Skip to content
This repository has been archived by the owner on Jul 21, 2023. It is now read-only.

build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.12.1 in /key-rotator #1408

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 21, 2022

Bumps github.com/prometheus/client_golang from 1.11.0 to 1.12.1.

Release notes

Sourced from github.com/prometheus/client_golang's releases.

1.12.1 / 2022-01-29

  • [BUGFIX] Make the Go 1.17 collector concurrency-safe #969
    • Use simpler locking in the Go 1.17 collector #975
  • [BUGFIX] Reduce granularity of histogram buckets for Go 1.17 collector #974
  • [ENHANCEMENT] API client: make HTTP reads more efficient #976

Full Changelog: prometheus/client_golang@v1.12.0...v1.12.1

1.12.0 / 2022-01-19

  • [CHANGE] example/random: Move flags and metrics into main() #935
  • [FEATURE] API client: Support wal replay status api #944
  • [FEATURE] Use the runtime/metrics package for the Go collector for 1.17+ #955
  • [ENHANCEMENT] API client: Update /api/v1/status/tsdb to include headStats #925
  • [SECURITY FIX] promhttp: Check validity of method and code label values #962 (Addressed CVE-2022-21698)

What's Changed

New Contributors

Full Changelog: prometheus/client_golang@v1.11.0...v1.12.0

1.11.1 / 2022-02-15

What's Changed

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.12.1 / 2022-01-29

  • [BUGFIX] Make the Go 1.17 collector concurrency-safe #969
    • Use simpler locking in the Go 1.17 collector #975
  • [BUGFIX] Reduce granularity of histogram buckets for Go 1.17 collector #974
  • [ENHANCEMENT] API client: make HTTP reads more efficient #976

1.12.0 / 2022-01-19

  • [CHANGE] example/random: Move flags and metrics into main() #935
  • [FEATURE] API client: Support wal replay status api #944
  • [FEATURE] Use the runtime/metrics package for the Go collector for 1.17+ #955
  • [ENHANCEMENT] API client: Update /api/v1/status/tsdb to include headStats #925
  • [ENHANCEMENT] promhttp: Check validity of method and code label values #962
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @branlwyd.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested a review from a team as a code owner February 21, 2022 09:16
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 21, 2022
@dependabot dependabot bot force-pushed the dependabot/go_modules/key-rotator/github.com/prometheus/client_golang-1.12.1 branch 4 times, most recently from 660bfcc to a48cf48 Compare February 22, 2022 17:44
@divergentdave
Copy link
Contributor

Do we need to/should we do anything regarding this line in the release notes?

Use the runtime/metrics package for the Go collector for 1.17+

@codecov-commenter
Copy link

codecov-commenter commented Feb 22, 2022

Codecov Report

Merging #1408 (677bca1) into main (10759fb) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1408   +/-   ##
=======================================
  Coverage   58.22%   58.22%           
=======================================
  Files          37       37           
  Lines        7716     7716           
=======================================
  Hits         4493     4493           
  Misses       3109     3109           
  Partials      114      114           
Flag Coverage Δ
facilitator_tests 60.40% <ø> (ø)
key_rotator_tests 57.16% <ø> (ø)
workflow_manager_tests 38.30% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.


Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 10759fb...677bca1. Read the comment docs.

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.11.0 to 1.12.1.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.11.0...v1.12.1)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/key-rotator/github.com/prometheus/client_golang-1.12.1 branch from a48cf48 to 677bca1 Compare February 22, 2022 17:58
@branlwyd
Copy link
Contributor

Do we need to/should we do anything regarding this line in the release notes?

Use the runtime/metrics package for the Go collector for 1.17+

I think we're OK to accept this change. From prometheus/client_golang#955:

The old MemStats-based metrics need to continue working, so they're
exported under their old names backed by equivalent runtime/metrics
metrics.

That is, my reading is that the intent is that this change is backwards-compatible. (I suppose they might drop the "old" metric names in a major-version update, but we'll deal with that when we reach it.)

Copy link
Contributor

@branlwyd branlwyd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot squash and merge

@dependabot dependabot bot merged commit dfaa9f0 into main Feb 22, 2022
@dependabot dependabot bot deleted the dependabot/go_modules/key-rotator/github.com/prometheus/client_golang-1.12.1 branch February 22, 2022 18:20
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants