From 315269d8f9f9774b59d7fd1cbf258730bf84bfdf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 16 Jan 2025 23:21:53 +0100
Subject: [PATCH 1/9] Bump golang.org/x/net from 0.32.0 to 0.33.0 (#3499)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.32.0 to
0.33.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/dfc720dfe0cfc125116068c20efcdcb5e4eab464"><code>dfc720d</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/8e66b04771e35c4e4125e8c60334b34e2423effb"><code>8e66b04</code></a>
html: use strings.EqualFold instead of lowering ourselves</li>
<li><a
href="https://github.com/golang/net/commit/b935f7b5d723c82894e1a1fd936a94dd2d1eae46"><code>b935f7b</code></a>
html: avoid endless loop on error token</li>
<li><a
href="https://github.com/golang/net/commit/9af49ef148d7d8b3e4cbbd9cc0cd37f2a520a4a3"><code>9af49ef</code></a>
route: remove unused sizeof* consts</li>
<li><a
href="https://github.com/golang/net/commit/6705db9a4df8f2cf16aed83e773e7a0213788b7a"><code>6705db9</code></a>
quic: clean up crypto streams when dropping packet protection keys</li>
<li><a
href="https://github.com/golang/net/commit/4ef7588d2b3f83775099797baac43c34e2e23200"><code>4ef7588</code></a>
quic: handle ACK frame in packet which drops number space</li>
<li><a
href="https://github.com/golang/net/commit/552d8ac903a11a9fde71a88732f5b58b6b394178"><code>552d8ac</code></a>
Revert &quot;route: change from syscall to x/sys/unix&quot;</li>
<li><a
href="https://github.com/golang/net/commit/13a7c0108bd38aad013797cdb95e6bfca0bbcec6"><code>13a7c01</code></a>
Revert &quot;route: remove unused sizeof* consts on freebsd&quot;</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.32.0...v0.33.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.32.0&new-version=0.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/element-hq/dendrite/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip ci]
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 598c5cc3..cd7be5f7 100644
--- a/go.mod
+++ b/go.mod
@@ -142,7 +142,7 @@ require (
 	go.opentelemetry.io/otel/trace v1.32.0 // indirect
 	go.uber.org/mock v0.4.0 // indirect
 	golang.org/x/mod v0.19.0 // indirect
-	golang.org/x/net v0.32.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
diff --git a/go.sum b/go.sum
index 472ab9eb..e2b0ce7c 100644
--- a/go.sum
+++ b/go.sum
@@ -418,8 +418,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
-golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

From a41f9cc154f476f3236a8cc2355e3e392f59901f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 16 Jan 2025 23:22:19 +0100
Subject: [PATCH 2/9] Bump modernc.org/sqlite from 1.34.2 to 1.34.5 (#3500)

Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.34.2
to 1.34.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://gitlab.com/cznic/sqlite/commit/15818ab7fe22935c740f0bf5069901a1314799d0"><code>15818ab</code></a>
move the vendor tool into a separate module, updates gc#3</li>
<li><a
href="https://gitlab.com/cznic/sqlite/commit/d3e8a664e8b51225de529ad17338007b5f16c5df"><code>d3e8a66</code></a>
retract v1.34.3</li>
<li><a
href="https://gitlab.com/cznic/sqlite/commit/1fcc86e9d6e8d65d4928c1575b3d4cbdcb0fc70c"><code>1fcc86e</code></a>
fix accidentaly broken openbsd/amd64 build</li>
<li><a
href="https://gitlab.com/cznic/sqlite/commit/7f15e6eb45fa87fd65c5817b56d449a3b80a1d24"><code>7f15e6e</code></a>
linux/arm64: patch libc bug at runtime, updates <a
href="https://gitlab.com/cznic/sqlite/issues/199">#199</a></li>
<li>See full diff in <a
href="https://gitlab.com/cznic/sqlite/compare/v1.34.2...v1.34.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=modernc.org/sqlite&package-manager=go_modules&previous-version=1.34.2&new-version=1.34.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 6 +-----
 go.sum | 8 ++------
 2 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/go.mod b/go.mod
index cd7be5f7..1e1511d7 100644
--- a/go.mod
+++ b/go.mod
@@ -55,7 +55,7 @@ require (
 	gopkg.in/yaml.v2 v2.4.0
 	gotest.tools/v3 v3.4.0
 	maunium.net/go/mautrix v0.15.1
-	modernc.org/sqlite v1.34.2
+	modernc.org/sqlite v1.34.5
 )
 
 require (
@@ -101,7 +101,6 @@ require (
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd // indirect
 	github.com/h2non/filetype v1.1.3 // indirect
-	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/hjson/hjson-go/v4 v4.4.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/juju/errors v1.0.0 // indirect
@@ -151,12 +150,9 @@ require (
 	gopkg.in/macaroon.v2 v2.1.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	maunium.net/go/maulogger/v2 v2.4.1 // indirect
-	modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 // indirect
 	modernc.org/libc v1.55.3 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.8.0 // indirect
-	modernc.org/strutil v1.2.0 // indirect
-	modernc.org/token v1.1.0 // indirect
 	nhooyr.io/websocket v1.8.7 // indirect
 )
 
diff --git a/go.sum b/go.sum
index e2b0ce7c..dedb8053 100644
--- a/go.sum
+++ b/go.sum
@@ -197,8 +197,6 @@ github.com/h2non/filetype v1.1.3 h1:FKkx9QbD7HR/zjK1Ia5XiBsq9zdLi5Kf3zGyFTAFkGg=
 github.com/h2non/filetype v1.1.3/go.mod h1:319b3zT68BvV+WRj7cwy856M2ehB3HqNOt6sy1HndBY=
 github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw=
 github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
-github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
-github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
 github.com/hjson/hjson-go/v4 v4.4.0 h1:D/NPvqOCH6/eisTb5/ztuIS8GUvmpHaLOcNk1Bjr298=
 github.com/hjson/hjson-go/v4 v4.4.0/go.mod h1:KaYt3bTw3zhBjYqnXkYywcYctk0A2nxeEFTse3rH13E=
 github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
@@ -515,8 +513,6 @@ modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
 modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
 modernc.org/gc/v2 v2.4.1 h1:9cNzOqPyMJBvrUipmynX0ZohMhcxPtMccYgGOJdOiBw=
 modernc.org/gc/v2 v2.4.1/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
-modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6 h1:5D53IMaUuA5InSeMu9eJtlQXS2NxAhyWQvkKEgXZhHI=
-modernc.org/gc/v3 v3.0.0-20240107210532-573471604cb6/go.mod h1:Qz0X07sNOR1jWYCrJMEnbW/X55x206Q7Vt4mz6/wHp4=
 modernc.org/libc v1.55.3 h1:AzcW1mhlPNrRtjS5sS+eW2ISCgSOLLNyFzRh/V3Qj/U=
 modernc.org/libc v1.55.3/go.mod h1:qFXepLhz+JjFThQ4kzwzOjA/y/artDeg+pcYnY+Q83w=
 modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
@@ -527,8 +523,8 @@ modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
 modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
 modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
-modernc.org/sqlite v1.34.2 h1:J9n76TPsfYYkFkZ9Uy1QphILYifiVEwwOT7yP5b++2Y=
-modernc.org/sqlite v1.34.2/go.mod h1:dnR723UrTtjKpoHCAMN0Q/gZ9MT4r+iRvIBb9umWFkU=
+modernc.org/sqlite v1.34.5 h1:Bb6SR13/fjp15jt70CL4f18JIN7p7dnMExd+UFnF15g=
+modernc.org/sqlite v1.34.5/go.mod h1:YLuNmX9NKs8wRNK2ko1LW1NGYcc9FkBO69JOt1AR9JE=
 modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
 modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=

