Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update all dependencies #248

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update all dependencies #248

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 19, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/setup-go action minor v5.2.0 -> v5.3.0 age adoption passing confidence
actions/setup-node action minor v4.1.0 -> v4.2.0 age adoption passing confidence
filippo.io/edwards25519 require digest a7dfd8e -> 62e99b0
github.com/aperturerobotics/entitygraph require minor v0.10.1 -> v0.11.0 age adoption passing confidence
github.com/coder/websocket require digest 11bda98 -> d1468a7
github.com/libp2p/go-libp2p require patch v0.38.1 -> v0.38.2 age adoption passing confidence
github.com/nats-io/nats-server/v2 require patch v2.10.24 -> v2.10.25 age adoption passing confidence
github.com/pion/sdp/v3 require patch v3.0.9 -> v3.0.10 age adoption passing confidence
github.com/pion/webrtc/v4 require patch v4.0.6 -> v4.0.8 age adoption passing confidence
github.com/quic-go/quic-go require minor v0.48.2 -> v0.49.0 age adoption passing confidence
github/codeql-action action patch v3.28.0 -> v3.28.8 age adoption passing confidence
go (source) toolchain patch 1.23.4 -> 1.23.5 age adoption passing confidence
golang.org/x/crypto require minor v0.31.0 -> v0.32.0 age adoption passing confidence
golang.org/x/exp require digest b2144cd -> e0ece0d age adoption passing confidence
typescript (source) devDependencies patch 5.7.2 -> 5.7.3 age adoption passing confidence

Release Notes

actions/setup-go (actions/setup-go)

v5.3.0

Compare Source

What's Changed
New Contributors

Full Changelog: actions/setup-go@v5...v5.3.0

actions/setup-node (actions/setup-node)

v4.2.0

Compare Source

aperturerobotics/entitygraph (github.com/aperturerobotics/entitygraph)

v0.11.0

Compare Source

libp2p/go-libp2p (github.com/libp2p/go-libp2p)

v0.38.2

Compare Source

What's Changed

a4433e7 Release v0.38.2
9e08a02 tcpreuse: fix rcmgr accounting when tcp metrics are enabled (#​3142)
6735dd5 fix(net/nat): data race problem of extAddr (#​3140)
1ebb404 test: fix failing test (#​3141)
8f09a3e nat: ignore mapping if external port is 0 (#​3094)
1529945 tcpreuse: error on using tcpreuse with pnet (#​3129)
7397e65 chore: Update contribution guidelines (#​3134)
05b4afe tcp: fix metrics test build directive (#​3052)
1a2387c ci: get back on the main release track of release checker (#​3117)
051fe11 webtransport: fix docstring comment for getCurrentBucketStartTime

Full Changelog: libp2p/go-libp2p@v0.38.1...v0.38.2

nats-io/nats-server (github.com/nats-io/nats-server/v2)

v2.10.25

Compare Source

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version
Dependencies
Improved

JetStream

  • Raft groups will no longer snapshot too often in some situations, improving performance (#​6277)
  • Optimistically perform stream and consumer snapshots on a normal shutdown (#​6279)
  • The stream snapshot interval has been removed, now relying on the compaction minimum, which improves performance (#​6289)
  • Raft groups will no longer report current while they are paused with pending commits (#​6317)
  • Unnecessary client info fields have been removed from stream and consumer assignment proposals, API advisories and stream snapshot/restore advisories (#​6326, #​6338)
  • Reduced lock contention between the JetStream lock and Raft group locks (#​6335)
  • Advisories will only be encoded and sent when there is interest, reducing CPU usage (#​6341)
  • Consumers with inactivity thresholds will now start less clean-up goroutines, which can reduce load on the goroutine scheduler (#​6344)
  • Consumer cleanup goroutines will now stop faster when the server shuts down (#​6351)
Fixed

JetStream

  • Subject state consistency with some message removal patterns (#​6226)
  • A performance issue has been fixed when updating the per-subject state (#​6235)
  • Fixed consistency issues with detecting partial writes in the filestore (#​6283)
  • A race condition between removing peers and updating replica counts has been fixed (#​6316)
  • Pre-acks for a sequence are now removed when the message is removed, correcting a potential memory leak (#​6325)
  • Metalayer snapshot errors are now surfaced correctly (#​6361)
  • Healthchecks no longer re-evaluate stream and consumer assignments, avoiding some streams and consumers being unexpectedly recreated shortly after a deletion (#​6362)
  • Clients should no longer timeout on a retried ack with the AckAll policy after a server restart (#​6392)
  • Replicated consumers should no longer get stuck after leader changes due to incorrect accounting (#​6387)
  • Consumers will now correctly handle the case where messages queued for delivery have been removed, fixing a delivery slowdown (#​6387, #​6399)
  • The API in-flight metric has been fixed so that it does not drift after the queue has been dropped (#​6373)
  • Handles for temporary files are now closed correctly if compression errors occur (#​6390) — Thanks to @​deem0n for the contribution!
  • JetStream will now shut down correctly when detecting that the store directory underlying filesystem has become read-only (#​6292) — Thanks to @​souravagrawal for the contribution!

Leafnodes

  • Fixed an interest propagation issue that could occur when the hub has a user with subscribe permissions on a literal subject (#​6291)
  • Fixed a bug where all queue interest across leafnodes could be dropped over gateways in a supercluster deployment after a leafnode connection drops (#​6377)

Tests

Complete Changes
pion/sdp (github.com/pion/sdp/v3)

v3.0.10

Compare Source

Changelog

pion/webrtc (github.com/pion/webrtc/v4)

v4.0.8

Compare Source

Changelog

  • 99dcc6b Add H265 payloader
  • 608d35f Update module github.com/pion/ice/v4 to v4.0.5
  • fe41afd Fix deadlock in DataChannel with mutex unlock
  • 49b555b Update module github.com/pion/ice/v4 to v4.0.4 (#​3004)
  • f2191fb Finish moving SDESRTPStreamIDURI (#​3000)
  • cdacd1c Rewrite VP8 isKeyFrame check (#​2999)
  • 5edce95 Include sdpMid and sdpMLineIndex for ICECandidates returned by OneICECandidate (#​2990)
  • c50ca41 Improve documentation of ConfigureTWCCSender
  • 6f6231b Minor fixes to TestInterceptorNack
  • b47fbb6 Implement more webrtc-stats
  • c895252 Gracefully close connecting channels (#​2991)
  • 1ee0299 Defense against timebase with denominator 0
  • 40358b3 Defense against timebase with denominator 0
  • d5e07a1 Restore relative timestamp
  • 04b4621 Nits
  • 31d8dbc Fix IVF timestamps
  • 8b3734e Revert "Adapt an existing test to provide coverage"
  • 0ae39fd Revert "IVF writer fix invalid timestamp into headers"
  • 92fce5f Add an end-to-end test for the NACK sender
  • 92d573c Fix broken links in save-to-disk examples
  • 384646e Update module golang.org/x/net to v0.33.0
  • dca5d74 Fix bandwidth-estimation-from-disk timestamping
  • 80b5649 Add Encoder/Decoder info to stats

v4.0.7

Compare Source

Changelog

Full Changelog: pion/webrtc@v4.0.6...v4.0.7

quic-go/quic-go (github.com/quic-go/quic-go)

v0.49.0

Compare Source

In this release, we added support for HTTP client traces. We also fixed a large number of bugs that could lead to connection stalls, deadlocks and memory leaks. See the "Major Fixes" section for more details.

New Features

  • http3: add support for client traces net/http/httptrace.ClientTrace: #​4749. Thanks to @​lRoccoon for the contribution!

Major Fixes

  • fix accounting for lost RESET_STREAM frames in the stream, leading to potential connection stalls / deadlocks: #​4804. Thanks to @​Wondertan for reporting and testing the fix!
  • fix memory leak when the connection ID is rotated when the CONNECTION_CLOSE packet is sent: #​4852. Thanks to @​MarcoPolo for debugging this issue and contributing a fix!
  • http3: fix QUIC connection re-dialing logic: #​4854, #​4875, #​4879
  • trigger sending of a new packet when a MAX_DATA frame (connection-level flow control update) is queued: #​4844
  • Transport.Close was reworked: calls to Transport.Dial are now canceled, and return the newly introduced ErrTransportClosed, as do calls to Transport.Listen: #​4883

Enhancements

  • trace dropping of packets by the Transport when no server is set: #​4789
  • trace dropping of packets that the Transport doesn't send a stateless for: #​4826
  • drain received packets when the connection is closed: #​4773
  • add Prometheus metrics for sent and received packets: #​4910
  • reduce calls to time.Now all over the code base: #​4731, #​4885, #​4886, #​4906
  • packetize DATA_BLOCKED frames in the same QUIC packet that caused us to block on connection-level flow control: #​4845
  • packetize STREAM_DATA_BLOCKED frames in the same QUIC packed that caused us to block on stream-level flow control: #​4801
  • we now don't enforce that only one Transport listens on any given net.PacketConn: #​4851

Other Fixes

  • drain the server's connection accept queue before returning ErrClosed from Accept: #​4846. Thanks to @​sukunrt for discovering this bug and providing very helpful reviews!
  • preserve the error returned from SendStream.Write if it is closed after is canceled: #​4882
  • fix race condition on concurrent calls to Transport.Dial and Transport.Close: #​4904
  • qlog: fix logging of packet_in_flight on the metrics_updated event: #​4895
  • fix errors.Is error comparisons: #​4824, #​4825, #​4877
  • http3: fix race condition on concurrent calls to http.Response.Body.Close: #​4798. Thanks to @​RPRX for the contribution!
  • flowcontrol: reset the connection send window on 0-RTT rejection: #​4764
  • wait for connection to shut down when the Dial context is cancelled: #​4872
  • http3: the http.Request.Body is now properly closed on all code paths that return a non-nil error: #​4874
  • NEW_CONNECTION_ID frames are now rejected when zero-length connection IDs are used, as required by the RFC: #​4878
  • the stream ID of STREAM_DATA_BLOCKED frames is now validated, as required by the RFC: #​4836
  • fix ECN markings of packets sent in GSO batches when the marking changes: #​4835
  • the AEAD used to calculate the Retry Integrity Tag is now created lazily, avoiding a panic on initialization when using Go 1.24 FIPS-only mode: #​4916
  • use a 24h maximum token age as default value for Transport.MaxTokenAge: #​4763

Behind the Scenes

In the v0.48.0 release, we started migrating our test suite away from Ginkgo (tracking issue: #​3652). This is an absolutely massive endeavor. Before we started, the number of LOC of Ginkgo tests was more than 41,000.

In this release, we're bringing this number down to less than 8,500 LOC: #​4736, #​4746, #​4775, #​4783, #​4788, #​4790, #​4795, #​4796, #​4797, #​4799, #​4814, #​4816, #​4817, #​4823, #​4837, #​4842, #​4847, #​4848, #​4849, #​4853, #​4857, #​4860, #​4861, #​4862, #​4863, #​4864, #​4865, #​4869, #​4876, #​4881, #​4907.

There's still a lot of work ahead, but we'll hopefully be able to finish this item in the next couple of months.

Changelog

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 0428a32 to 1a3438b Compare November 21, 2024 01:15
@renovate renovate bot changed the title fix(deps): update all dependencies chore(deps): update all dependencies Nov 21, 2024
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from e122fd5 to bbca7ca Compare November 27, 2024 01:38
@renovate renovate bot changed the title chore(deps): update all dependencies chore(deps): update all dependencies - autoclosed Nov 27, 2024
@renovate renovate bot closed this Nov 27, 2024
@renovate renovate bot deleted the renovate/all branch November 27, 2024 22:31
@renovate renovate bot changed the title chore(deps): update all dependencies - autoclosed chore(deps): update all dependencies Nov 28, 2024
@renovate renovate bot reopened this Nov 28, 2024
@renovate renovate bot changed the title chore(deps): update all dependencies fix(deps): update all dependencies to v0.35.5 Nov 28, 2024
@renovate renovate bot changed the title fix(deps): update all dependencies to v0.35.5 fix(deps): update all dependencies Nov 28, 2024
@renovate renovate bot force-pushed the renovate/all branch 7 times, most recently from 37b9842 to 9809d93 Compare December 5, 2024 02:32
@renovate renovate bot changed the title fix(deps): update all dependencies fix(deps): update all dependencies - autoclosed Dec 6, 2024
@renovate renovate bot closed this Dec 6, 2024
@renovate renovate bot changed the title fix(deps): update all dependencies - autoclosed fix(deps): update all dependencies Dec 10, 2024
@renovate renovate bot reopened this Dec 10, 2024
@renovate renovate bot closed this Dec 23, 2024
@renovate renovate bot changed the title fix(deps): update module github.com/cenkalti/backoff/v4 to v5 - autoclosed fix(deps): update module github.com/cenkalti/backoff/v4 to v5 Dec 23, 2024
@renovate renovate bot reopened this Dec 23, 2024
@renovate renovate bot changed the title fix(deps): update module github.com/cenkalti/backoff/v4 to v5 fix(deps): update module github.com/aperturerobotics/entitygraph to v0.11.0 Dec 23, 2024
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from 8e7cc32 to 12c9f22 Compare December 25, 2024 14:09
@renovate renovate bot changed the title fix(deps): update module github.com/aperturerobotics/entitygraph to v0.11.0 fix(deps): update all dependencies Dec 25, 2024
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Dec 25, 2024
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 5 additional dependencies were updated

Details:

Package Change
github.com/pion/ice/v4 v4.0.3 -> v4.0.5
github.com/pion/rtp v1.8.9 -> v1.8.11
golang.org/x/net v0.32.0 -> v0.34.0
golang.org/x/sys v0.28.0 -> v0.29.0
golang.org/x/tools v0.28.0 -> v0.29.0

@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 503d4d5 to 3c52209 Compare January 9, 2025 01:11
@socket-security Socket Security
Copy link

socket-security bot commented Jan 9, 2025
edited
Loading

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/[email protected] 🔁 npm/[email protected] None 0 22.7 MB typescript-bot

View full report↗︎

@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from dd5c59b to 418a831 Compare January 13, 2025 17:46
@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from 87e7237 to 5e7cf7d Compare January 24, 2025 18:15
@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from 0ef9517 to 88bd69e Compare January 29, 2025 21:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants