Skip to content

build(deps): Bump the go-dependencies group with 6 updates#560

Merged
mahendrapaipuri merged 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-4046a7061f
Jul 13, 2026
Merged

build(deps): Bump the go-dependencies group with 6 updates#560
mahendrapaipuri merged 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-4046a7061f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-dependencies group with 6 updates:

Package From To
github.com/go-chi/chi/v5 5.3.0 5.3.1
github.com/prometheus/common 0.69.0 0.70.0
github.com/prometheus/prometheus 0.313.0 0.313.1
github.com/stmcginnis/gofish 0.22.0 0.23.0
golang.org/x/crypto 0.53.0 0.54.0
golang.org/x/sys 0.46.0 0.47.0

Updates github.com/go-chi/chi/v5 from 5.3.0 to 5.3.1

Release notes

Sourced from github.com/go-chi/chi/v5's releases.

v5.3.1

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.3.0...v5.3.1

Commits
  • 8b258c7 ci: pin GitHub Actions to full commit SHAs (#1116)
  • caf87e6 feat(mux): support http QUERY method ietf rfc10008 (#1132)
  • 7fcb8a2 middleware: document printPrettyStack and harden NoColor panic test (#1131)
  • 878fe71 Fix defaultLogEntry.Panic not respecting NoColor setting (#1050)
  • d7b767b feat(middleware): add text/xml and application/xml to default compressible ty...
  • 3b50c7c Tidy build directives (#1113)
  • 2b9fca2 Honor Discard() in httpFancyWriter.ReadFrom (#1110)
  • See full diff in compare view

Updates github.com/prometheus/common from 0.69.0 to 0.70.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.70.0

What's Changed

New Contributors

Full Changelog: prometheus/common@v0.69.0...v0.70.0

Changelog

Sourced from github.com/prometheus/common's changelog.

v0.70.0 / 2026-07-10

Enhancements

  • route: add support for the QUERY HTTP method. #932

Bugfixes

  • config: fix TLSVersion.String() printing a pointer address instead of the numeric version for unknown TLS versions. #929

Internal

  • expfmt: add BenchmarkConvertMetricFamily comparing the Prometheus text and OpenMetrics 1.0 encoders. #943
  • Update Go dependencies. #933 #934
  • Synchronize common files from prometheus/prometheus. #923 #927 #930 #937
  • Update GitHub Actions. #938 #939 #940 #941 #942

Full Changelog: prometheus/common@v0.69.0...v0.70.0

Commits
  • 5eff7a8 Merge pull request #941 from prometheus/dependabot/github_actions/actions/che...
  • a23c5b3 Merge pull request #939 from prometheus/dependabot/github_actions/ossf/scorec...
  • 9e1eb87 Merge pull request #942 from prometheus/dependabot/github_actions/actions/upl...
  • ab2736d Merge pull request #940 from prometheus/dependabot/github_actions/actions/set...
  • e596873 Merge pull request #938 from prometheus/dependabot/github_actions/codeql-ac07...
  • 97c066a Add BenchmarkConvertMetricFamily comparing Prometheus text and OpenMetrics 1....
  • 62e9d0f Merge pull request #932 from roidelapluie/roidelapluie/route-query
  • 6c31239 build(deps): bump actions/upload-artifact from 4.6.2 to 7.0.1
  • 755e9d6 build(deps): bump actions/checkout from 3.1.0 to 7.0.0
  • 556d740 build(deps): bump actions/setup-go from 6.2.0 to 6.5.0
  • Additional commits viewable in compare view

Updates github.com/prometheus/prometheus from 0.313.0 to 0.313.1

Commits
  • 73ff57c Merge pull request #19151 from prometheus/krajo/prep-3.13.1
  • 1e3b14a chore: prep release 3.13.1 with tsdb related fix
  • 9371381 Merge pull request #19137 from prometheus/krajo/backport-19134-head-chunk-cache
  • 82c6e98 Merge remote-tracking branch 'origin/release-3.13' into krajo/backport-19134-...
  • 7c22947 Merge pull request #19138 from prometheus/krajo/backport-lts-matrix-speedup
  • d98a8d0 ci: run version upgrade test as a per-LTS matrix
  • c418c17 tsdb: fix stale head-chunk cache after head-chunk truncation (#19134)
  • See full diff in compare view

Updates github.com/stmcginnis/gofish from 0.22.0 to 0.23.0

Release notes

Sourced from github.com/stmcginnis/gofish's releases.

v0.23.0

What's Changed

Full Changelog: stmcginnis/gofish@v0.22.0...v0.23.0

Commits
  • 2521b0b Update to golangci-lint 2.12.2
  • ee4923c Add Refresh godoc examples
  • f17aca3 Add object Refresh method for conditional Get
  • b819be7 Add ErrNotModified to signal conditional GET 304
  • 043850d Schemas: change LocationIndicatorActive to *bool to distinguish missing vs fa...
  • 5b8a7ad Bump golangci/golangci-lint-action from 9.2.1 to 9.3.0 (#537)
  • be6dfeb Bump actions/setup-go from 6.4.0 to 6.5.0 (#538)
  • 01dc1f8 Bump actions/checkout from 6.0.3 to 7.0.0 (#534)
  • 4ed40aa Workaround ZTE bug in processors (#533)
  • 6ea9456 Bump actions/checkout from 6.0.2 to 6.0.3 (#531)
  • See full diff in compare view

Updates golang.org/x/crypto from 0.53.0 to 0.54.0

Commits
  • cdce021 go.mod: update golang.org/x dependencies
  • d9474cc openpgp: make the deprecation message more explicit
  • 7626c50 ssh: verify declared key type matches decoded key in authorized_keys
  • 0471e79 ssh/agent: enforce strict limits on DSA key parameters
  • 6435c37 ssh: sanitize client disconnect messages
  • 7d695da ssh/agent: drain channel stderr in agent forwarders
  • 5b7f841 acme/autocert: fix data race in Manager.createCert
  • 0b316e7 argon2: update RFC 9106 parameter recommendations
  • 55aec0a x509roots/fallback: update bundle
  • 5f2de1a internal: remove wycheproof tests
  • See full diff in compare view

Updates golang.org/x/sys from 0.46.0 to 0.47.0

Commits
  • 9e7e939 cpu: handle vendor suffixes in parseRelease
  • f6fb8a1 unix: use epoll_pwait rather than epoll_wait
  • f3eeabf windows: avoid length overflow in NewNTString
  • 3cb6647 unix: update glibc to 2.43
  • c507910 windows: document safe usage of TrusteeValue
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-dependencies group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) | `5.3.0` | `5.3.1` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.69.0` | `0.70.0` |
| [github.com/prometheus/prometheus](https://github.com/prometheus/prometheus) | `0.313.0` | `0.313.1` |
| [github.com/stmcginnis/gofish](https://github.com/stmcginnis/gofish) | `0.22.0` | `0.23.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.53.0` | `0.54.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.46.0` | `0.47.0` |


Updates `github.com/go-chi/chi/v5` from 5.3.0 to 5.3.1
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](go-chi/chi@v5.3.0...v5.3.1)

Updates `github.com/prometheus/common` from 0.69.0 to 0.70.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](prometheus/common@v0.69.0...v0.70.0)

Updates `github.com/prometheus/prometheus` from 0.313.0 to 0.313.1
- [Release notes](https://github.com/prometheus/prometheus/releases)
- [Changelog](https://github.com/prometheus/prometheus/blob/main/CHANGELOG.md)
- [Commits](prometheus/prometheus@v0.313.0...v0.313.1)

Updates `github.com/stmcginnis/gofish` from 0.22.0 to 0.23.0
- [Release notes](https://github.com/stmcginnis/gofish/releases)
- [Commits](stmcginnis/gofish@v0.22.0...v0.23.0)

Updates `golang.org/x/crypto` from 0.53.0 to 0.54.0
- [Commits](golang/crypto@v0.53.0...v0.54.0)

Updates `golang.org/x/sys` from 0.46.0 to 0.47.0
- [Commits](golang/sys@v0.46.0...v0.47.0)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-version: 5.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/prometheus/common
  dependency-version: 0.70.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/prometheus/prometheus
  dependency-version: 0.313.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/stmcginnis/gofish
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 13, 2026
@mahendrapaipuri mahendrapaipuri merged commit 02b54de into main Jul 13, 2026
15 of 16 checks passed
@mahendrapaipuri mahendrapaipuri deleted the dependabot/go_modules/go-dependencies-4046a7061f branch July 13, 2026 06:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant