Skip to content

build(deps): bump the go group with 5 updates #1264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the go group with 5 updates #1264

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025

Bumps the go group with 5 updates:

Package From To
github.com/go-playground/validator/v10 10.27.0 10.28.0
github.com/open-policy-agent/opa 1.9.0 1.10.0
golang.org/x/net 0.44.0 0.46.0
google.golang.org/grpc 1.75.1 1.76.0
google.golang.org/protobuf 1.36.9 1.36.10

Updates github.com/go-playground/validator/v10 from 10.27.0 to 10.28.0

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

Release 10.28.0

What's Changed

New Contributors

Full Changelog: go-playground/validator@v10.27.0...v10.28.0

Commits
  • bdc3a7d Add alphaspace validator (#1343)
  • 63594a0 docs: add description for 'port' validator (#1435)
  • 45f3a8e Added https_url tag (#1461)
  • 7a23bca Remove Go version 1.23 from CI workflow
  • 13130d2 Fixed missing keys from returned errors in map validation (#1284)
  • 94e89f0 fix: should panic when define duplicate field param in required_if (#1468)
  • 6905468 Bump golang.org/x/crypto from 0.33.0 to 0.42.0 (#1467)
  • 77ef70e Bump actions/setup-go from 5 to 6 (#1465)
  • 78d05ae Bump golang.org/x/text from 0.22.0 to 0.29.0 (#1464)
  • 34aea1f Bump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.10 (#1463)
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.10.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • Non-static arm64 executables for linux and darwin, supporting Wasm evaluation
  • Performance improvements to the formatter, compiler, and runtime
  • A new --fail-on-empty flag for opa test
  • Support for IS NOT NULL query statements in the Compile API

Non-static OPA binaries for linux/arm64 and darwin/arm64

Starting with this release, OPA will ship non-static arm64 executables for linux and darwin. These binaries have support for Wasm evaluation. Furthermore, the openpolicyagent/opa:latest docker image is a multi-platform image with arm64 support.

Runtime, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.10.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • Non-static arm64 executables for linux and darwin
  • Performance improvements to the formatter, compiler, and runtime
  • A new --fail-on-empty flag for opa test
  • Support for IS NOT NULL query statements in the Compile API

Non-static OPA binaries for linux/arm64 and darwin/arm64

Starting with this release, OPA will ship non-static arm64 executables for linux and darwin. Furthermore, the openpolicyagent/opa:latest docker image is a multi-platform image with arm64 support.

Runtime, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Commits
  • e6865c4 Prepare v1.10.0 release (#8002)
  • 9b1e774 Makefile: include linux/arm64 in DOCKER_PLATFORMS
  • fb4b7d9 docs: Moving CLI Reference to Operations in TOC (#8001)
  • c7746a0 docs: Address some broken anchors (#8000)
  • 4aa4554 website: Fix build issues (#7999)
  • 9a864c6 compile: add support for "any value at all", as IS NOT NULL (#7998)
  • 882b287 website: Show latest release rather than edge (#7988)
  • 087f942 docs: Update based on slack feedback (#7990)
  • 39044ba server/failtracer: don't assume only being fed two-elem calls
  • f5eeb07 Refactor hash key equality function (#7969)
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.44.0 to 0.46.0

Commits
  • 2002a06 go.mod: update golang.org/x dependencies
  • 59706cd html: impose open element stack size limit
  • 6ec8895 html: align in row insertion mode with spec
  • 5393563 http2: fix RFC 9218 write scheduler not being idempotent
  • b2ab371 internal/httpsfv: implement parsing support for date and display string
  • edb764c internal/httpsfv: add parsing functionality for types defined in RFC 8941
  • fbba2c2 internal/httpsfv: add support for consuming Display String and Date type
  • 47a241f http2: make the error channel pool per-Server
  • 51f657b webdav/internal/xml: use the built-in min function
  • f2e909b internal/httpsfv: implement parsing support for Dictionary and List type.
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.75.1 to 1.76.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.76.0

Dependencies

Bug Fixes

  • client: Return status INTERNAL when a server sends zero response messages for a unary or client-streaming RPC. (#8523)
  • client: Fail RPCs with status INTERNAL instead of UNKNOWN upon receiving http headers with status 1xx and END_STREAM flag set. (#8518)
  • pick_first: Fix race condition that could cause pick_first to get stuck in IDLE state on backend address change. (#8615)

New Features

  • credentials: Add credentials/jwt package providing file-based JWT PerRPCCredentials (A97). (#8431)

Performance Improvements

  • client: Improve HTTP/2 header size estimate to reduce re-allocations. (#8547)
  • encoding/proto: Avoid redundant message size calculation when marshaling. (#8569)
Commits
  • d96c2ef Change version to 1.76.0 (#8584)
  • 79c553c Cherry pick #8610, #8615 to v1.76.x (#8621)
  • 0513350 client: minor improvements to log messages (#8564)
  • ebaf486 credentials: implement file-based JWT Call Credentials (part 1 for A97) (#8431)
  • ca78c90 xds/resolver_test: fix flaky test ResolverBadServiceUpdate_NACKedWithoutCache...
  • 83bead4 internal/buffer: set closed flag when closing channel in the Load method (#8575)
  • 0f45079 encoding/proto: enable use cached size option (#8569)
  • 8420f3f transport: avoid slice reallocation during header creation (#8547)
  • b36320e Revert "stats/opentelemetry: record retry attempts from clientStream (#8342)"...
  • c122250 stats/opentelemetry: record retry attempts from clientStream (#8342)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.9 to 1.36.10

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the go group with 5 updates
0c262e2 
Bumps the go group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.27.0` | `10.28.0` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.9.0` | `1.10.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.44.0` | `0.46.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.75.1` | `1.76.0` |
| google.golang.org/protobuf | `1.36.9` | `1.36.10` |


Updates `github.com/go-playground/validator/v10` from 10.27.0 to 10.28.0
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](go-playground/validator@v10.27.0...v10.28.0)

Updates `github.com/open-policy-agent/opa` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.9.0...v1.10.0)

Updates `golang.org/x/net` from 0.44.0 to 0.46.0
- [Commits](golang/net@v0.44.0...v0.46.0)

Updates `google.golang.org/grpc` from 1.75.1 to 1.76.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.75.1...v1.76.0)

Updates `google.golang.org/protobuf` from 1.36.9 to 1.36.10

---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
  dependency-version: 10.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/grpc
  dependency-version: 1.76.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner November 1, 2025 18:02
@dependabot dependabot bot requested review from kenjenkins and removed request for a team November 1, 2025 18:02
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kenjenkins kenjenkins Awaiting requested review from kenjenkins kenjenkins is a code owner automatically assigned from pomerium/dev-backend

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant