build(deps): Bump the all-go group across 5 directories with 14 updates#3271
build(deps): Bump the all-go group across 5 directories with 14 updates#3271julienrbrt merged 3 commits intomainfrom
Conversation
Bumps the all-go group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/kms](https://github.com/googleapis/google-cloud-go) | `1.27.0` | `1.29.0` | | [connectrpc.com/connect](https://github.com/connectrpc/connect-go) | `1.19.1` | `1.19.2` | | [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.5` | `1.41.6` | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.14` | `1.32.16` | | [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) | `1.50.4` | `1.50.5` | | [github.com/celestiaorg/nmt](https://github.com/celestiaorg/nmt) | `0.24.2` | `0.24.3` | | [github.com/libp2p/go-libp2p-kad-dht](https://github.com/libp2p/go-libp2p-kad-dht) | `0.39.0` | `0.39.1` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.49.0` | `0.50.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.52.0` | `0.53.0` | Bumps the all-go group with 1 update in the /execution/evm directory: [github.com/evstack/ev-node](https://github.com/evstack/ev-node). Bumps the all-go group with 3 updates in the /execution/grpc directory: [connectrpc.com/connect](https://github.com/connectrpc/connect-go), [golang.org/x/net](https://github.com/golang/net) and [github.com/evstack/ev-node](https://github.com/evstack/ev-node). Bumps the all-go group with 2 updates in the /test/docker-e2e directory: [github.com/celestiaorg/tastora](https://github.com/celestiaorg/tastora) and [github.com/evstack/ev-node/execution/evm](https://github.com/evstack/ev-node). Bumps the all-go group with 1 update in the /test/e2e directory: [github.com/celestiaorg/tastora](https://github.com/celestiaorg/tastora). Updates `cloud.google.com/go/kms` from 1.27.0 to 1.29.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.27.0...dlp/v1.29.0) Updates `connectrpc.com/connect` from 1.19.1 to 1.19.2 - [Release notes](https://github.com/connectrpc/connect-go/releases) - [Changelog](https://github.com/connectrpc/connect-go/blob/main/RELEASE.md) - [Commits](connectrpc/connect-go@v1.19.1...v1.19.2) Updates `github.com/aws/aws-sdk-go-v2` from 1.41.5 to 1.41.6 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@v1.41.5...v1.41.6) Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.14 to 1.32.16 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.32.14...config/v1.32.16) Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.50.4 to 1.50.5 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/ssm/v1.50.4...service/ssm/v1.50.5) Updates `github.com/aws/smithy-go` from 1.24.3 to 1.25.0 - [Release notes](https://github.com/aws/smithy-go/releases) - [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md) - [Commits](aws/smithy-go@v1.24.3...v1.25.0) Updates `github.com/celestiaorg/nmt` from 0.24.2 to 0.24.3 - [Release notes](https://github.com/celestiaorg/nmt/releases) - [Commits](celestiaorg/nmt@v0.24.2...v0.24.3) Updates `github.com/libp2p/go-libp2p-kad-dht` from 0.39.0 to 0.39.1 - [Release notes](https://github.com/libp2p/go-libp2p-kad-dht/releases) - [Commits](libp2p/go-libp2p-kad-dht@v0.39.0...v0.39.1) Updates `golang.org/x/crypto` from 0.49.0 to 0.50.0 - [Commits](golang/crypto@v0.49.0...v0.50.0) Updates `golang.org/x/net` from 0.52.0 to 0.53.0 - [Commits](golang/net@v0.52.0...v0.53.0) Updates `google.golang.org/api` from 0.273.1 to 0.274.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.273.1...v0.274.0) Updates `github.com/evstack/ev-node` from 1.0.0 to 1.1.0 - [Release notes](https://github.com/evstack/ev-node/releases) - [Changelog](https://github.com/evstack/ev-node/blob/main/CHANGELOG.md) - [Commits](v1.0.0...v1.1.0) Updates `connectrpc.com/connect` from 1.19.1 to 1.19.2 - [Release notes](https://github.com/connectrpc/connect-go/releases) - [Changelog](https://github.com/connectrpc/connect-go/blob/main/RELEASE.md) - [Commits](connectrpc/connect-go@v1.19.1...v1.19.2) Updates `golang.org/x/net` from 0.52.0 to 0.53.0 - [Commits](golang/net@v0.52.0...v0.53.0) Updates `github.com/evstack/ev-node` from 1.0.0 to 1.1.0 - [Release notes](https://github.com/evstack/ev-node/releases) - [Changelog](https://github.com/evstack/ev-node/blob/main/CHANGELOG.md) - [Commits](v1.0.0...v1.1.0) Updates `github.com/celestiaorg/tastora` from 0.17.0 to 0.19.0 - [Release notes](https://github.com/celestiaorg/tastora/releases) - [Commits](celestiaorg/tastora@v0.17.0...v0.19.0) Updates `github.com/evstack/ev-node/execution/evm` from 1.0.0 to 1.0.1 - [Release notes](https://github.com/evstack/ev-node/releases) - [Changelog](https://github.com/evstack/ev-node/blob/main/CHANGELOG.md) - [Commits](v1.0.0...execution/evm/v1.0.1) Updates `github.com/celestiaorg/tastora` from 0.16.1-0.20260312082036-2ee1b0a2ac4e to 0.19.0 - [Release notes](https://github.com/celestiaorg/tastora/releases) - [Commits](celestiaorg/tastora@v0.17.0...v0.19.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/kms dependency-version: 1.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: connectrpc.com/connect dependency-version: 1.19.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-version: 1.41.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-version: 1.32.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/aws/aws-sdk-go-v2/service/kms dependency-version: 1.50.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/aws/smithy-go dependency-version: 1.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: github.com/celestiaorg/nmt dependency-version: 0.24.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/libp2p/go-libp2p-kad-dht dependency-version: 0.39.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: golang.org/x/crypto dependency-version: 0.50.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: golang.org/x/net dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: google.golang.org/api dependency-version: 0.274.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: github.com/evstack/ev-node dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: connectrpc.com/connect dependency-version: 1.19.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: golang.org/x/net dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: github.com/evstack/ev-node dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: github.com/celestiaorg/tastora dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go - dependency-name: github.com/evstack/ev-node/execution/evm dependency-version: 1.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-go - dependency-name: github.com/celestiaorg/tastora dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-go ... Signed-off-by: dependabot[bot] <support@github.com>
|
The latest Buf updates on your PR. Results from workflow CI / buf-check (pull_request).
|
|
Claude finished @julienrbrt's task in 2m 4s —— View job PR Review
SummaryThis is a dependabot-driven dependency bump across 5 Go modules. All changes are confined to Security
Notable Bug Fixes
Dependency Update Notes
Go toolchain bump: Tastora Downgrade — Attention NeededThe dependabot commit bumped
The v0.19.0 bump would have migrated from Docker/Moby v28 to v29's modular Go module layout (introducing
Minor suggestion: it would be helpful to document why tastora v0.19.0 was skipped (e.g., a comment in the go.mod or a follow-up issue) so future dependabot PRs don't repeat the same bump-and-revert cycle. Overall AssessmentThe PR is well-formed: all changes are mechanical dependency bumps, CI passes, coverage is stable, and the security fix in Recommendation: Approve and merge. The |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #3271 +/- ##
==========================================
- Coverage 62.58% 62.56% -0.03%
==========================================
Files 122 122
Lines 13020 13020
==========================================
- Hits 8149 8146 -3
- Misses 3986 3988 +2
- Partials 885 886 +1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Bumps the all-go group with 9 updates in the / directory:
1.27.01.29.01.19.11.19.21.41.51.41.61.32.141.32.161.50.41.50.50.24.20.24.30.39.00.39.10.49.00.50.00.52.00.53.0Bumps the all-go group with 1 update in the /execution/evm directory: github.com/evstack/ev-node.
Bumps the all-go group with 3 updates in the /execution/grpc directory: connectrpc.com/connect, golang.org/x/net and github.com/evstack/ev-node.
Bumps the all-go group with 2 updates in the /test/docker-e2e directory: github.com/celestiaorg/tastora and github.com/evstack/ev-node/execution/evm.
Bumps the all-go group with 1 update in the /test/e2e directory: github.com/celestiaorg/tastora.
Updates
cloud.google.com/go/kmsfrom 1.27.0 to 1.29.0Release notes
Sourced from cloud.google.com/go/kms's releases.
Changelog
Sourced from cloud.google.com/go/kms's changelog.
Commits
664da02chore: librarian release pull request: 20260326T071503Z (#14266)0b388a0chore: create empty README.md (#14263)8d67792feat(bigquery): add tracing telemetry to Table and Routine operations (#14216)54f46f7chore: format repo metadata (#14262)9b18aafchore: format snippet metadata (#14261)d5a18a4feat(firestore): add raw execute options and move options (#14259)18946f1Fspq fix stages (#14253)5bf0cf4chore: update librarian-go image SHA (#14258)009dc43chore: update image SHA (#14256)5e50d57chore: librarian generate pull request: 20260325T071032Z (#14251)Updates
connectrpc.com/connectfrom 1.19.1 to 1.19.2Release notes
Sourced from connectrpc.com/connect's releases.
Commits
1c195aePrepare for v1.19.2 (#920)96abc6bUpgrade golangci-lint to v2 (#917)be72fa5Clarify concurrent use semantics for streaming types (#911)299d2e7Fix nil pointer deref in duplexHTTPCall under concurrent Send + CloseAndRecei...e299aa6Bump google.golang.org/grpc from 1.76.0 to 1.79.3 in /internal/conformance (#...7b531c0Clarify UnaryFunc response type (#912)02f23a3Fix typo in RELEASE.md (#906)ec6f523Add Timo Stamm to maintainers (#905)59cc697Use 'deadline_exceeded' instead of 'canceled' on HTTP/2 cancelation when appr...e9aff4aBump connectrpc.com/conformance from 1.0.4 to 1.0.5 in /internal/conformance ...Updates
github.com/aws/aws-sdk-go-v2from 1.41.5 to 1.41.6Commits
9bc9c51Release 2026-04-172b41455Regenerated Clients2327a1bUpdate endpoints model9225797Update API model7b6f675Bump smithy-go to 1.25 (again) (#3390)c8b6a97Release 2026-04-164a05c2bRegenerated Clients6cd4cc9Update endpoints model3153bedUpdate API modelfe3cef6Make AccountIDEndpointRouting aware of bdd endpoints (#3387)Updates
github.com/aws/aws-sdk-go-v2/configfrom 1.32.14 to 1.32.16Commits
9bc9c51Release 2026-04-172b41455Regenerated Clients2327a1bUpdate endpoints model9225797Update API model7b6f675Bump smithy-go to 1.25 (again) (#3390)c8b6a97Release 2026-04-164a05c2bRegenerated Clients6cd4cc9Update endpoints model3153bedUpdate API modelfe3cef6Make AccountIDEndpointRouting aware of bdd endpoints (#3387)Updates
github.com/aws/aws-sdk-go-v2/service/kmsfrom 1.50.4 to 1.50.5Commits
61ed638Release 2024-06-037aa6c91Regenerated Clients69b45eeUpdate endpoints model3f8909dUpdate API modele3c589fadd missing deprecation docs on global EndpointResolver interfaces (#2665)4d3e8fdfix s3 expected bucket owner presigning (#2662)75ab304Release 2024-05-313e8a5acRegenerated Clients961e44fUpdate API model5edcd29Release 2024-05-30Updates
github.com/aws/smithy-gofrom 1.24.3 to 1.25.0Release notes
Sourced from github.com/aws/smithy-go's releases.
Changelog
Sourced from github.com/aws/smithy-go's changelog.
... (truncated)
Commits
73bb8a7Release 2026-04-15f056c6fChangelogee36afcImplement BDD generator for@endpointBddSmithy trait (#647)Updates
github.com/celestiaorg/nmtfrom 0.24.2 to 0.24.3Release notes
Sourced from github.com/celestiaorg/nmt's releases.
Commits
ed1aab0fix: reject truncated proofs in validateCompleteness (GHSA-r9fq-g486-v8pg) (#...7b18923ci: fix code scanning alerts (#319)d0a6f62chore: add CLAUDE.md with Hacken bug bounty PR guidelines (#315)8678385chore(deps): bump golangci/golangci-lint-action from 8 to 9 (#310)34d7314chore(deps): bump actions/checkout from 5 to 6 (#311)b643cfcchore: add CODEOWNERS with protocol team (#314)Updates
github.com/libp2p/go-libp2p-kad-dhtfrom 0.39.0 to 0.39.1Release notes
Sourced from github.com/libp2p/go-libp2p-kad-dht's releases.
Commits
bef178cchore: release v0.39.1 (#1245)248f53bfix: data race on AddrInfo.Addrs in queryPeer (#1244)e8f6083fix(provider): reduce provide log verbosity (#1243)f9a090etests: fix flaky TestStartProvidingSingle (#1242)Updates
golang.org/x/cryptofrom 0.49.0 to 0.50.0Commits
03ca0dcgo.mod: update golang.org/x dependencies8400f4assh: respect signer's algorithm preference in pickSignatureAlgorithm81c6cb3ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLengthUpdates
golang.org/x/netfrom 0.52.0 to 0.53.0Commits
a8d1fc1go.mod: update golang.org/x dependencies056ac74quic: avoid depending on golang.org/x/sys/unixc85f611http3: add http3 package for testing in std805fc81http2: add transport API testse63b894http2: support testing via net/http.Transport.RoundTrip9ee1e48http2/hpack: prevent HeaderField from escaping during encoding1e71bd8http2: prevent hanging Transport due to bad SETTINGS frame7bca150internal/http3: respect net/http Server Shutdown context when shutting down44c41beinternal/http3: prevent server from holding mutex when sleeping during shutdown228a67ainternal/http3: add CloseIdleConnections support in transportUpdates
google.golang.org/apifrom 0.273.1 to 0.274.0Release notes
Sourced from google.golang.org/api's releases.
Changelog
Sourced from google.golang.org/api's changelog.
Commits
6c759a2chore(main): release 0.274.0 (#3556)0e634aefeat(all): auto-regenerate discovery clients (#3555)0f75259chore: embargo aiplatform:v1beta1 temporarily (#3554)Updates
github.com/evstack/ev-nodefrom 1.0.0 to 1.1.0Release notes
Sourced from github.com/evstack/ev-node's releases.
... (truncated)
Changelog
Sourced from github.com/evstack/ev-node's changelog.
Commits
6f09600chore: correct vm ui link and include in json benchmark result (#3234)536f57ebuild(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...d2a29e8chore: prep rc.2 (#3231)d163059fix: Publisher-mode synchronization option for failover scenario (#3222)04c9cadfeat(pkg/p2p): reconnect on disconnected peers (#3212)ff88b95build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)3d5591dbuild(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...a8bd8b2build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...920f0c9build(deps): Bump extractions/setup-just from 3 to 4 (#3227)022b565chore: Better check for stored meta not stale (#3221)Updates
connectrpc.com/connectfrom 1.19.1 to 1.19.2Release notes
Sourced from connectrpc.com/connect's releases.
Commits
1c195aePrepare for v1.19.2 (#920)96abc6bUpgrade golangci-lint to v2 (#917)be72fa5Clarify concurrent use semantics for streaming types (#911)299d2e7Fix nil pointer deref in duplexHTTPCall under concurrent Send + CloseAndRecei...e299aa6Bump google.golang.org/grpc from 1.76.0 to 1.79.3 in /internal/conformance (#...7b531c0Clarify UnaryFunc response type (#912)02f23a3Fix typo in RELEASE.md (#906)ec6f523Add Timo Stamm to maintainers (#905)59cc697Use 'deadline_exceeded' instead of 'canceled' on HTTP/2 cancelation when appr...e9aff4aBump connectrpc.com/conformance from 1.0.4 to 1.0.5 in /internal/conformance ...Updates
golang.org/x/netfrom 0.52.0 to 0.53.0Commits
a8d1fc1go.mod: update golang.org/x dependencies056ac74quic: avoid depending on golang.org/x/sys/unixc85f611http3: add http3 package for testing in std805fc81http2: add transport API testse63b894http2: support testing via net/http.Transport.RoundTrip9ee1e48http2/hpack: prevent HeaderField from escaping during encoding1e71bd8http2: prevent hanging Transport due to bad SETTINGS frame7bca150internal/http3: respect net/http Server Shutdown context when shutting down44c41beinternal/http3: prevent server from holding mutex when sleeping during shutdown228a67ainternal/http3: add CloseIdleConnections support in transportUpdates
github.com/evstack/ev-nodefrom 1.0.0 to 1.1.0Release notes
Sourced from github.com/evstack/ev-node's releases.
... (truncated)
Changelog
Sourced from github.com/evstack/ev-node's changelog.
Commits
6f09600chore: correct vm ui link and include in json benchmark result (#3234)536f57ebuild(deps): Bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.87.1 to 1.99...d2a29e8chore: prep rc.2 (#3231)d163059fix: Publisher-mode synchronization option for failover scenario (#3222)04c9cadfeat(pkg/p2p): reconnect on disconnected peers (#3212)ff88b95build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)3d5591dbuild(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...a8bd8b2build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...920f0c9build(deps): Bump extractions/setup-just from 3 to 4 (#3227)022b565chore: Better check for stored meta not stale (#3221)Updates
github.com/celestiaorg/tastorafrom 0.17.0 to 0.19.0Release notes
Sourced from github.com/celestiaorg/tastora's releases.
Commits
6f9af02chore: migrate from Docker/Moby v28 to v29 modular Go modules (#195)73cff81feat: add WithBlockWaitTimeout to ChainBuilder (#189)cfce4f0chore: Update CODEOWNERS (#190)08cea29Merge pull request #193 from celestiaorg/fix/add-merge-group-trigger792abd0ci: add merge_group trigger to workflowsf46602eMerge pull request #192 from rootulp/rootulp/fix-flaky-docker-keyring-test700a7acfix: log error when dockerKeyring initialization fails in Backend()3e03c33fix(test): wait for exec completion in DockerKeyringTestSuite setupUpdates
github.com/evstack/ev-node/execution/evmfrom 1.0.0 to 1.0.1Changelog
Sourced from github.com/evstack/ev-node/execution/evm's changelog.
... (truncated)
Commits
d163059fix: Publisher-mode synchronization option for failover scenario (#3222)04c9cadfeat(pkg/p2p): reconnect on disconnected peers (#3212)ff88b95build(deps): Bump the all-go group across 4 directories with 11 updates (#3228)3d5591dbuild(deps): Bump defu from 6.1.4 to 6.1.6 in /docs in the npm_and_yarn group...a8bd8b2build(deps): Bump benchmark-action/github-action-benchmark from 1.21.0 to 1.2...920f0c9build(deps): Bump extractions/setup-just from 3 to 4 (#3227)022b565chore: Better check for stored meta not stale (#3221)4840f50chore: mixed benchmark test (#3223)cc9f965ci: optimize Go and Docker layer caching (#3213)4a70e0bchore: prep app for v1.1.0-rc.1 (#3220)Updates
github.com/celestiaorg/tastorafrom 0.16.1-0.20260312082036-2ee1b0a2ac4e to 0.19.0Release notes
Sourced from github.com/celestiaorg/tastora's releases.