Skip to content

chore(deps): bump the gomod-version-updates group across 1 directory with 7 updates #512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the gomod-version-updates group across 1 directory with 7 updates #512

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 8, 2025
edited
Loading

Bumps the gomod-version-updates group with 5 updates in the / directory:

Package From To
github.com/golang-jwt/jwt/v5 5.2.2 5.3.0
github.com/grpc-ecosystem/grpc-gateway/v2 2.27.1 2.27.2
github.com/stretchr/testify 1.10.0 1.11.1
golang.org/x/oauth2 0.30.0 0.31.0
google.golang.org/protobuf 1.36.7 1.36.8

Updates github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.3.0

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.0

This release is almost identical to to v5.2.3 but now correctly indicates Go 1.21 as minimum requirement.

What's Changed

Full Changelog: golang-jwt/jwt@v5.2.3...v5.3.0

v5.2.3

What's Changed

New Contributors

Full Changelog: golang-jwt/jwt@v5.2.2...v5.2.3

Commits

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.1 to 2.27.2

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.27.2

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.1...v2.27.2

Commits
  • 91958df chore(deps): update dependency rules_shell to v0.6.0 (#5862)
  • 74cf2e0 Replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 (#5857)
  • 2fba191 chore(deps): update googleapis digest to 3b2a2ae (#5860)
  • ed12336 fix(deps): update module google.golang.org/grpc to v1.75.0 (#5859)
  • c2a8616 chore(deps): update googleapis digest to 2032c33 (#5858)
  • 77e504f Fix nested schema definition for body parameter (#3058) (#5827)
  • 7df4168 fix(deps): update google.golang.org/genproto/googleapis/rpc digest to 3122310...
  • 6d1d1fc fix(deps): update google.golang.org/genproto/googleapis/api digest to 3122310...
  • ec3d9b2 chore(deps): update googleapis digest to d869249 (#5852)
  • 8499438 chore(deps): update googleapis digest to 6429996 (#5851)
  • Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Fixes

Documentation, Build & CI

... (truncated)

Commits
  • 2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
  • af8c912 Backport #1786 to release/1.11
  • b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
  • 69831f3 build(deps): bump actions/checkout from 4 to 5
  • a53be35 Improve captureTestingT helper
  • aafb604 mock: improve formatting of error message
  • 7218e03 improve error msg
  • 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
  • bc7459e suite: faster filtering of methods (-testify.m)
  • 7d37b5c suite: refactor methodFilter
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.30.0 to 0.31.0

Commits
  • 014cf77 all: upgrade go directive to at least 1.24.0 [generated]
  • 3c76ce5 endpoints: correct Naver OAuth2 endpoint URLs
  • See full diff in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20250603155806-513f23925822 to 0.0.0-20250818200422-3122310a409c

Commits

Updates google.golang.org/grpc from 1.74.2 to 1.75.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.75.0

Behavior Changes

  • xds: Remove support for GRPC_EXPERIMENTAL_XDS_FALLBACK environment variable. Fallback support can no longer be disabled. (#8482)
  • stats: Introduce DelayedPickComplete event, a type alias of PickerUpdated. (#8465)
    • This (combined) event will now be emitted only once per call, when a transport is successfully selected for the attempt.
    • OpenTelemetry metrics will no longer have multiple "Delayed LB pick complete" events in Go, matching other gRPC languages.
    • A future release will delete the PickerUpdated symbol.
  • credentials: Properly apply grpc.WithAuthority as the highest-priority option for setting authority, above the setting in the credentials themselves. (#8488)
    • Now that this WithAuthority is available, the credentials should not be used to override the authority.
  • round_robin: Randomize the order in which addresses are connected to in order to spread out initial RPC load between clients. (#8438)
  • server: Return status code INTERNAL when a client sends more than one request in unary and server streaming RPC. (#8385)
    • This is a behavior change but also a bug fix to bring gRPC-Go in line with the gRPC spec.

New Features

  • dns: Add an environment variable (GRPC_ENABLE_TXT_SERVICE_CONFIG) to provide a way to disable TXT lookups in the DNS resolver (by setting it to false). By default, TXT lookups are enabled, as they were previously. (#8377)

Bug Fixes

  • xds: Fix regression preventing empty node IDs in xDS bootstrap configuration. (#8476)
  • xds: Fix possible panic when certain invalid resources are encountered. (#8412)
  • xdsclient: Fix a rare panic caused by processing a response from a closed server. (#8389)
  • stats: Fix metric unit formatting by enclosing non-standard units like call and endpoint in curly braces to comply with UCUM and gRPC OpenTelemetry guidelines. (#8481)
  • xds: Fix possible panic when clusters are removed from the xds configuration. (#8428)
  • xdsclient: Fix a race causing "resource doesn not exist" when rapidly subscribing and unsubscribing to the same resource. (#8369)
  • client: When determining the authority, properly percent-encode (if needed, which is unlikely) when the target string omits the hostname and only specifies a port (grpc.NewClient(":<port-number-or-name>")). (#8488)
Commits
  • b9788ef Change version to 1.75.0 (#8493)
  • 2bd74b2 credentials: fix behavior of grpc.WithAuthority and credential handshake prec...
  • 9fa3267 xds: remove xds client fallback environment variable (#8482)
  • 62ec29f grpc: Fix cardinality violations in non-client streaming RPCs. (#8385)
  • 85240a5 stats: change non-standard units to annotations (#8481)
  • ac13172 update deps (#8478)
  • 0a895bc examples/opentelemetry: use experimental metrics in example (#8441)
  • 8b61e8f xdsclient: do not process updates from closed server channels (#8389)
  • 7238ab1 Allow empty nodeID (#8476)
  • 9186ebd cleanup: use slices.Equal to simplify code (#8472)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.7 to 1.36.8

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 8, 2025
@dependabot
chore(deps): bump the gomod-version-updates group across 1 directory …
5879e6e 
…with 7 updates

Bumps the gomod-version-updates group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) | `5.2.2` | `5.3.0` |
| [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) | `2.27.1` | `2.27.2` |
| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.10.0` | `1.11.1` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.30.0` | `0.31.0` |
| google.golang.org/protobuf | `1.36.7` | `1.36.8` |



Updates `github.com/golang-jwt/jwt/v5` from 5.2.2 to 5.3.0
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](golang-jwt/jwt@v5.2.2...v5.3.0)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.27.1 to 2.27.2
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](grpc-ecosystem/grpc-gateway@v2.27.1...v2.27.2)

Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.10.0...v1.11.1)

Updates `golang.org/x/oauth2` from 0.30.0 to 0.31.0
- [Commits](golang/oauth2@v0.30.0...v0.31.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20250603155806-513f23925822 to 0.0.0-20250818200422-3122310a409c
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.74.2 to 1.75.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.74.2...v1.75.0)

Updates `google.golang.org/protobuf` from 1.36.7 to 1.36.8

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version-updates
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-version: 2.27.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod-version-updates
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version-updates
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version-updates
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-version: 0.0.0-20250818200422-3122310a409c
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod-version-updates
- dependency-name: google.golang.org/grpc
  dependency-version: 1.75.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-version-updates
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/gomod-version-updates-db29789eb2 branch from 1886e6c to 5879e6e Compare September 22, 2025 07:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants