Skip to content

build(deps): bump the go_modules group across 3 directories with 4 updates #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 5 commits into
base: master
Choose a base branch
from
Open

build(deps): bump the go_modules group across 3 directories with 4 updates #42

dependabot wants to merge 5 commits into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jul 15, 2025
edited by bito-code-review bot
Loading

Bumps the go_modules group with 2 updates in the / directory: golang.org/x/crypto and google.golang.org/grpc.
Bumps the go_modules group with 1 update in the /api/v2 directory: google.golang.org/grpc.
Bumps the go_modules group with 2 updates in the /examples directory: golang.org/x/crypto and google.golang.org/grpc.

Updates golang.org/x/crypto from 0.0.0-20220622213112-05595931fe9d to 0.35.0

Commits

Updates golang.org/x/net from 0.7.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.49.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates google.golang.org/grpc from 1.49.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates golang.org/x/net from 0.7.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.49.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.0.0-20220622213112-05595931fe9d to 0.35.0

Commits

Updates golang.org/x/net from 0.7.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates google.golang.org/grpc from 1.47.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates google.golang.org/grpc from 1.47.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates golang.org/x/net from 0.7.0 to 0.9.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.47.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

  • client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

  • client: support channel idleness using WithIdleTimeout dial option (#6263)
    • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
  • client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
  • xds: Add support for Custom LB Policies (gRFC A52) (#6224)
  • xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
  • client: add support for pickfirst address shuffling (gRFC A62) (#6311)
  • xds: Add support for String Matcher Header Matcher in RDS (#6313)
  • xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • xds: enable RLS in xDS by default (#6343)
  • orca: add support for application_utilization field and missing range checks on several metrics setters
  • balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
  • authz: add conversion of json to RBAC Audit Logging config (#6192)
  • authz: add support for stdout logger (#6230 and #6298)
  • authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

  • orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
  • xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
  • xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

  • orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

  • xds: enable federation support by default (#6151)
  • status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits
  • 1055b48 Update version.go to 1.56.3 (#6713)
  • 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
  • bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
  • faab873 Update version.go to v1.56.2 (#6432)
  • 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
  • ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
  • cd6a794 Update version.go to v1.56.2-dev (#6387)
  • 5b67e5e Update version.go to v1.56.1 (#6386)
  • d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
  • 997c1ea Change version to 1.56.1-dev (#6345)
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.7.0 to 0.9.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates golang.org/x/crypto from 0.0.0-20220112180741-5e0467b6c7ce to 0.35.0

Commits

Updates golang.org/x/net from 0.7.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.43.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

  • server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

    In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

  • status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (

    Summary by Bito

    This PR updates Go module dependencies across multiple directories, including critical modules like grpc, protobuf, net, and crypto, while enhancing CI configuration. It standardizes version formatting in api/v2, examples, and the root project, ensuring consistency in dependency management and improving compatibility with newer Go releases. The workflow now uses newer versions of actions, docker images, and an updated Go version, incorporating security fixes and performance improvements.

@dependabot
build(deps): bump the go_modules group across 3 directories with 4 up…
02abb05 
…dates

Bumps the go_modules group with 2 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto) and [google.golang.org/grpc](https://github.com/grpc/grpc-go).
Bumps the go_modules group with 1 update in the /api/v2 directory: [google.golang.org/grpc](https://github.com/grpc/grpc-go).
Bumps the go_modules group with 2 updates in the /examples directory: [golang.org/x/crypto](https://github.com/golang/crypto) and [google.golang.org/grpc](https://github.com/grpc/grpc-go).


Updates `golang.org/x/crypto` from 0.0.0-20220622213112-05595931fe9d to 0.35.0
- [Commits](https://github.com/golang/crypto/commits/v0.35.0)

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.49.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `google.golang.org/grpc` from 1.49.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.49.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `golang.org/x/crypto` from 0.0.0-20220622213112-05595931fe9d to 0.35.0
- [Commits](https://github.com/golang/crypto/commits/v0.35.0)

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `google.golang.org/grpc` from 1.47.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `google.golang.org/grpc` from 1.47.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `golang.org/x/net` from 0.7.0 to 0.9.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.47.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `golang.org/x/net` from 0.7.0 to 0.9.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/protobuf` from 1.28.1 to 1.30.0

Updates `golang.org/x/crypto` from 0.0.0-20220112180741-5e0467b6c7ce to 0.35.0
- [Commits](https://github.com/golang/crypto/commits/v0.35.0)

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.43.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.27.1 to 1.30.0

Updates `google.golang.org/grpc` from 1.43.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `google.golang.org/protobuf` from 1.27.1 to 1.30.0

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.43.0 to 1.56.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.56.3)

Updates `golang.org/x/crypto` from 0.0.0-20220112180741-5e0467b6c7ce to 0.35.0
- [Commits](https://github.com/golang/crypto/commits/v0.35.0)

Updates `golang.org/x/net` from 0.7.0 to 0.21.0
- [Commits](golang/net@v0.7.0...v0.21.0)

