chore(deps): update go dependencies

[red-hat-konflux]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
chainguard.dev/sdk	require	patch	v0.1.50 → v0.1.54
cloud.google.com/go/iam	indirect	minor	v1.7.0 → v1.11.0
cloud.google.com/go/kms	indirect	minor	v1.27.0 → v1.31.0
cloud.google.com/go/longrunning	indirect	major	v0.9.0 → v1.0.0
cloud.google.com/go/security	require	minor	v1.20.0 → v1.24.0
github.com/Azure/azure-sdk-for-go/sdk/azcore	indirect	patch	v1.21.0 → v1.21.1
github.com/AzureAD/microsoft-authentication-library-for-go	indirect	patch	v1.7.1 → v1.7.2
github.com/aws/aws-sdk-go-v2	indirect	patch	v1.41.5 → v1.41.7
github.com/aws/aws-sdk-go-v2/config	indirect	patch	v1.32.14 → v1.32.17
github.com/aws/aws-sdk-go-v2/credentials	indirect	patch	v1.19.14 → v1.19.16
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	indirect	patch	v1.18.21 → v1.18.23
github.com/aws/aws-sdk-go-v2/internal/configsources	indirect	patch	v1.4.21 → v1.4.23
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	indirect	patch	v2.7.21 → v2.7.23
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding	indirect	patch	v1.13.7 → v1.13.9
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	indirect	patch	v1.13.21 → v1.13.23
github.com/aws/aws-sdk-go-v2/service/kms	indirect	minor	v1.50.4 → v1.51.1
github.com/aws/aws-sdk-go-v2/service/signin	indirect	patch	v1.0.9 → v1.0.11
github.com/aws/aws-sdk-go-v2/service/sso	indirect	patch	v1.30.15 → v1.30.17
github.com/aws/aws-sdk-go-v2/service/ssooidc	indirect	patch	v1.35.19 → v1.35.21
github.com/aws/aws-sdk-go-v2/service/sts	indirect	minor	v1.41.10 → v1.42.1
github.com/aws/smithy-go	indirect	minor	v1.24.3 → v1.25.1
github.com/cenkalti/backoff/v4	indirect	major	v4.3.0 → v5.0.3
github.com/coreos/go-oidc/v3	require	minor	v3.17.0 → v3.18.0
github.com/fsnotify/fsnotify	require	minor	v1.9.0 → v1.10.1
github.com/go-jose/go-jose/v3	indirect	major	v3.0.4 → v4.1.4
github.com/google/go-containerregistry	indirect	patch	v0.21.4 → v0.21.5
github.com/googleapis/enterprise-certificate-proxy	indirect	patch	v0.3.14 → v0.3.15
github.com/googleapis/gax-go/v2	indirect	minor	v2.21.0 → v2.22.0
github.com/grpc-ecosystem/go-grpc-middleware	require	major	v1.4.0 → v2.3.3
github.com/grpc-ecosystem/grpc-gateway/v2	require	minor	v2.28.0 → v2.29.0
github.com/hashicorp/hcl	indirect	major	v1.0.1-vault-7 → v2.24.0
github.com/letsencrypt/boulder	indirect	minor	v0.20260406.0 → v0.20260512.0
github.com/pelletier/go-toml/v2	indirect	patch	v2.3.0 → v2.3.1
github.com/secure-systems-lab/go-securesystemslib	indirect	minor	v0.10.0 → v0.11.0
github.com/tink-crypto/tink-go-awskms/v2	require	major	v2.1.0 → v3.0.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	indirect	minor	v0.67.0 → v0.68.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	indirect	minor	v0.67.0 → v0.68.0
go.step.sm/crypto	require	minor	v0.77.2 → v0.79.0
go.uber.org/zap	require	minor	v1.27.1 → v1.28.0
go.yaml.in/yaml/v2	indirect	major	v2.4.4 → v3.0.4
goa.design/goa/v3	require	minor	v3.25.3 → v3.26.0
golang.org/x/crypto	indirect	minor	v0.49.0 → v0.51.0
golang.org/x/net	indirect	minor	v0.52.0 → v0.54.0
golang.org/x/sys	indirect	minor	v0.42.0 → v0.44.0
golang.org/x/term	indirect	minor	v0.41.0 → v0.43.0
golang.org/x/text	indirect	minor	v0.35.0 → v0.37.0
google.golang.org/api	require	minor	v0.274.0 → v0.279.0
google.golang.org/genproto	indirect	digest	6f92a3b → 3700d41
google.golang.org/genproto/googleapis/api	require	digest	6f92a3b → 3700d41
google.golang.org/genproto/googleapis/rpc	indirect	digest	6f92a3b → 3700d41
google.golang.org/grpc	require	minor	v1.80.0 → v1.81.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

