Bump the go_modules group across 1 directory with 15 updates

[dependabot]

Bumps the go_modules group with 12 updates in the / directory:

Package	From	To
github.com/blevesearch/bleve/v2	2.3.5	2.3.7
github.com/golang-jwt/jwt/v4	4.5.0	4.5.1
github.com/nats-io/nats-server/v2	2.9.4	2.9.23
golang.org/x/image	0.5.0	0.18.0
google.golang.org/grpc	1.51.0	1.56.3
github.com/cloudflare/circl	1.2.0	1.3.7
github.com/crewjam/saml	0.4.9	0.4.14
github.com/go-git/go-git/v5	5.4.2	5.11.0
github.com/gookit/goutil	0.5.15	0.6.0
github.com/gorilla/schema	1.2.0	1.4.1
github.com/prometheus/alertmanager	0.24.0	0.25.1
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	0.36.4	0.46.0

Updates github.com/blevesearch/bleve/v2 from 2.3.5 to 2.3.7

Release notes

Sourced from github.com/blevesearch/bleve/v2's releases.

v2.3.7

Bug Fixes

• Replaced deprecated io/ioutil functions with blevesearch/bleve#1781
• Fixed situation where bytesRead will not appear in search response if query gets everything it needs from mmaped content with blevesearch/bleve#1788
• Fixed a panic due to misalignment within chunkedContentCoder on 32-bit platforms with blevesearch/zapx#148 and blevesearch/bleve#1791 (only applicable to zap@v15)
• A bot upgraded the golang.org/x/text version we use from 0.3.7 to 0.3.8 with blevesearch/bleve#1792 🥇
• Include bytesWritten into bbolt (metadata for scorch) with blevesearch/bleve#1774

Enhancements

• Support for improved rollback behavior by allowing sampling of snapshots based on a time interval with blevesearch/bleve#1776 . Default behavior remains the same
• Changed the signature of scorch's AsyncErrorCallback with blevesearch/bleve#1800 to provide more context. This is a breaking change.

Milestone

• v2.3.7

v2.3.6

Bug Fixes

• More efficient alignment for chunkedContentCoder (blevesearch/zapx#147)
• Addressed issue in indexing unigrams before punctuations in Japanese (cjk) (blevesearch/bleve#1724)
• Addressed facets string output limitation for date ranges and numeric ranges reported by blevesearch/bleve#1763 with blevesearch/bleve#1764
• Fixed inaccurate IO stats accounting while loading segment metadata (blevesearch/bleve#1769)

Enhancements

• New bytesRead attribute in search response (blevesearch/bleve#1752, blevesearch/zapx#142)
  • Applicable to zapx v15 only
• New tests showcasing performance benchmarks for popular queries (blevesearch/bleve#1755)

Milestone

• v2.3.6

Commits

• d070309 MB-55637: Adapting signature of scorch's async onError callback (#1800)
• ebf9a6d Including the IO stats as part of metadata (#1774)
• cde1967 Update go.mod version to 1.19, workflows to [1.18, 1.19, 1.20] (#1798)
• 51444f0 Improving rollback effectiveness (#1776)
• 1bdcc47 Bump golang.org/x/text from 0.3.7 to 0.3.8 (#1792)
• 9c16559 Upgrade zapx@v15 to v15.3.9 (#1791)
• a8beab1 Display 0 bytesRead in search responses (#1788)
• b43d984 Fix typo in error message while parsing IP (#1784)
• 0228512 Update readme (#1782)
• 837c10f Replacing deprecated io/ioutil functions (#1781)
• Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1

Release notes

Sourced from github.com/golang-jwt/jwt/v4's releases.

v4.5.1

Security

Unclear documentation of the error behavior in ParseWithClaims in <= 4.5.0 could lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by ParseWithClaims return both error codes. If users only check for the jwt.ErrTokenExpired using error.Is, they will ignore the embedded jwt.ErrTokenSignatureInvalid and thus potentially accept invalid tokens.

This issue was documented in GHSA-29wx-vh33-7x7r and fixed in this release.

Note: v5 was not affected by this issue. So upgrading to this release version is also recommended.

What's Changed

• Back-ported error-handling logic in ParseWithClaims from v5 branch. This fixes GHSA-29wx-vh33-7x7r.

Full Changelog: golang-jwt/jwt@v4.5.0...v4.5.1

Commits

• 7b1c1c0 Merge commit from fork
• See full diff in compare view

Updates github.com/nats-io/nats-server/v2 from 2.9.4 to 2.9.23

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.9.23

Changelog

Go Version

• 1.20.10

Fixed

Accounts

• Prevent bypassing authorization block when enabling system account access in accounts block (#4605). Backport from v2.10.2

Leafnodes

• Prevent a leafnode cluster from receiving a message multiple times in a queue subscription (#4578). Backport from v2.10.2

JetStream

• Hold lock when calculating the first message for subject in a message block (#4531). Backport from v2.10.0
• Add self-healing mechanism to detect and delete orphaned Raft groups (#4647). Backport from v2.10.0
• Prevent forward proposals in consumers after scaling down a stream (#4647). Backport from v2.10.0
• Fix race condition during leader failover scenarios resulting in potential duplicate messages being sourced (#4592). Backport from v2.10.2

Complete Changes

nats-io/nats-server@v2.9.22...v2.9.23

Release v2.9.22

Changelog

Go Version

• 1.20.8 (updated out-of-cycle since Go 1.19 is now EOL)

Dependencies

• github.com/nats-io/jwt/v2 v2.5.0
• golang.org/x/crypto v0.12.0
• golang.org/x/sys v0.11.0

Improved

Monitoring

• CORS Allow-Origin passthrough for monitoring server (#4423) Thanks to @​mdawar for the contribution!

JetStream

• Improve consumer scaling reliability with filters and cluster restart (#4404)
• Send event on lame duck mode (LDM) to avoid placing assets on shutting down nodes (#4405)
• Skip filestore tombstones if downgrade from 2.10 occurs (#4452)
• Adjust delivered and waiting count when consumer message delivery fails (#4472)

Fixed

Config

• Allow empty configs and fix JSON compatibility (#4394, #4418)
• Remove TLS OCSP debug log on reload (#4453)

... (truncated)

Commits

• 45436e1 Release v2.9.23 (#4652)
• 72ffa38 Release v2.9.23
• 05fe77f Backport #4592 to 2.9 (#4651)
• 6a73e68 [2.9.x] Bump Travis Go version to 1.20.10 (#4650)
• 8b981a2 Backports from v2.10 for v2.9.23 release (#4647)
• 28eb7c0 Only setup auto no-auth for $G account iff no authorization block was defined.
• 9f16edd Make sure to not forward a message across a route for dq sub when we are a sp...
• 0ac7895 Add in utility to detect and delete any NRG orphans.
• 50722e9 When scaling a consumer down make sure to pop the loopAndForwardProposals go ...
• 770cf2e Backport JetStream benchmarks improvements to 2.9.x (#4644)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.3.0 to 0.12.0

Commits

• b4ddeed go.mod: update golang.org/x dependencies
• edc325d ssh: fix call to Fatalf from a non-test goroutine
• eab9315 ssh: add diffie-hellman-group16-sha512 kex
• ddfa821 ssh: ignore invalid MACs and KEXs just like we do for ciphers
• d08e19b x509roots/fallback: update bundle
• 12e1fcd internal/wycheproof: skip all tests in short test mode
• 3f8f064 ssh: prefer sha256 based RSA key algorithms
• 5df3b59 ssh: disable client agent tests on Windows
• 2e82bdd fix TestValidTerminalMode: missing output from echo SHELL $SHELL
• 64e0e99 ssh: fix RSA certificate and public key authentication with older clients
• Additional commits viewable in compare view

Updates golang.org/x/image from 0.5.0 to 0.18.0

Commits

• 3bbf4a6 tiff: Validate palette indices when parsing palette-color images
• 6c5fa46 go.mod: update golang.org/x dependencies
• 55c4ab6 go.mod: update golang.org/x dependencies
• 0057a93 tiff: fix function name in comment
• 9e190ae webp: disallow multiple VP8X chunks
• 445ab0e go.mod: update golang.org/x dependencies
• 240a51a font/sfnt: support early version 0 OS/2 tables
• c20bbc3 draw: simplify some calls to fmt.Fprintf
• 491771c draw: merge draw_go117.go into draw.go
• 4aa0222 go.mod: update go directive to 1.18
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.7.0 to 0.25.0

Commits

• d27919b go.mod: update golang.org/x dependencies
• e0324fc http2: use net.ErrClosed
• b20cd59 quic: initiate key rotation earlier in connections
• f95a3b3 html: fix typo in package doc
• 0a24555 http/httpguts: speed up ValidHeaderFieldName
• ec05fdc http2: don't retry the first request on a connection on GOAWAY error
• b67a0f0 http2: send correct LastStreamID in stream-caused GOAWAY
• a130fcc quic: don't consider goroutines running when tests start as leaked
• 7bbe320 go.mod: update golang.org/x dependencies
• c48da13 http2: fix TestServerContinuationFlood flakes
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.51.0 to 1.56.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

• client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

• client: support channel idleness using WithIdleTimeout dial option (#6263)
  • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
• client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
• xds: Add support for Custom LB Policies (gRFC A52) (#6224)
• xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
• client: add support for pickfirst address shuffling (gRFC A62) (#6311)
• xds: Add support for String Matcher Header Matcher in RDS (#6313)
• xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • Special Thanks: @​s-matyukevich
• xds: enable RLS in xDS by default (#6343)
• orca: add support for application_utilization field and missing range checks on several metrics setters
• balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
• authz: add conversion of json to RBAC Audit Logging config (#6192)
• authz: add support for stdout logger (#6230 and #6298)
• authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

• orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
• xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
• xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

• orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

• xds: enable federation support by default (#6151)
• status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits

• 1055b48 Update version.go to 1.56.3 (#6713)
• 5efd7bd server: prohibit more than MaxConcurrentStreams handlers from running at once...
• bd1f038 Upgrade version.go to 1.56.3-dev (#6434)
• faab873 Update version.go to v1.56.2 (#6432)
• 6b0b291 status: fix panic when servers return a wrapped error with status OK (#6374) ...
• ed56401 [PSM interop] Don't fail target if sub-target already failed (#6390) (#6405)
• cd6a794 Update version.go to v1.56.2-dev (#6387)
• 5b67e5e Update version.go to v1.56.1 (#6386)
• d0f5150 client: handle empty address lists correctly in addrConn.updateAddrs (#6354) ...
• 997c1ea Change version to 1.56.1-dev (#6345)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.1 to 1.30.0

Updates github.com/cloudflare/circl from 1.2.0 to 1.3.7

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.7

What's Changed

• build(deps): bump golang.org/x/crypto from 0.3.1-0.20221117191849-2c476679df9a to 0.17.0 by @​dependabot in cloudflare/circl#467
• kyber: remove division by q in ciphertext compression by @​bwesterb in cloudflare/circl#468
• Releasing CIRCL v1.3.7 by @​armfazh in cloudflare/circl#469

New Contributors

• @​dependabot made their first contribution in cloudflare/circl#467

Full Changelog: cloudflare/circl@v1.3.6...v1.3.7

CIRCL v1.3.6

What's Changed

• internal: add TurboShake{128,256} by @​bwesterb in cloudflare/circl#430
• Kangaroo12 draft -10 by @​bwesterb in cloudflare/circl#431
• Add K12 as XOF by @​bwesterb in cloudflare/circl#437
• xof/k12: Fix a typo in the package documentation by @​cjpatton in cloudflare/circl#438
• Set CIRCL version for generated assembler code. by @​armfazh in cloudflare/circl#440
• Add tkn20 benchmarks by @​tanyav2 in cloudflare/circl#442
• Add partially blind RSA implementation by @​chris-wood in cloudflare/circl#445
• Update doc.go by @​nadimkobeissi in cloudflare/circl#447
• tss/rsa: key generation for threshold RSA (safe primes) by @​armfazh in cloudflare/circl#450
• Bumping Go version for CI jobs. by @​armfazh in cloudflare/circl#457
• Spelling by @​jsoref in cloudflare/circl#456
• blindrsa: updating blindrsa to be compliant with RFC9474 by @​armfazh in cloudflare/circl#464
• Releasing CIRCL v1.3.6 by @​armfazh in cloudflare/circl#465

New Contributors

• @​nadimkobeissi made their first contribution in cloudflare/circl#447
• @​jsoref made their first contribution in cloudflare/circl#456

Full Changelog: cloudflare/circl@v1.3.3...v1.3.6

CIRCL v1.3.3

New Features

• ASCON light-weight authenticated encryption.
• Hybrid KEM for HPKE based on Kyber and X25519.
• CIRCL can be compiled both as static and dynamic linking modes.

Security

• Fixes error-handling on rand readers.

What's Changed

• Use untyped consts for Kyber params by @​tmthrgd in cloudflare/circl#398
• zk/dl: adds prefixed labels and updates nomenclature. by @​armfazh in cloudflare/circl#396
• Bumping Go version. by @​armfazh in cloudflare/circl#399
• kem: add P-256 + Kyber768Draft00 hybrid by @​bwesterb in cloudflare/circl#402

... (truncated)

Commits

• c48866b Releasing CIRCL v1.3.7
• 75ef91e kyber: remove division by q in ciphertext compression
• 899732a build(deps): bump golang.org/x/crypto
• 99f0f71 Releasing CIRCL v1.3.6
• e728d0d Apply thibmeu code review suggestions
• ceb2d90 Updating blindrsa to be compliant with RFC9474.
• 44133f7 spelling: tripped
• c2076d6 spelling: transposes
• dad2166 spelling: title
• 171c418 spelling: threshold
• Additional commits viewable in compare view

Updates github.com/crewjam/saml from 0.4.9 to 0.4.14

Commits

• b07b16c Merge pull request from GHSA-267v-3v32-g6q5
• 5f6e5ab Bump golang.org/x/crypto (#538)
• 193e551 update for most recent three go versions (#537)
• 34930b2 Add support for hardware security module (HSM) signing. (#503)
• f9e6716 Update golangci-lint version, linting fixes. (#511)
• 8e92368 Merge pull request from GHSA-5mqj-xc49-246p
• 2aeb2ef Update README example to use displayName attribute (#486)
• 5049389 Bump github.com/kr/pretty from 0.3.0 to 0.3.1 (#484)
• 73bf1ff Bump github.com/stretchr/testify from 1.6.1 to 1.8.1 (#483)
• cfc9c75 Bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 (#467)
• Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.11.0

What's Changed

• git: validate reference names (#929) by @​aymanbagabas in go-git/go-git#950
• git: stop iterating at oldest shallow when pulling. Fixes #305 by @​dhoizner in go-git/go-git#939
• plumbing: object, enable renames in getFileStatsFromFilePatches by @​djmoch in go-git/go-git#941
• storage: filesystem, Add option to set a specific FS for alternates by @​pjbgf in go-git/go-git#953
• Align worktree validation with upstream and remove build warnings by @​pjbgf in go-git/go-git#958

New Contributors

• @​dhoizner made their first contribution in go-git/go-git#939
• @​djmoch made their first contribution in go-git/go-git#941

Full Changelog: go-git/go-git@v5.10.1...v5.11.0

v5.10.1

What's Changed

• Worktree, ignore ModeSocket files by @​steiler in go-git/go-git#930
• git: add tracer package by @​aymanbagabas in go-git/go-git#916
• remote: Flip clause for fast-forward only check by @​adityasaky in go-git/go-git#875
• plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes #900 by @​anandf in go-git/go-git#901
• plumbing: uppload-server-info, implement upload-server-info by @​aymanbagabas in go-git/go-git#896
• plumbing: optimise memory consumption for filesystem storage by @​pjbgf in go-git/go-git#799
• plumbing: format/packfile, Refactor patch delta by @​pjbgf in go-git/go-git#908
• plumbing: fix empty uploadpack request error by @​aymanbagabas in go-git/go-git#932
• plumbing: transport/git, Improve tests error message by @​pjbgf in go-git/go-git#752
• plumbing: format/pktline, Respect pktline error-line errors by @​aymanbagabas in go-git/go-git#936
• utils: remove ioutil.Pipe and use std library io.Pipe by @​aymanbagabas in go-git/go-git#922
• utils: move trace to utils by @​aymanbagabas in go-git/go-git#931
• cli: separate go module for cli by @​aymanbagabas in go-git/go-git#914
• build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @​dependabot in go-git/go-git#887
• build: bump actions/setup-go from 3 to 4 by @​dependabot in go-git/go-git#891
• build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by @​dependabot in go-git/go-git#888
• build: bump actions/checkout from 3 to 4 by @​dependabot in go-git/go-git#890
• build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by @​dependabot in go-git/go-git#907
• build: bump golang.org/x/text from 0.13.0 to 0.14.0 by @​dependabot in go-git/go-git#906
• build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by @​dependabot in go-git/go-git#917
• build: bump golang.org/x/net from 0.17.0 to 0.18.0 by @​dependabot in go-git/go-git#918

New Contributors

• @​anandf made their first contribution in go-git/go-git#901
• @​steiler made their first contribution in go-git/go-git#930

Full Changelog: go-git/go-git@v5.10.0...v5.10.1

v5.10.0

What's Changed

• PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by @​ThinkChaos in go-git/go-git#782

... (truncated)

Commits

• 5d08d3b Merge pull request #958 from pjbgf/workval
• 5bd1d8f build: Ensure checkout is the first operation
• b2c1982 git: worktree, Align validation with upstream rules
• cec7da6 Merge pull request #953 from pjbgf/alternates
• 8b47ceb storage: filesystem, Add option to set a specific FS for alternates
• 4f61489 Merge pull request #941 from djmoch/filestats-rename
• ae552ce Merge pull request #939 from dhoizner/fix-pull-after-shallow
• cc1895b Merge pull request #950 from aymanbagabas/validate-ref
• de1d5a5 git: validate reference names
• d87110b Merge pull request #948 from go-git/dependabot/go_modules/cli/go-git/github.c...
• Additional commits viewable in compare view

Updates github.com/gookit/goutil from 0.5.15 to 0.6.0

Release notes

Sourced from github.com/gookit/goutil's releases.

v0.6.0

Change Log

NOTE: since v0.6.0 require go 1.18

Refactor

• refactor: replace Readdir(-1) with ioutil.ReadDir gookit/goutil@cd99ed9

Feature

• up: sysutil/cmdr - add more feature methods for cmdr.Cmd gookit/goutil@d769fc1
• feat: errorx - add some feat error types to errorx gookit/goutil@b177c93
• feat: add some commonly asset function like NotEqual, NoError gookit/goutil@767d6c6
• feat: arr - add new func Map/Column for mapping an object list to flatten list gookit/goutil@3a623fd
• feat: add sync errgroup to goutil package gookit/goutil@dd9e08d
• feat: str - add more padding util functions gookit/goutil@55b0e17

Update

• up: sys/cmdr - add more methods to Task, update some tests gookit/goutil@f13aac2
• up: env - add some env func, update readme docs gookit/goutil@f5ee49b
• up: std - remove some unused files and pkg on std gookit/goutil@0aaeb53
• up: sysutil/cmdr - update the task, runner logic, rm dep cliutil gookit/goutil@b7ca58f
• up: str, cmdr - add some new tool function and method gookit/goutil@496f72e
• up: require go >= 1.18, and only tests on go 1.18+ gookit/goutil@965e4f0
• up: remove any.go file, update some arr util functions gookit/goutil@623fc20
• up: migrate interface{} to go1.18 any keywords gookit/goutil@a90d655
• up: migrate more interface{} to go1.18 any keywords gookit/goutil@b198b73
• up: update readme template and re-generate README gookit/goutil@6a1054c
• up: errorx - update extend error types, add more unit tests gookit/goutil@71fc27a
• up: str - update and add some encode util functions gookit/goutil@9adb2fe
• up: str - update and add some rune util functions gookit/goutil@887ac5b
• up: net - update and add some http client util functions gookit/goutil@7f9bebc
• up: net - remove not used sub package httphelper gookit/goutil@0caf321
• up: com, dump - add some common types and update for dump slice gookit/goutil@8fc1499
• up: fix some tests and code style error gookit/goutil@daabe2b
• up: modify some dep package logic gookit/goutil@3640638
• up: fix cli read error and add new cli util func gookit/goutil@40e02c7

Other

• build(deps): bump golang.org/x/text from 0.3.8 to 0.4.0 gookit/goutil@6619a9a
• style: format all sub pkg codes by go fmt gookit/goutil@3f1a328
• chore: migrate more interface{} to go1.18 any keywords gookit/goutil@7ba341d
• build(deps): bump WillAbides/setup-go-faster from 1.7.0 to 1.8.0 gookit/goutil@d5689ca
• doc: update and re-generate README docs gookit/goutil@5346ec5
• chore: add desc commonts for const, vars and package gookit/goutil@ad8ce94
• chore: re-genreate docs and fix pkg not import gookit/goutil@c6fc881

... (truncated)

Commits

• c6fc881 chore: re-genreate docs and fix pkg not import
• 40e02c7 up: fix cli read error and add new cli util func
• 3640638 up: modify some dep package logic
• ad8ce94 chore: add desc commonts for const, vars and package
• 752d3b3 Merge pull request #71 from Juneezee/refactor/Readdir
• cd99ed9 refactor: replace Readdir(-1) with ioutil.ReadDir
• ed0c4d0 Merge pull request #70 from gookit/dependabot/github_actions/WillAbides/setup...
• 5346ec5 doc: update and re-generate README docs
• daabe2b up: fix some tests and code style error
• baab86a Merge branch 'master' of https://github.com/gookit/goutil
• Additional commits viewable in compare view

Updates github.com/gorilla/schema from 1.2.0 to 1.4.1

Release notes

Sourced from github.com/gorilla/schema's releases.

v1.4.1

Security Release

Fixes an issue where sparse slice deserialization can cause memory exhaustion CVE-2024-37298

Thanks to @​AlexVasiluta for the report and following responsible disclosure.

Full Changelog: gorilla/schema@v1.4.0...v1.4.1

v1.4.0

What's Changed

• feat: if a different type in slice, raise error by @​lll-lll-lll-lll in gorilla/schema#212
• fixed panic: reflect: indirection through nil pointer to embedded struct by @​morus12 in gorilla/schema#211

New Contributors

• @​lll-lll-lll-lll made their first contribution in gorilla/schema#212

Full Changelog: gorilla/schema@v1.3.0...v1.3.1

v1.3.0

What's Changed

• Remove log.Fatal() usage in encoder.go by @​h2570su in gorilla/schema#207
• Add default tag by @​zak905 in gorilla/schema#183
• update readme: add informations about the default tag option usage by @​zak905 in gorilla/schema#209

New Contributors

• @​h2570su made their first contribution in gorilla/schema#207
• @​zak905 made their first contribution in gorilla/schema#183

Full Changelog: gorilla/schema@v1.2.1...v1.3.0

Release v1.2.1

What's Changed

• build: use build matrix; drop Go <= 1.10 by @​elithrar in gorilla/schema#147
• doc: Update README CI badge by @​elithrar in gorilla/schema#148
• docs: remove travis badge by @​elithrar in gorilla/schema#149
• build: fix config.yml by @​elithrar in gorilla/schema#150
• [bug] Registered encoder doesn't work for struct pointer types by @​tkhametov in gorilla/schema#174
• Update README.md by @​coreydaley in gorilla/schema#197
• [GPT-98] Update go version & add verification/testing tools by @​apoorvajagtap in gorilla/schema#200
• fix misspell by @​YuyaAbo in gorilla/schema#192
• Update issues.yml by @​coreydaley in gorilla/schema#201
• update GitHub workflows by <...

  Description has been truncated