Skip to content

build(deps): bump the go group with 12 updates #1319

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 1, 2025
Merged

build(deps): bump the go group with 12 updates #1319

merged 1 commit into from
Oct 1, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps the go group with 12 updates:

Package From To
cloud.google.com/go/storage 1.56.1 1.57.0
github.com/Azure/azure-sdk-for-go/sdk/azcore 1.19.0 1.19.1
github.com/Azure/azure-sdk-for-go/sdk/azidentity 1.11.0 1.12.0
github.com/aws/aws-sdk-go-v2 1.38.3 1.39.2
github.com/aws/aws-sdk-go-v2/config 1.31.6 1.31.12
github.com/aws/aws-sdk-go-v2/service/s3 1.87.3 1.88.3
github.com/prometheus/client_golang 1.23.0 1.23.2
golang.org/x/net 0.43.0 0.44.0
golang.org/x/sync 0.16.0 0.17.0
google.golang.org/api 0.247.0 0.251.0
google.golang.org/grpc 1.74.2 1.75.1
google.golang.org/protobuf 1.36.7 1.36.9

Updates cloud.google.com/go/storage from 1.56.1 to 1.57.0

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.57.0

1.57.0 (2025-09-23)

Features

  • storage/control: Add new GetIamPolicy, SetIamPolicy, and TestIamPermissions RPCs (d73f912)
  • storage: Post support dynamic key name (#12677) (9e761f9)
  • storage: WithMeterProvider allows custom meter provider configuration (#12668) (7f574b0)

Bug Fixes

Performance Improvements

Commits
  • 8efa03a chore(main): release spanner 1.57.0 (#9337)
  • 7ff5356 fix(spanner): SelectAll struct fields match should be case-insensitive (#9417)
  • f377281 fix(spanner): internal test package should import local version (#9416)
  • 8c76415 chore(main): release storage 1.38.0 (#9336)
  • 36d788b chore(main): release bigquery 1.59.1 (#9412)
  • 4ac005d fix(bigquery): align return time.Time values to UTC (#9411)
  • ae8c7b7 chore: release main (#9384)
  • f049c97 fix(aiplatform): remove field max_wait_duration from message Scheduling (#9...
  • f7170e2 chore: update CI to turn gowork setting off for build/test (#9396)
  • 530d273 chore(main): release vertexai 0.7.1 (#9395)
  • Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.19.1

1.19.1 (2025-09-11)

Bugs Fixed

  • Fixed resource identifier parsing for provider-specific resource hierarchies containing "resourceGroups" segments.

Other Changes

  • Improved error fall-back for improperly authored long-running operations.
  • Upgraded dependencies.
Commits

Updates github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.11.0 to 1.12.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.

sdk/azidentity/v1.12.0

1.12.0 (2025-09-16)

Features Added

  • Added DefaultAzureCredentialOptions.RequireAzureTokenCredentials. NewDefaultAzureCredential returns an error when this option is true and the environment variable AZURE_TOKEN_CREDENTIALS has no value.

Other Changes

  • AzureDeveloperCLICredential no longer hangs when AZD_DEBUG is set
  • GetToken methods of AzureCLICredential and AzureDeveloperCLICredential return an error when TokenRequestOptions.Claims has a value because these credentials can't acquire a token in that case. The error messages describe the action required to get a token.

sdk/internal/v1.11.2

1.11.2 (2025-07-30)

Other Changes

  • errorinfo.NonRetriable() doesn't wrap errors which are already NonRetriable
Commits

Updates github.com/aws/aws-sdk-go-v2 from 1.38.3 to 1.39.2

Commits

Updates github.com/aws/aws-sdk-go-v2/config from 1.31.6 to 1.31.12

Commits

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.3 to 1.88.3

Commits

Updates github.com/prometheus/client_golang from 1.23.0 to 1.23.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.2 - 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.2 / 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Commits

Updates golang.org/x/net from 0.43.0 to 0.44.0

Commits
  • 3b23d57 http2: fix race condition when disabling goroutine debugging for one test
  • 8741050 http2: simplify TestServer_Push_RejectAfterGoAway
  • 96e405c http2: modernize TestTransportRoundtripCloseOnWriteError
  • 6dc6880 http2: simplify ClientConn Close and Shutdown tests
  • 4e2915b http2: modernize TestTransportAllocationsAfterResponseBodyClose
  • 30b0e78 http2: modernize TestRoundTripDoesntConsumeRequestBodyEarly
  • b9acd77 http2: speed up TestTransportFlowControl
  • 5153f4d go.mod: update golang.org/x dependencies
  • 9338bdd http2: speed up TestTransportHandlerBodyClose
  • 6b20036 http2: add synchronous handler support to serverTester
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.16.0 to 0.17.0

Commits
  • 04914c2 all: upgrade go directive to at least 1.24.0 [generated]
  • See full diff in compare view

Updates google.golang.org/api from 0.247.0 to 0.251.0

Release notes

Sourced from google.golang.org/api's releases.

v0.251.0

0.251.0 (2025-09-30)

Features

v0.250.0

0.250.0 (2025-09-25)

Features

v0.249.0

0.249.0 (2025-09-08)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.251.0 (2025-09-30)

Features

0.250.0 (2025-09-25)

Features

0.249.0 (2025-09-08)

Features

... (truncated)

Commits

Updates google.golang.org/grpc from 1.74.2 to 1.75.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.75.1

Bug Fixes

  • transport: Fix a data race while copying headers for stats handlers in the std lib http2 server transport. (#8519)
  • xdsclient:
    • Fix a data race caused while reporting load to LRS. (#8483)
    • Fix regression preventing empty node IDs when creating an LRS client. (#8483)
  • server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)

Release 1.75.0

Behavior Changes

  • xds: Remove support for GRPC_EXPERIMENTAL_XDS_FALLBACK environment variable. Fallback support can no longer be disabled. (#8482)
  • stats: Introduce DelayedPickComplete event, a type alias of PickerUpdated. (#8465)
    • This (combined) event will now be emitted only once per call, when a transport is successfully selected for the attempt.
    • OpenTelemetry metrics will no longer have multiple "Delayed LB pick complete" events in Go, matching other gRPC languages.
    • A future release will delete the PickerUpdated symbol.
  • credentials: Properly apply grpc.WithAuthority as the highest-priority option for setting authority, above the setting in the credentials themselves. (#8488)
    • Now that this WithAuthority is available, the credentials should not be used to override the authority.
  • round_robin: Randomize the order in which addresses are connected to in order to spread out initial RPC load between clients. (#8438)
  • server: Return status code INTERNAL when a client sends more than one request in unary and server streaming RPC. (#8385)
    • This is a behavior change but also a bug fix to bring gRPC-Go in line with the gRPC spec.

New Features

  • dns: Add an environment variable (GRPC_ENABLE_TXT_SERVICE_CONFIG) to provide a way to disable TXT lookups in the DNS resolver (by setting it to false). By default, TXT lookups are enabled, as they were previously. (#8377)

Bug Fixes

  • xds: Fix regression preventing empty node IDs in xDS bootstrap configuration. (#8476)
  • xds: Fix possible panic when certain invalid resources are encountered. (#8412)
  • xdsclient: Fix a rare panic caused by processing a response from a closed server. (#8389)
  • stats: Fix metric unit formatting by enclosing non-standard units like call and endpoint in curly braces to comply with UCUM and gRPC OpenTelemetry guidelines. (#8481)
  • xds: Fix possible panic when clusters are removed from the xds configuration. (#8428)
  • xdsclient: Fix a race causing "resource doesn not exist" when rapidly subscribing and unsubscribing to the same resource. (#8369)
  • client: When determining the authority, properly percent-encode (if needed, which is unlikely) when the target string omits the hostname and only specifies a port (grpc.NewClient(":<port-number-or-name>")). (#8488)

Release 1.74.3

Bug Fixes

  • xds: Fix a regression preventing empty node IDs in the bootstrap configuration. (#8476 , #8483)
  • xdsclient: Fix a data race caused while reporting load to LRS. (#8483)
  • server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)
Commits

Updates google.golang.org/protobuf from 1.36.7 to 1.36.9

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the go group with 12 updates
05a6fa4 
Bumps the go group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.56.1` | `1.57.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) | `1.19.0` | `1.19.1` |
| [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.11.0` | `1.12.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.38.3` | `1.39.2` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.31.6` | `1.31.12` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.87.3` | `1.88.3` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.23.0` | `1.23.2` |
| [golang.org/x/net](https://github.com/golang/net) | `0.43.0` | `0.44.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.16.0` | `0.17.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.247.0` | `0.251.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.74.2` | `1.75.1` |
| google.golang.org/protobuf | `1.36.7` | `1.36.9` |


Updates `cloud.google.com/go/storage` from 1.56.1 to 1.57.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@storage/v1.56.1...spanner/v1.57.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azcore` from 1.19.0 to 1.19.1
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/sdk-breaking-changes-guide-migration.md)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.19.0...sdk/azcore/v1.19.1)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.11.0 to 1.12.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/sdk-breaking-changes-guide-migration.md)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.11.0...sdk/azcore/v1.12.0)

Updates `github.com/aws/aws-sdk-go-v2` from 1.38.3 to 1.39.2
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.38.3...v1.39.2)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.31.6 to 1.31.12
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@config/v1.31.6...config/v1.31.12)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.87.3 to 1.88.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.87.3...service/s3/v1.88.3)

Updates `github.com/prometheus/client_golang` from 1.23.0 to 1.23.2
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.23.0...v1.23.2)

Updates `golang.org/x/net` from 0.43.0 to 0.44.0
- [Commits](golang/net@v0.43.0...v0.44.0)

Updates `golang.org/x/sync` from 0.16.0 to 0.17.0
- [Commits](golang/sync@v0.16.0...v0.17.0)

Updates `google.golang.org/api` from 0.247.0 to 0.251.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.247.0...v0.251.0)

Updates `google.golang.org/grpc` from 1.74.2 to 1.75.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.74.2...v1.75.1)

Updates `google.golang.org/protobuf` from 1.36.7 to 1.36.9

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-version: 1.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore
  dependency-version: 1.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.39.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.31.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.88.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.23.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/sync
  dependency-version: 0.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-version: 0.251.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/grpc
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 1, 2025
@Acconut Acconut merged commit 453a1b5 into main Oct 1, 2025
14 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/go-4e27505278 branch October 1, 2025 06:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Acconut