Skip to content

Bump the "everything" group with 2 updates across multiple ecosystems #526

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the "everything" group with 2 updates across multiple ecosystems #526

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the everything group with 8 updates:

Package From To
cloud.google.com/go/pubsub/v2 2.1.0 2.3.0
github.com/Depado/ginprom 1.8.1 1.8.2
github.com/gin-contrib/gzip 1.2.3 1.2.5
github.com/grpc-ecosystem/grpc-gateway/v2 2.27.2 2.27.3
google.golang.org/api 0.251.0 0.254.0
google.golang.org/grpc 1.75.1 1.76.0
google.golang.org/protobuf 1.36.9 1.36.10
modernc.org/sqlite 1.39.0 1.39.1

Updates cloud.google.com/go/pubsub/v2 from 2.1.0 to 2.3.0

Release notes

Sourced from cloud.google.com/go/pubsub/v2's releases.

pubsub/v2 2.3.0

2.3.0 (2025-10-22)

Features

  • Annotate some resource fields with their corresponding API types (PiperOrigin-RevId: 820071518) (0241a9ca)

  • Add tags to Subscription, Topic, and CreateSnapshotRequest messages for use in CreateSubscription, CreateTopic, and CreateSnapshot requests respectively (PiperOrigin-RevId: 820071518) (0241a9ca)

  • Add AwsKinesisFailureReason.ApiViolationReason (PiperOrigin-RevId: 820071518) (0241a9ca)

Documentation

  • A comment for field received_messages in message .google.pubsub.v1.StreamingPullResponse is changed (PiperOrigin-RevId: 820071518) (0241a9ca)

pubsub: v2.2.1

2.2.1 (2025-10-14)

Bug Fixes

  • pubsub/v2: Avoid Receive hang on context cancellation (#13114) (e7e169d)
  • pubsub/v2: Upgrade gRPC service registration func (8fffca2)

pubsub: v2.2.0

2.2.0 (2025-10-03)

Features

  • pubsub/v2: Support the protocol version in StreamingPullRequest (#12985) (4e8c9d5)

Bug Fixes

  • pubsub/v2: Respect ShutdownBehavior when handling timeout (#13021) (0135d93)
Commits
  • ce28733 chore: librarian release pull request: 20251022T091541Z (#13208)
  • f46efe4 chore: librarian generate pull request: 20251022T070900Z (#13202)
  • 0be6af3 feat(librariangen): first part of implementing configure (#12944)
  • 7a85df3 fix(internal/gapicgen): handle deleted files in git history (#13200)
  • 72b969c test(storage): add nil attrs retry tests (#13168)
  • 60ba77e fix(internal/gapicgen): skip empty file paths in gatherChanges (#13198)
  • 6118f02 chore: remove global allowlist file in Librarian config (#13191)
  • e80b659 feat: add delete_generation_output_paths to repo-config.yaml (#13186)
  • 4209188 feat(internal/gapicgen): fix genbot PR descriptions (#13189)
  • 88a4d65 chore: migrate firestore and datastore modules to Librarian (#13056)
  • Additional commits viewable in compare view

Updates github.com/Depado/ginprom from 1.8.1 to 1.8.2

Release notes

Sourced from github.com/Depado/ginprom's releases.

v1.8.2

What's Changed

New Contributors

Full Changelog: depado/ginprom@v1.8.1...v1.8.2

Commits
  • 51498ff feat: Add native histogram support (#131)
  • 0b35444 fix(ci): permissions are redundant
  • 4a0b73e chore(ci): fix permissions for pull request comments
  • 3c29236 chore(deps): update dependency go to v1.25.2 (#132)
  • 2c9360d fix(deps): update module github.com/gin-gonic/gin to v1.11.0 (#130)
  • d835e1f feat(ci): switch to reusable workflows
  • 1234c9d fix(deps): update module github.com/prometheus/client_golang to v1.23.2 (#128)
  • b50922a chore(deps): update dependency go to v1.25.1 (#127)
  • 4358587 fix(deps): update module github.com/stretchr/testify to v1.11.1 (#126)
  • 93776e9 chore(deps): update dependency go to v1.25.0 (#124)
  • Additional commits viewable in compare view

Updates github.com/gin-contrib/gzip from 1.2.3 to 1.2.5

Release notes

Sourced from github.com/gin-contrib/gzip's releases.

v1.2.5

Changelog

Bug fixes

  • ff4cafa248cbdda63d164635ce13bd5cc65eaf62: fix(header): static file error gzip header handling and add tests (#123) (@​appleboy)
  • 9e2912be47f3fea493c0885a4163cc1e0de63df1: fix(body): avoid double gzip compression in response middleware (#124) (@​appleboy)

Enhancements

  • 18052f1101f0ab6bb3e435c51c3e4ef1f0dacbad: chore(deps): bump github/codeql-action from 3 to 4 (#121) (@​dependabot[bot])

v1.2.4

Changelog

Bug fixes

  • 4c0c3531574e2911ba304a1a7de85f74d4683c73: fix(header): disable gzip compression for error responses (#120) (@​appleboy)

Enhancements

  • 8f25d09bbd45f586128b6a2e1b05f465a8dfec44: chore: update Go version and refresh dependencies (@​appleboy)
  • c41b389e172267603f0cf452981c8c43b335b584: chore: upgrade Go version and refresh dependencies (@​appleboy)

Build process updates

  • ef1d76af69a69ac6674ed2353ddfafe5d3c9ff54: ci: integrate Trivy vulnerability scanning into CI workflow (@​appleboy)
  • 5328e46719048209fa37113fc83b45c5da74ac7b: ci: update CI to test against Go 1.25 (@​appleboy)
  • 05c6a0dc97ba02fa761283194212ddb07b8acc57: ci: drop Go 1.23 support from CI test matrix (@​appleboy)
  • da07e65db2a5c1a679d6904ffacc5fc488562863: ci: modernize GitHub Actions and update workflow dependencies (@​appleboy)
  • 218712ef248d02c654f31890f7df89bf2147548c: ci: upgrade Go action version in CI workflow (@​appleboy)
Commits
  • 18052f1 chore(deps): bump github/codeql-action from 3 to 4 (#121)
  • 9e2912b fix(body): avoid double gzip compression in response middleware (#124)
  • ff4cafa fix(header): static file error gzip header handling and add tests (#123)
  • 218712e ci: upgrade Go action version in CI workflow
  • da07e65 ci: modernize GitHub Actions and update workflow dependencies
  • 4c0c353 fix(header): disable gzip compression for error responses (#120)
  • 05c6a0d ci: drop Go 1.23 support from CI test matrix
  • c41b389 chore: upgrade Go version and refresh dependencies
  • 8f25d09 chore: update Go version and refresh dependencies
  • 5328e46 ci: update CI to test against Go 1.25
  • Additional commits viewable in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.2 to 2.27.3

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.27.3

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.2...v2.27.3

Commits
  • ab243ac chore(deps): update googleapis digest to 9070e63 (#5970)
  • 30abf93 fix(deps): update module google.golang.org/protobuf to v1.36.10 (#5969)
  • b73048f chore(deps): update dependency bazel to v8.4.2 (#5968)
  • 95f123b chore(deps): update googleapis digest to 3990e05 (#5967)
  • fb9da67 chore(deps): update googleapis digest to 063f9e1 (#5966)
  • 208372a chore(deps): update googleapis digest to e78280f (#5965)
  • 1a315aa fix(deps): update google.golang.org/genproto/googleapis/api digest to 57b25ae...
  • b862f0b fix(deps): update google.golang.org/genproto/googleapis/rpc digest to 57b25ae...
  • e6cdbc7 chore(deps): update googleapis digest to eab82ec (#5962)
  • 7fefac0 chore(deps): update googleapis digest to a4ded73 (#5961)
  • Additional commits viewable in compare view

Updates google.golang.org/api from 0.251.0 to 0.254.0

Release notes

Sourced from google.golang.org/api's releases.

v0.254.0

0.254.0 (2025-10-28)

Features

v0.253.0

0.253.0 (2025-10-22)

Features

v0.252.0

0.252.0 (2025-10-07)

Features

Changelog

Sourced from google.golang.org/api's changelog.

0.254.0 (2025-10-28)

Features

0.253.0 (2025-10-22)

Features

0.252.0 (2025-10-07)

Features

Commits

Updates google.golang.org/grpc from 1.75.1 to 1.76.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.76.0

Dependencies

Bug Fixes

  • client: Return status INTERNAL when a server sends zero response messages for a unary or client-streaming RPC. (#8523)
  • client: Fail RPCs with status INTERNAL instead of UNKNOWN upon receiving http headers with status 1xx and END_STREAM flag set. (#8518)
  • pick_first: Fix race condition that could cause pick_first to get stuck in IDLE state on backend address change. (#8615)

New Features

  • credentials: Add credentials/jwt package providing file-based JWT PerRPCCredentials (A97). (#8431)

Performance Improvements

  • client: Improve HTTP/2 header size estimate to reduce re-allocations. (#8547)
  • encoding/proto: Avoid redundant message size calculation when marshaling. (#8569)
Commits
  • d96c2ef Change version to 1.76.0 (#8584)
  • 79c553c Cherry pick #8610, #8615 to v1.76.x (#8621)
  • 0513350 client: minor improvements to log messages (#8564)
  • ebaf486 credentials: implement file-based JWT Call Credentials (part 1 for A97) (#8431)
  • ca78c90 xds/resolver_test: fix flaky test ResolverBadServiceUpdate_NACKedWithoutCache...
  • 83bead4 internal/buffer: set closed flag when closing channel in the Load method (#8575)
  • 0f45079 encoding/proto: enable use cached size option (#8569)
  • 8420f3f transport: avoid slice reallocation during header creation (#8547)
  • b36320e Revert "stats/opentelemetry: record retry attempts from clientStream (#8342)"...
  • c122250 stats/opentelemetry: record retry attempts from clientStream (#8342)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.9 to 1.36.10

Updates modernc.org/sqlite from 1.39.0 to 1.39.1

Commits

Bumps the everything group in /internal/ts-compat with 1 update: @types/node.

Updates @types/node from 24.6.1 to 24.9.2

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the everything group with 8 updates
60ab8d4 
Bumps the everything group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/pubsub/v2](https://github.com/googleapis/google-cloud-go) | `2.1.0` | `2.3.0` |
| [github.com/Depado/ginprom](https://github.com/Depado/ginprom) | `1.8.1` | `1.8.2` |
| [github.com/gin-contrib/gzip](https://github.com/gin-contrib/gzip) | `1.2.3` | `1.2.5` |
| [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) | `2.27.2` | `2.27.3` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.251.0` | `0.254.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.75.1` | `1.76.0` |
| google.golang.org/protobuf | `1.36.9` | `1.36.10` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.39.0` | `1.39.1` |


Updates `cloud.google.com/go/pubsub/v2` from 2.1.0 to 2.3.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@pubsub/v2.1.0...pubsub/v2.3.0)

Updates `github.com/Depado/ginprom` from 1.8.1 to 1.8.2
- [Release notes](https://github.com/Depado/ginprom/releases)
- [Commits](depado/ginprom@v1.8.1...v1.8.2)

Updates `github.com/gin-contrib/gzip` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/gin-contrib/gzip/releases)
- [Changelog](https://github.com/gin-contrib/gzip/blob/master/.goreleaser.yaml)
- [Commits](gin-contrib/gzip@v1.2.3...v1.2.5)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.27.2 to 2.27.3
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](grpc-ecosystem/grpc-gateway@v2.27.2...v2.27.3)

Updates `google.golang.org/api` from 0.251.0 to 0.254.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.251.0...v0.254.0)

Updates `google.golang.org/grpc` from 1.75.1 to 1.76.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.75.1...v1.76.0)

Updates `google.golang.org/protobuf` from 1.36.9 to 1.36.10

Updates `modernc.org/sqlite` from 1.39.0 to 1.39.1
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.39.0...v1.39.1)
build(deps-dev): bump @types/node

Bumps the everything group in /internal/ts-compat with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 24.6.1 to 24.9.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub/v2
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything
- dependency-name: github.com/Depado/ginprom
  dependency-version: 1.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything
- dependency-name: github.com/gin-contrib/gzip
  dependency-version: 1.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-version: 2.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything
- dependency-name: google.golang.org/api
  dependency-version: 0.254.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything
- dependency-name: google.golang.org/grpc
  dependency-version: 1.76.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything
- dependency-name: modernc.org/sqlite
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything
- dependency-name: "@types/node"
  dependency-version: 24.9.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: everything
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant