Bump the go-deps group with 7 updates

[dependabot]

Bumps the go-deps group with 7 updates:

Package	From	To
cloud.google.com/go/monitoring	1.16.1	1.16.3
github.com/go-logr/logr	1.2.3	1.3.0
github.com/prometheus/client_golang	1.14.0	1.17.0
github.com/prometheus/client_model	0.4.1-0.20230718164431-9a2bf3000d16	0.5.0
github.com/prometheus/common	0.44.0	0.45.0
go.uber.org/zap	1.24.0	1.26.0
golang.org/x/time	0.3.0	0.4.0

Updates cloud.google.com/go/monitoring from 1.16.1 to 1.16.3

Release notes

Sourced from cloud.google.com/go/monitoring's releases.

monitoring: v1.16.3

1.16.3 (2023-11-01)

Bug Fixes

• monitoring: Bump google.golang.org/api to v0.149.0 (8d2ab9f)

Commits

• 2ba47cb chore: release main (#8961)
• 24e410e feat(spanner): add directed_read_option in spanner.proto (#8950)
• bed3908 chore(main): release storage 1.34.1 (#8962)
• 422c0b7 chore(main): release bigquery 1.57.1 (#8963)
• 8d2ab9f fix(all): bump google.golang.org/api to v0.149.0 (#8959)
• abd6ca7 fix(bigquery): correct deps issue (#8958)
• ce5b884 chore(main): release 0.110.10 (#8758)
• 338f53f test(bigquery/storage/managedwriter): refactor large insert tests (#8949)
• 858254b test(pubsub): add retry guard to ordering key test (#8765)
• 6e77611 chore: release main (#8936)
• Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.2.3 to 1.3.0

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.3.0

This release adds support for slog in a new, self-contained logr/slogr package. Implementers of a logr.LogSink are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a slog API call.

Breaking change: the call depth for LogSink.Enabled when called via Logger.Enabled was fixed to be the same as for other call paths. Implementers of a LogSink who have worked around this bug will need to remove their workarounds.

Security best practices were improved. Only Go versions >= 1.18 are supported by this release.

What's Changed

• Fix golangci-lint fails by @​thockin in go-logr/logr#173
• Add minimal permissions to workflows by @​pnacht in go-logr/logr#177
• Add a security policy by @​pnacht in go-logr/logr#178
• Update security email by @​thockin in go-logr/logr#181
• docs: explain relationship between Logger{} and Discard() by @​pohly in go-logr/logr#182
• Add the OpenSSF Scorecard workflow by @​pnacht in go-logr/logr#186
• README: show of OpenSSF Scorecard badge by @​pohly in go-logr/logr#187
• Hash-pin workflow Actions by @​pnacht in go-logr/logr#189
• Bump go versions to 1.18+ by @​thockin in go-logr/logr#203
• slogr: add glue code for logging to slog.Handler and with slog.Logger by @​pohly in go-logr/logr#205
• slogr: restore original backend when converting back and forth by @​pohly in go-logr/logr#210
• slogr: add SlogSink by @​pohly in go-logr/logr#211
• Use same call depth for Enabled, Info, Error by @​thockin in go-logr/logr#218
• test: eliminate helper func by @​thockin in go-logr/logr#219
• docs: interoperability with slog by @​pohly in go-logr/logr#222

---

• build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @​dependabot in go-logr/logr#190
• build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by @​dependabot in go-logr/logr#191
• build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by @​dependabot in go-logr/logr#192
• build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by @​dependabot in go-logr/logr#193
• build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @​dependabot in go-logr/logr#194
• build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @​dependabot in go-logr/logr#207
• build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @​dependabot in go-logr/logr#206
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot in go-logr/logr#209
• build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @​dependabot in go-logr/logr#208
• build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in go-logr/logr#214
• build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @​dependabot in go-logr/logr#217
• build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot in go-logr/logr#220
• build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @​dependabot in go-logr/logr#221
• build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by @​dependabot in go-logr/logr#223
• build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @​dependabot in go-logr/logr#224
• build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot in go-logr/logr#225
• build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @​dependabot in go-logr/logr#226
• build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @​dependabot in go-logr/logr#227
• build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by @​dependabot in go-logr/logr#228
• build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by @​dependabot in go-logr/logr#229
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in go-logr/logr#231
• build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @​dependabot in go-logr/logr#230

New Contributors

... (truncated)

Commits

• 8adefbe docs: interoperability with slog
• ebabbb9 build(deps): bump github/codeql-action from 2.22.3 to 2.22.4
• 9c361f0 build(deps): bump actions/checkout from 4.1.0 to 4.1.1
• d9b2b78 Merge pull request #229 from go-logr/dependabot/github_actions/github/codeql-...
• 91cec29 build(deps): bump github/codeql-action from 2.22.0 to 2.22.3
• 2ea8628 Merge pull request #228 from go-logr/dependabot/github_actions/github/codeql-...
• 37a4f55 Merge pull request #227 from go-logr/dependabot/github_actions/ossf/scorecard...
• ecf310c build(deps): bump github/codeql-action from 2.21.9 to 2.22.0
• d73e05e build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
• 1d1c415 Merge pull request #226 from go-logr/dependabot/github_actions/github/codeql-...
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.14.0 to 1.17.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.17.0

What's Changed

• [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
• [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
• [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

• Merge v1.16.0 to main by @​bwplotka in prometheus/client_golang#1293
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1297
• ci: define minimal permissions to GitHub workflows by @​diogoteles08 in prometheus/client_golang#1295
• Do not allocate memory when there's no constraints by @​Okhoshi in prometheus/client_golang#1296
• Bump golang.org/x/sys from 0.8.0 to 0.9.0 by @​dependabot in prometheus/client_golang#1306
• Bump google.golang.org/grpc from 1.45.0 to 1.53.0 in /tutorial/whatsup by @​dependabot in prometheus/client_golang#1307
• histogram: Enable detection of a native histogram without observations by @​beorn7 in prometheus/client_golang#1314
• Bump github.com/prometheus/procfs from 0.10.1 to 0.11.0 by @​dependabot in prometheus/client_golang#1305
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1302
• Fix data-race in metric without code and method but with WithLabelFromCtx by @​tigrato in prometheus/client_golang#1318
• Add missing tick "`" in README by @​ZiViZiViZ in prometheus/client_golang#1321
• Bump golang.org/x/sys from 0.9.0 to 0.10.0 by @​dependabot in prometheus/client_golang#1320
• Bump github.com/prometheus/procfs from 0.11.0 to 0.11.1 by @​dependabot in prometheus/client_golang#1319
• docs: trivial grammar fixes to improve readability in promauto Godoc by @​sengi in prometheus/client_golang#1322
• Add Go 1.21 support by @​kakkoyun in prometheus/client_golang#1325
• Bump client_model by @​ArthurSens in prometheus/client_golang#1323
• histogram docs: Fixed minor nit. by @​bwplotka in prometheus/client_golang#1324
• Update building by @​SuperQ in prometheus/client_golang#1326
• Bump golang.org/x/sys from 0.10.0 to 0.11.0 by @​dependabot in prometheus/client_golang#1331
• Bump github.com/prometheus/client_golang from 1.15.1-0.20230416215738-0963f595c689 to 1.16.0 in /tutorial/whatsup by @​dependabot in prometheus/client_golang#1329
• Bump github.com/prometheus/client_golang from 1.13.1 to 1.16.0 in /examples/middleware by @​dependabot in prometheus/client_golang#1328
• Bump github.com/prometheus/common from 0.42.0 to 0.44.0 by @​dependabot in prometheus/client_golang#1284
• Bump github.com/prometheus/common from 0.42.0 to 0.44.0 in /tutorial/whatsup by @​dependabot in prometheus/client_golang#1330
• Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @​dependabot in prometheus/client_golang#1304
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1332
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1338
• Cleanup golangci-lint errcheck by @​SuperQ in prometheus/client_golang#1339
• Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total by @​alexandear in prometheus/client_golang#1348
• Extend Counters, Summaries and Histograms with creation timestamp by @​ArthurSens in prometheus/client_golang#1313
• Fix typos in comments, tests, and errors by @​alexandear in prometheus/client_golang#1346
• Deprecated comment should begin with "Deprecated:" by @​alexandear in prometheus/client_golang#1347
• Add changelog entry for 1.17 by @​ArthurSens in prometheus/client_golang#1352

New Contributors

• @​diogoteles08 made their first contribution in prometheus/client_golang#1295
• @​tigrato made their first contribution in prometheus/client_golang#1318
• @​ZiViZiViZ made their first contribution in prometheus/client_golang#1321
• @​sengi made their first contribution in prometheus/client_golang#1322
• @​ArthurSens made their first contribution in prometheus/client_golang#1323

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.17.0 / 2023-09-27

• [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
• [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
• [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

1.16.0 / 2023-06-15

• [BUGFIX] api: Switch to POST for LabelNames, Series, and QueryExemplars. #1252
• [BUGFIX] api: Fix undefined execution order in return statements. #1260
• [BUGFIX] native histograms: Fix bug in bucket key calculation. #1279
• [ENHANCEMENT] Reduce constrainLabels allocations for all metrics. #1272
• [ENHANCEMENT] promhttp: Add process start time header for scrape efficiency. #1278
• [ENHANCEMENT] promlint: Improve metricUnits runtime. #1286

1.15.1 / 2023-05-3

• [BUGFIX] Fixed promhttp.Instrument* handlers wrongly trying to attach exemplar to unsupported metrics (e.g. summary),
  causing panics. #1253

1.15.0 / 2023-04-13

• [BUGFIX] Fix issue with atomic variables on ppc64le. #1171
• [BUGFIX] Support for multiple samples within same metric. #1181
• [BUGFIX] Bump golang.org/x/text to v0.3.8 to mitigate CVE-2022-32149. #1187
• [ENHANCEMENT] Add exemplars and middleware examples. #1173
• [ENHANCEMENT] Add more context to "duplicate label names" error to enable debugging. #1177
• [ENHANCEMENT] Add constrained labels and constrained variant for all MetricVecs. #1151
• [ENHANCEMENT] Moved away from deprecated github.com/golang/protobuf package. #1183
• [ENHANCEMENT] Add possibility to dynamically get label values for http instrumentation. #1066
• [ENHANCEMENT] Add ability to Pusher to add custom headers. #1218
• [ENHANCEMENT] api: Extend and improve efficiency of json-iterator usage. #1225
• [ENHANCEMENT] Added (official) support for go 1.20. #1234
• [ENHANCEMENT] timer: Added support for exemplars. #1233
• [ENHANCEMENT] Filter expected metrics as well in CollectAndCompare. #1143
• [ENHANCEMENT] ⚠️ Only set start/end if time is not Zero. This breaks compatibility in experimental api package. If you strictly depend on empty time.Time as actual value, the behavior is now changed. #1238

Commits

• fa1408e Merge pull request #1352 from prometheus/arthursens/cut-1.17.0
• 24a72b8 Add changelog entry for 1.17
• 1bae6c1 Deprecated comment should begin with "Deprecated:" (#1347)
• bbab8fe Fix typos in comments, tests, and errors (#1346)
• df7fa49 Extend Counters, Summaries and Histograms with creation timestamp (#1313)
• 74cc262 Add go_godebug_non_default_behavior_tlsmaxrsasize_events_total (#1348)
• d03abf3 Cleanup golangci-lint errcheck (#1339)
• ca6ba04 Update common Prometheus files (#1338)
• 51d24f8 Update common Prometheus files (#1332)
• c17edf0 Merge pull request #1304 from prometheus/dependabot/go_modules/google.golang....
• Additional commits viewable in compare view

Updates github.com/prometheus/client_model from 0.4.1-0.20230718164431-9a2bf3000d16 to 0.5.0

Release notes

Sourced from github.com/prometheus/client_model's releases.

v0.5.0 / 2023-10-03

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_model#65
• (feat): Add created timestamps to counter, summary and histogram by @​ArthurSens in prometheus/client_model#66
• histogram: Add a doc comment about when to add a no-op span by @​beorn7 in prometheus/client_model#67
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_model#69
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_model#70
• Update Go by @​SuperQ in prometheus/client_model#71

New Contributors

• @​ArthurSens made their first contribution in prometheus/client_model#66

Full Changelog: prometheus/client_model@v0.4.0...v0.5.0

Commits

• See full diff in compare view

Updates github.com/prometheus/common from 0.44.0 to 0.45.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.45.0

What's Changed

• Adding support for file based configuration of basic auth username in http client config by @​wasim-nihal in prometheus/common#511
• Bump golang.org/x/net from 0.10.0 to 0.12.0 by @​dependabot in prometheus/common#507
• Add read-only token permissions by @​pnacht in prometheus/common#490
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#495
• Update client_golang by @​SuperQ in prometheus/common#513
• Bump golang.org/x/oauth2 from 0.8.0 to 0.12.0 by @​dependabot in prometheus/common#514
• Bump github.com/aws/aws-sdk-go from 1.44.266 to 1.45.18 in /sigv4 by @​dependabot in prometheus/common#515
• Bump github.com/prometheus/client_golang from 1.15.1 to 1.17.0 in /sigv4 by @​dependabot in prometheus/common#516
• Bump github.com/stretchr/testify from 1.8.2 to 1.8.4 in /sigv4 by @​dependabot in prometheus/common#493
• Update golang_protobuf_extensions to v2 by @​Neo2308 in prometheus/common#509
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#518
• Bump github.com/aws/aws-sdk-go from 1.45.18 to 1.45.19 in /sigv4 by @​dependabot in prometheus/common#519
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#520
• Bump golang.org/x/net from 0.15.0 to 0.17.0 in /sigv4 by @​dependabot in prometheus/common#525
• Bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in prometheus/common#524

New Contributors

• @​wasim-nihal made their first contribution in prometheus/common#511
• @​pnacht made their first contribution in prometheus/common#490
• @​Neo2308 made their first contribution in prometheus/common#509

Full Changelog: prometheus/common@v0.44.0...v0.45.0

Commits

• c59927e Merge pull request #524 from prometheus/dependabot/go_modules/golang.org/x/ne...
• 1f9b004 Bump golang.org/x/net from 0.15.0 to 0.17.0
• 16f9480 Merge pull request #525 from prometheus/dependabot/go_modules/sigv4/golang.or...
• ff99062 Bump golang.org/x/net from 0.15.0 to 0.17.0 in /sigv4
• 7043ea0 Merge pull request #520 from prometheus/repo_sync
• b6914dd Update common Prometheus files
• f4e05c0 Merge pull request #519 from prometheus/dependabot/go_modules/sigv4/github.co...
• eb60b9b Bump github.com/aws/aws-sdk-go from 1.45.18 to 1.45.19 in /sigv4
• ac62eb7 Merge pull request #518 from prometheus/repo_sync
• 777f9cc Update common Prometheus files
• Additional commits viewable in compare view

Updates go.uber.org/zap from 1.24.0 to 1.26.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.26.0

Enhancements:

• #1297[]: Add Dict as a Field.
• #1319[]: Add WithLazy method to Logger which lazily evaluates the structured context.
• #1350[]: String encoding is much (~50%) faster now.

Thanks to @​hhk7734, @​jquirke, @​cdvr1993 for their contributions to this release.

#1297: uber-go/zap#1297 #1319: uber-go/zap#1319 #1350: uber-go/zap#1350

v1.25.0

This release contains several improvements including performance, API additions, and two new experimental packages whose APIs are unstable and may change in the future.

Enhancements:

• #1246[]: Add zap/exp/zapslog package for integration with slog.
• #1273[]: Add Name to Logger which returns the Logger's name if one is set.
• #1281[]: Add zap/exp/expfield package which contains helper methods Str and Strs for constructing String-like zap.Fields.
• #1310[]: Reduce stack size on Any.

Thanks to @​knight42, @​dzakaammar, @​bcspragu, and @​rexywork for their contributions to this release.

#1246: uber-go/zap#1246 #1273: uber-go/zap#1273 #1281: uber-go/zap#1281 #1310: uber-go/zap#1310

Changelog

Sourced from go.uber.org/zap's changelog.

1.26.0 (14 Sep 2023)

Enhancements:

• #1297[]: Add Dict as a Field.
• #1319[]: Add WithLazy method to Logger which lazily evaluates the structured context.
• #1350[]: String encoding is much (~50%) faster now.

Thanks to @​hhk7734, @​jquirke, and @​cdvr1993 for their contributions to this release.

#1297: uber-go/zap#1297 #1319: uber-go/zap#1319 #1350: uber-go/zap#1350

1.25.0 (1 Aug 2023)

This release contains several improvements including performance, API additions, and two new experimental packages whose APIs are unstable and may change in the future.

Enhancements:

• #1246[]: Add zap/exp/zapslog package for integration with slog.
• #1273[]: Add Name to Logger which returns the Logger's name if one is set.
• #1281[]: Add zap/exp/expfield package which contains helper methods Str and Strs for constructing String-like zap.Fields.
• #1310[]: Reduce stack size on Any.

Thanks to @​knight42, @​dzakaammar, @​bcspragu, and @​rexywork for their contributions to this release.

#1246: uber-go/zap#1246 #1273: uber-go/zap#1273 #1281: uber-go/zap#1281 #1310: uber-go/zap#1310

Commits

• 96038b7 Prepare for release v1.26.0 (#1355)
• c17272e Add WithLazy Logger method (#1319)
• 99f1811 exp: Add a changelog (#1353)
• 7728f39 chore(CHANGELOG): Move reference links to sections (#1352)
• 5a27bab perf: Faster string encoding (#1350)
• 82c728b Replace benbjohnson/clock with custom MockClock (#1349)
• b7aed24 zapslog: Handle empty attrs centrally (#1351)
• 2b35963 lint: Enable errcheck, fix failures (#1345)
• 9a36792 test: improve slog coverage (#1347)
• e5e8b70 build(deps): bump actions/checkout from 3 to 4 (#1346)
• Additional commits viewable in compare view

Updates golang.org/x/time from 0.3.0 to 0.4.0

Commits

• b24d3b5 all: add a go directive, set it to 1.18
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.