Skip to content

build(deps): bump the all group across 1 directory with 5 updates#451

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/all-e56c7d16fe
Open

build(deps): bump the all group across 1 directory with 5 updates#451
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/all-e56c7d16fe

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 29, 2026
edited
Loading

Bumps the all group with 2 updates in the / directory: go.step.sm/crypto and k8s.io/api.

Updates go.step.sm/crypto from 0.77.2 to 0.77.9

Release notes

Sourced from go.step.sm/crypto's releases.

Release v0.77.9

What's Changed

Full Changelog: smallstep/crypto@v0.77.8...v0.77.9

Release v0.77.8

What's Changed

Dependencies

Full Changelog: smallstep/crypto@v0.77.2...v0.77.8

Release v0.77.7

No release notes provided.

Release v0.77.6

No release notes provided.

Release v0.77.5

No release notes provided.

Release v0.77.4

No release notes provided.

... (truncated)

Commits
  • 605bcfe Merge pull request #1011 from smallstep/herman/retract-v0.77.3-v0.77.7
  • f7b9860 Retract v0.77.3 - v0.77.7
  • 20521ad Merge pull request #1004 from smallstep/dependabot/go_modules/github.com/go-p...
  • aad5eab chore(deps): Bump github.com/go-piv/piv-go/v2 from 2.5.0 to 2.6.0
  • 60d5aff Merge pull request #1007 from smallstep/dependabot/go_modules/github.com/aws/...
  • 9be93dd chore(deps): Bump github.com/aws/aws-sdk-go-v2/config
  • b631220 Merge pull request #1008 from smallstep/dependabot/go_modules/google.golang.o...
  • 4915fb6 Merge pull request #1009 from smallstep/dependabot/go_modules/github.com/Azur...
  • b22f0b3 Merge pull request #1010 from smallstep/dependabot/go_modules/github.com/aws/...
  • 41fccfd chore(deps): Bump github.com/aws/aws-sdk-go-v2/service/kms
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits
  • a8d1fc1 go.mod: update golang.org/x dependencies
  • 056ac74 quic: avoid depending on golang.org/x/sys/unix
  • c85f611 http3: add http3 package for testing in std
  • 805fc81 http2: add transport API tests
  • e63b894 http2: support testing via net/http.Transport.RoundTrip
  • 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
  • 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
  • 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
  • 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
  • 228a67a internal/http3: add CloseIdleConnections support in transport
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.79.3 to 1.80.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.80.0

Behavior Changes

  • balancer: log a warning if a balancer is registered with uppercase letters, as balancer names should be lowercase. In a future release, balancer names will be treated as case-insensitive; see #5288 for details. (#8837)
  • xds: update resource error handling and re-resolution logic (#8907)
    • Re-resolve all LOGICAL_DNS clusters simultaneously when re-resolution is requested.
    • Fail all in-flight RPCs immediately upon receipt of listener or route resource errors, instead of allowing them to complete.

Bug Fixes

  • xds: support the LB policy configured in LOGICAL_DNS cluster resources instead of defaulting to pick_first. (#8733)
  • credentials/tls: perform per-RPC authority validation against the leaf certificate instead of the entire peer certificate chain. (#8831)
  • xds: enabling A76 ring hash endpoint keys no longer causes EDS resources with invalid proxy metadata to be NACKed when HTTP CONNECT (gRFC A86) is disabled. (#8875)
  • xds: validate that the sum of endpoint weights in a locality does not exceed the maximum uint32 value. (#8899)
  • xds: fix incorrect proto field access in the weighted round robin (WRR) configuration where blackout_period was used instead of weight_expiration_period. (#8915)
  • xds/rbac: handle addresses with ports in IP matchers. (#8990)

New Features

  • ringhash: enable gRFC A76 (endpoint hash keys and request hash headers) by default. (#8922)

Performance Improvements

  • credentials/alts: pool write buffers to reduce memory allocations and usage. (#8919)
  • grpc: enable the use of pooled write buffers for buffering HTTP/2 frame writes by default. This reduces memory usage when connections are idle. Use the WithSharedWriteBuffer dial option or the SharedWriteBuffer server option to disable this feature. (#8957)
  • xds/priority: stop caching child LB policies removed from the configuration. This will help reduce memory and cpu usage when localities are constantly switching between priorities. (#8997)
  • mem: add a faster tiered buffer pool; use the experimental mem.NewBinaryTieredBufferPool function to create such pools. (#8775)
Commits

Updates k8s.io/api from 0.36.0-alpha.2 to 0.37.0-alpha.0

Commits
  • b273fdc Update dependencies to v0.37.0-alpha.0 tag
  • 2b6c3c9 Merge pull request #134947 from aojea/dra_status_check
  • 0471ef7 Add granular authorization for DRA ResourceClaim status updates
  • 91061ea Merge pull request #136589 from tosi3k/preemption-mode
  • e6b81e2 Add Workload-Aware Preemption fields to Workload and PodGroup APIs
  • f8fce2e Merge pull request #136989 from nojnhuh/podgroup-resourceclaim
  • b928f5e Workload API: PodGroup ResourceClaims (KEP-5729)
  • 61bd78e Merge pull request #137190 from everpeace/KEP-5491-alpha
  • 6bf46eb Merge pull request #137028 from nmn3m/feature/dra-resource-pool-status
  • 95c5538 KEP-5491: change ResourceSliceMaxDevicesWithTaintsOrConsumesCounters to Resou...
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.36.0-alpha.2 to 0.37.0-alpha.0

Commits
  • 6fd9088 Update dependencies to v0.37.0-alpha.0 tag
  • a76ee74 Merge pull request #137864 from yongruilin/dv-dra-mismatch
  • a8822f7 Add slice and map union member support with tests
  • 7dba2d0 Use IsZero instead of IsNil for union ratcheting check
  • d95710f Fix union validation ratcheting when oldObj is nil
  • 729062d Merge pull request #137849 from bryantbiggs/deps/update-kube-openapi
  • 13b12e6 dependencies: bump kube-openapi to drop ginkgo/gomega indirect deps
  • 27f4670 Merge pull request #136657 from Jefftree/sharding-test
  • 175ed01 sharding: address review comments (deads2k)
  • 3f48e27 generated: regenerate proto, openapi, deepcopy, conversion, and testdata
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all group across 1 directory with 5 updates
ca6293a 
Bumps the all group with 2 updates in the / directory: [go.step.sm/crypto](https://github.com/smallstep/crypto) and [k8s.io/api](https://github.com/kubernetes/api).


Updates `go.step.sm/crypto` from 0.77.2 to 0.77.9
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](smallstep/crypto@v0.77.2...v0.77.9)

Updates `golang.org/x/net` from 0.52.0 to 0.53.0
- [Commits](golang/net@v0.52.0...v0.53.0)

Updates `google.golang.org/grpc` from 1.79.3 to 1.80.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.3...v1.80.0)

Updates `k8s.io/api` from 0.36.0-alpha.2 to 0.37.0-alpha.0
- [Commits](kubernetes/api@v0.36.0-alpha.2...v0.37.0-alpha.0)

Updates `k8s.io/apimachinery` from 0.36.0-alpha.2 to 0.37.0-alpha.0
- [Commits](kubernetes/apimachinery@v0.36.0-alpha.2...v0.37.0-alpha.0)

---
updated-dependencies:
- dependency-name: go.step.sm/crypto
  dependency-version: 0.77.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: golang.org/x/net
  dependency-version: 0.53.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-version: 1.80.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-version: 0.37.0-alpha.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.37.0-alpha.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 29, 2026
@github-actions github-actions Bot added the needs triage Waiting for discussion / prioritization by team label Apr 29, 2026
@step-ci step-ci enabled auto-merge April 29, 2026 02:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code needs triage Waiting for discussion / prioritization by team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hslatman @step-ci