Skip to content

Bump the all-deps group across 1 directory with 9 updates #1364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the all-deps group across 1 directory with 9 updates #1364

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026

Bumps the all-deps group with 3 updates in the / directory: github.com/apache/beam/sdks/v2, github.com/mattn/go-sqlite3 and github.com/usbarmory/tamago.

Updates github.com/apache/beam/sdks/v2 from 2.68.0 to 2.71.0

Release notes

Sourced from github.com/apache/beam/sdks/v2's releases.

Beam 2.71.0 release

We are happy to present the new 2.71.0 release of Beam. This release includes both improvements and new functionality.

For more information on changes in 2.71.0, check out the detailed release notes.

I/Os

  • (Java) Elasticsearch 9 Support (#36491).
  • (Java) Upgraded HCatalogIO to Hive 4.0.1 (#32189).

New Features / Improvements

  • Support configuring Firestore database on ReadFn transforms (Java) (#36904).
  • (Python) Inference args are now allowed in most model handlers, except where they are explicitly/intentionally disallowed (#37093).

Bugfixes

  • Fixed FirestoreV1 Beam connectors allow configuring inconsistent project/database IDs between RPC requests and routing headers #36895 (Java) (#36895).
  • Logical type and coder registry are saved for pipelines in the case of default pickler. This fixes a side effect of switching to cloudpickle as default pickler in Beam 2.65.0 (Python) (#35738).

Known Issues

For the most up to date list of known issues, see https://github.com/apache/beam/blob/master/CHANGES.md

List of Contributors

According to git shortlog, the following people contributed to the 2.71.0 release. Thank you to all contributors!

Abacn, Ahmed Abualsaud, Amar3tto, Andrew Crites, apanich, Arun, Arun Pandian, assaf127, Chamikara Jayalath, CherisPatelInfocusp, Cheskel Twersky, Claire McGinty, Claude, Danny Mccormick, dependabot[bot], Derrick Williams, Egbert van der Wal, Evan Galpin, Ganesh, github-actions[bot], hekk-kaori-maeda, Jack Dingilian, Jack McCluskey, JayajP, Jiang Zhu, Kenneth Knowles, liferoad, M Junaid Shaukat, Nayan Mathur, Noah Stapp, Paco Avila, Radek Stankiewicz, Radosław Stankiewicz, Robert Stupp, Sam Whittle, Shunping Huang, Steven van Rossum, Suvrat Acharya, Tarun Annapareddy, tvalentyn, Utkarsh Parekh, Vitaly Terentyev, Xiaochu Liu, Yala Huang Feng, Yi Hu, Yu Watanabe, zhan7236

Beam 2.70.0 release

We are happy to present the new 2.70.0 release of Beam. This release includes both improvements and new functionality. See the download page for this release.

For more information on changes in 2.70.0, check out the detailed release notes.

Highlights

  • Flink 1.20 support added (#32647).

New Features / Improvements

  • Python examples added for Milvus search enrichment handler on Beam Website including jupyter notebook example (Python) (#36176).

... (truncated)

Changelog

Sourced from github.com/apache/beam/sdks/v2's changelog.

[2.71.0] - 2026-01-22

I/Os

  • (Java) Elasticsearch 9 Support (#36491).
  • (Java) Upgraded HCatalogIO to Hive 4.0.1 (#32189).

New Features / Improvements

  • Support configuring Firestore database on ReadFn transforms (Java) (#36904).
  • (Python) Inference args are now allowed in most model handlers, except where they are explicitly/intentionally disallowed (#37093).
  • (Python) Add support for EnvoyRateLimiter, to allow rate limiting in DoFns (#37135).
  • (Python) Add support for RateLimiting in Remote Model Handler (#37218).

Bugfixes

  • Fixed FirestoreV1 Beam connectors allow configuring inconsistent project/database IDs between RPC requests and routing headers #36895 (Java) (#36895).
  • Logical type and coder registry are saved for pipelines in the case of default pickler (#36271). This fixes a side effect of switching to cloudpickle as default pickler in Beam 2.65.0 (Python) (#35738).

Known Issues

[2.70.0] - 2025-12-16

Highlights

  • Flink 1.20 support added (#32647).

New Features / Improvements

  • Python examples added for Milvus search enrichment handler on Beam Website including jupyter notebook example (Python) (#36176).
  • Milvus sink I/O connector added (Python) (#36702). Now Beam has full support for Milvus integration including Milvus enrichment and sink operations.

