From bf3e9d82b40afdc89edc519f40bc0f67af48f1bf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 15:24:30 +0000 Subject: [PATCH 1/5] fix(deps): update module google.golang.org/grpc to v1.60.0 (#1074) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | require | minor | `v1.59.0` -> `v1.60.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes
grpc/grpc-go (google.golang.org/grpc) ### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0): Release 1.60.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0) ### Security - credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540. - This is a behavior change to bring us into better alignment with RFC 7540. ### API Changes - resolver: remove deprecated and experimental `ClientConn.NewServiceConfig` ([#​6784](https://togithub.com/grpc/grpc-go/issues/6784)) - client: remove deprecated `grpc.WithServiceConfig` `DialOption` ([#​6800](https://togithub.com/grpc/grpc-go/issues/6800)) ### Bug Fixes - client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update ([#​6804](https://togithub.com/grpc/grpc-go/issues/6804)) - client: always enable TCP keepalives with OS defaults ([#​6834](https://togithub.com/grpc/grpc-go/issues/6834)) - credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden ([#​6686](https://togithub.com/grpc/grpc-go/issues/6686)) - Special Thanks: [@​mjamaloney](https://togithub.com/mjamaloney) ### Behavior Changes - server: Do not return from Stop() or GracefulStop() until all resources are released ([#​6489](https://togithub.com/grpc/grpc-go/issues/6489)) - Special Thanks: [@​fho](https://togithub.com/fho) ### Documentation - codes: clarify that only codes defined by this package are valid and that users should not cast other values to `codes.Code` ([#​6701](https://togithub.com/grpc/grpc-go/issues/6701))
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-feature/flagd). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- core/go.mod | 10 +++++----- core/go.sum | 10 ++++++++++ 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/core/go.mod b/core/go.mod index 77d7625e4..9239851ed 100644 --- a/core/go.mod +++ b/core/go.mod @@ -37,7 +37,7 @@ require ( golang.org/x/mod v0.14.0 golang.org/x/net v0.19.0 golang.org/x/sync v0.5.0 - google.golang.org/grpc v1.59.0 + google.golang.org/grpc v1.60.0 google.golang.org/protobuf v1.31.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/apimachinery v0.28.4 @@ -90,14 +90,14 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/oauth2 v0.11.0 // indirect + golang.org/x/oauth2 v0.13.0 // indirect golang.org/x/sys v0.15.0 // indirect golang.org/x/term v0.15.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/api v0.28.4 // indirect diff --git a/core/go.sum b/core/go.sum index 07d1f3f7a..6047dda9f 100644 --- a/core/go.sum +++ b/core/go.sum @@ -906,6 +906,8 @@ golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= +golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= +golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1149,6 +1151,8 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -1264,8 +1268,12 @@ google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY= google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q= google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= +google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 h1:W18sezcAYs+3tDZX4F80yctqa12jcP1PUS2gQu1zTPU= +google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97/go.mod h1:iargEX0SFPm3xcfMI0d1domjg0ZF4Aa0p2awqyxhvF0= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 h1:6GQBEOdGkX6MMTLT9V+TjtIRZCw9VPD5Z+yHY9wMgS0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1306,6 +1314,8 @@ google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsA google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw= google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= +google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k= +google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= From 5c5d5abc38540277deb4e11f41f79ff49273d659 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 18:10:26 +0000 Subject: [PATCH 2/5] fix(deps): update module github.com/diegoholiveira/jsonlogic/v3 to v3.4.0 (#1068) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/diegoholiveira/jsonlogic/v3](https://togithub.com/diegoholiveira/jsonlogic) | require | minor | `v3.3.2` -> `v3.4.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes
diegoholiveira/jsonlogic (github.com/diegoholiveira/jsonlogic/v3) ### [`v3.4.0`](https://togithub.com/diegoholiveira/jsonlogic/releases/tag/v3.4.0) [Compare Source](https://togithub.com/diegoholiveira/jsonlogic/compare/v3.3.2...v3.4.0) #### What's Changed - Verify array before try to access any position by [@​diegoholiveira](https://togithub.com/diegoholiveira) in [https://github.com/diegoholiveira/jsonlogic/pull/76](https://togithub.com/diegoholiveira/jsonlogic/pull/76) **Full Changelog**: https://github.com/diegoholiveira/jsonlogic/compare/v3.3.2...v3.4.0
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-feature/flagd). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- core/go.mod | 2 +- core/go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/core/go.mod b/core/go.mod index 9239851ed..663eb6e22 100644 --- a/core/go.mod +++ b/core/go.mod @@ -8,7 +8,7 @@ require ( buf.build/gen/go/open-feature/flagd/protocolbuffers/go v1.31.0-20231031123731-ac2ec0f39838.2 connectrpc.com/connect v1.13.0 connectrpc.com/otelconnect v0.6.0 - github.com/diegoholiveira/jsonlogic/v3 v3.3.2 + github.com/diegoholiveira/jsonlogic/v3 v3.4.0 github.com/fsnotify/fsnotify v1.7.0 github.com/golang/mock v1.6.0 github.com/open-feature/open-feature-operator v0.5.2 diff --git a/core/go.sum b/core/go.sum index 6047dda9f..3e842ff28 100644 --- a/core/go.sum +++ b/core/go.sum @@ -442,6 +442,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/diegoholiveira/jsonlogic/v3 v3.3.2 h1:srg/h16pzyuS0/+P2HOt2zdDPDnzaFZtsHtfTugRPVc= github.com/diegoholiveira/jsonlogic/v3 v3.3.2/go.mod h1:9oE8z9G+0OMxOoLHF3fhek3KuqD5CBqM0B6XFL08MSg= +github.com/diegoholiveira/jsonlogic/v3 v3.4.0 h1:TN++nRmEMA5UHzKl8MJ1kbF5SSzWtKHE0PZ6ITbJeH4= +github.com/diegoholiveira/jsonlogic/v3 v3.4.0/go.mod h1:9oE8z9G+0OMxOoLHF3fhek3KuqD5CBqM0B6XFL08MSg= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= From 3ec8cf670423901c45a1d41d350258af2b34726c Mon Sep 17 00:00:00 2001 From: Kavindu Dodanduwa Date: Tue, 12 Dec 2023 11:51:06 -0800 Subject: [PATCH 3/5] chore: update to go-sdk 1.9.0 (#1080) ## This PR Update test dependencies to go-sdk 1.9.0 Signed-off-by: Kavindu Dodanduwa --- test/integration/evaluation_test.go | 2 +- test/integration/go.mod | 2 +- test/integration/json_evaluator_test.go | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/test/integration/evaluation_test.go b/test/integration/evaluation_test.go index d0b1ed675..47bbdbb3b 100644 --- a/test/integration/evaluation_test.go +++ b/test/integration/evaluation_test.go @@ -7,7 +7,7 @@ import ( "github.com/cucumber/godog" flagd "github.com/open-feature/go-sdk-contrib/providers/flagd/pkg" "github.com/open-feature/go-sdk-contrib/tests/flagd/pkg/integration" - "github.com/open-feature/go-sdk/pkg/openfeature" + "github.com/open-feature/go-sdk/openfeature" ) func TestEvaluation(t *testing.T) { diff --git a/test/integration/go.mod b/test/integration/go.mod index 10d0fb2b4..038c29155 100644 --- a/test/integration/go.mod +++ b/test/integration/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/cucumber/godog v0.13.0 - github.com/open-feature/go-sdk v1.8.0 + github.com/open-feature/go-sdk v1.9.0 github.com/open-feature/go-sdk-contrib/providers/flagd v0.1.18 github.com/open-feature/go-sdk-contrib/tests/flagd v1.3.2 ) diff --git a/test/integration/json_evaluator_test.go b/test/integration/json_evaluator_test.go index cfae8803b..57221e06f 100644 --- a/test/integration/json_evaluator_test.go +++ b/test/integration/json_evaluator_test.go @@ -7,7 +7,7 @@ import ( "github.com/cucumber/godog" flagd "github.com/open-feature/go-sdk-contrib/providers/flagd/pkg" "github.com/open-feature/go-sdk-contrib/tests/flagd/pkg/integration" - "github.com/open-feature/go-sdk/pkg/openfeature" + "github.com/open-feature/go-sdk/openfeature" ) func TestJsonEvaluator(t *testing.T) { From f0d7c91473bc3827a2fba94fed161e2e0124dc38 Mon Sep 17 00:00:00 2001 From: Michael Beemer Date: Tue, 12 Dec 2023 15:38:27 -0500 Subject: [PATCH 4/5] Remove benchmark workflow Signed-off-by: Michael Beemer --- .github/workflows/publish-benchmark.yaml | 41 ------------------------ 1 file changed, 41 deletions(-) delete mode 100644 .github/workflows/publish-benchmark.yaml diff --git a/.github/workflows/publish-benchmark.yaml b/.github/workflows/publish-benchmark.yaml deleted file mode 100644 index c639fdf3f..000000000 --- a/.github/workflows/publish-benchmark.yaml +++ /dev/null @@ -1,41 +0,0 @@ -name: "Trigger Site Rebuild on a CRON Schedule" - -on: - schedule: - # runs at 02:00 every day, UTC - - cron: "0 2 * * *" - -env: - GO_VERSION: '1.20' - -jobs: - benchmark-publish: - name: Run Benchmark - if: github.repository == 'open-feature/flagd' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - - - name: Setup go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5 - with: - go-version: ${{ env.GO_VERSION }} - - - name: Workspace init - run: make workspace-init - - - name: Run benchmark - run: set -o pipefail; go test -bench=Bench -short -benchtime=5s -benchmem ./core/... | tee output.txt - - - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1 - with: - name: Go Benchmark - tool: "go" - output-file-path: output.txt - github-token: ${{ secrets.GITHUB_TOKEN }} - auto-push: true - # Show alert with commit comment on detecting possible performance regression - alert-threshold: "130%" - comment-on-alert: true - fail-on-alert: false From c8c9a19a4d31df01e6d122c14191dacce98f3d36 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 20:04:50 +0000 Subject: [PATCH 5/5] chore(deps): update github/codeql-action action to v3 (#1081) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github/codeql-action](https://togithub.com/github/codeql-action) | action | major | `v2` -> `v3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes
github/codeql-action (github/codeql-action) ### [`v3`](https://togithub.com/github/codeql-action/compare/v2...v3) [Compare Source](https://togithub.com/github/codeql-action/compare/v2...v3)
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-feature/flagd). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 1b5cfd414..3cd80a615 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -107,7 +107,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # v2 + uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3 with: sarif_file: "trivy-results.sarif"