Skip to content

fix(deps): bump the external group across 1 directory with 5 updates#3067

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/sdk/external-a3278432ac
Open

fix(deps): bump the external group across 1 directory with 5 updates#3067
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/sdk/external-a3278432ac

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 9, 2026
edited
Loading

Bumps the external group with 4 updates in the /sdk directory: golang.org/x/oauth2, golang.org/x/text, google.golang.org/grpc and google.golang.org/protobuf.

Updates golang.org/x/oauth2 from 0.34.0 to 0.35.0

Commits

Updates golang.org/x/text from 0.32.0 to 0.34.0

Commits
  • 817fba9 go.mod: update golang.org/x dependencies
  • 3264de9 all: clean up old Go hacks
  • 74af298 all: fix tags in remaining Unicode tables
  • 117e03b all: delete old Unicode tables
  • 9463ea4 all: update to Unicode 17
  • 7278b25 internal/export/idna: update for post-Unicode 10 idna changes
  • f964ad8 internal/export/idna: delete old code
  • 678d34e unicode/norm: preserve QC Maybe bit in packed forminfo
  • 536231a go.mod: update golang.org/x dependencies
  • See full diff in compare view

Updates golang.org/x/tools from 0.39.0 to 0.41.0

Commits
  • 2ad2b30 go.mod: update golang.org/x dependencies
  • 5832cce internal/diff/lcs: introduce line diffs
  • 67c4257 gopls/internal/golang: Definition: fix Windows bug wrt //go:embed
  • 12c1f04 gopls/completion: check Selection invariant
  • 6d87185 internal/server: add vulncheck scanning after vulncheck prompt
  • 0c3a1fe go/ast/inspector: FindByPos returns the first innermost node
  • ca281cf go/analysis/passes/ctrlflow: add noreturn funcs from popular pkgs
  • 09c21a9 gopls/internal/analysis/unusedfunc: remove warnings for unused enum consts
  • 03cb455 internal/modindex: suppress missing modcacheindex message
  • 15d13e8 gopls/internal/util/typesutil: refine EnclosingSignature bug.Report
  • Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.77.0 to 1.78.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.78.0

Behavior Changes

  • client: Align URL validation with Go 1.26+ to now reject target URLs with unbracketed colons in the hostname. (#8716)
  • transport/client : Return status code Unknown on malformed grpc-status. (#8735)
    • xds/resolver:
  • Drop previous route resources and report an error when no matching virtual host is found.
  • Only log LDS/RDS configuration errors following a successful update and retain the last valid resource to prevent transient failures. (#8711)

New Features

  • stats/otel: Add backend service label to weighted round robin metrics as part of A89. (#8737)
  • stats/otel: Add subchannel metrics (without the disconnection reason) to eventually replace the pickfirst metrics. (#8738)
  • client: Wait for all pending goroutines to complete when closing a graceful switch balancer. (#8746)
  • client: Add experimental.AcceptCompressors so callers can restrict the grpc-accept-encoding header advertised for a call. (#8718)

Bug Fixes

  • xds: Fix a bug in StringMatcher where regexes would match incorrectly when ignore_case is set to true. (#8723)
  • client:
    • Change connectivity state to CONNECTING when creating the name resolver (as part of exiting IDLE).
    • Change connectivity state to TRANSIENT_FAILURE if name resolver creation fails (as part of exiting IDLE).
    • Change connectivity state to IDLE after idle timeout expires even when current state is TRANSIENT_FAILURE.
    • Fix a bug that resulted in OnFinish call option not being invoked for RPCs where stream creation failed. (#8710)
  • xdsclient: Fix a race in the xdsClient that could lead to resource-not-found errors. (#8627)

Performance Improvements

  • mem: Round up to nearest 4KiB for pool allocations larger than 1MiB. (#8705)
Commits
  • 9df039e Change version to 1.78.0 (#8761)
  • 9b990b6 gracefulswitch: Wait for all goroutines on close (#8746)
  • 6677d9a xds: Fixing a typo (#8760)
  • d35cedd xds/resolver: pass route's auto_host_rewrite to LB picker (gRFC A81) (#8740)
  • d931fdc client: allow overriding grpc-accept-encoding header (#8718)
  • 0800ec7 xds/clusterimpl: update TestChildPolicyChangeOnConfigUpdate to use custom lb ...
  • 6553ea1 stats/otel: Add subchannel metrics (A94) (#8738)
  • 81a00ce grpc: Fixing spelling typo (#8756)
  • e413838 client: Change connectivity state to CONNECTING when creating the name resolv...
  • f9d2bdb stats/otel: Add grpc.lb.backend_service label to wrr metrics (A89) (#8737)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.10 to 1.36.11

