From 5e8a84f2e11d3b56ed00112515afb2b3b29a65af Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 29 May 2026 20:03:31 +0000 Subject: [PATCH] Bump github.com/prometheus/common from 0.67.5 to 0.68.0 Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.67.5 to 0.68.0. - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/common/compare/v0.67.5...v0.68.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-version: 0.68.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 8 ++--- go.sum | 16 +++++----- vendor/github.com/golang-jwt/jwt/v5/README.md | 11 +++---- .../golang-jwt/jwt/v5/VERSION_HISTORY.md | 2 +- vendor/github.com/golang-jwt/jwt/v5/parser.go | 24 ++++++++------- .../golang-jwt/jwt/v5/parser_option.go | 12 ++++++-- vendor/github.com/golang-jwt/jwt/v5/token.go | 6 ++-- .../github.com/golang-jwt/jwt/v5/validator.go | 8 +++-- .../prometheus/common/config/http_config.go | 30 ++++++++++++++----- .../common/expfmt/openmetrics_create.go | 26 +--------------- .../prometheus/common/model/metric.go | 9 ------ .../prometheus/common/version/info.go | 18 +++++++++++ vendor/golang.org/x/net/http2/http2.go | 16 ++++++---- vendor/golang.org/x/net/http2/server.go | 2 ++ vendor/golang.org/x/net/http2/transport.go | 8 ----- vendor/golang.org/x/net/http2/writesched.go | 6 ++++ .../net/http2/writesched_priority_rfc7540.go | 5 ++++ .../x/net/http2/writesched_random.go | 2 ++ vendor/modules.txt | 12 ++++---- 19 files changed, 123 insertions(+), 98 deletions(-) diff --git a/go.mod b/go.mod index 347c573..2d84380 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/kubeservice-stack/common v1.9.1 github.com/montanaflynn/stats v0.9.0 github.com/prometheus/client_golang v1.23.2 - github.com/prometheus/common v0.67.5 + github.com/prometheus/common v0.68.0 github.com/prometheus/exporter-toolkit v0.16.0 github.com/prometheus/procfs v0.20.1 github.com/stretchr/testify v1.11.1 @@ -25,7 +25,7 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/coreos/go-systemd/v22 v22.7.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/golang-jwt/jwt/v5 v5.3.0 // indirect + github.com/golang-jwt/jwt/v5 v5.3.1 // indirect github.com/google/uuid v1.6.0 // indirect github.com/jpillora/backoff v1.0.0 // indirect github.com/mattn/go-isatty v0.0.20 // indirect @@ -42,8 +42,8 @@ require ( go.uber.org/zap v1.27.0 // indirect go.yaml.in/yaml/v2 v2.4.4 // indirect golang.org/x/crypto v0.49.0 // indirect - golang.org/x/net v0.51.0 // indirect - golang.org/x/oauth2 v0.34.0 // indirect + golang.org/x/net v0.52.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect golang.org/x/sync v0.20.0 // indirect golang.org/x/text v0.35.0 // indirect golang.org/x/time v0.15.0 // indirect diff --git a/go.sum b/go.sum index 598cb6c..e1921a3 100644 --- a/go.sum +++ b/go.sum @@ -16,8 +16,8 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= -github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= +github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY= +github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -58,8 +58,8 @@ github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg= github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk= github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE= -github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4= -github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw= +github.com/prometheus/common v0.68.0 h1:8rQJvQmYltsR2L7h8Zw0Iyj8WYNNmpwikoQTZXwfVeA= +github.com/prometheus/common v0.68.0/go.mod h1:4soH+U8yJSROk7OJ//hmTiWKsxapv6zRGgTt3keN8gQ= github.com/prometheus/exporter-toolkit v0.16.0 h1:xT/j7L2XKF+VJd6B4fpUw6xWabHrSmsUf6mYmFqyu0s= github.com/prometheus/exporter-toolkit v0.16.0/go.mod h1:d1EL8Z9674xQe/iWhwP2wDyCEoBPbXVeqDbqAUsgJWY= github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc= @@ -92,10 +92,10 @@ golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU= golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= -golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo= -golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y= -golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= -golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= +golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4= golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/vendor/github.com/golang-jwt/jwt/v5/README.md b/vendor/github.com/golang-jwt/jwt/v5/README.md index 0bb636f..17e7ea7 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/README.md +++ b/vendor/github.com/golang-jwt/jwt/v5/README.md @@ -140,11 +140,12 @@ A common use case would be integrating with different 3rd party signature providers, like key management services from various cloud providers or Hardware Security Modules (HSMs) or to implement additional standards. -| Extension | Purpose | Repo | -| --------- | -------------------------------------------------------------------------------------------------------- | ------------------------------------------ | -| GCP | Integrates with multiple Google Cloud Platform signing tools (AppEngine, IAM API, Cloud KMS) | https://github.com/someone1/gcp-jwt-go | -| AWS | Integrates with AWS Key Management Service, KMS | https://github.com/matelang/jwt-go-aws-kms | -| JWKS | Provides support for JWKS ([RFC 7517](https://datatracker.ietf.org/doc/html/rfc7517)) as a `jwt.Keyfunc` | https://github.com/MicahParks/keyfunc | +| Extension | Purpose | Repo | +| --------- | -------------------------------------------------------------------------------------------------------- | ------------------------------------------------- | +| GCP | Integrates with multiple Google Cloud Platform signing tools (AppEngine, IAM API, Cloud KMS) | https://github.com/someone1/gcp-jwt-go | +| AWS | Integrates with AWS Key Management Service, KMS | https://github.com/matelang/jwt-go-aws-kms | +| JWKS | Provides support for JWKS ([RFC 7517](https://datatracker.ietf.org/doc/html/rfc7517)) as a `jwt.Keyfunc` | https://github.com/MicahParks/keyfunc | +| TPM | Integrates with Trusted Platform Module (TPM) | https://github.com/salrashid123/golang-jwt-tpm | *Disclaimer*: Unless otherwise specified, these integrations are maintained by third parties and should not be considered as a primary offer by any of the diff --git a/vendor/github.com/golang-jwt/jwt/v5/VERSION_HISTORY.md b/vendor/github.com/golang-jwt/jwt/v5/VERSION_HISTORY.md index b5039e4..e39ca8e 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/VERSION_HISTORY.md +++ b/vendor/github.com/golang-jwt/jwt/v5/VERSION_HISTORY.md @@ -97,7 +97,7 @@ Backwards compatible API change that was missed in 2.0.0. There were two major reasons for breaking backwards compatibility with this update. The first was a refactor required to expand the width of the RSA and HMAC-SHA signing implementations. There will likely be no required code changes to support this change. -The second update, while unfortunately requiring a small change in integration, is required to open up this library to other signing methods. Not all keys used for all signing methods have a single standard on-disk representation. Requiring `[]byte` as the type for all keys proved too limiting. Additionally, this implementation allows for pre-parsed tokens to be reused, which might matter in an application that parses a high volume of tokens with a small set of keys. Backwards compatibilty has been maintained for passing `[]byte` to the RSA signing methods, but they will also accept `*rsa.PublicKey` and `*rsa.PrivateKey`. +The second update, while unfortunately requiring a small change in integration, is required to open up this library to other signing methods. Not all keys used for all signing methods have a single standard on-disk representation. Requiring `[]byte` as the type for all keys proved too limiting. Additionally, this implementation allows for pre-parsed tokens to be reused, which might matter in an application that parses a high volume of tokens with a small set of keys. Backwards compatibility has been maintained for passing `[]byte` to the RSA signing methods, but they will also accept `*rsa.PublicKey` and `*rsa.PrivateKey`. It is likely the only integration change required here will be to change `func(t *jwt.Token) ([]byte, error)` to `func(t *jwt.Token) (interface{}, error)` when calling `Parse`. diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go index 054c7eb..5f80396 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/parser.go +++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go @@ -76,13 +76,6 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf } } - // Decode signature - token.Signature, err = p.DecodeSegment(parts[2]) - if err != nil { - return token, newError("could not base64 decode signature", ErrTokenMalformed, err) - } - text := strings.Join(parts[0:2], ".") - // Lookup key(s) if keyFunc == nil { // keyFunc was not provided. short circuiting validation @@ -94,11 +87,14 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf return token, newError("error while executing keyfunc", ErrTokenUnverifiable, err) } + // Join together header and claims in order to verify them with the signature + text := strings.Join(parts[0:2], ".") switch have := got.(type) { case VerificationKeySet: if len(have.Keys) == 0 { return token, newError("keyfunc returned empty verification key set", ErrTokenUnverifiable) } + // Iterate through keys and verify signature, skipping the rest when a match is found. // Return the last error if no match is found. for _, key := range have.Keys { @@ -131,7 +127,7 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf return token, nil } -// ParseUnverified parses the token but doesn't validate the signature. +// ParseUnverified parses the token but does not validate the signature. // // WARNING: Don't use this method unless you know what you're doing. // @@ -146,7 +142,7 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke token = &Token{Raw: tokenString} - // parse Header + // Parse Header var headerBytes []byte if headerBytes, err = p.DecodeSegment(parts[0]); err != nil { return token, parts, newError("could not base64 decode header", ErrTokenMalformed, err) @@ -155,7 +151,7 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke return token, parts, newError("could not JSON decode header", ErrTokenMalformed, err) } - // parse Claims + // Parse Claims token.Claims = claims claimBytes, err := p.DecodeSegment(parts[1]) @@ -196,6 +192,12 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke return token, parts, newError("signing method (alg) is unspecified", ErrTokenUnverifiable) } + // Parse token signature + token.Signature, err = p.DecodeSegment(parts[2]) + if err != nil { + return token, parts, newError("could not base64 decode signature", ErrTokenMalformed, err) + } + return token, parts, nil } @@ -216,7 +218,7 @@ func splitToken(token string) ([]string, bool) { parts[1] = claims // One more cut to ensure the signature is the last part of the token and there are no more // delimiters. This avoids an issue where malicious input could contain additional delimiters - // causing unecessary overhead parsing tokens. + // causing unnecessary overhead parsing tokens. signature, _, unexpected := strings.Cut(remain, tokenDelimiter) if unexpected { return nil, false diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go b/vendor/github.com/golang-jwt/jwt/v5/parser_option.go index 4315735..af42fd3 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go +++ b/vendor/github.com/golang-jwt/jwt/v5/parser_option.go @@ -3,9 +3,7 @@ package jwt import "time" // ParserOption is used to implement functional-style options that modify the -// behavior of the parser. To add new options, just create a function (ideally -// beginning with With or Without) that returns an anonymous function that takes -// a *Parser type as input and manipulates its configuration accordingly. +// behavior of the parser. type ParserOption func(*Parser) // WithValidMethods is an option to supply algorithm methods that the parser @@ -66,6 +64,14 @@ func WithExpirationRequired() ParserOption { } } +// WithNotBeforeRequired returns the ParserOption to make nbf claim required. +// By default nbf claim is optional. +func WithNotBeforeRequired() ParserOption { + return func(p *Parser) { + p.validator.requireNbf = true + } +} + // WithAudience configures the validator to require any of the specified // audiences in the `aud` claim. Validation will fail if the audience is not // listed in the token or the `aud` claim is missing. diff --git a/vendor/github.com/golang-jwt/jwt/v5/token.go b/vendor/github.com/golang-jwt/jwt/v5/token.go index 3f71558..d9f6c9d 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/token.go +++ b/vendor/github.com/golang-jwt/jwt/v5/token.go @@ -32,8 +32,8 @@ type Token struct { Method SigningMethod // Method is the signing method used or to be used Header map[string]any // Header is the first segment of the token in decoded form Claims Claims // Claims is the second segment of the token in decoded form - Signature []byte // Signature is the third segment of the token in decoded form. Populated when you Parse a token - Valid bool // Valid specifies if the token is valid. Populated when you Parse/Verify a token + Signature []byte // Signature is the third segment of the token in decoded form. Populated when you [Parse] or sign a token + Valid bool // Valid specifies if the token is valid. Populated when you [Parse] a token } // New creates a new [Token] with the specified signing method and an empty map @@ -71,6 +71,8 @@ func (t *Token) SignedString(key any) (string, error) { return "", err } + t.Signature = sig + return sstr + "." + t.EncodeSegment(sig), nil } diff --git a/vendor/github.com/golang-jwt/jwt/v5/validator.go b/vendor/github.com/golang-jwt/jwt/v5/validator.go index 92b5c05..c82dfca 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/validator.go +++ b/vendor/github.com/golang-jwt/jwt/v5/validator.go @@ -44,6 +44,9 @@ type Validator struct { // requireExp specifies whether the exp claim is required requireExp bool + // requireNbf specifies whether the nbf claim is required + requireNbf bool + // verifyIat specifies whether the iat (Issued At) claim will be verified. // According to https://www.rfc-editor.org/rfc/rfc7519#section-4.1.6 this // only specifies the age of the token, but no validation check is @@ -111,8 +114,9 @@ func (v *Validator) Validate(claims Claims) error { } // We always need to check not-before, but usage of the claim itself is - // OPTIONAL. - if err = v.verifyNotBefore(claims, now, false); err != nil { + // OPTIONAL by default. requireNbf overrides this behavior and makes + // the nbf claim mandatory. + if err = v.verifyNotBefore(claims, now, v.requireNbf); err != nil { errs = append(errs, err) } diff --git a/vendor/github.com/prometheus/common/config/http_config.go b/vendor/github.com/prometheus/common/config/http_config.go index 55cc5b0..7089fc7 100644 --- a/vendor/github.com/prometheus/common/config/http_config.go +++ b/vendor/github.com/prometheus/common/config/http_config.go @@ -717,7 +717,7 @@ func NewRoundTripperFromConfigWithContext(ctx context.Context, cfg HTTPClientCon return nil, fmt.Errorf("unable to use client secret: %w", err) } } - rt = NewOAuth2RoundTripper(oauthCredential, cfg.OAuth2, rt, &opts) + rt = NewOAuth2RoundTripper(oauthCredential, cfg.OAuth2, rt, optFuncs...) } if cfg.HTTPHeaders != nil { @@ -942,16 +942,26 @@ type oauth2RoundTripper struct { client *http.Client } -func NewOAuth2RoundTripper(oauthCredential SecretReader, config *OAuth2, next http.RoundTripper, opts *httpClientOptions) http.RoundTripper { +// NewOAuth2RoundTripper returns a round tripper that performs OAuth2 +// authentication. The opts variadic parameter accepts any HTTPClientOption +// (e.g. WithDialContextFunc, WithKeepAlivesDisabled) so that callers outside +// this package can fully configure the transport without needing access to the +// unexported *httpClientOptions type. +func NewOAuth2RoundTripper(oauthCredential SecretReader, config *OAuth2, next http.RoundTripper, optFuncs ...HTTPClientOption) http.RoundTripper { if oauthCredential == nil { oauthCredential = NewInlineSecret("") } + opts := defaultHTTPClientOptions + for _, opt := range optFuncs { + opt.applyToHTTPClientOptions(&opts) + } + return &oauth2RoundTripper{ config: config, // A correct tokenSource will be added later on. lastRT: &oauth2.Transport{Base: next}, - opts: opts, + opts: &opts, oauthCredential: oauthCredential, } } @@ -977,6 +987,7 @@ func (rt *oauth2RoundTripper) newOauth2TokenSource(req *http.Request, clientCred IdleConnTimeout: 10 * time.Second, TLSHandshakeTimeout: 10 * time.Second, ExpectContinueTimeout: 1 * time.Second, + DialContext: rt.opts.dialContextFunc, }, nil } @@ -1053,6 +1064,12 @@ func (rt *oauth2RoundTripper) RoundTrip(req *http.Request) (*http.Response, erro needsInit bool ) + // This should not happen when config goes through the normal Prometheus + // validation path, but guard against a nil credential to avoid a panic. + if rt.oauthCredential == nil { + return nil, errors.New("oauth2 client secret is required") + } + rt.mtx.RLock() secret = rt.lastSecret needsInit = rt.lastRT.Source == nil @@ -1460,7 +1477,7 @@ func (t *tlsRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { rt := t.rt t.mtx.RUnlock() if equal { - // The CA cert hasn't changed, use the existing RoundTripper. + // The TLS materials (CA, cert, key) haven't changed, use the existing RoundTripper. return rt.RoundTrip(req) } @@ -1468,10 +1485,7 @@ func (t *tlsRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { // The cert and key files are read separately by the client // using GetClientCertificate. tlsConfig := t.tlsConfig.Clone() - if !updateRootCA(tlsConfig, caData) { - if t.settings.CA == nil { - return nil, errors.New("unable to use specified CA cert: none configured") - } + if t.settings.CA != nil && !updateRootCA(tlsConfig, caData) { return nil, fmt.Errorf("unable to use specified CA cert %s", t.settings.CA.Description()) } rt, err = t.newRT(tlsConfig) diff --git a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go index 21b93bc..0480e7a 100644 --- a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go +++ b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go @@ -30,7 +30,6 @@ import ( type encoderOption struct { withCreatedLines bool - withUnit bool } type EncoderOption func(*encoderOption) @@ -51,17 +50,6 @@ func WithCreatedLines() EncoderOption { } } -// WithUnit is an EncoderOption enabling a set unit to be written to the output -// and to be added to the metric name, if it's not there already, as a suffix. -// Without opting in this way, the unit will not be added to the metric name and, -// on top of that, the unit will not be passed onto the output, even if it -// were declared in the *dto.MetricFamily struct, i.e. even if in.Unit !=nil. -func WithUnit() EncoderOption { - return func(t *encoderOption) { - t.withUnit = true - } -} - // MetricFamilyToOpenMetrics converts a MetricFamily proto message into the // OpenMetrics text format and writes the resulting lines to 'out'. It returns // the number of bytes written and any error encountered. The output will have @@ -99,15 +87,6 @@ func WithUnit() EncoderOption { // its type will be set to `unknown` in that case to avoid invalid OpenMetrics // output. // -// - According to the OM specs, the `# UNIT` line is optional, but if populated, -// the unit has to be present in the metric name as its suffix: -// (see https://github.com/prometheus/OpenMetrics/blob/v1.0.0/specification/OpenMetrics.md#unit). -// However, in order to accommodate any potential scenario where such a change in the -// metric name is not desirable, the users are here given the choice of either explicitly -// opt in, in case they wish for the unit to be included in the output AND in the metric name -// as a suffix (see the description of the WithUnit function above), -// or not to opt in, in case they don't want for any of that to happen. -// // - No support for the following (optional) features: info type, // stateset type, gaugehistogram type. // @@ -151,9 +130,6 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E if metricType == dto.MetricType_COUNTER && strings.HasSuffix(compliantName, "_total") { compliantName = name[:len(name)-6] } - if toOM.withUnit && in.Unit != nil && !strings.HasSuffix(compliantName, "_"+*in.Unit) { - compliantName = compliantName + "_" + *in.Unit - } // Comments, first HELP, then TYPE. if in.Help != nil { @@ -217,7 +193,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E if err != nil { return written, err } - if toOM.withUnit && in.Unit != nil { + if in.Unit != nil { n, err = w.WriteString("# UNIT ") written += n if err != nil { diff --git a/vendor/github.com/prometheus/common/model/metric.go b/vendor/github.com/prometheus/common/model/metric.go index 3feebf3..429a0da 100644 --- a/vendor/github.com/prometheus/common/model/metric.go +++ b/vendor/github.com/prometheus/common/model/metric.go @@ -24,7 +24,6 @@ import ( "unicode/utf8" dto "github.com/prometheus/client_model/go" - "go.yaml.in/yaml/v2" "google.golang.org/protobuf/proto" ) @@ -78,14 +77,6 @@ const ( UTF8Validation ) -var _ interface { - yaml.Marshaler - yaml.Unmarshaler - json.Marshaler - json.Unmarshaler - fmt.Stringer -} = new(ValidationScheme) - // String returns the string representation of s. func (s ValidationScheme) String() string { switch s { diff --git a/vendor/github.com/prometheus/common/version/info.go b/vendor/github.com/prometheus/common/version/info.go index 61ed1ba..112f355 100644 --- a/vendor/github.com/prometheus/common/version/info.go +++ b/vendor/github.com/prometheus/common/version/info.go @@ -79,6 +79,24 @@ func BuildContext() string { return fmt.Sprintf("(go=%s, platform=%s, user=%s, date=%s, tags=%s)", GoVersion, GoOS+"/"+GoArch, BuildUser, BuildDate, GetTags()) } +// Slog returns a slice of strings for use with structured logging. +// +// Example: +// logger := promslog.New(promslog.Config{}) +// logger.Info("Starting Prometheus Server", version.Slog()...) +func Slog() []any { + return []any{ + "version", Version, + "revision", Revision, + "branch", Branch, + "builduser", BuildUser, + "builddate", BuildDate, + "goversion", GoVersion, + "goos", GoOS, + "goarch", GoArch, + } +} + func GetRevision() string { if Revision != "" { return Revision diff --git a/vendor/golang.org/x/net/http2/http2.go b/vendor/golang.org/x/net/http2/http2.go index 6320f4e..0b99d83 100644 --- a/vendor/golang.org/x/net/http2/http2.go +++ b/vendor/golang.org/x/net/http2/http2.go @@ -4,13 +4,17 @@ // Package http2 implements the HTTP/2 protocol. // -// This package is low-level and intended to be used directly by very -// few people. Most users will use it indirectly through the automatic -// use by the net/http package (from Go 1.6 and later). -// For use in earlier Go versions see ConfigureServer. (Transport support -// requires Go 1.6 or later) +// Almost no users should need to import this package directly. +// The net/http package supports HTTP/2 natively. // -// See https://http2.github.io/ for more information on HTTP/2. +// To enable or disable HTTP/2 support in net/http clients and servers, see +// [http.Transport.Protocols] and [http.Server.Protocols]. +// +// To configure HTTP/2 parameters, see +// [http.Transport.HTTP2] and [http.Server.HTTP2]. +// +// To create HTTP/1 or HTTP/2 connections, see +// [http.Transport.NewClientConn]. package http2 // import "golang.org/x/net/http2" import ( diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go index 7ef807f..65da517 100644 --- a/vendor/golang.org/x/net/http2/server.go +++ b/vendor/golang.org/x/net/http2/server.go @@ -164,6 +164,8 @@ type Server struct { // NewWriteScheduler constructs a write scheduler for a connection. // If nil, a default scheduler is chosen. + // + // Deprecated: User-provided write schedulers are deprecated. NewWriteScheduler func() WriteScheduler // CountError, if non-nil, is called on HTTP/2 server errors. diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go index 8cf64b7..2e9c2f6 100644 --- a/vendor/golang.org/x/net/http2/transport.go +++ b/vendor/golang.org/x/net/http2/transport.go @@ -712,10 +712,6 @@ func canRetryError(err error) bool { return true } if se, ok := err.(StreamError); ok { - if se.Code == ErrCodeProtocol && se.Cause == errFromPeer { - // See golang/go#47635, golang/go#42777 - return true - } return se.Code == ErrCodeRefusedStream } return false @@ -3233,10 +3229,6 @@ func (gz *gzipReader) Close() error { return gz.body.Close() } -type errorReader struct{ err error } - -func (r errorReader) Read(p []byte) (int, error) { return 0, r.err } - // isConnectionCloseRequest reports whether req should use its own // connection for a single request and then close the connection. func isConnectionCloseRequest(req *http.Request) bool { diff --git a/vendor/golang.org/x/net/http2/writesched.go b/vendor/golang.org/x/net/http2/writesched.go index 7de27be..551545f 100644 --- a/vendor/golang.org/x/net/http2/writesched.go +++ b/vendor/golang.org/x/net/http2/writesched.go @@ -8,6 +8,8 @@ import "fmt" // WriteScheduler is the interface implemented by HTTP/2 write schedulers. // Methods are never called concurrently. +// +// Deprecated: User-provided write schedulers are deprecated. type WriteScheduler interface { // OpenStream opens a new stream in the write scheduler. // It is illegal to call this with streamID=0 or with a streamID that is @@ -38,6 +40,8 @@ type WriteScheduler interface { } // OpenStreamOptions specifies extra options for WriteScheduler.OpenStream. +// +// Deprecated: User-provided write schedulers are deprecated. type OpenStreamOptions struct { // PusherID is zero if the stream was initiated by the client. Otherwise, // PusherID names the stream that pushed the newly opened stream. @@ -47,6 +51,8 @@ type OpenStreamOptions struct { } // FrameWriteRequest is a request to write a frame. +// +// Deprecated: User-provided write schedulers are deprecated. type FrameWriteRequest struct { // write is the interface value that does the writing, once the // WriteScheduler has selected this frame to write. The write diff --git a/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go b/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go index 7803a92..c3d3e9b 100644 --- a/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go +++ b/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go @@ -14,6 +14,8 @@ import ( const priorityDefaultWeightRFC7540 = 15 // 16 = 15 + 1 // PriorityWriteSchedulerConfig configures a priorityWriteScheduler. +// +// Deprecated: User-provided write schedulers are deprecated. type PriorityWriteSchedulerConfig struct { // MaxClosedNodesInTree controls the maximum number of closed streams to // retain in the priority tree. Setting this to zero saves a small amount @@ -55,6 +57,9 @@ type PriorityWriteSchedulerConfig struct { // NewPriorityWriteScheduler constructs a WriteScheduler that schedules // frames by following HTTP/2 priorities as described in RFC 7540 Section 5.3. // If cfg is nil, default options are used. +// +// Deprecated: The RFC 7540 write scheduler has known bugs and performance issues, +// and RFC 7540 prioritization was deprecated in RFC 9113. func NewPriorityWriteScheduler(cfg *PriorityWriteSchedulerConfig) WriteScheduler { return newPriorityWriteSchedulerRFC7540(cfg) } diff --git a/vendor/golang.org/x/net/http2/writesched_random.go b/vendor/golang.org/x/net/http2/writesched_random.go index f2e55e0..d5d4e22 100644 --- a/vendor/golang.org/x/net/http2/writesched_random.go +++ b/vendor/golang.org/x/net/http2/writesched_random.go @@ -10,6 +10,8 @@ import "math" // priorities. Control frames like SETTINGS and PING are written before DATA // frames, but if no control frames are queued and multiple streams have queued // HEADERS or DATA frames, Pop selects a ready stream arbitrarily. +// +// Deprecated: User-provided write schedulers are deprecated. func NewRandomWriteScheduler() WriteScheduler { return &randomWriteScheduler{sq: make(map[uint32]*writeQueue)} } diff --git a/vendor/modules.txt b/vendor/modules.txt index 031f18e..09f3356 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -23,7 +23,7 @@ github.com/coreos/go-systemd/v22/activation # github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc ## explicit github.com/davecgh/go-spew/spew -# github.com/golang-jwt/jwt/v5 v5.3.0 +# github.com/golang-jwt/jwt/v5 v5.3.1 ## explicit; go 1.21 github.com/golang-jwt/jwt/v5 # github.com/google/uuid v1.6.0 @@ -80,8 +80,8 @@ github.com/prometheus/client_golang/prometheus/promhttp/internal # github.com/prometheus/client_model v0.6.2 ## explicit; go 1.22.0 github.com/prometheus/client_model/go -# github.com/prometheus/common v0.67.5 -## explicit; go 1.24.0 +# github.com/prometheus/common v0.68.0 +## explicit; go 1.25.0 github.com/prometheus/common/config github.com/prometheus/common/expfmt github.com/prometheus/common/model @@ -133,7 +133,7 @@ golang.org/x/crypto/blowfish golang.org/x/exp/constraints golang.org/x/exp/maps golang.org/x/exp/slices -# golang.org/x/net v0.51.0 +# golang.org/x/net v0.52.0 ## explicit; go 1.25.0 golang.org/x/net/bpf golang.org/x/net/http/httpguts @@ -145,8 +145,8 @@ golang.org/x/net/internal/httpcommon golang.org/x/net/internal/httpsfv golang.org/x/net/internal/timeseries golang.org/x/net/trace -# golang.org/x/oauth2 v0.34.0 -## explicit; go 1.24.0 +# golang.org/x/oauth2 v0.36.0 +## explicit; go 1.25.0 golang.org/x/oauth2 golang.org/x/oauth2/clientcredentials golang.org/x/oauth2/internal