build(deps): bump the all-go-mod-patch-and-minor group across 1 directory with 15 updates

[dependabot]

Bumps the all-go-mod-patch-and-minor group with 9 updates in the / directory:

Package	From	To
github.com/andybalholm/brotli	1.1.0	1.1.1
github.com/envoyproxy/go-control-plane	0.13.0	0.13.1
github.com/open-policy-agent/opa	0.68.0	0.70.0
github.com/open-policy-agent/opa-envoy-plugin	0.68.0-envoy-4	0.70.0-envoy-1
github.com/redis/go-redis/v9	9.6.1	9.7.0
github.com/testcontainers/testcontainers-go	0.33.0	0.34.0
github.com/tidwall/gjson	1.17.3	1.18.0
golang.org/x/oauth2	0.23.0	0.24.0
golang.org/x/sync	0.8.0	0.9.0

Updates github.com/andybalholm/brotli from 1.1.0 to 1.1.1

Commits

• 57434b5 Encoder: check for empty block
• 97e8583 matchfinder.M4: some refinements to scoring
• See full diff in compare view

Updates github.com/envoyproxy/go-control-plane from 0.13.0 to 0.13.1

Release notes

Sourced from github.com/envoyproxy/go-control-plane's releases.

v0.13.1

What's Changed

• build(deps): Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @​dependabot in envoyproxy/go-control-plane#975
• build(deps): Bump github/codeql-action from 3.25.6 to 3.26.5 by @​dependabot in envoyproxy/go-control-plane#990
• build(deps): Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @​dependabot in envoyproxy/go-control-plane#979
• build(deps): Bump actions/upload-artifact from 3.1.0 to 4.3.6 by @​dependabot in envoyproxy/go-control-plane#982
• fix: golangci-lint by @​mmorel-35 in envoyproxy/go-control-plane#993
• Bump google.golang.org/protobuf from 1.33.0 to 1.34.2 in /xdsmatcher by @​dependabot in envoyproxy/go-control-plane#955
• build(deps): Bump github.com/envoyproxy/protoc-gen-validate from 1.0.4 to 1.1.0 by @​dependabot in envoyproxy/go-control-plane#978
• update OSSF Scorecard badge link by @​mmorel-35 in envoyproxy/go-control-plane#857
• build(deps): Bump actions/upload-artifact from 4.3.6 to 4.4.0 by @​dependabot in envoyproxy/go-control-plane#998
• build(deps): Bump github/codeql-action from 3.26.5 to 3.26.6 by @​dependabot in envoyproxy/go-control-plane#997

Full Changelog: envoyproxy/go-control-plane@v0.13.0...v0.13.1

Commits

• 03ea0b2 Mirrored from envoyproxy/envoy @ d049362557545b054e1a883231e64944ed0a8819
• bec043f Mirrored from envoyproxy/envoy @ c6761de5f33e97758471c6b973a57a5c2e5db925
• 8c942bd Mirrored from envoyproxy/envoy @ e48666365c8a0b3a62343602fd9380d58a7afd95
• e1df533 Mirrored from envoyproxy/envoy @ 1173629e531abf758f011c2da15da739f72881c6
• deb90cf Mirrored from envoyproxy/envoy @ 42068a59e37d0d6c313340d0175cb08cce2574bb
• 06f4ee8 Mirrored from envoyproxy/envoy @ a3e32c92c5ae699a4daad094c6a87b58e1e84ec2
• f61d5e4 Mirrored from envoyproxy/envoy @ 1a153166a6d1e9336ee8982d1a00ba98655c9d39
• f6ecc7e Mirrored from envoyproxy/envoy @ 07a8c4afe8ac83632535bd118f142df70d2335be
• 74bddf0 Mirrored from envoyproxy/envoy @ 865aa1081a0a66d13b2564382abc89129c1ba090
• d1afc3b Mirrored from envoyproxy/envoy @ 38530270d6cb3a3a71a9b70b3de55854750b75a9
• Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 0.68.0 to 0.70.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v0.70.0

This release contains a mix of features, performance improvements, and bugfixes.

