Skip to content

Bump the go-dependencies group across 1 directory with 6 updates #815

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the go-dependencies group across 1 directory with 6 updates #815

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 8, 2025
edited
Loading

Bumps the go-dependencies group with 5 updates in the / directory:

Package From To
github.com/ceph/go-ceph 0.35.0 0.36.0
github.com/containerd/containerd 1.7.28 1.7.29
github.com/ironcore-dev/ironcore-image 0.2.4 0.2.5
github.com/spf13/cobra 1.10.1 1.10.2
google.golang.org/grpc 1.75.1 1.77.0

Updates github.com/ceph/go-ceph from 0.35.0 to 0.36.0

Release notes

Sourced from github.com/ceph/go-ceph's releases.

Release v0.36.0

The maintainers and contributors to go-ceph are pleased to announce the v0.36.0 release. This is another great step towards making it possible to use the power of the Ceph APIs in the Go language.

As this is a v0.x release we do not guarantee backwards compatibility with previous versions of the code. However, we aim not to disrupt existing consumers of the library and thus make an effort not to immediately implement breaking changes without very good justification. Please see the "Deprecations & Removals" section (if present) to get a sense of what you can expect to change in the future and prepare your code ahead of time. You may also want to view "Deprecations & Removals" of previous releases as they are not repeated here. All newly introduced APIs in the following section are labeled as "preview" APIs first, and are only available if the ceph_preview build tag is set. There is explicitly no backwards compatibility guaranteed for these until they are labeled as "stable" in a later release.

New Features

rbd

admin/osd

admin/nvmegw

Fixes

rgw

API Stability Updates

The following APIs are now stable:

cephfs/admin

  • FSAdmin.SubVolumeSnapshotPath

admin/smb

  • All APIs in this new package are considered stable

Note

With the imminent release of Ceph 'Tentacle' we have added it to our test matrix and removed Ceph 'Octopus' from the test matrix.

Other Changes

... (truncated)

Commits
  • c7c6763 docs: fix api versions for recently added nvme gw admin api
  • 96bd37f doc: include common/admin/nvmegw package in api-status
  • 52be7d9 admin: add nvme-gw create/delete/show API
  • 01bbb5f release: update README.md versions table
  • 3af1608 release: api-fix-versions
  • e2737a6 common/admin/smb: promote apis to stable
  • 9c392f5 cephfs/admin: promote SubVolumeSnapshotPath api to stable
  • c1c89ea docs: Add client fencing APIs to api-status
  • 34e925a admin/osd: Add tests for client fencing APIs
  • b2d70ea admin/osd: Add APIs for fencing clients
  • Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.28 to 1.7.29

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.29

Welcome to the v1.7.29 release of containerd!

The twenty-ninth patch release for containerd 1.7 contains various fixes and updates including security patches.

Security Updates

Highlights

Image Distribution

  • Update differ to handle zstd media types (#12018)

Runtime

  • Update runc binary to v1.3.3 (#12480)
  • Fix lost container logs from quickly closing io (#12375)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Phil Estes
  • Austin Vazquez
  • Sebastiaan van Stijn
  • ningmingxiao
  • Maksym Pavlenko
  • StepSecurity Bot
  • wheat2018

Changes

... (truncated)

Commits
  • 442cb34 Merge commit from fork
  • e5cb6dd Merge commit from fork
  • 9772966 Merge pull request #12486 from dmcgowan/prepare-v1.7.29
  • 1fc2daa Prepare release notes for v1.7.29
  • 93f710a Merge pull request #12480 from k8s-infra-cherrypick-robot/cherry-pick-12475-t...
  • 68d04be Merge pull request #12471 from austinvazquez/1_7_update_ci_go_and_images
  • 3f5f9f8 runc: Update runc binary to v1.3.3
  • 667409f ci: bump Go 1.24.9, 1.25.3
  • 294f8c0 Update GHA runners to use latest images for basic binaries build
  • cf66b41 Update GHA runners to use latest image for most jobs
  • Additional commits viewable in compare view

Updates github.com/ironcore-dev/ironcore-image from 0.2.4 to 0.2.5

Release notes

Sourced from github.com/ironcore-dev/ironcore-image's releases.

v0.2.5

Changes

🚀 Features

🐛 Bug Fixes

🧰 Maintenance

Commits

Updates github.com/onsi/ginkgo/v2 from 2.25.3 to 2.26.0

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.26.0

2.26.0

Features

Ginkgo can now generate json-formatted reports that are compatible with the go test json format. Use ginkgo --gojson-report=report.go.json. This is not intended to be a replacement for Ginkgo's native json format which is more information rich and better models Ginkgo's test structure semantics.

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.26.0

Features

Ginkgo can now generate json-formatted reports that are compatible with the go test json format. Use ginkgo --gojson-report=report.go.json. This is not intended to be a replacement for Ginkgo's native json format which is more information rich and better models Ginkgo's test structure semantics.