Updates `google.golang.org/protobuf` from 1.27.1 to 1.30.0

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.9.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.9.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/grpc
  dependency-version: 1.56.3
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.30.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 15, 2025
@dependabot dependabot bot mentioned this pull request Jul 15, 2025
Closed
@dependabot dependabot bot requested review from a team and srm6867 July 15, 2025 10:30
@bito-code-review
Copy link

bito-code-review bot commented Jul 15, 2025
edited
Loading

Code Review Agent Run #c8ae43

Actionable Suggestions - 0
Review Details
  • Files reviewed - 5 · Commit Range: 02abb05..02abb05
    • api/v2/go.mod
    • api/v2/go.sum
    • examples/go.mod
    • examples/go.sum
    • go.mod
  • Files skipped - 1
    • go.sum - Reason: Filter setting
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
    • GOVULNCHECK (Security Vulnerability) - ✖︎ Failed
    • OWASP (Security Vulnerability) - ✔︎ Successful
    • SNYK (Security Vulnerability) - ✔︎ Successful
Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

  • /pause - Pauses automatic reviews on this pull request.

  • /resume - Resumes automatic reviews.

  • /resolve - Marks all Bito-posted review comments as resolved.

  • /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Default Agent You can customize the agent settings here or contact your Bito workspace admin at mithil@platform9.com.

Documentation & Help

AI Code Review powered by Bito Logo

@bito-code-review
Copy link

bito-code-review bot commented Jul 15, 2025
edited
Loading

Changelist by Bito

This pull request implements the following key changes.

Key Change Files Impacted
Testing - CI Workflow Enhancements

ci.yaml - Updated CI configuration with bumped dependencies, action versions, and Go version for improved build reliability.
Other Improvements - Dependency Upgrades

go.mod - Bumped the Go version and upgraded dependency versions (e.g., grpc from 1.49.0 to 1.56.3, protobuf from 1.28.1 to 1.30.0) for enhanced security and consistency.

go.sum - Reflected updated module checksums corresponding to dependency upgrades.

go.mod - Upgraded the root Go version from 1.19 to 1.23 and revised multiple dependency versions (including testify, x/crypto, x/net, oauth2, google.golang.org/api, grpc, and protobuf) to improve performance and security.

go.sum - Updated module checksums and dependency references by adding newer versions and removing outdated entries.

@cruizen
Update ci.yaml
c9bdc19 
Signed-off-by: Trilok Khairnar <214651+cruizen@users.noreply.github.com>
@bito-code-review
Copy link

bito-code-review bot commented Jul 15, 2025
edited
Loading

Code Review Agent Run #e737d2

Actionable Suggestions - 0
Review Details
  • Files reviewed - 1 · Commit Range: 02abb05..c9bdc19
    • .github/workflows/ci.yaml
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

  • /pause - Pauses automatic reviews on this pull request.

  • /resume - Resumes automatic reviews.

  • /resolve - Marks all Bito-posted review comments as resolved.

  • /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Default Agent You can customize the agent settings here or contact your Bito workspace admin at mithil@platform9.com.

Documentation & Help

AI Code Review powered by Bito Logo

cruizen added 3 commits July 19, 2025 14:40
@cruizen
Update go.mod
b04b4db 
Signed-off-by: Trilok Khairnar <214651+cruizen@users.noreply.github.com>
@cruizen
Update go.mod
b6e69e6 
Signed-off-by: Trilok Khairnar <214651+cruizen@users.noreply.github.com>
@cruizen
Update go.mod
5c9eb03 
Signed-off-by: Trilok Khairnar <214651+cruizen@users.noreply.github.com>
@bito-code-review
Copy link

bito-code-review bot commented Jul 19, 2025
edited
Loading

Code Review Agent Run #e48336

Actionable Suggestions - 0
Review Details
  • Files reviewed - 3 · Commit Range: c9bdc19..5c9eb03
    • api/v2/go.mod
    • examples/go.mod
    • go.mod
  • Files skipped - 0
  • Tools
    • Whispers (Secret Scanner) - ✔︎ Successful
    • Detect-secrets (Secret Scanner) - ✔︎ Successful
    • OWASP (Security Vulnerability) - ✔︎ Successful
    • GOVULNCHECK (Security Vulnerability) - ✖︎ Failed
    • SNYK (Security Vulnerability) - ✔︎ Successful
Bito Usage Guide

Commands

Type the following command in the pull request comment and save the comment.

  • /review - Manually triggers a full AI review.

  • /pause - Pauses automatic reviews on this pull request.

  • /resume - Resumes automatic reviews.

  • /resolve - Marks all Bito-posted review comments as resolved.

  • /abort - Cancels all in-progress reviews.

Refer to the documentation for additional commands.

Configuration

This repository uses Default Agent You can customize the agent settings here or contact your Bito workspace admin at mithil@platform9.com.

Documentation & Help

AI Code Review powered by Bito Logo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@srm6867 srm6867 Awaiting requested review from srm6867

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cruizen