#82 [Snyk] Security upgrade alpine from 3.14 to 3.15 Pull request opened by snyk-bot on <!date^1659923515^{date_short}|2022-08-08T01:51:55Z> Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/a12db2a15d0d5de3a37af33b40450d72a0ea77b1edd104c9ebef301acede92e8/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a684f4749354d6a4e6a5a433077596a6c694c5451794d4449744f47517a4d5330324d4467795a6a5133593259324f4455694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d4534596a6b794d324e6b4c5442694f5749744e4449774d6930345a444d784c5459774f444a6d4e44646a5a6a59344e534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/datacatalog GitHub Actions: Goreleaser GitHub Actions: Build & Push Datacatalog Image GitHub Actions: Bump Version GitHub Actions: Unit Tests / Run Unit Test GitHub Actions: Lint / Run Lint GitHub Actions: Check Go Gennerate / Go Generate DCO: DCO ✅ 2 other checks have passed 2/9 successful checks

#91 [Snyk] Security upgrade alpine from 3.16 to 3.17 Pull request opened by snyk-bot on <!date^1675916597^{date_short}|2023-02-09T04:23:17Z> Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3.17

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/370c71aba1c21dc1bef49fbde9eb50f5c7baac9e57e3ec9f5b325a499218746c/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694933597a55784e574d784d53307a4f4455794c54526c5a5459744f4449784d79307a4e6a4e6b4e7a41324e6a67324d3245694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a646a4e544531597a45784c544d344e5449744e47566c4e6930344d6a457a4c544d324d3251334d4459324f44597a59534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/datacatalog GitHub Actions: Goreleaser GitHub Actions: Build & Push Datacatalog Image GitHub Actions: Bump Version DCO: DCO ✅ 7 other checks have passed 7/11 successful checks

#106 [Snyk] Security upgrade alpine from 3.16 to 3 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/dbd075cbff7aa8d8763cba68b5e90076cf3227ad8e2b6670eb8dc4a81ca9a1ea/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a684e5451774e544178595330775a5468684c5451334d544174595755785a433035596a566d4d5455334d4467345a5445694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d45314e4441314d4446684c54426c4f4745744e4463784d4331685a54466b4c546c694e5759784e5463774f44686c4d534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/datacatalog GitHub Actions: Goreleaser GitHub Actions: Build & Push Datacatalog Image GitHub Actions: Bump Version DCO: DCO ✅ 7 other checks have passed 7/11 successful checks

#107 [Snyk] Security upgrade alpine from 3.16 to 3 Pull request opened by eapolinario on <!date^1686075522^{date_short}|2023-06-06T18:18:42Z> This PR was automatically created by Snyk using the credentials of a real user. Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3

, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/d203acf8a39b74c57ab47b197aad5cf8d57b9338782af1a5c90aa4b72d2fd472/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a6d4d4756694d4445345a43316d5a4463334c5451774d5455744f5749784f53316a4e325135596d5a6b4e6d4d784d7a55694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d59775a5749774d54686b4c575a6b4e7a63744e4441784e533035596a45354c574d335a446c695a6d5132597a457a4e534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/datacatalog GitHub Actions: Build & Push Datacatalog Image GitHub Actions: Goreleaser GitHub Actions: Bump Version DCO: DCO ✅ 7 other checks have passed 7/11 successful checks

#41 [Snyk] Security upgrade alpine from 3.14 to 3.15 Pull request opened by EngHabu This PR was automatically created by Snyk using the credentials of a real user. Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/7e0ba5d264eeaf9aa67af0e7854bb454c92e7bc0a477c4e1492c4d5286e87dde/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a6d597a63314d7a59334d53316a5a47566c4c545135597a45744f4463324e4331694f545a6c595452684d4455335a6d45694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d5a6a4e7a557a4e6a63784c574e6b5a5755744e446c6a4d5330344e7a59304c5749354e6d56684e4745774e54646d59534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Dry run goreleaser DCO: DCO ✅ 7 other checks have passed 7/12 successful checks

#40 [Snyk] Security upgrade alpine from 3.14 to 3.15 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/c9cdff725f093ad66b3398ddbb9b0310e9f82a1c76bcac2c6c412a346b0c9173/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a6b59544a684e7a5a685969307a5a4445314c5451785a5449744f4449775a5330334e4455784d3259305a544d344e6a6b694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d52684d6d45334e6d46694c544e6b4d5455744e44466c4d6930344d6a426c4c5463304e54457a5a6a526c4d7a67324f534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version Codecov: 16.80% (-1.00%) compared to 378c9d2 GitHub Actions: Dry run goreleaser DCO: DCO ✅ 6 other checks have passed 6/12 successful checks

#43 [Snyk] Security upgrade alpine from 3.14 to 3.15 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/5b90cc8efbf5c2cff3c1aaf3fece04219f147445af8a8f7e00844da110388156/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f6949354e4464694f4467315a6931685a5467794c54526a4e325974595463325a6930354d6d45304e54597a4f4751324e6a6b694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a6b304e3249344f44566d4c57466c4f4449744e474d335a6931684e7a5a6d4c546b79595451314e6a4d345a4459324f534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Dry run goreleaser DCO: DCO ✅ 7 other checks have passed 7/12 successful checks

#44 [Snyk] Security upgrade alpine from 3.14 to 3.15 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/a61a939bd211e59ffa10a4be381c855f02d9a4c11fa7de05fa36f92e3b81cb83/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f6949344e54526b4e545a6d4e6930794d7a63304c5451324d5441744f54557a5969316b5a44466c4e7a4d304d7a5179597a67694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a67314e4751314e6d59324c54497a4e7a51744e4459784d4330354e544e694c57526b4d5755334d7a517a4e444a6a4f434a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Dry run goreleaser DCO: DCO ✅ 7 other checks have passed 7/12 successful checks

#55 [Snyk] Security upgrade alpine from 3.14 to 3.16 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.16

, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/3b9c5f09a18418eeed3bebe90bf9e6718391de585a68b91af0383c637489ced1/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f6949354e32466c593245354e5330325a5759354c5451774e6d5974595467794f5330345a6a4a6c5957466a595467774d4751694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a6b335957566a59546b314c545a6c5a6a6b744e4441325a6931684f4449354c54686d4d6d566859574e684f4441775a434a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version DCO: DCO ✅ 6 other checks have passed 6/10 successful checks

#59 [Snyk] Security upgrade alpine from 3.16 to 3 Pull request opened by snyk-bot on <!date^1686068070^{date_short}|2023-06-06T16:14:30Z> Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3

, as this image has only 1 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/9dca67ad0f0cd527b0858bec1e1136815d16ab6b4e16fd8c327a5cff704e945e/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f6949784e6a6c6b5a6a67344f5331694d324a684c545134597a67744f444a6c5a6931684d4441345a6a67314d57457a593259694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a45324f57526d4f4467354c57497a596d45744e44686a4f4330344d6d566d4c5745774d44686d4f44557859544e6a5a694a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version DCO: DCO ✅ 8 other checks have passed 8/12 successful checks

#58 [Snyk] Security upgrade alpine from 3.16 to 3 Pull request opened by EngHabu This PR was automatically created by Snyk using the credentials of a real user. Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • Dockerfile We recommend upgrading to

alpine:3

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/e13f3c226645686f5ad3eedfe86e3a20c85bb45cc288187e7d41af33a5523297/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694933597a68685a574e6a4d6930304e7a417a4c54526a4d324974595745324f5330794e5459784e6a417a4e4441314e5745694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a646a4f47466c59324d794c5451334d444d744e474d7a59693168595459354c5449314e6a45324d444d304d44553159534a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version DCO: DCO ✅ 8 other checks have passed 8/12 successful checks

#46 Bump github.com/prometheus/client_golang from 1.9.0 to 1.11.1 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps github.com/prometheus/client_golang from 1.9.0 to 1.11.1. Release notes _Sourced from github.com/prometheus/client_golang's releases._

1.11.1 / 2022-02-15

• [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed `CVE-2022-21698`)

What's Changed

• promhttp: Check validity of method and code label values by `@​bwplotka` and `@​kakkoyun` in prometheus/client_golang#987

Full Changelog: prometheus/client_golang@v1.11.0...v1.11.1

v1.11.0 / 2021-06-07

• [CHANGE] Add new collectors package. #862

• [CHANGE]

prometheus.NewExpvarCollector

is deprecated, use

collectors.NewExpvarCollector

instead. #862

• [CHANGE]

prometheus.NewGoCollector

is deprecated, use

collectors.NewGoCollector

instead. #862

• [CHANGE]

prometheus.NewBuildInfoCollector

is deprecated, use

collectors.NewBuildInfoCollector

instead. #862

• [FEATURE] Add new collector for database/sql#DBStats. #866

• [FEATURE] API client: Add exemplars API support. #861

• [ENHANCEMENT] API client: Add newer fields to Rules API. #855

• [ENHANCEMENT] API client: Add missing fields to Targets API. #856

What's Changed

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#846

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#849

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#853

• Add newer fields to Rules API by `@​gouthamve` in prometheus/client_golang#855

• Add missing fields to targets API by `@​yeya24` in prometheus/client_golang#856

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#857

• Add exemplars API support by `@​yeya24` in prometheus/client_golang#861

• Improve description of MaxAge in summary docs by `@​Dean-Coakley` in prometheus/client_golang#864

• Add new collectors package by `@​johejo` in prometheus/client_golang#862

• Add collector for database/sql#DBStats by `@​johejo` in prometheus/client_golang#866

• Make dbStatsCollector more DRY by `@​beorn7` in prometheus/client_golang#867

• Change maintainers from `@​beorn7` to @bwplotka/`@​kakkoyun` by `@​beorn7` in prometheus/client_golang#873

• Document implications of negative observations by `@​beorn7` in prometheus/client_golang#871

• Update Go modules by `@​SuperQ` in prometheus/client_golang#875

New Contributors

• `@​gouthamve` made their first contribution in prometheus/client_golang#855

Full Changelog: prometheus/client_golang@v1.10.0...v1.11.0

1.10.0 / 2021-03-18

• [CHANGE] Minimum required Go version is now 1.13.

• [CHANGE] API client: Add matchers to

LabelNames

and

LabesValues

. #828

• [FEATURE] API client: Add buildinfo call. #841

• [BUGFIX] Fix build on riscv64. #833

What's Changed

• Add SECURITY.md by `@​roidelapluie` in prometheus/client_golang#831

• Bump prometheus/procfs to 0.3.0 to fix building on riscv64 by `@​zhsj` in prometheus/client_golang#833

• Fix typo in comments in prometheus/client_golang#835

... (truncated) Changelog _Sourced from github.com/prometheus/client_golang's changelog._

Unreleased

1.14.0 / 2022-11-08

• [FEATURE] Add Support for Native Histograms. #1150

• [CHANGE] Extend

prometheus.Registry

to implement

prometheus.Collector

interface. #1103

1.13.1 / 2022-11-01

• [BUGFIX] Fix race condition with Exemplar in Counter. #1146

• [BUGFIX] Fix

CumulativeCount

value of

+Inf

bucket created from exemplar. #1148

• [BUGFIX] Fix double-counting bug in

promhttp.InstrumentRoundTripperCounter

. #1118

1.13.0 / 2022-08-05

• [CHANGE] Minimum required Go version is now 1.17 (we also test client_golang against new 1.19 version).

• [ENHANCEMENT] Added

prometheus.TransactionalGatherer

interface for

promhttp.Handler

use which allows using low allocation update techniques for custom colle…

flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#47 Bump golang.org/x/text from 0.3.7 to 0.3.8 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] on <!date^1677131787^{date_short}|2023-02-23T05:56:27Z> Bumps golang.org/x/text from 0.3.7 to 0.3.8. Commits • `434eadc` language: reject excessively large Accept-Language strings • `23407e7` go.mod: ignore cyclic dependency for tagging • `b18d3dd` secure/precis: replace bytes.Compare with bytes.Equal • `795e854` all: replace io/ioutil with io and os package • `b0ca10f` internal/language: bump script types to uint16 and update registry • `ba9b0e1` go.mod: update x/tools to HEAD • `d03b418` A+C: delete AUTHORS and CONTRIBUTORS • `b4bca84` language/display: fix Tag method comment • `ea49e3e` go.mod: update x/tools to HEAD • `78819d0` go.mod: update to golang.org/x/text v0.1.10 • Additional commits viewable in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#48 Bump golang.org/x/text from 0.3.7 to 0.3.8 Pull request opened by dependabot[bot] Bumps golang.org/x/text from 0.3.7 to 0.3.8. Commits • `434eadc` language: reject excessively large Accept-Language strings • `23407e7` go.mod: ignore cyclic dependency for tagging • `b18d3dd` secure/precis: replace bytes.Compare with bytes.Equal • `795e854` all: replace io/ioutil with io and os package • `b0ca10f` internal/language: bump script types to uint16 and update registry • `ba9b0e1` go.mod: update x/tools to HEAD • `d03b418` A+C: delete AUTHORS and CONTRIBUTORS • `b4bca84` language/display: fix Tag method comment • `ea49e3e` go.mod: update x/tools to HEAD • `78819d0` go.mod: update to golang.org/x/text v0.1.10 • Additional commits viewable in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#49 Bump k8s.io/client-go from 0.0.0-20210217172142-7279fc64d847 to 0.20.0-alpha.2 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps k8s.io/client-go from 0.0.0-20210217172142-7279fc64d847 to 0.20.0-alpha.2. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 6 other checks have passed 6/10 successful checks

#50 Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 Pull request opened by dependabot[bot] on <!date^1677289641^{date_short}|2023-02-25T01:47:21Z> Bumps golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#51 Bump golang.org/x/net from 0.0.0-20210805182204-aaa1db679c0d to 0.7.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] on <!date^1677291596^{date_short}|2023-02-25T02:19:56Z> Bumps golang.org/x/net from 0.0.0-20210805182204-aaa1db679c0d to 0.7.0. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#52 Bump golang.org/x/sys from 0.0.0-20210423082822-04245dca01da to 0.1.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps golang.org/x/sys from 0.0.0-20210423082822-04245dca01da to 0.1.0. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry GitHub Actions: Check Go Gennerate / Go Generate ✅ 7 other checks have passed 7/12 successful checks

#53 Bump golang.org/x/crypto from 0.0.0-20201221181555-eec23a3978ad to 0.1.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] on <!date^1678147860^{date_short}|2023-03-07T00:11:00Z> Bumps golang.org/x/crypto from 0.0.0-20201221181555-eec23a3978ad to 0.1.0. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flytecopilot GitHub Actions: Build & Push Flyte copilot Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Build & Push Flyte copilot Image / Push to Github Registry ✅ 8 other checks have passed 8/12 successful checks

#525 Bump golang.org/x/text from 0.3.7 to 0.3.8 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps golang.org/x/text from 0.3.7 to 0.3.8. Commits • `434eadc` language: reject excessively large Accept-Language strings • `23407e7` go.mod: ignore cyclic dependency for tagging • `b18d3dd` secure/precis: replace bytes.Compare with bytes.Equal • `795e854` all: replace io/ioutil with io and os package • `b0ca10f` internal/language: bump script types to uint16 and update registry • `ba9b0e1` go.mod: update x/tools to HEAD • `d03b418` A+C: delete AUTHORS and CONTRIBUTORS • `b4bca84` language/display: fix Tag method comment • `ea49e3e` go.mod: update x/tools to HEAD • `78819d0` go.mod: update to golang.org/x/text v0.1.10 • Additional commits viewable in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Goreleaser GitHub Actions: Bump Version ✅ 10 other checks have passed 10/14 successful checks

#527 Bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 Pull request opened by dependabot[bot] Bumps golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0. Commits • See full diff in compare view Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page. flyteorg/flyteadmin GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Goreleaser GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version ✅ 10 other checks have passed 10/14 successful checks

#521 Bump github.com/prometheus/client_golang from 1.9.0 to 1.11.1 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps github.com/prometheus/client_golang from 1.9.0 to 1.11.1. Release notes _Sourced from github.com/prometheus/client_golang's releases._

1.11.1 / 2022-02-15

• [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed `CVE-2022-21698`)

What's Changed

• promhttp: Check validity of method and code label values by `@​bwplotka` and `@​kakkoyun` in prometheus/client_golang#987

Full Changelog: prometheus/client_golang@v1.11.0...v1.11.1

v1.11.0 / 2021-06-07

• [CHANGE] Add new collectors package. #862

• [CHANGE]

prometheus.NewExpvarCollector

is deprecated, use

collectors.NewExpvarCollector

instead. #862

• [CHANGE]

prometheus.NewGoCollector

is deprecated, use

collectors.NewGoCollector

instead. #862

• [CHANGE]

prometheus.NewBuildInfoCollector

is deprecated, use

collectors.NewBuildInfoCollector

instead. #862

• [FEATURE] Add new collector for database/sql#DBStats. #866

• [FEATURE] API client: Add exemplars API support. #861

• [ENHANCEMENT] API client: Add newer fields to Rules API. #855

• [ENHANCEMENT] API client: Add missing fields to Targets API. #856

What's Changed

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#846

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#849

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#853

• Add newer fields to Rules API by `@​gouthamve` in prometheus/client_golang#855

• Add missing fields to targets API by `@​yeya24` in prometheus/client_golang#856

• Synchronize common files from prometheus/prometheus by `@​prombot` in prometheus/client_golang#857

• Add exemplars API support by `@​yeya24` in prometheus/client_golang#861

• Improve description of MaxAge in summary docs by `@​Dean-Coakley` in prometheus/client_golang#864

• Add new collectors package by `@​johejo` in prometheus/client_golang#862

• Add collector for database/sql#DBStats by `@​johejo` in prometheus/client_golang#866

• Make dbStatsCollector more DRY by `@​beorn7` in prometheus/client_golang#867

• Change maintainers from `@​beorn7` to @bwplotka/`@​kakkoyun` by `@​beorn7` in prometheus/client_golang#873

• Document implications of negative observations by `@​beorn7` in prometheus/client_golang#871

• Update Go modules by `@​SuperQ` in prometheus/client_golang#875

New Contributors

• `@​gouthamve` made their first contribution in prometheus/client_golang#855

Full Changelog: prometheus/client_golang@v1.10.0...v1.11.0

1.10.0 / 2021-03-18

• [CHANGE] Minimum required Go version is now 1.13.

• [CHANGE] API client: Add matchers to

LabelNames

and

LabesValues

. #828

• [FEATURE] API client: Add buildinfo call. #841

• [BUGFIX] Fix build on riscv64. #833

What's Changed

• Add SECURITY.md by `@​roidelapluie` in prometheus/client_golang#831

• Bump prometheus/procfs to 0.3.0 to fix building on riscv64 by `@​zhsj` in prometheus/client_golang#833

• Fix typo in comments in prometheus/client_golang#835

... (truncated) Changelog _Sourced from github.com/prometheus/client_golang's changelog._

Unreleased

1.14.0 / 2022-11-08

• [FEATURE] Add Support for Native Histograms. #1150

• [CHANGE] Extend

prometheus.Registry

to implement

prometheus.Collector

interface. #1103

1.13.1 / 2022-11-01

• [BUGFIX] Fix race condition with Exemplar in Counter. #1146

• [BUGFIX] Fix

CumulativeCount

value of

+Inf

bucket created from exemplar. #1148

• [BUGFIX] Fix double-counting bug in

promhttp.InstrumentRoundTripperCounter

. #1118

1.13.0 / 2022-08-05

• [CHANGE] Minimum required Go version is now 1.17 (we also test client_golang against new 1.19 version).

• [ENHANCEMENT] Added

prometheus.TransactionalGatherer

interface for

promhttp.Handler

use which allows using low allocation update techniques for custom colle…

flyteorg/flyteadmin GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version Codecov: 60.14% (-0.04%) compared to dea5b2a ✅ 9 other checks have passed 9/14 successful checks

#528 Bump golang.org/x/net from 0.0.0-20211015210444-4f30a5c0130f to 0.7.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps golang.org/x/net from 0.0.0-20211015210444-4f30a5c0130f to 0.7.0. Commits • See full diff in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Goreleaser GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version ✅ 10 other checks have passed 10/14 successful checks

#529 Bump golang.org/x/sys from 0.0.0-20211019181941-9d821ace8654 to 0.1.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps golang.org/x/sys from 0.0.0-20211019181941-9d821ace8654 to 0.1.0. Commits • See full diff in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version GitHub Actions: Unit Tests / Run Unit Test ✅ 7 other checks have passed 7/12 successful checks

#534 Bump golang.org/x/crypto from 0.0.0-20210921155107-089bfa567519 to 0.1.0 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] Bumps golang.org/x/crypto from 0.0.0-20210921155107-089bfa567519 to 0.1.0. Commits • See full diff in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Goreleaser GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version GitHub Actions: Check Go Generate / Go Generate ✅ 9 other checks have passed 9/14 successful checks

#535 Bump k8s.io/client-go from 0.0.0-20210217172142-7279fc64d847 to 0.20.0-alpha.2 in /boilerplate/flyte/golang_support_tools Pull request opened by dependabot[bot] on <!date^1678157460^{date_short}|2023-03-07T02:51:00Z> Bumps k8s.io/client-go from 0.0.0-20210217172142-7279fc64d847 to 0.20.0-alpha.2. Commits • See full diff in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) •

@dependabot use these labels

will set the current labels as the default for future PRs for this repo and language •

@dependabot use these reviewers

will set the current reviewers as the default for future PRs for this repo and language •

@dependabot use these assignees

will set the current assignees as the default for future PRs for this repo and language •

@dependabot use this milestone

will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Goreleaser GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Bump Version ✅ 10 other checks have passed 10/14 successful checks

#576 Bump github.com/lestrrat-go/jwx from 1.1.6 to 1.2.26 Pull request opened by dependabot[bot] on <!date^1686763594^{date_short}|2023-06-14T17:26:34Z> Bumps github.com/lestrrat-go/jwx from 1.1.6 to 1.2.26. Release notes Sourced from github.com/lestrrat-go/jwx's releases.

[SECURITY] v1.2.26

```

v1.2.26 - 14 Jun 2023

[Security]

* Potential Padding Oracle Attack Vulnerability and Timing Attack Vulnerability

for JWE AES-CBC encrypted payloads affecting all v2 releases up to v2.0.10,

all v1 releases up to v1.2.25, and all v0 releases up to v0.9.2 have been reported by

@shogo82148.

Please note that v0 versions will NOT receive fixes.

This release fixes these vulnerabilities for the v1 series.

```

v1.2.25

```

v1.2.25 23 May 2022

[Bug Fixes][Security]

* [jwe] An old bug from at least 7 years ago existed in handling AES-CBC unpadding,

where the unpad operation might remove more bytes than necessary ([#744](https://github.com/lestrrat-go/jwx/issues/744))

This affects all jwx code that is available before v2.0.2 and v1.2.25.

```

v1.2.24

```

v1.2.24 05 May 2022

[Security]

* Upgrade golang.org/x/crypto ([#724](https://github.com/lestrrat-go/jwx/issues/724))

```

v1.2.23

```

v1.2.23 13 Apr 2022

[Bug fixes]

* [jwk] jwk.AutoRefresh had a race condition when

Configure()

was

called concurrently ([#686](https://github.com/lestrrat-go/jwx/issues/686))

(It has been patched correctly, but we may come back to revisit

the design choices in the near future)

```

v1.2.22

```

v1.2.22 08 Apr 2022

[Bug fixes]

* [jws] jws.Verify was ignoring the

b64

header when it was present

in the protected headers ([#681](https://github.com/lestrrat-go/jwx/issues/681)). Now the following should work:

jws.Sign(..., jws.WithDetachedPayload(payload))

// previously payload had to be base64 encoded

jws.Verify(..., jws.WithDetachedPayload(payload))

```

... (truncated) Changelog Sourced from github.com/lestrrat-go/jwx's changelog.

v1.2.26 - 14 Jun 2023 [Security]

• Potential Padding Oracle Attack Vulnerability and Timing Attack Vulnerability for JWE AES-CBC encrypted payloads affecting all v2 releases up to v2.0.10, all v1 releases up to v1.2.25, and all v0 releases up to v0.9.2 have been reported by `@​shogo82148`.

Please note that v0 versions will NOT receive fixes. This release fixes these vulnerabilities for the v1 series.

[Miscellaneous]

• JWE tests now only run algorithms that are supported by the underlying

jose

tool

v1.2.25 23 May 2022 [Bug Fixes][Security]

• [jwe] An old bug from at least 7 years ago existed in handling AES-CBC unpadding, where the unpad operation might remove more bytes than necessary (#744) This affects all jwx code that is available before v2.0.2 and v1.2.25.

v1.2.24 05 May 2022 [Security]

• Upgrade golang.org/x/crypto (#724)

v1.2.23 13 Apr 2022 [Bug fixes]

• [jwk] jwk.AutoRefresh had a race condition when

Configure()

was called concurrently (#686) (It has been patched correctly, but we may come back to revisit the design choices in the near future)

v1.2.22 08 Apr 2022 [Bug fixes]

• [jws] jws.Verify was ignoring the

b64

header when it was present in the protected headers (#681). Now the following should work:

jws.Sign(..., jws.WithDetachedPayload(payload)) // previously payload had to be base64 encoded jws.Verify(..., jws.WithDetachedPayload(payload))

(note: v2 branch was not affected)

v1.2.21 30 Mar 2022 [Bug fixes]

• [jwk] RSA keys without p and q can now be parsed.

v1.2.20 03 Mar 2022 [Miscellaneous]

• Dependency on golang.org/x/crypto has been upgraded to v0.0.0-20220214200702-86341886e292 to address

... (truncated) Commits • `d9ddbc8` merge v1 (#936) • `ad8c29d` merge develop/v1 (#747) • `e38f677` Merge develop/v1 (#727) • `baba561` Merge branch 'develop/v1' into v1 • `8ff6c75` Update Changes • `ea97e8c` Fix race in

jwk.AutoRefresh

(#686) • `f4701e1` Update Changes • `e831228` Fix jws.Verify not respecting the b64 header in the protected headers (#683) • `b66a2cb` backport: Update golangci lint (#679) (#680) • `4899c32` reword error • Additional commits viewable in compare view Dependabot compatibility score You can trigger a rebase of this PR by commenting

@dependabot rebase

. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: •

@dependabot rebase

will rebase this PR •

@dependabot recreate

will recreate this PR, overwriting any edits that have been made to it •

@dependabot merge

will merge this PR after your CI passes on it •

@dependabot squash and merge

will squash and merge this PR after your CI passes on it •

@dependabot cancel merge

will cancel a previously requested merge and block automerging •

@dependabot reopen

will reopen this PR if it is closed •

@dependabot close

will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually •

@dependabot ignore this major version

will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this minor version

will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) •

@dependabot ignore this dependency

will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Note > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

flyteorg/flyteadmin GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Goreleaser GitHub Actions: Bump Version ✅ 8 other checks have passed 8/12 successful checks

#433 [Snyk] Security upgrade alpine from 3.13.7 to 3.15 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.15

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/43035446bb7287edf9e64604992482e9a37c8d409b161bf694006a7c1087c614/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694a685a5749355a44466d5953316a4e44566b4c5451324e6a4d74596a45344e5330314f5449335a6a4e6d4d444a684f4467694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496d466c596a6c6b4d575a684c574d304e5751744e4459324d7931694d5467314c5455354d6a646d4d3259774d6d45344f434a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flyteadmin

#291 [Snyk] Security upgrade alpine from 3.11.12 to 3.11 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.11

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/8551f8e5fbeef485e86998635af245f6ed8dc00db5ca07d3a31456c1a39a07e1/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f6949784d6a4d34595452685a4330304e4751774c5451344d5759744f47457a597930784e44426c4e4459774e44646c4f5751694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a45794d7a68684e47466b4c5451305a4441744e4467785a69303459544e6a4c5445304d4755304e6a41304e3255355a434a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings flyteorg/flyteadmin

#459 [Snyk] Security upgrade alpine from 3.13.7 to 3.13 Pull request opened by snyk-bot Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. Changes included in this PR • boilerplate/flyte/golang_dockerfile/Dockerfile.GoTemplate We recommend upgrading to

alpine:3.13

, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: * * * Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs. For more information: https://camo.githubusercontent.com/0e7a048470396de0deb2932b829508ae5f2507d3fe74f70ed027c29e318c15fa/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f69493059545533597a566b4e69316d4e6a4a6b4c5451304f475974596d4e6b4e5330775a4751324f4451315a6d466c4e544d694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a52684e54646a4e5751324c5759324d6d51744e4451345a693169593251314c54426b5a4459344e44566d595755314d794a3966513d3d 🧐 View latest project report 🛠️ Adjust project settings * * * Learn how to fix vulnerabilities with free interactive lessons: 🦉 Learn about vulnerability in an interactive lesson of Snyk Learn. flyteorg/flyteadmin GitHub Actions: Build & Push Flyteadmin Image GitHub Actions: Build & Push Flytescheduler Image GitHub Actions: Goreleaser GitHub Actions: Bump Version GitHub Actions: Lint / Run Lint DCO: DCO ✅ 8 other checks have passed 8/14 successful checks