chainguard-dev/sdk (chainguard.dev/sdk)

v0.1.54

Compare Source

v0.1.53

Compare Source

Full Changelog: chainguard-dev/sdk@v0.1.52...v0.1.53

v0.1.52

Compare Source

Full Changelog: chainguard-dev/sdk@v0.1.51...v0.1.52

v0.1.51

Compare Source

Full Changelog: chainguard-dev/sdk@v0.1.50...v0.1.51

googleapis/google-cloud-go (cloud.google.com/go/longrunning)

v0.13.0

Compare Source

• bigquery: UseLegacySQL options for CreateTable and QueryConfig. Use these
  options to continue using Legacy SQL after the client switches its default
  to Standard SQL.

• bigquery: Support for updating dataset labels.

• bigquery: Set DatasetIterator.ProjectID to list datasets in a project other
  than the client's. DatasetsInProject is no longer needed and is deprecated.

• bigtable: Fail ListInstances when any zones fail.

• spanner: support decoding of slices of basic types (e.g. []string, []int64,
  etc.)

• logging/logadmin: UpdateSink no longer creates a sink if it is missing
  (actually a change to the underlying service, not the client)

• profiler: Service and ServiceVersion replace Target in Config.

v0.12.0

Compare Source

• pubsub: Subscription.Receive now uses streaming pull.

• pubsub: add Client.TopicInProject to access topics in a different project
  than the client.

• errors: renamed errorreporting. The errors package will be removed shortly.

• datastore: improved retry behavior.

• bigquery: support updates to dataset metadata, with etags.

• bigquery: add etag support to Table.Update (BREAKING: etag argument added).

• bigquery: generate all job IDs on the client.

• storage: support bucket lifecycle configurations.

v0.11.0

Compare Source

• Clients for spanner, pubsub and video are now in beta.

• New client for DLP.

• spanner: performance and testing improvements.

• storage: requester-pays buckets are supported.

• storage, profiler, bigtable, bigquery: bug fixes and other minor improvements.

• pubsub: bug fixes and other minor improvements

v0.10.0

Compare Source

• pubsub: Subscription.ModifyPushConfig replaced with Subscription.Update.

• pubsub: Subscription.Receive now runs concurrently for higher throughput.

• vision: cloud.google.com/go/vision is deprecated. Use
  cloud.google.com/go/vision/apiv1 instead.

• translation: now stable.

• trace: several changes to the surface. See the link below.

Code changes required from v0.9.0

• pubsub: Replace

  sub.ModifyPushConfig(ctx, pubsub.PushConfig{Endpoint: "https://example.com/push"})
  

  with

  sub.Update(ctx, pubsub.SubscriptionConfigToUpdate{
      PushConfig: &pubsub.PushConfig{Endpoint: "https://example.com/push"},
  })
  

• trace: traceGRPCServerInterceptor will be provided from *trace.Client.
  Given an initialized *trace.Client named tc, instead of

  s := grpc.NewServer(grpc.UnaryInterceptor(trace.GRPCServerInterceptor(tc)))
  

  write

  s := grpc.NewServer(grpc.UnaryInterceptor(tc.GRPCServerInterceptor()))
  

• trace trace.GRPCClientInterceptor will also provided from *trace.Client.
  Instead of

  conn, err := grpc.Dial(srv.Addr, grpc.WithUnaryInterceptor(trace.GRPCClientInterceptor()))
  

  write

  conn, err := grpc.Dial(srv.Addr, grpc.WithUnaryInterceptor(tc.GRPCClientInterceptor()))
  

• trace: We removed the deprecated trace.EnableGRPCTracing. Use the gRPC
  interceptor as a dial option as shown below when initializing Cloud package
  clients:

  c, err := pubsub.NewClient(ctx, "project-id", option.WithGRPCDialOption(grpc.WithUnaryInterceptor(tc.GRPCClientInterceptor())))
  if err != nil {
      ...
  }
  