Optimized read mode for OPA's in-memory store (#7125)

A new optimized read mode has been added to the default in-memory store, where data written to the store is eagerly converted to AST values (the data format used during evaluation). This removes the time spent converting raw data values to AST during policy evaluation, thereby improving performance.

The memory footprint of the store will increase, as processed AST values generally take up more space in memory than the corresponding raw data values, but overall memory usage of OPA might remain more stable over time, as pre-converted data is shared across evaluations and isn't recomputed for each evaluation, which can cause spikes in memory usage.

This mode can be enabled for opa run, opa eval, and opa bench by setting the --optimize-store-for-read-speed flag.

More information about this feature can be found here.

Co-authored by @​johanfylling and @​ashutosh-narkar.

Topdown and Rego

• topdown: Use new Inter-Query Value Cache for json.match_schema built-in function (#7011) authored by @​anderseknert reported by @​lcarva
• ast: Fix location text attribute for multi-value rules with generated body (#7128) authored by @​anderseknert
• ast: Fix regression in opa check where a file that referenced non-provided schemas failed validation (#7124) authored by @​tjons
• test/cases/testdata: Fix bug in test by replacing unification by explicit equality check (#7093) authored by @​matajoh
• ast: Replace use of yaml.v2 library with yaml.v3. The earlier version would parse yes/no values as boolean. The usage of yaml.v2 in the parser was unintentional and now has been updated to yaml.v3 (#7090) authored by @​anderseknert

Runtime, Tooling, SDK

• cmd: Make opa check respect --ignore when --bundle flag is set (#7136) authored by @​anderseknert
• server/writer: Properly handle result encoding errors which earlier on failure would emit logs such as superfluous call to WriteHeader() while still returning 200 HTTP status code. Now, errors encoding the payload properly lead to 500 HTTP status code, without extra logs. Also use Header().Set() not Header().Add() to avoid duplicate content-type headers (#7114) authored by @​srenatus
• cmd: Support file:// format for TLS key material file flags in opa run (#7094) authored by @​alexrohozneanu
• plugins/rest/azure: Support managed identity for App Service / Container Apps (#7085) reported and authored by @​apc-kamezaki
• debug: Fix step-over behaviour when exiting partial rules (#7096) authored by @​johanfylling
• util+plugins: Fix potential memory leaks with explicit timer cancellation (#7089) authored by @​philipaconrad

Docs, Website, Ecosystem

• docs: Fix OCI example with updated flag used by the ORAS CLI (#7130) authored by @​b3n3d17
• docs: Delete Atom editor from supported editor integrations (#7111) authored by @​KaranbirSingh7
• docs/website: Add Styra OPA ASP.NET Core SDK integration (#7073) authored by @​philipaconrad
• docs/website: Update compatibility information on the rego-cpp integration (#7078) authored by @​matajoh

Miscellaneous

• Dependency updates; notably:
  • build(deps): bump github.com/containerd/containerd from 1.7.22 to 1.7.23
  • build(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5
  • build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0
  • build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0
  • build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1

v0.69.0

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

0.70.0

This release contains a mix of features, performance improvements, and bugfixes.

Optimized read mode for OPA's in-memory store (#7125)

A new optimized read mode has been added to the default in-memory store, where data written to the store is eagerly converted to AST values (the data format used during evaluation). This removes the time spent converting raw data values to AST during policy evaluation, thereby improving performance.

The memory footprint of the store will increase, as processed AST values generally take up more space in memory than the corresponding raw data values, but overall memory usage of OPA might remain more stable over time, as pre-converted data is shared across evaluations and isn't recomputed for each evaluation, which can cause spikes in memory usage.

This mode can be enabled for opa run, opa eval, and opa bench by setting the --optimize-store-for-read-speed flag.

More information about this feature can be found here.

Co-authored by @​johanfylling and @​ashutosh-narkar.

Topdown and Rego

• topdown: Use new Inter-Query Value Cache for json.match_schema built-in function (#7011) authored by @​anderseknert reported by @​lcarva
• ast: Fix location text attribute for multi-value rules with generated body (#7128) authored by @​anderseknert
• ast: Fix regression in opa check where a file that referenced non-provided schemas failed validation (#7124) authored by @​tjons
• test/cases/testdata: Fix bug in test by replacing unification by explicit equality check (#7093) authored by @​matajoh
• ast: Replace use of yaml.v2 library with yaml.v3. The earlier version would parse yes/no values as boolean. The usage of yaml.v2 in the parser was unintentional and now has been updated to yaml.v3 (#7090) authored by @​anderseknert

Runtime, Tooling, SDK

• cmd: Make opa check respect --ignore when --bundle flag is set (#7136) authored by @​anderseknert
• server/writer: Properly handle result encoding errors which earlier on failure would emit logs such as superfluous call to WriteHeader() while still returning 200 HTTP status code. Now, errors encoding the payload properly lead to 500 HTTP status code, without extra logs. Also use Header().Set() not Header().Add() to avoid duplicate content-type headers (#7114) authored by @​srenatus
• cmd: Support file:// format for TLS key material file flags in opa run (#7094) authored by @​alexrohozneanu
• plugins/rest/azure: Support managed identity for App Service / Container Apps (#7085) reported and authored by @​apc-kamezaki
• debug: Fix step-over behaviour when exiting partial rules (#7096) authored by @​johanfylling
• util+plugins: Fix potential memory leaks with explicit timer cancellation (#7089) authored by @​philipaconrad

Docs, Website, Ecosystem

• docs: Fix OCI example with updated flag used by the ORAS CLI (#7130) authored by @​b3n3d17
• docs: Delete Atom editor from supported editor integrations (#7111) authored by @​KaranbirSingh7
• docs/website: Add Styra OPA ASP.NET Core SDK integration (#7073) authored by @​philipaconrad
• docs/website: Update compatibility information on the rego-cpp integration (#7078) authored by @​matajoh

Miscellaneous

• Dependency updates; notably:
  • build(deps): bump github.com/containerd/containerd from 1.7.22 to 1.7.23
  • build(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5
  • build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0
  • build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0
  • build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1

0.69.0

... (truncated)

Commits

• 2ea031e Prepare v0.70.0 release
• 6af5e79 storage: Optimized read mode for default data storage
• 1b797d9 Make opa check respect --ignore when --bundle flag is set (#7137)
• 8e44b98 build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 (#7138)
• ad6ffda build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (#7135)
• 67fe53b Update Andrew Peabody to emeritus (#7133)
• 30f3747 build(deps): bump github/codeql-action from 3.26.13 to 3.27.0
• f7957bd 🐛 fix: oras cli changed to --config
• 58ec50b Fix location for multivalue rules with generated bodies (#7129)
• 555fe84 only check schemas when schemas are provided (#7124)
• Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa-envoy-plugin from 0.68.0-envoy-4 to 0.70.0-envoy-1

Release notes

Sourced from github.com/open-policy-agent/opa-envoy-plugin's releases.

v0.70.0-envoy-1

NOTES:

The minimum version of Go required to build the OPA-Envoy module is 1.22.0.

What's Changed

• Update GO version to match OPA version by @​pratimsc in open-policy-agent/opa-envoy-plugin#603
• Refactor creation of prepared queries by @​mjungsbluth in open-policy-agent/opa-envoy-plugin#604
• build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0 by @​ashutosh-narkar in open-policy-agent/opa-envoy-plugin#609. See the OPA v0.70.0 release notes
• build(deps): bump golang.org/x/tools from 0.25.0 to 0.26.0
• build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1
• build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1
• build(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5
• build(deps): bump github.com/envoyproxy/go-control-plane from 0.13.0 to 0.13.1

v0.69.0-envoy

What's Changed

• internal: Set invalid request status if request parsing fails by @​rudrakhp in open-policy-agent/opa-envoy-plugin#573
• cmd: Avoid panic when starting with a bad config by @​srenatus in open-policy-agent/opa-envoy-plugin#598
• build(deps): bump github.com/prometheus/client_golang from 1.20.2 to 1.20.4
• build(deps): bump google.golang.org/grpc from 1.66.0 to 1.67.0
• build(deps): bump golang.org/x/tools from 0.24.0 to 0.25.0
• build(deps): bump github.com/open-policy-agent/opa from 0.68.0 to 0.69.0 in open-policy-agent/opa-envoy-plugin#599. See the OPA v0.69.0 release notes

Commits

• bf7dca6 Disable git safe directory check
• 43d7bd2 build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0
• 765ad70 refactor creation of prepared queries
• 4c4c3fd Update GO version to match OPA version
• c2f5136 build(deps): bump github.com/envoyproxy/go-control-plane
• e818d2e build(deps): bump github.com/prometheus/client_golang
• 8d6a285 build(deps): bump google.golang.org/protobuf from 1.34.2 to 1.35.1
• 75df799 build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1 (#600)
• 47179af build(deps): bump golang.org/x/tools from 0.25.0 to 0.26.0 (#601)
• 420d0d0 build(deps): bump github.com/open-policy-agent/opa from 0.68.0 to 0.69.0
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.4 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

• [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.

Commits

• 48e12a1 Merge pull request #1645 from prometheus/cut-1204-pr1424
• 504ad9b Cut 1.20.5; update comments.
• 584a7ce Revert "testutil compareMetricFamilies: make less error-prone (#1424)"
• See full diff in compare view

Updates github.com/redis/go-redis/v9 from 9.6.1 to 9.7.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.7.0

Changes

🚀 New Features

• Support Redis search and query capabilities (#2801, #3098)
• Support indexing and querying empty values (#3053)
• Support for Redis JSON with RESP2 protocol (#3146)

🛠️ Improvements

We're glad to announce that we added a search and query support in the current release.

🧰 Maintenance

• Documentation examples (#3102, #3106, #3110, #3111, #3113, #3114, #3115, #3123, #3124)
• retract v9.5.3 of redisotel and other extra packages (#3108)
• Add test coverage reporting and Codecov badge (#3055)
• Updated module version that points to retracted package version (#3074)

Contributors

We'd like to thank all the contributors who worked on this release!

@​andy-stark-redis, @​ipechorin, @​ofekshenawa and @​vladvildanov

9.7.0-beta.1

Changes

🚀 New Features

• Support Redis search and query capabilities (#2801, #3098)
• Support indexing and querying empty values (#3053)

🛠️ Improvements

We're glad to announce that we added a search and query support in the current release.

🧰 Maintenance

• Documentation examples (#3102, #3106, #3110, #3111, #3113, #3114, #3115, #3123, #3124)
• retract v9.5.3 of redisotel and other extra packages (#3108)
• Add test coverage reporting and Codecov badge (#3055)
• Updated module version that points to retracted package version (#3074)

Contributors

We'd like to thank all the contributors who worked on this release!

@​andy-stark-redis, @​ipechorin, @​ofekshenawa and @​vladvildanov

9.6.2

Changes

... (truncated)

Commits

• ed37c33 Updated package version [9.7] (#3159)
• 135f8e3 Fix field name spellings (#3132) (#3156)
• ac2e91d Support Json with Resp 2 (#3146) (#3155)
• ec680ae Remove direct read from TLS underlying conn (#3138) (#3154)
• ad131f4 Updated package version (#3134)
• d9eeed1 Fix Flaky Test: should handle FTAggregate with Unstable RESP3 Search Module a...
• e99abe4 DOC-4237 added Bloom filter examples (#3115)
• 9e79c9b DOC-4228 JSON code examples (#3114)
• 9e3709c DOC-4234 added bitmap examples (#3124)
• 69b4c01 DOC-4241 added t-digest examples (#3123)
• Additional commits viewable in compare view

Updates github.com/testcontainers/testcontainers-go from 0.33.0 to 0.34.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.34.0

What's Changed

🚀 Features

• feat: add meilisearch-module (#2835) @​mashail
• feat: add yugabytedb module (#2825) @​henripqt
• feat: add etcd module (#2788) @​mdelapenya
• feat: add dynamodb-local module (#2799) @​mdelapenya
• feat: support databend module (#2779) @​hantmac
• feat(mongodb): Wait for mongodb module with a replicaset to finish (#2777) @​smgt
• feat: expose functions for resource clean up in tests and examples (#2738) @​stevenh
• feat(wait): for file (#2731) @​stevenh
• feat(compose): select services via profiles (#2758) @​ngrash

🐛 Bug Fixes

• fix(postgres): duplicate snapshot name (#2840) @​stevenh
• fix(reaper): refactor to allow retries and fix races (#2728) @​stevenh
• fix: update module container struct name and missing imports (#2831) @​henripqt
• fix(redpanda): wait for (#2794) @​stevenh
• fix(elasticsearch): wait for (#2724) @​stevenh
• fix(grafana): update module path (#2797) @​mdelapenya
• fix: container logging deadlocks (#2791) @​stevenh
• fix: parallel containers clean race (#2790) @​stevenh
• fix(registry): wait for (#2793) @​stevenh
• fix: handle 127 error code for podman compatibility (#2778) @​vchandela
• fix: do not override ImageBuildOptions.Labels when building from a Dockerfile (#2775) @​rzajac
• fix(postgres): Apply default snapshot name if no name specified (#2783) @​kiview
• fix: docker config error handling when config file does not exist (#2772) @​stevenh
• fix: check if the discovered docker socket responds (#2741) @​mdelapenya
• Fix trailing slash on Image Prefix (#2747) @​driverpt

📖 Documentation

• docs: document redpanda options (#2789) @​mdelapenya
• docs: refine heading badges in README (#2770) @​mdelapenya

🧹 Housekeeping

• fix: use Contains or ErrorContains with testify (#2839) @​mmorel-35
• golangci-lint: enable thelper linter (#2834) @​mmorel-35
• chore: update ryuk to 0.10.2 (#2833) @​stevenh
• chore: replace 'assert' with 'require' (#2827) @​JoelLau
• chore: replace 'assert' with 'require' for critical checks (#2824) @​JoelLau
• feat: add require for critical checks (#2812) @​AshutoshKD
• fix: container timeout test (#2792) @​stevenh
• chore: golangci-lint 1.61.0 (#2787) @​stevenh
• ci: add generate for mocks (#2774) @​stevenh
• chore: avoid using of log.Fatal in main in tests (#2739) @​stevenh

... (truncated)

Commits

• 7d0f970 chore: use new version (v0.34.0) in modules and examples
• 2c66f20 feat: add meilisearch-module (#2835)
• 235ab07 fix(postgres): duplicate snapshot name (#2840)
• f1632b3 chore: use Contains or ErrorContains checks (#2839)
• b74984d golangci-lint: enable thelper linter (#2834)
• 5e988ff fix(reaper): refactor to allow retries and fix races (#2728)
• 56bb501 chore: update ryuk to 0.10.2 (#2833)
• 27f699b feat: add yugabytedb module (#2825)
• 00e7002 fix: update module container struct name and missing imports (#2831)
• fb6a4ba chore: replace 'assert' with 'require' (#2827)
• Additional commits viewable in compare view

Updates github.com/tidwall/gjson from 1.17.3 to 1.18.0

Commits

• 133f42c Generally faster parsing
• 92dff34 Update README.md
• See full diff in compare view

Updates golang.org/x/crypto from 0.27.0 to 0.28.0

Commits

• adef4cc go.mod: update golang.org/x dependencies
• a0819fb sha3: fix cSHAKE initialization for extremely large N and or S
• 42ee18b ssh: return ServerAuthError after too many auth failures
• 9e92970 bn256: add missing symbols in comment
• See full diff in compare view

Updates golang.org/x/net from 0.29.0 to 0.30.0

Commits

• 6cc5ac4 go.mod: update golang.org/x dependencies
• f88258d websocket: update nhooyr.io/websocket to github.com/coder/websocket
• 7191757 http2: add support for net/http HTTP2 config field
• 4790dc7 http2: add support for server-originated pings
• 541dbe5 http2: add Server.WriteByteTimeout
• 3c333c0 route: fix address parsing of messages on Darwin
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.23.0 to 0.24.0

Commits

• 22134a4 README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

• 151027e README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/term from 0.24.0 to 0.25.0

Commits

• 9d5441a go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates golang.org/x/time from 0.6.0 to 0.7.0

Commits

• 772484e x/time/rate: correctly handle 0 limits
• See full diff in compare view

Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions