Skip to content

Bump the gomod group with 8 updates#96

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/gomod-edd44a1b07
Open

Bump the gomod group with 8 updates#96
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/gomod-edd44a1b07

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown

Bumps the gomod group with 8 updates:

Package From To
github.com/go-resty/resty/v2 2.11.0 2.17.2
github.com/prometheus/client_golang 1.18.0 1.23.2
github.com/prometheus/client_model 0.5.0 0.6.2
github.com/sirupsen/logrus 1.9.3 1.9.4
github.com/spf13/cobra 1.8.0 1.10.2
github.com/spf13/viper 1.18.2 1.21.0
golang.org/x/time 0.5.0 0.12.0
golang.org/x/sync 0.20.0 0.22.0

Updates github.com/go-resty/resty/v2 from 2.11.0 to 2.17.2

Release notes

Sourced from github.com/go-resty/resty/v2's releases.

v2.17.2

Release Notes

Backport

Release

Full Changelog: go-resty/resty@v2.17.1...v2.17.2

v2.17.1

Release Notes

Bug Fixes

Full Changelog: go-resty/resty@v2.17.0...v2.17.1

v2.17.0

Release Notes

Bug Fixes

Backport

Release Updates

New Contributors

Full Changelog: go-resty/resty@v2.16.5...v2.17.0

v2.16.5

Release Notes

Bug Fixes

Documentation

... (truncated)

Commits
  • b1b3aaa release: version bump to v2.17.2 and readme update (#1112)
  • fb4a091 backport: header deepcopy fix (#1110)
  • 52f3f39 Merge pull request #1079 from go-resty/fix-cnt-type-hdr-on-emptybody
  • 16e2701 release: v2.17.1 readme update
  • 203bf14 fix: content type request header on http.NoBody type #1074
  • 061e449 chore: version bump to v2.17.1
  • d4c3576 Merge pull request #1066 from go-resty/for-v2.17.0-release
  • 6452271 chore: update readme for release v2.17.0
  • 2eab959 ci: update go version 1.23.0
  • 795d6c2 chore: update go.mod package versions
  • Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.18.0 to 1.23.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.2 - 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

v1.23.0 - 2025-07-30

  • [CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812
  • [FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766
  • [FEATURE] Add exemplars for native histograms #1686
  • [ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823
  • [ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833
  • [BUGFIX] exp/api: client prompt return on context cancellation #1729

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.2 / 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

1.23.0 / 2025-07-30

  • [CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812
  • [FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766
  • [FEATURE] Add exemplars for native histograms #1686
  • [ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823
  • [ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833
  • [BUGFIX] exp/api: client prompt return on context cancellation #1729

1.22.0 / 2025-04-07

⚠️ This release contains potential breaking change if you use experimental zstd support introduce in #1496 ⚠️

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)
  • [FEATURE] prometheus: Add new CollectorFunc utility #1724
  • [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
  • [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
  • [CHANGE] ⚠️ promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

1.21.1 / 2025-03-04

  • [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
  • [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

1.21.0 / 2025-02-17

⚠️ This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang. ⚠️

... (truncated)

Commits

Updates github.com/prometheus/client_model from 0.5.0 to 0.6.2

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.6.2

What's Changed

Full Changelog: prometheus/client_model@v0.6.1...v0.6.2

v0.6.1

What's Changed

Full Changelog: prometheus/client_model@v0.6.0...v0.6.1

v0.6.0

What's Changed

New Contributors

... (truncated)

Commits
  • eb136e5 Merge pull request #119 from prometheus/superq/google.golang.org/protobuf
  • bf7f2ca Update golanci-lint to v2.
  • 7e9b56c Bump google.golang.org/protobuf from 1.36.5 to 1.36.6
  • ef699ce Merge pull request #116 from prometheus/repo_sync
  • bf8b12e Update common Prometheus files
  • 5b93968 Merge pull request #115 from prometheus/repo_sync
  • ae83ddc Update common Prometheus files
  • afe0b21 Merge pull request #114 from prometheus/repo_sync
  • 75e1daf Update common Prometheus files
  • 73608e2 Merge pull request #113 from prometheus/dependabot/go_modules/google.golang.o...
  • Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.9.4

Fixes:

  • Remove uses of deprecated ioutil package

Features:

  • Add GNU/Hurd support
  • Add WASI wasip1 support

Code quality:

  • Update minimum supported Go version to 1.17
  • Documentation updates
Commits
  • b61f268 Merge pull request #1472 from goldlinker/master
  • 15c29db refactor: replace the deprecated function in the ioutil package
  • cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
  • 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
  • d916819 Merge pull request #1427 from dolmen/fix-testify-usage
  • 135e482 README: small touch-ups
  • 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
  • 877ecec README: remove travis badge
  • 55cf256 Merge pull request #1393 from jsoref/grammar
  • 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
  • Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

  • chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

v1.10.1

🐛 Fix

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

  • If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
  • or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

... (truncated)

Commits

Updates github.com/spf13/viper from 1.18.2 to 1.21.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.21.0

What's Changed

Enhancements 🚀

Bug Fixes 🐛

Dependency Updates ⬆️

Other Changes

New Contributors

Full Changelog: spf13/viper@v1.20.0...v1.21.0

v1.20.1

What's Changed

Bug Fixes 🐛

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

... (truncated)

Commits
  • 394040c ci: build on go 1.25
  • 812f548 chore: update dependencies
  • d5271ef ci: update stale workflow
  • dff303b feat: add a stale issue scheduled action
  • 1287976 build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
  • 38932cd build(deps): bump github.com/go-viper/mapstructure/v2 in /remote
  • 6d014be build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1
  • b74c7ee build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
  • acd05e1 fix: linting issues
  • ae5a8e2 ci: upgrade golangci-lint
  • Additional commits viewable in compare view

Updates golang.org/x/time from 0.5.0 to 0.12.0

Commits
  • 1616a7f rate: skip time.Now call in Sometimes.Do unless necessary
  • 0c50ed8 all: upgrade go directive to at least 1.23.0 [generated]
  • 66520f6 rate: simplify function advance only returns new Tokens to caller
  • 2c6c5a2 rate: prevent overflows when calculating durationFromTokens
  • 1ce61fe rate: make function comment match function name
  • 3846194 README: don't recommend go get
  • 772484e x/time/rate: correctly handle 0 limits
  • 5d9ef58 LICENSE: update per Google Legal
  • See full diff in compare view

Updates golang.org/x/sync from 0.20.0 to 0.22.0

Commits
  • 1eb64d4 semaphore: panic on negative weights
  • 5071ed6 all: fix some comments to improve readability
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/go-resty/resty/v2](https://github.com/go-resty/resty) | `2.11.0` | `2.17.2` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.18.0` | `1.23.2` |
| [github.com/prometheus/client_model](https://github.com/prometheus/client_model) | `0.5.0` | `0.6.2` |
| [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.3` | `1.9.4` |
| [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.8.0` | `1.10.2` |
| [github.com/spf13/viper](https://github.com/spf13/viper) | `1.18.2` | `1.21.0` |
| [golang.org/x/time](https://github.com/golang/time) | `0.5.0` | `0.12.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.20.0` | `0.22.0` |


Updates `github.com/go-resty/resty/v2` from 2.11.0 to 2.17.2
- [Release notes](https://github.com/go-resty/resty/releases)
- [Commits](go-resty/resty@v2.11.0...v2.17.2)

Updates `github.com/prometheus/client_golang` from 1.18.0 to 1.23.2
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.18.0...v1.23.2)

Updates `github.com/prometheus/client_model` from 0.5.0 to 0.6.2
- [Release notes](https://github.com/prometheus/client_model/releases)
- [Commits](prometheus/client_model@v0.5.0...v0.6.2)

Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](sirupsen/logrus@v1.9.3...v1.9.4)

Updates `github.com/spf13/cobra` from 1.8.0 to 1.10.2
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.8.0...v1.10.2)

Updates `github.com/spf13/viper` from 1.18.2 to 1.21.0
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](spf13/viper@v1.18.2...v1.21.0)

Updates `golang.org/x/time` from 0.5.0 to 0.12.0
- [Commits](golang/time@v0.5.0...v0.12.0)

Updates `golang.org/x/sync` from 0.20.0 to 0.22.0
- [Commits](golang/sync@v0.20.0...v0.22.0)

---
updated-dependencies:
- dependency-name: github.com/go-resty/resty/v2
  dependency-version: 2.17.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.23.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/prometheus/client_model
  dependency-version: 0.6.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/spf13/viper
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/time
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/sync
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 9, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 9, 2026 12:08
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants