deps: bump the all-go-minor-and-patch group with 18 updates by dependabot[bot] · Pull Request #4262 · Azure/azure-container-networking

dependabot · 2026-03-09T22:49:45Z

Bumps the all-go-minor-and-patch group with 18 updates:

Package	From	To
github.com/Azure/azure-sdk-for-go/sdk/azcore	`1.19.0`	`1.21.0`
github.com/Azure/azure-sdk-for-go/sdk/azidentity	`1.11.0`	`1.13.1`
github.com/Microsoft/hcsshim	`0.12.0`	`0.13.0`
github.com/avast/retry-go/v4	`4.6.1`	`4.7.0`
github.com/hashicorp/go-version	`1.7.0`	`1.8.0`
github.com/prometheus/client_golang	`1.23.0`	`1.23.2`
github.com/spf13/cobra	`1.10.1`	`1.10.2`
go.uber.org/zap	`1.27.0`	`1.27.1`
golang.org/x/sys	`0.35.0`	`0.40.0`
google.golang.org/grpc	`1.75.0`	`1.79.2`
google.golang.org/protobuf	`1.36.8`	`1.36.10`
k8s.io/klog/v2	`2.130.1`	`2.140.0`
github.com/labstack/echo/v4	`4.13.4`	`4.15.1`
github.com/prometheus/common	`0.65.0`	`0.66.1`
github.com/sirupsen/logrus	`1.9.3`	`1.9.4`
golang.org/x/crypto	`0.41.0`	`0.47.0`
golang.org/x/time	`0.12.0`	`0.14.0`
golang.org/x/sync	`0.16.0`	`0.19.0`

Updates github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.19.0 to 1.21.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.21.0

1.21.0 (2026-01-12)

Features Added

Added runtime/datetime package which provides specialized time type wrappers for serializing and deserializing time values in various formats used by Azure services.

Other Changes

Aligned cloud.AzureGovernment and cloud.AzureChina audience values with Azure CLI

sdk/azcore/v1.20.0

1.20.0 (2025-11-06)

Features Added

Added runtime.FetcherForNextLinkOptions.HTTPVerb to specify the HTTP verb when fetching the next page via next link. Defaults to http.MethodGet.

Bugs Fixed

Fixed potential panic when decoding base64 strings.

Fixed an issue in resource identifier parsing which prevented it from returning an error for malformed resource IDs.

Commits

f6309d4 Prep azcore@v1.21.0 for release (#25864)
d0a9819 Update SDK generation as completed when SDK pull request is linked to release...
aba8672 Configurations: 'specification/resourceconnector/resource-manager/Microsoft....
481e4ab Add some missing methods to the types in datetime (#25826)
35d6071 Skip unsafeptr check for storage SDKs (#25856)
5d68f66 add code (#25837)
944cd8d add code (#25836)
1191825 [Regeneration]sdk/resourcemanager/quota/armquota (#25835)
e1a9bfd add code (#25838)
1de7ac7 [Automation] Regenerate SDK based on typespec-go branch main (#25729)
Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.11.0 to 1.13.1

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.

sdk/azidentity/v1.13.1

1.13.1 (2025-11-10)

Bugs Fixed

AzureCLICredential quoted arguments incorrectly on Windows

Commits

6bb9b03 azidentity v1.13.1 (#25574)
e18dbd7 Increment package version after release of azidentity (#25367)
4f0facc Prepare azidentity v1.13.0 for release (#25352)
2d8c98b Selecting ManagedIdentityCredential disables DefaultAzureCredential's IMDS pr...
67dd4fc Increment package version after release of azidentity (#25263)
1a74bc8 Prepare azidentity v1.12.0 for release (#25231)
839a355 Test IMDS managed identity with a remote VM (#25237)
c352be3 Sync eng/common directory with azure-sdk-tools for PR 11931 (#25243)
c994eca gofmt (#25234)
9c95d95 [Release] sdk/resourcemanager/computefleet/armcomputefleet/2.0.0-beta.1 gener...
Additional commits viewable in compare view

Updates github.com/Microsoft/hcsshim from 0.12.0 to 0.13.0

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.13.0

What's Changed

Enable Windows UVM functional tests by @jiechen0826 in microsoft/hcsshim#2338

Add support for HCN v2 endpoint and add unit tests by @katiewasnothere in microsoft/hcsshim#2343

Skip HVSock_* flaky tests until they are fixed by @jiechen0826 in microsoft/hcsshim#2365

Fix duplicate artifact name in github CI by @jiechen0826 in microsoft/hcsshim#2366

Fix TestLCOW_IPv6_Assignment functional test by @katiewasnothere in microsoft/hcsshim#2359

Enabled Linux UVM tests to run on 1ES github runner pool by @jiechen0826 in microsoft/hcsshim#2357

Revert "Enabled Linux UVM tests to run on 1ES github runner pool" by @jiechen0826 in microsoft/hcsshim#2378

github-actions: update lint action by @anmaxvl in microsoft/hcsshim#2379

fix golangci-lint config by @anmaxvl in microsoft/hcsshim#2387

HvSocket support for containers by @anmaxvl in microsoft/hcsshim#2353

feature: cross-container named pipes by @anmaxvl in microsoft/hcsshim#2358

tooling: allow pause container to be run in privileged mode by @anmaxvl in microsoft/hcsshim#2406

Initial support for creating confidential windows UtilityVMs by @ambarve in microsoft/hcsshim#2388

Deps/crypto vulnFix golang.org/x/crypto vulnerability by @helsaawy in microsoft/hcsshim#2416

rego policy enforcer should use the same user parsing logic as GCS by @anmaxvl in microsoft/hcsshim#2405

New Contributors

@jiechen0826 made their first contribution in microsoft/hcsshim#2338

Full Changelog: microsoft/hcsshim@v0.13.0-rc.3...v0.13.0

v0.13.0-rc.3

What's Changed

Update go version + Switch to using containerd/errdefs/pkg/errgrpc for grpc translation by @kiashok in microsoft/hcsshim#2300

add longPathAware to shim manifest by @anmaxvl in microsoft/hcsshim#2303

Fix issue with mask length of gateway addresses by @katiewasnothere in microsoft/hcsshim#2305

remove dmverity-vhd code and release pipeline by @anmaxvl in microsoft/hcsshim#2318

Add build version block for pod CPU limits updating by @katiewasnothere in microsoft/hcsshim#2321

Fix go.mod to have the correct Go version by @kevpar in microsoft/hcsshim#2326

Fix path in security policyenginesimulator sample by @MahatiC in microsoft/hcsshim#2329

octtrpc: Fix span status defer, add tests by @kevpar in microsoft/hcsshim#2330

Support for Block CIMs by @ambarve in microsoft/hcsshim#2261

osversion: Add new versions, fix compat bug, improve tests by @kevpar in microsoft/hcsshim#2327

Use abs path to testing binary by @helsaawy in microsoft/hcsshim#2344

Omnibus dependabot update by @helsaawy in microsoft/hcsshim#2347

Full Changelog: microsoft/hcsshim@v0.13.0-rc.2...v0.13.0-rc.3

v0.12.9

What's Changed

[release/0.12] Update go to 1.22 + switch to using containerd/errdefs/pkg/errgrpc for grpc translation by @kiashok in microsoft/hcsshim#2301

Full Changelog: microsoft/hcsshim@v0.12.8...v0.12.9

v0.12.8

What's Changed

... (truncated)

Commits

7084bd2 rego policy enforcer should use the same user parsing logic as GCS (#2405)
a5c5b4c Deps/crypto vulnFix golang.org/x/crypto vulnerability (#2416)
a00144a Add support for running confidential WCOW UVMs
5def1d7 Allow different types of boot configurations for WCOW UVM
b4e0744 Merge pull request #2406 from anmaxvl/privileged-pause
e5f8fd8 tooling: allow pause container to be run in privileged mode
d7e3842 feature: cross-container named pipes (#2358)
62ddb12 HvSocket support for containers (#2353)
fa9d402 ci: fix golangci-lint config (#2387)
a3c0edf github-actions: update lint action (#2379)
Additional commits viewable in compare view

Updates github.com/avast/retry-go/v4 from 4.6.1 to 4.7.0

Release notes

Sourced from github.com/avast/retry-go/v4's releases.

v4.7.0

What's Changed

support context cancel cause by @NivKeidan in avast/retry-go#117

Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in avast/retry-go#136

Add FullJitterBackoffDelay by @amirrezafahimi in avast/retry-go#128

No delay after final retry on max attempts by @StounhandJ in avast/retry-go#129

BackOffDelay multiplies attempts from zero by @StounhandJ in avast/retry-go#130

add Go version 1.25 to test matrix for expanded compatibility testing by @JaSei in avast/retry-go#142

New Contributors

@NivKeidan made their first contribution in avast/retry-go#117

@amirrezafahimi made their first contribution in avast/retry-go#128

@StounhandJ made their first contribution in avast/retry-go#129

Full Changelog: avast/retry-go@4.6.1...v4.7.0

Commits

375037b bump version
306fcee Merge pull request #142 from avast/go_1_25_test_environment
0bdef9c ci(workflow): add Go version 1.25 to test matrix for expanded compatibility t...
66013da Merge pull request #130 from StounhandJ/back_off_delay
9e5d0d6 Merge pull request #129 from StounhandJ/master
5068e50 Merge pull request #128 from amirrezafahimi/master
22920c3 Merge pull request #136 from avast/dependabot/go_modules/github.com/stretchr/...
459fade Bump github.com/stretchr/testify from 1.10.0 to 1.11.1
6c62c20 BackOffDelay multiplies attempts from zero
e330bce no delay after final retry on max attempts
Additional commits viewable in compare view

Updates github.com/hashicorp/go-version from 1.7.0 to 1.8.0

Release notes

Sourced from github.com/hashicorp/go-version's releases.

v1.8.0

What's Changed

Add CODEOWNERS file in .github/CODEOWNERS by @mukeshjc in hashicorp/go-version#145

Linting by @KaushikiAnand in hashicorp/go-version#151

Correct typos in comments by @alexandear in hashicorp/go-version#134

Migrate GitHub Actions updates from TSCCR to Dependabot by @nodyhub in hashicorp/go-version#155

Bump the github-actions-backward-compatible group with 2 updates by @dependabot[bot] in hashicorp/go-version#157

Update doc reference in README by @alexandear in hashicorp/go-version#135

Bump the github-actions-breaking group with 3 updates by @dependabot[bot] in hashicorp/go-version#156

[Compliance] - PR Template Changes Required by @compliance-pr-automation-bot[bot] in hashicorp/go-version#158

Add benchmark test for version.String() by @Manikkumar1988 in hashicorp/go-version#159

Bytes implementation by @Manikkumar1988 in hashicorp/go-version#161

Bump actions/cache from 4.2.3 to 4.2.4 in the github-actions-backward-compatible group by @dependabot[bot] in hashicorp/go-version#167

Bump actions/checkout from 4.2.2 to 5.0.0 in the github-actions-breaking group by @dependabot[bot] in hashicorp/go-version#166

Bump the github-actions-breaking group across 1 directory with 2 updates by @dependabot[bot] in hashicorp/go-version#171

[IND-4226] [COMPLIANCE] Update Copyright Headers by @oss-core-libraries-dashboard[bot] in hashicorp/go-version#172

drop init() by @florianl in hashicorp/go-version#175

New Contributors

@mukeshjc made their first contribution in hashicorp/go-version#145

@KaushikiAnand made their first contribution in hashicorp/go-version#151

@alexandear made their first contribution in hashicorp/go-version#134

@nodyhub made their first contribution in hashicorp/go-version#155

@compliance-pr-automation-bot[bot] made their first contribution in hashicorp/go-version#158

@Manikkumar1988 made their first contribution in hashicorp/go-version#159

@oss-core-libraries-dashboard[bot] made their first contribution in hashicorp/go-version#172

@florianl made their first contribution in hashicorp/go-version#175

Full Changelog: hashicorp/go-version@v1.7.0...v1.8.0

Changelog

Sourced from github.com/hashicorp/go-version's changelog.

1.8.0 (Nov 28, 2025)

ENHANCEMENTS:

Add benchmark test for version.String() in hashicorp/go-version#159

Bytes implementation in hashicorp/go-version#161

INTERNAL:

Add CODEOWNERS file in .github/CODEOWNERS in hashicorp/go-version#145

Linting in hashicorp/go-version#151

Correct typos in comments in hashicorp/go-version#134

Migrate GitHub Actions updates from TSCCR to Dependabot in hashicorp/go-version#155

Bump the github-actions-backward-compatible group with 2 updates in hashicorp/go-version#157

Update doc reference in README in hashicorp/go-version#135

Bump the github-actions-breaking group with 3 updates in hashicorp/go-version#156

[Compliance] - PR Template Changes Required in hashicorp/go-version#158

Bump actions/cache from 4.2.3 to 4.2.4 in the github-actions-backward-compatible group in hashicorp/go-version#167

Bump actions/checkout from 4.2.2 to 5.0.0 in the github-actions-breaking group in hashicorp/go-version#166

Bump the github-actions-breaking group across 1 directory with 2 updates in hashicorp/go-version#171

[IND-4226] [COMPLIANCE] Update Copyright Headers in hashicorp/go-version#172

drop init() in hashicorp/go-version#175

Commits

505335e Merge pull request #175 from florianl/drop-init
6dd734b drop init()
0824a89 Merge pull request #172 from hashicorp/compliance/update-headers
9325934 [COMPLIANCE] Update Copyright and License Headers
5b82b98 Bump the github-actions-breaking group across 1 directory with 2 updates (#171)
6c6cd77 Bump actions/checkout from 4.2.2 to 5.0.0 in the github-actions-breaking grou...
0e50733 Bump actions/cache from 4.2.3 to 4.2.4 in the github-actions-backward-compati...
4e24ef1 Bytes implementation (#161)
437649a Add benchmark test for version.String() (#159)
b6c4db5 Merge pull request #158 from hashicorp/compliance-template
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.23.0 to 1.23.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.2 - 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

[release-1.23] Upgrade to prometheus/common@v0.66.1 by @aknuds1 in prometheus/client_golang#1869

[release-1.23] Cut v1.23.2 by @aknuds1 in prometheus/client_golang#1870

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

[release-1.23] Upgrade to prometheus/common v0.66 by @aknuds1 in prometheus/client_golang#1866

[release-1.23] Cut v1.23.1 by @aknuds1 in prometheus/client_golang#1867

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.2 / 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Commits

8179a56 Cut v1.23.2 (#1870)
4142b59 Merge pull request #1869 from prometheus/arve/upgrade-common
4ff40f0 Cut v1.23.1 (#1867)
989b029 Upgrade to prometheus/common v0.66 (#1866)
See full diff in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

Fix linter and allow CI to pass by @marckhouzam in spf13/cobra#2327

fix: actions/setup-go v6 by @jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

Add documentation for repeated flags functionality by @rvergis in spf13/cobra#2316

🍂 Refactors

refactor: replace several vars with consts by @htoyoda18 in spf13/cobra#2328

refactor: change minUsagePadding from var to const by @ssam18 in spf13/cobra#2325

🤗 New Contributors

@rvergis made their first contribution in spf13/cobra#2316

@htoyoda18 made their first contribution in spf13/cobra#2328

@ssam18 made their first contribution in spf13/cobra#2325

@dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
346d408 fix: actions/setup-go v6 (#2337)
fc81d20 refactor: change minUsagePadding from var to const (#2325)
117698a refactor: replace several vars with consts (#2328)
e2dd29d Add documentation for repeated flags functionality (#2316)
0629892 Fix linter (#2327)
See full diff in compare view

Updates go.uber.org/zap from 1.27.0 to 1.27.1

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.1

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.1 (19 Nov 2025)

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Commits

7b755a3 release 1.27.1 (#1521)
d6b395b Update lazy logger not to materialize unless it's being written to (#1519)
4b9cea0 ci: Test with Go 1.24, Go 1.25 (#1508)
7c80d7b Fix race condition in WithLazy implementation (#1426) (#1511)
07077a6 Prevent zap.Object from panicing on nils (#1501)
a6afd05 Fix lint check name (#1502)
6d48253 chore: fix typo (#1482)
32f2ec1 Fix the field test for bool type (#1480)
fe16eb5 Upgrade grpc in zapgrc test package & bump go version (#1478)
5f00c34 test(AtomicLevel): demonstrate Handler is not vulnerable to XSS (#1477)
Additional commits viewable in compare view

Updates golang.org/x/sys from 0.35.0 to 0.40.0

Commits

2f44229 sys/cpu: add symbolic constants for remaining cpuid bits
e5770d2 sys/cpu: use symbolic names for masks
714a44c sys/cpu: modify x86 port to match what internal/cpu does
08e5482 unix: fix out of bounds memory access in tests
4f4f1c6 Revert "cpu: add HPDS, LOR, PAN detection for arm64"
ca63116 unix: add IOCTL_MEI_* constants
a4199c0 unix: fix definition of Statvfs_t for netbsd-arm.
15129aa cpu: also use MRS instruction in getmmfr1
ed38ca2 unix: add SizeofNhmsg and SizeofNexthopGrp
3675c4c cpu: use MRS instruction to read arm64 system registers
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.75.0 to 1.79.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.2

Bug Fixes

stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Release 1.79.1

Bug Fixes

grpc: Remove the -dev suffix from the User-Agent header. (grpc/grpc-go#8902)

Release 1.79.0

API Changes

mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#8806)

Special Thanks: @vanja-p

experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#8780)

Behavior Changes

balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#8841)

New Features

experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#8780)

pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.

This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#8864)

xds: Implement :authority rewriting, as specified in gRFC A81. (#8779)

balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#8650)

Special Thanks: @marek-szews

Bug Fixes

credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#8726)

Special Thanks: @Atul1710

xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#8813)

health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#8765)

Special Thanks: @sanki92

transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#8769)

Special Thanks: @joybestourous

server: Propagate status detail headers, if available, when terminating a stream during request header processing. (#8754)

Special Thanks: @joybestourous

Performance Improvements

credentials/alts: Optimize read buffer alignment to reduce copies. (#8791)

mem: Optimize pooling and creation of buffer objects. (#8784)

transport: Reduce slice re-allocations by reserving slice capacity. (#8797)

Release 1.78.0

Behavior Changes

client: Align URL validation with Go 1.26+ to now reject target URLs with unbracketed colons in the hostname. (#8716)

... (truncated)

Commits

8902ab6 Change the version to release 1.79.2 (#8947)
a928670 Cherry-pick #8874 to v1.79.x (#8904)
06df363 Change version to 1.79.2-dev (#8903)
782f2de Change version to 1.79.1 (#8902)
850eccb Change version to 1.79.1-dev (#8851)
765ff05 Change version to 1.79.0 (#8850)
68804be Cherry pick #8864 to v1.79.x (#8896)
0381eb6 xds: Support :authority header rewriting for LOGICAL_DNS clusters (#8822)
90f571d xds: remove references to ResolverState.Addresses (#8841)
679565f xds: remove HashKey field from xdsresource.Endpoint struct (#8844)
Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.8 to 1.36.10

Updates k8s.io/klog/v2 from 2.130.1 to 2.140.0

Release notes

Sourced from k8s.io/klog/v2's releases.

Prepare klog release for Kubernetes v1.36

What's Changed

Add dependabot by @lucacome in kubernetes/klog#410

Use strconv.AppendQuote instead of strconv.Quote for message formatting by @astef in kubernetes/klog#413

de-duplication of key/value pairs by @pohly in kubernetes/klog#415

Fix: Ensure constant format strings in fmt and printf calls by @mikelolasagasti in kubernetes/klog#417

Remove old note on Go version requirements by @guettli in kubernetes/klog#425

test with 1.24 and 1.25 by @pohly in kubernetes/klog#428

ktesting: fix vmodule support by @pohly in kubernetes/klog#431

ktesting: support multi-line result from AnyToStringHook by @pohly in kubernetes/klog#433

textlogger: optionally turn off header by @pohly in kubernetes/klog#430

feat: fix stderrthreshold not honored when logtostderr is set (#212) + two new flags by @pierluigilenoci in kubernetes/klog#432

New Contributors

@lucacome made their first contribution in kubernetes/klog#410

@astef made their first contribution in kubernetes/klog#413

@mikelolasagasti made their first contribution in kubernetes/klog#417

@guettli made their first contribution in kubernetes/klog#425

@pierluigilenoci made their first contribution in kubernetes/klog#432

Full Changelog: kubernetes/klog@v2.130.1...v2.140.0

Commits

ef4b370 Merge pull request #432 from pierluigilenoci/fix/stderr-threshold-issue-212
39c4c76 refactor: address code review feedback from @pohly
764a9a3 Merge pull request #430 from pohly/textlogger-optional-header
015c613 Update stderr_threshold_test.go
2f517bd Update klog.go
36bc4ff textlogger: optionally turn off header
5f1f303 Merge pull request #433 from pohly/textlogger-hook-result
c469d41 Merge pull request #431 from pohly/ktesting-vmodule-fix
8509d6a ktesting: support multi-line result from AnyToStringHook
08e6e8b Fix stderrthreshold not honored when logtostderr is set
Additional commits viewable in compare view

Updates github.com/labstack/echo/v4 from 4.13.4 to 4.15.1

Release notes

Sourced from github.com/labstack/echo/v4's releases.

v4.15.0

Security

WARNING: If your application relies on cross-origin or same-site (same subdomain) requests do not blindly push this version to production

The CSRF middleware now supports the Sec-Fetch-Site header as a modern, defense-in-depth approach to CSRF protection, implementing the OWASP-recommended Fetch Metadata API alongside the traditional token-based mechanism.

How it works:

Modern browsers automatically send the Sec-Fetch-Site header with all requests, indicating the relationship between the request origin and the target. The middleware uses this to make security decisions:

same-origin or non... Description has been truncated

Bumps the all-go-minor-and-patch group with 18 updates: | Package | From | To | | --- | --- | --- | | [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) | `1.19.0` | `1.21.0` | | [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.11.0` | `1.13.1` | | [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) | `0.12.0` | `0.13.0` | | [github.com/avast/retry-go/v4](https://github.com/avast/retry-go) | `4.6.1` | `4.7.0` | | [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) | `1.7.0` | `1.8.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.23.0` | `1.23.2` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.10.1` | `1.10.2` | | [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.0` | `1.27.1` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.35.0` | `0.40.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.75.0` | `1.79.2` | | google.golang.org/protobuf | `1.36.8` | `1.36.10` | | [k8s.io/klog/v2](https://github.com/kubernetes/klog) | `2.130.1` | `2.140.0` | | [github.com/labstack/echo/v4](https://github.com/labstack/echo) | `4.13.4` | `4.15.1` | | [github.com/prometheus/common](https://github.com/prometheus/common) | `0.65.0` | `0.66.1` | | [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.3` | `1.9.4` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.41.0` | `0.47.0` | | [golang.org/x/time](https://github.com/golang/time) | `0.12.0` | `0.14.0` | | [golang.org/x/sync](https://github.com/golang/sync) | `0.16.0` | `0.19.0` | Updates `github.com/Azure/azure-sdk-for-go/sdk/azcore` from 1.19.0 to 1.21.0 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.19.0...sdk/azcore/v1.21.0) Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.11.0 to 1.13.1 - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.11.0...sdk/azidentity/v1.13.1) Updates `github.com/Microsoft/hcsshim` from 0.12.0 to 0.13.0 - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](microsoft/hcsshim@v0.12.0...v0.13.0) Updates `github.com/avast/retry-go/v4` from 4.6.1 to 4.7.0 - [Release notes](https://github.com/avast/retry-go/releases) - [Commits](avast/retry-go@4.6.1...4.7.0) Updates `github.com/hashicorp/go-version` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/hashicorp/go-version/releases) - [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md) - [Commits](hashicorp/go-version@v1.7.0...v1.8.0) Updates `github.com/prometheus/client_golang` from 1.23.0 to 1.23.2 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.23.0...v1.23.2) Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.10.1...v1.10.2) Updates `go.uber.org/zap` from 1.27.0 to 1.27.1 - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.27.0...v1.27.1) Updates `golang.org/x/sys` from 0.35.0 to 0.40.0 - [Commits](golang/sys@v0.35.0...v0.40.0) Updates `google.golang.org/grpc` from 1.75.0 to 1.79.2 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.75.0...v1.79.2) Updates `google.golang.org/protobuf` from 1.36.8 to 1.36.10 Updates `k8s.io/klog/v2` from 2.130.1 to 2.140.0 - [Release notes](https://github.com/kubernetes/klog/releases) - [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md) - [Commits](kubernetes/klog@v2.130.1...2.140.0) Updates `github.com/labstack/echo/v4` from 4.13.4 to 4.15.1 - [Release notes](https://github.com/labstack/echo/releases) - [Changelog](https://github.com/labstack/echo/blob/master/CHANGELOG.md) - [Commits](labstack/echo@v4.13.4...v4.15.1) Updates `github.com/prometheus/common` from 0.65.0 to 0.66.1 - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md) - [Commits](prometheus/common@v0.65.0...v0.66.1) Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4 - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](sirupsen/logrus@v1.9.3...v1.9.4) Updates `golang.org/x/crypto` from 0.41.0 to 0.47.0 - [Commits](golang/crypto@v0.41.0...v0.47.0) Updates `golang.org/x/time` from 0.12.0 to 0.14.0 - [Commits](golang/time@v0.12.0...v0.14.0) Updates `golang.org/x/sync` from 0.16.0 to 0.19.0 - [Commits](golang/sync@v0.16.0...v0.19.0) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore dependency-version: 1.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-version: 1.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/Microsoft/hcsshim dependency-version: 0.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/avast/retry-go/v4 dependency-version: 4.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/hashicorp/go-version dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-minor-and-patch - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-minor-and-patch - dependency-name: go.uber.org/zap dependency-version: 1.27.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-minor-and-patch - dependency-name: golang.org/x/sys dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: google.golang.org/grpc dependency-version: 1.79.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: google.golang.org/protobuf dependency-version: 1.36.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-minor-and-patch - dependency-name: k8s.io/klog/v2 dependency-version: 2.140.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/labstack/echo/v4 dependency-version: 4.15.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/prometheus/common dependency-version: 0.66.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: github.com/sirupsen/logrus dependency-version: 1.9.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go-minor-and-patch - dependency-name: golang.org/x/crypto dependency-version: 0.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: golang.org/x/time dependency-version: 0.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch - dependency-name: golang.org/x/sync dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go-minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

jpayne3506 · 2026-03-09T22:54:41Z

go.mod

 module github.com/Azure/azure-container-networking

-go 1.23.0
+go 1.24.0


Needs to be combined with go.mod update.

dependabot bot added dependencies Dependencies only. release/1.5 Change affects v1.5 release train labels Mar 9, 2026

dependabot bot requested a review from a team as a code owner March 9, 2026 22:49

dependabot bot requested a review from gimotwanMSFT March 9, 2026 22:49

jpayne3506 requested changes Mar 9, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps: bump the all-go-minor-and-patch group with 18 updates#4262

deps: bump the all-go-minor-and-patch group with 18 updates#4262
dependabot[bot] wants to merge 1 commit intorelease/v1.5from
dependabot/go_modules/release/v1.5/all-go-minor-and-patch-2c4b5d7187

dependabot bot commented on behalf of github Mar 9, 2026 •

edited

Loading

Uh oh!

jpayne3506 Mar 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

sdk/azcore/v1.21.0

1.21.0 (2026-01-12)

Features Added

Other Changes

sdk/azcore/v1.20.0

1.20.0 (2025-11-06)

Features Added

Bugs Fixed

sdk/azidentity/v1.13.1

1.13.1 (2025-11-10)

Bugs Fixed

v0.13.0

What's Changed

New Contributors

v0.13.0-rc.3

What's Changed

v0.12.9

What's Changed

v0.12.8

What's Changed

v4.7.0

What's Changed

New Contributors

v1.8.0

What's Changed

New Contributors

1.8.0 (Nov 28, 2025)

v1.23.2 - 2025-09-05

v1.23.1 - 2025-09-04

1.23.2 / 2025-09-05

1.23.1 / 2025-09-04

v1.10.2

🔧 Dependencies

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

v1.27.1

1.27.1 (19 Nov 2025)

Release 1.79.2

Bug Fixes

Release 1.79.1

Bug Fixes

Release 1.79.0

API Changes

Behavior Changes

New Features

Bug Fixes

Performance Improvements

Release 1.78.0

Behavior Changes

Prepare klog release for Kubernetes v1.36

What's Changed

New Contributors

v4.15.0

Uh oh!

jpayne3506 Mar 9, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Mar 9, 2026 •

edited

Loading