Skip to content

chore(deps): bump the main-go-dependencies group with 2 updates #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the main-go-dependencies group with 2 updates #29

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Nov 11, 2025
edited
Loading

Bumps the main-go-dependencies group with 2 updates: github.com/twmb/franz-go and golang.org/x/sync.

Updates github.com/twmb/franz-go from 1.20.2 to 1.20.3

Changelog

Sourced from github.com/twmb/franz-go's changelog.

v1.20.3

This patch release fixes one bug that has existed since 1.19.0 and improves retry behavior on dial failures.

The bug: 1.19 introduced code to, when follower fetching, re-check the preferred replica from the leader every 30 minutes (every RecheckPreferredReplicaInterval). The logic switched back to a leader after handling a fetch response, using the offset that the fetch request was issued with. The client would give you data that it just fetched, go back to the leader, and then get redirected back to the follower using the offset from before the fetch it just gave you. You would then receive a bit of duplicate data as the pre-fetch offset is re-fetched. This is no longer the case.

The improvement: on sharded requests (certain requests that may need to be split and sent to many brokers), dial errors were not retried. They are now retried.

  • d5085e90 kgo: retry dial errors on sharded requests if possible
  • 70c81779 kgo source: expired old preferred replicas while creating req, not handling resp
Commits
  • 4461cd2 Merge pull request #1161 from twmb/cl
  • 3fe24fd changelog: note v1.20.3
  • 8c0e11f Merge pull request #1158 from twmb/patches
  • 89339e4 Merge pull request #1159 from ybrustin/docs_minor
  • 32d5070 Minor docs fix (20s instead of 20, 20 instead of 20s)
  • a7aafaf kgo: remove old go version build tag files, fix lints
  • d5085e9 kgo: retry dial errors on sharded requests if possible
  • 39afb0b tests: use local kmsg,kadm packages for kfake when testing
  • 70c8177 kgo source: expired old preferred replicas while creating req, not handling resp
  • See full diff in compare view

Updates golang.org/x/sync from 0.17.0 to 0.18.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the main-go-dependencies group with 2 updates
3f53a71 
Bumps the main-go-dependencies group with 2 updates: [github.com/twmb/franz-go](https://github.com/twmb/franz-go) and [golang.org/x/sync](https://github.com/golang/sync).


Updates `github.com/twmb/franz-go` from 1.20.2 to 1.20.3
- [Changelog](https://github.com/twmb/franz-go/blob/master/CHANGELOG.md)
- [Commits](twmb/franz-go@v1.20.2...v1.20.3)

Updates `golang.org/x/sync` from 0.17.0 to 0.18.0
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/twmb/franz-go
  dependency-version: 1.20.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: main-go-dependencies
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main-go-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Nov 11, 2025
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 12, 2025

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot bot closed this Nov 12, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/main-go-dependencies-bd44998d1d branch November 12, 2025 05:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant