Skip to content

Doc/usingpixiedev #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
entlein wants to merge 93 commits into
base: pipeline-support-wip
Choose a base branch
from
Open

Doc/usingpixiedev #7

entlein wants to merge 93 commits into from

Conversation

@entlein
Copy link

@entlein entlein commented May 12, 2025

I merged it into main, possibly should have merged it into this branch -> anyways: after you set your deploy api key into the first line of the values file and call it myvalues.yaml it will allow you to use the (very much patched) helm chart and deploy it on top of your running pixie.
havnt tested standalone yet . In that case you dont need to annotate half of the universe , first.

Lemme know if you need it elsewhere. its location is clearly not in a final place

dependabot bot and others added 30 commits February 19, 2025 23:42
@dependabot
Bump actions/cache from 4.2.0 to 4.2.1 (pixie-io#2128)
79651b3 
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.0 to
4.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>docs: GitHub is spelled incorrectly in caching-strategies.md by <a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li>docs: Make the &quot;always save prime numbers&quot; example more
clear by <a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li>Update force deletion docs due a recent deprecation by <a
href="https://github.com/sebbalex"><code>@​sebbalex</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
<li>Bump <code>@​actions/cache</code> to v4.0.1 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1554">actions/cache#1554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/janco-absa"><code>@​janco-absa</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1526">actions/cache#1526</a></li>
<li><a href="https://github.com/Tobbe"><code>@​Tobbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1525">actions/cache#1525</a></li>
<li><a href="https://github.com/sebbalex"><code>@​sebbalex</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1500">actions/cache#1500</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.0...v4.2.1">https://github.com/actions/cache/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.4.0</h3>
<ul>
<li>Integrated with the new cache service (v2) APIs</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/0c907a75c2c80ebcb7f088228285e798b750cf8f"><code>0c907a7</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1554">#1554</a>
from actions/robherley/v4.2.1</li>
<li><a
href="https://github.com/actions/cache/commit/710893c2369beb60748049b671f18c43a3656fce"><code>710893c</code></a>
bump <code>@​actions/cache</code> to v4.0.1</li>
<li><a
href="https://github.com/actions/cache/commit/9fa7e61ec7e1f44ac75218e7aaea81da8856fd11"><code>9fa7e61</code></a>
Update force deletion docs due a recent deprecation (<a
href="https://redirect.github.com/actions/cache/issues/1500">#1500</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/36f1e144e1c8edb0a652766b484448563d8baf46"><code>36f1e14</code></a>
docs: Make the &quot;always save prime numbers&quot; example more clear
(<a
href="https://redirect.github.com/actions/cache/issues/1525">#1525</a>)</li>
<li><a
href="https://github.com/actions/cache/commit/53aa38c736a561b9c17b62df3fe885a17b78ee6d"><code>53aa38c</code></a>
Correct GitHub Spelling in caching-strategies.md (<a
href="https://redirect.github.com/actions/cache/issues/1526">#1526</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/1bd1e32a3bdc45362d1e726936510720a7c30a57...0c907a75c2c80ebcb7f088228285e798b750cf8f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.2.0&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump esbuild from 0.18.2 to 0.25.0 in /src/ui (pixie-io#2117)
2232e76 
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.18.2 to 0.25.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.25.0</h2>
<p><strong>This release deliberately contains backwards-incompatible
changes.</strong> To avoid automatically picking up releases like this,
you should either be pinning the exact version of <code>esbuild</code>
in your <code>package.json</code> file (recommended) or be using a
version range syntax that only accepts patch upgrades such as
<code>^0.24.0</code> or <code>~0.24.0</code>. See npm's documentation
about <a
href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for
more information.</p>
<ul>
<li>
<p>Restrict access to esbuild's development server (<a
href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">GHSA-67mh-4wv8-2f99</a>)</p>
<p>This change addresses esbuild's first security vulnerability report.
Previously esbuild set the <code>Access-Control-Allow-Origin</code>
header to <code>*</code> to allow esbuild's development server to be
flexible in how it's used for development. However, this allows the
websites you visit to make HTTP requests to esbuild's local development
server, which gives read-only access to your source code if the website
were to fetch your source code's specific URL. You can read more
information in <a
href="https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99">the
report</a>.</p>
<p>Starting with this release, <a
href="https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS">CORS</a>
will now be disabled, and requests will now be denied if the host does
not match the one provided to <code>--serve=</code>. The default host is
<code>0.0.0.0</code>, which refers to all of the IP addresses that
represent the local machine (e.g. both <code>127.0.0.1</code> and
<code>192.168.0.1</code>). If you want to customize anything about
esbuild's development server, you can <a
href="https://esbuild.github.io/api/#serve-proxy">put a proxy in front
of esbuild</a> and modify the incoming and/or outgoing requests.</p>
<p>In addition, the <code>serve()</code> API call has been changed to
return an array of <code>hosts</code> instead of a single
<code>host</code> string. This makes it possible to determine all of the
hosts that esbuild's development server will accept.</p>
<p>Thanks to <a
href="https://github.com/sapphi-red"><code>@​sapphi-red</code></a> for
reporting this issue.</p>
</li>
<li>
<p>Delete output files when a build fails in watch mode (<a
href="https://redirect.github.com/evanw/esbuild/issues/3643">#3643</a>)</p>
<p>It has been requested for esbuild to delete files when a build fails
in watch mode. Previously esbuild left the old files in place, which
could cause people to not immediately realize that the most recent build
failed. With this release, esbuild will now delete all output files if a
rebuild fails. Fixing the build error and triggering another rebuild
will restore all output files again.</p>
</li>
<li>
<p>Fix correctness issues with the CSS nesting transform (<a
href="https://redirect.github.com/evanw/esbuild/issues/3620">#3620</a>,
<a
href="https://redirect.github.com/evanw/esbuild/issues/3877">#3877</a>,
<a
href="https://redirect.github.com/evanw/esbuild/issues/3933">#3933</a>,
<a
href="https://redirect.github.com/evanw/esbuild/issues/3997">#3997</a>,
<a
href="https://redirect.github.com/evanw/esbuild/issues/4005">#4005</a>,
<a href="https://redirect.github.com/evanw/esbuild/pull/4037">#4037</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4038">#4038</a>)</p>
<p>This release fixes the following problems:</p>
<ul>
<li>
<p>Naive expansion of CSS nesting can result in an exponential blow-up
of generated CSS if each nesting level has multiple selectors.
Previously esbuild sometimes collapsed individual nesting levels using
<code>:is()</code> to limit expansion. However, this collapsing wasn't
correct in some cases, so it has been removed to fix correctness
issues.</p>
<pre lang="css"><code>/* Original code */
.parent {
  &gt; .a,
  &gt; .b1 &gt; .b2 {
    color: red;
  }
}
<p>/* Old output (with --supported:nesting=false) */<br />
.parent &gt; :is(.a, .b1 &gt; .b2) {<br />
color: red;<br />
}</p>
<p>/* New output (with --supported:nesting=false) */<br />
.parent &gt; .a,<br />
.parent &gt; .b1 &gt; .b2 {<br />
color: red;<br />
}<br />
</code></pre></p>
<p>Thanks to <a
href="https://github.com/tim-we"><code>@​tim-we</code></a> for working
on a fix.</p>
</li>
<li>
<p>The <code>&amp;</code> CSS nesting selector can be repeated multiple
times to increase CSS specificity. Previously esbuild ignored this
possibility and incorrectly considered <code>&amp;&amp;</code> to have
the same specificity as <code>&amp;</code>. With this release, this
should now work correctly:</p>
<pre lang="css"><code>/* Original code (color should be red) */
</code></pre>
</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG-2023.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog: 2023</h1>
<p>This changelog documents all esbuild versions published in the year
2023 (versions 0.16.13 through 0.19.11).</p>
<h2>0.19.11</h2>
<ul>
<li>
<p>Fix TypeScript-specific class transform edge case (<a
href="https://redirect.github.com/evanw/esbuild/issues/3559">#3559</a>)</p>
<p>The previous release introduced an optimization that avoided
transforming <code>super()</code> in the class constructor for
TypeScript code compiled with <code>useDefineForClassFields</code> set
to <code>false</code> if all class instance fields have no initializers.
The rationale was that in this case, all class instance fields are
omitted in the output so no changes to the constructor are needed.
However, if all of this is the case <em>and</em> there are
<code>#private</code> instance fields with initializers, those private
instance field initializers were still being moved into the constructor.
This was problematic because they were being inserted before the call to
<code>super()</code> (since <code>super()</code> is now no longer
transformed in that case). This release introduces an additional
optimization that avoids moving the private instance field initializers
into the constructor in this edge case, which generates smaller code,
matches the TypeScript compiler's output more closely, and avoids this
bug:</p>
<pre lang="ts"><code>// Original code
class Foo extends Bar {
  #private = 1;
  public: any;
  constructor() {
    super();
  }
}
<p>// Old output (with esbuild v0.19.9)<br />
class Foo extends Bar {<br />
constructor() {<br />
super();<br />
this.#private = 1;<br />
}<br />
#private;<br />
}</p>
<p>// Old output (with esbuild v0.19.10)<br />
class Foo extends Bar {<br />
constructor() {<br />
this.#private = 1;<br />
super();<br />
}<br />
#private;<br />
}</p>
<p>// New output<br />
class Foo extends Bar {<br />
#private = 1;<br />
constructor() {<br />
super();<br />
}<br />
}<br />
</code></pre></p>
</li>
<li>
<p>Minifier: allow reording a primitive past a side-effect (<a
href="https://redirect.github.com/evanw/esbuild/issues/3568">#3568</a>)</p>
<p>The minifier previously allowed reordering a side-effect past a
primitive, but didn't handle the case of reordering a primitive past a
side-effect. This additional case is now handled:</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/evanw/esbuild/commit/e9174d671b1882758cd32ac5e146200f5bee3e45"><code>e9174d6</code></a>
publish 0.25.0 to npm</li>
<li><a
href="https://github.com/evanw/esbuild/commit/c27dbebb9e7a55dd9a084dd151dddd840787490e"><code>c27dbeb</code></a>
fix <code>hosts</code> in <code>plugin-tests.js</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/6794f602a453cf0255bcae245871de120a89a559"><code>6794f60</code></a>
fix <code>hosts</code> in <code>node-unref-tests.js</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/de85afd65edec9ebc44a11e245fd9e9a2e99760d"><code>de85afd</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/evanw/esbuild/commit/da1de1bf77a65f06654b49878d9ec4747ddaa21f"><code>da1de1b</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4065">#4065</a>:
bitwise operators can return bigints</li>
<li><a
href="https://github.com/evanw/esbuild/commit/f4e9d19fb20095a98bf40634f0380f6a16be91e7"><code>f4e9d19</code></a>
switch case liveness: <code>default</code> is always last</li>
<li><a
href="https://github.com/evanw/esbuild/commit/7aa47c3e778ea04849f97f18dd9959df88fa0886"><code>7aa47c3</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4028">#4028</a>:
minify live/dead <code>switch</code> cases better</li>
<li><a
href="https://github.com/evanw/esbuild/commit/22ecd306190b8971ec4474b5485266c20350e266"><code>22ecd30</code></a>
minify: more constant folding for strict equality</li>
<li><a
href="https://github.com/evanw/esbuild/commit/4cdf03c03697128044fa8fb76e5c478e9765b353"><code>4cdf03c</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4053">#4053</a>:
reordering of <code>.tsx</code> in <code>node_modules</code></li>
<li><a
href="https://github.com/evanw/esbuild/commit/dc719775b7140120916bd9e6777ca1cb8a1cdc0e"><code>dc71977</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3692">#3692</a>:
<code>0</code> now picks a random ephemeral port</li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.18.2...v0.25.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=esbuild&package-manager=npm_and_yarn&previous-version=0.18.2&new-version=0.25.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump express from 4.19.2 to 4.21.2 in /src/ui (pixie-io#2080)
bc5efbc 
Bumps [express](https://github.com/expressjs/express) from 4.19.2 to
4.21.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add funding field (v4) by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6065">expressjs/express#6065</a></li>
<li>deps: path-to-regexp@0.1.11 by <a
href="https://github.com/blakeembrey"><code>@​blakeembrey</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/5956">expressjs/express#5956</a></li>
<li>deps: bump path-to-regexp@0.1.12 by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6209">expressjs/express#6209</a></li>
<li>Release: 4.21.2 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6094">expressjs/express#6094</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.1...4.21.2">https://github.com/expressjs/express/compare/4.21.1...4.21.2</a></p>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@​joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
<h2>4.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Deprecate <code>&quot;back&quot;</code> magic string in redirects by
<a href="https://github.com/blakeembrey"><code>@​blakeembrey</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5935">expressjs/express#5935</a></li>
<li>finalhandler@1.3.1 by <a
href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5954">expressjs/express#5954</a></li>
<li>fix(deps): serve-static@1.16.2 by <a
href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5951">expressjs/express#5951</a></li>
<li>Upgraded dependency qs to 6.13.0 to match qs in body-parser by <a
href="https://github.com/agadzinski93"><code>@​agadzinski93</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5946">expressjs/express#5946</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/agadzinski93"><code>@​agadzinski93</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/express/pull/5946">expressjs/express#5946</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.20.0...4.21.0">https://github.com/expressjs/express/compare/4.20.0...4.21.0</a></p>
<h2>4.20.0</h2>
<h2>What's Changed</h2>
<h3>Important</h3>
<ul>
<li>IMPORTANT: The default <code>depth</code> level for parsing
URL-encoded data is now <code>32</code> (previously was
<code>Infinity</code>)</li>
<li>Remove link renderization in html while using
<code>res.redirect</code></li>
</ul>
<h3>Other Changes</h3>
<ul>
<li>4.19.2 Staging by <a
href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5561">expressjs/express#5561</a></li>
<li>remove duplicate location test for data uri by <a
href="https://github.com/wesleytodd"><code>@​wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5562">expressjs/express#5562</a></li>
<li>feat: document beta releases expectations by <a
href="https://github.com/marco-ippolito"><code>@​marco-ippolito</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5565">expressjs/express#5565</a></li>
<li>Cut down on duplicated CI runs by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5564">expressjs/express#5564</a></li>
<li>Add a Threat Model by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5526">expressjs/express#5526</a></li>
<li>Assign captain of encodeurl by <a
href="https://github.com/blakeembrey"><code>@​blakeembrey</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/5579">expressjs/express#5579</a></li>
<li>Nominate jonchurch as repo captain for <code>http-errors</code>,
<code>expressjs.com</code>, <code>morgan</code>, <code>cors</code>,
<code>body-parser</code> by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5587">expressjs/express#5587</a></li>
<li>docs: update Security.md by <a
href="https://github.com/inigomarquinez"><code>@​inigomarquinez</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5590">expressjs/express#5590</a></li>
<li>docs: update triage nomination policy by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5600">expressjs/express#5600</a></li>
<li>Add CodeQL (SAST) by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5433">expressjs/express#5433</a></li>
<li>docs: add UlisesGascon as triage initiative captain by <a
href="https://github.com/UlisesGascon"><code>@​UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5605">expressjs/express#5605</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.2/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.2 / 2024-11-06</h1>
<ul>
<li>deps: path-to-regexp@0.1.12
<ul>
<li>Fix backtracking protection</li>
</ul>
</li>
<li>deps: path-to-regexp@0.1.11
<ul>
<li>Throws an error on invalid path values</li>
</ul>
</li>
</ul>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
<h1>4.21.0 / 2024-09-11</h1>
<ul>
<li>Deprecate <code>res.location(&quot;back&quot;)</code> and
<code>res.redirect(&quot;back&quot;)</code> magic string</li>
<li>deps: serve-static@1.16.2
<ul>
<li>includes send@0.19.0</li>
</ul>
</li>
<li>deps: finalhandler@1.3.1</li>
<li>deps: qs@6.13.0</li>
</ul>
<h1>4.20.0 / 2024-09-10</h1>
<ul>
<li>deps: serve-static@0.16.0
<ul>
<li>Remove link renderization in html while redirecting</li>
</ul>
</li>
<li>deps: send@0.19.0
<ul>
<li>Remove link renderization in html while redirecting</li>
</ul>
</li>
<li>deps: body-parser@0.6.0
<ul>
<li>add <code>depth</code> option to customize the depth level in the
parser</li>
<li>IMPORTANT: The default <code>depth</code> level for parsing
URL-encoded data is now <code>32</code> (previously was
<code>Infinity</code>)</li>
</ul>
</li>
<li>Remove link renderization in html while using
<code>res.redirect</code></li>
<li>deps: path-to-regexp@0.1.10
<ul>
<li>Adds support for named matching groups in the routes using a
regex</li>
<li>Adds backtracking protection to parameters without regexes
defined</li>
</ul>
</li>
<li>deps: encodeurl@~2.0.0
<ul>
<li>Removes encoding of <code>\</code>, <code>|</code>, and
<code>^</code> to align better with URL spec</li>
</ul>
</li>
<li>Deprecate passing <code>options.maxAge</code> and
<code>options.expires</code> to <code>res.clearCookie</code>
<ul>
<li>Will be ignored in v5, clearCookie will set a cookie with an expires
in the past to instruct clients to delete the cookie</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/1faf228935aa0a13111f92c28ee795be64ce3f0f"><code>1faf228</code></a>
4.21.2</li>
<li><a
href="https://github.com/expressjs/express/commit/2e0fb646d03184dd9a5285813460210c0e7ae654"><code>2e0fb64</code></a>
deps: bump path-to-regexp@0.1.12 (<a
href="https://redirect.github.com/expressjs/express/issues/6209">#6209</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/59fc27028ec5d212be653d35d7e3f73a2c3ac3c0"><code>59fc270</code></a>
deps: path-to-regexp@0.1.11 (<a
href="https://redirect.github.com/expressjs/express/issues/5956">#5956</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/51fc39ccf834eec44547b0f4fed8027e7c05a009"><code>51fc39c</code></a>
docs: add funding (<a
href="https://redirect.github.com/expressjs/express/issues/6065">#6065</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): cookie@0.7.1</li>
<li><a
href="https://github.com/expressjs/express/commit/7e562c6d8daddff4604f8efaaf9db2cf98c6dcff"><code>7e562c6</code></a>
4.21.0</li>
<li><a
href="https://github.com/expressjs/express/commit/1bcde96bc87c4704df9a704271d1167064ab56bb"><code>1bcde96</code></a>
fix(deps): qs@6.13.0 (<a
href="https://redirect.github.com/expressjs/express/issues/5946">#5946</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/7d364775688be98aaa973302e066d0da9f438997"><code>7d36477</code></a>
fix(deps): serve-static@1.16.2 (<a
href="https://redirect.github.com/expressjs/express/issues/5951">#5951</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/40d2d8f2c882712a0f2e4603c38d166c79676b2b"><code>40d2d8f</code></a>
fix(deps): finalhandler@1.3.1</li>
<li>Additional commits viewable in <a
href="https://github.com/expressjs/express/compare/4.19.2...4.21.2">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~jonchurch">jonchurch</a>, a new releaser
for express since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=4.19.2&new-version=4.21.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github/codeql-action from 3.28.9 to 3.28.10 (pixie-io#2129)
1638122 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.9 to 3.28.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d"><code>b56ba49</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2778">#2778</a>
from github/update-v3.28.10-9856c48b1</li>
<li><a
href="https://github.com/github/codeql-action/commit/60c9c77c33f2cd66390a3778d54de88b735b2526"><code>60c9c77</code></a>
Update changelog for v3.28.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/9856c48b1a54789454314b4c32ef2354fe213208"><code>9856c48</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2773">#2773</a>
from github/redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/9572e09da430b4c71f7488e4195b4ca6ce1c6ef0"><code>9572e09</code></a>
Rust: fix log string</li>
<li><a
href="https://github.com/github/codeql-action/commit/1a529366ac3620317d953e2d4018eafa7459cb1c"><code>1a52936</code></a>
Rust: special case default setup</li>
<li><a
href="https://github.com/github/codeql-action/commit/cf7e90952bcceaebd4a548c2809ea6a5d461a1bc"><code>cf7e909</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2772">#2772</a>
from github/update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/b7006aab6d38638d18e38a27c18f67138529c2f8"><code>b7006aa</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.20.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/cfedae723eaced5e13052b529375e7b00d49a9cd"><code>cfedae7</code></a>
Rust: throw configuration errors if requested and not correctly
enabled</li>
<li><a
href="https://github.com/github/codeql-action/commit/3971ed2a74ede0669fa7f4f5af4292030280dbfd"><code>3971ed2</code></a>
Merge branch 'main' into redsun82/rust</li>
<li><a
href="https://github.com/github/codeql-action/commit/d38c6e60dfb0232f85e388dd416559ed07da5f3a"><code>d38c6e6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2775">#2775</a>
from github/angelapwen/bump-octokit</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0...b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.9&new-version=3.28.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump nanoid from 3.3.7 to 3.3.8 in /src/ui (pixie-io#2130)
5d37668 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ai/nanoid/blob/main/CHANGELOG.md">nanoid's
changelog</a>.</em></p>
<blockquote>
<h2>3.3.8</h2>
<ul>
<li>Fixed a way to break Nano ID by passing non-integer size (by <a
href="https://github.com/myndzi"><code>@​myndzi</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ai/nanoid/commit/3044cd5e73f4cf31795f61f6e6b961c8c0a5c744"><code>3044cd5</code></a>
Release 3.3.8 version</li>
<li><a
href="https://github.com/ai/nanoid/commit/4fe34959c34e5b3573889ed4f24fe91d1d3e7231"><code>4fe3495</code></a>
Update size limit</li>
<li><a
href="https://github.com/ai/nanoid/commit/d643045f40d6dc8afa000a644d857da1436ed08c"><code>d643045</code></a>
Fix pool pollution, infinite loop (<a
href="https://redirect.github.com/ai/nanoid/issues/510">#510</a>)</li>
<li>See full diff in <a
href="https://github.com/ai/nanoid/compare/3.3.7...3.3.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nanoid&package-manager=npm_and_yarn&previous-version=3.3.7&new-version=3.3.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (pixie-io#2133)
0015833 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action)
from 2.4.0 to 2.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.0">v5.1.0</a>
and <a
href="https://github.com/ossf/scorecard/releases/tag/v5.1.1">v5.1.1</a>
release notes.</li>
<li>Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
<ul>
<li>use Scorecard library entrypoint instead of Cobra hooking by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1423">ossf/scorecard-action#1423</a></li>
</ul>
</li>
<li>Some errors were made into annotations to make them more visible
<ul>
<li>Make default branch error more prominent by <a
href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a></li>
</ul>
</li>
<li>There is now an optional <code>file_mode</code> input which controls
how repository files are fetched from GitHub. The default is
<code>archive</code>, but <code>git</code> produces the most accurate
results for repositories with <code>.gitattributes</code> files at the
cost of analysis speed.
<ul>
<li>add input for specifying <code>--file-mode</code> by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1509">ossf/scorecard-action#1509</a></li>
</ul>
</li>
<li>The underlying container for the action is now <a
href="https://github.com/ossf/scorecard-action/pkgs/container/scorecard-action">hosted
on GitHub Container Registry</a>. There should be no functional changes.
<ul>
<li>:seedling: publish docker images to GitHub Container Registry by <a
href="https://github.com/spencerschrock"><code>@​spencerschrock</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1453">ossf/scorecard-action#1453</a></li>
</ul>
</li>
</ul>
<h3>Docs</h3>
<ul>
<li>Installation docs update by <a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/JeremiahAHoward"><code>@​JeremiahAHoward</code></a>
made their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1416">ossf/scorecard-action#1416</a></li>
<li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made
their first contribution in <a
href="https://redirect.github.com/ossf/scorecard-action/pull/1459">ossf/scorecard-action#1459</a>
<strong>Full Changelog</strong>: <a
href="https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1">https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ossf/scorecard-action/commit/f49aabe0b5af0936a0987cfb85d86b75731b0186"><code>f49aabe</code></a>
bump docker to ghcr v2.4.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1478">#1478</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/30a595ba8670f7bd5e2d33119dfeeb6ab2f64991"><code>30a595b</code></a>
:seedling: Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1515">#1515</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/69ae593b7addfd5241b46c43c7ed6abbd7203d55"><code>69ae593</code></a>
omit vcs info from build (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1514">#1514</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/6a62a1cbf28018bd61197d0c2852b94b046fe1a4"><code>6a62a1c</code></a>
add input for specifying <code>--file-mode</code> (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1509">#1509</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/2722664778d49161a69d42f8e82e15ed38fea8d1"><code>2722664</code></a>
:seedling: Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1510">#1510</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae0ef3171a81cb48c3fdaaf34cba323d0c51fefb"><code>ae0ef31</code></a>
:seedling: Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1512">#1512</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/3676bbc29082184ac34a84d1573c0419f81c4a68"><code>3676bbc</code></a>
:seedling: Bump golang from 1.23.6 to 1.24.0 in the docker-images group
(<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1513">#1513</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/ae7548a0ff1b94dda3a89eeda8f59c031874f035"><code>ae7548a</code></a>
Limit codeQL push trigger to main branch (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1507">#1507</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/9165624e75f0c73d13a9db2d4d920bcc5fc3a801"><code>9165624</code></a>
upgrade scorecard to v5.1.0 (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1508">#1508</a>)</li>
<li><a
href="https://github.com/ossf/scorecard-action/commit/620fd28d6b2ba01c1d70cf63dfb4bdf868e19d6f"><code>620fd28</code></a>
:seedling: Bump the github-actions group with 2 updates (<a
href="https://redirect.github.com/ossf/scorecard-action/issues/1505">#1505</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action&package-manager=github_actions&previous-version=2.4.0&new-version=2.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ddelnano
Fix error in px.split docs (pixie-io#2134)
f7504b5 
Summary: Fix error in `px.split` docs

Relevant Issues: N/A

Type of change: /kind cleanup

Test Plan: N/A

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
@ddelnano
Upgrade to Go 1.24 (pixie-io#2132)
274533b 
Summary: Upgrade to Go 1.24

Relevant Issues: N/A

Type of change: /kind cleanup

Test Plan: Existing tests

---------

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
@dependabot
Bump actions/download-artifact from 4.1.8 to 4.1.9 (pixie-io#2135)
be04f6b 
Bumps
[actions/download-artifact](https://github.com/actions/download-artifact)
from 4.1.8 to 4.1.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li>docs: small migration fix by <a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li>Update MIGRATION.md by <a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li>Update artifact package to 2.2.2 by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li>
<li><a
href="https://github.com/froblesmartin"><code>@​froblesmartin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li>
<li><a
href="https://github.com/andyfeller"><code>@​andyfeller</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li>
<li><a href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a>
from actions/yacaovsnc/release_4_1_9</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a>
Update artifact package to 2.2.2</li>
<li><a
href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a>
from andyfeller/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a>
Update MIGRATION.md</li>
<li><a
href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a>
from froblesmartin/patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a>
docs: small migration fix</li>
<li><a
href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li>See full diff in <a
href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/download-artifact&package-manager=github_actions&previous-version=4.1.8&new-version=4.1.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (pixie-io#2136)
4707e9d 
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.0 to 4.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.0&new-version=4.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @ddelnano
Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 (pixie-io#2131)
49563a3 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt)
from 4.5.0 to 4.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang-jwt/jwt/releases">github.com/golang-jwt/jwt/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.1</h2>
<h1>Security</h1>
<p>Unclear documentation of the error behavior in
<code>ParseWithClaims</code> in &lt;= 4.5.0 could lead to situation
where users are potentially not checking errors in the way they should
be. Especially, if a token is both expired and invalid, the errors
returned by <code>ParseWithClaims</code> return both error codes. If
users only check for the <code>jwt.ErrTokenExpired </code> using
<code>error.Is</code>, they will ignore the embedded
<code>jwt.ErrTokenSignatureInvalid</code> and thus potentially accept
invalid tokens.</p>
<p>This issue was documented in <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r">https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r</a>
and fixed in this release.</p>
<p>Note: <code>v5</code> was not affected by this issue. So upgrading to
this release version is also recommended.</p>
<h1>What's Changed</h1>
<ul>
<li>Back-ported error-handling logic in <code>ParseWithClaims</code>
from <code>v5</code> branch. This fixes <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r">https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1">https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c"><code>7b1c1c0</code></a>
Merge commit from fork</li>
<li>See full diff in <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/golang-jwt/jwt/v4&package-manager=go_modules&previous-version=4.5.0&new-version=4.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dom Del Nano <ddelnano@gmail.com>
@dependabot
Bump actions/cache from 4.2.1 to 4.2.2 (pixie-io#2139)
ec9da0b 
Bumps [actions/cache](https://github.com/actions/cache) from 4.2.1 to
4.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<blockquote>
<p>[!IMPORTANT]
As a reminder, there were important backend changes to release v4.2.0,
see <a href="https://github.com/actions/cache/releases/tag/v4.2.0">those
release notes</a> and <a
href="https://github.com/actions/cache/discussions/1510">the
announcement</a> for more details.</p>
</blockquote>
<ul>
<li>Bump <code>@​actions/cache</code> to v4.0.2 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1560">actions/cache#1560</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.1...v4.2.2">https://github.com/actions/cache/compare/v4.2.1...v4.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.2</li>
</ul>
<h3>4.2.1</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v4.0.1</li>
</ul>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/d4323d4df104b026a6aa633fdb11d772146be0bf"><code>d4323d4</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1560">#1560</a>
from actions/robherley/v4.2.2</li>
<li><a
href="https://github.com/actions/cache/commit/da26677639ccfb4615f1acc52d1fc3dc89152490"><code>da26677</code></a>
bump <code>@​actions/cache</code> to v4.0.2, prep for v4.2.2
release</li>
<li><a
href="https://github.com/actions/cache/commit/7921ae235bdcb376cc8f22558dc5f8ddc3c3c2f9"><code>7921ae2</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1557">#1557</a>
from actions/robherley/ia-workflow-released</li>
<li><a
href="https://github.com/actions/cache/commit/393773170624981bfaa3aac1cb736e3004eac1de"><code>3937731</code></a>
Update publish-immutable-actions.yml</li>
<li>See full diff in <a
href="https://github.com/actions/cache/compare/0c907a75c2c80ebcb7f088228285e798b750cf8f...d4323d4df104b026a6aa633fdb11d772146be0bf">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.2.1&new-version=4.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @ddelnano
Bump golang.org/x/net from 0.33.0 to 0.36.0 (pixie-io#2149)
663cc47 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to
0.36.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1"><code>85d1d54</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/cde1dda944dcf6350753df966bb5bda87a544842"><code>cde1dda</code></a>
proxy, http/httpproxy: do not mismatch IPv6 zone ids against hosts</li>
<li><a
href="https://github.com/golang/net/commit/fe7f0391aa994a401c82d829183c1efab7a64df4"><code>fe7f039</code></a>
publicsuffix: spruce up code gen and speed up PublicSuffix</li>
<li><a
href="https://github.com/golang/net/commit/459513d1f8abff01b4854c93ff0bff7e87985a0a"><code>459513d</code></a>
internal/http3: move more common stream processing to genericConn</li>
<li><a
href="https://github.com/golang/net/commit/aad0180cad195ab7bcd14347e7ab51bece53f61d"><code>aad0180</code></a>
http2: fix flakiness from t.Log when GOOS=js</li>
<li><a
href="https://github.com/golang/net/commit/b73e5746f64471c22097f07593643a743e7cfb0f"><code>b73e574</code></a>
http2: don't log expected errors from writing invalid trailers</li>
<li><a
href="https://github.com/golang/net/commit/5f45c776a9c4d415cbe67d6c22c06fd704f8c9f1"><code>5f45c77</code></a>
internal/http3: make read-data tests usable for server handlers</li>
<li><a
href="https://github.com/golang/net/commit/43c2540165a4d1bc9a81e06a86eb1e22ece64145"><code>43c2540</code></a>
http2, internal/httpcommon: reject userinfo in :authority</li>
<li><a
href="https://github.com/golang/net/commit/1d78a085008d9fedfe3f303591058325f99727d7"><code>1d78a08</code></a>
http2, internal/httpcommon: factor out server header logic for
h2/h3</li>
<li><a
href="https://github.com/golang/net/commit/0d7dc54a591c12b4bd03bcd745024178d03d9218"><code>0d7dc54</code></a>
quic: add Conn.ConnectionState</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/net/compare/v0.33.0...v0.36.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.33.0&new-version=0.36.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dom Del Nano <ddelnano@gmail.com>
@co63oc
Fix typos in multiple files (pixie-io#2148)
0442252 
Summary: Fix typos in multiple files

Relevant Issues: N/A

Type of change: /kind chore

Test Plan: N/A

Signed-off-by: co63oc <co63oc@users.noreply.github.com>
@co63oc
Fix create_sysroot_disk.sh (pixie-io#2151)
95b9b0f 
Summary: Modify the parameters to keep them consistent.

Relevant Issues: N/A

Type of change: /kind chore

Test Plan: N/A

Signed-off-by: co63oc <co63oc@users.noreply.github.com>
@dependabot
Bump github/codeql-action from 3.28.10 to 3.28.12 (pixie-io#2153)
300ca04 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.10 to 3.28.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.12</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.12/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.11</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.11/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/5f8171a638ada777af81d42b55959a643bb29017"><code>5f8171a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2814">#2814</a>
from github/update-v3.28.12-6349095d1</li>
<li><a
href="https://github.com/github/codeql-action/commit/bb59f7707d836b040802dbdf2ad1a16482d319da"><code>bb59f77</code></a>
Update changelog for v3.28.12</li>
<li><a
href="https://github.com/github/codeql-action/commit/6349095d19ec30397ffb02a63b7aa4f867deb563"><code>6349095</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2810">#2810</a>
from github/update-bundle/codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/d7d03fda1241f6b0b3fae460c9f19c6e887158ad"><code>d7d03fd</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e3a5342c5e8e627915b9a29b363f49da8c4a32e"><code>4e3a534</code></a>
Update default bundle to codeql-bundle-v2.20.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/55f023701cfc1e7d11ef2ae0c5ec3193dae4fce4"><code>55f0237</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2802">#2802</a>
from github/mbg/dependency-caching/java-buildless</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a151cd77488e58567da1dcf953e7aeeaca4950c"><code>6a151cd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2811">#2811</a>
from github/dependabot/github_actions/actions-c2c311...</li>
<li><a
href="https://github.com/github/codeql-action/commit/7866bcdb1b15b5d5cba0021b87f36d9f6d977156"><code>7866bcd</code></a>
Manually bump workflow to match autogenerated file</li>
<li><a
href="https://github.com/github/codeql-action/commit/611289e0b0ce1f6fc14820f1b72edaed2de4ba2c"><code>611289e</code></a>
build(deps): bump ruby/setup-ruby in the actions group</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c409a5b664afa7d5b12cd8487e310f286487472"><code>4c409a5</code></a>
Remove temporary dependency directory in <code>analyze</code> post
action</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d...5f8171a638ada777af81d42b55959a643bb29017">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.10&new-version=3.28.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @ddelnano
Bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (pixie-io#2154)
06f810e 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt)
from 4.5.1 to 4.5.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang-jwt/jwt/releases">github.com/golang-jwt/jwt/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.2</h2>
<p>See <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp">https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp</a></p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2">https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84"><code>2f0e9ad</code></a>
Backporting 0951d18 to v4</li>
<li>See full diff in <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.1...v4.5.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/golang-jwt/jwt/v4&package-manager=go_modules&previous-version=4.5.1&new-version=4.5.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/pixie-io/pixie/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dom Del Nano <ddelnano@gmail.com>
@dependabot
Bump dorny/test-reporter from 1.9.1 to 2.0.0 (pixie-io#2155)
9b7f6b3 
Bumps [dorny/test-reporter](https://github.com/dorny/test-reporter) from
1.9.1 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dorny/test-reporter/releases">dorny/test-reporter's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Merge v1.7.0 to v1 branche by <a
href="https://github.com/j-catania"><code>@​j-catania</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/298">dorny/test-reporter#298</a></li>
<li>Bump development to <code>v2.0.0-preview</code> by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/449">dorny/test-reporter#449</a></li>
<li>Update checkout and upload-artifact actions versions by <a
href="https://github.com/Akaame"><code>@​Akaame</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/419">dorny/test-reporter#419</a></li>
<li>README.md: Update GitHub Actions by <a
href="https://github.com/cclauss"><code>@​cclauss</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/404">dorny/test-reporter#404</a></li>
<li>Update project to Node 20 runtime by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/450">dorny/test-reporter#450</a></li>
<li>Add support for NUnit v3 XML results files by <a
href="https://github.com/kring"><code>@​kring</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/225">dorny/test-reporter#225</a></li>
<li>Fix JUnit message / type fields. by <a
href="https://github.com/AnthonyBarbier"><code>@​AnthonyBarbier</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/399">dorny/test-reporter#399</a></li>
<li>Update mocha-json usage instructions by <a
href="https://github.com/MonkeyDo"><code>@​MonkeyDo</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/145">dorny/test-reporter#145</a></li>
<li>Clarify .NET support is dotnet test command support by <a
href="https://github.com/anatawa12"><code>@​anatawa12</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/232">dorny/test-reporter#232</a></li>
<li>Target node20 by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/489">dorny/test-reporter#489</a></li>
<li>Support displaying test results in markdown using GitHub Actions Job
Summaries by <a
href="https://github.com/ritchxu"><code>@​ritchxu</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/463">dorny/test-reporter#463</a></li>
<li>Support displaying test results in markdown using GitHub Actions Job
Summaries by <a
href="https://github.com/ritchxu"><code>@​ritchxu</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/383">dorny/test-reporter#383</a></li>
<li>Fix parsing of ESLint reports in jest-junit format by <a
href="https://github.com/phjardas"><code>@​phjardas</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/134">dorny/test-reporter#134</a></li>
<li>Change docs for mocha-json by <a
href="https://github.com/chdanielmueller"><code>@​chdanielmueller</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/517">dorny/test-reporter#517</a></li>
<li>Remove unused development dependency
<code>@types/github-slugger</code> by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/524">dorny/test-reporter#524</a></li>
<li>Merge <code>v1</code> branch to <code>main</code> by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/525">dorny/test-reporter#525</a></li>
<li>Update bug_report.md by <a
href="https://github.com/j-catania"><code>@​j-catania</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/553">dorny/test-reporter#553</a></li>
<li>Update feature.md by <a
href="https://github.com/j-catania"><code>@​j-catania</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/554">dorny/test-reporter#554</a></li>
<li>feat: parse junit report with message by <a
href="https://github.com/cmonaghan1"><code>@​cmonaghan1</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/559">dorny/test-reporter#559</a></li>
<li>Update dependencies by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/560">dorny/test-reporter#560</a></li>
<li>test-reporter release v2.0.0 by <a
href="https://github.com/jozefizso"><code>@​jozefizso</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/561">dorny/test-reporter#561</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Akaame"><code>@​Akaame</code></a> made
their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/419">dorny/test-reporter#419</a></li>
<li><a href="https://github.com/cclauss"><code>@​cclauss</code></a> made
their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/404">dorny/test-reporter#404</a></li>
<li><a href="https://github.com/kring"><code>@​kring</code></a> made
their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/225">dorny/test-reporter#225</a></li>
<li><a
href="https://github.com/AnthonyBarbier"><code>@​AnthonyBarbier</code></a>
made their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/399">dorny/test-reporter#399</a></li>
<li><a href="https://github.com/MonkeyDo"><code>@​MonkeyDo</code></a>
made their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/145">dorny/test-reporter#145</a></li>
<li><a href="https://github.com/anatawa12"><code>@​anatawa12</code></a>
made their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/232">dorny/test-reporter#232</a></li>
<li><a href="https://github.com/ritchxu"><code>@​ritchxu</code></a> made
their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/463">dorny/test-reporter#463</a></li>
<li><a href="https://github.com/phjardas"><code>@​phjardas</code></a>
made their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/134">dorny/test-reporter#134</a></li>
<li><a
href="https://github.com/chdanielmueller"><code>@​chdanielmueller</code></a>
made their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/517">dorny/test-reporter#517</a></li>
<li><a
href="https://github.com/cmonaghan1"><code>@​cmonaghan1</code></a> made
their first contribution in <a
href="https://redirect.github.com/dorny/test-reporter/pull/559">dorny/test-reporter#559</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dorny/test-reporter/compare/v1.9.1...v2.0.0">https://github.com/dorny/test-reporter/compare/v1.9.1...v2.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dorny/test-reporter/blob/main/CHANGELOG.md">dorny/test-reporter's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>2.0.0</h2>
<ul>
<li>Parse JUnit report with detailed message in failure <a
href="https://redirect.github.com/dorny/test-reporter/pull/559">dorny/test-reporter#559</a></li>
<li>Support displaying test results in markdown using GitHub Actions Job
Summaries <a
href="https://redirect.github.com/dorny/test-reporter/pull/383">dorny/test-reporter#383</a></li>
</ul>
<h2>1.9.1</h2>
<ul>
<li>Fix problematic retransmission of authentication token <a
href="https://redirect.github.com/dorny/test-reporter/pull/438">dorny/test-reporter#438</a></li>
<li>Report correct number of tests in Dart <a
href="https://redirect.github.com/dorny/test-reporter/pull/426">dorny/test-reporter#426</a></li>
<li>Number of completed tests mismatches passed/failed <a
href="https://redirect.github.com/dorny/test-reporter/issues/319">dorny/test-reporter#319</a></li>
</ul>
<h2>1.9.0</h2>
<ul>
<li>Add support for Rspec (Ruby) <a
href="https://redirect.github.com/dorny/test-reporter/pull/398">dorny/test-reporter#398</a></li>
</ul>
<h2>1.8.0</h2>
<ul>
<li>Add <code>SwiftXunitParser</code> class based on
<code>JavaJunitParser</code> for <code>swift-xunit</code> reporter <a
href="https://redirect.github.com/dorny/test-reporter/pull/317">dorny/test-reporter#317</a></li>
<li>Use NodeJS 18 LTS as default runtime <a
href="https://redirect.github.com/dorny/test-reporter/pull/332">dorny/test-reporter#332</a></li>
<li>Escape <code>&lt;&gt;</code> characters in suite name <a
href="https://redirect.github.com/dorny/test-reporter/pull/236">dorny/test-reporter#236</a></li>
<li>Update actions runtime to Node20 <a
href="https://redirect.github.com/dorny/test-reporter/pull/315">dorny/test-reporter#315</a></li>
<li>Update check title and remove icon <a
href="https://redirect.github.com/dorny/test-reporter/pull/144">dorny/test-reporter#144</a></li>
</ul>
<h2>1.7.0</h2>
<ul>
<li>Fix <a
href="https://redirect.github.com/dorny/test-reporter/issues/199">#199</a>:
Use ✅ instead of ✔️ for better cross platform look by <a
href="https://github.com/petrdvorak"><code>@​petrdvorak</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/200">dorny/test-reporter#200</a></li>
<li>Verify content of dist/ folder matches build output by <a
href="https://github.com/dorny"><code>@​dorny</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/207">dorny/test-reporter#207</a></li>
<li>Gracefully handle empty nested testsuite elements for JUnit. by <a
href="https://github.com/rvdlaarschot"><code>@​rvdlaarschot</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/193">dorny/test-reporter#193</a></li>
<li>Gracefully handle empty failure tags by <a
href="https://github.com/haudren-woven"><code>@​haudren-woven</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/213">dorny/test-reporter#213</a></li>
<li>Fix <a
href="https://redirect.github.com/dorny/test-reporter/issues/208">#208</a>
- java-junit: show annotations on PR changed files by <a
href="https://github.com/atsu85"><code>@​atsu85</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/209">dorny/test-reporter#209</a></li>
<li>Only report failure if fail-on-error is set by <a
href="https://github.com/trond-snekvik"><code>@​trond-snekvik</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/214">dorny/test-reporter#214</a></li>
<li>Improve clarity on configuring for forkable repos by <a
href="https://github.com/abelbraaksma"><code>@​abelbraaksma</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/211">dorny/test-reporter#211</a></li>
<li>Suppress &quot;Processing test results from&quot; log by <a
href="https://github.com/vasanthdharmaraj"><code>@​vasanthdharmaraj</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/179">dorny/test-reporter#179</a></li>
<li>Skip listing of files if error parsing is disabled by <a
href="https://github.com/dorny"><code>@​dorny</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/216">dorny/test-reporter#216</a></li>
<li>Correct typo in docs by <a
href="https://github.com/tangowithfoxtrot"><code>@​tangowithfoxtrot</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/254">dorny/test-reporter#254</a></li>
<li>update dependencies by <a
href="https://github.com/j-catania"><code>@​j-catania</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/269">dorny/test-reporter#269</a></li>
<li>Add permissions to example yml files by <a
href="https://github.com/TurnrDev"><code>@​TurnrDev</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/263">dorny/test-reporter#263</a></li>
<li>add feature fail-on-empty by <a
href="https://github.com/gdams"><code>@​gdams</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/243">dorny/test-reporter#243</a></li>
<li>Add dependabot configuration by <a
href="https://github.com/yeikel"><code>@​yeikel</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/228">dorny/test-reporter#228</a></li>
<li>Bump ws from 7.3.1 to 7.5.9 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/265">dorny/test-reporter#265</a></li>
<li>Bump actions/checkout from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/279">dorny/test-reporter#279</a></li>
<li>Add new output for url url html by <a
href="https://github.com/luisito666"><code>@​luisito666</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/242">dorny/test-reporter#242</a></li>
<li>Update README.md by <a
href="https://github.com/IanMoroney"><code>@​IanMoroney</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/158">dorny/test-reporter#158</a></li>
<li>Update jest-Junit part of Readme by <a
href="https://github.com/ryancasburn-KAI"><code>@​ryancasburn-KAI</code></a>
in <a
href="https://redirect.github.com/dorny/test-reporter/pull/176">dorny/test-reporter#176</a></li>
<li>fix: default-valued fields are not mandatory by <a
href="https://github.com/TomerFi"><code>@​TomerFi</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/172">dorny/test-reporter#172</a></li>
<li>Bump ansi-regex from 4.1.0 to 4.1.1 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/278">dorny/test-reporter#278</a></li>
<li>Bump decode-uri-component from 0.2.0 to 0.2.2 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/276">dorny/test-reporter#276</a></li>
<li>Bump minimist from 1.2.5 to 1.2.8 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/275">dorny/test-reporter#275</a></li>
<li>Bump qs from 6.5.2 to 6.5.3 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/272">dorny/test-reporter#272</a></li>
<li>Bump json5 from 2.1.3 to 2.2.3 in /reports/jest by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/271">dorny/test-reporter#271</a></li>
<li>Bump ansi-regex from 3.0.0 to 3.0.1 in /reports/mocha by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/270">dorny/test-reporter#270</a></li>
<li>declare 'url' and 'url_html' as action outputs by <a
href="https://github.com/micha-one"><code>@​micha-one</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/287">dorny/test-reporter#287</a></li>
<li>Avoid split on undefined by <a
href="https://github.com/cazou"><code>@​cazou</code></a> in <a
href="https://redirect.github.com/dorny/test-reporter/pull/258">dorny/test-reporter#258</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dorny/test-reporter/commit/6e6a65b7a0bd2c9197df7d0ae36ac5cee784230c"><code>6e6a65b</code></a>
test-reporter release v2.0.0</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/3bd727259afe0d75d3d227567c5f00fda9c0efab"><code>3bd7272</code></a>
test-reporter release v2.0.0</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/5c0d9a463aff27dcfe458ed040ebc2441c9b6624"><code>5c0d9a4</code></a>
Merge pull request <a
href="https://redirect.github.com/dorny/test-reporter/issues/560">#560</a>
from jozefizso/update_packages</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/613e721b02367319f23491b4e09edc78202a19a9"><code>613e721</code></a>
Update development dependencies</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/f4ba16072c5a7dc43e75066fbdb184bec8759100"><code>f4ba160</code></a>
Update production dependencies</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/27dd4e035f1ac19950cdb31767bd94466b9ec8be"><code>27dd4e0</code></a>
Merge pull request <a
href="https://redirect.github.com/dorny/test-reporter/issues/559">#559</a>
from cmonaghan1/feat/support-junit-report-with-message</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/10d304d4fbfa8829fbe4e645416dbeeaf8bea32a"><code>10d304d</code></a>
build: recompile production code</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/70db77d88c30cc30674e126944fd6716ba0137d8"><code>70db77d</code></a>
feat: parse junit report with message</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/41662db5cae40449eff81c63a9a8d0a8c34694bf"><code>41662db</code></a>
Merge pull request <a
href="https://redirect.github.com/dorny/test-reporter/issues/554">#554</a>
from dorny/j-catania-patch-1</li>
<li><a
href="https://github.com/dorny/test-reporter/commit/472c8c84b3bbb5d4140684812eb8d0062d1812d9"><code>472c8c8</code></a>
Update feature.md</li>
<li>Additional commits viewable in <a
href="https://github.com/dorny/test-reporter/compare/31a54ee7ebcacc03a09ea97a7e5465a47b84aea5...6e6a65b7a0bd2c9197df7d0ae36ac5cee784230c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dorny/test-reporter&package-manager=github_actions&previous-version=1.9.1&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump docker/login-action from 3.3.0 to 3.4.0 (pixie-io#2157)
9309846 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/856">#856</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/844">#844</a>
from graysonpike/master</li>
<li><a
href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/823">#823</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/812">#812</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a>
build(deps): bump https-proxy-agent</li>
<li><a
href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a>
ci: update deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/858">#858</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github/codeql-action from 3.28.12 to 3.28.13 (pixie-io#2162)
78855da 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.12 to 3.28.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.13</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.13 - 24 Mar 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.12 - 19 Mar 2025</h2>
<ul>
<li>Dependency caching should now cache more dependencies for Java
<code>build-mode: none</code> extractions. This should speed up
workflows and avoid inconsistent alerts in some cases.</li>
<li>Update default CodeQL bundle version to 2.20.7. <a
href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li>
</ul>
<h2>3.28.11 - 07 Mar 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li>
</ul>
<h2>3.28.10 - 21 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li>
<li>Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS. <a
href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li>
</ul>
<h2>3.28.9 - 07 Feb 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li>
</ul>
<h2>3.28.8 - 29 Jan 2025</h2>
<ul>
<li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI
v2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li>
</ul>
<h2>3.28.7 - 29 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/1b549b9259bda1cb5ddde3b41741a82a2d15a841"><code>1b549b9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2819">#2819</a>
from github/update-v3.28.13-e0ea14102</li>
<li><a
href="https://github.com/github/codeql-action/commit/82630c85f38b5b7c2c9cc279f06af77a080fba19"><code>82630c8</code></a>
Update changelog for v3.28.13</li>
<li><a
href="https://github.com/github/codeql-action/commit/e0ea141027937784e3c10ed1679e503fcc2245bc"><code>e0ea141</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2818">#2818</a>
from github/cklin/empty-pr-diff-range</li>
<li><a
href="https://github.com/github/codeql-action/commit/b361a915088c90790a0c458a63a4b63108a9ab0a"><code>b361a91</code></a>
Diff-informed analysis: fix empty PR handling</li>
<li><a
href="https://github.com/github/codeql-action/commit/bd1d9ab4eda903e1b5caa241368836575c6c476b"><code>bd1d9ab</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2816">#2816</a>
from github/cklin/overlay-file-list</li>
<li><a
href="https://github.com/github/codeql-action/commit/b98ae6ca52694a727f4a03c9bf7a52df66492f23"><code>b98ae6c</code></a>
Add overlay-database-utils tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/9825184a0aec625d59c8e5bcc122734a77e38e7b"><code>9825184</code></a>
Add getFileOidsUnderPath() tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/ac67cffe5c20e84b598930c8453336a7404b2786"><code>ac67cff</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2817">#2817</a>
from github/cklin/default-setup-diff-informed</li>
<li><a
href="https://github.com/github/codeql-action/commit/9c674ba4f548f8b6a6f1a7990756e80453894f56"><code>9c674ba</code></a>
build: refresh js files</li>
<li><a
href="https://github.com/github/codeql-action/commit/d109dd5d333ab79c34032e0443e15643c347e966"><code>d109dd5</code></a>
Detect PR branches for Default Setup</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...1b549b9259bda1cb5ddde3b41741a82a2d15a841">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.12&new-version=3.28.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ddelnano
Add collect_heap_pprofs.sh script for easier collection of heap pro…
93cf09f 
…files (pixie-io#2160)
@dependabot
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (pixie-io#2165)
d08b5aa 
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.1 to 4.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.3.2 package &amp; prepare for new
upload-artifact release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a>
from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a>
Prepare for new release of actions/upload-artifact with new toolkit
cache ver...</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.1&new-version=4.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ddelnano
Upgrade golangci-lint to v2 (pixie-io#2169)
abe7238 
Summary: Upgrade golangci-lint to v2

This upgrades golangci-lint to v2 and remediates the golangci-lint
crashes seen in other PRs (pixie-io#2167). The vast majority of the new
violations have been resolved with the exception of some more stylistic
staticcheck cases.

Rather than ignoring these cases, they should be easy to handle if/when
the offending code is modified. The specific violations can be seen in
the Test plan below.

The pr-genfile-checker issues related to go generate will be fixed in
pixie-io#2167. I opted to split these changes into two PRs despite them both
needing to be available for a successful build.

Relevant Issues: N/A

Type of change: /kind dependency

Test Plan: Existing build and the following checks
- [x] `CGO_ENABLED=0 golangci-lint run` succeeds for the majority of
checks

<details><summary>command output</summary>

```
root@px-dev-docker-dev-vm:/px/src/px.dev/pixie# CGO_ENABLED=0 golangci-lint run
src/cloud/api/controllers/session_middleware.go:173:2: QF1007: could merge conditional assignment into variable declaration (staticcheck)
        forceBearer := false
        ^
src/cloud/artifact_tracker/controllers/server.go:176:5: QF1001: could apply De Morgan's law (staticcheck)
        if !(at == vpb.AT_DARWIN_AMD64 || at == vpb.AT_LINUX_AMD64 || at == vpb.AT_CONTAINER_SET_YAMLS || at == vpb.AT_CONTAINER_SET_TEMPLATE_YAMLS) {
           ^
src/cloud/autocomplete/suggester.go:176:5: QF1003: could use tagged switch on a.Type (staticcheck)
                                if a.Type == vispb.PX_POD {
                                ^
src/cloud/autocomplete/suggester.go:276:23: QF1001: could apply De Morgan's law (staticcheck)
                        if res.NS != "" && !(md.EsMDType(res.Kind) == md.EsMDTypeNamespace || md.EsMDType(res.Kind) == md.EsMDTypeNode) {
                                           ^
src/cloud/plugin/controllers/server.go:563:5: S1009: should omit nil check; len() for nil maps is defined as zero (staticcheck)
        if req.Configurations != nil && len(req.Configurations) > 0 {
           ^
src/cloud/profile/controllers/server.go:170:2: QF1003: could use tagged switch on err (staticcheck)
        if err == datastore.ErrOrgNotFound {
        ^
src/cloud/project_manager/datastore/datastore_test.go:27:2: ST1019: package "github.com/golang-migrate/migrate/source/go_bindata" is being imported more than once (staticcheck)
        _ "github.com/golang-migrate/migrate/source/go_bindata"
        ^
src/cloud/project_manager/datastore/datastore_test.go:28:2: ST1019(related information): other import of "github.com/golang-migrate/migrate/source/go_bindata" (staticcheck)
        bindata "github.com/golang-migrate/migrate/source/go_bindata"
        ^
src/cloud/shared/idprovider/client.go:535:6: QF1001: could apply De Morgan's law (staticcheck)
                if !(k == "Set-Cookie" || k == "Location") {
                   ^
src/cloud/shared/idprovider/client_test.go:96:44: ST1013: should use constant http.StatusFound instead of numeric literal 302 (staticcheck)
                http.Redirect(w, r, consentURL.String(), 302)
                                                         ^
src/common/testing/test_utils/cert_generator/cert_generator.go:120:2: QF1003: could use tagged switch on keyType (staticcheck)
        if keyType == "pkcs1" {
        ^
src/e2e_test/perf_tool/pkg/metrics/data_loss_handler.go:87:6: QF1009: probably want to use time.Time.Equal instead (staticcheck)
        if (ts == time.Time{}) {
            ^
src/e2e_test/perf_tool/pkg/metrics/prometheus_recorder.go:129:7: QF1001: could apply De Morgan's law (staticcheck)
                        if !(mf.GetType() == io_prometheus_client.MetricType_COUNTER || mf.GetType() == io_prometheus_client.MetricType_GAUGE) {
                           ^
src/e2e_test/perf_tool/pkg/suites/experiments.go:27:2: ST1019: package "px.dev/pixie/src/e2e_test/perf_tool/experimentpb" is being imported more than once (staticcheck)
        "px.dev/pixie/src/e2e_test/perf_tool/experimentpb"
        ^
src/e2e_test/perf_tool/pkg/suites/experiments.go:28:2: ST1019(related information): other import of "px.dev/pixie/src/e2e_test/perf_tool/experimentpb" (staticcheck)
        pb "px.dev/pixie/src/e2e_test/perf_tool/experimentpb"
        ^
src/e2e_test/vizier/exectime/cmd/benchmark.go:136:29: ST1016: methods on the same type should have the same receiver name (seen 1x "t", 4x "d") (staticcheck)
func (d *ErrorDistribution) Append(v interface{}) {
                            ^
src/e2e_test/vizier/exectime/cmd/benchmark.go:175:29: ST1016: methods on the same type should have the same receiver name (seen 1x "t", 5x "d") (staticcheck)
func (d *BytesDistribution) Append(v interface{}) {
                            ^
src/operator/controllers/monitor.go:49:2: ST1019: package "px.dev/pixie/src/operator/apis/px.dev/v1alpha1" is being imported more than once (staticcheck)
        "px.dev/pixie/src/operator/apis/px.dev/v1alpha1"
        ^
src/operator/controllers/monitor.go:50:2: ST1019(related information): other import of "px.dev/pixie/src/operator/apis/px.dev/v1alpha1" (staticcheck)
        pixiev1alpha1 "px.dev/pixie/src/operator/apis/px.dev/v1alpha1"
        ^
src/operator/controllers/monitor.go:194:24: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        m.podStates.write(pod.ObjectMeta.Labels["name"], pod.ObjectMeta.Name, &podWrapper{pod: pod})
                              ^
src/operator/controllers/monitor.go:204:26: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                m.podStates.delete(pod.ObjectMeta.Labels["name"], pod.ObjectMeta.Name)
                                       ^
src/operator/controllers/monitor.go:207:24: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        m.podStates.write(pod.ObjectMeta.Labels["name"], pod.ObjectMeta.Name, &podWrapper{pod: pod})
                              ^
src/operator/controllers/monitor.go:215:25: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        m.podStates.delete(pod.ObjectMeta.Labels["name"], pod.ObjectMeta.Name)
                               ^
src/operator/controllers/monitor.go:418:7: QF1001: could apply De Morgan's law (staticcheck)
                        if !(ownerRef.Kind == "StatefulSet") {
                           ^
src/operator/controllers/monitor.go:455:13: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                        if p.pod.ObjectMeta.Labels["plane"] != "control" {
                                 ^
src/operator/controllers/monitor.go:675:2: QF1003: could use tagged switch on state.Reason (staticcheck)
        if state.Reason == status.NATSPodFailed {
        ^
src/pixie_cli/pkg/components/table_renderer.go:167:3: QF1012: Use fmt.Fprintf(...) instead of WriteString(fmt.Sprintf(...)) (staticcheck)
                buf.WriteString(fmt.Sprintf("%q:", fmt.Sprintf("%v", mi.Key)))
                ^
src/pixie_cli/pkg/components/table_renderer.go:331:14: QF1004: could use strings.ReplaceAll instead (staticcheck)
                        dataStr = strings.Replace(dataStr, "\"", "\"\"", -1)
                                  ^
src/shared/artifacts/manifest/manifest.go:51:28: ST1016: methods on the same type should have the same receiver name (seen 2x "m", 5x "a") (staticcheck)
func (a *ArtifactManifest) ArtifactSets() []*versionspb.ArtifactSet {
                           ^
src/shared/k8s/proto_utils_test.go:1017:35: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        assert.Equal(t, "object_md", obj.ObjectMeta.Name)
                                         ^
src/shared/k8s/proto_utils_test.go:1319:33: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        assert.Equal(t, "object_md", e.ObjectMeta.Name)
                                       ^
src/shared/k8s/proto_utils_test.go:1478:35: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
        assert.Equal(t, "object_md", obj.ObjectMeta.Name)
                                         ^
src/shared/services/election/election.go:58:56: ST1011: var expectedMaxSkewMS is of type time.Duration; don't use unit-specific suffix "MS" (staticcheck)
func NewK8sLeaderElectionMgr(electionNamespace string, expectedMaxSkewMS, renewDeadlineMS time.Duration, electionName string) (*K8sLeaderElectionMgr, error) {
                                                       ^
src/stirling/testing/demo_apps/go_http/go_http_client/main.go:73:3: QF1003: could use tagged switch on *reqType (staticcheck)
                if *reqType == "get" || *reqType == "mix" {
                ^
src/utils/artifacts/versions_gen/main.go:50:2: QF1002: could use tagged switch on artifactName (staticcheck)
        switch {
        ^
src/utils/dev_dns_updater/dev_dns_updater.go:128:18: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                svcName := svc.ObjectMeta.Name
                               ^
src/utils/dev_dns_updater/dev_dns_updater.go:142:19: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                                        SvcName: svc.ObjectMeta.Name,
                                                     ^
src/utils/dev_dns_updater/dev_dns_updater.go:153:20: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                                                SvcName: svc.ObjectMeta.Name,
                                                             ^
src/utils/shared/k8s/delete.go:380:45: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                err = svcs.Delete(context.Background(), s.ObjectMeta.Name, metav1.DeleteOptions{})
                                                          ^
src/utils/shared/k8s/delete.go:398:45: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                err = pods.Delete(context.Background(), s.ObjectMeta.Name, metav1.DeleteOptions{})
                                                          ^
src/vizier/services/cloud_connector/bridge/vzinfo.go:419:30: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                return unhealthyPEMPods[i].ObjectMeta.Name < unhealthyPEMPods[j].ObjectMeta.Name
                                           ^
src/vizier/services/cloud_connector/bridge/vzinfo.go:594:14: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                                if len(j.ObjectMeta.OwnerReferences) > 0 && j.ObjectMeta.OwnerReferences[0].Name == cronJob && j.Status.Succeeded == 1 {
                                         ^
src/vizier/services/cloud_connector/bridge/vzinfo.go:595:76: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                                        err = v.clientset.BatchV1().Jobs(v.ns).Delete(context.Background(), j.ObjectMeta.Name, metav1.DeleteOptions{
                                                                                                              ^
src/vizier/services/cloud_connector/vzmetrics/scrape.go:115:8: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                if p.ObjectMeta.Annotations[scrapeAnnotationName] != "true" {
                     ^
src/vizier/services/cloud_connector/vzmetrics/scrape.go:118:16: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                podName := p.ObjectMeta.Name
                             ^
src/vizier/services/cloud_connector/vzmetrics/scrape.go:119:17: QF1008: could remove embedded field "ObjectMeta" from selector (staticcheck)
                port, ok := p.ObjectMeta.Annotations[portAnnotationName]
                              ^
src/vizier/services/metadata/controllers/k8smeta/k8s_metadata_handler_test.go:504:3: QF1003: could use tagged switch on prevUpdateVersion (staticcheck)
                if prevUpdateVersion == 3 {
                ^
src/vizier/services/metadata/controllers/k8smeta/k8s_metadata_handler_test.go:523:3: QF1003: could use tagged switch on prevUpdateVersion (staticcheck)
                if prevUpdateVersion == 3 {
                ^
src/vizier/services/metadata/controllers/k8smeta/k8s_metadata_store.go:141:3: QF1006: could lift into loop condition (staticcheck)
                if tIdx == len(tKeys) && uIdx == len(uKeys) {
                ^
src/vizier/services/metadata/controllers/server.go:260:8: QF1001: could apply De Morgan's law (staticcheck)
                        for !(finishedUpdates && finishedSchema) {
                            ^
50 issues:
* staticcheck: 50

```

</details>

---------

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
@ddelnano
Upgrade controller-gen to address panics from go generate directive (p…
e408814 
…ixie-io#2167)

Summary: Upgrade controller-gen to address panics from go generate
directive

Our go upgrade to 1.24 caused our controller-gen's `go generate`
directive to start failing. This is because the `trivialVersions`
setting of controller-gen was removed. From searching the controller-gen
issues, I believe Go 1.22 and later hits this problem for controller-gen
versions < v0.14
(kubernetes-sigs/controller-tools#888 (comment))

The `pr-genfiles` GitHub action that runs our go generates does not
trigger on `go.mod` or `go.sum` changes, so this was missed when Go was
upgraded.

I'm not too familiar with controller-gen and the generated file changes
are minor, but please let me know if this requires more extensive
testing. If there were larger CRD changes, I would expect that it would
require testing on different k8s versions with an operator release
build. I don't think this change warrants it, but please advise if you
feel differently.

Relevant Issues: N/A

Type of change: /kind bugfix

Test Plan: Inspected generated file changes
- [x] `px.dev_viziers.yaml`: Description changes are all whitespace
changes and appear equivalent
- [x] `px.dev_viziers.yaml`: CRD top level `status` field was removed. I
don't believe our operator code uses this nor did I see any reference
from k8s release notes on this deprecation
- [x] Removal of `// +build !ignore_autogenerated` -- this is an older
syntax from controller-gen's pre Go 1.17 usage

---------

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
@dependabot
Bump actions/setup-go from 5.3.0 to 5.4.0 (pixie-io#2166)
515b57e 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.3.0
to 5.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v5.4.0</h2>
<h2>What's Changed</h2>
<h3>Dependency updates :</h3>
<ul>
<li>Upgrade semver from 7.6.0 to 7.6.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/535">actions/setup-go#535</a></li>
<li>Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/536">actions/setup-go#536</a></li>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/568">actions/setup-go#568</a></li>
<li>Upgrade undici from 5.28.4 to 5.28.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/541">actions/setup-go#541</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/568">actions/setup-go#568</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v5...v5.4.0">https://github.com/actions/setup-go/compare/v5...v5.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-go/commit/0aaccfd150d50ccaeb58ebd88d36e91967a5f35b"><code>0aaccfd</code></a>
Bump undici from 5.28.4 to 5.28.5 (<a
href="https://redirect.github.com/actions/setup-go/issues/541">#541</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/c4c114188661c0fa735e5b938764519fc6e8efa9"><code>c4c1141</code></a>
upgrade actions/cache to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-go/issues/568">#568</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/5a083d0e9a84784eb32078397cf5459adecb4c40"><code>5a083d0</code></a>
Bump eslint-config-prettier from 8.10.0 to 10.0.1 (<a
href="https://redirect.github.com/actions/setup-go/issues/536">#536</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/1d82324e5352acd1afdae34b93def4fabce6599f"><code>1d82324</code></a>
Bump semver from 7.6.0 to 7.6.3 (<a
href="https://redirect.github.com/actions/setup-go/issues/535">#535</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-go/compare/f111f3307d8850f501ac008e886eec1fd1932a34...0aaccfd150d50ccaeb58ebd88d36e91967a5f35b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=5.3.0&new-version=5.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@koksay
Update github runners to oci gh arc runners (pixie-io#2179)
5f9b1eb 
Summary: CNCF has hosted ephemeral GitHub runners on Oracle that we want
projects to use instead of the GitHub-hosted ones, which now incur a
cost to use.

Please direct any questions to me, @jeefy, @krook, and @RobertKielty.

Type of change: /kind chore

Test Plan: Updated gh actions should not fail due to the runners.

Signed-off-by: Koray Oksay <koray.oksay@gmail.com>
@vihangm
Fixup codeql runs (pixie-io#2180)
2711c9f 
Summary: There were two issues on main related to codeql. This attempts
to address both of them.
1) since go 1.21, the go.mod file is expected to have a version of the
form v1.X.Y instead of v1.X codeql warns about this, so this fixes the
same.
2) given the recent change in GH action runners, the runners don't seem
to have nodejs installed by default, this ensures that nodejs is indeed
installed.

Relevant Issues: N/A

Type of change: /kind bug

Test Plan: Tested e2e.

Signed-off-by: Vihang Mehta <vihang@px.dev>
@ddelnano
Upgrade pxapi pypi python dependencies. Replace rules_go's gogo wit…
117d727 
…h `third_party` dir version (pixie-io#2181)

Summary: Upgrade pxapi pypi python dependencies. Replace rules_go gogo
with `third_party` dir version

This change is best viewed commit by commit as described below.

Commit 1: Replace `rules_go`'s version of gogo with third_party
directory copy
Commit 2: Update proto and BUILD files to use new bazel repo name
Commit 3: Regnerate go and ts/js protos. TS/JS ones are expected to not
change
Commit 4: Replace python pxapi's python-gogo with the bazel version.

The existing gogo bazel repository needed to be changed because Python
does not support periods in module names. `rules_go` and our internal
gogo repository (`gogo_grpc_proto`) used a directory structure and a
protobuf compiler patch that resulting in non functional python code (a
module named `github.com` is created). This change renames the internal
gogo repository to prevent its filepath from containing periods.

The pr-third-party-deps action is complaining about protobuf. I believe
this is a false positive as it uses the BSD-3-Clause license.

Relevant Issues: pixie-io#2140

Type of change: /kind cleanup

Test Plan: Existing unit tests and the following:
- [x] Ran `src/api/python/examples` with python 3.9 and 3.13
<details><summary>Python 3.9 and 3.13 test</summary>

```
# Build the wheel
$ bazel build src/api/python:pxapi
[ ... ]
Target //src/api/python:pxapi up-to-date:
  bazel-bin/src/api/python/pxapi-0.8.1-py3-none-any.whl

# Run the example with python 3.13
$ docker run --entrypoint bash -it -v $(pwd):/src -w /src python:3.13
$ pip install bazel-bin/src/api/python/pxapi-0.8.1-py3-none-any.whl
root@d5a1f69d4e87:/src# PX_API_KEY=<api key> python src/api/python/examples/list_clusters.py
eb94bd7e-0a8a-45c0-b22e-81d62bd99755

# Run the example with python 3.9
$ docker run --entrypoint bash -it -v $(pwd):/src -w /src python:3.9
$ pip install bazel-bin/src/api/python/pxapi-0.8.1-py3-none-any.whl
root@08ed22fe680e:/src# PX_API_KEY=<api key> python src/api/python/examples/list_clusters.py
eb94bd7e-0a8a-45c0-b22e-81d62bd99755
```

</details>

Changelog Message: Upgrade the pxapi python module's third party
dependencies and support Python 3.11 through 3.13

---------

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
@vihangm
Fix coverage collection with Bazel BWOB (pixie-io#2182)
9ec7a67 
Summary: Coverage runs were using remote_download_output=all because
thing didn't work with Bazel Build Without the Bytes. It seems that
after bazelbuild/bazel#4685 this should work,
so this change attempts to shift coverage runs to use BWOB to avoid
downloading all outputs.

This also fixes some warnings and errors we ran into with the ubuntu
24.04 upgrade which causes lcov 2 to be installed.

Relevant Issues: N/A

Type of change: /kind bug

Test Plan: Will check github actions on this PR.

Signed-off-by: Vihang Mehta <vihang@px.dev>
@ddelnano
Bump version of pxapi pypi package and update Author email (pixie-io#…
9f66da5 
…2142)

Summary: TSIA

Relevant Issues: Closes pixie-io#2140

Type of change: /kind cleanup

Test Plan: N/A

---------

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>
entlein and others added 27 commits May 8, 2025 10:19
@entlein
chore: revert skaffold_visizer but add comments
e078ae7 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
chore: amend text to resolve PR comments: highlight that minikube is …
94dd78b 
…optional

Signed-off-by: entlein <einentlein@gmail.com>
@entlein @ddelnano
Update tools/chef/cookbooks/px_dev/recipes/linux.rb
29b5314 
Co-authored-by: Dom Delnano <ddelnano@gmail.com>
Signed-off-by: Duck <70207455+entlein@users.noreply.github.com>
@entlein @ddelnano
Update DEVELOPMENT.md
e3588fa 
Co-authored-by: Dom Delnano <ddelnano@gmail.com>
Signed-off-by: Duck <70207455+entlein@users.noreply.github.com>
@entlein @ddelnano
Update DEVELOPMENT.md
c616e66 
Co-authored-by: Dom Delnano <ddelnano@gmail.com>
Signed-off-by: Duck <70207455+entlein@users.noreply.github.com>
@entlein
chore: apply Dom s suggested edit
c846a4d 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
chore: adding the compilation mode explanation to the docs
11e0519 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
Remove trailing whitespace linux.rb
c124e0d 
linter

Signed-off-by: Duck <70207455+entlein@users.noreply.github.com>
@entlein
Remove trailing whitespace from skaffold_vizier.yaml
a4674d7 
linter

Signed-off-by: Duck <70207455+entlein@users.noreply.github.com>
@entlein
linting: removing lots of whitespaces at the EOL
5b407ff 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
linting: file must end on a newline
fd7d4ea 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
9ab6ecf 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
04b3e5f 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
726abbc 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
40e7191 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
90f1202 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
b750d89 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
75e1cf2 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: testing dockerhub
a52ae38 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier persistent now working with our image
b4d31f9 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier persistent now working with our image
3dfa7a6 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier etcd now working with our image
cef03b8 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier etcd now working with our image
0e4d43c 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier persistent ap now working with our image
8a3d8e2 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: vizier persistent ap now working with our image
a54fd5e 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
feature: adding helm installer
698cb0d 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
merge
0d1ff45 
Signed-off-by: entlein <einentlein@gmail.com>
@entlein
Copy link
Author

entlein commented May 12, 2025

@mebegu I would please need a script that loads the tetragon file to the correct location on minikube and then executes some steps that test/verify that the functinality is working after the install. THANKS

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mebegu mebegu

@entlein entlein

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@entlein @mebegu @ddelnano @co63oc @koksay @vihangm