kjuulh/ceen
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

Update all dependencies #60

Merged
kjuulh merged 1 commits from renovate/all into main 2024-12-18 02:10:50 +01:00
Conversation 1 Commits 1 Files Changed 2 +16 -6
kjuulh commented 2024-12-18 02:10:42 +01:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
github.com/nats-io/nats-server/v2 require patch v2.10.23 -> v2.10.24
github.com/nats-io/nats.go require minor v1.37.0 -> v1.38.0

Release Notes

nats-io/nats-server (github.com/nats-io/nats-server/v2)

v2.10.24

Compare Source

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

CVEs
  • Vulnerability check warnings for CVE-2024-45337 are addressed by the dependency update to x/crypto, although the NATS Server does not use the affected functionality and is therefore not vulnerable
Go Version
  • 1.23.4
Dependencies
  • golang.org/x/crypto v0.31.0 (#​6246)
  • github.com/nats-io/jwt/v2 v2.7.3 (#​6256)
  • github.com/nats-io/nkeys v0.4.9 (#​6255)
Fixed

General

  • Request/reply tracking with allow_responses permission is now pruned more regularly, fixing performance issues that can get worse over time (#​6064)

JetStream

  • Revert a change introduced in 2.10.23 that could potentially cause a consumer info call to fail if it takes place immediately after the consumer was created in some large or heavily-loaded clustered setups (#​6250)
  • Minor fixes to subject state tracking (#​6244)
  • Minor fixes to healthz and healthchecks (#​6247, #​6248, #​6232)
  • A calculation used to determine if exceeding limits has been corrected (#​6264)
  • Raft groups will no longer spin when truncating the log fails, i.e. during shutdown (#​6271)

WebSockets

  • A WebSocket close frame will no longer incorrectly include a status code when not needed (#​6260)
Complete Changes
nats-io/nats.go (github.com/nats-io/nats.go)

v1.38.0

Compare Source

Changelog

Added
  • Core NATS:
    • Added UserInfoHandler for dynamically setting user/password (#​1713)
    • Added PermissionErrOnSubscribe option, causing SubscribeSync to return nats.ErrPermissionViolation on NextMsg() if there was a permission error (#​1728)
    • Added Msgs() method on Subscription, returning an iterator (iter.Seq2[*nats.Msg, error]) for the subscription. This method is only available for go version >=1.23 (#​1728)
  • KeyValue:
  • Added WatchFiltered method to watch for updates with multiple filters (#​1739)
Fixed
  • Core NATS:
  • JetStream:
    • Fixed PublishAsync not closing done and stall channels after failed retries (#​1719)
    • Set valid fetch sequence in ordered consumer's Fetch() and Next() after timeout (#​1705)
    • Do not overwrite ordered consumer deliver policy if start time is set (#​1742)
    • Fixed race condition in MessageBatch (#​1743)
  • Legacy JetStream:
    • Fixed race condition in MessageBatch (#​1743)
Changed
  • Legacy Jetstream:
Improved
Complete Changes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) | require | patch | `v2.10.23` -> `v2.10.24` | | [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) | require | minor | `v1.37.0` -> `v1.38.0` | --- ### Release Notes <details> <summary>nats-io/nats-server (github.com/nats-io/nats-server/v2)</summary> ### [`v2.10.24`](https://github.com/nats-io/nats-server/releases/tag/v2.10.24) [Compare Source](https://github.com/nats-io/nats-server/compare/v2.10.23...v2.10.24) #### Changelog Refer to the [2.10 Upgrade Guide](https://docs.nats.io/release-notes/whats_new/whats_new\_210) for backwards compatibility notes with 2.9.x. ##### CVEs - Vulnerability check warnings for [CVE-2024-45337](https://github.com/advisories/GHSA-v778-237x-gjrc) are addressed by the dependency update to `x/crypto`, although the NATS Server does not use the affected functionality and is therefore not vulnerable ##### Go Version - 1.23.4 ##### Dependencies - golang.org/x/crypto v0.31.0 ([#&#8203;6246](https://github.com/nats-io/nats-server/issues/6246)) - github.com/nats-io/jwt/v2 v2.7.3 ([#&#8203;6256](https://github.com/nats-io/nats-server/issues/6256)) - github.com/nats-io/nkeys v0.4.9 ([#&#8203;6255](https://github.com/nats-io/nats-server/issues/6255)) ##### Fixed General - Request/reply tracking with `allow_responses` permission is now pruned more regularly, fixing performance issues that can get worse over time ([#&#8203;6064](https://github.com/nats-io/nats-server/issues/6064)) JetStream - Revert a change introduced in 2.10.23 that could potentially cause a consumer info call to fail if it takes place immediately after the consumer was created in some large or heavily-loaded clustered setups ([#&#8203;6250](https://github.com/nats-io/nats-server/issues/6250)) - Minor fixes to subject state tracking ([#&#8203;6244](https://github.com/nats-io/nats-server/issues/6244)) - Minor fixes to `healthz` and healthchecks ([#&#8203;6247](https://github.com/nats-io/nats-server/issues/6247), [#&#8203;6248](https://github.com/nats-io/nats-server/issues/6248), [#&#8203;6232](https://github.com/nats-io/nats-server/issues/6232)) - A calculation used to determine if exceeding limits has been corrected ([#&#8203;6264](https://github.com/nats-io/nats-server/issues/6264)) - Raft groups will no longer spin when truncating the log fails, i.e. during shutdown ([#&#8203;6271](https://github.com/nats-io/nats-server/issues/6271)) WebSockets - A WebSocket close frame will no longer incorrectly include a status code when not needed ([#&#8203;6260](https://github.com/nats-io/nats-server/issues/6260)) ##### Complete Changes </details> <details> <summary>nats-io/nats.go (github.com/nats-io/nats.go)</summary> ### [`v1.38.0`](https://github.com/nats-io/nats.go/releases/tag/v1.38.0) [Compare Source](https://github.com/nats-io/nats.go/compare/v1.37.0...v1.38.0) #### Changelog ##### Added - Core NATS: - Added `UserInfoHandler` for dynamically setting user/password ([#&#8203;1713](https://github.com/nats-io/nats.go/issues/1713)) - Added `PermissionErrOnSubscribe` option, causing `SubscribeSync` to return `nats.ErrPermissionViolation` on `NextMsg()` if there was a permission error ([#&#8203;1728](https://github.com/nats-io/nats.go/issues/1728)) - Added `Msgs()` method on `Subscription`, returning an iterator (`iter.Seq2[*nats.Msg, error]`) for the subscription. This method is only available for go version >=1.23 ([#&#8203;1728](https://github.com/nats-io/nats.go/issues/1728)) - KeyValue: - Added `WatchFiltered` method to watch for updates with multiple filters ([#&#8203;1739](https://github.com/nats-io/nats.go/issues/1739)) ##### Fixed - Core NATS: - Fixed closing connections on max subscriptions exceeded ([#&#8203;1709](https://github.com/nats-io/nats.go/issues/1709)) - Removed redundant nil checks. Thanks [@&#8203;ramonberrutti](https://github.com/ramonberrutti) for the contribution ([#&#8203;1751](https://github.com/nats-io/nats.go/issues/1751)) - Add missing nats prefix to error ([#&#8203;1753](https://github.com/nats-io/nats.go/issues/1753)) - JetStream: - Fixed `PublishAsync` not closing done and stall channels after failed retries ([#&#8203;1719](https://github.com/nats-io/nats.go/issues/1719)) - Set valid fetch sequence in ordered consumer's `Fetch()` and `Next()` after timeout ([#&#8203;1705](https://github.com/nats-io/nats.go/issues/1705)) - Do not overwrite ordered consumer deliver policy if start time is set ([#&#8203;1742](https://github.com/nats-io/nats.go/issues/1742)) - Fixed race condition in `MessageBatch` ([#&#8203;1743](https://github.com/nats-io/nats.go/issues/1743)) - Legacy JetStream: - Fixed race condition in `MessageBatch` ([#&#8203;1743](https://github.com/nats-io/nats.go/issues/1743)) ##### Changed - Legacy Jetstream: - Added client retry for jetstream async publish old API. Thanks [@&#8203;pranavmehta94](https://github.com/pranavmehta94) for the contribution ([#&#8203;1695](https://github.com/nats-io/nats.go/issues/1695)) ##### Improved - Moved CI to github actions ([#&#8203;1623](https://github.com/nats-io/nats.go/issues/1623), [#&#8203;1716](https://github.com/nats-io/nats.go/issues/1716)) - Use errors.New instead of fmt.Errorf to improve efficiency. Thanks [@&#8203;canack](https://github.com/canack) for the contribution ([#&#8203;1707](https://github.com/nats-io/nats.go/issues/1707)) - Fixed invalid schemas in Service API documentation ([#&#8203;1720](https://github.com/nats-io/nats.go/issues/1720)) - Added mention of TTL reset in `kv.Update` method. Thanks [@&#8203;fmontorsi-equinix](https://github.com/fmontorsi-equinix) for the contribution ([#&#8203;1727](https://github.com/nats-io/nats.go/issues/1727)) - Updated installation commands in `README.md` ([#&#8203;1745](https://github.com/nats-io/nats.go/issues/1745)) - Bump `nkeys` to v0.4.9 ([#&#8203;1750](https://github.com/nats-io/nats.go/issues/1750)) ##### Complete Changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjQuMyIsInVwZGF0ZWRJblZlciI6IjM3LjQyNC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
kjuulh added 1 commit 2024-12-18 02:10:43 +01:00
Update all dependencies
All checks were successful
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/push Build is passing
Details
9c935be309
kjuulh scheduled this pull request to auto merge when all checks succeed 2024-12-18 02:10:43 +01:00
kjuulh commented 2024-12-18 02:10:43 +01:00
Author
Owner
Copy Link

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 3 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21.0 -> 1.22
github.com/nats-io/jwt/v2 v2.5.8 -> v2.7.3
github.com/nats-io/nkeys v0.4.8 -> v0.4.9
golang.org/x/crypto v0.30.0 -> v0.31.0
### ℹ Artifact update notice ##### File name: go.mod In order to perform the update(s) described in the table above, Renovate ran the `go get` command, which resulted in the following additional change(s): - 3 additional dependencies were updated - The `go` directive was updated for compatibility reasons Details: | **Package** | **Change** | | :-------------------------- | :--------------------- | | `go` | `1.21.0` -> `1.22` | | `github.com/nats-io/jwt/v2` | `v2.5.8` -> `v2.7.3` | | `github.com/nats-io/nkeys` | `v0.4.8` -> `v0.4.9` | | `golang.org/x/crypto` | `v0.30.0` -> `v0.31.0` |
kjuulh merged commit 9c935be309 into main 2024-12-18 02:10:50 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: kjuulh/ceen#60
No description provided.
Delete Branch "renovate/all"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?