Bump github.com/labstack/echo/v4 from 4.7.2 to 4.10.1

[dependabot]

Bumps github.com/labstack/echo/v4 from 4.7.2 to 4.10.1.

Release notes

Sourced from github.com/labstack/echo/v4's releases.

v4.10.1

Security

• Upgrade deps due to the latest golang.org/x/net vulnerability #2402

Enhancements

• Add new JWT repository to the README #2377
• Return an empty string for ctx.path if there is no registered path #2385
• Add context timeout middleware #2380
• Update link to jaegertracing #2394

v4.10.0

Security

• We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

  JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

• This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

  Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

Enhancements

• Bump x/text to 0.3.8 #2305
• Bump dependencies and add notes about Go releases we support #2336
• Add helper interface for ProxyBalancer interface #2316
• Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
• Refactor func(Context) error to HandlerFunc #2315
• Improve function comments #2329
• Add new method HTTPError.WithInternal #2340
• Replace io/ioutil package usages #2342
• Add staticcheck to CI flow #2343
• Replace relative path determination from proprietary to std #2345
• Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
• Add testcases for some BodyLimit middleware configuration options #2350
• Additional configuration options for RequestLogger and Logger middleware #2341
• Add route to request log #2162
• GitHub Workflows security hardening #2358
• Add govulncheck to CI and bump dependencies #2362
• Fix rate limiter docs #2366
• Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

v4.9.1

Fixes

• Fix logger panicing (when template is set to empty) by bumping dependency version #2295

... (truncated)

Changelog

Sourced from github.com/labstack/echo/v4's changelog.

v4.10.1 - 2023-02-19

Security

• Upgrade deps due to the latest golang.org/x/net vulnerability #2402

Enhancements

• Add new JWT repository to the README #2377
• Return an empty string for ctx.path if there is no registered path #2385
• Add context timeout middleware #2380
• Update link to jaegertracing #2394

v4.10.0 - 2022-12-27

Security

• We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

  JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

• This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

  Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

Enhancements

• Bump x/text to 0.3.8 #2305
• Bump dependencies and add notes about Go releases we support #2336
• Add helper interface for ProxyBalancer interface #2316
• Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
• Refactor func(Context) error to HandlerFunc #2315
• Improve function comments #2329
• Add new method HTTPError.WithInternal #2340
• Replace io/ioutil package usages #2342
• Add staticcheck to CI flow #2343
• Replace relative path determination from proprietary to std #2345
• Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
• Add testcases for some BodyLimit middleware configuration options #2350
• Additional configuration options for RequestLogger and Logger middleware #2341
• Add route to request log #2162
• GitHub Workflows security hardening #2358
• Add govulncheck to CI and bump dependencies #2362
• Fix rate limiter docs #2366
• Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

... (truncated)

Commits

• b888a30 Changelog for v4.10.1
• 2c25767 remediate flaky timeout tests
• a3998ac Upgrade deps due to the latest golang.org/x/net vulnerability
• 45da0f8 remove .travis.yml
• 6b09f3f Update link to jaegertracing
• 82a964c Add context timeout middleware (#2380)
• 08093a4 Return an empty string for ctx.path if there is no registered path
• 24a3061 Add new JWT repository to the README
• f36d566 Changelog for 4.10.0
• a69727e Mark JWT middleware deprecated
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)