AzureAD/microsoft-authentication-library-for-go (github.com/AzureAD/microsoft-authentication-library-for-go)

v1.7.2

Compare Source

What's Changed

• Adjust constants used in FMI tests by @​Avery-Dunn in #​608
• Update version to 1.7.1 by @​Avery-Dunn in #​607
• Add MSAL client metadata headers to IMDS managed identity requests by @​Copilot in #​611
• Disable gzip compression #​613 by @​4gust in #​616
• Update version.go by @​4gust in #​617

New Contributors

• @​Copilot made their first contribution in #​611

Full Changelog: AzureAD/microsoft-authentication-library-for-go@v1.7.1...v1.7.2

aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2)

v1.41.7

Compare Source

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/ecs: v1.41.7
  • Documentation: Documentation only update for Amazon ECS.
• github.com/aws/aws-sdk-go-v2/service/glue: v1.78.0
  • Feature: Adding View related fields to responses of read-only Table APIs.
• github.com/aws/aws-sdk-go-v2/service/ivschat: v1.12.5
  • Documentation: Doc-only update. Changed "Resources" to "Key Concepts" in docs and updated text.
• github.com/aws/aws-sdk-go-v2/service/rolesanywhere: v1.10.0
  • Feature: This release increases the limit on the roleArns request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs.
• github.com/aws/aws-sdk-go-v2/service/securityhub: v1.47.2
  • Documentation: Documentation updates for AWS Security Hub

v1.41.6

Compare Source

aws/smithy-go (github.com/aws/smithy-go)

v1.25.1

Compare Source

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.25.1
  • Bug Fix: Fixed a memory leak in the LRU cache implementation used by some AWS services.

v1.25.0

Compare Source

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.25.0
  • Feature: Add support for endpointBdd trait

cenkalti/backoff (github.com/cenkalti/backoff/v4)

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source

coreos/go-oidc (github.com/coreos/go-oidc/v3)

v3.18.0

Compare Source

What's Changed

• .github: configure dependabot by @​ericchiang in #​477
• .github: update go versions in CI by @​ericchiang in #​480
• build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.36.0 by @​dependabot[bot] in #​478
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by @​dependabot[bot] in #​479

Full Changelog: coreos/go-oidc@v3.17.0...v3.18.0

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.10.1

Compare Source

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#​754)

• inotify, windows: don't rename sibling watches sharing a path prefix
  (#​755)

v1.10.0

Compare Source

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#​731)

• inotify: send Rename event if recursive watch is renamed (#​696)

• inotify: avoid copying event buffers when reading names (#​741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#​748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#​740)

• windows: fix nil pointer dereference in remWatch (#​736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#​709, #​749)

go-jose/go-jose (github.com/go-jose/go-jose/v3)

v4.1.4

Compare Source

What's Changed

Fixes Panic in JWE decryption. See GHSA-78h2-9frx-2jm8

Full Changelog: go-jose/go-jose@v4.1.3...v4.1.4

v4.1.3

Compare Source

This release drops Go 1.23 support as that Go release is no longer supported. With that, we can drop x/crypto and no longer have any external dependencies in go-jose outside of the standard library!

This release fixes a bug where a critical b64 header was ignored if in an unprotected header. It is now rejected instead of ignored.

What's Changed

• Remove Go 1.23 support by @​mcpherrinm in #​205
• Reject JWS with an unprotected critical b64 header by @​mcpherrinm in #​210

Full Changelog: go-jose/go-jose@v4.1.2...v4.1.3

v4.1.2

Compare Source

What's Changed

go-jose v4.1.2 improves some documentation, errors, and removes the only 3rd-party dependency.

• Update go-jose documentation by @​mcpherrinm in #​198
• Remove dependency on testify by @​wardviaene in #​197
• Improve error message for invalid private keys by @​ProjectMutilation in #​195
• JWK unsupported error when unmarshalling by @​fprojetto in #​191
• Add JSONWebKey type to makeJWERecipient by @​alvarolivie in #​200
• testutils/assert: remove True, Nil, NotNil by @​jsha in #​202

New Contributors

• @​wardviaene made their first contribution in #​197
• @​fprojetto made their first contribution in #​191
• @​alvarolivie made their first contribution in #​200

Full Changelog: go-jose/go-jose@v4.1.1...v4.1.2

v4.1.1

Compare Source

What's Changed

• Drop go-cmp dependency by @​mcpherrinm in #​186
• jws: improve performance and allocations for ParseSignedCompact by @​drakkan in #​188
• Add missing quote to unknown curve message #​170 by @​sudhanvaghebbale in #​189
• Fix incorrect validation by @​ProjectMutilation in #​192
• Restore Go 1.23 compatibility by @​anuraaga in #​193

New Contributors

• @​drakkan made their first contribution in #​188
• @​sudhanvaghebbale made their first contribution in #​189
• @​ProjectMutilation made their first contribution in #​192
• @​anuraaga made their first contribution in #​193

Full Changelog: go-jose/go-jose@v4.1.0...v4.1.1

v4.1.0

Compare Source

What's Changed

• Document signatureAlgorithms argument by @​tgeoghegan in #​163
• Add custom error for unsupported JWS signature algorithms by @​beautifulentropy in #​181
• use stdlib pbkdf2 package on go 1.24 by @​kruskall in #​180
• The minimum supported Go version is now 1.24

New Contributors

• @​kruskall made their first contribution in #​180

Full Changelog: go-jose/go-jose@v4.0.5...v4.1.0

v4.0.5

Compare Source

What's Changed

• Don't allow unbounded amounts of splits by @​mcpherrinm in #​167

Fixes GHSA-c6gw-w398-hv78

Various other dependency updates, small fixes, and documentation updates in the full changelog

New Contributors

• @​tgeoghegan made their first contribution in #​161

Full Changelog: go-jose/go-jose@v4.0.4...v4.0.5

v4.0.4: Version 4.0.4

Compare Source

Fixed

• Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #​136 / #​137.

v4.0.3: Version 4.0.3

Compare Source

Changed

• Allow unmarshalling JSONWebKeySets with unsupported key types (#​130)
• Document that OpaqueKeyEncrypter can't be implemented (for now) (#​129)
• Dependency updates

v4.0.2: Version 4.0.2

Compare Source

What's Changed

• Improved documentation of Verify() to note that JSONWebKeySet is a supported argument type
• Defined exported error values for missing x5c header and unsupported elliptic curves error cases

New Contributors

• @​mitar made their first contribution in #​104
• @​milosgajdos made their first contribution in #​117

Full Changelog: go-jose/go-jose@v4.0.1...v4.0.2

v4.0.1: Version 4.0.1

Compare Source

Fixed

• An attacker could send a JWE containing compressed data that used large
  amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
  Those functions now return an error if the decompressed data would exceed
  250kB or 10x the compressed size (whichever is larger). Thanks to
  Enze Wang@​Alioth and Jianjun Chen@​Zhongguancun Lab (@​zer0yu and @​chenjj)
  for reporting.

v4.0.0: Version 4.0.0

Compare Source

This release makes some breaking changes in order to more thoroughly address the vulnerabilities discussed in Three New Attacks Against JSON Web Tokens, "Sign/encrypt confusion", "Billion hash attack", and "Polyglot token".

Changed

• Limit JWT encryption types (exclude password or public key types) (#​78)
• Enforce minimum length for HMAC keys (#​85)
• jwt: match any audience in a list, rather than requiring all audiences (#​81)
• jwt: accept only Compact Serialization (#​75)
• jws: Add expected algorithms for signatures (#​74)
• Require specifying expected algorithms for ParseEncrypted,
  ParseSigned, ParseDetached, jwt.ParseEncrypted, jwt.ParseSigned,
  jwt.ParseSignedAndEncrypted (#​69, #​74)
  • Usually there is a small, known set of appropriate algorithms for a program to use and it's a mistake to allow unexpected algorithms. For instance the "billion hash attack" relies in part on programs accepting the PBES2 encryption algorithm and doing the necessary work even if they weren't specifically configured to allow PBES2.
• Revert "Strip padding off base64 strings" (#​82)
• The specs require base64url encoding without padding.
• Minimum supported Go version is now 1.21

Added

• ParseSignedCompact, ParseSignedJSON, ParseEncryptedCompact, ParseEncryptedJSON.
  • These allow parsing a specific serialization, as opposed to ParseSigned and ParseEncrypted, which try to automatically detect which serialization was provided. It's common to require a specific serialization for a specific protocol - for instance JWT requires Compact serialization.

v3.0.5

Compare Source

What's Changed

Fixes GHSA-78h2-9frx-2jm8

We recommend migrating from v3 to v4, and we will stop support v3 in the near future.

Full Changelog: go-jose/go-jose@v3.0.4...v3.0.5

google/go-containerregistry (github.com/google/go-containerregistry)

v0.21.5

Compare Source

What's Changed

• Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 by @​thaJeztah in #​2254
• update to Go 1.26.2 by @​thaJeztah in #​2255
• Bump aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0 in the actions group across 1 directory by @​dependabot[bot] in #​2257
• build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps group across 1 directory by @​dependabot[bot] in #​2260

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

googleapis/enterprise-certificate-proxy (github.com/googleapis/enterprise-certificate-proxy)

v0.3.15

Compare Source

What's Changed

• chore: Update version.txt to 0.3.15 by @​nolanleastin in #​192

Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.14...v0.3.15

googleapis/gax-go (github.com/googleapis/gax-go/v2)

v2.22.0: v2: v2.22.0

Compare Source

v2.22.0 (2026-04-14)

grpc-ecosystem/go-grpc-middleware (github.com/grpc-ecosystem/go-grpc-middleware)

v2.3.3

Compare Source

What's Changed

• add WithLabelsFromContext prometheus interceptor option by @​benjibuiltit in #​758
• fix: correct comment typo in StreamServerInterceptor function by @​haru-256 in #​760
• Minor refactor to remove duplication by @​nwnt in #​761
• chore: migrate golangci-lint to v2.3.0 by @​mmorel-35 in #​765
• chore: enable misspell linter with golangci-lint by @​mmorel-35 in #​768
• chore: enable errorlint by @​mmorel-35 in #​774
• chore: update buf to v1.55.1 by @​mmorel-35 in #​767
• chore: update dependabot configuration for gomod and github-actions by @​mmorel-35 in #​775
• chore: enable testifylint linter by @​mmorel-35 in #​769
• chore: enable several rules from go-critic by @​mmorel-35 in #​766
• chore: enable several rules from govet by @​mmorel-35 in #​773
• chore: enable contextcheck and fatcontext linters by @​mmorel-35 in #​770
• chore: enable usestdlibvars linter by @​mmorel-35 in #​772
• chore: enable promlinter linter by @​mmorel-35 in #​771
• chore: enable usetesting linter by @​mmorel-35 in #​784
• build(deps): bump google.golang.org/grpc from 1.67.1 to 1.74.2 by @​mmorel-35 in #​785
• chore: enable hugeParam rule from go-critic by @​mmorel-35 in #​786
• chore: use actions/setup-go native cache by @​mmorel-35 in #​787
• fix(#​794): Wrapping codes.OK should not cause panic by @​floppyzedolfin in #​795
• feat(prometheus): add ContextLabels to ClientMetrics by @​ArtARTs36 in #​798
• fix(ci): tidy module before linting by @​manute in #​808
• [Prometheus] Fix pre-registration of handled metrics with context labels by @​t-bowcock in #​810
• avoid unnecessary logging field creation when payload logging is disabled by @​dbeneker in #​809

New Contributors

• @​benjibuiltit made their first contribution in #​758
• @​haru-256 made their first contribution in #​760
• @​nwnt made their first contribution in #​761
• @​mmorel-35 made their first contribution in #​765
• @​floppyzedolfin made their first contribution in #​795
• @​ArtARTs36 made their first contribution in #​798
• @​manute made their first contribution in #​808
• @​t-bowcock made their first contribution in #​810
• @​dbeneker made their first contribution in #​809

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.3.2...v2.3.3

v2.3.2

Compare Source

What's Changed

• chore: fix some typos by @​dockercui in #​755
• update module for protovalidate by @​calmh in #​757

New Contributors

• @​dockercui made their first contribution in #​755
• @​calmh made their first contribution in #​757

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.3.1...v2.3.2

v2.3.1

Compare Source

What's Changed

• Return uint64 from exponentBase2 function by @​fesiqueira in #​753
• add build tag to disable tracing by @​rashmi-tondare in #​754

New Contributors

• @​fesiqueira made their first contribution in #​753
• @​rashmi-tondare made their first contribution in #​754

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.3.0...v2.3.1

v2.3.0

Compare Source

What's Changed

• logging: add AddFields by @​kindermoumoute in #​739
• logging: store the propagated context in the reporter by @​kindermoumoute in #​740
• Add skip_healthchecks logging example by @​bkane-msft in #​742
• grpc_retry backoff overflow by @​JacobSMoller in #​747
• defer cancel() leaks memory by @​JacobSMoller in #​748
• protovalidate: support new protovalidate-go Validator interface by @​zchee in #​746

New Contributors

• @​bkane-msft made their first contribution in #​742
• @​JacobSMoller made their first contribution in #​747
• @​zchee made their first contribution in #​746

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.2.0...v2.3.0

v2.2.0

Compare Source

What's Changed

• Call retry callback on retry by @​fredr in #​700
• interceptors: Update logging interceptor Reporter to re-extract fields from context before logging by @​chancez in #​702
• logging: Document correct WithFieldsFromContext/WithFieldsFromContextAndCallMeta usage by @​chancez in #​703
• Include error details in protovalidate responses by @​akshayjshah in #​714
• protovalidate: avoid pointer comparisons by @​akshayjshah in #​715
• Support for namespace in grpc prometheus counter and histogram metrics by @​hyungi in #​718
• Protovalidate interceptor cleanup, Go version bump by @​ash2k in #​721
• Use ValueFromIncomingContext() to reduce allocations and copying by @​ash2k in #​723
• Update examples to the latest otelgrpc API by @​nmittler in #​729
• Fix grpc middleware interceptor not PostCall-ing when a streaming RPC with non-streaming server finishes successfully. by @​alexandrupitis1 in #​725
• x-retry-attempt to StreamClientInterceptor by @​Boklazhenko in #​733
• logging: add WithErrorFields by @​kindermoumoute in #​734
• example: use slog instead of go-kit by @​kindermoumoute in #​735

New Contributors

• @​fredr made their first contribution in #​700
• @​marefr made their first contribution in #​706
• @​akshayjshah made their first contribution in #​714
• @​hyungi made their first contribution in #​718
• @​nmittler made their first contribution in #​729
• @​alexandrupitis1 made their first contribution in #​725
• @​Boklazhenko made their first contribution in #​733
• @​kindermoumoute made their first contribution in #​734

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.1.0...v2.2.0

v2.1.0

Compare Source

What's Changed

• Support for subsystem in grpc prometheus counter and histogram metrics by @​rohsaini in #​643
• doc: update client interceptors chaining example with grpc functions by @​dethi in #​669
• adds fields from durationFieldFunc to request/response log entries by @​vroldanbet in #​670
• add doc for disabling log opts by @​coleenquadros in #​680
• Middleware for determining the real ip of the client by @​MadsRC in #​682
• protovalidate: add option to ignore certain message types by @​igor-tsiglyar in #​684
• Update README.md by @​zeroboo in #​688
• Fix InitializeMetrics signature to allow use with xds.GRPCServer by @​bozaro in #​689
• Support retriable func condition by @​tamayika in #​687
• Extend realip parsing of GRPC peer address to handle IPv6 by @​surik in #​692
• Fix logging Example : log only first field by @​arckadious in #​694
• Extent realip interceptors with ip selection based on proxy count and list by @​surik in #​695
• Fix for vulnerability CVE-2023-44487 by @​vkaushik in #​696

New Contributors

• @​rohsaini made their first contribution in #​643
• @​dethi made their first contribution in #​669
• @​vroldanbet made their first contribution in #​670
• @​MadsRC made their first contribution in #​682
• @​igor-tsiglyar made their first contribution in #​684
• @​zeroboo made their first contribution in #​688
• @​bozaro made their first contribution in #​689
• @​tamayika made their first contribution in #​687
• @​surik made their first contribution in #​692
• @​arckadious made their first contribution in #​694
• @​vkaushik made their first contribution in #​696

Full Changelog: grpc-ecosystem/go-grpc-middleware@v2.0.1...v2.1.0

v2.0.1

Compare Source

What's Changed

• Fix outdated 'make proto' command by @​takp in #​623
• Fix linting errors by @​takp in #​624
• Logging: Add missing variadic operator for fields by @​olivierlemasle in #​629
• feat: Support extracting fields from CallMeta by @​fsaintjacques in #​628
• Fix "make test" and "make lint" by @​olivierlemasle in [#​627](https://redirect.github.com/grpc-ecosystem/go-grpc-middlewar

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[red-hat-konflux]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 13 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.25.6 -> 1.26.0
github.com/coreos/go-oidc/v3	v3.17.0 -> v3.18.0
google.golang.org/grpc	v1.80.0 -> v1.81.0
cloud.google.com/go/kms	v1.27.0 -> v1.31.0
github.com/aws/aws-sdk-go-v2	v1.41.5 -> v1.41.7
github.com/aws/aws-sdk-go-v2/config	v1.32.14 -> v1.32.17
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.7.21 -> v2.7.23
github.com/aws/aws-sdk-go-v2/service/kms	v1.50.4 -> v1.51.1
github.com/aws/aws-sdk-go-v2/service/sso	v1.30.15 -> v1.30.17
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.35.19 -> v1.35.21
github.com/aws/aws-sdk-go-v2/service/sts	v1.41.10 -> v1.42.1
github.com/aws/smithy-go	v1.24.3 -> v1.25.1
github.com/go-jose/go-jose/v3	v3.0.4 -> v3.0.5
github.com/googleapis/gax-go/v2	v2.21.0 -> v2.22.0

[red-hat-konflux]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go mod tidy
go: downloading github.com/tink-crypto/tink-go-awskms/v3 v3.0.0
go: downloading go.uber.org/goleak v1.3.0
go: downloading github.com/go-rod/rod v0.116.2
go: downloading gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
go: downloading github.com/klauspost/compress v1.18.5
go: downloading github.com/frankban/quicktest v1.14.6
go: downloading go.opentelemetry.io/otel/sdk/metric v1.43.0
go: downloading github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.2
go: downloading github.com/go-test/deep v1.1.1
go: downloading github.com/hashicorp/go-hclog v1.6.3
go: downloading github.com/ysmood/goob v0.4.0
go: downloading github.com/ysmood/got v0.40.0
go: downloading github.com/ysmood/gson v0.7.3
go: downloading github.com/ysmood/fetchup v0.2.3
go: downloading github.com/ysmood/leakless v0.9.0
go: downloading github.com/kr/pretty v0.3.1
go: downloading github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1
go: downloading github.com/fatih/color v1.18.0
go: downloading github.com/mattn/go-colorable v0.1.14
go: downloading github.com/mattn/go-isatty v0.0.20
go: downloading github.com/jmhodges/clock v1.2.0
go: downloading github.com/kr/text v0.2.0
go: downloading github.com/rogpeppe/go-internal v1.14.1
go: downloading gonum.org/v1/gonum v0.17.0
go: downloading github.com/envoyproxy/go-control-plane/envoy v1.37.0
go: downloading github.com/keybase/go-keychain v0.0.1
go: downloading github.com/envoyproxy/go-control-plane v0.14.0
go: downloading github.com/cncf/xds/go v0.0.0-20260202195803-dba9d589def2
go: downloading github.com/envoyproxy/protoc-gen-validate v1.3.3
go: downloading github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10
go: finding module for package github.com/grpc-ecosystem/go-grpc-middleware/v2/recovery
go: finding module for package github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap
go: finding module for package github.com/grpc-ecosystem/go-grpc-middleware/v2/retry
go: finding module for package github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap/ctxzap
go: github.com/sigstore/fulcio/cmd/app imports
	github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap: module github.com/grpc-ecosystem/go-grpc-middleware/v2@latest found (v2.3.3), but does not contain package github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap
go: github.com/sigstore/fulcio/cmd/app imports
	github.com/grpc-ecosystem/go-grpc-middleware/v2/recovery: module github.com/grpc-ecosystem/go-grpc-middleware/v2@latest found (v2.3.3), but does not contain package github.com/grpc-ecosystem/go-grpc-middleware/v2/recovery
go: github.com/sigstore/fulcio/cmd/app imports
	github.com/grpc-ecosystem/go-grpc-middleware/v2/retry: module github.com/grpc-ecosystem/go-grpc-middleware/v2@latest found (v2.3.3), but does not contain package github.com/grpc-ecosystem/go-grpc-middleware/v2/retry
go: github.com/sigstore/fulcio/pkg/log imports
	github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap/ctxzap: module github.com/grpc-ecosystem/go-grpc-middleware/v2@latest found (v2.3.3), but does not contain package github.com/grpc-ecosystem/go-grpc-middleware/v2/logging/zap/ctxzap