib**: fix isReadable and isWritable return type value (Gabriel
Quaresma)
[#​59089](https://redirect.github.com/nodejs/node/pull/59089)
-
\[[`39befddb87`](https://redirect.github.com/nodejs/node/commit/39befddb87)]
- **lib**: prefer TypedArrayPrototype primordials (Filip Skokan)
[#​59766](https://redirect.github.com/nodejs/node/pull/59766)
-
\[[`0748160d2e`](https://redirect.github.com/nodejs/node/commit/0748160d2e)]
- **lib**: fix DOMException subclass support (Chengzhong Wu)
[#​59680](https://redirect.github.com/nodejs/node/pull/59680)
-
\[[`1a93df808c`](https://redirect.github.com/nodejs/node/commit/1a93df808c)]
- **lib**: revert to using default derived class constructors (René)
[#​59650](https://redirect.github.com/nodejs/node/pull/59650)
-
\[[`bb0755df37`](https://redirect.github.com/nodejs/node/commit/bb0755df37)]
- **meta**: bump `codecov/codecov-action` (dependabot\[bot])
[#​59726](https://redirect.github.com/nodejs/node/pull/59726)
-
\[[`45d148d9be`](https://redirect.github.com/nodejs/node/commit/45d148d9be)]
- **meta**: bump actions/download-artifact from 4.3.0 to 5.0.0
(dependabot\[bot])
[#​59729](https://redirect.github.com/nodejs/node/pull/59729)
-
\[[`01b66b122e`](https://redirect.github.com/nodejs/node/commit/01b66b122e)]
- **meta**: bump github/codeql-action from 3.29.2 to 3.30.0
(dependabot\[bot])
[#​59728](https://redirect.github.com/nodejs/node/pull/59728)
-
\[[`34f7ab5502`](https://redirect.github.com/nodejs/node/commit/34f7ab5502)]
- **meta**: bump actions/cache from 4.2.3 to 4.2.4 (dependabot\[bot])
[#​59727](https://redirect.github.com/nodejs/node/pull/59727)
-
\[[`5806ea02af`](https://redirect.github.com/nodejs/node/commit/5806ea02af)]
- **meta**: bump actions/checkout from 4.2.2 to 5.0.0 (dependabot\[bot])
[#​59725](https://redirect.github.com/nodejs/node/pull/59725)
-
\[[`f667215583`](https://redirect.github.com/nodejs/node/commit/f667215583)]
- **path**: refactor path joining logic for clarity and performance (Lee
Jiho)
[#​59781](https://redirect.github.com/nodejs/node/pull/59781)
-
\[[`0340fe92a6`](https://redirect.github.com/nodejs/node/commit/0340fe92a6)]
- **repl**: do not cause side effects in tab completion (Anna
Henningsen)
[#​59774](https://redirect.github.com/nodejs/node/pull/59774)
-
\[[`a414c1eb51`](https://redirect.github.com/nodejs/node/commit/a414c1eb51)]
- **repl**: fix REPL completion under unary expressions (Kingsword)
[#​59744](https://redirect.github.com/nodejs/node/pull/59744)
-
\[[`c206f8dd87`](https://redirect.github.com/nodejs/node/commit/c206f8dd87)]
- **repl**: add isValidParentheses check before wrap input (Xuguang Mei)
[#​59607](https://redirect.github.com/nodejs/node/pull/59607)
-
\[[`0bf9775ee2`](https://redirect.github.com/nodejs/node/commit/0bf9775ee2)]
- **sea**: implement sea.getAssetKeys() (Joyee Cheung)
[#​59661](https://redirect.github.com/nodejs/node/pull/59661)
-
\[[`bf26b478d8`](https://redirect.github.com/nodejs/node/commit/bf26b478d8)]
- **sea**: allow using inspector command line flags with SEA (Joyee
Cheung)
[#​59568](https://redirect.github.com/nodejs/node/pull/59568)
-
\[[`92128a8fe2`](https://redirect.github.com/nodejs/node/commit/92128a8fe2)]
- **src**: use DictionaryTemplate for node\_url\_pattern (James M Snell)
[#​59802](https://redirect.github.com/nodejs/node/pull/59802)
-
\[[`bcb29fb84f`](https://redirect.github.com/nodejs/node/commit/bcb29fb84f)]
- **src**: correctly report memory changes to V8 (Yaksh Bariya)
[#​59623](https://redirect.github.com/nodejs/node/pull/59623)
-
\[[`44c24657d3`](https://redirect.github.com/nodejs/node/commit/44c24657d3)]
- **src**: fixup node\_messaging error handling (James M Snell)
[#​59792](https://redirect.github.com/nodejs/node/pull/59792)
-
\[[`2cd6a3b7ec`](https://redirect.github.com/nodejs/node/commit/2cd6a3b7ec)]
- **src**: track async resources via pointers to stack-allocated handles
(Anna Henningsen)
[#​59704](https://redirect.github.com/nodejs/node/pull/59704)
-
\[[`34d752586f`](https://redirect.github.com/nodejs/node/commit/34d752586f)]
- **src**: fix build on NetBSD (Thomas Klausner)
[#​59718](https://redirect.github.com/nodejs/node/pull/59718)
-
\[[`15fa779ac5`](https://redirect.github.com/nodejs/node/commit/15fa779ac5)]
- **src**: fix race on process exit and off thread CA loading
(Chengzhong Wu)
[#​59632](https://redirect.github.com/nodejs/node/pull/59632)
-
\[[`15cbd3966a`](https://redirect.github.com/nodejs/node/commit/15cbd3966a)]
- **src**: separate module.hasAsyncGraph and module.hasTopLevelAwait
(Joyee Cheung)
[#​59675](https://redirect.github.com/nodejs/node/pull/59675)
-
\[[`88d1ca8990`](https://redirect.github.com/nodejs/node/commit/88d1ca8990)]
- **src**: use non-deprecated Get/SetPrototype methods (Michaël Zasso)
[#​59671](https://redirect.github.com/nodejs/node/pull/59671)
-
\[[`56ac9a2d46`](https://redirect.github.com/nodejs/node/commit/56ac9a2d46)]
- **src**: migrate WriteOneByte to WriteOneByteV2 (Chengzhong Wu)
[#​59634](https://redirect.github.com/nodejs/node/pull/59634)
-
\[[`3d88aa9f2f`](https://redirect.github.com/nodejs/node/commit/3d88aa9f2f)]
- **src**: remove duplicate code (theanarkh)
[#​59649](https://redirect.github.com/nodejs/node/pull/59649)
-
\[[`0718a70b2a`](https://redirect.github.com/nodejs/node/commit/0718a70b2a)]
- **src**: add name for more threads (theanarkh)
[#​59601](https://redirect.github.com/nodejs/node/pull/59601)
-
\[[`0379a8b254`](https://redirect.github.com/nodejs/node/commit/0379a8b254)]
- **src**: remove JSONParser (Joyee Cheung)
[#​59619](https://redirect.github.com/nodejs/node/pull/59619)
-
\[[`90d0a1b2e9`](https://redirect.github.com/nodejs/node/commit/90d0a1b2e9)]
- **src,sqlite**: refactor value conversion (Edy Silva)
[#​59659](https://redirect.github.com/nodejs/node/pull/59659)
-
\[[`5e025c7ca7`](https://redirect.github.com/nodejs/node/commit/5e025c7ca7)]
- **stream**: replace manual function validation with validateFunction
(방진혁)
[#​59529](https://redirect.github.com/nodejs/node/pull/59529)
-
\[[`155a999bed`](https://redirect.github.com/nodejs/node/commit/155a999bed)]
- **test**: skip tests failing when run under root (Livia Medeiros)
[#​59779](https://redirect.github.com/nodejs/node/pull/59779)
-
\[[`6313706c69`](https://redirect.github.com/nodejs/node/commit/6313706c69)]
- **test**: update WPT for urlpattern to
[`cff1ac1`](https://redirect.github.com/nodejs/node/commit/cff1ac1123)
(Node.js GitHub Bot)
[#​59602](https://redirect.github.com/nodejs/node/pull/59602)
-
\[[`41245ad4c7`](https://redirect.github.com/nodejs/node/commit/41245ad4c7)]
- **test**: skip more sea tests on Linux ppc64le (Richard Lau)
[#​59755](https://redirect.github.com/nodejs/node/pull/59755)
-
\[[`df63d37ec4`](https://redirect.github.com/nodejs/node/commit/df63d37ec4)]
- **test**: fix internet/test-dns (Michaël Zasso)
[#​59660](https://redirect.github.com/nodejs/node/pull/59660)
-
\[[`1f6c335e82`](https://redirect.github.com/nodejs/node/commit/1f6c335e82)]
- **test**: mark test-inspector-network-fetch as flaky again (Joyee
Cheung)
[#​59640](https://redirect.github.com/nodejs/node/pull/59640)
-
\[[`1798683df1`](https://redirect.github.com/nodejs/node/commit/1798683df1)]
- **test**: skip test-fs-cp\* tests that are constantly failing on
Windows (Joyee Cheung)
[#​59637](https://redirect.github.com/nodejs/node/pull/59637)
-
\[[`4c48ec09e5`](https://redirect.github.com/nodejs/node/commit/4c48ec09e5)]
- **test**: deflake test-http-keep-alive-empty-line (Luigi Pinca)
[#​59595](https://redirect.github.com/nodejs/node/pull/59595)
-
\[[`dcdb259e85`](https://redirect.github.com/nodejs/node/commit/dcdb259e85)]
- **test\_runner**: fix todo inheritance (Moshe Atlow)
[#​59721](https://redirect.github.com/nodejs/node/pull/59721)
-
\[[`24177973a2`](https://redirect.github.com/nodejs/node/commit/24177973a2)]
- **test\_runner**: set mock timer's interval undefined (hotpineapple)
[#​59479](https://redirect.github.com/nodejs/node/pull/59479)
-
\[[`83d11f8a7a`](https://redirect.github.com/nodejs/node/commit/83d11f8a7a)]
- **tools**: print appropriate output when test aborted (hotpineapple)
[#​59794](https://redirect.github.com/nodejs/node/pull/59794)
-
\[[`1eca2cc548`](https://redirect.github.com/nodejs/node/commit/1eca2cc548)]
- **tools**: use sparse checkout in `build-tarball.yml` (Antoine du
Hamel)
[#​59788](https://redirect.github.com/nodejs/node/pull/59788)
-
\[[`89fa1a929d`](https://redirect.github.com/nodejs/node/commit/89fa1a929d)]
- **tools**: remove unused actions from `build-tarball.yml` (Antoine du
Hamel)
[#​59787](https://redirect.github.com/nodejs/node/pull/59787)
-
\[[`794ca3511d`](https://redirect.github.com/nodejs/node/commit/794ca3511d)]
- **tools**: do not attempt to compress tgz archive (Antoine du Hamel)
[#​59785](https://redirect.github.com/nodejs/node/pull/59785)
-
\[[`377bdb9b7e`](https://redirect.github.com/nodejs/node/commit/377bdb9b7e)]
- **tools**: add v8windbg target (Chengzhong Wu)
[#​59767](https://redirect.github.com/nodejs/node/pull/59767)
-
\[[`6696d1d6c9`](https://redirect.github.com/nodejs/node/commit/6696d1d6c9)]
- **tools**: improve error handling in node\_mksnapshot (James M Snell)
[#​59437](https://redirect.github.com/nodejs/node/pull/59437)
-
\[[`8dbd0f13e8`](https://redirect.github.com/nodejs/node/commit/8dbd0f13e8)]
- **tools**: add sccache to `test-internet` workflow (Antoine du Hamel)
[#​59720](https://redirect.github.com/nodejs/node/pull/59720)
-
\[[`6523c2d7d9`](https://redirect.github.com/nodejs/node/commit/6523c2d7d9)]
- **tools**: update gyp-next to 0.20.4 (Node.js GitHub Bot)
[#​59690](https://redirect.github.com/nodejs/node/pull/59690)
-
\[[`19d633f40c`](https://redirect.github.com/nodejs/node/commit/19d633f40c)]
- **tools**: add script to make reviewing backport PRs easier (Antoine
du Hamel) [#​59161](https://redirect.github
</details>
---
### Configuration
📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on
Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule
defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
> Changelog: skip
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 8, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [aqua:bufbuild/protoc-gen-validate](https://redirect.github.com/bufbuild/protoc-gen-validate) | minor | `1.2.1` -> `1.3.0` | --- ### Release Notes <details> <summary>bufbuild/protoc-gen-validate (aqua:bufbuild/protoc-gen-validate)</summary> ### [`v1.3.0`](https://redirect.github.com/bufbuild/protoc-gen-validate/releases/tag/v1.3.0) [Compare Source](https://redirect.github.com/bufbuild/protoc-gen-validate/compare/v1.2.1-java...v1.3.0) #### What's Changed - Update README.md by [@​nicksnyder](https://redirect.github.com/nicksnyder) in [#​1233](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1233) - Fix unreliable asset generation by [@​nicksnyder](https://redirect.github.com/nicksnyder) in [#​1235](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1235) - Add Maven developers entry by [@​pkwarren](https://redirect.github.com/pkwarren) in [#​1237](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1237) - Bump the java group across 1 directory with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1230](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1230) - Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 in the go group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1239](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1239) - Fix `in` rule for `repeated int32` by [@​mortezaPRK](https://redirect.github.com/mortezaPRK) in [#​1240](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1240) - Bump the python-root group across 1 directory with 8 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1243](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1243) - Support `in` rule for repeated `int32` and `int64` fields by [@​mortezaPRK](https://redirect.github.com/mortezaPRK) in [#​1241](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1241) - Bump protobuf from 5.29.1 to 5.29.3 in /python in the python group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1244](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1244) - Link to migration guide by [@​nicksnyder](https://redirect.github.com/nicksnyder) in [#​1247](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1247) - Bump the go group across 1 directory with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1251](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1251) - Bump the go-tests group across 1 directory with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1250](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1250) - Bump flake8 from 7.1.1 to 7.1.2 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1249](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1249) - Bump com.google.api.grpc:proto-google-common-protos from 2.50.1 to 2.52.0 in /java in the java group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1248](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1248) - Bump jinja2 from 3.1.4 to 3.1.5 in /python by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1213](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1213) - Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 in /java in the java group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1252](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1252) - Bump com.google.api.grpc:proto-google-common-protos from 2.52.0 to 2.53.0 in /java in the java group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1254](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1254) - Bump jinja2 from 3.1.5 to 3.1.6 in /python by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1255](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1255) - Bump the python-root group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1253](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1253) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1259](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1259) - Bump setuptools from 75.8.2 to 76.0.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1258](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1258) - Bump golang.org/x/net from 0.35.0 to 0.37.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1257](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1257) - Bump protobuf from 5.29.3 to 6.30.1 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1261](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1261) - Bump the java group across 1 directory with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1270](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1270) - Bump the go-tests group across 1 directory with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1267](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1267) - Bump the java group in /java with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1274](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1274) - Fix incompatibility with --incompatible\_disable\_starlark\_host\_transitions by [@​meteorcloudy](https://redirect.github.com/meteorcloudy) in [#​1275](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1275) - Bump com.google.api.grpc:proto-google-common-protos from 2.55.0 to 2.55.3 in /java in the java group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1277](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1277) - Switch to publish to Maven Central by [@​pkwarren](https://redirect.github.com/pkwarren) in [#​1278](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1278) - Bump golang.org/x/net from 0.39.0 to 0.40.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1280](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1280) - Bump the python-root group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1268](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1268) - Bump com.google.api.grpc:proto-google-common-protos from 2.55.3 to 2.56.0 in /java in the java group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1279](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1279) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1281](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1281) - Bump setuptools from 80.4.0 to 80.7.1 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1282](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1282) - Bump setuptools from 80.7.1 to 80.8.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1283](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1283) - Bump the python-root group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1284](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1284) - Bump the java group in /java with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1285](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1285) - Bump the java group across 1 directory with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1293](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1293) - Bump flake8 from 7.2.0 to 7.3.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1289](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1289) - Bump protobuf from 5.29.3 to 5.29.5 in /python by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1288](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1288) - Bump golang.org/x/net from 0.40.0 to 0.41.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1286](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1286) - Bump golang.org/x/net from 0.41.0 to 0.42.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1297](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1297) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1296](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1296) - Bump build from 1.2.2.post1 to 1.3.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1295](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1295) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1299](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1299) - Bump the go-tests group in /tests with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1298](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1298) - Bump the java group in /java with 4 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1301](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1301) - Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1300](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1300) - Bump the github-actions group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1302](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1302) - Bump protobuf from 6.31.1 to 6.32.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1303](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1303) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1304](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1304) - Bump the github-actions group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1306](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1306) - Bump twine from 6.1.0 to 6.2.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1305](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1305) - Bump the java group in /java with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1307](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1307) - Bump the go-tests group in /tests with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1308](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1308) - Bump protobuf from 6.32.0 to 6.32.1 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1309](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1309) - Bump the java group in /java with 6 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1310](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1310) - Replace deprecated rules by [@​mmorel-35](https://redirect.github.com/mmorel-35) in [#​1311](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1311) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1313](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1313) - Bump isort from 6.0.1 to 6.1.0 in the python-root group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1317](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1317) - Bump the java group in /java with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1316](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1316) - Bump google.golang.org/protobuf from 1.36.9 to 1.36.10 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1315](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1315) - Bump the java group in /java with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1320](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1320) - Bump golang.org/x/net from 0.44.0 to 0.46.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1319](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1319) - Bump actions/upload-artifact from 4 to 5 in the github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1324](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1324) - Bump the java group in /java with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1323](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1323) - Bump the java group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1328](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1328) - Bump golang.org/x/net from 0.46.0 to 0.47.0 in /tests in the go-tests group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1329](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1329) - Python 3.13 support in validator.py by [@​pdecks](https://redirect.github.com/pdecks) in [#​1326](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1326) #### New Contributors - [@​mortezaPRK](https://redirect.github.com/mortezaPRK) made their first contribution in [#​1240](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1240) - [@​meteorcloudy](https://redirect.github.com/meteorcloudy) made their first contribution in [#​1275](https://redirect.github.com/bufbuild/protoc-gen-validate/pull/1275) **Full Changelog**: <bufbuild/protoc-gen-validate@v1.2.1...v1.3.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 8, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [protoc](https://redirect.github.com/protocolbuffers/protobuf) | minor | `33.1` -> `33.2` | --- ### Release Notes <details> <summary>protocolbuffers/protobuf (protoc)</summary> ### [`v33.2`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.2): Protocol Buffers v33.2 [Compare Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v33.1...v33.2) ##### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ##### Compiler - Add EDITION\_UNSTABLE for new edition development ([`9247790`](https://redirect.github.com/protocolbuffers/protobuf/commit/92477901aa6738251d8dc208f9ebfcc761f24bc6)) - Fix a bug with custom features outside of the `pb` package. ([`483173d`](https://redirect.github.com/protocolbuffers/protobuf/commit/483173ddc3d18d230c806f6c7a9d170375431c1b)) - Reserving a declaration for the Impress proto plugin. ([`8a0b438`](https://redirect.github.com/protocolbuffers/protobuf/commit/8a0b43826665857284432afa087637f3d2539a05)) ##### C++ - Remove unnecessary uses of future changes to descriptor.proto ([`50c9e62`](https://redirect.github.com/protocolbuffers/protobuf/commit/50c9e62526b7050b94993b8547e6fbd1c8b55625)) - Fix a bug with custom features outside of the `pb` package. ([`483173d`](https://redirect.github.com/protocolbuffers/protobuf/commit/483173ddc3d18d230c806f6c7a9d170375431c1b)) ##### Java - Fix a bug with custom features outside of the `pb` package. ([`483173d`](https://redirect.github.com/protocolbuffers/protobuf/commit/483173ddc3d18d230c806f6c7a9d170375431c1b)) ##### Csharp - Add EDITION\_UNSTABLE for new edition development ([`9247790`](https://redirect.github.com/protocolbuffers/protobuf/commit/92477901aa6738251d8dc208f9ebfcc761f24bc6)) - Use generic Marshal.SizeOf when possible ([#​21964](https://redirect.github.com/protocolbuffers/protobuf/issues/21964)) ([#​24673](https://redirect.github.com/protocolbuffers/protobuf/issues/24673)) ([`9f263cd`](https://redirect.github.com/protocolbuffers/protobuf/commit/9f263cd5ef14160b17d15bc8b40c89e86d4f7a1f)) - Regenerate stale files ([`058bffa`](https://redirect.github.com/protocolbuffers/protobuf/commit/058bffaade42d61418d369c3baef1012c9794245)) ##### PHP - Add EDITION\_UNSTABLE for new edition development ([`9247790`](https://redirect.github.com/protocolbuffers/protobuf/commit/92477901aa6738251d8dc208f9ebfcc761f24bc6)) ##### PHP C-Extension - Regenerate staleness tests ([`e9f62c6`](https://redirect.github.com/protocolbuffers/protobuf/commit/e9f62c68db781f55271f09a5ab21b023d0b2556c)) - Add EDITION\_UNSTABLE for new edition development ([`9247790`](https://redirect.github.com/protocolbuffers/protobuf/commit/92477901aa6738251d8dc208f9ebfcc761f24bc6)) - Regenerate stale files ([`058bffa`](https://redirect.github.com/protocolbuffers/protobuf/commit/058bffaade42d61418d369c3baef1012c9794245)) - *See also UPB changes below, which may affect PHP C-Extension.* ##### Ruby ##### Ruby C-Extension - Regenerate staleness tests ([`e9f62c6`](https://redirect.github.com/protocolbuffers/protobuf/commit/e9f62c68db781f55271f09a5ab21b023d0b2556c)) - Regenerate stale files ([`058bffa`](https://redirect.github.com/protocolbuffers/protobuf/commit/058bffaade42d61418d369c3baef1012c9794245)) - *See also UPB changes below, which may affect Ruby C-Extension.* ##### UPB (Python/PHP/Ruby C-Extension) - Regenerate staleness tests ([`e9f62c6`](https://redirect.github.com/protocolbuffers/protobuf/commit/e9f62c68db781f55271f09a5ab21b023d0b2556c)) - Add BTI to branch targets when branch protection is enabled. This resolves ([`72a48f9`](https://redirect.github.com/protocolbuffers/protobuf/commit/72a48f9e626a6217d1276e4be1455a296b1e158f)) - Extract arm64 asm check ([`13ee2ce`](https://redirect.github.com/protocolbuffers/protobuf/commit/13ee2ce2cb9dabc0bb058ac1a96ae9d117b9e109)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Marcin Skalski <skalskimarcin33@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Marcin Skalski <skalskimarcin33@gmail.com>
renovate bot
added a commit
that referenced
this pull request
Dec 9, 2025
…o 1.9.0 (#15224) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/containernetworking/plugins](https://redirect.github.com/containernetworking/plugins) | require | `v1.8.0` -> `v1.9.0` |  |  | ### GitHub Vulnerability Alerts #### [CVE-2025-67499](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm) ### Background The CNI `portmap` plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to `198.51.100.42:53` be forwarded to the container's network. ### Vulnerability When the `portmap` plugin is configured with the `nftables` backend, it inadvertently forwards all traffic with the same destination port as the host port, **ignoring the destination IP**. This includes traffic not intended for the node itself, i.e. traffic to containers hosted on the node. In the given example above, traffic destined to port 53 but for a _separate container_ would still be captured and forwarded, even though it was not destined for the host. ### Impact Containers (i.e. kubernetes pods) that request HostPort forwarding can intercept all traffic destined for that port. This requires that the `portmap` plugin be explicitly configured to use the `nftables` backend. (The `iptables` backend is the default.) ### Patches This is fixed as of CNI plugins v1.9.0 ### Workarounds Configure the `portmap` plugin to use the `iptables` backend. It does not have this vulnerability. --- ### Release Notes <details> <summary>containernetworking/plugins (github.com/containernetworking/plugins)</summary> ### [`v1.9.0`](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.9.0): CNI plugins v1.9.0 [Compare Source](https://redirect.github.com/containernetworking/plugins/compare/v1.8.0...v1.9.0) #### What's Changed This release fixes [CVE-2025-67499](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm), a bug in the `nftables` backend for the `portmap` plugin that can cause traffic to be unexpectedly intercepted. ##### Bugs - portmap: ensure nftables backend only intercept local traffic by [@​champtar](https://redirect.github.com/champtar) in [#​1210](https://redirect.github.com/containernetworking/plugins/pull/1210). ##### Other changes - Fix file exists errro in dummy cni by [@​liuyuan10](https://redirect.github.com/liuyuan10) in [#​1205](https://redirect.github.com/containernetworking/plugins/pull/1205) - Ignore settling with down state since it would never settle by [@​bn222](https://redirect.github.com/bn222) in [#​1207](https://redirect.github.com/containernetworking/plugins/pull/1207) **Full Changelog**: <containernetworking/plugins@v1.8.0...v1.9.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhcmVhL3NlY3VyaXR5IiwiZGVwZW5kZW5jaWVzIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 10, 2025
…o 1.9.0 (#15236) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/containernetworking/plugins](https://redirect.github.com/containernetworking/plugins) | require | `v1.7.1` -> `v1.9.0` |  |  | --- ### CNA Plugins Portmap nftables backend can intercept non-local traffic [CVE-2025-67499](https://nvd.nist.gov/vuln/detail/CVE-2025-67499) / [GHSA-jv3w-x3r3-g6rm](https://redirect.github.com/advisories/GHSA-jv3w-x3r3-g6rm) <details> <summary>More information</summary> #### Details ##### Background The CNI `portmap` plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to `198.51.100.42:53` be forwarded to the container's network. ##### Vulnerability When the `portmap` plugin is configured with the `nftables` backend, it inadvertently forwards all traffic with the same destination port as the host port, **ignoring the destination IP**. This includes traffic not intended for the node itself, i.e. traffic to containers hosted on the node. In the given example above, traffic destined to port 53 but for a _separate container_ would still be captured and forwarded, even though it was not destined for the host. ##### Impact Containers (i.e. kubernetes pods) that request HostPort forwarding can intercept all traffic destined for that port. This requires that the `portmap` plugin be explicitly configured to use the `nftables` backend. (The `iptables` backend is the default.) ##### Patches This is fixed as of CNI plugins v1.9.0 ##### Workarounds Configure the `portmap` plugin to use the `iptables` backend. It does not have this vulnerability. #### Severity - CVSS Score: 6.6 / 10 (Medium) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H` #### References - [https://github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm) - [https://github.com/containernetworking/plugins/commit/9b3772e1a7abf93cbb7c6526a28bc0d27b830e02](https://redirect.github.com/containernetworking/plugins/commit/9b3772e1a7abf93cbb7c6526a28bc0d27b830e02) - [https://github.com/containernetworking/plugins](https://redirect.github.com/containernetworking/plugins) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-jv3w-x3r3-g6rm) and the [GitHub Advisory Database](https://redirect.github.com/github/advisory-database) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>containernetworking/plugins (github.com/containernetworking/plugins)</summary> ### [`v1.9.0`](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.9.0): CNI plugins v1.9.0 [Compare Source](https://redirect.github.com/containernetworking/plugins/compare/v1.8.0...v1.9.0) #### What's Changed This release fixes [CVE-2025-67499](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm), a bug in the `nftables` backend for the `portmap` plugin that can cause traffic to be unexpectedly intercepted. ##### Bugs - portmap: ensure nftables backend only intercept local traffic by [@​champtar](https://redirect.github.com/champtar) in [#​1210](https://redirect.github.com/containernetworking/plugins/pull/1210). ##### Other changes - Fix file exists errro in dummy cni by [@​liuyuan10](https://redirect.github.com/liuyuan10) in [#​1205](https://redirect.github.com/containernetworking/plugins/pull/1205) - Ignore settling with down state since it would never settle by [@​bn222](https://redirect.github.com/bn222) in [#​1207](https://redirect.github.com/containernetworking/plugins/pull/1207) **Full Changelog**: <containernetworking/plugins@v1.8.0...v1.9.0> ### [`v1.8.0`](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.8.0): CNI plugins v1.8.0 [Compare Source](https://redirect.github.com/containernetworking/plugins/compare/v1.7.1...v1.8.0) The Bridge CNI plugin has removed limitations on VLAN trunk implementation. This aligns with recommended access and trunk port configurations, ensuring proper VLAN isolation and enhanced usability. #### What's Changed - Allow vlan parameter to set native vlan on trunk ports by [@​mlguerrero12](https://redirect.github.com/mlguerrero12) in [#​1180](https://redirect.github.com/containernetworking/plugins/pull/1180) - Set default value of PreserveDefaultVlan to False by [@​mlguerrero12](https://redirect.github.com/mlguerrero12) in [#​1181](https://redirect.github.com/containernetworking/plugins/pull/1181) - remove duplicate route.Table and route.Scope assignments by [@​runsisi](https://redirect.github.com/runsisi) in [#​1192](https://redirect.github.com/containernetworking/plugins/pull/1192) - Set value of gw to nil for opt121 routes in DHCP by [@​omartin2010](https://redirect.github.com/omartin2010) in [#​1187](https://redirect.github.com/containernetworking/plugins/pull/1187) #### New Contributors - [@​runsisi](https://redirect.github.com/runsisi) made their first contribution in [#​1192](https://redirect.github.com/containernetworking/plugins/pull/1192) - [@​omartin2010](https://redirect.github.com/omartin2010) made their first contribution in [#​1187](https://redirect.github.com/containernetworking/plugins/pull/1187) **Full Changelog**: <containernetworking/plugins@v1.7.0...v1.8.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6InJlbGVhc2UtMi4xMiIsImxhYmVscyI6WyJhcmVhL3NlY3VyaXR5IiwiZGVwZW5kZW5jaWVzIiwicmVsZWFzZS0yLjEyIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 11, 2025
…o 1.9.0 (#15235) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/containernetworking/plugins](https://redirect.github.com/containernetworking/plugins) | require | `v1.7.1` -> `v1.9.0` |  |  | --- ### CNA Plugins Portmap nftables backend can intercept non-local traffic [CVE-2025-67499](https://nvd.nist.gov/vuln/detail/CVE-2025-67499) / [GHSA-jv3w-x3r3-g6rm](https://redirect.github.com/advisories/GHSA-jv3w-x3r3-g6rm) <details> <summary>More information</summary> #### Details ##### Background The CNI `portmap` plugin allows containers to emulate opening a host port, forwarding that traffic to the container. For example, if a host has the IP 198.51.100.42, a container may request that all packets to `198.51.100.42:53` be forwarded to the container's network. ##### Vulnerability When the `portmap` plugin is configured with the `nftables` backend, it inadvertently forwards all traffic with the same destination port as the host port, **ignoring the destination IP**. This includes traffic not intended for the node itself, i.e. traffic to containers hosted on the node. In the given example above, traffic destined to port 53 but for a _separate container_ would still be captured and forwarded, even though it was not destined for the host. ##### Impact Containers (i.e. kubernetes pods) that request HostPort forwarding can intercept all traffic destined for that port. This requires that the `portmap` plugin be explicitly configured to use the `nftables` backend. (The `iptables` backend is the default.) ##### Patches This is fixed as of CNI plugins v1.9.0 ##### Workarounds Configure the `portmap` plugin to use the `iptables` backend. It does not have this vulnerability. #### Severity - CVSS Score: 6.6 / 10 (Medium) - Vector String: `CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H` #### References - [https://github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm) - [https://nvd.nist.gov/vuln/detail/CVE-2025-67499](https://nvd.nist.gov/vuln/detail/CVE-2025-67499) - [https://github.com/containernetworking/plugins/pull/1210](https://redirect.github.com/containernetworking/plugins/pull/1210) - [https://github.com/containernetworking/plugins/commit/9b3772e1a7abf93cbb7c6526a28bc0d27b830e02](https://redirect.github.com/containernetworking/plugins/commit/9b3772e1a7abf93cbb7c6526a28bc0d27b830e02) - [https://github.com/containernetworking/plugins](https://redirect.github.com/containernetworking/plugins) - [https://github.com/containernetworking/plugins/releases/tag/v1.9.0](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.9.0) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-jv3w-x3r3-g6rm) and the [GitHub Advisory Database](https://redirect.github.com/github/advisory-database) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>containernetworking/plugins (github.com/containernetworking/plugins)</summary> ### [`v1.9.0`](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.9.0): CNI plugins v1.9.0 [Compare Source](https://redirect.github.com/containernetworking/plugins/compare/v1.8.0...v1.9.0) #### What's Changed This release fixes [CVE-2025-67499](https://redirect.github.com/containernetworking/plugins/security/advisories/GHSA-jv3w-x3r3-g6rm), a bug in the `nftables` backend for the `portmap` plugin that can cause traffic to be unexpectedly intercepted. ##### Bugs - portmap: ensure nftables backend only intercept local traffic by [@​champtar](https://redirect.github.com/champtar) in [#​1210](https://redirect.github.com/containernetworking/plugins/pull/1210). ##### Other changes - Fix file exists errro in dummy cni by [@​liuyuan10](https://redirect.github.com/liuyuan10) in [#​1205](https://redirect.github.com/containernetworking/plugins/pull/1205) - Ignore settling with down state since it would never settle by [@​bn222](https://redirect.github.com/bn222) in [#​1207](https://redirect.github.com/containernetworking/plugins/pull/1207) **Full Changelog**: <containernetworking/plugins@v1.8.0...v1.9.0> ### [`v1.8.0`](https://redirect.github.com/containernetworking/plugins/releases/tag/v1.8.0): CNI plugins v1.8.0 [Compare Source](https://redirect.github.com/containernetworking/plugins/compare/v1.7.1...v1.8.0) The Bridge CNI plugin has removed limitations on VLAN trunk implementation. This aligns with recommended access and trunk port configurations, ensuring proper VLAN isolation and enhanced usability. #### What's Changed - Allow vlan parameter to set native vlan on trunk ports by [@​mlguerrero12](https://redirect.github.com/mlguerrero12) in [#​1180](https://redirect.github.com/containernetworking/plugins/pull/1180) - Set default value of PreserveDefaultVlan to False by [@​mlguerrero12](https://redirect.github.com/mlguerrero12) in [#​1181](https://redirect.github.com/containernetworking/plugins/pull/1181) - remove duplicate route.Table and route.Scope assignments by [@​runsisi](https://redirect.github.com/runsisi) in [#​1192](https://redirect.github.com/containernetworking/plugins/pull/1192) - Set value of gw to nil for opt121 routes in DHCP by [@​omartin2010](https://redirect.github.com/omartin2010) in [#​1187](https://redirect.github.com/containernetworking/plugins/pull/1187) #### New Contributors - [@​runsisi](https://redirect.github.com/runsisi) made their first contribution in [#​1192](https://redirect.github.com/containernetworking/plugins/pull/1192) - [@​omartin2010](https://redirect.github.com/omartin2010) made their first contribution in [#​1187](https://redirect.github.com/containernetworking/plugins/pull/1187) **Full Changelog**: <containernetworking/plugins@v1.7.0...v1.8.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6InJlbGVhc2UtMi4xMSIsImxhYmVscyI6WyJhcmVhL3NlY3VyaXR5IiwiZGVwZW5kZW5jaWVzIiwicmVsZWFzZS0yLjExIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 16, 2025
This PR contains the following updates: | Package | Type | Update | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---|---| | [helm](https://redirect.github.com/helm/helm) | | patch | `4.0.2` -> `4.0.4` |  |  | | [helm.sh/helm/v4](https://redirect.github.com/helm/helm) | require | patch | `v4.0.2` -> `v4.0.4` |  |  | --- ### Release Notes <details> <summary>helm/helm (helm)</summary> ### [`v4.0.4`](https://redirect.github.com/helm/helm/releases/tag/v4.0.4): Helm v4.0.4 [Compare Source](https://redirect.github.com/helm/helm/compare/v4.0.2...v4.0.4) Helm v4.0.4 is a security fix for a Go CVE in the previous tag. This patch release rebuilds the Helm `v4.0.2` release with the latest Go toolchain, to fix the Go CVE. Users are encouraged to upgrade. Note that tag v4.0.3 was skipped due to a build failure. The community keeps growing, and we'd love to see you there! - Join the discussion in [Kubernetes Slack](https://kubernetes.slack.com): - for questions and just to hang out - for discussing PRs, code, and bugs - Hang out at the Public Developer Call: Thursday, 9:30 Pacific via [Zoom](https://zoom.us/j/696660622) - Test, debug, and contribute charts: [ArtifactHub/packages](https://artifacthub.io/packages/search?kind=0) #### Installation and Upgrading Download Helm v4.0.4. The common platform binaries are here: - [MacOS amd64](https://get.helm.sh/helm-v4.0.4-darwin-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-darwin-amd64.tar.gz.sha256sum) / 73bcfd6ab000fdc95acf9fe1c59e8e47179426a653e45ae485889869d4a00523) - [MacOS arm64](https://get.helm.sh/helm-v4.0.4-darwin-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-darwin-arm64.tar.gz.sha256sum) / a7ea99937a9679b3935fa0a2b70e577aa1ea84e5856e7c0821ca6ffa064ea976) - [Linux amd64](https://get.helm.sh/helm-v4.0.4-linux-amd64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-amd64.tar.gz.sha256sum) / 29454bc351f4433e66c00f5d37841627cbbcc02e4c70a6d796529d355237671c) - [Linux arm](https://get.helm.sh/helm-v4.0.4-linux-arm.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-arm.tar.gz.sha256sum) / 9255732e31b5aa5ee7b55be8497eea4723e3dfb08a63c37603ae0d15a9a9d82c) - [Linux arm64](https://get.helm.sh/helm-v4.0.4-linux-arm64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-arm64.tar.gz.sha256sum) / 16b88acc6503d646b7537a298e7389bef469c5cc9ebadf727547abe9f6a35903) - [Linux i386](https://get.helm.sh/helm-v4.0.4-linux-386.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-386.tar.gz.sha256sum) / e6dbf45313bab48e51a2b7a5f3271a19bb3d8b9f07b4bb48ba342389d902af53) - [Linux loong64](https://get.helm.sh/helm-v4.0.4-linux-loong64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-loong64.tar.gz.sha256sum) / <?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist. RequestId:11673868-901e-003e-10cd-6b624b000000 Time:2025-12-13T01:15:26.0922049Z</Message></Error>) - [Linux ppc64le](https://get.helm.sh/helm-v4.0.4-linux-ppc64le.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-ppc64le.tar.gz.sha256sum) / c108d181a0e29dadf281fbb4f4a0e0f2149922b119ec745ced1a5ae6f0918703) - [Linux s390x](https://get.helm.sh/helm-v4.0.4-linux-s390x.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-s390x.tar.gz.sha256sum) / cdf172c59379f0a3fe1db4743c16f122745fdaaebb2fbbfa40ce5722a4787717) - [Linux riscv64](https://get.helm.sh/helm-v4.0.4-linux-riscv64.tar.gz) ([checksum](https://get.helm.sh/helm-v4.0.4-linux-riscv64.tar.gz.sha256sum) / 2cf1c77d993bf5386e85249007bdaf38358d2516b18454212206a81b132e1330) - [Windows amd64](https://get.helm.sh/helm-v4.0.4-windows-amd64.zip) ([checksum](https://get.helm.sh/helm-v4.0.4-windows-amd64.zip.sha256sum) / 135bffadd3c87aff8856e06efb366bea2a48ac4d1742d73af80250410246f14d) - [Windows arm64](https://get.helm.sh/helm-v4.0.4-windows-arm64.zip) ([checksum](https://get.helm.sh/helm-v4.0.4-windows-arm64.zip.sha256sum) / b65d05f15260e78311f463773f54fe68f6d74444b3c3e84cecf270cdb927cd8a) This release was signed with `208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155` and can be found at [@​scottrigby](https://redirect.github.com/scottrigby) [keybase account](https://keybase.io/r6by). Please use the attached signatures for verifying this release using `gpg`. The [Quickstart Guide](https://helm.sh/docs/intro/quickstart/) will get you going from there. For **upgrade instructions** or detailed installation notes, check the [install guide](https://helm.sh/docs/intro/install/). You can also use a [script to install](https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3) on any system with `bash`. #### What's Next - 3.19.5 and 4.0.5 are the next patch releases and will be on January 14, 2026 - 3.20.0 and 4.1.0 is the next minor releases and will be on January 21, 2026 #### Changelog - Bump v4.0.2 CVE deps [`cd700e0`](https://redirect.github.com/helm/helm/commit/cd700e0627b8d9a4997a7ab2bc3b712d0de4dcd3) (George Jenkins) - Use latest patch release of Go in releases [`9db13ee`](https://redirect.github.com/helm/helm/commit/9db13ee5c343196f642c568a03e58d3221b324d6) (Matt Farina) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
lukidzi
pushed a commit
that referenced
this pull request
Dec 16, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/download-artifact](https://redirect.github.com/actions/download-artifact) | action | major | `v6.0.0` -> `v7.0.0` | | [actions/upload-artifact](https://redirect.github.com/actions/upload-artifact) | action | major | `v5.0.0` -> `v6.0.0` | --- ### Release Notes <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v7.0.0`](https://redirect.github.com/actions/download-artifact/releases/tag/v7.0.0) [Compare Source](https://redirect.github.com/actions/download-artifact/compare/v6.0.0...v7.0.0) ##### v7 - What's new > \[!IMPORTANT] > actions/download-artifact\@​v7 now runs on Node.js 24 (`runs.using: node24`) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading. ##### Node.js 24 This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24. ##### What's Changed - Update GHES guidance to include reference to Node 20 version by [@​patrikpolyak](https://redirect.github.com/patrikpolyak) in [#​440](https://redirect.github.com/actions/download-artifact/pull/440) - Download Artifact Node24 support by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​415](https://redirect.github.com/actions/download-artifact/pull/415) - fix: update [@​actions/artifact](https://redirect.github.com/actions/artifact) to fix Node.js 24 punycode deprecation by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​451](https://redirect.github.com/actions/download-artifact/pull/451) - prepare release v7.0.0 for Node.js 24 support by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​452](https://redirect.github.com/actions/download-artifact/pull/452) ##### New Contributors - [@​patrikpolyak](https://redirect.github.com/patrikpolyak) made their first contribution in [#​440](https://redirect.github.com/actions/download-artifact/pull/440) - [@​salmanmkc](https://redirect.github.com/salmanmkc) made their first contribution in [#​415](https://redirect.github.com/actions/download-artifact/pull/415) **Full Changelog**: <actions/download-artifact@v6.0.0...v7.0.0> </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v6.0.0`](https://redirect.github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0) [Compare Source](https://redirect.github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 16, 2025
) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/exaring/otelpgx](https://redirect.github.com/exaring/otelpgx) | require | `v0.9.3` -> `v0.9.4` |  |  | --- ### Release Notes <details> <summary>exaring/otelpgx (github.com/exaring/otelpgx)</summary> ### [`v0.9.4`](https://redirect.github.com/exaring/otelpgx/releases/tag/v0.9.4) [Compare Source](https://redirect.github.com/exaring/otelpgx/compare/v0.9.3...v0.9.4) #### What's Changed - change meter names type - var to const by [@​skarm](https://redirect.github.com/skarm) in [#​56](https://redirect.github.com/exaring/otelpgx/pull/56) - Test more go versions and also prs by [@​costela](https://redirect.github.com/costela) in [#​58](https://redirect.github.com/exaring/otelpgx/pull/58) - Use strings.FieldsSeq in SQLOperationName by [@​skarm](https://redirect.github.com/skarm) in [#​55](https://redirect.github.com/exaring/otelpgx/pull/55) - fix constructing connections metric unit by [@​wasaga](https://redirect.github.com/wasaga) in [#​62](https://redirect.github.com/exaring/otelpgx/pull/62) - feat: use pools for attributes and options by [@​costela](https://redirect.github.com/costela) in [#​64](https://redirect.github.com/exaring/otelpgx/pull/64) - fix: align db.client.operation.duration unit with semconv by [@​RyabovNick](https://redirect.github.com/RyabovNick) in [#​65](https://redirect.github.com/exaring/otelpgx/pull/65) - Set `logConnectionDetails` in Tracer by [@​marselester](https://redirect.github.com/marselester) in [#​69](https://redirect.github.com/exaring/otelpgx/pull/69) #### New Contributors - [@​skarm](https://redirect.github.com/skarm) made their first contribution in [#​56](https://redirect.github.com/exaring/otelpgx/pull/56) - [@​wasaga](https://redirect.github.com/wasaga) made their first contribution in [#​62](https://redirect.github.com/exaring/otelpgx/pull/62) - [@​RyabovNick](https://redirect.github.com/RyabovNick) made their first contribution in [#​65](https://redirect.github.com/exaring/otelpgx/pull/65) **Full Changelog**: <exaring/otelpgx@v0.9.3...v0.9.4> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
lukidzi
pushed a commit
that referenced
this pull request
Dec 16, 2025
#15292) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [peter-evans/create-pull-request](https://redirect.github.com/peter-evans/create-pull-request) | action | major | `v7.0.11` -> `v8.0.0` | --- ### Release Notes <details> <summary>peter-evans/create-pull-request (peter-evans/create-pull-request)</summary> ### [`v8.0.0`](https://redirect.github.com/peter-evans/create-pull-request/releases/tag/v8.0.0): Create Pull Request v8.0.0 [Compare Source](https://redirect.github.com/peter-evans/create-pull-request/compare/v7.0.11...v8.0.0) ##### What's new in v8 - Requires [Actions Runner v2.327.1](https://redirect.github.com/actions/runner/releases/tag/v2.327.1) or later if you are using a self-hosted runner for Node 24 support. ##### What's Changed - chore: Update checkout action version to v6 by [@​yonas](https://redirect.github.com/yonas) in [#​4258](https://redirect.github.com/peter-evans/create-pull-request/pull/4258) - Update actions/checkout references to [@​v6](https://redirect.github.com/v6) in docs by [@​Copilot](https://redirect.github.com/Copilot) in [#​4259](https://redirect.github.com/peter-evans/create-pull-request/pull/4259) - feat: v8 by [@​peter-evans](https://redirect.github.com/peter-evans) in [#​4260](https://redirect.github.com/peter-evans/create-pull-request/pull/4260) ##### New Contributors - [@​yonas](https://redirect.github.com/yonas) made their first contribution in [#​4258](https://redirect.github.com/peter-evans/create-pull-request/pull/4258) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [#​4259](https://redirect.github.com/peter-evans/create-pull-request/pull/4259) **Full Changelog**: <peter-evans/create-pull-request@v7.0.11...v8.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi40Mi4yIiwidXBkYXRlZEluVmVyIjoiNDIuNDIuMiIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 19, 2025
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [ci-tools/release-tool](https://redirect.github.com/kumahq/ci-tools) | `v1.3.1` -> `v1.4.0` |  |  | --- ### Release Notes <details> <summary>kumahq/ci-tools (ci-tools/release-tool)</summary> ### [`v1.4.0`](https://redirect.github.com/kumahq/ci-tools/releases/tag/v1.4.0) [Compare Source](https://redirect.github.com/kumahq/ci-tools/compare/v1.3.1...v1.4.0) #### What's Changed - chore(deps): bump all non-major dependencies with stable versions from 2.11.0 to 2.12.2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​149](https://redirect.github.com/kumahq/ci-tools/pull/149) - chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​155](https://redirect.github.com/kumahq/ci-tools/pull/155) - chore(deps): bump actions/setup-go from 6.0.0 to 6.1.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​153](https://redirect.github.com/kumahq/ci-tools/pull/153) - chore(deps): bump oas-toolkit from 0.15.4 to 0.15.6 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​150](https://redirect.github.com/kumahq/ci-tools/pull/150) - chore(deps): bump node:24-alpine from [`2867d55`](https://redirect.github.com/kumahq/ci-tools/commit/2867d55) to [`682368d`](https://redirect.github.com/kumahq/ci-tools/commit/682368d) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​156](https://redirect.github.com/kumahq/ci-tools/pull/156) - chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​151](https://redirect.github.com/kumahq/ci-tools/pull/151) - chore(deps): bump all non-major dependencies with stable versions from 2.12.2 to 2.12.3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​157](https://redirect.github.com/kumahq/ci-tools/pull/157) - chore(deps): bump actions/checkout from 5.0.1 to 6.0.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​154](https://redirect.github.com/kumahq/ci-tools/pull/154) - chore(deps): bump github.com/google/go-github/v78 from 78.0.0 to 79.0.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​152](https://redirect.github.com/kumahq/ci-tools/pull/152) - chore(deps): bump all non-major dependencies with stable versions from 2.12.3 to 2.12.4 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​159](https://redirect.github.com/kumahq/ci-tools/pull/159) - chore(deps): bump docker/metadata-action from 5.9.0 to 5.10.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​158](https://redirect.github.com/kumahq/ci-tools/pull/158) - fix(release-tool): add HTTP client timeout configuration for large changelog queries by [@​Automaat](https://redirect.github.com/Automaat) in [#​167](https://redirect.github.com/kumahq/ci-tools/pull/167) #### New Contributors - [@​Automaat](https://redirect.github.com/Automaat) made their first contribution in [#​167](https://redirect.github.com/kumahq/ci-tools/pull/167) **Full Changelog**: <kumahq/ci-tools@v1.3.1...v1.4.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 20, 2025
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [ci-tools/release-tool](https://redirect.github.com/kumahq/ci-tools) | `v1.4.0` -> `v1.4.1` |  |  | --- ### Release Notes <details> <summary>kumahq/ci-tools (ci-tools/release-tool)</summary> ### [`v1.4.1`](https://redirect.github.com/kumahq/ci-tools/releases/tag/v1.4.1) [Compare Source](https://redirect.github.com/kumahq/ci-tools/compare/v1.4.0...v1.4.1) #### Changelog - [`65e59ee`](https://redirect.github.com/kumahq/ci-tools/commit/65e59ee2ccb8ef80d3cbd46a1be728580aed3601) feat: add GoReleaser with automated version bumping ([#​168](https://redirect.github.com/kumahq/ci-tools/issues/168)) - [`cc4e8be`](https://redirect.github.com/kumahq/ci-tools/commit/cc4e8be8cbdde00e5a181d02d7c872d19f7ae937) fix(release-tool): use HTTP/2-specific timeouts for GraphQL queries ([#​169](https://redirect.github.com/kumahq/ci-tools/issues/169)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 23, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [kind](https://redirect.github.com/kubernetes-sigs/kind) | minor | `0.30.0` -> `0.31.0` | --- ### Release Notes <details> <summary>kubernetes-sigs/kind (kind)</summary> ### [`v0.31.0`](https://redirect.github.com/kubernetes-sigs/kind/releases/tag/v0.31.0) [Compare Source](https://redirect.github.com/kubernetes-sigs/kind/compare/v0.30.0...v0.31.0) This release contains dependency updates and defaults to Kubernetes 1.35.0. Please take note of the breaking changes from Kubernetes 1.35, and how to prepare for **future** changes to move off of the deprecated kubeam v1beta3 in favor of v1beta4. We will include updated reminders for both again in subsequent releases. <h1 id="breaking-changes">Breaking Changes</h1> The default node image is now `kindest/node:v1.35.0@​sha256:452d707d4862f52530247495d180205e029056831160e22870e37e3f6c1ac31f` <h2 id="kubernetes-cgroupv1">Kubernetes 1.35+ Cgroup v1</h2> Kubernetes [will be removing cgroup v1 support](https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/#removal-of-cgroup-v1-support), and therefore kind node images at those versions will also be dropping support. You can read more about this change in the Kubernetes release blog: <https://kubernetes.io/blog/2025/12/17/kubernetes-v1-35-release/#removal-of-cgroup-v1-support> If you must use kind on cgroup v1, we recommend using an older Kubernetes release for the immediate future, but we also strongly recommend migrating to cgroup v2. In the near future as Kubernetes support dwindles, KIND will also clean up cgroup v1 workarounds and drop support in future kind releases and images, regardless of Kubernetes version. Most stable linux distros should be on cgroupv2 out of the box. This is a reminder to use pinned images by digest, see the note below about images for this release. <h2 id="kubeadm-config">Kubeadm Config *Future* Breaking Change</h2> **WARNING**: Future kind releases will [adopt kubeadm v1beta4](https://redirect.github.com/kubernetes-sigs/kind/issues/3847) configuration, [kubeadm](https://redirect.github.com/kubernetes/kubeadm) v1beta4 has a breaking change to `extraArgs`: <https://kubernetes.io/blog/2024/08/23/kubernetes-1-31-kubeadm-v1beta4/>. If you use the `kubeadmConfigPatches` feature then you may need to prepare for this change. We recommend that you use versioned config patches that explicitly match the version required. KIND uses kubeadm v1beta3 for Kubernetes 1.23+, and will likely use v1beta4 for Kubernetes 1.36+ The exact version is TBD pending work to fix this but expected to be 1.36. It will definitely be an as-of-yet-unreleased Kubernetes version to avoid surprises, and it will not be on a patch-release boundary. KIND *may* still work with older Kubernetes versions at v1beta2, but we no longer test or actively support these as Kubernetes only supports 1.32+ currently: <https://kubernetes.io/releases/> You likely only need v1beta3 + v1beta4 patches, you can take your existing patches that work with v1beta3, explicitly set `apiVersion: kubeadm.k8s.io/v1beta3` in the patch at the top level, and make another copy for v1beta4. The v1beta4 patch will need to move `extraArgs` from a map to a list, for examples see: <https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta4/> For a concrete example of kind config with kubeadm config patch targeting both v1beta3 and v1beta4, consider this simple kind config that sets verbosity of the apiserver logs: ```yaml kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 kubeadmConfigPatches: # patch for v1beta3 (1.23 ...) - | kind: ClusterConfiguration apiVersion: kubeadm.k8s.io/v1beta3 apiServer: extraArgs: "v": "4" # patch for v1beta4 (future) - | kind: ClusterConfiguration apiVersion: kubeadm.k8s.io/v1beta4 apiServer: extraArgs: - name: "v" value: "4" ``` If you only need to target a particular release, you can use one version. If you only need to target fields that did not change between kubeadm beta versions, you can use a versionless patch, which may be more convenient, but we cannot guarantee there will be no future kubeadm config breaking changes. <h1 id="new-features">New Features</h1> - Assorted unspecified dependency updates Images pre-built for this release: - v1.35.0: `kindest/node:v1.35.0@​sha256:452d707d4862f52530247495d180205e029056831160e22870e37e3f6c1ac31f` - v1.34.3: `kindest/node:v1.34.3@​sha256:08497ee19eace7b4b5348db5c6a1591d7752b164530a36f855cb0f2bdcbadd48` - v1.33.7: `kindest/node:v1.33.7@​sha256:d26ef333bdb2cbe9862a0f7c3803ecc7b4303d8cea8e814b481b09949d353040` - v1.32.11: `kindest/node:v1.32.11@​sha256:5fc52d52a7b9574015299724bd68f183702956aa4a2116ae75a63cb574b35af8` - v1.31.14: `kindest/node:v1.31.14@​sha256:6f86cf509dbb42767b6e79debc3f2c32e4ee01386f0489b3b2be24b0a55aac2b` **NOTE**: You *must* use the `@sha256` digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons. See also: - <https://kind.sigs.k8s.io/docs/user/quick-start/#creating-a-cluster> - <https://kind.sigs.k8s.io/docs/user/quick-start/#building-images> NOTE: These node images support amd64 and arm64, both of our supported platforms. **You must use the same platform as your host,** for more context see [#​2718](https://redirect.github.com/kubernetes-sigs/kind/issues/2718) <h1 id="fixes">Fixes</h1> - Detect additional edge case with ipv6 support on the host - Make development / release scripts GOTOOLCHAIN aware <h1 id="contributors">Contributors</h1> Committers for this release: - [@​AkihiroSuda](https://redirect.github.com/AkihiroSuda) - [@​adambkaplan](https://redirect.github.com/adambkaplan) - [@​afbjorklund](https://redirect.github.com/afbjorklund) - [@​aoxn](https://redirect.github.com/aoxn) - [@​BenTheElder](https://redirect.github.com/BenTheElder) - [@​dependabot](https://redirect.github.com/dependabot)\[bot] - [@​k8s-ci-robot](https://redirect.github.com/k8s-ci-robot) - [@​kalexmills](https://redirect.github.com/kalexmills) - [@​kishen-v](https://redirect.github.com/kishen-v) - [@​mikejoh](https://redirect.github.com/mikejoh) - [@​rayowang](https://redirect.github.com/rayowang) - [@​shahar1](https://redirect.github.com/shahar1) - [@​stmcginnis](https://redirect.github.com/stmcginnis) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
lukidzi
pushed a commit
that referenced
this pull request
Dec 23, 2025
This PR contains the following updates: | Package | Update | Change | |---|---|---| | alpine | digest | `51183f2` -> `865b95f` | | [grafana/grafana](https://redirect.github.com/grafana/grafana) | patch | `12.3.0` -> `12.3.1` | --- ### Release Notes <details> <summary>grafana/grafana (grafana/grafana)</summary> ### [`v12.3.1`](https://redirect.github.com/grafana/grafana/blob/HEAD/CHANGELOG.md#1231-2025-12-16) [Compare Source](https://redirect.github.com/grafana/grafana/compare/v12.3.0...v12.3.1) ##### Features and enhancements - **Alerting:** Update alerting dependency [#​114259](https://redirect.github.com/grafana/grafana/pull/114259), [@​moustafab](https://redirect.github.com/moustafab) - **Azure:** Improved column handling in logs query builder [#​114841](https://redirect.github.com/grafana/grafana/pull/114841), [@​aangelisc](https://redirect.github.com/aangelisc) - **Azure:** Include aggregate columns in logs builder [#​114835](https://redirect.github.com/grafana/grafana/pull/114835), [@​aangelisc](https://redirect.github.com/aangelisc) - **Dependencies:** Bump Go to v1.25.5 [#​114751](https://redirect.github.com/grafana/grafana/pull/114751), [@​macabu](https://redirect.github.com/macabu) - **Docs:** Clarify section title for repeating rows and tabs [#​115346](https://redirect.github.com/grafana/grafana/pull/115346), [@​imatwawana](https://redirect.github.com/imatwawana) - **Plugins:** Add PluginContext to plugins when scenes is disabled [#​115064](https://redirect.github.com/grafana/grafana/pull/115064), [@​hugohaggmark](https://redirect.github.com/hugohaggmark) - **QueryEditorRows:** Clear hideSeriesFrom override on query edit [#​114628](https://redirect.github.com/grafana/grafana/pull/114628), [@​Sergej-Vlasov](https://redirect.github.com/Sergej-Vlasov) ##### Bug fixes - **Azure:** Fix `dcount` aggregation [#​114907](https://redirect.github.com/grafana/grafana/pull/114907), [@​aangelisc](https://redirect.github.com/aangelisc) - **Azure:** Fix `percentile` syntax [#​114707](https://redirect.github.com/grafana/grafana/pull/114707), [@​aangelisc](https://redirect.github.com/aangelisc) - **Dashboards:** Fix empty space under time controls when a dashboard has a lot of variables [#​114730](https://redirect.github.com/grafana/grafana/pull/114730), [@​oscarkilhed](https://redirect.github.com/oscarkilhed) - **Plugins:** Datasource breadcrumb link should link to settings tab [#​113910](https://redirect.github.com/grafana/grafana/pull/113910), [@​wbrowne](https://redirect.github.com/wbrowne) - **Postgresql:** Fix variable interpolation logic when the variable has multiple values [#​114876](https://redirect.github.com/grafana/grafana/pull/114876), [@​itsmylife](https://redirect.github.com/itsmylife) <!-- 12.3.1 END --> <!-- 12.2.3 START --> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 23, 2025
This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v4.31.6` -> `v4.31.7` | `v4.31.9` (+1) | --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.31.7`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.7) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.6...v4.31.7) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 4.31.7 - 05 Dec 2025 - Update default CodeQL bundle version to 2.23.7. [#​3343](https://redirect.github.com/github/codeql-action/pull/3343) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md) for more information. </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJjaS9za2lwLXRlc3QiLCJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Dec 23, 2025
…15323) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [container-structure-test](https://redirect.github.com/GoogleContainerTools/container-structure-test) | patch | `1.22.0` -> `1.22.1` | --- ### Release Notes <details> <summary>GoogleContainerTools/container-structure-test (container-structure-test)</summary> ### [`v1.22.1`](https://redirect.github.com/GoogleContainerTools/container-structure-test/releases/tag/v1.22.1) [Compare Source](https://redirect.github.com/GoogleContainerTools/container-structure-test/compare/v1.22.0...v1.22.1) #### Changelog - [`1e1bb81`](https://redirect.github.com/GoogleContainerTools/container-structure-test/commit/1e1bb81e5272bf616f3ee87d5e085e2f90d94917) Bazel output results as junit.xml ([#​507](https://redirect.github.com/GoogleContainerTools/container-structure-test/issues/507)) #### Container Images `ghcr.io/googlecontainertools/container-structure-test:1.22.1` </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNTkuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 7, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [actionlint](https://redirect.github.com/rhysd/actionlint) | patch | `1.7.9` → `1.7.10` | --- ### Release Notes <details> <summary>rhysd/actionlint (actionlint)</summary> ### [`v1.7.10`](https://redirect.github.com/rhysd/actionlint/blob/HEAD/CHANGELOG.md#v1710---2025-12-30) [Compare Source](https://redirect.github.com/rhysd/actionlint/compare/v1.7.9...v1.7.10) - Support [YAML anchors and aliases](https://yaml.org/spec/1.2.2/#​71-alias-nodes) (`&anchor` and `*anchor`) in workflow files. In addition to parsing YAML anchors correctly, actionlint checks unused and undefined anchors. See the [document](https://redirect.github.com/rhysd/actionlint/blob/main/docs/checks.md#yaml-anchors) for more details. ([#​133](https://redirect.github.com/rhysd/actionlint/issues/133), thanks [@​srz-zumix](https://redirect.github.com/srz-zumix) for the initial implementation at [#​568](https://redirect.github.com/rhysd/actionlint/issues/568) and [@​alexaandru](https://redirect.github.com/alexaandru) for trying another approach at [#​557](https://redirect.github.com/rhysd/actionlint/issues/557)) ```yaml jobs: test: runs-on: ubuntu-latest services: nginx: image: nginx:latest credentials: &credentials username: ${{ secrets.user }} password: ${{ secrets.password }} steps: - run: ./download.sh # OK: Valid alias to &credentials env: *credentials - run: ./check.sh # ERROR: Undefined anchor 'credential' env: *credential - run: ./upload.sh # ERROR: Unused anchor 'credentials' env: &credentials ``` - Remove support for `*-xl` macOS runner labels because they were [dropped](https://github.blog/changelog/2024-08-19-notice-of-upcoming-deprecations-and-breaking-changes-in-github-actions-runners/). ([#​592](https://redirect.github.com/rhysd/actionlint/issues/592), thanks [@​muzimuzhi](https://redirect.github.com/muzimuzhi)) - Remove support for the macOS 13 runner labels because they were [dropped on Dec 4, 2025](https://github.blog/changelog/2025-09-19-github-actions-macos-13-runner-image-is-closing-down/). ([#​593](https://redirect.github.com/rhysd/actionlint/issues/593), thanks [@​muzimuzhi](https://redirect.github.com/muzimuzhi)) - `macos-13` - `macos-13-large` - `macos-13-xlarge` - Increase the maximum number of inputs in the `workflow_dispatch` event from 10 to 25 because the limitation [was recently relaxed](https://github.blog/changelog/2025-12-04-actions-workflow-dispatch-workflows-now-support-25-inputs/). ([#​598](https://redirect.github.com/rhysd/actionlint/issues/598), thanks [@​Haegi](https://redirect.github.com/Haegi)) - Support [`artifact-metadata` permission](https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#defining-access-for-the-github_token-scopes) for workflow permissions. ([#​602](https://redirect.github.com/rhysd/actionlint/issues/602), thanks [@​martincostello](https://redirect.github.com/martincostello)) - Detect more complicated constants at `if:` conditions as error. See the [rule document](https://redirect.github.com/rhysd/actionlint/blob/main/docs/checks.md#if-cond-constant) for more details. - Refactor the workflow parser with [Go iterators](https://pkg.go.dev/iter#hdr-Iterators). This slightly improves the performance and memory usage. - Fix parsing extra `{` and `}` characters in format string of `format()` function call. For example v1.7.9 didn't parse `"{{0} {1} {2}}"` correctly. - Detect an invalid value at `type` in workflow call inputs as error. - Report [YAML merge key](https://yaml.org/type/merge.html) `<<` as error because GitHub Actions doesn't support the syntax. - Check available contexts in expressions at `jobs.<job_id>.snapshot.if`. ```yaml snapshot: image-name: my-custom-image # ERROR: `env` context is not allowed here if: ${{ env.USE_SNAPSHOT == 'true' }} ``` - Fix the instruction to install actionlint with `mise` in the installation document. ([#​591](https://redirect.github.com/rhysd/actionlint/issues/591), thanks [@​risu729](https://redirect.github.com/risu729)) - Update the popular actions data set to the latest to include new major versions of the actions. \[Changes]\[v1.7.10] <a id="v1.7.9"></a> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi42OS4xIiwidXBkYXRlZEluVmVyIjoiNDIuNjkuMSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 7, 2026
This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [google.golang.org/grpc](https://redirect.github.com/grpc/grpc-go) | require | `v1.77.0` → `v1.78.0` |  |  | --- ### Release Notes <details> <summary>grpc/grpc-go (google.golang.org/grpc)</summary> ### [`v1.78.0`](https://redirect.github.com/grpc/grpc-go/releases/tag/v1.78.0): Release 1.78.0 [Compare Source](https://redirect.github.com/grpc/grpc-go/compare/v1.77.0...v1.78.0) ##### Behavior Changes - client: Reject target URLs containing unbracketed colons in the hostname in Go version 1.26+. ([#​8716](https://redirect.github.com/grpc/grpc-go/issues/8716)) - Special Thanks: [@​neild](https://redirect.github.com/neild) ##### New Features - stats/otel: Add backend service label to wrr metrics as part of A89. ([#​8737](https://redirect.github.com/grpc/grpc-go/issues/8737)) - stats/otel: Add subchannel metrics (without the disconnection reason) to eventually replace the pickfirst metrics. ([#​8738](https://redirect.github.com/grpc/grpc-go/issues/8738)) - client: Wait for all pending goroutines to complete when closing a graceful switch balancer. ([#​8746](https://redirect.github.com/grpc/grpc-go/issues/8746)) - Special Thanks: [@​twz123](https://redirect.github.com/twz123) ##### Bug Fixes - transport/client : Return status code `Unknown` on malformed grpc-status. ([#​8735](https://redirect.github.com/grpc/grpc-go/issues/8735)) - client: Add `experimental.AcceptCompressors` so callers can restrict the `grpc-accept-encoding` header advertised for a call. ([#​8718](https://redirect.github.com/grpc/grpc-go/issues/8718)) - Special Thanks: [@​iblancasa](https://redirect.github.com/iblancasa) - xds: Fix a bug in `StringMatcher` where regexes would match incorrectly when ignore\_case is set to true. ([#​8723](https://redirect.github.com/grpc/grpc-go/issues/8723)) - xds/resolver: - Drop previous route resources and report an error when no matching virtual host is found. - Only log LDS/RDS configuration errors following a successful update and retain the last valid resource to prevent transient failures. ([#​8711](https://redirect.github.com/grpc/grpc-go/issues/8711)) - client: - Change connectivity state to CONNECTING when creating the name resolver (as part of exiting IDLE). - Change connectivity state to TRANSIENT\_FAILURE if name resolver creation fails (as part of exiting IDLE). - Change connectivity state to IDLE after idle timeout expires even when current state is TRANSIENT\_FAILURE. - Fix a bug that resulted in `OnFinish` call option not being invoked for RPCs where stream creation failed. ([#​8710](https://redirect.github.com/grpc/grpc-go/issues/8710)) - xdsclient: Fix a race in the xdsClient that could lead to resource-not-found errors. ([#​8627](https://redirect.github.com/grpc/grpc-go/issues/8627)) ##### Performance Improvements - mem: Round up to nearest 4KiB for pool allocations larger than 1MiB. ([#​8705](https://redirect.github.com/grpc/grpc-go/issues/8705)) - Special Thanks: [@​cjc25](https://redirect.github.com/cjc25) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNjYuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 7, 2026
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v4.31.7` → `v4.31.9` | --- ### Release Notes <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.31.9`](https://redirect.github.com/github/codeql-action/compare/v4.31.8...v4.31.9) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.8...v4.31.9) ### [`v4.31.8`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.8) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.7...v4.31.8) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 4.31.8 - 11 Dec 2025 - Update default CodeQL bundle version to 2.23.8. [#​3354](https://redirect.github.com/github/codeql-action/pull/3354) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md) for more information. </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNjYuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOlsiY2kvc2tpcC10ZXN0IiwiZGVwZW5kZW5jaWVzIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 7, 2026
… to 0.20.0 (#15329) This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [go:sigs.k8s.io/controller-tools/cmd/controller-gen](https://redirect.github.com/kubernetes-sigs/controller-tools) | `v0.19.0` → `v0.20.0` |  |  | --- ### Release Notes <details> <summary>kubernetes-sigs/controller-tools (go:sigs.k8s.io/controller-tools/cmd/controller-gen)</summary> ### [`v0.20.0`](https://redirect.github.com/kubernetes-sigs/controller-tools/releases/tag/v0.20.0) [Compare Source](https://redirect.github.com/kubernetes-sigs/controller-tools/compare/v0.19.0...v0.20.0) #### What's Changed -⚠️ Bump to k8s.io/\* v0.35.0 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1318](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1318) -⚠️ Start from local type declaration when applying schema by [@​JoelSpeed](https://redirect.github.com/JoelSpeed) in [#​1270](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1270) -⚠️ Revert local override breaking behavioural change by [@​JoelSpeed](https://redirect.github.com/JoelSpeed) in [#​1310](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1310) - ✨ Allow title to be set on a type by [@​cbandy](https://redirect.github.com/cbandy) in [#​1282](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1282) - ✨ crd/marker: add AtLeastOneOf constraint by [@​shashankram](https://redirect.github.com/shashankram) in [#​1278](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1278) - ✨ Add k8s:required and k8s:optional markers by [@​lalitc375](https://redirect.github.com/lalitc375) in [#​1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - ✨ Publish Windows ARM64 controller-gen and envtest binaries by [@​bear-redhat](https://redirect.github.com/bear-redhat) in [#​1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - 🐛 Sort manifest webhooks by [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#​1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - 🐛 Prevent XValidation duplication by verifying if the rule already exists by [@​mcbenjemaa](https://redirect.github.com/mcbenjemaa) in [#​1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) #### Misc - 🌱 Change sort to slices package by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1299](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1299) - 🌱 Use modernize linter by [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#​1300](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1300) - 🌱 Update importas in golangci config by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1309](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1309) - 🌱 Stop setting invalid formats int32/int64 for integer types by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1274](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1274) - 🌱 Revert "Stop setting invalid formats int32/int64 for integer types" by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1275](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1275) #### envtest - ✨Release envtest v1.34.1 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1280](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1280) - ✨Release envtest v1.35.0-alpha.3 by [@​bear-redhat](https://redirect.github.com/bear-redhat) in [#​1303](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1303) - ✨Release envtest v1.35.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1317](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1317) - 🌱 Promotion of envtest release for Kubernetes v1.34.1 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1285](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1285) - 🌱 Promotion of envtest release for Kubernetes v1.35.0-alpha.3 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1304](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1304) - 🌱 Promotion of envtest release for Kubernetes v1.35.0 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1319](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1319) #### Dependency bumps - 🌱 Bump to k8s.io/\* v0.34.1 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1279](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1279) - 🌱 Bump golang.org/x/tools from 0.37.0 to 0.38.0 in the all-go-mod-patch-and-minor group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1291](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1291) - 🌱 Bump golang.org/x/tools from 0.38.0 to 0.39.0 in the all-go-mod-patch-and-minor group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1307](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1307) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1277](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1277) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1315](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1315) - 🌱 Bump the all-go-mod-patch-and-minor group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1284](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1284) - 🌱Update golangci-lint version to v2.4.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1281](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1281) - 🌱Update golangci-lint version to v2.5.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1288](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1288) - 🌱 Bump softprops/action-gh-release from 2.3.3 to 2.3.4 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1290](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1290) - 🌱 Bump softprops/action-gh-release from 2.3.4 to 2.4.1 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1292](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1292) - 🌱 Bump the all-github-actions group across 1 directory with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1316](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1316) - 🌱 Bump the all-github-actions group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1305](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1305) - 🌱 Bump the all-github-actions group with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1276](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1276) - 🌱 Bump the all-github-actions group with 4 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1308](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1308) - 🌱 Bump tj-actions/changed-files from 46.0.5 to 47.0.0 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1283](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1283) #### New Contributors - [@​lalitc375](https://redirect.github.com/lalitc375) made their first contribution in [#​1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - [@​bear-redhat](https://redirect.github.com/bear-redhat) made their first contribution in [#​1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) made their first contribution in [#​1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - [@​mcbenjemaa](https://redirect.github.com/mcbenjemaa) made their first contribution in [#​1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) **Full Changelog**: <kubernetes-sigs/controller-tools@v0.19.0...v0.20.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNjYuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Lukasz Dziedziak <lukidzi@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Lukasz Dziedziak <lukidzi@gmail.com>
renovate bot
added a commit
that referenced
this pull request
Jan 13, 2026
…15328) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [sigs.k8s.io/controller-tools](https://redirect.github.com/kubernetes-sigs/controller-tools) | require | `v0.19.0` → `v0.20.0` |  |  | --- ### Release Notes <details> <summary>kubernetes-sigs/controller-tools (sigs.k8s.io/controller-tools)</summary> ### [`v0.20.0`](https://redirect.github.com/kubernetes-sigs/controller-tools/releases/tag/v0.20.0) [Compare Source](https://redirect.github.com/kubernetes-sigs/controller-tools/compare/v0.19.0...v0.20.0) #### What's Changed -⚠️ Bump to k8s.io/\* v0.35.0 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1318](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1318) -⚠️ Start from local type declaration when applying schema by [@​JoelSpeed](https://redirect.github.com/JoelSpeed) in [#​1270](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1270) -⚠️ Revert local override breaking behavioural change by [@​JoelSpeed](https://redirect.github.com/JoelSpeed) in [#​1310](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1310) - ✨ Allow title to be set on a type by [@​cbandy](https://redirect.github.com/cbandy) in [#​1282](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1282) - ✨ crd/marker: add AtLeastOneOf constraint by [@​shashankram](https://redirect.github.com/shashankram) in [#​1278](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1278) - ✨ Add k8s:required and k8s:optional markers by [@​lalitc375](https://redirect.github.com/lalitc375) in [#​1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - ✨ Publish Windows ARM64 controller-gen and envtest binaries by [@​bear-redhat](https://redirect.github.com/bear-redhat) in [#​1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - 🐛 Sort manifest webhooks by [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#​1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - 🐛 Prevent XValidation duplication by verifying if the rule already exists by [@​mcbenjemaa](https://redirect.github.com/mcbenjemaa) in [#​1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) #### Misc - 🌱 Change sort to slices package by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1299](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1299) - 🌱 Use modernize linter by [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#​1300](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1300) - 🌱 Update importas in golangci config by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1309](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1309) - 🌱 Stop setting invalid formats int32/int64 for integer types by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1274](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1274) - 🌱 Revert "Stop setting invalid formats int32/int64 for integer types" by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1275](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1275) #### envtest - ✨Release envtest v1.34.1 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1280](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1280) - ✨Release envtest v1.35.0-alpha.3 by [@​bear-redhat](https://redirect.github.com/bear-redhat) in [#​1303](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1303) - ✨Release envtest v1.35.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1317](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1317) - 🌱 Promotion of envtest release for Kubernetes v1.34.1 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1285](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1285) - 🌱 Promotion of envtest release for Kubernetes v1.35.0-alpha.3 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1304](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1304) - 🌱 Promotion of envtest release for Kubernetes v1.35.0 by [@​sbueringer](https://redirect.github.com/sbueringer) in [#​1319](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1319) #### Dependency bumps - 🌱 Bump to k8s.io/\* v0.34.1 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1279](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1279) - 🌱 Bump golang.org/x/tools from 0.37.0 to 0.38.0 in the all-go-mod-patch-and-minor group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1291](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1291) - 🌱 Bump golang.org/x/tools from 0.38.0 to 0.39.0 in the all-go-mod-patch-and-minor group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1307](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1307) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1277](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1277) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1315](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1315) - 🌱 Bump the all-go-mod-patch-and-minor group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1284](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1284) - 🌱Update golangci-lint version to v2.4.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1281](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1281) - 🌱Update golangci-lint version to v2.5.0 by [@​dongjiang1989](https://redirect.github.com/dongjiang1989) in [#​1288](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1288) - 🌱 Bump softprops/action-gh-release from 2.3.3 to 2.3.4 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1290](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1290) - 🌱 Bump softprops/action-gh-release from 2.3.4 to 2.4.1 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1292](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1292) - 🌱 Bump the all-github-actions group across 1 directory with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1316](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1316) - 🌱 Bump the all-github-actions group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1305](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1305) - 🌱 Bump the all-github-actions group with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1276](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1276) - 🌱 Bump the all-github-actions group with 4 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1308](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1308) - 🌱 Bump tj-actions/changed-files from 46.0.5 to 47.0.0 in the all-github-actions group by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​1283](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1283) #### New Contributors - [@​lalitc375](https://redirect.github.com/lalitc375) made their first contribution in [#​1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - [@​bear-redhat](https://redirect.github.com/bear-redhat) made their first contribution in [#​1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - [@​HaraldNordgren](https://redirect.github.com/HaraldNordgren) made their first contribution in [#​1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - [@​mcbenjemaa](https://redirect.github.com/mcbenjemaa) made their first contribution in [#​1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) **Full Changelog**: <kubernetes-sigs/controller-tools@v0.19.0...v0.20.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNjYuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 13, 2026
…15362) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/prometheus/common](https://redirect.github.com/prometheus/common) | require | `v0.67.4` → `v0.67.5` |  |  | --- ### Release Notes <details> <summary>prometheus/common (github.com/prometheus/common)</summary> ### [`v0.67.5`](https://redirect.github.com/prometheus/common/releases/tag/v0.67.5) [Compare Source](https://redirect.github.com/prometheus/common/compare/v0.67.4...v0.67.5) #### What's Changed - build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​871](https://redirect.github.com/prometheus/common/pull/871) - Synchronize common files from prometheus/prometheus by [@​prombot](https://redirect.github.com/prombot) in [#​866](https://redirect.github.com/prometheus/common/pull/866) - build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​872](https://redirect.github.com/prometheus/common/pull/872) - build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​870](https://redirect.github.com/prometheus/common/pull/870) **Full Changelog**: <prometheus/common@v0.67.4...v0.67.5> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 13, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prom/prometheus](https://redirect.github.com/prometheus/prometheus) | patch | `v3.9.0` → `v3.9.1` | | redis | digest | `47200b0` → `350e485` | --- ### Release Notes <details> <summary>prometheus/prometheus (prom/prometheus)</summary> ### [`v3.9.1`](https://redirect.github.com/prometheus/prometheus/releases/tag/v3.9.1): 3.9.1 / 2026-01-07 [Compare Source](https://redirect.github.com/prometheus/prometheus/compare/v3.9.0...v3.9.1) - \[BUGFIX] Agent: fix crash shortly after startup from invalid type of object. [#​17802](https://redirect.github.com/prometheus/prometheus/issues/17802) - \[BUGFIX] Scraping: fix relabel keep/drop not working. [#​17807](https://redirect.github.com/prometheus/prometheus/issues/17807) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
that referenced
this pull request
Jan 13, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [protoc](https://redirect.github.com/protocolbuffers/protobuf) | minor | `33.2` → `33.4` | --- ### Release Notes <details> <summary>protocolbuffers/protobuf (protoc)</summary> ### [`v33.4`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.4): Protocol Buffers v33.4 [Compare Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v33.3...v33.4) ### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ### Other - Refactor(bazel): publish a separate .tar.gz ([#​24065](https://redirect.github.com/protocolbuffers/protobuf/issues/24065)) ([`47b3385`](https://redirect.github.com/protocolbuffers/protobuf/commit/47b33852a15f498c49a5cd20762f2300354545e7)) - Bazel: Remove hardcoded dependency on `//:protoc` from language runtimes ([#​19679](https://redirect.github.com/protocolbuffers/protobuf/issues/19679)) ([`453cfb2`](https://redirect.github.com/protocolbuffers/protobuf/commit/453cfb23ffc36fe4cb06c4507fc6dddd7c42bd7a)) ### [`v33.3`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.3): Protocol Buffers v33.3 [Compare Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v33.2...v33.3) ### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ### Bazel - Fix: cc\_toolchain should prefer protoc when prebuilt flag is flipped. ([#​25168](https://redirect.github.com/protocolbuffers/protobuf/issues/25168)) ([`7b30360`](https://redirect.github.com/protocolbuffers/protobuf/commit/7b303609abd715df575c5a58543d21b98d687d0b)) - Locked down visibility of the new flags and config settings. ([`04ca1b7`](https://redirect.github.com/protocolbuffers/protobuf/commit/04ca1b7b472113471ae2ba7d9473904ae56bfc9b)) - Feat(bazel): wire up prebuilt protoc toolchain ([#​24115](https://redirect.github.com/protocolbuffers/protobuf/issues/24115)) ([`aeaede0`](https://redirect.github.com/protocolbuffers/protobuf/commit/aeaede0d08b40f707dec9fa48af84d5fe899e892)) ### Compiler - Create editions test\_utils to fix existing brittle tests in `command_line_interface_unittest` and `code_generator_unittest`. ([`cb0a8c5`](https://redirect.github.com/protocolbuffers/protobuf/commit/cb0a8c53e7821a8afd16211e329e5afe2bf391b2)) - Add edition unstable for development work. ([`44e090c`](https://redirect.github.com/protocolbuffers/protobuf/commit/44e090ccc539f522e4772707447b99d3193f8c4a)) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### C++ - Add edition unstable for development work. ([`44e090c`](https://redirect.github.com/protocolbuffers/protobuf/commit/44e090ccc539f522e4772707447b99d3193f8c4a)) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### Java - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Correctly apply JSON recursion limit when parsing an Any-of-Any. ([`94c7f73`](https://redirect.github.com/protocolbuffers/protobuf/commit/94c7f73824f603e0c0efe0e2968e610d8d5f161e)) ### Csharp - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### Python - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Automated rollback of commit [`38ca2d3`](https://redirect.github.com/protocolbuffers/protobuf/commit/38ca2d35d30df8ad3be22179a5cfe29223945d8a). ([`184b5e8`](https://redirect.github.com/protocolbuffers/protobuf/commit/184b5e8511b21dc50ec1b9b813b735efe03edecf)) ### UPB (Python/PHP/Ruby C-Extension) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Fix unused parameter warnings. ([`cd0cb21`](https://redirect.github.com/protocolbuffers/protobuf/commit/cd0cb21a6239bedbf2adaecec9e309a5509bb580)) ### Other - Don't ignore platform requirements ([`aeedbc6`](https://redirect.github.com/protocolbuffers/protobuf/commit/aeedbc6070a1d1336b9cad8c5ea14bf9885db0c9)) - Update GitHub Actions to use macOS-14 (again). ([`f7b18f8`](https://redirect.github.com/protocolbuffers/protobuf/commit/f7b18f862565a35e7e68f8f309a4c84fd73d2e29)) - Delete redundant ARM tests ([`d4e7a81`](https://redirect.github.com/protocolbuffers/protobuf/commit/d4e7a818adc225b919bf69e42528b2b3aaf383df)) - Protobuf: update php from macos-13 to macos-15-intel ([`9027d6b`](https://redirect.github.com/protocolbuffers/protobuf/commit/9027d6b908528808925e0aa3ef8db39450b37fe3)) - Update GitHub Actions to use macOS-14. ([`f0907f3`](https://redirect.github.com/protocolbuffers/protobuf/commit/f0907f3c1e7a47de3295be778385ee2b24ae0cce)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
NawafSwe
pushed a commit
to NawafSwe/kuma
that referenced
this pull request
Jan 13, 2026
…umahq#15328) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [sigs.k8s.io/controller-tools](https://redirect.github.com/kubernetes-sigs/controller-tools) | require | `v0.19.0` → `v0.20.0` |  |  | --- ### Release Notes <details> <summary>kubernetes-sigs/controller-tools (sigs.k8s.io/controller-tools)</summary> ### [`v0.20.0`](https://redirect.github.com/kubernetes-sigs/controller-tools/releases/tag/v0.20.0) [Compare Source](https://redirect.github.com/kubernetes-sigs/controller-tools/compare/v0.19.0...v0.20.0) #### What's Changed -⚠️ Bump to k8s.io/\* v0.35.0 by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1318](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1318) -⚠️ Start from local type declaration when applying schema by [@&kumahq#8203;JoelSpeed](https://redirect.github.com/JoelSpeed) in [#&kumahq#8203;1270](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1270) -⚠️ Revert local override breaking behavioural change by [@&kumahq#8203;JoelSpeed](https://redirect.github.com/JoelSpeed) in [#&kumahq#8203;1310](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1310) - ✨ Allow title to be set on a type by [@&kumahq#8203;cbandy](https://redirect.github.com/cbandy) in [#&kumahq#8203;1282](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1282) - ✨ crd/marker: add AtLeastOneOf constraint by [@&kumahq#8203;shashankram](https://redirect.github.com/shashankram) in [#&kumahq#8203;1278](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1278) - ✨ Add k8s:required and k8s:optional markers by [@&kumahq#8203;lalitc375](https://redirect.github.com/lalitc375) in [#&kumahq#8203;1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - ✨ Publish Windows ARM64 controller-gen and envtest binaries by [@&kumahq#8203;bear-redhat](https://redirect.github.com/bear-redhat) in [#&kumahq#8203;1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - 🐛 Sort manifest webhooks by [@&kumahq#8203;HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#&kumahq#8203;1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - 🐛 Prevent XValidation duplication by verifying if the rule already exists by [@&kumahq#8203;mcbenjemaa](https://redirect.github.com/mcbenjemaa) in [#&kumahq#8203;1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) #### Misc - 🌱 Change sort to slices package by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1299](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1299) - 🌱 Use modernize linter by [@&kumahq#8203;HaraldNordgren](https://redirect.github.com/HaraldNordgren) in [#&kumahq#8203;1300](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1300) - 🌱 Update importas in golangci config by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1309](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1309) - 🌱 Stop setting invalid formats int32/int64 for integer types by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1274](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1274) - 🌱 Revert "Stop setting invalid formats int32/int64 for integer types" by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1275](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1275) #### envtest - ✨Release envtest v1.34.1 by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1280](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1280) - ✨Release envtest v1.35.0-alpha.3 by [@&kumahq#8203;bear-redhat](https://redirect.github.com/bear-redhat) in [#&kumahq#8203;1303](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1303) - ✨Release envtest v1.35.0 by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1317](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1317) - 🌱 Promotion of envtest release for Kubernetes v1.34.1 by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1285](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1285) - 🌱 Promotion of envtest release for Kubernetes v1.35.0-alpha.3 by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1304](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1304) - 🌱 Promotion of envtest release for Kubernetes v1.35.0 by [@&kumahq#8203;sbueringer](https://redirect.github.com/sbueringer) in [#&kumahq#8203;1319](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1319) #### Dependency bumps - 🌱 Bump to k8s.io/\* v0.34.1 by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1279](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1279) - 🌱 Bump golang.org/x/tools from 0.37.0 to 0.38.0 in the all-go-mod-patch-and-minor group by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1291](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1291) - 🌱 Bump golang.org/x/tools from 0.38.0 to 0.39.0 in the all-go-mod-patch-and-minor group by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1307](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1307) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1277](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1277) - 🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 3 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1315](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1315) - 🌱 Bump the all-go-mod-patch-and-minor group with 2 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1284](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1284) - 🌱Update golangci-lint version to v2.4.0 by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1281](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1281) - 🌱Update golangci-lint version to v2.5.0 by [@&kumahq#8203;dongjiang1989](https://redirect.github.com/dongjiang1989) in [#&kumahq#8203;1288](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1288) - 🌱 Bump softprops/action-gh-release from 2.3.3 to 2.3.4 in the all-github-actions group by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1290](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1290) - 🌱 Bump softprops/action-gh-release from 2.3.4 to 2.4.1 in the all-github-actions group by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1292](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1292) - 🌱 Bump the all-github-actions group across 1 directory with 5 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1316](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1316) - 🌱 Bump the all-github-actions group with 2 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1305](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1305) - 🌱 Bump the all-github-actions group with 3 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1276](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1276) - 🌱 Bump the all-github-actions group with 4 updates by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1308](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1308) - 🌱 Bump tj-actions/changed-files from 46.0.5 to 47.0.0 in the all-github-actions group by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;1283](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1283) #### New Contributors - [@&kumahq#8203;lalitc375](https://redirect.github.com/lalitc375) made their first contribution in [#&kumahq#8203;1247](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1247) - [@&kumahq#8203;bear-redhat](https://redirect.github.com/bear-redhat) made their first contribution in [#&kumahq#8203;1297](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1297) - [@&kumahq#8203;HaraldNordgren](https://redirect.github.com/HaraldNordgren) made their first contribution in [#&kumahq#8203;1295](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1295) - [@&kumahq#8203;mcbenjemaa](https://redirect.github.com/mcbenjemaa) made their first contribution in [#&kumahq#8203;1296](https://redirect.github.com/kubernetes-sigs/controller-tools/pull/1296) **Full Changelog**: <kubernetes-sigs/controller-tools@v0.19.0...v0.20.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi41OS4wIiwidXBkYXRlZEluVmVyIjoiNDIuNjYuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: NawafSwe <nawaf.jr9@hotmail.com>
NawafSwe
pushed a commit
to NawafSwe/kuma
that referenced
this pull request
Jan 13, 2026
…umahq#15362) This PR contains the following updates: | Package | Type | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Adoption](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---| | [github.com/prometheus/common](https://redirect.github.com/prometheus/common) | require | `v0.67.4` → `v0.67.5` |  |  | --- ### Release Notes <details> <summary>prometheus/common (github.com/prometheus/common)</summary> ### [`v0.67.5`](https://redirect.github.com/prometheus/common/releases/tag/v0.67.5) [Compare Source](https://redirect.github.com/prometheus/common/compare/v0.67.4...v0.67.5) #### What's Changed - build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;871](https://redirect.github.com/prometheus/common/pull/871) - Synchronize common files from prometheus/prometheus by [@&kumahq#8203;prombot](https://redirect.github.com/prombot) in [#&kumahq#8203;866](https://redirect.github.com/prometheus/common/pull/866) - build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;872](https://redirect.github.com/prometheus/common/pull/872) - build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 by [@&kumahq#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&kumahq#8203;870](https://redirect.github.com/prometheus/common/pull/870) **Full Changelog**: <prometheus/common@v0.67.4...v0.67.5> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/kumahq/kuma). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: NawafSwe <nawaf.jr9@hotmail.com>
NawafSwe
pushed a commit
to NawafSwe/kuma
that referenced
this pull request
Jan 13, 2026
…5363) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [prom/prometheus](https://redirect.github.com/prometheus/prometheus) | patch | `v3.9.0` → `v3.9.1` | | redis | digest | `47200b0` → `350e485` | --- ### Release Notes <details> <summary>prometheus/prometheus (prom/prometheus)</summary> ### [`v3.9.1`](https://redirect.github.com/prometheus/prometheus/releases/tag/v3.9.1): 3.9.1 / 2026-01-07 [Compare Source](https://redirect.github.com/prometheus/prometheus/compare/v3.9.0...v3.9.1) - \[BUGFIX] Agent: fix crash shortly after startup from invalid type of object. [#&kumahq#8203;17802](https://redirect.github.com/prometheus/prometheus/issues/17802) - \[BUGFIX] Scraping: fix relabel keep/drop not working. [#&kumahq#8203;17807](https://redirect.github.com/prometheus/prometheus/issues/17807) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: NawafSwe <nawaf.jr9@hotmail.com>
NawafSwe
pushed a commit
to NawafSwe/kuma
that referenced
this pull request
Jan 13, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [protoc](https://redirect.github.com/protocolbuffers/protobuf) | minor | `33.2` → `33.4` | --- ### Release Notes <details> <summary>protocolbuffers/protobuf (protoc)</summary> ### [`v33.4`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.4): Protocol Buffers v33.4 [Compare Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v33.3...v33.4) ### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ### Other - Refactor(bazel): publish a separate .tar.gz ([#&kumahq#8203;24065](https://redirect.github.com/protocolbuffers/protobuf/issues/24065)) ([`47b3385`](https://redirect.github.com/protocolbuffers/protobuf/commit/47b33852a15f498c49a5cd20762f2300354545e7)) - Bazel: Remove hardcoded dependency on `//:protoc` from language runtimes ([#&kumahq#8203;19679](https://redirect.github.com/protocolbuffers/protobuf/issues/19679)) ([`453cfb2`](https://redirect.github.com/protocolbuffers/protobuf/commit/453cfb23ffc36fe4cb06c4507fc6dddd7c42bd7a)) ### [`v33.3`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.3): Protocol Buffers v33.3 [Compare Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v33.2...v33.3) ### Announcements - [Protobuf News](https://protobuf.dev/news/) may include additional announcements or pre-announcements for upcoming changes. ### Bazel - Fix: cc\_toolchain should prefer protoc when prebuilt flag is flipped. ([#&kumahq#8203;25168](https://redirect.github.com/protocolbuffers/protobuf/issues/25168)) ([`7b30360`](https://redirect.github.com/protocolbuffers/protobuf/commit/7b303609abd715df575c5a58543d21b98d687d0b)) - Locked down visibility of the new flags and config settings. ([`04ca1b7`](https://redirect.github.com/protocolbuffers/protobuf/commit/04ca1b7b472113471ae2ba7d9473904ae56bfc9b)) - Feat(bazel): wire up prebuilt protoc toolchain ([#&kumahq#8203;24115](https://redirect.github.com/protocolbuffers/protobuf/issues/24115)) ([`aeaede0`](https://redirect.github.com/protocolbuffers/protobuf/commit/aeaede0d08b40f707dec9fa48af84d5fe899e892)) ### Compiler - Create editions test\_utils to fix existing brittle tests in `command_line_interface_unittest` and `code_generator_unittest`. ([`cb0a8c5`](https://redirect.github.com/protocolbuffers/protobuf/commit/cb0a8c53e7821a8afd16211e329e5afe2bf391b2)) - Add edition unstable for development work. ([`44e090c`](https://redirect.github.com/protocolbuffers/protobuf/commit/44e090ccc539f522e4772707447b99d3193f8c4a)) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### C++ - Add edition unstable for development work. ([`44e090c`](https://redirect.github.com/protocolbuffers/protobuf/commit/44e090ccc539f522e4772707447b99d3193f8c4a)) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### Java - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Correctly apply JSON recursion limit when parsing an Any-of-Any. ([`94c7f73`](https://redirect.github.com/protocolbuffers/protobuf/commit/94c7f73824f603e0c0efe0e2968e610d8d5f161e)) ### Csharp - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) ### Python - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Automated rollback of commit [`38ca2d3`](https://redirect.github.com/protocolbuffers/protobuf/commit/38ca2d35d30df8ad3be22179a5cfe29223945d8a). ([`184b5e8`](https://redirect.github.com/protocolbuffers/protobuf/commit/184b5e8511b21dc50ec1b9b813b735efe03edecf)) ### UPB (Python/PHP/Ruby C-Extension) - Add conformance test for edition unstable ([`d167dd0`](https://redirect.github.com/protocolbuffers/protobuf/commit/d167dd0229d60818c82878880d1a7e410d4294ce)) - Fix unused parameter warnings. ([`cd0cb21`](https://redirect.github.com/protocolbuffers/protobuf/commit/cd0cb21a6239bedbf2adaecec9e309a5509bb580)) ### Other - Don't ignore platform requirements ([`aeedbc6`](https://redirect.github.com/protocolbuffers/protobuf/commit/aeedbc6070a1d1336b9cad8c5ea14bf9885db0c9)) - Update GitHub Actions to use macOS-14 (again). ([`f7b18f8`](https://redirect.github.com/protocolbuffers/protobuf/commit/f7b18f862565a35e7e68f8f309a4c84fd73d2e29)) - Delete redundant ARM tests ([`d4e7a81`](https://redirect.github.com/protocolbuffers/protobuf/commit/d4e7a818adc225b919bf69e42528b2b3aaf383df)) - Protobuf: update php from macos-13 to macos-15-intel ([`9027d6b`](https://redirect.github.com/protocolbuffers/protobuf/commit/9027d6b908528808925e0aa3ef8db39450b37fe3)) - Update GitHub Actions to use macOS-14. ([`f0907f3`](https://redirect.github.com/protocolbuffers/protobuf/commit/f0907f3c1e7a47de3295be778385ee2b24ae0cce)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- > Changelog: skip <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi43NC41IiwidXBkYXRlZEluVmVyIjoiNDIuNzQuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: NawafSwe <nawaf.jr9@hotmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Scan output:
Before update:
After update:
If a package is showing up in the scan but the script is not trying to update it then it might be because there is no fixed version yet.