chore(deps): Bump the production-dependencies group across 1 directory with 41 updates

[dependabot]

Bumps the production-dependencies group with 16 updates in the / directory:

Package	From	To
github.com/google/go-containerregistry	0.20.2	0.20.3
github.com/tektoncd/pipeline	0.65.2	0.68.0
k8s.io/apimachinery	0.31.2	0.32.1
github.com/evanphx/json-patch	5.9.0+incompatible	5.9.11+incompatible
github.com/evanphx/json-patch/v5	5.9.0	5.9.11
github.com/google/gnostic-models	0.6.9-0.20230804172637-c7be7c783f49	0.6.9
github.com/k8snetworkplumbingwg/network-attachment-definition-client	1.7.4	1.7.5
github.com/mailru/easyjson	0.7.7	0.9.0
github.com/prometheus/client_golang	1.19.1	1.20.5
github.com/prometheus/common	0.55.0	0.62.0
github.com/prometheus/statsd_exporter	0.26.1	0.28.0
github.com/spf13/pflag	1.0.5	1.0.6
github.com/vbatts/tar-split	0.11.6	0.12.1
golang.org/x/sync	0.10.0	0.11.0
golang.org/x/text	0.21.0	0.22.0
sigs.k8s.io/kustomize/api	0.17.3	0.19.0

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/tektoncd/pipeline from 0.65.2 to 0.68.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.68.0 "LaPerm Giskard Reventlov" LTS

-Docs @ v0.68.0 -Examples @ v0.68.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.68.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a666d35f8508100e4c8e112033d805978d152a05eef3872377816f3756a588089

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a666d35f8508100e4c8e112033d805978d152a05eef3872377816f3756a588089
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.68.0/release.yaml
REKOR_UUID=108e9186e8c5677a666d35f8508100e4c8e112033d805978d152a05eef3872377816f3756a588089
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.68.0@sha256:" + .digest.sha256')
Download the release file
curl "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

• ✨ feat: improve step.Script variables references validation message (#8312)

... (truncated)

Changelog

Sourced from github.com/tektoncd/pipeline's changelog.

Tekton Pipeline Releases

Release Frequency

Tekton Pipelines follows the Tekton community [release policy][release-policy] as follows:

• Versions are numbered according to semantic versioning: vX.Y.Z
• A new release is produced on a monthly basis
• Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
  • LTS releases take place in January, April, July and October every year
  • The first Tekton Pipelines LTS release will be v0.41.0 in October 2022
  • Releases happen towards the middle of the month, between the 13th and the 20th, depending on week-ends and readiness

Tekton Pipelines produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.41 Tekton Pipelines has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.37 and v0.40.

Release Process

Tekton Pipeline releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-pipeline-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

• The Tekton Pipeline [release process][tekton-releases-docs]
• [Installing Tekton][tekton-installation]
• Standard for [release notes][release-notes-standards]

Release

v0.66

• Latest Release: [v0.66.0][v0.66-0] (2024-12-04) ([docs][v0.66-0-docs], [examples][v0.66-0-examples])
• Initial Release: [v0.66.0][v0.66-0] (2024-12-04)
• Estimated End of Life: 2024-12-28
• Patch Releases: [v0.66.0][v0.66-0]

v0.65 (LTS)

... (truncated)

Commits

• c6d38c9 test: check for circular dependency in stepaction validation
• 8df0a96 fix: reference params in default values, allow chained references
• cc7f613 build(deps): bump github.com/google/cel-go from 0.22.1 to 0.23.1
• f6259fd build(deps): bump the all group in /tekton with 2 updates
• 3f8855a fix(computeresource/tasklevel): Fixed a bug where abnormal calculations cause...
• 7021f7b Fix deprecated golangci-lint configuration
• cef86d1 fix: inline error check and assert invalid step result ref error
• 8777a96 docs: parameter substitution precedence
• 68d09e3 fix: check for duplicates after applying the substitutions
• 7d5a534 test: invalid step result reference
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.31.2 to 0.32.1

Commits

• 59e9003 Merge remote-tracking branch 'origin/master' into release-1.32
• 639247c Drop use of winreadlinkvolume godebug option
• 220d7c3 Merge remote-tracking branch 'origin/master' into release-1.32
• c199d3b Revert to go1.22 windows filesystem stdlib behavior
• 16af2ff implement unsafe deletion, and wire it
• 6ff8305 api: run codegen
• ca9b8b2 api: add a new field to meta/v1 DeleteOptions
• d941d9f Merge pull request #128503 from benluddy/cbor-codecs-featuregate
• 3b4250f Wire serving codecs to CBOR feature gate.
• daaad09 Merge pull request #128501 from benluddy/watch-cbor-seq
• Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20240711033017-18e509b52bc8 to 0.0.0-20241104100929-3ea5e8cea738