From 3672df7e3860595a6703bff87e399251ccc166cd Mon Sep 17 00:00:00 2001
From: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:24:21 +0100
Subject: [PATCH 3/9] Fix Pinecone panic

---
 cmd/dendrite-demo-pinecone/monolith/monolith.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cmd/dendrite-demo-pinecone/monolith/monolith.go b/cmd/dendrite-demo-pinecone/monolith/monolith.go
index 2fb5e675..562d559d 100644
--- a/cmd/dendrite-demo-pinecone/monolith/monolith.go
+++ b/cmd/dendrite-demo-pinecone/monolith/monolith.go
@@ -138,6 +138,7 @@ func (p *P2PMonolith) SetupDendrite(
 	rsAPI.SetFederationAPI(fsAPI, keyRing)
 
 	userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, federation, enableMetrics, fsAPI.IsBlacklistedOrBackingOff)
+	rsAPI.SetUserAPI(userAPI)
 
 	asAPI := appservice.NewInternalAPI(processCtx, cfg, &natsInstance, userAPI, rsAPI)
 

From afa8fc489e8f58ae21d6384d4a7da85e764d365b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:27:48 +0100
Subject: [PATCH 4/9] Bump actions/configure-pages from 2 to 5 (#3474)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[actions/configure-pages](https://github.com/actions/configure-pages)
from 2 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/configure-pages/releases">actions/configure-pages's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h1>Breaking Changes</h1>
<p>:warning: This version contains breaking changes! :warning:</p>
<ul>
<li>When using the <a
href="https://github.com/actions/configure-pages/blob/983d7736d9b0ae728b81ab479565c72886d7745b/action.yml#L7-L10">input
param <code>static_site_generator: next</code></a>:
<ul>
<li>Added support for Next.js &gt;= 13.3.0</li>
<li>Consequently, also dropped support for Next.js &lt; 13.3.0</li>
</ul>
</li>
</ul>
<h1>Full Changelog</h1>
<ul>
<li>Attempt to auto-detect configuration files with varying file
extensions <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/139">#139</a>)</li>
<li>Convert errors into Actions-compatible logging with annotations <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/138">#138</a>)</li>
<li>Bump <code>@​actions/github</code> from 5.1.1 to 6.0.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/123">#123</a>)</li>
<li>Bump the non-breaking-changes group with 2 updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/136">#136</a>)</li>
<li>Update the Next.js configuration for v14 <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/137">#137</a>)</li>
<li>Bump the non-breaking-changes group with 3 updates <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/132">#132</a>)</li>
<li>Bump release-drafter/release-drafter from 5 to 6 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/133">#133</a>)</li>
<li>Bump github/codeql-action from 2 to 3 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/127">#127</a>)</li>
<li>Bump actions/checkout from 3 to 4 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/120">#120</a>)</li>
<li>Bump actions/setup-node from 3 to 4 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/118">#118</a>)</li>
<li>Bump the non-breaking-changes group with 1 update <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/131">#131</a>)</li>
<li>Update Dependabot config to group non-breaking changes <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/130">#130</a>)</li>
</ul>
<p>See details of <a
href="https://github.com/actions/configure-pages/compare/v4.0.0...v5.0.0">all
code changes</a> since previous release.</p>
<h2>v4.0.0</h2>
<h1>Changelog</h1>
<ul>
<li>Use a centralized <code>.node-version</code> file <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/117">#117</a>)</li>
<li>Update action to node20 <a
href="https://github.com/takost"><code>@​takost</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/108">#108</a>)</li>
</ul>
<p>See details of <a
href="https://github.com/actions/configure-pages/compare/v3.0.7...v4.0.0">all
code changes</a> since previous release.</p>
<h2>v3.0.7</h2>
<h1>Changelog</h1>
<ul>
<li>Update Actions workflows to use Node 20.x <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/configure-pages/issues/116">#116</a>)</li>
<li>Bump eslint-plugin-github from 4.7.0 to 4.10.1 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/114">#114</a>)</li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/113">#113</a>)</li>
<li>Bump jest from 29.5.0 to 29.7.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/112">#112</a>)</li>
<li>Bump <code>@​babel/traverse</code> from 7.21.3 to 7.23.5 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/110">#110</a>)</li>
<li>Bump espree from 9.5.2 to 9.6.1 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/111">#111</a>)</li>
<li>Bump eslint from 8.38.0 to 8.40.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/configure-pages/issues/93">#93</a>)</li>
</ul>
<p>See details of <a
href="https://github.com/actions/configure-pages/compare/v3.0.6...v3.0.7">all
code changes</a> since previous release.</p>
<h2>v3.0.6</h2>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/configure-pages/commit/983d7736d9b0ae728b81ab479565c72886d7745b"><code>983d773</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/configure-pages/issues/139">#139</a>
from actions/config-auto-detect</li>
<li><a
href="https://github.com/actions/configure-pages/commit/9cf6e24f7417e4d116f9cbeee49e71d810373617"><code>9cf6e24</code></a>
Tweak comment</li>
<li><a
href="https://github.com/actions/configure-pages/commit/f304bd89be34aba4128f07b2fd86bc4e34fbabd7"><code>f304bd8</code></a>
Update distributables</li>
<li><a
href="https://github.com/actions/configure-pages/commit/215cd51eb0b4014b08466bdaaf323d9243321eb0"><code>215cd51</code></a>
Attempt to detect existing config files matching the expected basename
plus o...</li>
<li><a
href="https://github.com/actions/configure-pages/commit/e9382ac9ad54dcf5ba213056a0506fb85da7ca52"><code>e9382ac</code></a>
Front-load the file extension warning</li>
<li><a
href="https://github.com/actions/configure-pages/commit/7781abd34b2650ee39f68c3023a1198b1a3e7b78"><code>7781abd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/configure-pages/issues/138">#138</a>
from actions/error-utils</li>
<li><a
href="https://github.com/actions/configure-pages/commit/fc47e3c8386fa64ae7a2419b64710d432c7a3b90"><code>fc47e3c</code></a>
Update distributables</li>
<li><a
href="https://github.com/actions/configure-pages/commit/9c9f8a266f2316434daa266bf75396b5e7d1e058"><code>9c9f8a2</code></a>
Update tests to use the Octokit RequestError class</li>
<li><a
href="https://github.com/actions/configure-pages/commit/9a4705d6535eae096428426648f242b5ae07ef81"><code>9a4705d</code></a>
Update distributables</li>
<li><a
href="https://github.com/actions/configure-pages/commit/f6ded38287437661b636a27f136e14b1b2e46064"><code>f6ded38</code></a>
Fix syntax error and formatting</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/configure-pages/compare/v2...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/configure-pages&package-manager=github_actions&previous-version=2&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 .github/workflows/gh-pages.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
index aa5f024b..db3cd33c 100644
--- a/.github/workflows/gh-pages.yml
+++ b/.github/workflows/gh-pages.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Setup Pages
-        uses: actions/configure-pages@v2
+        uses: actions/configure-pages@v5
       - name: Build with Jekyll
         uses: actions/jekyll-build-pages@v1
         with:

From 4eb7267d9e518a28c4d4ddceda224649594ac3d4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:28:24 +0100
Subject: [PATCH 5/9] Bump actions/deploy-pages from 1 to 4 (#3475)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages)
from 1 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/deploy-pages/releases">actions/deploy-pages's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h1>Changelog</h1>
<ul>
<li>Deploy pages using artifact IDs <a
href="https://github.com/konradpabjan"><code>@​konradpabjan</code></a>
(<a
href="https://redirect.github.com/actions/deploy-pages/issues/251">#251</a>)</li>
<li>This version requires the permission <code>actions: read</code> in
the workflows which use it.</li>
</ul>
<hr />
<p>ℹ️ This version of <code>actions/deploy-pages</code> is
<strong>ONLY</strong> compatible with artifacts uploaded by either:</p>
<ul>
<li><a
href="https://github.com/actions/upload-pages-artifact/releases/tag/v3.0.0"><code>actions/upload-pages-artifact@v3</code></a>
or newer</li>
<li><a
href="https://github.com/actions/upload-artifact/releases/tag/v4.0.0"><code>actions/upload-artifact@v4</code></a>
or newer.</li>
</ul>
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v3.0.1...v4.0.0">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibilty">compatibility
table</a>.</p>
<h2>v3.0.1</h2>
<h1>Changelog</h1>
<ul>
<li>Bump eslint from 8.54.0 to 8.55.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/266">#266</a>)</li>
<li>Bump nock from 13.3.8 to 13.4.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/267">#267</a>)</li>
<li>Bump eslint-config-prettier from 9.0.0 to 9.1.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/268">#268</a>)</li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/269">#269</a>)</li>
<li>Bump <code>@​actions/github</code> from 5.1.1 to 6.0.0 <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/261">#261</a>)</li>
<li>Update compatibility table for v3 <a
href="https://github.com/JamesMGreene"><code>@​JamesMGreene</code></a>
(<a
href="https://redirect.github.com/actions/deploy-pages/issues/270">#270</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>chore/docs: update version, fix typos <a
href="https://github.com/kbdharun"><code>@​kbdharun</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/272">#272</a>)</li>
</ul>
<hr />
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v3.0.0...v3.0.1">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibilty">compatibility
table</a>.</p>
<h2>v3.0.0</h2>
<h1>Changelog</h1>
<ul>
<li>Update action to node20 <a
href="https://github.com/takost"><code>@​takost</code></a> (<a
href="https://redirect.github.com/actions/deploy-pages/issues/256">#256</a>)</li>
</ul>
<hr />
<p>See details of <a
href="https://github.com/actions/deploy-pages/compare/v2.0.5...v3.0.0">all
code changes</a> since previous release.</p>
<p>:warning: For use with products other than GitHub.com, such as GitHub
Enterprise Server, please consult the <a
href="https://github.com/actions/deploy-pages/#compatibilty">compatibility
table</a>.</p>
<h2>v2.0.5</h2>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/deploy-pages/commit/d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e"><code>d6db901</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/324">#324</a>
from actions/error-message-request-id</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/055f4259a5b2e76fa0789ad7922a992670f3f6b7"><code>055f425</code></a>
compile changes</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/5ab929b0772a9c574971c2357565e79163c9088f"><code>5ab929b</code></a>
Include request id in the error message of an error response</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/3ff795bc32f6f1ceb4dd02ca0c135001516c35ba"><code>3ff795b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/318">#318</a>
from actions/dependabot/npm_and_yarn/non-breaking-cha...</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/f5a2f0d405b68f09cea281329308ca2cd64c1264"><code>f5a2f0d</code></a>
Update distributables after Dependabot 🤖</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/1364cde56e32972e043d974794ed0a0e449616cf"><code>1364cde</code></a>
Bump the non-breaking-changes group with 2 updates</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/2ed07f748804ece802939c5fa8753c2858c4dc4d"><code>2ed07f7</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/316">#316</a>
from actions/dependabot/npm_and_yarn/non-breaking-cha...</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/d5a892b11c1e1a34d36b6c8dd3b79f53e904086d"><code>d5a892b</code></a>
Bump the non-breaking-changes group with 1 update</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/05977f58bc03458243006330b90b3352b6ceead6"><code>05977f5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/deploy-pages/issues/314">#314</a>
from actions/dependabot/npm_and_yarn/non-breaking-cha...</li>
<li><a
href="https://github.com/actions/deploy-pages/commit/9414024cfce3ef0ceee3850d28ee5290f189d0d8"><code>9414024</code></a>
Update distributables after Dependabot 🤖</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/deploy-pages/compare/v1...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/deploy-pages&package-manager=github_actions&previous-version=1&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 .github/workflows/gh-pages.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml
index db3cd33c..24a5cba6 100644
--- a/.github/workflows/gh-pages.yml
+++ b/.github/workflows/gh-pages.yml
@@ -49,4 +49,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v1
+        uses: actions/deploy-pages@v4

From 60442bd0595770128e3b718f42ae1f11029c6683 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:29:00 +0100
Subject: [PATCH 6/9] Bump github.com/stretchr/testify from 1.9.0 to 1.10.0
 (#3479)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify)
from 1.9.0 to 1.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's
releases</a>.</em></p>
<blockquote>
<h2>v1.10.0</h2>
<h2>What's Changed</h2>
<h3>Functional Changes</h3>
<ul>
<li>Add PanicAssertionFunc by <a
href="https://github.com/fahimbagar"><code>@​fahimbagar</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1337">stretchr/testify#1337</a></li>
<li>assert: deprecate CompareType by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1566">stretchr/testify#1566</a></li>
<li>assert: make YAML dependency pluggable via build tags by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1579">stretchr/testify#1579</a></li>
<li>assert: new assertion NotElementsMatch by <a
href="https://github.com/hendrywiranto"><code>@​hendrywiranto</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1600">stretchr/testify#1600</a></li>
<li>mock: in order mock calls by <a
href="https://github.com/ReyOrtiz"><code>@​ReyOrtiz</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1637">stretchr/testify#1637</a></li>
<li>Add assertion for NotErrorAs by <a
href="https://github.com/palsivertsen"><code>@​palsivertsen</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1129">stretchr/testify#1129</a></li>
<li>Record Return Arguments of a Call by <a
href="https://github.com/jayd3e"><code>@​jayd3e</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1636">stretchr/testify#1636</a></li>
<li>assert.EqualExportedValues: accepts everything by <a
href="https://github.com/redachl"><code>@​redachl</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1586">stretchr/testify#1586</a></li>
</ul>
<h3>Fixes</h3>
<ul>
<li>assert: make tHelper a type alias by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1562">stretchr/testify#1562</a></li>
<li>Do not get argument again unnecessarily in Arguments.Error() by <a
href="https://github.com/TomWright"><code>@​TomWright</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/820">stretchr/testify#820</a></li>
<li>Fix time.Time compare by <a
href="https://github.com/myxo"><code>@​myxo</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1582">stretchr/testify#1582</a></li>
<li>assert.Regexp: handle []byte array properly by <a
href="https://github.com/kevinburkesegment"><code>@​kevinburkesegment</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1587">stretchr/testify#1587</a></li>
<li>assert: collect.FailNow() should not panic by <a
href="https://github.com/marshall-lee"><code>@​marshall-lee</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1481">stretchr/testify#1481</a></li>
<li>mock: simplify implementation of FunctionalOptions by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1571">stretchr/testify#1571</a></li>
<li>mock: caller information for unexpected method call by <a
href="https://github.com/spirin"><code>@​spirin</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1644">stretchr/testify#1644</a></li>
<li>suite: fix test failures by <a
href="https://github.com/stevenh"><code>@​stevenh</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1421">stretchr/testify#1421</a></li>
<li>Fix issue <a
href="https://redirect.github.com/stretchr/testify/issues/1662">#1662</a>
(comparing infs should fail) by <a
href="https://github.com/ybrustin"><code>@​ybrustin</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1663">stretchr/testify#1663</a></li>
<li>NotSame should fail if args are not pointers <a
href="https://redirect.github.com/stretchr/testify/issues/1661">#1661</a>
by <a href="https://github.com/sikehish"><code>@​sikehish</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1664">stretchr/testify#1664</a></li>
<li>Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in
CI by <a href="https://github.com/sikehish"><code>@​sikehish</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1667">stretchr/testify#1667</a></li>
<li>fix: compare functional option names for indirect calls by <a
href="https://github.com/arjun-1"><code>@​arjun-1</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1626">stretchr/testify#1626</a></li>
</ul>
<h3>Documantation, Build &amp; CI</h3>
<ul>
<li>.gitignore: ignore &quot;go test -c&quot; binaries by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1565">stretchr/testify#1565</a></li>
<li>mock: improve doc by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1570">stretchr/testify#1570</a></li>
<li>mock: fix FunctionalOptions docs by <a
href="https://github.com/snirye"><code>@​snirye</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1433">stretchr/testify#1433</a></li>
<li>README: link out to the excellent testifylint by <a
href="https://github.com/brackendawson"><code>@​brackendawson</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1568">stretchr/testify#1568</a></li>
<li>assert: fix typo in comment by <a
href="https://github.com/JohnEndson"><code>@​JohnEndson</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1580">stretchr/testify#1580</a></li>
<li>Correct the EventuallyWithT and EventuallyWithTf example by <a
href="https://github.com/JonCrowther"><code>@​JonCrowther</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1588">stretchr/testify#1588</a></li>
<li>CI: bump softprops/action-gh-release from 1 to 2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1575">stretchr/testify#1575</a></li>
<li>mock: document more alternatives to deprecated
AnythingOfTypeArgument by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1569">stretchr/testify#1569</a></li>
<li>assert: Correctly document EqualValues behavior by <a
href="https://github.com/brackendawson"><code>@​brackendawson</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1593">stretchr/testify#1593</a></li>
<li>fix: grammar in godoc by <a
href="https://github.com/miparnisari"><code>@​miparnisari</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1607">stretchr/testify#1607</a></li>
<li>.github/workflows: Run tests for Go 1.22 by <a
href="https://github.com/HaraldNordgren"><code>@​HaraldNordgren</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1629">stretchr/testify#1629</a></li>
<li>Document suite's lack of support for t.Parallel by <a
href="https://github.com/brackendawson"><code>@​brackendawson</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1645">stretchr/testify#1645</a></li>
<li>assert: fix typos in comments by <a
href="https://github.com/alexandear"><code>@​alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1650">stretchr/testify#1650</a></li>
<li>mock: fix doc comment for NotBefore by <a
href="https://github.com/alexandear"><code>@​alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1651">stretchr/testify#1651</a></li>
<li>Generate better comments for require package by <a
href="https://github.com/Neokil"><code>@​Neokil</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1610">stretchr/testify#1610</a></li>
<li>README: replace Testify V2 notice with <a
href="https://github.com/dolmen"><code>@​dolmen</code></a>'s V2
manifesto by <a
href="https://github.com/hendrywiranto"><code>@​hendrywiranto</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1518">stretchr/testify#1518</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/fahimbagar"><code>@​fahimbagar</code></a> made
their first contribution in <a
href="https://redirect.github.com/stretchr/testify/pull/1337">stretchr/testify#1337</a></li>
<li><a href="https://github.com/TomWright"><code>@​TomWright</code></a>
made their first contribution in <a
href="https://redirect.github.com/stretchr/testify/pull/820">stretchr/testify#820</a></li>
<li><a href="https://github.com/snirye"><code>@​snirye</code></a> made
their first contribution in <a
href="https://redirect.github.com/stretchr/testify/pull/1433">stretchr/testify#1433</a></li>
<li><a href="https://github.com/myxo"><code>@​myxo</code></a> made their
first contribution in <a
href="https://redirect.github.com/stretchr/testify/pull/1582">stretchr/testify#1582</a></li>
<li><a
href="https://github.com/JohnEndson"><code>@​JohnEndson</code></a> made
their first contribution in <a
href="https://redirect.github.com/stretchr/testify/pull/1580">stretchr/testify#1580</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stretchr/testify/commit/89cbdd9e7b39eb58896d316a7495597d3aba4371"><code>89cbdd9</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1626">#1626</a>
from arjun-1/fix-functional-options-diff-indirect-calls</li>
<li><a
href="https://github.com/stretchr/testify/commit/07bac606be2191ae89a281195e58d01e0de7b5f8"><code>07bac60</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1667">#1667</a>
from sikehish/flaky</li>
<li><a
href="https://github.com/stretchr/testify/commit/716de8dff46ed7ae3c6ebb7a6124db741ba7c018"><code>716de8d</code></a>
Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in
CI</li>
<li><a
href="https://github.com/stretchr/testify/commit/118fb8346630c192421c8914848381af9d4412a7"><code>118fb83</code></a>
NotSame should fail if args are not pointers <a
href="https://redirect.github.com/stretchr/testify/issues/1661">#1661</a>
(<a
href="https://redirect.github.com/stretchr/testify/issues/1664">#1664</a>)</li>
<li><a
href="https://github.com/stretchr/testify/commit/7d99b2b43d8f60a8982a78cde6e8bd287dea5da0"><code>7d99b2b</code></a>
attempt 2</li>
<li><a
href="https://github.com/stretchr/testify/commit/05f87c016035811e6d8371f1887ec360c318f53f"><code>05f87c0</code></a>
more similar</li>
<li><a
href="https://github.com/stretchr/testify/commit/ea7129e00694592e20cb34c58a6b8a251418b9da"><code>ea7129e</code></a>
better fmt</li>
<li><a
href="https://github.com/stretchr/testify/commit/a1b9c9efe3c25c50678b1e492045164b914e255f"><code>a1b9c9e</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1663">#1663</a>
from ybrustin/master</li>
<li><a
href="https://github.com/stretchr/testify/commit/8302de98b17649445fc1f1992fc3fecdb40c59ba"><code>8302de9</code></a>
Merge branch 'master' into master</li>
<li><a
href="https://github.com/stretchr/testify/commit/89352f7958086841c72425ccd6f43ab299e1309c"><code>89352f7</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1518">#1518</a>
from hendrywiranto/adjust-readme-remove-v2</li>
<li>Additional commits viewable in <a
href="https://github.com/stretchr/testify/compare/v1.9.0...v1.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/stretchr/testify&package-manager=go_modules&previous-version=1.9.0&new-version=1.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 1e1511d7..8334a2db 100644
--- a/go.mod
+++ b/go.mod
@@ -37,7 +37,7 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.19.1
 	github.com/sirupsen/logrus v1.9.3
-	github.com/stretchr/testify v1.9.0
+	github.com/stretchr/testify v1.10.0
 	github.com/tidwall/gjson v1.18.0
 	github.com/tidwall/sjson v1.2.5
 	github.com/uber/jaeger-client-go v2.30.0+incompatible
diff --git a/go.sum b/go.sum
index dedb8053..86bdff3b 100644
--- a/go.sum
+++ b/go.sum
@@ -329,8 +329,8 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
 github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=

From 3e6835f07369d5482dd1851ff45eb620295b5e6c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:30:45 +0100
Subject: [PATCH 7/9] Bump github.com/prometheus/client_golang from 1.19.1 to
 1.20.5 (#3495)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[github.com/prometheus/client_golang](https://github.com/prometheus/client_golang)
from 1.19.1 to 1.20.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's
releases</a>.</em></p>
<blockquote>
<h2>v1.20.5 / 2024-10-15</h2>
<p>We decided to revert <a
href="https://redirect.github.com/prometheus/client_golang/pull/1424">the
<code>testutil</code> change</a> that made our util functions less
error-prone, but created a lot of work for our downstream users.
Apologies for the pain! This revert should not cause any major breaking
change, even if you already did the work--unless you depend on the <a
href="https://redirect.github.com/grafana/mimir/pull/9624#issuecomment-2413401565">exact
error message</a>.</p>
<p>Going forward, we plan to reinforce our release testing strategy <a
href="https://redirect.github.com/prometheus/client_golang/issues/1646">[1]</a>,<a
href="https://redirect.github.com/prometheus/client_golang/issues/1648">[2]</a>
and deliver an enhanced <a
href="https://redirect.github.com/prometheus/client_golang/issues/1639"><code>testutil</code>
package/module</a> with more flexible and safer APIs.</p>
<p>Thanks to <a
href="https://github.com/dashpole"><code>@​dashpole</code></a> <a
href="https://github.com/dgrisonnet"><code>@​dgrisonnet</code></a> <a
href="https://github.com/kakkoyun"><code>@​kakkoyun</code></a> <a
href="https://github.com/ArthurSens"><code>@​ArthurSens</code></a> <a
href="https://github.com/vesari"><code>@​vesari</code></a> <a
href="https://github.com/logicalhan"><code>@​logicalhan</code></a> <a
href="https://github.com/krajorama"><code>@​krajorama</code></a> <a
href="https://github.com/bwplotka"><code>@​bwplotka</code></a> who
helped in this patch release! 🤗</p>
<h3>Changelog</h3>
<p>[BUGFIX] testutil: Reverted <a
href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>;
functions using compareMetricFamilies are (again) only failing if
filtered metricNames are in the expected input. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1645">#1645</a></p>
<h2>v1.20.4</h2>
<ul>
<li>[BUGFIX] histograms: Fix a possible data race when appending
exemplars vs metrics gather. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li>
</ul>
<h2>v1.20.3</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending
exemplars. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li>
</ul>
<h2>v1.20.2</h2>
<ul>
<li>[BUGFIX] promhttp: Unset Content-Encoding header when data is
uncompressed. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li>
</ul>
<h2>v1.20.1</h2>
<p>This release contains the critical fix for the <a
href="https://redirect.github.com/prometheus/client_golang/issues/1584">issue</a>.
Thanks to <a href="https://github.com/geberl"><code>@​geberl</code></a>,
<a
href="https://github.com/CubicrootXYZ"><code>@​CubicrootXYZ</code></a>,
<a href="https://github.com/zetaab"><code>@​zetaab</code></a> and <a
href="https://github.com/timofurrer"><code>@​timofurrer</code></a> for
helping us with the investigation!</p>
<ul>
<li>[BUGFIX] process-collector: Fixed unregistered descriptor error when
using process collector with PedanticRegistry on Linux machines. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1587">#1587</a></li>
</ul>
<h2>v1.20.0</h2>
<p>Thanks everyone for contributions!</p>
<p>:warning: In this release we remove one (broken anyway, given Go
runtime changes) metric and add three new (representing GOGC, GOMEMLIMIT
and GOMAXPROCS flags) to the default
<code>collectors.NewGoCollector()</code> collector. Given its popular
usage, expect your binary to expose two additional metric.</p>
<h2>Changes</h2>
<ul>
<li>[CHANGE] :warning: go-collector: Remove
<code>go_memstat_lookups_total</code> metric which was always 0; Go
runtime stopped sharing pointer lookup statistics. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1577">#1577</a></li>
<li>[FEATURE] :warning: go-collector: Add 3 default metrics:
<code>go_gc_gogc_percent</code>, <code>go_gc_gomemlimit_bytes</code> and
<code>go_sched_gomaxprocs_threads</code> as those are recommended by the
Go team. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1559">#1559</a></li>
<li>[FEATURE] go-collector: Add more information to all metrics' HELP
e.g. the exact <code>runtime/metrics</code> sourcing each metric (if
relevant). <a
href="https://redirect.github.com/prometheus/client_golang/issues/1568">#1568</a>
<a
href="https://redirect.github.com/prometheus/client_golang/issues/1578">#1578</a></li>
<li>[FEATURE] testutil: Add CollectAndFormat method. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1503">#1503</a></li>
<li>[FEATURE] histograms: Add support for exemplars in native
histograms. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1471">#1471</a></li>
<li>[FEATURE] promhttp: Add experimental support for <code>zstd</code>
on scrape, controlled by the request <code>Accept-Encoding</code>
header. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1496">#1496</a></li>
<li>[FEATURE] api/v1: Add <code>WithLimit</code> parameter to all API
methods that supports it. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1544">#1544</a></li>
<li>[FEATURE] prometheus: Add support for created timestamps in constant
histograms and constant summaries. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1537">#1537</a></li>
<li>[FEATURE] process-collectors: Add network usage metrics:
<code>process_network_receive_bytes_total</code> and
<code>process_network_transmit_bytes_total</code>. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1555">#1555</a></li>
<li>[FEATURE] promlint: Add duplicated metric lint rule. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1472">#1472</a></li>
<li>[BUGFIX] promlint: Relax metric type in name linter rule. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1455">#1455</a></li>
<li>[BUGFIX] promhttp: Make sure server
instrumentation wrapping supports new and future extra responseWriter
methods. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1480">#1480</a></li>
<li>[BUGFIX] testutil: Functions using compareMetricFamilies are now
failing if filtered metricNames are not in the input. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a></li>
</ul>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's
changelog</a>.</em></p>
<blockquote>
<h2>1.20.5 / 2024-10-15</h2>
<ul>
<li>[BUGFIX] testutil: Reverted <a
href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>;
functions using compareMetricFamilies are (again) only failing if
filtered metricNames are in the expected input.</li>
</ul>
<h2>1.20.4 / 2024-09-07</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending exemplars
vs metrics gather. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a></li>
</ul>
<h2>1.20.3 / 2024-09-05</h2>
<ul>
<li>[BUGFIX] histograms: Fix possible data race when appending
exemplars. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a></li>
</ul>
<h2>1.20.2 / 2024-08-23</h2>
<ul>
<li>[BUGFIX] promhttp: Unset Content-Encoding header when data is
uncompressed. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1596">#1596</a></li>
</ul>
<h2>1.20.1 / 2024-08-20</h2>
<ul>
<li>[BUGFIX] process-collector: Fixed unregistered descriptor error when
using process collector with <code>PedanticRegistry</code> on linux
machines. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1587">#1587</a></li>
</ul>
<h2>1.20.0 / 2024-08-14</h2>
<ul>
<li>[CHANGE] :warning: go-collector: Remove
<code>go_memstat_lookups_total</code> metric which was always 0; Go
runtime stopped sharing pointer lookup statistics. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1577">#1577</a></li>
<li>[FEATURE] :warning: go-collector: Add 3 default metrics:
<code>go_gc_gogc_percent</code>, <code>go_gc_gomemlimit_bytes</code> and
<code>go_sched_gomaxprocs_threads</code> as those are recommended by the
Go team. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1559">#1559</a></li>
<li>[FEATURE] go-collector: Add more information to all metrics' HELP
e.g. the exact <code>runtime/metrics</code> sourcing each metric (if
relevant). <a
href="https://redirect.github.com/prometheus/client_golang/issues/1568">#1568</a>
<a
href="https://redirect.github.com/prometheus/client_golang/issues/1578">#1578</a></li>
<li>[FEATURE] testutil: Add CollectAndFormat method. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1503">#1503</a></li>
<li>[FEATURE] histograms: Add support for exemplars in native
histograms. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1471">#1471</a></li>
<li>[FEATURE] promhttp: Add experimental support for <code>zstd</code>
on scrape, controlled by the request <code>Accept-Encoding</code>
header. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1496">#1496</a></li>
<li>[FEATURE] api/v1: Add <code>WithLimit</code> parameter to all API
methods that supports it. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1544">#1544</a></li>
<li>[FEATURE] prometheus: Add support for created timestamps in constant
histograms and constant summaries. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1537">#1537</a></li>
<li>[FEATURE] process-collector: Add network usage metrics:
<code>process_network_receive_bytes_total</code> and
<code>process_network_transmit_bytes_total</code>. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1555">#1555</a></li>
<li>[FEATURE] promlint: Add duplicated metric lint rule. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1472">#1472</a></li>
<li>[BUGFIX] promlint: Relax metric type in name linter rule. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1455">#1455</a></li>
<li>[BUGFIX] promhttp: Make sure server instrumentation wrapping
supports new and future extra responseWriter methods. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1480">#1480</a></li>
<li>[BUGFIX] <strong>breaking</strong> testutil: Functions using
compareMetricFamilies are now failing if filtered metricNames are not in
the input. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>
(reverted in 1.20.5)</li>
</ul>
<h2>1.19.0 / 2024-02-27</h2>
<p>The module <code>prometheus/common v0.48.0</code> introduced an
incompatibility when used together with client_golang (See <a
href="https://redirect.github.com/prometheus/client_golang/pull/1448">prometheus/client_golang#1448</a>
for more details). If your project uses client_golang and you want to
use <code>prometheus/common v0.48.0</code> or higher, please update
client_golang to v1.19.0.</p>
<ul>
<li>[CHANGE] Minimum required go version is now 1.20 (we also test
client_golang against new 1.22 version). <a
href="https://redirect.github.com/prometheus/client_golang/issues/1445">#1445</a>
<a
href="https://redirect.github.com/prometheus/client_golang/issues/1449">#1449</a></li>
<li>[FEATURE] collectors: Add version collector. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1422">#1422</a>
<a
href="https://redirect.github.com/prometheus/client_golang/issues/1427">#1427</a></li>
</ul>
<h2>1.18.0 / 2023-12-22</h2>
<ul>
<li>[FEATURE] promlint: Allow creation of custom metric validations. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1311">#1311</a></li>
<li>[FEATURE] Go programs using client_golang can be built in wasip1 OS.
<a
href="https://redirect.github.com/prometheus/client_golang/issues/1350">#1350</a></li>
<li>[BUGFIX] histograms: Add timer to reset ASAP after bucket limiting
has happened. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1367">#1367</a></li>
<li>[BUGFIX] testutil: Fix comparison of metrics with empty Help
strings. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1378">#1378</a></li>
<li>[ENHANCEMENT] Improved performance of
<code>MetricVec.WithLabelValues(...)</code>. <a
href="https://redirect.github.com/prometheus/client_golang/issues/1360">#1360</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/prometheus/client_golang/commit/48e12a185519fd76b4e514b597483781d9ba4093"><code>48e12a1</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1645">#1645</a>
from prometheus/cut-1204-pr1424</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/504ad9bf5c6419449d2cacf8cf8855bfdcfcfc18"><code>504ad9b</code></a>
Cut 1.20.5; update comments.</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/584a7ce3d935e4fdca7b893f5f741d59f3289140"><code>584a7ce</code></a>
Revert &quot;testutil compareMetricFamilies: make less error-prone (<a
href="https://redirect.github.com/prometheus/client_golang/issues/1424">#1424</a>)&quot;</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/05fcde9fe4eb93d3fb7b56ebe51acf80536f0583"><code>05fcde9</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1623">#1623</a>
from krajorama/data-race-in-histogram-write</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/209f4c041ed1764866f44dd053a8d94aa051c610"><code>209f4c0</code></a>
Add changelog</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/1e398ccb1259d20836e3003885bdd949cb21e635"><code>1e398cc</code></a>
native histogram: Fix race between Write and addExemplar</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/ef2f87ea986252194ea960187b20b409180044dd"><code>ef2f87e</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1620">#1620</a>
from prometheus/arthursens/prepare-1.20.3</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/937ac63d3d2dda83847f4ca842d62edabce4e743"><code>937ac63</code></a>
Add changelog entry for 1.20.3</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/6e9914db5af255f5def17d54a7ca9c531771f4ca"><code>6e9914d</code></a>
Merge pull request <a
href="https://redirect.github.com/prometheus/client_golang/issues/1608">#1608</a>
from krajorama/index-out-of-range-native-histogram-e...</li>
<li><a
href="https://github.com/prometheus/client_golang/commit/d6b8c8925bd16626cf168e642eb70724b17a0d61"><code>d6b8c89</code></a>
Update comments with more explanations</li>
<li>Additional commits viewable in <a
href="https://github.com/prometheus/client_golang/compare/v1.19.1...v1.20.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/prometheus/client_golang&package-manager=go_modules&previous-version=1.19.1&new-version=1.20.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 go.mod | 11 ++++++-----
 go.sum | 24 ++++++++++++++----------
 2 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/go.mod b/go.mod
index 8334a2db..11387967 100644
--- a/go.mod
+++ b/go.mod
@@ -35,7 +35,7 @@ require (
 	github.com/opentracing/opentracing-go v1.2.0
 	github.com/patrickmn/go-cache v2.1.0+incompatible
 	github.com/pkg/errors v0.9.1
-	github.com/prometheus/client_golang v1.19.1
+	github.com/prometheus/client_golang v1.20.5
 	github.com/sirupsen/logrus v1.9.3
 	github.com/stretchr/testify v1.10.0
 	github.com/tidwall/gjson v1.18.0
@@ -83,7 +83,7 @@ require (
 	github.com/blevesearch/zapx/v14 v14.3.10 // indirect
 	github.com/blevesearch/zapx/v15 v15.3.13 // indirect
 	github.com/blevesearch/zapx/v16 v16.0.12 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/distribution/reference v0.6.0 // indirect
@@ -114,6 +114,7 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/mschoch/smat v0.2.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/nats-io/jwt/v2 v2.5.8 // indirect
 	github.com/nats-io/nkeys v0.4.9 // indirect
 	github.com/nats-io/nuid v1.0.1 // indirect
@@ -122,9 +123,9 @@ require (
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/client_model v0.5.0 // indirect
-	github.com/prometheus/common v0.48.0 // indirect
-	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.55.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/quic-go/quic-go v0.46.0 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/rogpeppe/go-internal v1.13.1 // indirect
diff --git a/go.sum b/go.sum
index 86bdff3b..3e86b7d4 100644
--- a/go.sum
+++ b/go.sum
@@ -65,8 +65,8 @@ github.com/blevesearch/zapx/v16 v16.0.12 h1:Uccxvjmn+hQ6ywQP+wIiTpdq9LnAviGoryJO
 github.com/blevesearch/zapx/v16 v16.0.12/go.mod h1:MYnOshRfSm4C4drxx1LGRI+MVFByykJ2anDY1fxdk9Q=
 github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
 github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
-github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/codeclysm/extract v2.2.0+incompatible h1:q3wyckoA30bhUSiwdQezMqVhwd8+WGE64/GL//LtUhI=
 github.com/codeclysm/extract v2.2.0+incompatible/go.mod h1:2nhFMPHiU9At61hz+12bfrlpXSUrOnK+wR+KlGO4Uks=
 github.com/coder/websocket v1.8.12 h1:5bUXkEPPIbewrnkU8LTCLVaxi4N4J8ahufH2vlo4NAo=
@@ -219,6 +219,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
 github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w=
 github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY=
@@ -264,6 +266,8 @@ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
 github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
 github.com/mschoch/smat v0.2.0 h1:8imxQsjDm8yFEAVBe7azKmKSgzSkZXDuKkSq9374khM=
 github.com/mschoch/smat v0.2.0/go.mod h1:kc9mz7DoBKqDyiRL7VZN8KvXQMWeTaVnttLRXOlotKw=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/nats-io/jwt/v2 v2.5.8 h1:uvdSzwWiEGWGXf+0Q+70qv6AQdvcvxrv9hPM0RiPamE=
 github.com/nats-io/jwt/v2 v2.5.8/go.mod h1:ZdWS1nZa6WMZfFwwgpEaqBV8EPGVgOTDHN/wTbz0Y5A=
 github.com/nats-io/nats-server/v2 v2.10.23 h1:jvfb9cEi5h8UG6HkZgJGdn9f1UPaX3Dohk0PohEekJI=
@@ -300,14 +304,14 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE=
-github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho=
-github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
-github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
-github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
-github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
-github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
-github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
+github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
+github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
+github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
+github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
+github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
+github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
+github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
+github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
 github.com/quic-go/quic-go v0.46.0 h1:uuwLClEEyk1DNvchH8uCByQVjo3yKL9opKulExNDs7Y=
 github.com/quic-go/quic-go v0.46.0/go.mod h1:1dLehS7TIR64+vxGR70GDcatWTOtMX2PUtnKsjbTurI=
 github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=

From ceeef81210025d7d28f36ed8d5dec4d56c4e14d1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:31:18 +0100
Subject: [PATCH 8/9] Bump docker/build-push-action from 3 to 6 (#3476)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 3 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">build
summary</a> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120">docker/build-push-action#1120</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary">
<code>DOCKER_BUILD_SUMMARY: false</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0</a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086">docker/build-push-action#1086</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0</a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0</a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia"><code>@​favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren"><code>@​elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980">docker/build-push-action#980</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991">docker/build-push-action#991</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0</a></p>
<h2>v5.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/954">docker/build-push-action#954</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/959">docker/build-push-action#959</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0">https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0</a></p>
<h2>v4.2.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/48aba3b46d1b1fec4febb7c5d0c644b249a11355"><code>48aba3b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1268">#1268</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/678328cf8e3098e9f2f1d936ae548c9479d6df42"><code>678328c</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/cdf0a37e6f1233dd28f23c10211c33e67a7bec71"><code>cdf0a37</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.39.0 to
0.46.0</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d719b79de1e8e269d4fcc5a80898196da2d0c5b6"><code>d719b79</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1238">#1238</a>
from docker/dependabot/npm_and_yarn/actions/core-1.11.1</li>
<li><a
href="https://github.com/docker/build-push-action/commit/c333dfd43deaf1620b3379589ac39a11be13c72c"><code>c333dfd</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/6b56a4c3f83c50fa6630a247100ee2d2905aaa5f"><code>6b56a4c</code></a>
chore(deps): Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1</li>
<li><a
href="https://github.com/docker/build-push-action/commit/92fb0d73b623b7ebf48bd248bd465b6a5cbe7c60"><code>92fb0d7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1259">#1259</a>
from docker/dependabot/github_actions/codecov/codeco...</li>
<li><a
href="https://github.com/docker/build-push-action/commit/40532c5d6fa1c2aef883289629dcadf2e77165a4"><code>40532c5</code></a>
ci: fix deprecated input for codecov-action</li>
<li><a
href="https://github.com/docker/build-push-action/commit/70dd95342711510431dc0bd25494df47756d27c3"><code>70dd953</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1267">#1267</a>
from crazy-max/fix-allow</li>
<li><a
href="https://github.com/docker/build-push-action/commit/41b4e8020e9e4e2a35082a19644371a54db50097"><code>41b4e80</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1261">#1261</a>
from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v3...v6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=3&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 .github/workflows/docker.yml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index fdf77640..5f120626 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -52,7 +52,7 @@ jobs:
       - name: Build "build" image
         if: github.ref_name == 'main' || github.event_name == 'release'
         id: docker_build_cache
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           target: build
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
@@ -66,7 +66,7 @@ jobs:
       - name: Build main monolith image
         if: github.ref_name == 'main'
         id: docker_build_monolith
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
           context: .
@@ -79,7 +79,7 @@ jobs:
       - name: Build release monolith image
         if: github.event_name == 'release' # Only for GitHub releases
         id: docker_build_monolith_release
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           context: .
           platforms: ${{ env.PLATFORMS }}
@@ -135,7 +135,7 @@ jobs:
       - name: Build main Pinecone demo image
         if: github.ref_name == 'main'
         id: docker_build_demo_pinecone
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
           context: .
@@ -149,7 +149,7 @@ jobs:
       - name: Build release Pinecone demo image
         if: github.event_name == 'release' # Only for GitHub releases
         id: docker_build_demo_pinecone_release
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
           context: .
@@ -195,7 +195,7 @@ jobs:
       - name: Build main Yggdrasil demo image
         if: github.ref_name == 'main'
         id: docker_build_demo_yggdrasil
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
           context: .
@@ -209,7 +209,7 @@ jobs:
       - name: Build release Yggdrasil demo image
         if: github.event_name == 'release' # Only for GitHub releases
         id: docker_build_demo_yggdrasil_release
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v6
         with:
           cache-from: type=registry,ref=ghcr.io/${{ env.GHCR_NAMESPACE }}/dendrite-monolith:buildcache
           context: .

From 9de3e84fff20f962ca430343575b6c5a2e062830 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 19 Jan 2025 09:35:22 +0100
Subject: [PATCH 9/9] Bump gotest.tools/v3 from 3.4.0 to 3.5.1 (#3478)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [gotest.tools/v3](https://github.com/gotestyourself/gotest.tools)
from 3.4.0 to 3.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gotestyourself/gotest.tools/releases">gotest.tools/v3's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Make assert and golden packages compatible with other golden
packages by <a
href="https://github.com/dnephin"><code>@​dnephin</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/271">gotestyourself/gotest.tools#271</a></li>
<li>Also remove cr from file by <a
href="https://github.com/filintod"><code>@​filintod</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/273">gotestyourself/gotest.tools#273</a></li>
<li>fs: add go doc links by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/275">gotestyourself/gotest.tools#275</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/filintod"><code>@​filintod</code></a>
made their first contribution in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/273">gotestyourself/gotest.tools#273</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gotestyourself/gotest.tools/compare/v3.5.0...v3.5.1">https://github.com/gotestyourself/gotest.tools/compare/v3.5.0...v3.5.1</a></p>
<h2>v3.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>go.mod: update dependencies and go version by <a
href="https://github.com/thaJeztah"><code>@​thaJeztah</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/248">gotestyourself/gotest.tools#248</a></li>
<li>Use Go1.20 by <a
href="https://github.com/dnephin"><code>@​dnephin</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/252">gotestyourself/gotest.tools#252</a></li>
<li>Fix couple of typos by <a
href="https://github.com/wallyqs"><code>@​wallyqs</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/253">gotestyourself/gotest.tools#253</a></li>
<li>Added WithStdout and WithStderr helpers by <a
href="https://github.com/ericfialkowski"><code>@​ericfialkowski</code></a>
in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/258">gotestyourself/gotest.tools#258</a></li>
<li>Moved cmdOperators handling from RunCmd to StartCmd by <a
href="https://github.com/ericfialkowski"><code>@​ericfialkowski</code></a>
in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/259">gotestyourself/gotest.tools#259</a></li>
<li>Deprecate assert.ErrorType by <a
href="https://github.com/dnephin"><code>@​dnephin</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/254">gotestyourself/gotest.tools#254</a></li>
<li>Remove outdated Dockerfile by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/261">gotestyourself/gotest.tools#261</a></li>
<li>env: add godoc links by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/263">gotestyourself/gotest.tools#263</a></li>
<li>poll: add godoc links by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/264">gotestyourself/gotest.tools#264</a></li>
<li>doc: add godoc links by <a
href="https://github.com/dolmen"><code>@​dolmen</code></a> in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/262">gotestyourself/gotest.tools#262</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/wallyqs"><code>@​wallyqs</code></a> made
their first contribution in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/253">gotestyourself/gotest.tools#253</a></li>
<li><a
href="https://github.com/ericfialkowski"><code>@​ericfialkowski</code></a>
made their first contribution in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/258">gotestyourself/gotest.tools#258</a></li>
<li><a href="https://github.com/dolmen"><code>@​dolmen</code></a> made
their first contribution in <a
href="https://redirect.github.com/gotestyourself/gotest.tools/pull/261">gotestyourself/gotest.tools#261</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gotestyourself/gotest.tools/compare/v3.4.0...v3.5.0">https://github.com/gotestyourself/gotest.tools/compare/v3.4.0...v3.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/81cea1abc596b025bf2573c7fdf97740512e4c6c"><code>81cea1a</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/275">#275</a>
from gotestyourself/fs-add-godoc-links</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/9af8f4ed6e74f570f8f47381e9676789ab646bb7"><code>9af8f4e</code></a>
fs: add go doc links</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/2891300d35b0550e72cea231bd3d5d9d7121d071"><code>2891300</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/273">#273</a>
from filintod/also-remove-cr-from-file</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/4ed73505b62d9169e98ac0840717baa898cb1467"><code>4ed7350</code></a>
fix lint line length</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/73064285756374ef240acaff95785481f33def25"><code>7306428</code></a>
rebase/fix only doc</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/e15fa271c80375c3d4306e3dd372ee5d63bed4ef"><code>e15fa27</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/271">#271</a>
from dnephin/gate-update-flag</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/56c31231b2ff5ed38ba0b82dec25f0a3e638497d"><code>56c3123</code></a>
Make assert and golden compatible with other golden packages</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/a80f057529047c44e1a85d0d017b200787e537e0"><code>a80f057</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/262">#262</a>
from dolmen-go/add-godoc-links</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/684bd43c4231346326d372631943ca42e58b80d1"><code>684bd43</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/264">#264</a>
from dolmen-go/poll-add-godoc-links</li>
<li><a
href="https://github.com/gotestyourself/gotest.tools/commit/e2be4be0f7eabb5320f5aba2a18335238551150e"><code>e2be4be</code></a>
Merge pull request <a
href="https://redirect.github.com/gotestyourself/gotest.tools/issues/263">#263</a>
from dolmen-go/env-add-godoc-links</li>
<li>Additional commits viewable in <a
href="https://github.com/gotestyourself/gotest.tools/compare/v3.4.0...v3.5.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gotest.tools/v3&package-manager=go_modules&previous-version=3.4.0&new-version=3.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

[skip CI]
---
 go.mod | 2 +-
 go.sum | 6 ++----
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index 11387967..37130e87 100644
--- a/go.mod
+++ b/go.mod
@@ -53,7 +53,7 @@ require (
 	golang.org/x/term v0.27.0
 	gopkg.in/h2non/bimg.v1 v1.1.9
 	gopkg.in/yaml.v2 v2.4.0
-	gotest.tools/v3 v3.4.0
+	gotest.tools/v3 v3.5.1
 	maunium.net/go/mautrix v0.15.1
 	modernc.org/sqlite v1.34.5
 )
diff --git a/go.sum b/go.sum
index 3e86b7d4..d8a625ab 100644
--- a/go.sum
+++ b/go.sum
@@ -434,7 +434,6 @@ golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -465,7 +464,6 @@ golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg=
 golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -503,8 +501,8 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o=
-gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g=
+gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
+gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
 maunium.net/go/maulogger/v2 v2.4.1 h1:N7zSdd0mZkB2m2JtFUsiGTQQAdP0YeFWT7YMc80yAL8=
 maunium.net/go/maulogger/v2 v2.4.1/go.mod h1:omPuYwYBILeVQobz8uO3XC8DIRuEb5rXYlQSuqrbCho=
 maunium.net/go/mautrix v0.15.1 h1:pmCtMjYRpd83+2UL+KTRFYQo5to0373yulimvLK+1k0=