chore(deps): bump the gomod group across 1 directory with 6 updates

[dependabot]

Bumps the gomod group with 5 updates in the / directory:

Package	From	To
github.com/prometheus/client_golang	1.20.0	1.20.5
github.com/klauspost/compress	1.17.9	1.17.11
github.com/prometheus/common	0.55.0	0.60.0
golang.org/x/crypto	0.26.0	0.28.0
google.golang.org/protobuf	1.34.2	1.35.1

Updates github.com/prometheus/client_golang from 1.20.0 to 1.20.5

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.20.5 / 2024-10-15

We decided to revert the testutil change that made our util functions less error-prone, but created a lot of work for our downstream users. Apologies for the pain! This revert should not cause any major breaking change, even if you already did the work--unless you depend on the exact error message.

Going forward, we plan to reinforce our release testing strategy [1],[2] and deliver an enhanced testutil package/module with more flexible and safer APIs.

Thanks to @​dashpole @​dgrisonnet @​kakkoyun @​ArthurSens @​vesari @​logicalhan @​krajorama @​bwplotka who helped in this patch release! 🤗

Changelog

[BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input. #1645

v1.20.4

• [BUGFIX] histograms: Fix a possible data race when appending exemplars vs metrics gather. #1623

v1.20.3

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

v1.20.2

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

v1.20.1

This release contains the critical fix for the issue. Thanks to @​geberl, @​CubicrootXYZ, @​zetaab and @​timofurrer for helping us with the investigation!

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on Linux machines. #1587

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.20.5 / 2024-10-15

• [BUGFIX] testutil: Reverted #1424; functions using compareMetricFamilies are (again) only failing if filtered metricNames are in the expected input.

1.20.4 / 2024-09-07

• [BUGFIX] histograms: Fix possible data race when appending exemplars vs metrics gather. #1623

1.20.3 / 2024-09-05

• [BUGFIX] histograms: Fix possible data race when appending exemplars. #1608

1.20.2 / 2024-08-23

• [BUGFIX] promhttp: Unset Content-Encoding header when data is uncompressed. #1596

1.20.1 / 2024-08-20

• [BUGFIX] process-collector: Fixed unregistered descriptor error when using process collector with PedanticRegistry on linux machines. #1587

Commits

• 48e12a1 Merge pull request #1645 from prometheus/cut-1204-pr1424
• 504ad9b Cut 1.20.5; update comments.
• 584a7ce Revert "testutil compareMetricFamilies: make less error-prone (#1424)"
• 05fcde9 Merge pull request #1623 from krajorama/data-race-in-histogram-write
• 209f4c0 Add changelog
• 1e398cc native histogram: Fix race between Write and addExemplar
• ef2f87e Merge pull request #1620 from prometheus/arthursens/prepare-1.20.3
• 937ac63 Add changelog entry for 1.20.3
• 6e9914d Merge pull request #1608 from krajorama/index-out-of-range-native-histogram-e...
• d6b8c89 Update comments with more explanations
• Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.17.9 to 1.17.11

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.11

What's Changed

• zstd: Fix extra CRC written with multiple Close calls by @​klauspost in klauspost/compress#1017
• s2: Don't use stack for index tables by @​klauspost in klauspost/compress#1014
• gzhttp: No content-type on no body response code by @​juliens in klauspost/compress#1011
• gzhttp: Do not set the content-type when response has no body by @​kevinpollet in klauspost/compress#1013

New Contributors

• @​juliens made their first contribution in klauspost/compress#1011
• @​kevinpollet made their first contribution in klauspost/compress#1013

Full Changelog: klauspost/compress@v1.17.10...v1.17.11

v1.17.10

What's Changed

• gzhttp: Add TransportAlwaysDecompress option. by @​klauspost in klauspost/compress#978
• s2: Add EncodeBuffer buffer recycling callback by @​klauspost in klauspost/compress#982
• zstd: Improve memory usage on small streaming encodes by @​klauspost in klauspost/compress#1007
• gzhttp: Add supported decompress request body by @​mirecl in klauspost/compress#1002
• flate: read data written with partial flush by @​vajexal in klauspost/compress#996
• ci: Upgrade Go & other by @​klauspost in klauspost/compress#1008
• docs: Small typofix in comment by @​Jille in klauspost/compress#976
• build(deps): bump the github-actions group with 2 updates by @​dependabot in klauspost/compress#979
• docs: Fix URL typo when installing builddict by @​Wikidepia in klauspost/compress#980
• build(deps): bump the github-actions group with 2 updates by @​dependabot in klauspost/compress#985
• Fix typos by @​deining in klauspost/compress#986
• build(deps): bump github/codeql-action from 3.25.15 to 3.26.6 in the github-actions group by @​dependabot in klauspost/compress#997

New Contributors

• @​Wikidepia made their first contribution in klauspost/compress#980
• @​deining made their first contribution in klauspost/compress#986
• @​vajexal made their first contribution in klauspost/compress#996
• @​mirecl made their first contribution in klauspost/compress#1002

Full Changelog: klauspost/compress@v1.17.9...v1.17.10

Commits

• 72cd4a9 zstd: Fix extra CRC written with multiple Close calls (#1017)
• dbd6c38 s2: Don't use stack for index tables (#1014)
• f73ab1e Do not set the content-type when response has no body (#1013)
• f2a4f25 build(deps): bump github/codeql-action in the github-actions group (#1012)
• 8e14b1b No content-type on no body response code (#1011)
• 13a1ce6 ci: Match goreleaser version (#1009)
• 6c5a195 Update README.md
• 2a46d6b Update README.md
• 4dafca9 ci: Upgrade Go & other (#1008)
• 26519f8 zstd: Improve memory usage on small streaming encodes (#1007)
• Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.55.0 to 0.60.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.60.0

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#692
• slog: expose io.Writer by @​jkroepke in prometheus/common#694
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#695
• promslog: use UTC timestamps for go-kit log style by @​dswarbrick in prometheus/common#696
• feat: add promslog.NewNopLogger() convenience func by @​tjhop in prometheus/common#697
• Bump golang.org/x/net from 0.28.0 to 0.29.0 by @​dependabot in prometheus/common#699
• Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 by @​dependabot in prometheus/common#698
• Update supported Go versions by @​SuperQ in prometheus/common#700

Full Changelog: prometheus/common@v0.59.1...v0.60.0

v0.59.1

What's Changed

• fix(utf8): Fix multiple metric name inside braces validation by @​fedetorres93 in prometheus/common#691

Full Changelog: prometheus/common@v0.59.0...v0.59.1

v0.59.0

What's Changed

• expfmt: Add WithEscapingScheme to help construct Formats by @​ywwg in prometheus/common#688
• Change the default escape method to UnderscoreEscaping by @​ywwg in prometheus/common#690

Full Changelog: prometheus/common@v0.58.0...v0.59.0

v0.58.0

What's Changed

• docs: mention new promslog package in package list in README by @​tjhop in prometheus/common#683
• Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by @​dependabot in prometheus/common#684
• Bump golang.org/x/net from 0.27.0 to 0.28.0 by @​dependabot in prometheus/common#685
• Remove secret file existence check in Validate for headers by @​roidelapluie in prometheus/common#687

Full Changelog: prometheus/common@v0.57.0...v0.58.0

v0.57.0

What's Changed

• feat: new promslog and promslog/flag packages to wrap log/slog by @​tjhop in prometheus/common#677

New Contributors

• @​tjhop made their first contribution in prometheus/common#677

Full Changelog: prometheus/common@v0.56.0...v0.57.0

v0.56.0

What's Changed

... (truncated)

Commits

• dae848d Update supported Go versions (#700)
• 63ff77e Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (#698)
• b7aa68c Bump golang.org/x/net from 0.28.0 to 0.29.0 (#699)
• 4e3a6fd feat: add promslog.NewNopLogger() convenience func (#697)
• d66e745 promslog: use UTC timestamps for go-kit log style (#696)
• 14bac55 Merge pull request #695 from prometheus/repo_sync
• 8bc4cd5 Update common Prometheus files
• 40d6251 Merge pull request #694 from jkroepke/slog/writer
• fa21dfd Update common Prometheus files (#692)
• 5f9af24 slog: expose io.Writer
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.26.0 to 0.28.0

Commits

• adef4cc go.mod: update golang.org/x dependencies
• a0819fb sha3: fix cSHAKE initialization for extremely large N and or S
• 42ee18b ssh: return ServerAuthError after too many auth failures
• 9e92970 bn256: add missing symbols in comment
• c9da6b9 all: fix printf(var) mistakes detected by latest printf checker
• b35ab4f go.mod: update golang.org/x dependencies
• bcb0f91 internal/poly1305: Port sum_amd64.s to Avo
• 7eace71 chacha20poly1305: Avo port of chacha20poly1305_amd64.s
• 620dfbc salsa20/salsa: Port salsa20_amd64.s to Avo
• 82942cf blake2b: port blake2b_amd64.s to Avo
• Additional commits viewable in compare view

Updates golang.org/x/sys from 0.24.0 to 0.26.0

Commits

• 23b0dab unix: mark vgetrandom as non-escaping
• cbf0eb6 unix: fix grep syntax to work on non-GNU greps
• e7397b9 unix: update to Linux 6.11
• 981de40 unix: use vDSO for getrandom() on linux
• 48aad76 linux: add tcp_cc_info and its related types
• d58f986 all: fix some typos in comment
• 30de352 unix: fix Test{Fd,}Xattr failure on NetBSD
• 68ed59b windows/svc: fix printf(var) mistake detected by latest printf checker
• c08bc6e unix: update Go to 1.23.0
• a43b625 windows: add SIO_UDP_NETRESET constant
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.34.2 to 1.35.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #641.