Commits

• See full diff in compare view

Updates github.com/containerd/stargz-snapshotter/estargz from 0.15.1 to 0.16.3

Release notes

Sourced from github.com/containerd/stargz-snapshotter/estargz's releases.

v0.16.3

Notable Changes

• Fix zstd:chunked converter error on duplicated blobs (#1894)

v0.16.2

Notable Changes

• go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1 (#1877)

v0.16.1

Notable Changes

• prevernt go version upgraded to 1.23 in go.mod (#1863)

v0.16.0

Notable Changes

• Support for the latest CRI-O(>=v1.31.0) and Podman (>=v5.1.0) Additional Layer Store (#1673, #1674)
• Fix log message in refnode.Lookup (#1595), thanks to @​iain-macdonald
• store: use OnForget API for checking if a node is reusable (#1808)
• Support for containerd v2 (#1722), thanks to @​apostasie
• fs: Check connection only when image isn't fully cached (#1584)

Commits

• c0389e0 Merge pull request #1898 from ktock/prepare-v0.16.3
• c6a444e [v0.16] Prepare for v0.16.3
• 86bbdeb Merge pull request #1894 from ktock/bp-1885
• 9b706a2 Rely on OpenWriter for retrying opening writer
• 570ba70 Rely on contaienrd's GC for cleanup of temporary content
• 1d34a1b Merge pull request #1878 from ktock/prepare-v0.16.2
• 3971b26 Merge pull request #1877 from ktock/v0.16dev
• 1e4fad0 Preapre for v0.16.2
• 4edcebd go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1
• 7d3230e Merge pull request #1864 from ktock/prepare-v0.16.1
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.3.1+incompatible to 27.5.0+incompatible

Commits

• a187fa5 Merge pull request #5736 from thaJeztah/27.x_vendor_docker_27.5.0
• e32d69e vendor: github.com/docker/docker 38b84dce32c4 (v27.5.0)
• 2767e9e Merge pull request #5732 from thaJeztah/27.x_vendor_docker_27.5.0-rc.2
• a999a40 Merge pull request #5735 from vvoland/5734-27.x
• b277537 gha/build: Publish bin image for release branches
• 919350d vendor: github.com/docker/docker v27.5.0-rc.2
• 80f7848 Merge pull request #5726 from thaJeztah/27.x_update_engine
• 0d27375 Merge pull request #5723 from thaJeztah/27.x_backport_rm_oom_score_adj
• 0ced103 vendor: github.com/docker/docker 43fc912ef59a (v27.5.0-rc.2)
• f068c14 contrib/completion: remove --oom-score-adj daemon flag
• Additional commits viewable in compare view

Updates github.com/evanphx/json-patch from 5.9.0+incompatible to 5.9.11+incompatible

Release notes

Sourced from github.com/evanphx/json-patch's releases.

v5.9.11

What's Changed

• Export errBadJSONDoc and errBadJSONPatch errors by @​skitt in evanphx/json-patch#209

Full Changelog: evanphx/json-patch@v5.9.10...v5.9.11

v5.9.10

What's Changed

• Drop the reference to gopkg.in for v5 by @​skitt in evanphx/json-patch#203
• remove unmaintained errors pkg(github.com/pkg/errors) by @​koba1t in evanphx/json-patch#206

New Contributors

• @​skitt made their first contribution in evanphx/json-patch#203
• @​koba1t made their first contribution in evanphx/json-patch#206

Full Changelog: evanphx/json-patch@v5.9.0...v5.9.10

Commits

• 84a4bb1 Merge pull request #209 from skitt/export-errs-v5
• 7a7a88a Export errBadJSONDoc and errBadJSONPatch errors
• bd18525 Upgrade go-flags
• 42f26cb Fix spacing
• 0a3482b Merge pull request #206 from koba1t/remove_unmaintained_error_pkg
• 106306d remove unmaintained errors pkg
• e7cfbbb Merge pull request #203 from skitt/drop-gopkgin-v5
• 61e1ad7 Drop the reference to gopkg.in for v5
• See full diff in compare view

Updates github.com/evanphx/json-patch/v5 from 5.9.0 to 5.9.11

Release notes

Sourced from github.com/evanphx/json-patch/v5's releases.

v5.9.11

What's Changed

• Export errBadJSONDoc and errBadJSONPatch errors by @​skitt in evanphx/json-patch#209

Full Changelog: evanphx/json-patch@v5.9.10...v5.9.11

v5.9.10

What's Changed

• Drop the reference to gopkg.in for v5 by @​skitt in evanphx/json-patch#203
• remove unmaintained errors pkg(github.com/pkg/errors) by @​koba1t in evanphx/json-patch#206

New Contributors

• @​skitt made their first contribution in evanphx/json-patch#203
• @​koba1t made their first contribution in evanphx/json-patch#206

Full Changelog: evanphx/json-patch@v5.9.0...v5.9.10

Commits

• 84a4bb1 Merge pull request #209 from skitt/export-errs-v5
• 7a7a88a Export errBadJSONDoc and errBadJSONPatch errors
• bd18525 Upgrade go-flags
• 42f26cb Fix spacing
• 0a3482b Merge pull request #206 from koba1t/remove_unmaintained_error_pkg
• 106306d remove unmaintained errors pkg
• e7cfbbb Merge pull request #203 from skitt/drop-gopkgin-v5
• 61e1ad7 Drop the reference to gopkg.in for v5
• See full diff in compare view

Updates github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4

Release notes

Sourced from github.com/go-jose/go-jose/v4's releases.

Version 4.0.4

Fixed

• Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #136 / #137.

Changelog

Sourced from github.com/go-jose/go-jose/v4's changelog.

v4.0.4

Fixed

• Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #136 / #137.

Commits

• 15bc4c2 Update CHANGELOG for 4.0.4 (#138)
• f3534ca Revert #130: JSONWebKeySet: ignore unsupported key types (#137)
• ebaac64 Remove unused JWK error type (#135)
• See full diff in compare view

Updates github.com/google/cel-go from 0.20.1 to 0.23.1

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.23.1

Minor release to address cost tracking and size estimation #1113

Full Changelog: google/cel-go@v0.23.0...v0.23.1

Release v0.23.0

Features

• First and last element in list support #1067
• Add support for typed conformance tests. #1089
• Add syntax for escaped field selectors. #1002
• Add optional.unwrap() / .unwrapOpt() function #1103
• Cost tracking for two-variable comprehensions and bindings #1104

Fixes

PR #1099 enables a change in the internal variable name used for comprehension result accumulation. This change may break some tests which inspect the AST contents in text form; however, will not break any existing uses of CEL during parse, check, or evaluation.

• Improve policy compiler error message for incompatible outputs. #1082
• Fix partial evaluation with the comprehension folder objects #1084
• Introduce versioning options to all extensions #1075
• Fix a crash in mismatched output check for nested rules #1086
• improve debug output to properly quote byte strings #1088
• Fix two-variable comprehension pruning #1083
• Replace checks for valid UTF-8 in strings with go-maintained calls #1094
• Policy nested rule fix #1092
• Address non-const format string lint findings #1096
• Fix typos in ext/README.md #1098
• Add option to use inaccessible accumulator var #1097
• Add test cases for string.format covering various edge cases #1101
• Add base_config and partial_config files under restricted_destination testdata #1106
• Default enable using hidden accumulator name #1099
• Update PruneAst to support constants of optional type #1109

New Contributors

• @​bigkevmcd made their first contribution in google/cel-go#1067
• @​hudlow made their first contribution in google/cel-go#1088
• @​dbuduev made their first contribution in google/cel-go#1098
• @​zeitgeist87 made their first contribution in google/cel-go#1101

Full Changelog: google/cel-go@v0.22.1...v0.23.0

Release v0.22.1

Fixes

• Additional hardening on legacy macros [https://github.com/Additional hardening on legacy macros google/cel-go#1064]
• Additional nil-safety checks with corresponding test updates [https://github.com/Additional nil-safety checks with corresponding test updates google/cel-go#1073]
• Add two-variable comprehension support to cel-policy [https://github.com/Add two-variable comprehension support to cel-policy google/cel-go#1074]
• Fix optional test to short-circuit [https://github.com/Fix optional test to short-circuit google/cel-go#1076]

... (truncated)

Commits

• d8351df Modify cost updates to be more extension friendly (#1113)
• 2f7606a Cost tracking for two-variable comprehensions and bindings (#1104)
• 7621362 Add optional.unwrap() / .unwrapOpt() function (#1103)
• 9f925d8 Bump the npm_and_yarn group across 1 directory with 2 updates (#1110)
• 91fb306 Update PruneAst to support constants of optional type (#1109)
• 33a7f97 Default enable using hidden accumulator name. (#1099)
• ee426f4 Add base_config and partial_config files under restricted_destination testdat...
• 43bc483 Add test cases for string.format covering various edge cases (#1101)
• 628543b Fixes for google import. (#1102)
• fa6eb32 Add option to use inaccessible accumulator var (#1097)
• Additional commits viewable in compare view

Updates github.com/google/gnostic-models from 0.6.9-0.20230804172637-c7be7c783f49 to 0.6.9

Commits

• See full diff in compare view

Updates github.com/google/pprof from 0.0.0-20240827171923-fa2c70bbbfe5 to 0.0.0-20241029153458-d1b30febd7db

Commits

• See full diff in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.20.0 to 2.25.1

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.25.1

Support the new Opaque API in openapiv2 generated files

This release contains breaking changes from v2.25.0, in that the previously deprecated EnumDescriptor and Descriptor methods on the struct types in the openapiv2 options package have been removed. This seems to be a requirement to generate the new Hybrid API. Please open an issue if you were depending on these functions and we'll see what we can do about it.

What's Changed

• protoc-gen-openapiv2: generate hybrid files by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#5088

Full Changelog: grpc-ecosystem/grpc-gateway@v2.25.0...v2.25.1

v2.25.0

What's Changed

• Extend google.protobuf.EnumOptions for Schema by @​hown3d in grpc-ecosystem/grpc-gateway#4931
• fix(deps): Relax the minimum required go version by @​nhhagen in grpc-ecosystem/grpc-gateway#5022
• Correctly expand path variables for Update Methods. by @​nullaus in grpc-ecosystem/grpc-gateway#5041
• Use org_golang_x_tools as module extension by @​mering in grpc-ecosystem/grpc-gateway#5043
• fix: update to protobuf 1.36.0 and exclude synthetic oneofs during populateFieldValueFromPath by @​aerialls in grpc-ecosystem/grpc-gateway#5072

New Contributors

• @​hown3d made their first contribution in grpc-ecosystem/grpc-gateway#4931
• @​nhhagen made their first contribution in grpc-ecosystem/grpc-gateway#5022
• @​nullaus made their first contribution in grpc-ecosystem/grpc-gateway#5041
• @​mering made their first contribution in grpc-ecosystem/grpc-gateway#5043
• @​aerialls made their first contribution in grpc-ecosystem/grpc-gateway#5072

Full Changelog: grpc-ecosystem/grpc-gateway@v2.24.0...v2.25.0

v2.24.0

What's Changed

• feat: skip calling http Write method when response is of empty type by @​reversearrow in grpc-ecosystem/grpc-gateway#4902
• docs: update customizing_your_gateway.md reference by @​emmanuel-ferdman in grpc-ecosystem/grpc-gateway#4940
• Optional specification of stream content type by @​huin in grpc-ecosystem/grpc-gateway#4926
• Add bzlmod support by @​AlejoAsd in grpc-ecosystem/grpc-gateway#4937
• chore: reduce number of empty lines in generated code by @​mmorel-35 in grpc-ecosystem/grpc-gateway#4965
• Fix Bazel module dependencies by @​AlejoAsd in grpc-ecosystem/grpc-gateway#4974
• chore: use standard httpMethod in generated code by @​mmorel-35 in grpc-ecosystem/grpc-gateway#4970
• chore: use errors.Is to compare errors in generated code by @​mmorel-35 in grpc-ecosystem/grpc-gateway#4971
• Fix marshaler interface function name in examples in docs by @​o-nix in grpc-ecosystem/grpc-gateway#4978
• Errors on valid timestamps by @​jakec-github in grpc-ecosystem/grpc-gateway#4973
• Fix Bazel buildtools dependency by @​AlejoAsd in grpc-ecosystem/grpc-gateway#4980

New Contributors

• @​reversearrow made their first contribution in grpc-ecosystem/grpc-gateway#4902
• @​emmanuel-ferdman made their first contribution in grpc-ecosystem/grpc-gateway#4940
• @​huin made their first contribution in grpc-ecosystem/grpc-gateway#4926
• @​AlejoAsd made their first contribution in grpc-ecosystem/grpc-gateway#4937
• @​mmorel-35 made their first contribution in grpc-ecosystem/grpc-gateway#4965
• @​o-nix made their first contribution in grpc-ecosystem/grpc-gateway#4978
• @​jakec-github made their first contribution in grpc-ecosystem/grpc-gateway#4973

... (truncated)

Commits

• c89fdf7 protoc-gen-openapiv2: generate hybrid files (#5088)
• bb4c906 Update gorelease base
• a74e741 fix(deps): update google.golang.org/genproto/googleapis/rpc digest to 6b3ec00...
• e9a2074 chore(deps): update googleapis digest to 5e258e3 (#5087)
• bdc7a7a fix(deps): update google.golang.org/genproto/googleapis/api digest to 6b3ec00...
• 937be39 fix(deps): update google.golang.org/genproto/googleapis/rpc digest to 9240e9c...
• df4d666 chore(deps): update googleapis digest to d55dd1d (#5084)
• e6af5c6 chore(deps): update dependency rules_proto to v7.1.0 (#5079)
• e062b12 fix: update to protobuf 1.36.0 and exclude synthetic oneofs during populateFi...
• 50d84d5 chore(deps): update googleapis digest to 09d4103 (#5083)
• Additional commits viewable in compare view

Updates github.com/k8snetworkplumbingwg/network-attachment-definition-client from 1.7.4 to 1.7.5

Release notes

Sourced from github.com/k8snetworkplumbingwg/network-attachment-definition-client's releases.

v1.7.5

This release contains a fix related to the determination of the default interface, e.g. setting the default parameter to true in the network-status annotation based on the presence of a gateway in the CNI ADD success result ips.gateway and makes the determination of the default based on the first interface that has an associated value of gateway (using the interface index in the ips element in the CNI ADD success result).

This provides flexibility especially in CRI-O which uses the first interface and IP addresses for the pod.IP in Kubernetes, therefore. Containerd functionality is unchanged in that it uses the value for the IP addresses specifically

It's worth noting that CNI ADD success results which do not contain any interfaces will be discarded in this determination of the default, therefore it's recommended to set one with an associated gateway if aiming to have it be noted as the default.

Commits

• 7d2def1 Merge pull request #73 from dougbtv/gw-for-default
• 55f81d3 Assigns default=true on a multiple interface return for first interface with ...
• See full diff in compare view

Updates github.com/klauspost/compress from 1.17.10 to 1.17.11

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.11

What's Changed

• zstd: Fix extra CRC written with multiple Close calls by @​klauspost in klauspost/compress#1017
• s2: Don't use stack for index tables by @​klauspost in klauspost/compress#1014
• gzhttp: No content-type on no body response code by @​juliens in klauspost/compress#1011
• gzhttp: Do not set the content-type when response has no body by @​kevinpollet in klauspost/compress#1013

New Contributors

• @​juliens made their first contribution in klauspost/compress#1011
• @​kevinpollet made their first contribution in klauspost/compress#1013

Full Changelog: klauspost/compress@v1.17.10...v1.17.11

Commits

• 72cd4a9 zstd: Fix extra CRC written with multiple Close calls (#1017)
• dbd6c38 s2: Don't use stack for index tables (#1014)
• f73ab1e Do not set the content-type when response has no body (#1013)
• f2a4f25 build(deps): bump github/codeql-action in the github-actions group (#1012)
• 8e14b1b No content-type on no body response code (#1011)
• 13a1ce6 ci: Match goreleaser version (#1009)
• 6c5a195 Update README.md
• See full diff in compare view

Updates github.com/mailru/easyjson from 0.7.7 to 0.9.0

Release notes

Sourced from github.com/mailru/easyjson's releases.

v0.9.0

up go version and bugfixes

v0.8.0

stable version before go version bump

Commits

• 5e854fb Merge pull request #388 from testwill/string
• 78171e8 Merge pull request #396 from SolidShake/fix-null-map-key
• 907f46a up go version to 1.20
• 0e683d5 only default tests
• 8ef38d7 upd test version
• c2f6bad Merge pull request #405 from IakovLeven/patch-1
• d48874a Merge pull request #381 from niallnsec/master
• 46715aa Fix Unmarshaler interface description
• 3229627 Fix null key in map
• 34d2f3a Only add tags to run command if set
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.19.1 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

v1.20.4

• [BUGFIX] histograms: Fix a possible data race when appending exemplars vs metrics gather. #1623

v1.20.3

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

v1.20.2

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

v1.20.0

Thanks everyone for contributions!

⚠️ In this release we remove one (broken anyway, given Go runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT and GOMAXPROCS flags) to the default collectors.NewGoCollector() collector. Given its popular usage, expect your binary to expose two additional metric.

Changes

• [CHANGE] ⚠️ go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
• [FEATURE] ⚠️ go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimi...

  Description has been truncated

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment