build(deps): bump the go-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the go-dependencies group with 7 updates in the / directory:

Package	From	To
github.com/beevik/etree	1.4.1	1.5.0
github.com/cilium/ebpf	0.16.0	0.17.3
github.com/jaypipes/ghw	0.13.0	0.14.0
github.com/klauspost/cpuid/v2	2.2.8	2.2.10
github.com/prometheus/client_golang	1.20.5	1.21.1
github.com/prometheus/prometheus	0.54.1	0.302.1
golang.org/x/sys	0.30.0	0.31.0

Updates github.com/beevik/etree from 1.4.1 to 1.5.0

Release notes

Sourced from github.com/beevik/etree's releases.

Release v1.5.0

Changes

• Added Element function CreateChild, which calls a continuation function after creating and adding a child element.

Fixes

• Removed a potential conflict between two ReadSettings values. When AttrSingleQuote is true, CanonicalAttrVal is forced to be false.

Changelog

Sourced from github.com/beevik/etree's changelog.

Release 1.5.0

Changes

• Added Element function CreateChild, which calls a continuation function after creating and adding a child element.

Fixes

• Removed a potential conflict between two ReadSettings values. When AttrSingleQuote is true, CanonicalAttrVal is forced to be false.

Commits

• 992bf5d Release v1.5.0
• 7cf4882 Add CreateChild to create elements with continuations
• 8965a48 Remove conflict between ReadSettings values
• See full diff in compare view

Updates github.com/cilium/ebpf from 0.16.0 to 0.17.3

Release notes

Sourced from github.com/cilium/ebpf's releases.

v0.17.3

Fixes for a data race in btf.Spec.Copy (thanks @​paulcacheux) and a buffer overflow when running 32-bit user space on a 64-bit kernel (thanks @​kolyshkin).

What's Changed

• build(deps): bump the docs group in /docs with 2 updates by @​dependabot in cilium/ebpf#1663
• build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 by @​dependabot in cilium/ebpf#1661
• docs: upgrade Python version to 3.13 by @​ti-mo in cilium/ebpf#1664
• build(deps): bump actions/github-script from 6 to 7 by @​dependabot in cilium/ebpf#1662
• internal/unix: add Errno wrapper for Windows by @​lmb in cilium/ebpf#1659
• internal/linux: use unix.Auxv by @​tklauser in cilium/ebpf#1665
• btf: read all line info records at once in parseLineInfoRecords by @​paulcacheux in cilium/ebpf#1657
• btf: fix data race in (*mutableTypes).copy by @​paulcacheux in cilium/ebpf#1673
• Fix ksym buffer overflow on 32 bit platforms by @​kolyshkin in cilium/ebpf#1660

Full Changelog: cilium/ebpf@v0.17.2...v0.17.3

v0.17.2

Another minor release to ship some bug fixes, notably for attaching bpf programs to symbols in kernel modules, and for reusing data sections across multiple Collections.

All users are encouraged to upgrade!

Features

• link: support for kprobe session by @​olsajiri in cilium/ebpf#1623
• bpf2go: optionally add suffix in output file names by @​mejedi in cilium/ebpf#1624

Bug Fixes

• prog: fix tautological AttachTo condition in ProgramSpec.kernelModule by @​brycekahle in cilium/ebpf#1640
• map: check MapReplacements compatibility after applying BPF_F_MMAPABLE by @​ti-mo in cilium/ebpf#1655

Other Changes

• features: make HaveProgramHelper more accurate by @​lmb in cilium/ebpf#1641
• CI: only allow importing x/sys/unix in internal/unix by @​lmb in cilium/ebpf#1648
• pin: fix a bunch of fd leaks in tests by @​lmb in cilium/ebpf#1651
• linker: do not copy instructions when there is no reference in flattenInstructions by @​paulcacheux in cilium/ebpf#1647
• kallsyms: fix fd leak in AssignAddresses and AssignModules by @​lmb in cilium/ebpf#1656
• add windows CI by @​lmb in cilium/ebpf#1650

Thanks to all who contributed and reported issues!

Full Changelog: cilium/ebpf@v0.17.1...v0.17.2

Hotfix: don't retry endlessly on verifier errors on kernels <6.4

During the prior removal of ProgramOptions.LogSize in v0.16, the tests weren't updated to exercise the retry logic. With the last-minute addition of ProgramOptions.LogSizeStart, a bug was introduced that would cause program loads to retry indefinitely without ever growing the buffer in case of a verifier error on kernels before 6.4. This is now fixed, and the tests were updated to exercise the retry logic.

• prog: fix shadowing log size variable in verifier log retry loop by @​ti-mo in cilium/ebpf#1635

... (truncated)

Commits

• 159dff1 Fix ksym buffer overrun on 32 bit platforms
• 0cd3acc btf: fix data race in (*mutableTypes).copy
• 1bcc12e btf: read all line info records in one go, instead of one by one
• b9d88ff btf: add simple benchmark for parseLineInfoRecords
• 8462e8f internal/linux: use unix.Auxv
• efec6c7 internal/unix: add Errno wrapper for Windows
• 4d6df6f ci: fix github-script v7 incompatibility
• 7ef96d1 build(deps): bump actions/github-script from 6 to 7
• e4dd347 docs: upgrade Python version to 3.13
• ded9cb4 build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0
• Additional commits viewable in compare view

Updates github.com/jaypipes/ghw from 0.13.0 to 0.14.0

Release notes

Sourced from github.com/jaypipes/ghw's releases.

v0.14.0

What's Changed

• add HugePage info to memory and topology by @​Traumeel in jaypipes/ghw#374
• supply override PCIDB_PATH env var in unit tests by @​jaypipes in jaypipes/ghw#376
• update Step Security hardener action by @​jaypipes in jaypipes/ghw#377
• update golangci-lint by @​jaypipes in jaypipes/ghw#378
• use TotalXXX instead of NumXXX by @​jaypipes in jaypipes/ghw#381
• use Go idiomatic naming for Architecture consts by @​jaypipes in jaypipes/ghw#379
• overhaul ghw-snapshot tool by @​jaypipes in jaypipes/ghw#382
• Add support for processing accelerators hardware by @​mlorenzofr in jaypipes/ghw#385
• Populate Vendor field for ARM cpus by @​zeeke in jaypipes/ghw#387
• gh action: update macos lane by @​ffromani in jaypipes/ghw#398
• ci: golang: rotate the most 3 recent supported versions by @​ffromani in jaypipes/ghw#397
• fix: Replace strings.TrimPrefix with filepath.Rel by @​Gofastasf in jaypipes/ghw#399
• fix: Refactor OpenDestination func by @​Gofastasf in jaypipes/ghw#400
• fixed an out of range index access by @​karman-docker in jaypipes/ghw#404

New Contributors

• @​Traumeel made their first contribution in jaypipes/ghw#374
• @​mlorenzofr made their first contribution in jaypipes/ghw#385
• @​zeeke made their first contribution in jaypipes/ghw#387
• @​Gofastasf made their first contribution in jaypipes/ghw#399
• @​karman-docker made their first contribution in jaypipes/ghw#404

Full Changelog: jaypipes/ghw@v0.13.0...v0.14.0

Commits

• 8f0a31c Merge pull request #404 from karman-docker/fix_index_out_of_range
• fa9ef4c fixed an out of range index access
• 7e034f0 Merge pull request #400 from Gofastasf/fix/OpenDestination-func
• 6ea4140 Merge branch 'main' into fix/OpenDestination-func
• db5e7e1 fix: Refactor OpenDestination func
• 10a347c Merge pull request #399 from Gofastasf/fix/relative-path
• 231857b fix: Replace strings.TrimPrefix with filepath.Rel
• 81858af Merge pull request #397 from jaypipes/update-golang-versions
• 753306a ci: golang: rotate the most 3 recent supported versions
• 38f7299 Merge pull request #398 from jaypipes/ci-review-platforms
• Additional commits viewable in compare view

Updates github.com/klauspost/cpuid/v2 from 2.2.8 to 2.2.10

Release notes

Sourced from github.com/klauspost/cpuid/v2's releases.

v2.2.10

What's Changed

• Add rest of fields from ID_AA64ISAR0_EL1 by @​craciunoiuc in klauspost/cpuid#152
• Add AMXCOMPLEX detection by @​ozhuraki in klauspost/cpuid#153
• Add AMXTF32 detection by @​ozhuraki in klauspost/cpuid#154
• Update versions & releaser by @​klauspost in klauspost/cpuid#155

New Contributors

• @​craciunoiuc made their first contribution in klauspost/cpuid#152

Full Changelog: klauspost/cpuid@v2.2.9...v2.2.10

v2.2.9

What's Changed

• Add Arm SVE Vector and Predicate lengths by @​klauspost in klauspost/cpuid#146
• Add Hypervisor Vendor by @​brianmcgee in klauspost/cpuid#147
• cpuid: Add AMX FP8 detection by @​ozhuraki in klauspost/cpuid#148
• Fix threadsPerCore check for Zen 2 (AMD) by @​maksimio in klauspost/cpuid#149

New Contributors

• @​brianmcgee made their first contribution in klauspost/cpuid#147
• @​maksimio made their first contribution in klauspost/cpuid#149

Full Changelog: klauspost/cpuid@v2.2.8...v2.2.9

Commits

• 22ab8b9 Update versions & releaser (#155)
• 88f6499 Add AMXTF32 detection (#154)
• 68cbe93 Add AMXCOMPLEX detection (#153)
• 78c3c03 Add rest of fields from ID_AA64ISAR0_EL1 (#152)
• ee7cba9 Fix threadsPerCore check for Zen 2 (AMD) (#149)
• 60035f3 cpuid: Add AMX FP8 detection (#148)
• 92d5326 Add Hypervisor Vendor (#147)
• d25825d Add Arm SVE Vector and Predicate lengths (#146)
• See full diff in compare view

Updates github.com/prometheus/client_golang from 1.20.5 to 1.21.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.21.1 / 2025-03-04

This release addresses a performance regression introduced in #1661 -- thanks to all who reported this quickly: @​chlunde, @​dethi, @​aaronbee @​tsuna @​kakkoyun 💪🏽. This patch release also fixes the iOS build.

We will be hardening the release process even further (#1759, #1761) to prevent this in future, sorry for the inconvenience!

The high concurrency optimization is planned to be eventually reintroduced, however in a much safer manner, potentially in a separate API.

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low concurrency cases #1757
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags. #1758

• Revert "exponential backoff for CAS operations on floats" and cut 1.21.1 by @​bwplotka in prometheus/client_golang#1757
• Fix ios build for 1.21.1 by @​bwplotka in prometheus/client_golang#1758

Full Changelog: prometheus/client_golang@v1.21.0...v1.21.1

v1.21.0 / 2025-02-19

⚠️ This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang (and depend on the strict, legacy validation for the label names). New common version changes model.NameValidationScheme global variable, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change model.NameValidationScheme to old model.LegacyValidation value in your project init function. ⚠️

• [BUGFIX] gocollector: Fix help message for runtime/metric metrics. #1583
• [BUGFIX] prometheus: Fix Desc.String() method for no labels case. #1687
• [PERF] prometheus: Optimize popular prometheus.BuildFQName function; now up to 30% faster. #1665
• [PERF] prometheus: Optimize Inc, Add and Observe cumulative metrics; now up to 50% faster under high concurrent contention. #1661
• [CHANGE] Upgrade prometheus/common to 0.62.0 which changes model.NameValidationScheme global variable. #1712
• [CHANGE] Add support for Go 1.23. #1602
• [FEATURE] process_collector: Add support for Darwin systems. #1600 #1616 #1625 #1675 #1715
• [FEATURE] api: Add ability to invoke CloseIdleConnections on api.Client using api.Client.(CloseIdler).CloseIdleConnections() casting. #1513
• [FEATURE] promhttp: Add promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). #1408
• [FEATURE] prometheus: Add NewConstNativeHistogram function. #1654

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.21.1 / 2025-03-04

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

1.21.0 / 2025-02-17

⚠️ This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang. ⚠️

New common version changes model.NameValidationScheme global variable, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change model.NameValidationScheme to old model.LegacyValidation value in your project init function.

• [BUGFIX] gocollector: Fix help message for runtime/metric metrics. #1583
• [BUGFIX] prometheus: Fix Desc.String() method for no labels case. #1687
• [ENHANCEMENT] prometheus: Optimize popular prometheus.BuildFQName function; now up to 30% faster. #1665
• [ENHANCEMENT] prometheus: Optimize Inc, Add and Observe cumulative metrics; now up to 50% faster under high concurrent contention. #1661
• [CHANGE] Upgrade prometheus/common to 0.62.0 which changes model.NameValidationScheme global variable. #1712
• [CHANGE] Add support for Go 1.23. #1602
• [FEATURE] process_collector: Add support for Darwin systems. #1600 #1616 #1625 #1675 #1715
• [FEATURE] api: Add ability to invoke CloseIdleConnections on api.Client using api.Client.(CloseIdler).CloseIdleConnections() casting. #1513
• [FEATURE] promhttp: Add promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). #1408
• [FEATURE] prometheus: Add NewConstNativeHistogram function. #1654

Commits

• 8a42da3 Fix ios build. (#1758)
• 40c62f7 Merge pull request #1757 from prometheus/revert-121cas
• 689f590 Cut 1.21.1
• 9e567a7 Revert "Add: exponential backoff for CAS operations on floats (#1661)"
• eaf03ef Cut 1.21.0 (#1737)
• f1f89dc Cut 1.21.0-rc.0 (#1718)
• c923f7c Revert "ci: daggerize test and lint pipelines (#1534)" (#1717)
• 1bcda80 process collector: Fixed pedantic registry failures on darwin with cgo. (#1715)
• 038b37a tutorials/whatsup: Updated deps (#1716)
• 56a2431 docs: Add RELEASE.md for the release process (#1690)
• Additional commits viewable in compare view

Updates github.com/prometheus/prometheus from 0.54.1 to 0.302.1

Commits

• 804c49d Prepare release 3.2.1
• 528b3fc scraper: fix UTF-8 scraping header always sent with PrometheusText1.0.0
• 6bf8f9a Merge pull request #16040 from jan--f/prep-rel-3.2.0
• bf7ec40 Prepare release 3.2.0
• d80c58c prepare 3.2.0-rc.1 (#15968)
• c7a2450 Prepare release 3.2.0-rc.0 (#15901)
• a8235d5 Merge pull request #15894 from prometheus/superq/audit_fix
• e87e308 chore(deps): bump github.com/prometheus/alertmanager (#15878)
• 007d111 chore(deps): bump golang.org/x/tools from 0.28.0 to 0.29.0 (#15876)
• bd55cdc chore(deps): bump github.com/ionos-cloud/sdk-go/v6 from 6.3.0 to 6.3.2 (#15879)
• Additional commits viewable in compare view

Updates golang.org/x/sys from 0.30.0 to 0.31.0

Commits

• 74cfc93 all: upgrade go directive to at least 1.23.0 [generated]
• See full diff in compare view

Updates k8s.io/api from 0.29.9 to 0.31.3

Commits

• b7783ab Update dependencies to v0.31.3 tag
• 46f6230 Merge pull request #126761thockin/automated-cherry-pick-of-#126749
• 1857695 fix v1a3 ResourceSliceList metadata field name
• 382a091 update codegen and openapi
• 1073c1e regen clients
• 6f8e3bd Review feedback
• 437d97a Coordinated Leader Election Alpha API
• 63e21d3 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
• ca07d5a generated files
• 7192863 add AllocatedResourcesStatus field to ContainerStatus
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.29.9 to 0.31.3

Commits

• a8f449e Falls back to SPDY for gorilla/websocket https proxy error
• 62791ec Merge pull request #125571 from liggitt/filter-auth-02-sar
• cc2ba35 add field and label selectors to authorization attributes
• ce76a8f generate
• 35052c5 add subjectaccessreview field and label selectors
• ab06869 Merge pull request #126105 from benluddy/cbor-framer
• 429f4e4 Implement runtime.Framer for CBOR Sequences.
• d7e1c53 Merge pull request #126018 from aroradaman/bump-k8s-utils
• 07cb122 Merge pull request #125748 from benluddy/cbor-custom-marshalers
• dd17456 bump k8s.io/utils
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.29.9 to 0.31.3

Commits

• ef98edc Update dependencies to v0.31.3 tag
• 5e3e8ea informers: add comment that Start does not block
• f71a5cc Call non-blocking informerFactory.Start synchronously to avoid races
• 4536e5a Merge pull request #124012 from Jefftree/le-controller
• 93c6a5b Merge pull request #126353 from liggitt/fix-vendor
• 6a9911a revendor dependencies
• fe54892 Merge pull request #126243 from SergeyKanzhelev/devicePluginFailures
• 825f52e Change PingTime to be persistent
• f45c451 fix ordering issue in candidates
• 18dd587 feedback: leasecandidate clients
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions