Various low-stakes dependency updates #27119
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As discussed with @peteski22 , a PR that hopefully goes towards keeping our dependencies a little better up to date.
I thought I'd start by getting a lot of smaller low-stakes upgrades. I kept it to minor versions, small jumps, and stuff that doesn't touch anything we don't have automated tests for. Doing each of these as single PRs seemed painful, so I thought I'd get (most of?) the easy stuff in one go.
Below is a list of all of the dependencies I upgraded.
Direct:
cloud.google.com/go/monitoring
cloud.google.com/go/spanner
cloud.google.com/go/storage
github.com/Azure/azure-sdk-for-go/sdk/azcore
github.com/Azure/azure-sdk-for-go/sdk/azidentity
github.com/fatih/color
github.com/hashicorp/cap/ldap
github.com/hashicorp/consul/api
github.com/hashicorp/eventlogger
github.com/jefferai/jsonx
github.com/klauspost/compress
github.com/pires/go-proxyproto
golang.org/x/tools
nhooyr.io/websocket
Indirect:
github.com/ulikunitz/xz to v0.5.11 (GoLand reported that
v0.5.10
had a vulnerability)