Skip to content

chore(deps): bump github.com/kedacore/keda/v2 from 2.16.1 to 2.17.0 #942

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 10, 2025
Merged

chore(deps): bump github.com/kedacore/keda/v2 from 2.16.1 to 2.17.0 #942

merged 2 commits into from
Apr 10, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 9, 2025
edited
Loading

Bumps github.com/kedacore/keda/v2 from 2.16.1 to 2.17.0.

Release notes

Sourced from github.com/kedacore/keda/v2's releases.

v2.17.0

We are happy to release KEDA v2.17.0 🎉

Here are some highlights:

  • Introduce new NSQ scaler (#3281)
  • Introduce new Temporal scaler (#4724)

Here are the new breaking change(s) of this release:

  • Change InitialCooldownPeriod from int32 to *int32 (#6423)
  • Remove Prometheus metric deprecations (#6339)
  • Remove deprecated tlsCertFile from External scaler (#4549)

Here are the new deprecation(s) as of this release:

  • Deprecate NATS Streaming Server (aka Stan) (#6362)

Learn how to deploy KEDA by reading our documentation.

🗓️ The next KEDA release is currently being to be decided, learn more in our roadmap.

New Contributors

Full Changelog: kedacore/keda@v2.16.1...v2.17.0

Changelog

Sourced from github.com/kedacore/keda/v2's changelog.

v2.17.0

New

  • General: Add support for time-bound Kubernetes ServiceAccount tokens as a source for TriggerAuthentication (#6136)
  • General: Introduce new NSQ scaler (#3281)
  • General: Introduce new Temporal scaler (#4724)

Improvements

  • General: Add Fallback option behavior for dynamic fallback calculation (#6450)
  • General: Add SecretKey to AWS SecretsManager TriggerAuthentication to allow parsing JSON / Key/Value Pairs in secrets (#5940)
  • General: Enable OpenSSF Scorecard to enhance security practices across the project (#5913)
  • General: Operator flag to control patching of webhook resources certificates (#6184)
  • Azure Log Analytics Scaler: Add custom HTTP client timeout (#6607)
  • Azure Pipelines Scaler: Introduce requireAllDemandsAndIgnoreOthers to match job demands while ignoring extras (#5579)
  • Elasticsearch Scaler: Support IgnoreNullValues at Elasticsearch scaler (#6599)
  • GitHub Scaler: Add support to use ETag for conditional requests against the Github API (#6503)
  • GitHub Scaler: Filter workflows via query parameter for improved queue count accuracy (#6519)
  • IBMMQ Scaler: Handling StatusNotFound in IBMMQ scaler (#6472)
  • MongoDB Scaler: Support float queryValue for MongoDB scaler (#6574)
  • Prometheus Scaler: Add custom HTTP client timeout (#6607)
  • RabbitMQ Scaler: Support use of the ‘vhostName’ parameter in the ‘TriggerAuthentication’ resource (#6369)
  • Selenium Grid: Add trigger param for Node enables managed downloads capability (#6570)
  • Selenium Grid: Add trigger param to set custom capabilities for matching specific Nodes (#6536)
  • Selenium Grid: Selenium Grid: Trigger param enableManagedDownloads set as true by default (#6684)

Fixes

  • General: Centralize and improve automaxprocs configuration with proper structured logging (#5970)
  • General: Fix CVE-2025-27144 and CVE-2025-22868 (#6613)
  • General: Fix CVE-2025-29786 (#6637)
  • General: Fix CVE-2025-30204 (#6641)
  • General: Fix event text when deactivation fails (#6469)
  • General: Fix fallback validation check bug (#6407)
  • General: Fix the check whether Fallback is enabled when using ScalingModifiers (#6521)
  • General: Fix waiting to reach failureThreshold before fallback (#6520)
  • General: Make sure the exposed metrics (from KEDA operator) are updated when there is a change to triggers (#6618)
  • General: Paused ScaledObject count is reported correctly after operator restart (#6321)
  • General: Reiterate fix (after #6407) for fallback validation in admission webhook. (#6538)
  • General: ScaledJobs ready status set to true when recoverred problem (#6329)
  • AWS Scalers: Add AWS region to the AWS Config Cache key (#6128)
  • External Scaler: Support server TLS without custom CA (#6606)
  • GCP Storage: GCP Storage scaler ignores folders (#6531)
  • Metrics API: Fix text format parsing error resulting in unexpected end of input stream (#6559)
  • NATS JetStream: Support for looking up account using an ID (#6611)
  • Redis Streams: Allow default value of 0 for activationLagCount (#6478)
  • Selenium Grid: Scaler logic on platformName is set empty or any (#6477)

Deprecations

... (truncated)

Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
github.com/kedacore/keda/v2 [>= 2.14.a, < 2.15]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @rhacs-bot.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump github.com/kedacore/keda/v2 from 2.16.1 to 2.17.0
4295d81 
Bumps [github.com/kedacore/keda/v2](https://github.com/kedacore/keda) from 2.16.1 to 2.17.0.
- [Release notes](https://github.com/kedacore/keda/releases)
- [Changelog](https://github.com/kedacore/keda/blob/main/CHANGELOG.md)
- [Commits](kedacore/keda@v2.16.1...v2.17.0)

---
updated-dependencies:
- dependency-name: github.com/kedacore/keda/v2
  dependency-version: 2.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from janisz April 9, 2025 16:09
@dependabot dependabot bot requested a review from rhybrillou as a code owner April 9, 2025 16:09
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 9, 2025
rhacs-bot
rhacs-bot approved these changes Apr 9, 2025
View reviewed changes
Copy link

@rhacs-bot rhacs-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot squash and merge

@sourcery-ai Sourcery AI
Copy link

sourcery-ai bot commented Apr 9, 2025

Reviewer's Guide by Sourcery

This pull request updates the KEDA dependency from v2.16.1 to v2.17.0. It also updates the golang version to 1.24.1 and updates indirect dependencies.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change Details Files
Update the KEDA dependency from v2.16.1 to v2.17.0.
  • Update github.com/kedacore/keda/v2 to v2.17.0.
 go.mod
go.sum
Update golang version to 1.24.1.
  • Update golang version to 1.24.1.
 go.mod
Update indirect dependencies.
  • Update github.com/evanphx/json-patch/v5 from v5.9.0 to v5.9.11.
  • Update github.com/expr-lang/expr from v1.17.0 to v1.17.2.
  • Update github.com/google/go-cmp from v0.6.0 to v0.7.0.
  • Update github.com/prometheus/client_golang from v1.20.5 to v1.21.1.
  • Update github.com/prometheus/common from v0.61.0 to v0.63.0.
  • Update golang.org/x/exp from v0.0.0-20241217172543-b2144cdd0a67 to v0.0.0-20250210185358-939b2ce775ac.
  • Update golang.org/x/crypto from v0.36.0 to v0.37.0.
  • Update golang.org/x/net from v0.37.0 to v0.38.0.
  • Update golang.org/x/oauth2 from v0.25.0 to v0.29.0.
  • Update golang.org/x/sync from v0.12.0 to v0.13.0.
  • Update golang.org/x/sys from v0.31.0 to v0.32.0.
  • Update golang.org/x/term from v0.30.0 to v0.31.0.
  • Update golang.org/x/text from v0.23.0 to v0.24.0.
  • Update golang.org/x/time from v0.8.0 to v0.11.0.
  • Update google.golang.org/genproto/googleapis/rpc from v0.0.0-20241223144023-3abc09e42ca8 to v0.0.0-20250313205543-e70fdf4c4cb4.
  • Update google.golang.org/grpc from v1.69.2 to v1.71.1.
  • Update google.golang.org/protobuf from v1.36.1 to v1.36.6.
  • Update knative.dev/pkg from v0.0.0-20241218051509-40afb7c5436e to v0.0.0-20250326102644-9f3e60a9244c.
  • Update sigs.k8s.io/controller-runtime from v0.19.3 to v0.19.7.
  • Update sigs.k8s.io/kustomize/api from v0.18.0 to v0.19.0.
  • Update sigs.k8s.io/kustomize/kyaml from v0.18.1 to v0.19.0.
 go.mod
go.sum
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!
  • Generate a plan of action for an issue: Comment @sourcery-ai plan on
    an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 9, 2025

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

janisz
janisz reviewed Apr 10, 2025
View reviewed changes
@dependabot dependabot bot merged commit c468360 into main Apr 10, 2025
5 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/kedacore/keda/v2-2.17.0 branch April 10, 2025 15:34
@BrewTestBot BrewTestBot mentioned this pull request Jun 13, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@janisz janisz janisz left review comments

@rhacs-bot rhacs-bot rhacs-bot approved these changes

@rhybrillou rhybrillou Awaiting requested review from rhybrillou rhybrillou is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@janisz @rhacs-bot