Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.7.1 to 1.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/viper/releases">github.com/spf13/viper's releases</a>.</em></p>
<blockquote>
<h2>v1.8.0</h2>
<p>This is a maintenance release primarily containing fixes and improvements. The most prominent change is the etcd update to <a href="https://github.com/etcd-io/etcd/releases/tag/v3.5.0">3.5.0</a>. Thanks to proper Go modules support, the dependency graph became much smaller.</p>
<p>## Changes</p>
<h3>Added</h3>
<ul>
<li>Allow BindEnv to register multiple environment variables</li>
<li>Support for accessing slices</li>
<li>Experimental WASM support: Viper compiles on WASM</li>
<li>INI load options</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Ensure <code>BindPFlag</code> detects a nil flag parameter</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Merging a key into a nil target</li>
<li>Panics during saving INI files</li>
</ul>
<h3>Security</h3>
<ul>
<li>Updated etcd to 3.5 which should make a lot of false positive vulnerability reports disappear</li>
</ul>
<hr />
<p>In addition to the above changes, this release comes with tons of minor improvements, documentation changes an dependency updates. Find more details in the <a href="https://github.com/spf13/viper/milestone/4?closed=1">1.8.0</a> milestone.</p>
<p><strong>Many thanks to everyone who contributed to this release!</strong></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="faa8ba0c53"><code>faa8ba0</code></a> chore: update gotestsum</li>
<li><a href="65ee98690c"><code>65ee986</code></a> chore(lint): fix gofumpt</li>
<li><a href="04ef5fa07d"><code>04ef5fa</code></a> chore: update golangci-lint</li>
<li><a href="acd965b54e"><code>acd965b</code></a> Add ini load options argument</li>
<li><a href="5f4d053c3e"><code>5f4d053</code></a> chore(deps): update dependencies</li>
<li><a href="dd57ae6279"><code>dd57ae6</code></a> chore(deps): update etcd</li>
<li><a href="cdb5e5976f"><code>cdb5e59</code></a> Fix merging a key into a nil target</li>
<li><a href="36be6bf91f"><code>36be6bf</code></a> feat: make sure Viper compiles on WASM</li>
<li><a href="727a41c38a"><code>727a41c</code></a> doc: add a note about concurent Get/Set to godoc</li>
<li><a href="cb41ae0ab8"><code>cb41ae0</code></a> doc: discuss concurrency in README</li>
<li>Additional commits viewable in <a href="https://github.com/spf13/viper/compare/v1.7.1...v1.8.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/armon/go-metrics](https://github.com/armon/go-metrics) from 0.3.8 to 0.3.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/armon/go-metrics/releases">github.com/armon/go-metrics's releases</a>.</em></p>
<blockquote>
<h2>v0.3.9</h2>
<p>Adds a new <code>Stream</code> method that provides a streaming HTTP 1.x handler that will return a news set of metrics every interval.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f792dbc8f4"><code>f792dbc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/armon/go-metrics/issues/125">#125</a> from dnephin/dnephin/stream-metrics</li>
<li><a href="01db6876d8"><code>01db687</code></a> inmem: reduce the interface to Stream</li>
<li><a href="056fff3a32"><code>056fff3</code></a> inmem: add support for streaming metrics as intervals complete</li>
<li><a href="96c40ac2d9"><code>96c40ac</code></a> inmem: Inline a few functions into getInterval</li>
<li>See full diff in <a href="https://github.com/armon/go-metrics/compare/v0.3.8...v0.3.9">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.22.0 to 1.23.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="117cb53bc6"><code>117cb53</code></a> Fix copying stack setting in logger's Output method (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/325">#325</a>)</li>
<li><a href="e05605c215"><code>e05605c</code></a> Use github.com/coreos/go-systemd/v22 (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/322">#322</a>)</li>
<li><a href="6ed1127758"><code>6ed1127</code></a> Fix panic on disabled event with CallerSkipFrame</li>
<li><a href="47a03bc5eb"><code>47a03bc</code></a> Add ability to customize internal json marshaler (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/318">#318</a>)</li>
<li><a href="ffbd37b8d7"><code>ffbd37b</code></a> Add Func log method (<a href="https://github-redirect.dependabot.com/rs/zerolog/issues/321">#321</a>)</li>
<li>See full diff in <a href="https://github.com/rs/zerolog/compare/v1.22.0...v1.23.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.28.0 to 0.29.0.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8281fb2779"><code>8281fb2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/prometheus/common/issues/308">#308</a> from austince/feat/with-idle-conn-timeout</li>
<li><a href="5018d4d329"><code>5018d4d</code></a> Add WithIdleConnTimeout HTTP client option</li>
<li>See full diff in <a href="https://github.com/prometheus/common/compare/v0.28.0...v0.29.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
* build(deps): bump github.com/golang/protobuf from 1.4.3 to 1.5.1
Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.4.3 to 1.5.1.
- [Release notes](https://github.com/golang/protobuf/releases)
- [Commits](https://github.com/golang/protobuf/compare/v1.4.3...v1.5.1)
Signed-off-by: dependabot[bot] <support@github.com>
* run go mod tidy
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alessio Treglia <alessio@tendermint.com>
Co-authored-by: Marko <marbar3778@yahoo.com>
dependabot[bot]
Robert Zaremba
Andrea Giacobino
Alessio Treglia
Frojdi Dymylja
Marko