Commits

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

  • chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

Updates google.golang.org/grpc from 1.75.1 to 1.77.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.77.0

API Changes

  • mem: Replace the Reader interface with a struct for better performance and maintainability. (#8669)

Behavior Changes

  • balancer/pickfirst: Remove support for the old pick_first LB policy via the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST=false. The new pick_first has been the default since v1.71.0. (#8672)

Bug Fixes

  • xdsclient: Fix a race condition in the ADS stream implementation that could result in resource-not-found errors, causing the gRPC client channel to move to TransientFailure. (#8605)
  • client: Ignore HTTP status header for gRPC streams. (#8548)
  • client: Set a read deadline when closing a transport to prevent it from blocking indefinitely on a broken connection. (#8534)
  • client: Fix a bug where default port 443 was not automatically added to addresses without a specified port when sent to a proxy.
    • Setting environment variable GRPC_EXPERIMENTAL_ENABLE_DEFAULT_PORT_FOR_PROXY_TARGET=false disables this change; please file a bug if any problems are encountered as we will remove this option soon. (#8613)
  • balancer/pickfirst: Fix a bug where duplicate addresses were not being ignored as intended. (#8611)
  • server: Fix a bug that caused overcounting of channelz metrics for successful and failed streams. (#8573)
  • balancer/pickfirst: When configured, shuffle addresses in resolver updates that lack endpoints. Since gRPC automatically adds endpoints to resolver updates, this bug only affects custom LB policies that delegate to pick_first but don't set endpoints. (#8610)
  • mem: Clear large buffers before re-using. (#8670)

Performance Improvements

  • transport: Reduce heap allocations to reduce time spent in garbage collection. (#8624, #8630, #8639, #8668)
  • transport: Avoid copies when reading and writing Data frames. (#8657, #8667)
  • mem: Avoid clearing newly allocated buffers. (#8670)

New Features

  • outlierdetection: Add metrics specified in gRFC A91. (#8644)
  • stats/opentelemetry: Add support for optional label grpc.lb.backend_service in per-call metrics (#8637)
  • xds: Add support for JWT Call Credentials as specified in gRFC A97. Set environment variable GRPC_EXPERIMENTAL_XDS_BOOTSTRAP_CALL_CREDS=true to enable this feature. (#8536)
  • experimental/stats: Add support for up/down counters. (#8581)

Release 1.76.0

Dependencies

Bug Fixes

  • client: Return status INTERNAL when a server sends zero response messages for a unary or client-streaming RPC. (#8523)
  • client: Fail RPCs with status INTERNAL instead of UNKNOWN upon receiving http headers with status 1xx and END_STREAM flag set. (#8518)
  • pick_first: Fix race condition that could cause pick_first to get stuck in IDLE state on backend address change. (#8615)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the go-dependencies group across 1 directory with 6 updates
386779e 
Bumps the go-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/ceph/go-ceph](https://github.com/ceph/go-ceph) | `0.35.0` | `0.36.0` |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.28` | `1.7.29` |
| [github.com/ironcore-dev/ironcore-image](https://github.com/ironcore-dev/ironcore-image) | `0.2.4` | `0.2.5` |
| [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.10.1` | `1.10.2` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.75.1` | `1.77.0` |



Updates `github.com/ceph/go-ceph` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/ceph/go-ceph/releases)
- [Changelog](https://github.com/ceph/go-ceph/blob/master/docs/release-process.md)
- [Commits](ceph/go-ceph@v0.35.0...v0.36.0)

Updates `github.com/containerd/containerd` from 1.7.28 to 1.7.29
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.28...v1.7.29)

Updates `github.com/ironcore-dev/ironcore-image` from 0.2.4 to 0.2.5
- [Release notes](https://github.com/ironcore-dev/ironcore-image/releases)
- [Commits](ironcore-dev/ironcore-image@v0.2.4...v0.2.5)

Updates `github.com/onsi/ginkgo/v2` from 2.25.3 to 2.26.0
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.25.3...v2.26.0)

Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.10.1...v1.10.2)

Updates `google.golang.org/grpc` from 1.75.1 to 1.77.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.75.1...v1.77.0)

---
updated-dependencies:
- dependency-name: github.com/ceph/go-ceph
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/containerd/containerd
  dependency-version: 1.7.29
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/ironcore-dev/ironcore-image
  dependency-version: 0.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: google.golang.org/grpc
  dependency-version: 1.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 8, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 8, 2025 01:02
@github-actions github-actions bot added the size/L label Dec 8, 2025
@hardikdr hardikdr added the area/storage Storage solutions and related concerns. label Dec 8, 2025
@hardikdr hardikdr added this to Roadmap Dec 8, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 15, 2025
@github-project-automation github-project-automation bot moved this to Done in Roadmap Dec 15, 2025
@github-project-automation github-project-automation bot moved this to Done in Storage Dec 15, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/go-dependencies-da568d8e22 branch December 15, 2025 01:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/storage Storage solutions and related concerns. dependencies Pull requests that update a dependency file go Pull requests that update Go code size/L

Projects

Roadmap
Status: Done
Storage
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hardikdr