public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,424 Commits 655 Branches 650 Tags
73e59aec2469dfc77f12fb688e302e1e9900a0e8
Commit Graph

25 Commits

Author SHA1 Message Date
Matheus Macabu fd17222eda [release-11.5.6] Dependencies: Bump Go to v1.24.4 (#106568) 
Dependencies: Bump Go to v1.24.4
 2025-06-11 18:06:13 +02:00
Matheus Macabu 2e2e89a816 [release-11.5.6] Dependencies: Bump github.com/openfga/openfga to v1.8.13 to address CVE-2025-48371 (#106118) 
* Dependencies: Bump github.com/openfga/openfga to v1.8.13 to address CVE-2025-48371

* Static: Fix failing unit test import
 2025-06-09 13:06:46 +02:00
Matheus Macabu c0e2889cea [release-11.5.5] Dependencies: Bump packages in modules with incorrect dependencies or outside of workspace (#105461) 
Dependencies: Bump golang.org/x to latest
 2025-05-15 14:52:51 +02:00
Matheus Macabu f4ad2eb9ec [release-11.5.5] Dependencies: Bump github.com/blevesearch/bleve/v2 from v2.4.3 to v2.5.0 (#105441) 
Dependencies: Bump github.com/blevesearch/bleve/v2 from v2.4.3 to v2.5.0
 2025-05-15 12:05:26 +02:00
Matheus Macabu 2aa89a90a2 [release-11.5.5] Dependencies: Bump github.com/openfga/openfga from v1.8.5 to v1.8.12 (#105373) 
Dependencies: Bump github.com/openfga/openfga from v1.8.5 to v1.8.12
 2025-05-14 14:17:25 +02:00
Matheus Macabu 2e24578a72 [release-11.5.5] Chore: Bump Go version to 1.24.3 (#105109) 
Chore: Bump Go version to 1.24.3
 2025-05-08 16:08:08 +02:00
Mariell Hoversholm bf3f23b558 [release-11.5.4] Go: Bump to 1.24.2 (#103525) 
Go: Bump to 1.24.2

It is not likely we are actually affected by the CVEs, but updating proactively is not a bad idea nonetheless.

Fixes: CVE-2025-22871
Fixes: https://github.com/grafana/grafana-operator-experience-squad/issues/1311
 2025-04-08 17:24:33 +02:00
Matheus Macabu cd63f38f47 [release-11.5.3] Chore: Bump dependencies to address security issues (#101627) 
* Chore: Bump github.com/go-jose/go-jose/v3 to v3.0.4

* Chore: Bump github.com/ua-parser/uap-go to v0.0.0-20250213224047-9c035f085b90

* Chore: Bump golang.org/x/net to v0.36.0

* Chore: Use github.com/moby/moby version 27.4.1 instead of 26.0.0

* Chore: Bump github.com/openfga/openfga to v1.8.5
 2025-03-06 10:12:17 +01:00
Matheus Macabu 29d35ec39c [release-11.5.3] Chore: Bump Go to 1.23.7 (#101581) 
Chore: Bump Go to 1.23.7
 2025-03-05 09:59:05 +01:00
Matheus Macabu 9db9662213 [release-11.5.3] Chore: Update golang.org/x/crypto and golang.org/x/oauth2 to address security issues (#101278) 
Chore: Update golang.org/x/crypto and golang.org/x/ouath2 to address security issues (#101268)

- CVE-2025-22869 and Go issue https://go.dev/issue/71931.
- CVE-2025-22868 and Go issue https://go.dev/issue/71490.

(cherry picked from commit 3aedb9159e)
 2025-02-26 08:42:00 +01:00
Mariell Hoversholm 940d71250b Security: Update to Go 1.23.5 - Backport to v11.5.x (#99122) 
* feat: update to Go 1.23.5

* chore: make drone

* chore: make update-workspace

* fix: 1.23.5, not 1.23.4

* fix: update in Makefile

* CI: Force re-build
 2025-01-17 09:30:36 +01:00
Mariell Hoversholm 05ea05d64e Chore: Bump Go to 1.23.4 (#98853) 
* Chore: Bump Go to 1.23.4

This is done in preparation of updating the App SDK library we import, as it has bumped its Go version to 1.23.4 as well.

* Chore: make update-workspace
 2025-01-14 09:28:44 +01:00
dependabot[bot] 1c67f4084c Bump google.golang.org/api from 0.213.0 to 0.216.0 (#98905) 
* Bump google.golang.org/api from 0.213.0 to 0.216.0

Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.213.0 to 0.216.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.213.0...v0.216.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update workspace

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-01-13 16:05:48 -05:00
ismail simsek f74396b51d Prometheus: Update prometheus to v0.301.0 for utf8 support (#98848) 
* update github.com/prometheus/prometheus to v0.301.0

* have an adapter for infra logger

* go mod tidy and go work sync

* remvoe the cuelang.org/go replace

* remove slog_adapter
 2025-01-13 17:14:20 +01:00
Selene 0501ff9079 Codegen: Isolate schema generation code (#98742) 
* Create go.mod files for plugins and core kinds

* Update go work and main go.mod dependencies

* Update pfs import

* Missing update of pfs dependency

* Remove fixed cuelang dependency

* Update codeowners

* Update workspace

* Update Dockerfile

* Missing go.mod codeowner

* Use intermediate kin-openapi dependency to make all workspaces to work
 2025-01-10 13:33:51 +01:00
Dave Henderson ee7ffb7a04 chore(deps): remove obsolete prometheus replace directive (#96925) 
* chore(deps): remove obsolete prometheus replace directive

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

* chore: Replace newly-deprecated call

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>

---------

Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
 2025-01-09 12:56:42 -05:00
Will Browne 5a2315dabf Plugins: Capture error source from grpc status errors (#97471) 
* capture errorsource from grpc error

* apply PR feedback

* update comment

* update comment

* use SDK logic

* update SDK commit

* update sdk

* update golden files
 2025-01-08 17:05:28 +00:00
dependabot[bot] addc1c95a5 Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#98550) 
* Bump golang.org/x/crypto from 0.31.0 to 0.32.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.31.0 to 0.32.0.
- [Commits](https://github.com/golang/crypto/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update workspace

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2025-01-07 08:00:45 +03:00
Ryan McKinley 6683cdc082 K8s: Update from v0.31.3 to v0.32.0 (#98507) 2025-01-06 18:20:35 +03:00
dependabot[bot] fed73bfa59 Chore(deps): Bump sigs.k8s.io/structured-merge-diff/v4 from 4.4.1 to 4.5.0 (#98091) 2025-01-03 17:44:33 -05:00
Robert Goltz 5a2344ed0c Chore: Bump dependency golang.org/x/net to v0.33.0 - fix: CVE-2024-45338 (#98340) 
* Chore: golang.org/x/net update to fix CVE-2024-45338

* Chore: golang.org/x/net update to fix CVE-2024-45338 - resolve trivy-finding + 2nd run make update-workspace
 2025-01-02 11:22:25 -07:00
Ryan McKinley 6d21eddf13 Plugins: Update to latest go plugin SDK (v0.260.3) w/ arrow v18 (#97561) 
Co-authored-by: Todd Treece <360020+toddtreece@users.noreply.github.com>
 2024-12-13 17:06:39 +03:00
Robert Goltz 0a390cc069 Chore: Bump dependency golang.org/x/crypto to v0.31.0 - fix: CVE-2024-45337 (#97823) 
* Update dependency golang.org/x/crypto to v0.31.0

* Update dependency golang.org/x/crypto to v0.31.0 - based on Trivy Scan

* Chore: go mod tidy

* Chore: make update-workspace

* Chore: manually update more sum files

---------

Co-authored-by: Mariell Hoversholm <mariell.hoversholm@grafana.com>
 2024-12-12 14:21:46 +01:00
Will Browne 871af07203 Chore: Go Workspace fix (#97694) 2024-12-09 20:45:03 -06:00
Yuri Tseretyan 2d386e6704 Alerting: Migrate notification models to generated by grafnaa-app-sdk (#95430) 
* create notifications module and generate models

* switch template group to app models

* switch time intervals to use app models

* switch receiver to use app models

* switch routing tree to use app models

* move schema registration to resource packages

* fix package names to match app

* fix codeowners

* fix UI to use metadata.name instead of uid

* update dockerfile

* move generated models to pkg

* remove provenance from field selector

* move client factories to test files

* rename GenericClient to TypedClient
 2024-12-09 10:29:05 -05:00