Bump github.com/google/trillian from 1.4.0 to 1.5.0

[dependabot]

Bumps github.com/google/trillian from 1.4.0 to 1.5.0.

Release notes

Sourced from github.com/google/trillian's releases.

v1.5.0

Storage

• Ephemeral nodes are no-longer written for any tree by default (and have not been read since the v1.4.0 release), the corresponding --tree_ids_with_no_ephemeral_nodes flag is now deprecated (and will be removed in a future release).

Cleanup

• Format code according to go1.19rc2 by @​mhutchinson in google/trillian#2785
• Delete merkle package, use github.com/transparency-dev/merkle instead.
• #2792: Fixed order-dependent unit test.

Misc

• Fix order-dependent test by @​hickford in google/trillian#2792

Dependency updates

• Updated golangci-lint to v1.47.3 (developers should update to this version) by @​mhutchinson in google/trillian#2791
• Bump google.golang.org/api from 0.87.0 to 0.88.0 by @​dependabot in google/trillian#2783
• Bump cloud.google.com/go/spanner from 1.35.0 to 1.36.0 by @​dependabot in google/trillian#2784
• Bump google.golang.org/api from 0.88.0 to 0.90.0 by @​dependabot in google/trillian#2789
• Bump golang.org/x/tools from 0.1.11 to 0.1.12 by @​dependabot in google/trillian#2790
• Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 by @​dependabot in google/trillian#2788
• Bump google.golang.org/api from 0.90.0 to 0.91.0 by @​dependabot in google/trillian#2796
• Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @​dependabot in google/trillian#2795
• Bump github.com/fullstorydev/grpcurl from 1.8.6 to 1.8.7 by @​dependabot in google/trillian#2794
• Bump google.golang.org/api from 0.91.0 to 0.92.0 by @​dependabot in google/trillian#2798

v1.4.2

Allow disabling the writes of ephemeral nodes to storage via the --tree_ids_with_no_ephemeral_nodes flag to the sequencer.

• Allow not storing ephemeral node hashes by @​pavelkalinnikov in google/trillian#2568
• Log skipped ephemeral nodes writes by @​pavelkalinnikov in google/trillian#2756

Developer updates

• google/trillian#2765 copies the required protos from googleapis into third_party in this repository. This simplifies the preconditions in order to compile the proto definitions, and removes a big dependency on $GOPATH/src which was archaic; $GOPATH/src/github.com/googleapis/googleapis is no longer required.

Minor fixes

• Fix flag initialization by @​pavelkalinnikov in google/trillian#2755
• Propagate Log Update Failures in AddSequencedLeaves by @​therealdrake in google/trillian#1544

Maintenance

• --cloudspanner_max_burst_sessions deprecated (it hasn't had any effect for a while, now it's more explicit) in by @​mhutchinson google/trillian#2748
• Documentation that the prefix should be terminated with a separator character by @​mhutchinson in google/trillian#2745
• Refresh CODEOWNERS by @​AlCutter in google/trillian#2746
• Updated README to better document required tools by @​mhutchinson in google/trillian#2764
• Add mhutchinson to CONTRIBUTORS by @​mhutchinson in google/trillian#2770
• Remove export GO111MODULE=auto in README.md by @​roger2hk in google/trillian#2773

Dependency updates

• Removed support for Bazel by @​mhutchinson in google/trillian#2743
• Copied in tls lib from ct-go and removed project dependency by @​mhutchinson in google/trillian#2744
• Bump google.golang.org/api from 0.77.0 to 0.78.0 by @​dependabot in google/trillian#2736
• Bump cloud.google.com/go/spanner from 1.31.0 to 1.32.0 by @​dependabot in google/trillian#2735

... (truncated)

Changelog

Sourced from github.com/google/trillian's changelog.

TRILLIAN Changelog

HEAD

v.1.5.0

Storage

• Ephemeral nodes are no-longer written for any tree by default (and have not been read since the v1.4.0 release), the corresponding --tree_ids_with_no_ephemeral_nodes flag is now deprecated (and will be removed in a future release).

Cleanup

• Format code according to go1.19rc2 by @​mhutchinson in google/trillian#2785
• Delete merkle package, use github.com/transparency-dev/merkle instead.

Misc

• Fix order-dependent test by @​hickford in google/trillian#2792

Dependency updates

• Updated golangci-lint to v1.47.3 (developers should update to this version) by @​mhutchinson in google/trillian#2791
• Bump google.golang.org/api from 0.87.0 to 0.88.0 by @​dependabot in google/trillian#2783
• Bump cloud.google.com/go/spanner from 1.35.0 to 1.36.0 by @​dependabot in google/trillian#2784
• Bump google.golang.org/api from 0.88.0 to 0.90.0 by @​dependabot in google/trillian#2789
• Bump golang.org/x/tools from 0.1.11 to 0.1.12 by @​dependabot in google/trillian#2790
• Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 by @​dependabot in google/trillian#2788
• Bump google.golang.org/api from 0.90.0 to 0.91.0 by @​dependabot in google/trillian#2796
• Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 by @​dependabot in google/trillian#2795
• Bump github.com/fullstorydev/grpcurl from 1.8.6 to 1.8.7 by @​dependabot in google/trillian#2794
• Bump google.golang.org/api from 0.91.0 to 0.92.0 by @​dependabot in google/trillian#2798

v1.4.2

• #2568: Allow disabling the writes of ephemeral nodes to storage via the --tree_ids_with_no_ephemeral_nodes flag to the sequencer.
• #2748: --cloudspanner_max_burst_sessions deprecated (it hasn't had any effect for a while, now it's more explicit)
• #2768: update go.mod to use 1.17 compatibility from 1.13.

Dependency updates

• Updated golangci-lint to v1.46.1 (developers should update to this version)
• Removed dependency on certificate-transparency-go

Developer updates

• #2765 copies the required protos from googleapis into third_party in this repository. This simplifies the preconditions in order to compile the proto definitions, and removes a big dependency on $GOPATH/src which was archaic; $GOPATH/src/github.com/googleapis/googleapis is no longer required.

v1.4.1

... (truncated)

Commits

• 32d4a9c Update CHANGELOG.md (#2799)
• d5c0e73 Bump google.golang.org/api from 0.91.0 to 0.92.0 (#2798)
• 3202101 Fix order-dependent test
• 6d8f0d9 Bump github.com/fullstorydev/grpcurl from 1.8.6 to 1.8.7 (#2794)
• d84c1ad Bump github.com/prometheus/client_golang from 1.12.2 to 1.13.0 (#2795)
• 15b2335 Bump google.golang.org/api from 0.90.0 to 0.91.0 (#2796)
• 0d938bb Remove the deprecated Merkle packages
• 7dbb485 Updated golangci-lint and removed stale nolint directive (#2791)
• c1a741b Bump google.golang.org/protobuf from 1.28.0 to 1.28.1 (#2788)
• 041195e Bump golang.org/x/tools from 0.1.11 to 0.1.12 (#2790)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #219.