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 9, 2026
@dependabot dependabot bot requested review from a team as code owners February 9, 2026 21:12
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 9, 2026
@github-actions github-actions bot added comp:sdk A software development kit, including library, for client applications and inter-service communicati size/s labels Feb 9, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 9, 2026

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 174.625999ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 80.871878ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 380.206852ms
Throughput 263.01 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 38.607237718s
Average Latency 384.580604ms
Throughput 129.51 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Feb 9, 2026

X-Test Results

opentdfplatformVO2GAJ.dockerbuild
cukes-report
✅ js-pull-3067
✅ js-v0.9.0
✅ java-v0.9.0
✅ java-pull-3067
bats-test-results
✅ go-pull-3067
✅ go-v0.9.0

@dependabot dependabot bot force-pushed the dependabot/go_modules/sdk/external-a3278432ac branch from 01bb3e9 to dfa3611 Compare February 11, 2026 17:54
@github-actions
Copy link
Contributor

github-actions bot commented Feb 11, 2026

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 195.248033ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 96.686501ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 410.135419ms
Throughput 243.82 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.034179642s
Average Latency 387.954558ms
Throughput 128.09 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Feb 11, 2026

X-Test Results

opentdfplatformNXS11Q.dockerbuild
cukes-report
✅ js-v0.9.0
✅ js-pull-3067
✅ java-v0.9.0
✅ java-pull-3067
✅ go-v0.9.0
bats-test-results
✅ go-pull-3067

@dependabot dependabot bot force-pushed the dependabot/go_modules/sdk/external-a3278432ac branch from dfa3611 to b06cc18 Compare February 12, 2026 17:58
@github-actions
Copy link
Contributor

github-actions bot commented Feb 12, 2026

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 182.86062ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 96.064699ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 368.393499ms
Throughput 271.45 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 39.799067763s
Average Latency 395.903515ms
Throughput 125.63 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Feb 12, 2026

X-Test Results

opentdfplatformOJ2VNI.dockerbuild
cukes-report
✅ js-pull-3067
✅ js-v0.9.0
✅ java-pull-3067
✅ java-v0.9.0
✅ go-v0.9.0
bats-test-results
✅ go-pull-3067

@dependabot
fix(deps): bump the external group across 1 directory with 5 updates
3172e4e 
Bumps the external group with 4 updates in the /sdk directory: [golang.org/x/oauth2](https://github.com/golang/oauth2), [golang.org/x/text](https://github.com/golang/text), [google.golang.org/grpc](https://github.com/grpc/grpc-go) and google.golang.org/protobuf.


Updates `golang.org/x/oauth2` from 0.34.0 to 0.35.0
- [Commits](golang/oauth2@v0.34.0...v0.35.0)

Updates `golang.org/x/text` from 0.32.0 to 0.34.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.32.0...v0.34.0)

Updates `golang.org/x/tools` from 0.39.0 to 0.41.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.39.0...v0.41.0)

Updates `google.golang.org/grpc` from 1.77.0 to 1.78.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.77.0...v1.78.0)

Updates `google.golang.org/protobuf` from 1.36.10 to 1.36.11

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: external
- dependency-name: golang.org/x/text
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: external
- dependency-name: golang.org/x/tools
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: external
- dependency-name: google.golang.org/grpc
  dependency-version: 1.78.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: external
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: external
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/sdk/external-a3278432ac branch from b06cc18 to 3172e4e Compare February 13, 2026 17:54
@github-actions
Copy link
Contributor

github-actions bot commented Feb 13, 2026

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 147.41147ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 75.311725ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 364.913322ms
Throughput 274.04 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 37.99697047s
Average Latency 378.752422ms
Throughput 131.59 requests/second

@github-actions
Copy link
Contributor

github-actions bot commented Feb 13, 2026

X-Test Results

opentdfplatformTH5HGF.dockerbuild
cukes-report
✅ js-pull-3067
✅ js-v0.9.0
✅ java-pull-3067
✅ java-v0.9.0
✅ go-pull-3067
bats-test-results
✅ go-v0.9.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

comp:sdk A software development kit, including library, for client applications and inter-service communicati dependencies Pull requests that update a dependency file go Pull requests that update Go code size/s

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants