Bump the go_modules group across 2 directories with 10 updates

[dependabot]

Bumps the go_modules group with 4 updates in the / directory: golang.org/x/crypto, helm.sh/helm/v3, github.com/consensys/gnark-crypto and golang.org/x/net.
Bumps the go_modules group with 3 updates in the /examples/client/go directory: github.com/prometheus/client_golang, google.golang.org/grpc and google.golang.org/protobuf.

Updates golang.org/x/crypto from 0.24.0 to 0.26.0

Commits

• 5bcd010 go.mod: update golang.org/x dependencies
• 3375612 ssh: add support for unpadded RSA signatures
• bb80217 ssh: don't use dsa keys in integration tests
• 6879722 ssh: remove go 1.21+ dependency on slices
• e983fa2 sha3: Avo port of keccakf_amd64.s
• 80fd972 LICENSE: update per Google Legal
• f2bc3a6 x509roots/fallback/internal/goissue52287: delete
• d66d9c3 x509roots/fallback: update bundle
• 9fadb0b go.mod: update golang.org/x dependencies
• a6a393f all: bump go.mod version and drop compatibility shims
• Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.14.3 to 3.15.4

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.15.4 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.15.4. The common platform binaries are here:

• MacOS amd64 (checksum / 1bc3f354f7ce4d7fd9cfa5bcc701c1f32c88d27076d96c2792d5b5226062aee5)
• MacOS arm64 (checksum / 88115846a1fb58f8eb8f64fec5c343d95ca394f1be811602fa54a887c98730ac)
• Linux amd64 (checksum / 11400fecfc07fd6f034863e4e0c4c4445594673fd2a129e701fe41f31170cfa9)
• Linux arm (checksum / aa3fb3014d147e5dcf8bfe4f6d5fe8677029ed720d4a4bcc64e54cb745a72206)
• Linux arm64 (checksum / fa419ecb139442e8a594c242343fafb7a46af3af34041c4eac1efcc49d74e626)
• Linux i386 (checksum / d1457e19fa7b467aaa53433793c446582956905c66d4655655010cc9cef995d3)
• Linux ppc64le (checksum / e4efce93723f52dd858e9046ea836c9c75f346facce1b87b8cf78c817b97e6ac)
• Linux s390x (checksum / c6e0cdea598196895ac7b627ce972699ef9f06b0eba51dc4db7cc21b3369f24a)
• Linux riscv64 (checksum / 5d483ef8c61cf7efeac34278ad90c22a2a1978330723c0ea5f017ee48aee11c4)
• Windows amd64 (checksum / 023b96f02e812cda1a1d5c950cb321834a56f4a50ca90146ff447a81be0ae5b6)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.16.0 is the next feature release and will be on September 11, 2024.

Changelog

• Bump the k8s-io group across 1 directory with 7 updates fa9efb07d9d8debbb4306d72af76a383895aa8c4 (dependabot[bot])
• Bump github.com/docker/docker 36a21b18b93d8712f0948d9764f8cd29558b9cb1 (dependabot[bot])

Helm v3.15.3 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

... (truncated)

Commits

• fa9efb0 Bump the k8s-io group across 1 directory with 7 updates
• 36a21b1 Bump github.com/docker/docker
• 3bb50bb fix(helm): Use burst limit setting for discovery
• f440d3b fixed dependency_update_test.go
• f262d80 fix(dependencyBuild): prevent race condition in concurrent helm dependency
• 7413819 fix: respect proxy envvars on helm install/upgrade
• eb4cf60 Merge pull request #13085 from alex-kattathra-johnson/issue-12961
• 1a500d5 fix: wrong cli description
• 70b225c fix typo in load_plugins.go
• b3640f1 fix docs of DeployedAll
• Additional commits viewable in compare view

Updates github.com/consensys/gnark-crypto from 0.6.0 to 0.12.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.12.1

What's Changed

• fix: GLV exponentiation in GT with large exponents by @​ThomasPiellard in Consensys/gnark-crypto#451 Security Advisory
• feat: kzg extended transcript by @​ThomasPiellard in Consensys/gnark-crypto#452
• perf(fft): introduce cache efficient bit reverse shuffling by @​gbotrel in Consensys/gnark-crypto#446
• perf: Improve performance of point equality checks by @​jsign in Consensys/gnark-crypto#450

Full Changelog: Consensys/gnark-crypto@v0.12.0...v0.12.1

v0.12.0

What's Changed

• fix malleability sig by @​ThomasPiellard in Consensys/gnark-crypto#449 https://nvd.nist.gov/vuln/detail/CVE-2023-44273

• perf: multiexp, avoid direct coordinate access to check for zero points by @​jsign in Consensys/gnark-crypto#414

• perf: edwards, improve the performance of Add, MixedAdd and IsOnCurve by @​jsign in Consensys/gnark-crypto#441

• perf: edwards, avoid inversions in Add in extended points by @​jsign in Consensys/gnark-crypto#442

• ci: update ci workflows by @​gbotrel in Consensys/gnark-crypto#447

Full Changelog: Consensys/gnark-crypto@v0.11.2...v0.12.0

v0.11.2

What's Changed

• Fix some typos by @​jtraglia in Consensys/gnark-crypto#394
• Adding testing for deserialization of G1 and G2 points by @​asanso in Consensys/gnark-crypto#393
• Fix some implicit memory aliasing in for loops by @​jtraglia in Consensys/gnark-crypto#395
• Do not XOR with zero by @​jtraglia in Consensys/gnark-crypto#398
• Disable check shadowing in govet linter by @​jtraglia in Consensys/gnark-crypto#397
• Add a bunch of "nosec G404" comments in test code by @​jtraglia in Consensys/gnark-crypto#399
• Enable misspell linter & fix findings by @​jtraglia in Consensys/gnark-crypto#401
• Fix RSis.CopyWithFreshBuffer by @​AlexandreBelling in Consensys/gnark-crypto#402
• feat: Marshal [][]fr.Element by @​Tabaie in Consensys/gnark-crypto#400
• Run golangci-lint on generated files by @​jtraglia in Consensys/gnark-crypto#396
• docs: ConsenSys -> Consensys by @​Tabaie in Consensys/gnark-crypto#406
• msm: semaphore to limit CPUs + better split strategy (up to 25% perf boost on 96cores) by @​gbotrel in Consensys/gnark-crypto#403
• Feat/fold pedersen by @​Tabaie in Consensys/gnark-crypto#407
• fix: do not read empty slices as nil by @​Tabaie in Consensys/gnark-crypto#410
• fix: incorrect semaphore init could cause msm deadlock by @​gbotrel in Consensys/gnark-crypto#411
• edwards: optimize point negation by @​jsign in Consensys/gnark-crypto#413
• Feat/gkr custom gates by @​Tabaie in Consensys/gnark-crypto#419
• perf: fast path for SIS with logTwoBound: 8, logTwoDegree: 6 by @​gbotrel in Consensys/gnark-crypto#416
• feat: add WriteRawTo, UnsafeReadFrom to kzg.ProvingKey by @​gbotrel in Consensys/gnark-crypto#422
• Fix/gkr eq bug by @​Tabaie in Consensys/gnark-crypto#421
• feat: add AsyncReadFrom to fr.Vector and fft.Domain by @​gbotrel in Consensys/gnark-crypto#424
• fix: ECDSA HashToInt bytes-bits mismatch by @​ivokub in Consensys/gnark-crypto#428
• Small optimization over the memory usage of MiMC by @​AlexandreBelling in Consensys/gnark-crypto#435

... (truncated)

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.11.1] - 2023-07-11

Fix

• ECDSA HashToInt bytes-bits mismatch (#428)

[v0.11.0] - 2023-05-02

Build

• go generate
• generify bn254 changes
• generify bn254 kzg changes
• generify marshal changes
• generify bn254 kzg changes
• bump go1.20
• update ci github action dependencies

Chore

• PR feedback

Docs

• make comments more godoc friendly
• remove comment
• remove DO NOT EDIT from non-autogenerated files

Feat

• fix v computation in ECDSA signature (#385)
• make mapToCurve public to allow for custom cofactor clearing (#372)
• add Double in affine coordinates
• kzg.Vk.WriteRawTo
• bn254 encoder to support uint64 slices
• pairing: return 1 after easy part if result is 1

Fix

• handle all bitmask in point deserialization
• littleEndian -> bigEndian
• import utils
• don't ignore multiexp error
• minor errors
• generation mistake
• bn254 incorporate evals into kzg batch challenge
• kzg: nb of digests in BatchVerifyMultiPoints should be nonzeo
• linter: ineffassign in Fpk marshal

Perf

• kzg: remove G2 scalar mul in single verification

Refactor

• break pedersen key into proving (committing) and verifying

... (truncated)

Commits

• da0317f clean: remove useless snippet in mulWindowed (#453)
• 65cdb1d Feat/kzg extended transcript (#452)
• 95e674b perf(fft): introduce cache efficient bit reverse shuffling (#446)
• ec6be1a Merge pull request #451 from Consensys/fix/glv
• aef1eef fix: add GT ExpGLV fix to BLS24 + BW6
• feaf161 fix: merge and fix tests for expGLV
• ced3076 fix: use max(size(s1), size(s2)) for ExpGLV
• 4096ad9 feat: discared useless files
• ace5318 Merge pull request #450 from jsign/jsign-eq-improv
• dc4e2d4 feat: added test for [-s]G=-[s]G
• Additional commits viewable in compare view

Updates github.com/docker/docker from 24.0.7+incompatible to 25.0.6+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.6

25.0.6

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.6 milestone
• moby/moby, 25.0.6 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a fix for CVE-2024-41110 / GHSA-v23v-6jw2-98fq that impacted setups using authorization plugins (AuthZ) for access control.

Bug fixes and enhancements

• [25.0] remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47695
• [25.0 backport] Fix a nil dereference when getting image history for images having layers without the Created value set. moby/moby#47759
• [25.0 backport] apparmor: Allow confined runc to kill containers. moby/moby#47830
• [25.0 backport] Fix an issue where rapidly promoting a Swarm node after another node was demoted could cause the promoted node to fail its promotion. moby/moby#47869
• [25.0 backport] don't depend on containerd platform.Parse to return a typed error. moby/moby#47890
• [25.0 backport] builder/mobyexporter: Add missing nil check moby/moby#47987

Packaging updates

• Update AWS SDK Go v2 to v1.24.1 for AWS CloudWatch logging driver. moby/moby#47724
• Update Go runtime to 1.21.12, which contains security fixes for CVE-2024-24791 moby/moby#48146
• Update Containerd (static binaries only) to v1.7.20. moby/moby#48199

Full Changelog: moby/moby@v25.0.5...v25.0.6

v25.0.5

25.0.5

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.5 milestone
• moby/moby, 25.0.5 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

Bug fixes and enhancements

• CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589

• plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#47588

• rootless: fix open /etc/docker/plugins: permission denied. moby/moby#47587

• Fix multiple parallel docker build runs leaking disk space. moby/moby#47527

... (truncated)

Commits

• b08a51f Merge pull request #48231 from austinvazquez/backport-vendor-otel-v0.46.1-to-...
• d151b0f vendor: OTEL v0.46.1 / v1.21.0
• c6ba9a5 Merge pull request #48225 from austinvazquez/backport-workflow-artifact-reten...
• 4673a3c Merge pull request #48227 from austinvazquez/backport-backport-branch-check-t...
• 30f8908 github/ci: Check if backport is opened against the expected branch
• 7454d6a ci: update workflow artifacts retention
• 65cc597 Merge commit from fork
• b722836 Merge pull request #48199 from austinvazquez/update-containerd-binary-to-1.7.20
• e8ecb9c update containerd binary to v1.7.20
• e6cae1f update containerd binary to v1.7.19
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.26.0 to 0.28.0

Commits

• 4542a42 go.mod: update golang.org/x dependencies
• 765c7e8 xsrftoken: create no padding base64 string by RawURLEncoding
• 032e4e4 LICENSE: update per Google Legal
• e2310ae go.mod: update golang.org/x dependencies
• 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
• 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
• See full diff in compare view

Updates golang.org/x/sys from 0.22.0 to 0.23.0

Commits

• aa1c4c8 unix: provide Mount on openbsd
• cde4660 unix: add linux mseal system call
• 31ef9e7 unix: update to Linux kernel 6.10
• d03a807 unix: update glibc to 2.40
• beb5949 windows: correctly generate GetAce syscall
• 7bb0bf7 cpu: add Int8 matrix multiplication instructions CPU feature flag for ARM64
• bce4cf7 windows: add GetKeyboardLayout & ToUnicodeEx
• 0eac9b5 windows: add flags for GetAdaptersAddresses
• 0c18c88 cpu: add DIT option and hwcap DIT support
• dce4e64 LICENSE: update per Google Legal
• Additional commits viewable in compare view

Updates golang.org/x/text from 0.16.0 to 0.17.0

Commits

• b2bec85 go.mod: update golang.org/x dependencies
• ae0cf96 LICENSE: update per Google Legal
• See full diff in compare view

Updates github.com/prometheus/client_golang from 1.1.0 to 1.11.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

1.11.1 / 2022-02-15

• [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed CVE-2022-21698)

What's Changed

• promhttp: Check validity of method and code label values by @​bwplotka and @​kakkoyun in prometheus/client_golang#987

Full Changelog: prometheus/client_golang@v1.11.0...v1.11.1

v1.11.0 / 2021-06-07

• [CHANGE] Add new collectors package. #862
• [CHANGE] prometheus.NewExpvarCollector is deprecated, use collectors.NewExpvarCollector instead. #862
• [CHANGE] prometheus.NewGoCollector is deprecated, use collectors.NewGoCollector instead. #862
• [CHANGE] prometheus.NewBuildInfoCollector is deprecated, use collectors.NewBuildInfoCollector instead. #862
• [FEATURE] Add new collector for database/sql#DBStats. #866
• [FEATURE] API client: Add exemplars API support. #861
• [ENHANCEMENT] API client: Add newer fields to Rules API. #855
• [ENHANCEMENT] API client: Add missing fields to Targets API. #856

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#846
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#849
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#853
• Add newer fields to Rules API by @​gouthamve in prometheus/client_golang#855
• Add missing fields to targets API by @​yeya24 in prometheus/client_golang#856
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#857
• Add exemplars API support by @​yeya24 in prometheus/client_golang#861
• Improve description of MaxAge in summary docs by @​Dean-Coakley in prometheus/client_golang#864
• Add new collectors package by @​johejo in prometheus/client_golang#862
• Add collector for database/sql#DBStats by @​johejo in prometheus/client_golang#866
• Make dbStatsCollector more DRY by @​beorn7 in prometheus/client_golang#867
• Change maintainers from @​beorn7 to @bwplotka/@​kakkoyun by @​beorn7 in prometheus/client_golang#873
• Document implications of negative observations by @​beorn7 in prometheus/client_golang#871
• Update Go modules by @​SuperQ in prometheus/client_golang#875

New Contributors

• @​gouthamve made their first contribution in prometheus/client_golang#855

Full Changelog: prometheus/client_golang@v1.10.0...v1.11.0

1.10.0 / 2021-03-18

• [CHANGE] Minimum required Go version is now 1.13.
• [CHANGE] API client: Add matchers to LabelNames and LabesValues. #828
• [FEATURE] API client: Add buildinfo call. #841
• [BUGFIX] Fix build on riscv64. #833

What's Changed

• Add SECURITY.md by @​roidelapluie in prometheus/client_golang#831
• Bump prometheus/procfs to 0.3.0 to fix building on riscv64 by @​zhsj in prometheus/client_golang#833
• Fix typo in comments in prometheus/client_golang#835

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

1.20.2 / 2024-08-23

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

1.20.0 / 2024-08-14

• [CHANGE] ⚠️ go-collector: Remove go_memstat_lookups_total metric which was always 0; Go runtime stopped sharing pointer lookup statistics. #1577
• [FEATURE] ⚠️ go-collector: Add 3 default metrics: go_gc_gogc_percent, go_gc_gomemlimit_bytes and go_sched_gomaxprocs_threads as those are recommended by the Go team. #1559
• [FEATURE] go-collector: Add more information to all metrics' HELP e.g. the exact runtime/metrics sourcing each metric (if relevant). #1568 #1578
• [FEATURE] testutil: Add CollectAndFormat method. #1503
• [FEATURE] histograms: Add support for exemplars in native histograms. #1471
• [FEATURE] promhttp: Add experimental support for zstd on scrape, controlled by the request Accept-Encoding header. #1496
• [FEATURE] api/v1: Add WithLimit parameter to all API methods that supports it. #1544
• [FEATURE] prometheus: Add support for created timestamps in constant histograms and constant summaries. #1537
• [FEATURE] process-collector: Add network usage metrics: process_network_receive_bytes_total and process_network_transmit_bytes_total. #1555
• [FEATURE] promlint: Add duplicated metric lint rule. #1472
• [BUGFIX] promlint: Relax metric type in name linter rule. #1455
• [BUGFIX] promhttp: Make sure server instrumentation wrapping supports new and future extra responseWriter methods. #1480
• [BUGFIX] testutil: Functions using compareMetricFamilies are now failing if filtered metricNames are not in the input. #1424

