Skip to content

chore: bump github.com/prometheus/common from 0.37.0 to 0.39.0 #5544

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 4, 2023
Merged

chore: bump github.com/prometheus/common from 0.37.0 to 0.39.0 #5544

merged 1 commit into from
Jan 4, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 3, 2023
edited
Loading

Bumps github.com/prometheus/common from 0.37.0 to 0.39.0.

Release notes

Sourced from github.com/prometheus/common's releases.

v0.39.0

  • [ENHANCEMENT] Add support for proxy connect headers. #409
  • [ENHANCEMENT] Add platform info to labels. #403

v0.37.1

v0.38.0

  • [FEATURE] Implement Stringer on TLSVersion (#405)
  • [FEATURE] Check if TLS certificate and key file have been modified (#345)
  • [ENHANCEMENT] Add the ability to specify the maximum acceptable TLS version (#414)
  • [ENHANCEMENT] Make LoadHTTPConfigFile set directory and move from tests file (#415)
  • [ENHANCEMENT] Get Revision from debug.BuildInfo if not explicitly set (#374)
Commits
  • 296ec92 Merge pull request #409 from prometheus/mem/proxy_header
  • 18281a2 Merge pull request #424 from prometheus/repo_sync
  • 4a0d730 Add support for proxy connect headers
  • 017dec0 Update common Prometheus files
  • befeabf Merge pull request #422 from prometheus/superq/add_mod_check
  • 1bc7f65 Add platform info to labels (#403)
  • 82accf3 Add go mod version test
  • 00e3fd7 Merge pull request #418 from roidelapluie/go119
  • 045094f Update deps and test with go 1.19
  • ddb642f Merge pull request #421 from prometheus/superq/update_sigv4
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/prometheus/common-0.39.0 branch from ef8c812 to fcb2294 Compare January 3, 2023 18:46
@ghuntley
Copy link
Contributor

ghuntley commented Jan 4, 2023

@dependabot recreate

@dependabot
chore: bump github.com/prometheus/common from 0.37.0 to 0.39.0
75193e8 
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.37.0 to 0.39.0.
- [Release notes](https://github.com/prometheus/common/releases)
- [Commits](prometheus/common@v0.37.0...v0.39.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/prometheus/common-0.39.0 branch from fcb2294 to 75193e8 Compare January 4, 2023 23:31
@ghuntley ghuntley enabled auto-merge (squash) January 4, 2023 23:32
ghuntley
ghuntley approved these changes Jan 4, 2023
View reviewed changes
Copy link
Contributor

@ghuntley ghuntley left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems 👍 from me if tests pass.

@ghuntley ghuntley added the security Area: security label Jan 4, 2023
@ghuntley
Copy link
Contributor

ghuntley commented Jan 4, 2023

Internal discusison. Our prom endpoints are internally accessible only thus unaffected by GHSA-xrjj-mj9h-534m.

@ghuntley ghuntley merged commit 2db9df4 into main Jan 4, 2023
@ghuntley ghuntley deleted the dependabot/go_modules/github.com/prometheus/common-0.39.0 branch January 4, 2023 23:42
@github-actions github-actions bot locked and limited conversation to collaborators Jan 4, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ghuntley ghuntley ghuntley approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
security Area: security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ghuntley