Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the go-dependencies group across 1 directory with 3 updates #452

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 24, 2024

Bumps the go-dependencies group with 3 updates in the / directory: github.com/onsi/ginkgo/v2, github.com/open-policy-agent/opa and google.golang.org/protobuf.

Updates github.com/onsi/ginkgo/v2 from 2.22.0 to 2.22.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.22.1

2.22.1

Fixes

Fix CSV encoding

  • Update tests [aab3da6]
  • Properly encode CSV rows [c09df39]
  • Add test case for proper csv escaping [96a80fc]
  • Add meta-test [43dad69]

Maintenance

  • ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
  • remove golang.org/x/net/context in favour of stdlib context [4df44bf]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.22.1

Fixes

Fix CSV encoding

  • Update tests [aab3da6]
  • Properly encode CSV rows [c09df39]
  • Add test case for proper csv escaping [96a80fc]
  • Add meta-test [43dad69]

Maintenance

  • ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
  • remove golang.org/x/net/context in favour of stdlib context [4df44bf]
Commits
  • a0190b7 v2.22.1
  • 4df44bf remove golang.org/x/net/context in favour of stdlib context
  • c88c634 ensure *.test files are gitignored so we don't accidentally commit compiled t...
  • aab3da6 Update tests
  • c09df39 Properly encode CSV rows
  • 96a80fc Add test case for proper csv escaping
  • 43dad69 Add meta-test
  • See full diff in compare view

Updates github.com/open-policy-agent/opa from 0.70.0 to 1.0.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.0.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.22

We are excited to announce OPA 1.0, a milestone release consolidating an improved developer experience for the future of Policy as Code. The release makes new functionality designed to simplify policy writing and improve the language's consistency the default.

Changes to Rego in OPA 1.0

Below we highlight some key changes to the defaults in OPA 1.0:

  • Using if for all rule definitions and contains for multi-value rules is now mandatory, not just when using the rego.v1 import.
  • Other new keywords (every, in) are available without any imports.
  • Previously requirements that were only run in "strict mode" (like opa check --strict) are now the default. Duplicate imports and imports which shadow each other are no longer allowed.
  • OPA 1.0 comes with a range of backwards compatibility features to aid your migrations, please see the v0 compatibility guide if you must continue to support v0 Rego.

Read more about the OPA 1.0 announcement here on our blog.

Following are other changes that are included in OPA 1.0.

Improvements to memory allocations

PRs #7172, #7190, #7193, #7165, #7168, #7191 & #7222 together improve the memory performance of OPA. Key strategies include reusing pointers and optimizing array and object operations, minimizing intermediate object creation, and using sync.Pool to manage memory-heavy operations. These changes cumulatively greatly reduced the number of allocations and improved evaluation speed by 10-20%. Additional benchmarks highlighted significant memory and speed improvements in custom function evaluation.

Authored by @​anderseknert.

Wrap http.RoundTripper for SDK users

PR #7180 adds an EvalHTTPRoundTrip EvalOption and query-level WithHTTPRoundTrip option. Both use a new function type which converts an http.Transport configured by topdown to an http.RoundTripper. This supports use cases requiring the customization of the http.send built in behavior.

Authored by @​evankanderson.

Improvements to scientific notation parsing in units.parse

PR #7147 extends the behaviour of extractNumAndUnit to support scientific notation values. This means values such as 1e3KB can now be handled by this function.

Authored by @​berdanA.

Support customized buckets bundle_loading_duration_ns metric

PR #7156 extends OPA’s Prometheus configuration to allow the setting of user defined buckets for metrics. This aids when debugging the loading of slow bundles.

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.0.0

NOTES:

  • The minimum version of Go required to build the OPA module is 1.22

We are excited to announce OPA 1.0, a milestone release consolidating an improved developer experience for the future of Policy as Code. The release makes new functionality designed to simplify policy writing and improve the language's consistency the default.

Changes to Rego in OPA 1.0

Below we highlight some key changes to the defaults in OPA 1.0:

  • Using if for all rule definitions and contains for multi-value rules is now mandatory, not just when using the rego.v1 import.
  • Other new keywords (every, in) are available without any imports.
  • Previously requirements that were only run in "strict mode" (like opa check --strict) are now the default. Duplicate imports and imports which shadow each other are no longer allowed.
  • OPA 1.0 comes with a range of backwards compatibility features to aid your migrations, please see the v0 compatibility guide if you must continue to support v0 Rego.

Read more about the OPA 1.0 announcement on the OPA blog.

Following are other changes that are included in OPA 1.0.

Improvements to memory allocations

PRs #7172, #7190, #7193, #7165, #7168, #7191 & #7222 together improve the memory performance of OPA. Key strategies include reusing pointers and optimizing array and object operations, minimizing intermediate object creation, and using sync.Pool to manage memory-heavy operations. These changes cumulatively greatly reduced the number of allocations and improved evaluation speed by 10-20%. Additional benchmarks highlighted significant memory and speed improvements in custom function evaluation.

Authored by @​anderseknert.

Wrap http.RoundTripper for SDK users

PR #7180 adds an EvalHTTPRoundTrip EvalOption and query-level WithHTTPRoundTrip option. Both use a new function type which converts an http.Transport configured by topdown to an http.RoundTripper. This supports use cases requiring the customization of the http.send built in behavior.

Authored by @​evankanderson.

Improvements to scientific notation parsing in units.parse

PR #7147 extends the behaviour of extractNumAndUnit to support scientific notation values. This means values such as 1e3KB can now be handled by this function.

Authored by @​berdanA.

... (truncated)

Commits
  • 00cc7ae Prepare v1.0.0 release
  • 94118ac docs/website/scripts: Control eval behavior via the rego.v1 import rather tha...
  • bb10c56 docs/website/scripts: Eval pre-1.0 policies in v0 compatibility mode
  • c91c895 go.mod: require go 1.22.7
  • b8a1376 build(deps): bump the go-opentelemetry-io group with 6 updates (#7217)
  • a190ea3 Fixing optimized numbers.range builtin reversed range bug (#7230)
  • 9a7d920 Update docs and server binding addr per OPA v1.0 specs (#7140)
  • c5757a5 build(deps): bump google.golang.org/grpc from 1.69.0 to 1.69.2
  • c97b640 build(deps): bump golang.org/x/net from 0.32.0 to 0.33.0
  • 50b5ee5 Reduce allocations, chapter III (#7222)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.0 to 1.36.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-dependencies group with 3 updates in the / directory: [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo), [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) and google.golang.org/protobuf.


Updates `github.com/onsi/ginkgo/v2` from 2.22.0 to 2.22.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.22.0...v2.22.1)

Updates `github.com/open-policy-agent/opa` from 0.70.0 to 1.0.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v0.70.0...v1.0.0)

Updates `google.golang.org/protobuf` from 1.36.0 to 1.36.1

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/open-policy-agent/opa
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: go-dependencies
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 24, 2024
Signed-off-by: Sam Yuan <yy19902439@126.com>
@SamYuan1990
Copy link
Member

@dependabot ignore github.com/open-policy-agent/opa

Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 25, 2024

OK, I won't notify you about github.com/open-policy-agent/opa again, unless you unignore it.

@SamYuan1990
Copy link
Member

@dependabot recreate

Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 25, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 25, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-dependencies-98d0595021 branch December 25, 2024 06:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Development

Successfully merging this pull request may close these issues.

1 participant