1.19.0 / 2024-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

• [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
• [FEATURE] collectors: Add version collector. #1422 #1427

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

1.17.0 / 2023-09-27

• [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
• [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
• [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

1.16.0 / 2023-06-15

• [BUGFIX] api: Switch to POST for LabelNames, Series, and QueryExemplars. #1252

... (truncated)

Commits

• 989baa3 promhttp: Check validity of method and code label values (#962) (#987)
• 8184d76 Cut v1.11.0 (#877)
• 2539062 Merge pull request #875 from prometheus/superq/update_mods
• 68cd1e9 Update Go modules
• f22935d Merge pull request #871 from prometheus/beorn7/doc
• 11aba26 Change maintainers from @​beorn7 to @bwplotka/@​kakkoyun (#873)
• f34145a Document implications of negative observations
• a7515ca Merge pull request #867 from prometheus/beorn7/collectors
• 81a9556 Make dbStatsCollector more DRY
• a66da1d Add collector for database/sql#DBStats (#866)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.0.0-20200221231518-2aa609cf4a9d to 0.0.0-20200622213623-75b288015ac9

Commits

• 5bcd010 go.mod: update golang.org/x dependencies
• 3375612 ssh: add support for unpadded RSA signatures
• bb80217 ssh: don't use dsa keys in integration tests
• 6879722 ssh: remove go 1.21+ dependency on slices
• e983fa2 sha3: Avo port of keccakf_amd64.s
• 80fd972 LICENSE: update per Google Legal
• f2bc3a6 x509roots/fallback/internal/goissue52287: delete
• d66d9c3 x509roots/fallback: update bundle
• 9fadb0b go.mod: update golang.org/x dependencies
• a6a393f all: bump go.mod version and drop compatibility shims
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.29.1 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

• client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

• client: support channel idleness using WithIdleTimeout dial option (#6263)
  • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
• client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
• xds: Add support for Custom LB Policies (gRFC A52) (#6224)
• xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
• client: add support for pickfirst address shuffling (gRFC A62) (#6311)
• xds: Add support for String Matcher Header Matcher in RDS (#6313)
• xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • Special Thanks: @​s-matyukevich
• xds: enable RLS in xDS by default (#6343)
• orca: add support for application_utilization field and missing range checks on several metrics setters
• balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
• authz: add conversion of json to RBAC Audit Logging config (#6192)
• authz: add support for stdout logger (#6230 and #6298)
• authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

• orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
• xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
• xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

• orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

• xds: enable federation support by default (#6151)
• status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits

• 1055b48 Update version.go to 1.56.3 (#6713)
• 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
• bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
• faab873 Update version.go to v1.56.2 (#6432)
• 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
• ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
• cd6a794 Update version.go to v1.56.2-dev (#6387)
• 5b67e5e Update version.go to v1.56.1 (#6386)
• d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
• 997c1ea Change version to 1.56.1-dev (#6345)
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.0.0-20190613194153-d28f0bde5980 to 0.9.0

Commits

• 4542a42 go.mod: update golang.org/x dependencies
• 765c7e8 xsrftoken: create no padding base64 string by RawURLEncoding
• 032e4e4 LICENSE: update per Google Legal
• e2310ae go.mod: update golang.org/x dependencies
• 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
• 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
• See full diff in compare view

Updates golang.org/x/sys from 0.0.0-20190801041406-cbf593c0f2f3 to 0.7.0

Commits

• aa1c4c8 unix: provide Mount on openbsd
• cde4660 unix: add linux mseal system call
• 31ef9e7 unix: update to Linux kernel 6.10
• d03a807 unix: update glibc to 2.40
• beb5949 windows: correctly generate GetAce syscall
• 7bb0bf7 cpu: add Int8 matrix multiplication instructions CPU feature flag for ARM64
• bce4cf7 windows: add GetKeyboardLayout & ToUnicodeEx
• 0eac9b5 windows: add flags for GetAdaptersAddresses
• 0c18c88 cpu: add DIT option and hwcap DIT support
• dce4e64 LICENSE: update per Google Legal
• Additional commits viewable in compare view

Updates golang.org/x/text from 0.3.2 to 0.9.0

Commits

• b2bec85 go.mod: update golang.org/x dependencies
• ae0cf96 LICENSE: update per Google Legal
• See full diff in compare view

Updates google.golang.org/protobuf from 1.30.0 to 1.33.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
  ...

Description has been truncated