kubernetes

mirror of https://github.com/kubernetes/kubernetes.git synced 2026-04-28 01:30:27 -04:00

Author	SHA1	Message	Date
Kubernetes Prow Robot	446abd3e5f	Merge pull request #138621 from pohly/dep-moby-term dependencies: update github.com/moby/term v0.5.2	2026-04-28 02:00:47 +05:30
Patrick Ohly	a49b40cc92	dependencies: update github.com/moby/term v0.5.2 This will get pulled in eventually. Doing it now simplifies some upcoming PR.	2026-04-27 17:06:19 +02:00
Paco Xu	8730b0ebc9	bump github.com/stretchr/objx to v0.5.3	2026-04-27 14:59:42 +08:00
Kubernetes Prow Robot	e9b95827eb	Merge pull request #138573 from dims/update-go-openapi-deps-rebase Update go-openapi dependencies (jsonpointer, jsonreference, swag)	2026-04-26 05:42:46 +05:30
Humble Devassy Chirammal	15492a41ed	etcd: bump etcd sdk to v3.6.10 Bump go.etcd.io/etcd/{api,client/pkg,client,pkg,server}/v3 from v3.6.8 to v3.6.10. go.etcd.io/etcd/raft/v3 is intentionally left unchanged (separate release cadence). Signed-off-by: Humble Devassy Chirammal <humble.devassy@gmail.com>	2026-04-25 09:08:49 +05:30
Benjamin Elder	686a126f69	hack/update-vendor.sh	2026-04-24 19:38:58 -07:00
Davanum Srinivas	693dc57f57	Update go-openapi dependencies (jsonpointer, jsonreference, swag) Bump go-openapi dependencies to latest versions: - github.com/go-openapi/jsonpointer v0.21.0 → v0.22.4 - github.com/go-openapi/jsonreference v0.20.2 → v0.21.4 - github.com/go-openapi/swag v0.23.0 → v0.25.4 The new swag version has been restructured into a multi-module monorepo with submodules (cmdutils, conv, fileutils, jsonname, jsonutils, loading, mangling, netutils, stringutils, typeutils, yamlutils). As a result: - mailru/easyjson and josharian/intern are no longer transitive deps and have been removed from vendor - go-openapi/jsonpointer and go-openapi/swag no longer reference unwanted deps davecgh/go-spew, mailru/easyjson, or gopkg.in/yaml.v3 - Updated hack/unwanted-dependencies.json accordingly Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-04-24 08:13:31 -04:00
Davanum Srinivas	dc29a934e4	Update github.com/fxamacker/cbor/v2 to v2.9.1 Parser hardening for the kube-apiserver CBOR deserializer (PRs #750, #753, #757): fixes tag-1 epoch float64 overflow into time.Time fields (directly reachable via DecTagOptional decode path), RawMessage clone defense, and keyasint type-confusion fixes.	2026-04-23 21:43:02 -04:00
Kubernetes Prow Robot	5ed1fd971d	Merge pull request #138192 from skitt/otel-1.42 Bump otel to 1.43.0 and contrib to 0.68.0	2026-04-23 20:00:53 +05:30
Kubernetes Prow Robot	326c31cdc0	Merge pull request #138344 from dims/update-cel-go-dep Update github.com/google/cel-go v0.26.0 -> v0.27.0 AND avoid v0.28.0	2026-04-23 19:00:46 +05:30
Stephen Kitt	1a63916abe	Bump otel to 1.43.0 and contrib to 0.68.0 See https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.41.0 https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.42.0 https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0 and https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.41.0 https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.42.0 https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.43.0 for details. otelgrpc no longer produces "messages" span events so these are removed from the tracing test. Signed-off-by: Stephen Kitt <skitt@redhat.com>	2026-04-23 14:35:21 +02:00
Davanum Srinivas	f6209104d2	Update github.com/moby/spdystream from v0.5.0 to v0.5.1 Kubernetes-commit: 7e9c2c8eef26f99aa2f94d8e09d6d32de86c7769	2026-04-13 13:57:52 -04:00
Davanum Srinivas	09fbff5735	Update github.com/google/cel-go v0.26.0 -> v0.27.0 Bump cel-go to v0.27.0 to pick up the fix for context cancellation error reporting that's breaking CI (see #138334). Changes worth noting: - cel-go switched from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3, so removed it from the gopkg.in/yaml.v3 unwanted references - Dropped transitive dep github.com/stoewer/go-strcase - Updated transitive dep github.com/antlr4-go/antlr/v4 - Pinned cel-go at v0.27.0 in hack/unwanted-dependencies.json Kubernetes-commit: <drop>	2026-04-13 08:53:35 -04:00
Paco Xu	a304826799	bump spf13/cobra to v1.10.2	2026-03-18 16:46:23 +08:00
Paco Xu	8f41f5014f	bump github.com/coredns/corefile-migration to v1.0.32	2026-03-11 07:59:40 +08:00
Humble Devassy Chirammal	600d188f2b	dependencies: bump gomega to v1.39.1 and ginkgo to v2.28.1	2026-02-27 18:44:36 +05:30
Davanum Srinivas	aa4159c2d2	Bump prometheus/common to v0.67.5 and prometheus/procfs to v0.19.2 prometheus/common v0.66.1 -> v0.67.5: - Breaking: TextParser must now use NewTextParser() constructor - Float/gauge histograms support in expfmt - Fixed panic in tlsRoundTripper when CA file missing - https://github.com/prometheus/common/compare/v0.66.1...v0.67.5 prometheus/procfs v0.16.1 -> v0.19.2: - New: process shared memory, netfilter queue, hung_task metrics - Enhanced meminfo (zswap, hugetlb fields) - MD raid component devices exposed - Fixed ZswappedBytes calculation - https://github.com/prometheus/procfs/compare/v0.16.1...v0.19.2 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-02-03 21:25:04 -05:00
Kubernetes Prow Robot	4caf96e199	Merge pull request #136598 from dgrisonnet/update-go-systemd Bump go-systemd to v22.7.0	2026-01-30 03:07:56 +05:30
xin.li	e1cbecc9d2	update vendor Signed-off-by: xin.li <xin.li@daocloud.io>	2026-01-29 14:43:06 +08:00
Damien Grisonnet	e454bf04bb	Bump go-systemd to v22.7.0 Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>	2026-01-28 20:57:35 +01:00
Davanum Srinivas	c40ea60b9f	Update OpenTelemetry dependencies to latest versions Core packages (opentelemetry-go): - go.opentelemetry.io/otel: v1.38.0 → v1.39.0 - go.opentelemetry.io/otel/metric: v1.38.0 → v1.39.0 - go.opentelemetry.io/otel/trace: v1.38.0 → v1.39.0 - go.opentelemetry.io/otel/sdk: v1.38.0 → v1.39.0 Exporters: - go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.34.0 → v1.39.0 - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.34.0 → v1.39.0 Contrib instrumentation (opentelemetry-go-contrib): - go.opentelemetry.io/contrib/.../otelhttp: v0.61.0 → v0.64.0 - go.opentelemetry.io/contrib/.../otelrestful: v0.44.0 → v0.64.0 Protocol definitions (opentelemetry-proto-go): - go.opentelemetry.io/proto/otlp: v1.5.0 → v1.9.0 Notable changes: - Go 1.24 is now the minimum required version (Go 1.23 support dropped) for OTEL components - Performance: ~4x improvement in histogram concurrent operations; xxhash replaces fnv for attribute hashing - Fixed goroutine leak in span processors when context is canceled - otelrestful migrated semantic conventions from v1.20.0 to v1.34.0 (e.g., http.method → http.request.method) - Partial OTLP export errors now surfaced instead of being silently dropped - otelrestful no longer depends on json-iterator/go, modern-go/concurrent, or modern-go/reflect2; unwanted-dependencies.json updated accordingly Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-01-20 18:24:44 -05:00
Kubernetes Prow Robot	8f76dbf79b	Merge pull request #136227 from dims/update-grpc-ecosystem-deps-jan2026 Update gRPC ecosystem dependencies	2026-01-20 22:41:26 +05:30
carlory	299ec97e6f	run hack/update-vendor.sh Signed-off-by: carlory <baofa.fan@daocloud.io>	2026-01-19 11:35:30 +08:00
Davanum Srinivas	f727e938dc	Update gRPC ecosystem dependencies Update the gRPC ecosystem to pick up performance improvements, bug fixes, and maintain compatibility with the latest protobuf and OpenTelemetry releases. Notable changes in grpc v1.78.0: - mem.Reader interface changed to struct - Legacy pick_first load balancer policy removed (pickfirstleaf) - Improved connection state management Updated dependencies: - grpc-gateway/v2: v2.27.4 (2025-12-26) - go-grpc-middleware/v2: v2.3.3 (2025-11-04) - go-grpc-middleware/providers/prometheus: v1.1.0 (2025-06-16) - google.golang.org/grpc: v1.78.0 (2025-12-23) - genproto/googleapis/api: v0.0.0-20260112192933-99fd39fd28a9 (2026-01-12) - genproto/googleapis/rpc: v0.0.0-20260112192933-99fd39fd28a9 (2026-01-12) Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-01-16 07:20:17 -05:00
Davanum Srinivas	5b478645cd	Update security and stability dependencies This PR updates several dependencies addressing security vulnerabilities, stability fixes, and authentication improvements. - golang.org/x/crypto: v0.46.0 -> v0.47.0 - Includes latest X509 root certificate bundle updates - Security hardening for cryptographic operations - Foundation dependency for TLS and authentication - github.com/golang-jwt/jwt/v5: v5.2.2 -> v5.3.0 - IMPORTANT: v5.2.2 patched vulnerability GHSA-mh63-6h87-95cp (token validation security issue) - this update ensures we have the fix - Adds multiple audience validation support for JWT tokens - Go 1.21 minimum requirement (code modernization) - Replaced legacy interface{} with modern any keyword - golang.org/x/net: v0.48.0 -> v0.49.0 - HTTP/2 priority scheduler improvements (RFC 9218) - WebSocket security enhancements - Network layer stability fixes - go.uber.org/zap: v1.27.0 -> v1.27.1 - Fix: Prevent Object from panicking on nils (PR #1501) - Fix: Race condition in WithLazy (PR #1511) - Both fixes improve logging stability in concurrent scenarios - github.com/godbus/dbus/v5: v5.2.0 -> v5.2.2 - Security: Disabled SHA1 authentication by default on non-Windows platforms (v5.2.0 change now inherited) - Performance: Multiple optimizations reducing memory allocations - Fix: Alignment issues in decoder operations - Fix: Allow more than 32 containers/struct fields in a signature Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-01-15 19:57:11 -05:00
Davanum Srinivas	050c786014	Update vendored dependencies: cadvisor, containerd, runtime-spec, selinux Update the following vendored dependencies: - github.com/google/cadvisor: v0.55.1 -> v0.56.0 - github.com/containerd/containerd/api: v1.9.0 -> v1.10.0 - github.com/opencontainers/runtime-spec: v1.2.1 -> v1.3.0 - github.com/opencontainers/selinux: v1.13.0 -> v1.13.1 cadvisor v0.56.0 changes: - Add s390x (IBM Z/mainframe) CPU topology support with NumBooks and NumDrawers fields in MachineInfo - Add new Prometheus metrics: machine_cpu_books and machine_cpu_drawers - Add standard deviation (Std) field to Percentiles for resource statistics - Add sysfs constants CPUBookID and CPUDrawerID for s390x topology detection containerd/api v1.10.0 changes: - Add ActiveMount message type for tracking mounts with timestamps - Add ActivationInfo message for mount management and lifecycle tracking runtime-spec v1.3.0 changes (from ChangeLog): - Add FreeBSD platform support with new Spec.FreeBSD field - Add netDevices object for moving network devices to container namespaces - Add memoryPolicy object for NUMA memory policy configuration - Add hwConfig object for VM-based containers (vcpus, memory, device-tree) - Add iomems for hardware I/O memory page access in VMs - Add intelRdt.schemata and intelRdt.enableMonitoring fields - Change LinuxPids.Limit to pointer type for optional handling - Clarify intelRdt configuration and pids cgroup settings Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-01-15 10:26:13 -05:00
Davanum Srinivas	c825d80bbf	Update security-critical authentication and protobuf dependencies This PR updates security-critical dependencies addressing authentication and data parsing vulnerabilities. Authentication Security: - github.com/coreos/go-oidc: v2.3.0 -> v2.5.0 - Security fix: Now verifies token signature BEFORE validating payload - Prevents potential processing of tampered tokens before cryptographic verification - github.com/cyphar/filepath-securejoin: v0.6.0 -> v0.6.1 - Security fix: Fixed seccomp fallback logic - library now properly falls back to safer O_PATH resolver when openat2(2) is denied by seccomp-bpf - Fixed file descriptor leak in openat2 wrapper during RESOLVE_IN_ROOT - cyphar.com/go-pathrs: v0.2.1 -> v0.2.2 - Companion update to filepath-securejoin Protobuf Security: - google.golang.org/protobuf: v1.36.8 -> v1.36.11 - Security fix: Added recursion limit check in lazy decoding validation - Prevents potential stack exhaustion attacks via maliciously crafted protobuf messages - Also adds support for URL chars in type URLs in text-format These updates are critical for: - OIDC authentication in kube-apiserver - Container filesystem path resolution (used by container runtimes) - Protobuf message parsing throughout the codebase Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2026-01-13 16:56:16 -05:00
Patrick Ohly	f8a0c80ed8	dependencies: ginkgo v2.27.4, gomega v1.39.0 Latest release of both. The CurrentTreeConstructionNodeReport fix is needed before being able to use it in the E2E framework.	2026-01-08 17:16:05 +01:00
Davanum Srinivas	95cf1f264d	Update to github.com/google/cadvisor v0.55.1 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2025-12-21 08:13:06 -05:00
Davanum Srinivas	60cce0abd0	updated to last known good dependencies for otelgrpc and dbus Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2025-12-20 15:32:11 -05:00
Kubernetes Prow Robot	268bdbe214	Merge pull request #135836 from pohly/ginkgo-gomega-update dependencies: ginkgo v2.27.3 + gomega v1.38.3	2025-12-19 08:36:39 -08:00
Kubernetes Prow Robot	0ea3824860	Merge pull request #135845 from skitt/drop-armon-circbuf Replace armon/circbuf with k8s.io/utils/buffer	2025-12-19 07:40:37 -08:00
Patrick Ohly	db841afdbb	dependencies: ginkgo v2.27.3 + gomega v1.38.3 This fixes some issues found in Kubernetes (data race in ginkgo CLI, gomega formatting) and helps with diagnosing OOM killing in CI jobs (exit status of processes). The modified gomega formatting shows up in some of the output tests for the E2E framework. They get updated accordingly.	2025-12-19 10:37:54 +01:00
Stephen Kitt	3653ae2b9a	Replace armon/circbuf with k8s.io/utils/buffer This uses the new generic fixed ring implementation in k8s.io/utils. Signed-off-by: Stephen Kitt <skitt@redhat.com>	2025-12-19 09:59:41 +01:00
Ciprian Hacman	aa5b4e0f78	hack/update-vendor.sh	2025-12-18 18:15:15 +02:00
Davanum Srinivas	ab1ffaf12e	move httpcache to third_party/forked Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2025-12-18 08:18:57 -05:00
Kubernetes Prow Robot	5eecce635d	Merge pull request #135748 from princepereira/ppereira-vendoring-hnslib-v012 Update vendored hnslib to v0.1.2	2025-12-18 02:10:30 -08:00
Kubernetes Prow Robot	df610f8cee	Merge pull request #135538 from dims/drop-usates-of-archived-dependency-grpc-ecosystem/go-grpc-prometheus Drop usages of archived dependency - github.com/grpc-ecosystem/go-grpc-prometheus	2025-12-17 23:27:30 -08:00
Prince Pereira	832e342c01	Update vendored hnslib to v0.1.2	2025-12-16 12:50:35 +00:00
Davanum Srinivas	1240604ebf	Drop usages of archived dependency - github.com/grpc-ecosystem/go-grpc-prometheus Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2025-12-01 20:53:55 -05:00
Davanum Srinivas	1569ebc5a6	Bump github.com/opencontainers/cgroups to v0.0.6 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2025-11-28 16:22:46 -05:00
Benjamin Elder	1ce140d105	update github.com/opencontainers/selinux to v1.13.0	2025-11-12 14:46:31 +00:00
Kubernetes Prow Robot	f38a61181c	Merge pull request #133968 from yashsingh74/bump-coredns-1.12.4 Update coredns to v1.13.1	2025-11-06 20:38:54 -08:00
Patrick Ohly	6034321603	dependencies: ginkgo v2.27.2, gomega v1.38.2 Specifically the new AddTreeConstructionNodeArgsTransformer and SpecPriority in Ginkgo will be useful. Gomega gets updated to keep up-to-date.	2025-11-01 09:52:09 +01:00
Yash	fface8ebfc	Bump coredns version 1.13.1 Signed-off-by: Yash <yashsingh1774@gmail.com>	2025-10-16 16:58:52 +05:30
yashsingh74	4347d4be81	Update coredns to v1.12.4 Signed-off-by: yashsingh74 <yashsingh1774@gmail.com>	2025-09-26 08:51:35 +05:30
Kubernetes Prow Robot	1d80f35350	Merge pull request #132791 from bitoku/cpu-weight Update pod resize test to accept new cpu.weight conversion.	2025-09-11 16:20:08 -07:00
Davanum Srinivas	bdfca587f4	update prometheus' client_golang and common packages	2025-09-09 15:43:08 -04:00
Davanum Srinivas	a41de8771a	Bump github.com/spf13/cobra v1.10.0	2025-09-01 11:21:11 -04:00
Davanum Srinivas	6ddf6261d4	Update to spf13/pflag to prevent CI break	2025-09-01 08:21:12 -04:00

1 2 3 4 5 ...

1246 commits