Skip to content

chore(deps): bump the go-mod group across 1 directory with 8 updates#198

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-mod-f5bb04fbc7
Open

chore(deps): bump the go-mod group across 1 directory with 8 updates#198
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-mod-f5bb04fbc7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 9, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-mod group with 5 updates in the / directory:

Package From To
github.com/cschleiden/go-workflows 1.0.1 1.4.2
github.com/go-playground/validator/v10 10.27.0 10.30.3
github.com/puzpuzpuz/xsync/v4 4.2.0 4.5.0
github.com/warpstreamlabs/bento 1.8.2 1.18.1
golang.org/x/sync 0.20.0 0.21.0

Updates github.com/cschleiden/go-workflows from 1.0.1 to 1.4.2

Release notes

Sourced from github.com/cschleiden/go-workflows's releases.

v1.4.2

What's Changed

Features

Bugfixes

Other Changes

New Contributors

Full Changelog: cschleiden/go-workflows@v1.4.1...v1.4.2

Nightly v1.4.2-nightly.202606050645.2

What's Changed

Other Changes

Full Changelog: cschleiden/go-workflows@v1.4.2-nightly.202606040652.1...v1.4.2-nightly.202606050645.2

Nightly v1.4.2-nightly.202606040652.1

What's Changed

Other Changes

New Contributors

... (truncated)

Commits
  • 92ebb1a Upgrade go-redis to v9.19.0 to align with ZRangeArgs Start/Stop fix
  • 8c5b99e Add ordering and pagination tests for GetWorkflowInstances
  • 91401eb Fix ZRangeArgs Start/Stop ordering for BYSCORE REV in GetWorkflowInstances
  • 7c6c8a3 Add nightly release workflow
  • d0990f3 Add tests for tracing APIs and update documentation
  • dd24275 Expose SpanID and TraceID in workflow context
  • 6298a19 test: add coverage for Go-after-Wait misuse panic
  • e679486 fix: remove false ctx-cancellation claim, add Go-after-Wait misuse guard
  • 262a5cc implement err group as an alternative to a wait group so errors from activiti...
  • dbca48e Fix waitGroup.Wait() blocking forever when Add is never called
  • Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.27.0 to 10.30.3

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

v10.30.3

What's Changed

New Contributors

Full Changelog: go-playground/validator@v10.30.2...v10.30.3

v10.30.2

What's Changed

... (truncated)

Commits
  • ac4c1ba fix(docs): correct ripemd160 tag name in README validation table (#1582)
  • feacb34 feat: omit blank tag names from namespace (#1567)
  • 5ed0a7e chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 (#1580)
  • 0364541 fix(cron): anchor regex and accept full cron syntax (#1577)
  • 8eb2659 chore(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 (#1571)
  • f7e1721 chore(deps): bump golang.org/x/text from 0.36.0 to 0.37.0 (#1572)
  • cf37fce fix(lint): correctly disable govet inline analyzer & deprecated gomodguard (#...
  • 7c334e5 fix: reject hostnames with trailing hyphen in RFC 952 validator (#1569)
  • 6bcb7bc feat: add origin validator for web origin URLs (#1565)
  • 6fd2fa8 docs: fix typos (#1568)
  • Additional commits viewable in compare view

Updates github.com/puzpuzpuz/xsync/v4 from 4.2.0 to 4.5.0

Release notes

Sourced from github.com/puzpuzpuz/xsync/v4's releases.

v4.5.0

  • Apply integer hash inlining in Map to more types #195
  • Fix trivial hash flooding in integer hash function in Map #199
  • Use power-of-two capacity to replace modulo with bitwise ops in MPMCQueue #200
  • Avoid false sharing in MPMCQueue #203

Kudos to @​llxisdsh, @​jeremiah-masters, and @​huynhanx03 for making this release happen.

Breaking changes

MPMCQueue's capacity specified in NewMPMCQueue is now implicitly rounded up to the next power of 2. For example, xsync.NewMPMCQueue[string](https://github.com/puzpuzpuz/xsync/blob/HEAD/1000) means that the queue's capacity will be set to 1024.

v4.4.0

  • Micro-optimize Map for integer keys #185
  • Add Map.RangeRelaxed method for faster map iteration #187
  • Add Map.DeleteMatching method for batch entry deletion #186

Read-heavy operations on Map with integer keys are now 24-29% faster due to a more efficient hash function, as well as a number of micro-optimizations.

RangeRelaxed is a much faster (~11x), lock-free alternative to Range. The downside is that the same key may be visited by RangeRelaxed more than once if it is concurrently deleted and re-inserted during the iteration. RangeRelaxed should be preferred over Range in all cases when weaker consistency is acceptable.

m := xsync.NewMap[string, int]()
m.Store("alice", 10)
m.Store("bob", 20)
m.Store("carol", 30)
m.Store("dave", 40)
// Iterate map entries and calculate sum of all values.
sum := 0
m.RangeRelaxed(func(key string, value int) bool {
sum += value
return true // continue iteration
})

DeleteMatching deletes all entries for which the delete return value of the input function is true. If the cancel return value is true, the iteration stops immediately. The function returns the number of deleted entries. The call locks a hash table bucket for the duration of evaluating the function for all entries in the bucket and performing deletions. It performs up to 20% faster than Range + Delete, yet if the percentage of the entries to-be-deleted is low, RangeRelaxed + Delete combination should be more efficient.

// Delete entries with value greater than 25.
deleted := m.DeleteMatching(func(key string, value int) (delete, cancel bool) {
	return value > 25, false
})

v4.3.0

  • Add iterator function Map.All #181
  • Make shrink resize lock-free on target buckets #180

All is similar to Range, but returns an iter.Seq2, so is compatible with Go 1.23+ iterators. All of the same caveats and behavior from Range apply to All.

... (truncated)

Commits

Updates github.com/warpstreamlabs/bento from 1.8.2 to 1.18.1

Release notes

Sourced from github.com/warpstreamlabs/bento's releases.

v1.18.1

1.18.1 - 2026-06-06

Fixed

Changed

Full Changelog: warpstreamlabs/bento@v1.18.0...v1.18.1

v1.18.0

1.18.0 - 2026-05-25

Added

  • template processor enabling use of Go template syntax for message transformations @​lublak
  • fsevent input creates messages for file-system events with metadata pertaining to event @​henrikschristensen
  • duckdb_append output inserts rows into a DuckDB database using the Appender API @​iamramtin
  • digest_auth fields on http components enabling digest authentication @​lublak
  • oauth2 fields on kafka & kafka_franz enabling oauth2 authentication @​vsl86 & @​jem-davies
  • emit_unpopulated field to protobuf processor enabling emitting unpopulated fields with their default JSON values @​matta-dev
  • Environment variable "BENTO_CONFIG" is checked for Bento Configuration @​jem-davies
  • checksum_algorithm field added to aws_s3 when set Bento computes the checksum for s3 to check @​seanbarzilay

Fixed

Changed

New Contributors

... (truncated)

Changelog

Sourced from github.com/warpstreamlabs/bento's changelog.

1.18.1 - 2026-06-05

Fixed

Changed

1.18.0 - 2026-05-25

Added

  • template processor enabling use of Go template syntax for message transformations @​lublak
  • fsevent input creates messages for file-system events with metadata pertaining to event @​henrikschristensen
  • duckdb_append output inserts rows into a DuckDB database using the Appender API @​iamramtin
  • digest_auth fields on http components enabling digest authentication @​lublak
  • oauth2 fields on kafka & kafka_franz enabling oauth2 authentication @​vsl86 & @​jem-davies
  • emit_unpopulated field to protobuf processor enabling emitting unpopulated fields with their default JSON values @​matta-dev
  • Environment variable "BENTO_CONFIG" is checked for Bento Configuration @​jem-davies
  • checksum_algorithm field added to aws_s3 when set Bento computes the checksum for s3 to check @​seanbarzilay

Fixed

Changed

1.17.0 - 2026-04-15

Added

... (truncated)

Commits

Updates golang.org/x/sync from 0.20.0 to 0.21.0

Commits

Updates google.golang.org/grpc from 1.80.0 to 1.81.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.1

Security

  • xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per gRFC A41. (#9111)

Bug Fixes

  • otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (#9081)

Release 1.81.0

Behavior Changes

  • balancer/rls: Switch gauge metrics to asynchronous emission (once per collection cycle) to reduce telemetry noise and align with other gRPC language implementations. (#8808)

Dependencies

  • Minimum supported Go version is now 1.25. (#8969)

Bug Fixes

  • xds: Use the leaf cluster's security config for the TLS handshake instead of the aggregate cluster's config. (#8956)
  • transport: Send a RST_STREAM when receiving an END_STREAM when the stream is not already half-closed. (#8832)
  • xds: Fix ADS resource name validation to prevent a panic. (#8970)

New Features

  • grpc/stats: Add support for custom labels in per-call metrics (gRFC A108). (#9008)
  • xds: Add support for Server Name Indication (SNI) and SAN validation (gRFC A101). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_SNI=true environment variable. (#9016)
  • xds: Add support to control which fields get propagated from ORCA backend metric reports to LRS load reports (gRFC A85). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_ORCA_LRS_PROPAGATION=true. (#9005)
  • xds: Add metrics to track xDS client connectivity and cached resource state (gRFC A78). (#8807)
  • stats/otel: Enhance grpc.subchannel.disconnections metric by adding disconnection reason to the grpc.disconnect_error label (gRFC A94). This provides granular insights into why subchannels are closing. (#8973)
  • mem: Add mem.Buffer.Slice() API to slice the buffer like a slice. (#8977)

Performance Improvements

  • alts: Pool read buffers to lower memory utilization when sockets are unreadable. (#8964)
  • transport: Pool HTTP/2 framer read buffers to reduce idle memory consumption. Currently limited to Linux for ALTS and non-encrypted transports (TCP, Unix). To disable, set GRPC_GO_EXPERIMENTAL_HTTP_FRAMER_READ_BUFFER_POOLING=false and report any issues. (#9032)
Commits

Updates k8s.io/client-go from 0.34.1 to 0.34.2

Commits
  • 54601aa Update dependencies to v0.34.2 tag
  • 1bb1ad2 Merge pull request #134589liggitt/automated-cherry-pick-of-#134588
  • 2505205 Remove invalid SAN certificate construction
  • 7ffba0f Merge pull request #134004DerekFrank/automated-cherry-pick-of-#133573
  • 145cb8f gofmt and review feedback
  • ddcdc12 fix: Update unit test to catch actual nil Labels case and fix functionality t...
  • See full diff in compare view

Updates k8s.io/klog/v2 from 2.130.1 to 2.140.0

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.36

What's Changed

New Contributors

Full Changelog: kubernetes/klog@v2.130.1...v2.140.0

Commits
  • ef4b370 Merge pull request #432 from pierluigilenoci/fix/stderr-threshold-issue-212
  • 39c4c76 refactor: address code review feedback from @​pohly
  • 764a9a3 Merge pull request #430 from pohly/textlogger-optional-header
  • 015c613 Update stderr_threshold_test.go
  • 2f517bd Update klog.go
  • 36bc4ff textlogger: optionally turn off header
  • 5f1f303 Merge pull request #433 from pohly/textlogger-hook-result
  • c469d41 Merge pull request #431 from pohly/ktesting-vmodule-fix
  • 8509d6a ktesting: support multi-line result from AnyToStringHook
  • 08e6e8b Fix stderrthreshold not honored when logtostderr is set
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the go-mod group across 1 directory with 8 updates
8357264 
Bumps the go-mod group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/cschleiden/go-workflows](https://github.com/cschleiden/go-workflows) | `1.0.1` | `1.4.2` |
| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.27.0` | `10.30.3` |
| [github.com/puzpuzpuz/xsync/v4](https://github.com/puzpuzpuz/xsync) | `4.2.0` | `4.5.0` |
| [github.com/warpstreamlabs/bento](https://github.com/warpstreamlabs/bento) | `1.8.2` | `1.18.1` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.20.0` | `0.21.0` |



Updates `github.com/cschleiden/go-workflows` from 1.0.1 to 1.4.2
- [Release notes](https://github.com/cschleiden/go-workflows/releases)
- [Commits](cschleiden/go-workflows@v1.0.1...v1.4.2)

Updates `github.com/go-playground/validator/v10` from 10.27.0 to 10.30.3
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](go-playground/validator@v10.27.0...v10.30.3)

Updates `github.com/puzpuzpuz/xsync/v4` from 4.2.0 to 4.5.0
- [Release notes](https://github.com/puzpuzpuz/xsync/releases)
- [Commits](puzpuzpuz/xsync@v4.2.0...v4.5.0)

Updates `github.com/warpstreamlabs/bento` from 1.8.2 to 1.18.1
- [Release notes](https://github.com/warpstreamlabs/bento/releases)
- [Changelog](https://github.com/warpstreamlabs/bento/blob/main/CHANGELOG.md)
- [Commits](warpstreamlabs/bento@v1.8.2...v1.18.1)

Updates `golang.org/x/sync` from 0.20.0 to 0.21.0
- [Commits](golang/sync@v0.20.0...v0.21.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.81.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.81.1)

Updates `k8s.io/client-go` from 0.34.1 to 0.34.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.34.1...v0.34.2)

Updates `k8s.io/klog/v2` from 2.130.1 to 2.140.0
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](kubernetes/klog@v2.130.1...2.140.0)

---
updated-dependencies:
- dependency-name: github.com/cschleiden/go-workflows
  dependency-version: 1.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/go-playground/validator/v10
  dependency-version: 10.30.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/puzpuzpuz/xsync/v4
  dependency-version: 4.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/warpstreamlabs/bento
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: golang.org/x/sync
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: google.golang.org/grpc
  dependency-version: 1.81.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-mod
- dependency-name: k8s.io/klog/v2
  dependency-version: 2.140.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the area/dependencies Affects dependencies label Jun 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/dependencies Affects dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants