deps: bump the production-dependencies group across 1 directory with 11 updates #613

dependabot · 2026-01-12T16:45:50Z

Bumps the production-dependencies group with 8 updates in the / directory:

Package	From	To
connectrpc.com/otelconnect	`0.8.0`	`0.9.0`
github.com/exaring/otelpgx	`0.9.4`	`0.10.0`
github.com/nicksnyder/go-i18n/v2	`2.6.0`	`2.6.1`
github.com/valkey-io/valkey-go	`1.0.69`	`1.0.70`
golang.org/x/net	`0.48.0`	`0.49.0`
github.com/prometheus/common	`0.67.4`	`0.67.5`
github.com/shirou/gopsutil/v4	`4.25.11`	`4.25.12`
google.golang.org/api	`0.258.0`	`0.259.0`

Updates connectrpc.com/otelconnect from 0.8.0 to 0.9.0

Release notes

Sourced from connectrpc.com/otelconnect's releases.

v0.9.0

What's Changed

Additions

Add option to force uniform output in servers that handle both ConnectRPC and gRPC traffic by @jhump in #196

Bugfixes

Fix version reported by otel_scope_version attribute by @wata727 in #193

Fix use header attributes only in trace by @rytsh in #198

New Contributors

@wata727 made their first contribution in #193

@rytsh made their first contribution in #198

Full Changelog: connectrpc/otelconnect-go@v0.8.0...v0.9.0

Commits

462c595 Prepare for release v0.9.0 (#200)
b317ebc Fix WithTraceRequestHeader to only add attributes to traces, not metrics (#198)
a4906bd Add option to force uniform output (#196)
07c1475 Fix GoDoc comments for options (#195)
e9c79d9 Update otel_scope_version (#193)
See full diff in compare view

Updates github.com/exaring/otelpgx from 0.9.4 to 0.10.0

Release notes

Sourced from github.com/exaring/otelpgx's releases.

v0.10.0

What's Changed

feat: add option to disable tracing by @errcheckenjoyer in exaring/otelpgx#60

feat: allow access to context in SpanName function by @robsonpeixoto in exaring/otelpgx#67

New Contributors

@errcheckenjoyer made their first contribution in exaring/otelpgx#60

@robsonpeixoto made their first contribution in exaring/otelpgx#67

Full Changelog: exaring/otelpgx@v0.9.4...v0.10.0

Commits

b4aeedc feat: allow access to context in SpanName function (#67)
98d6540 feat: add option to disable tracing (#60)
See full diff in compare view

Updates github.com/nicksnyder/go-i18n/v2 from 2.6.0 to 2.6.1

Release notes

Sourced from github.com/nicksnyder/go-i18n/v2's releases.

v2.6.1

What's Changed

Update to CLDR v48 by @nicksnyder in nicksnyder/go-i18n#398

Replace unmaintained gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 by @SaschaSchwarze0 in nicksnyder/go-i18n#397

Upgrade golang.org/x/text to v0.32.0 by @nicksnyder in nicksnyder/go-i18n#399

Upgrade github.com/BurntSushi/toml to v1.6.0 by @nicksnyder in nicksnyder/go-i18n#399

New Contributors

@SaschaSchwarze0 made their first contribution in nicksnyder/go-i18n#397

Full Changelog: nicksnyder/go-i18n@v2.6.0...v2.6.1

Commits

4d19ec6 Upgrade deps (#399)
fd35d7b Update to CLDR v48 (#398)
54fa2a2 Replace unmaintained gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 (#397)
9b6fad7 Fix Goreleaser lint warning (#395)
ac3773e Bump golangci/golangci-lint-action from 7 to 9 (#392)
7aa3148 Fix CI given minimum version of 1.24 (#394)
7d6e6fb Bump actions/checkout from 4 to 6 (#393)
5580719 Bump actions/setup-go from 5 to 6 (#383)
2d2e857 Bump golang.org/x/text from 0.29.0 to 0.31.0 (#391)
28dedbe Bump golang.org/x/text from 0.28.0 to 0.29.0 (#382)
Additional commits viewable in compare view

Updates github.com/valkey-io/valkey-go from 1.0.69 to 1.0.70

Release notes

Sourced from github.com/valkey-io/valkey-go's releases.

1.0.70

Changes

feat: upgrade to go 1.24 and update deps (#101)

feat: lua script support retryable; rueidislock set all lua scripts retryable by default

feat: set server.* valkeyotel attrs in more cases (#95)

fix: align valkey.dial valkeyotel span with otel conventions (#94)

fix: refresh cluster topology when replica slots are missing (#99)

fix: ensure that valkeylock keys' expiration is always ahead of the current time by KeyValidity duration

docs: fix some broken links

Contributors

We'd like to thank all the contributors who worked on this release!

@arisudesu, @austindrenski, @justinmayhew, @rueian and @wyxloading

Commits

3dafdf2 feat: bump v1.0.70
6677207 feat: upgrade to go 1.24 and update deps (#101)
9ff30de fix: refresh cluster topology when replica slots are missing (#99)
d8b00ff Set server.* attrs in more cases (#95)
659155c Fix valkey.dial span attributes (#94)
7da0334 Feat: lua script support retryable; rueidislock set all lua scripts retryable...
3bca173 docs: fix some broken links (#928)
1200c3b Ensure that monitored lock keys expiration is always ahead of current time by...
See full diff in compare view

Updates golang.org/x/net from 0.48.0 to 0.49.0

Commits

d977772 go.mod: update golang.org/x dependencies
eea413e internal/http3: use go1.25 synctest.Test instead of go1.24 synctest.Run
9ace223 websocket: add missing call to resp.Body.Close
7d3dbb0 http2: buffer the most recently received PRIORITY_UPDATE frame
See full diff in compare view

Updates golang.org/x/text from 0.32.0 to 0.33.0

Commits

536231a go.mod: update golang.org/x dependencies
See full diff in compare view

Updates github.com/prometheus/common from 0.67.4 to 0.67.5

Release notes

Sourced from github.com/prometheus/common's releases.

v0.67.5

What's Changed

build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 by @dependabot[bot] in prometheus/common#871

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#866

build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 by @dependabot[bot] in prometheus/common#872

build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 by @dependabot[bot] in prometheus/common#870

Full Changelog: prometheus/common@v0.67.4...v0.67.5

Commits

934ff37 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (#870)
1e29804 build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 (#872)
0bd1c40 Synchronize common files from prometheus/prometheus (#866)
b644201 build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 (#871)
See full diff in compare view

Updates github.com/shirou/gopsutil/v4 from 4.25.11 to 4.25.12

Release notes

Sourced from github.com/shirou/gopsutil/v4's releases.

v4.25.12

What's Changed

cpu

[cpu][linux]: fix ":" in CPU ModelName by @shirou in shirou/gopsutil#1960

[cpu][linux]: add riscv cpu parser by @mengzhuo in shirou/gopsutil#1970

[cpu][darwin]: release pCoreRef in each iteration by @uubulb in shirou/gopsutil#1971

[darwin]: wrap library functions as struct methods by @uubulb in shirou/gopsutil#1976

disk

Fixes #1284 by @johnnybubonic in shirou/gopsutil#1931

fix disk.Partition cut off after first disk by @sni in shirou/gopsutil#1975

[disk][windows]: add virtual drive for TestGetLogicalDrives by @shirou in shirou/gopsutil#1977

Add missing mount flags (local, protect) by @Kerlenton in shirou/gopsutil#1968

host

Replace AIX uptime function with ps etimes-based implementation by @Dylan-M in shirou/gopsutil#1967

mem

feat(mem): Add support for Percpu by @pvlltvk in shirou/gopsutil#1972

process

Add NumFDs implementation for Darwin by @Kerlenton in shirou/gopsutil#1965

[sensors][darwin]: retrieve sensor information in one function call by @uubulb in shirou/gopsutil#1973

New Contributors

@Kerlenton made their first contribution in shirou/gopsutil#1965

@sni made their first contribution in shirou/gopsutil#1975

@pvlltvk made their first contribution in shirou/gopsutil#1972

@mengzhuo made their first contribution in shirou/gopsutil#1970

Full Changelog: shirou/gopsutil@v4.25.11...v4.25.12

Commits

0de4501 Merge pull request #1976 from uubulb/refactor/wrap-library-functions
edba8ea [darwin]: wrap library functions as struct methods
4870278 Merge pull request #1973 from uubulb/sensors/get_sensor_info_in_one_call
5f9c6c1 change the visbility of vnode structs to private
22106a5 Merge pull request #1971 from uubulb/fix/release-pcoreref
de8b78a Merge pull request #1968 from Kerlenton/darwin-mount-flags
9f2cd08 Merge pull request #1970 from mengzhuo/cpu
b91edff Merge pull request #1967 from Dylan-M/fix_uptime
e4605ad [cpu][linux]: add riscv cpu parser
0ae21a0 Remove incorrect test for invalid formats
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.46.0 to 0.47.0

Commits

506e022 go.mod: update golang.org/x dependencies
7dacc38 chacha20poly1305: error out in fips140=only mode
See full diff in compare view

Updates golang.org/x/sys from 0.39.0 to 0.40.0

Commits

2f44229 sys/cpu: add symbolic constants for remaining cpuid bits
e5770d2 sys/cpu: use symbolic names for masks
714a44c sys/cpu: modify x86 port to match what internal/cpu does
See full diff in compare view

Updates google.golang.org/api from 0.258.0 to 0.259.0

Release notes

Sourced from google.golang.org/api's releases.

v0.259.0

0.259.0 (2026-01-06)

⚠ BREAKING CHANGES

remove firebaseremoteconfig from package list (#3422)

Features

all: Auto-regenerate discovery clients (#3412) (c7d21a4)

all: Auto-regenerate discovery clients (#3415) (6860a5e)

all: Auto-regenerate discovery clients (#3417) (0a99634)

all: Auto-regenerate discovery clients (#3419) (03d987b)

all: Auto-regenerate discovery clients (#3421) (632ee92)

all: Auto-regenerate discovery clients (#3425) (b599823)

Support write checksums in json resumable uploads (#3405) (6e57e38)

Bug Fixes

option: Remove option.WithAuthCredentials from validation (#3420) (2c33732)

Remove firebaseremoteconfig from package list (#3422) (fd0ce7c)

transport: Remove singleton and restore normal usage of otelgrpc.clientHandler (#3424) (24fbfcb), refs #2321 #2329

Miscellaneous Chores

Correct release version (#3426) (a783dbb)

Changelog

Sourced from google.golang.org/api's changelog.

0.259.0 (2026-01-06)

⚠ BREAKING CHANGES

remove firebaseremoteconfig from package list (#3422)

Features

all: Auto-regenerate discovery clients (#3412) (c7d21a4)

all: Auto-regenerate discovery clients (#3415) (6860a5e)

all: Auto-regenerate discovery clients (#3417) (0a99634)

all: Auto-regenerate discovery clients (#3419) (03d987b)

all: Auto-regenerate discovery clients (#3421) (632ee92)

all: Auto-regenerate discovery clients (#3425) (b599823)

Support write checksums in json resumable uploads (#3405) (6e57e38)

Bug Fixes

option: Remove option.WithAuthCredentials from validation (#3420) (2c33732)

Remove firebaseremoteconfig from package list (#3422) (fd0ce7c)

transport: Remove singleton and restore normal usage of otelgrpc.clientHandler (#3424) (24fbfcb), refs #2321 #2329

Miscellaneous Chores

Correct release version (#3426) (a783dbb)

Commits

8540190 chore(main): release 0.259.0 (#3413)
6e57e38 feat: support write checksums in json resumable uploads (#3405)
1d9673a chore(all): update module google.golang.org/grpc to v1.78.0 (#3423)
a783dbb chore: correct release version (#3426)
fd0ce7c fix!: remove firebaseremoteconfig from package list (#3422)
b599823 feat(all): auto-regenerate discovery clients (#3425)
24fbfcb fix(transport): remove singleton and restore normal usage of otelgrpc.clientH...
632ee92 feat(all): auto-regenerate discovery clients (#3421)
2c33732 fix(option): remove option.WithAuthCredentials from validation (#3420)
75e055a chore(all): update all (#3418)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…11 updates Bumps the production-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [connectrpc.com/otelconnect](https://github.com/connectrpc/otelconnect-go) | `0.8.0` | `0.9.0` | | [github.com/exaring/otelpgx](https://github.com/exaring/otelpgx) | `0.9.4` | `0.10.0` | | [github.com/nicksnyder/go-i18n/v2](https://github.com/nicksnyder/go-i18n) | `2.6.0` | `2.6.1` | | [github.com/valkey-io/valkey-go](https://github.com/valkey-io/valkey-go) | `1.0.69` | `1.0.70` | | [golang.org/x/net](https://github.com/golang/net) | `0.48.0` | `0.49.0` | | [github.com/prometheus/common](https://github.com/prometheus/common) | `0.67.4` | `0.67.5` | | [github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) | `4.25.11` | `4.25.12` | | [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.258.0` | `0.259.0` | Updates `connectrpc.com/otelconnect` from 0.8.0 to 0.9.0 - [Release notes](https://github.com/connectrpc/otelconnect-go/releases) - [Changelog](https://github.com/connectrpc/otelconnect-go/blob/main/RELEASE.md) - [Commits](connectrpc/otelconnect-go@v0.8.0...v0.9.0) Updates `github.com/exaring/otelpgx` from 0.9.4 to 0.10.0 - [Release notes](https://github.com/exaring/otelpgx/releases) - [Commits](exaring/otelpgx@v0.9.4...v0.10.0) Updates `github.com/nicksnyder/go-i18n/v2` from 2.6.0 to 2.6.1 - [Release notes](https://github.com/nicksnyder/go-i18n/releases) - [Changelog](https://github.com/nicksnyder/go-i18n/blob/main/CHANGELOG.md) - [Commits](nicksnyder/go-i18n@v2.6.0...v2.6.1) Updates `github.com/valkey-io/valkey-go` from 1.0.69 to 1.0.70 - [Release notes](https://github.com/valkey-io/valkey-go/releases) - [Commits](valkey-io/valkey-go@v1.0.69...v1.0.70) Updates `golang.org/x/net` from 0.48.0 to 0.49.0 - [Commits](golang/net@v0.48.0...v0.49.0) Updates `golang.org/x/text` from 0.32.0 to 0.33.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.32.0...v0.33.0) Updates `github.com/prometheus/common` from 0.67.4 to 0.67.5 - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md) - [Commits](prometheus/common@v0.67.4...v0.67.5) Updates `github.com/shirou/gopsutil/v4` from 4.25.11 to 4.25.12 - [Release notes](https://github.com/shirou/gopsutil/releases) - [Commits](shirou/gopsutil@v4.25.11...v4.25.12) Updates `golang.org/x/crypto` from 0.46.0 to 0.47.0 - [Commits](golang/crypto@v0.46.0...v0.47.0) Updates `golang.org/x/sys` from 0.39.0 to 0.40.0 - [Commits](golang/sys@v0.39.0...v0.40.0) Updates `google.golang.org/api` from 0.258.0 to 0.259.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.258.0...v0.259.0) --- updated-dependencies: - dependency-name: connectrpc.com/otelconnect dependency-version: 0.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: github.com/exaring/otelpgx dependency-version: 0.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: github.com/nicksnyder/go-i18n/v2 dependency-version: 2.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: github.com/valkey-io/valkey-go dependency-version: 1.0.70 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: golang.org/x/net dependency-version: 0.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: golang.org/x/text dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: github.com/prometheus/common dependency-version: 0.67.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: github.com/shirou/gopsutil/v4 dependency-version: 4.25.12 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: golang.org/x/crypto dependency-version: 0.47.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: golang.org/x/sys dependency-version: 0.40.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: google.golang.org/api dependency-version: 0.259.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-01-19T15:25:46Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added auto-merge dependencies labels Jan 12, 2026

dependabot bot closed this Jan 19, 2026

dependabot bot deleted the dependabot/go_modules/production-dependencies-a58faf6076 branch January 19, 2026 15:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps: bump the production-dependencies group across 1 directory with 11 updates #613

deps: bump the production-dependencies group across 1 directory with 11 updates #613

Uh oh!

dependabot bot commented on behalf of github Jan 12, 2026 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Jan 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

deps: bump the production-dependencies group across 1 directory with 11 updates #613

deps: bump the production-dependencies group across 1 directory with 11 updates #613

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 12, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.9.0

What's Changed

Additions

Bugfixes

New Contributors

v0.10.0

What's Changed

New Contributors

v2.6.1

What's Changed

New Contributors

1.0.70

Changes

Contributors

v0.67.5

What's Changed

v4.25.12

What's Changed

cpu

disk

host

mem

process

New Contributors

v0.259.0

0.259.0 (2026-01-06)

⚠ BREAKING CHANGES

Features

Bug Fixes

Miscellaneous Chores

0.259.0 (2026-01-06)

⚠ BREAKING CHANGES

Features

Bug Fixes

Miscellaneous Chores

Uh oh!

dependabot bot commented on behalf of github Jan 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Jan 12, 2026 •

edited

Loading