Breaking Changes

  • (Python) Some Python dependencies have been split out into extras. To ensure all previously installed dependencies are installed, when installing Beam you can pip install apache-beam[gcp,interactive,yaml,redis,hadoop,tfrecord], though most users will not need all of these extras (#34554).

Deprecations

  • (Python) Python 3.9 reached EOL in October 2025 and support for the language version has been removed. (#36665).

[2.69.0] - 2025-10-28

Highlights

  • (Python) Add YAML Editor and Visualization Panel (#35772).
  • (Java) Java 25 Support (#35627).

... (truncated)

Commits

Updates github.com/mattn/go-sqlite3 from 1.14.32 to 1.14.33

Commits
  • 3c885a9 Upgrade SQLite to version 3051001
  • 3e773a9 update github workflows
  • 2f6a2bb fix upgrade script
  • aa7cdd3 update upgrade script
  • a66908a use quote include instead of angled include for sqlite3-binding.h
  • See full diff in compare view

Updates github.com/usbarmory/tamago from 1.25.1 to 1.25.6

Release notes

Sourced from github.com/usbarmory/tamago's releases.

v1.25.6

This release introduces Google Compute Engine support as well as AMD Secure Encrypted Virtualization (SEV) support packages (for an implementation example see go-boot).

Major changes for tamago package API:

Major changes for tamago package internals:

Full Changelog: usbarmory/tamago@v1.25.5...v1.25.6

This release requires GOOS=tamago support in the Go distribution with tamago-go1.25.6 or later releases.

v1.25.5

This release introduces arm64 architecture and board support.

Major changes for tamago package API:

Major changes for tamago package internals:

Full Changelog: usbarmory/tamago@v1.25.4...v1.25.5

This release requires GOOS=tamago support in the Go distribution with tamago-go1.25.5 or later releases.

v1.25.4

Major changes:

... (truncated)

Commits

Updates golang.org/x/crypto from 0.45.0 to 0.46.0

Commits
  • 19acf81 go.mod: update golang.org/x dependencies
  • 3a1c6b4 x509roots/fallback: update bundle
  • f4602e4 ssh/agent: fix flaky test by ensuring a writeable home directory
  • See full diff in compare view

Updates golang.org/x/mod from 0.29.0 to 0.30.0

Commits
  • 7416265 go.mod: update golang.org/x dependencies
  • 5517a71 all: fix some comments
  • b6cdd1a modfile: use reflect.TypeFor instead of reflect.TypeOf
  • See full diff in compare view

Updates golang.org/x/oauth2 from 0.31.0 to 0.34.0

Commits
  • acc3815 endpoints: fix %q verb use with wrong type
  • f28b0b5 all: fix some comments
  • fd15e0f x/oauth2: populate RetrieveError from DeviceAuth
  • 792c877 oauth2: use strings.Builder instead of bytes.Buffer
  • See full diff in compare view

Updates golang.org/x/sync from 0.18.0 to 0.19.0

Commits

Updates google.golang.org/grpc from 1.75.1 to 1.78.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.78.0

Behavior Changes

  • client: Align URL validation with Go 1.26+ to now reject target URLs with unbracketed colons in the hostname. (#8716)
  • transport/client : Return status code Unknown on malformed grpc-status. (#8735)
    • xds/resolver:
  • Drop previous route resources and report an error when no matching virtual host is found.
  • Only log LDS/RDS configuration errors following a successful update and retain the last valid resource to prevent transient failures. (#8711)

New Features

  • stats/otel: Add backend service label to weighted round robin metrics as part of A89. (#8737)
  • stats/otel: Add subchannel metrics (without the disconnection reason) to eventually replace the pickfirst metrics. (#8738)
  • client: Wait for all pending goroutines to complete when closing a graceful switch balancer. (#8746)
  • client: Add experimental.AcceptCompressors so callers can restrict the grpc-accept-encoding header advertised for a call. (#8718)

Bug Fixes

  • xds: Fix a bug in StringMatcher where regexes would match incorrectly when ignore_case is set to true. (#8723)
  • client:
    • Change connectivity state to CONNECTING when creating the name resolver (as part of exiting IDLE).
    • Change connectivity state to TRANSIENT_FAILURE if name resolver creation fails (as part of exiting IDLE).
    • Change connectivity state to IDLE after idle timeout expires even when current state is TRANSIENT_FAILURE.
    • Fix a bug that resulted in OnFinish call option not being invoked for RPCs where stream creation failed. (#8710)
  • xdsclient: Fix a race in the xdsClient that could lead to resource-not-found errors. (#8627)

Performance Improvements

  • mem: Round up to nearest 4KiB for pool allocations larger than 1MiB. (#8705)

Release 1.77.0

API Changes

  • mem: Replace the Reader interface with a struct for better performance and maintainability. (#8669)

Behavior Changes

  • balancer/pickfirst: Remove support for the old pick_first LB policy via the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST=false. The new pick_first has been the default since v1.71.0. (#8672)

Bug Fixes

  • xdsclient: Fix a race condition in the ADS stream implementation that could result in resource-not-found errors, causing the gRPC client channel to move to TransientFailure. (#8605)
  • client: Ignore HTTP status header for gRPC streams. (#8548)
  • client: Set a read deadline when closing a transport to prevent it from blocking indefinitely on a broken connection. (#8534)

... (truncated)

Commits
  • 9df039e Change version to 1.78.0 (#8761)
  • 9b990b6 gracefulswitch: Wait for all goroutines on close (#8746)
  • 6677d9a xds: Fixing a typo (#8760)
  • d35cedd xds/resolver: pass route's auto_host_rewrite to LB picker (gRFC A81) (#8740)
  • d931fdc client: allow overriding grpc-accept-encoding header (#8718)
  • 0800ec7 xds/clusterimpl: update TestChildPolicyChangeOnConfigUpdate to use custom lb ...
  • 6553ea1 stats/otel: Add subchannel metrics (A94) (#8738)
  • 81a00ce grpc: Fixing spelling typo (#8756)
  • e413838 client: Change connectivity state to CONNECTING when creating the name resolv...
  • f9d2bdb stats/otel: Add grpc.lb.backend_service label to wrr metrics (A89) (#8737)
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.10 to 1.36.11

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-deps group across 1 directory with 9 updates
906ac5f 
Bumps the all-deps group with 3 updates in the / directory: [github.com/apache/beam/sdks/v2](https://github.com/apache/beam), [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) and [github.com/usbarmory/tamago](https://github.com/usbarmory/tamago).


Updates `github.com/apache/beam/sdks/v2` from 2.68.0 to 2.71.0
- [Release notes](https://github.com/apache/beam/releases)
- [Changelog](https://github.com/apache/beam/blob/master/CHANGES.md)
- [Commits](apache/beam@v2.68.0...v2.71.0)

Updates `github.com/mattn/go-sqlite3` from 1.14.32 to 1.14.33
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.32...v1.14.33)

Updates `github.com/usbarmory/tamago` from 1.25.1 to 1.25.6
- [Release notes](https://github.com/usbarmory/tamago/releases)
- [Commits](usbarmory/tamago@v1.25.1...v1.25.6)

Updates `golang.org/x/crypto` from 0.45.0 to 0.46.0
- [Commits](golang/crypto@v0.45.0...v0.46.0)

Updates `golang.org/x/mod` from 0.29.0 to 0.30.0
- [Commits](golang/mod@v0.29.0...v0.30.0)

Updates `golang.org/x/oauth2` from 0.31.0 to 0.34.0
- [Commits](golang/oauth2@v0.31.0...v0.34.0)

Updates `golang.org/x/sync` from 0.18.0 to 0.19.0
- [Commits](golang/sync@v0.18.0...v0.19.0)

Updates `google.golang.org/grpc` from 1.75.1 to 1.78.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.75.1...v1.78.0)

Updates `google.golang.org/protobuf` from 1.36.10 to 1.36.11

---
updated-dependencies:
- dependency-name: github.com/apache/beam/sdks/v2
  dependency-version: 2.71.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: github.com/usbarmory/tamago
  dependency-version: 1.25.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: golang.org/x/crypto
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: golang.org/x/mod
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: golang.org/x/sync
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: google.golang.org/grpc
  dependency-version: 1.78.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-deps
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 1, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 1, 2026 04:45
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 1, 2026
@dependabot dependabot bot requested review from AlCutter and removed request for a team February 1, 2026 04:45
@dependabot dependabot bot added the go Pull requests that update Go code label Feb 1, 2026
@dpebot
Copy link
Collaborator

dpebot commented Feb 1, 2026

/gcbrun

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlCutter AlCutter Awaiting requested review from AlCutter AlCutter is a code owner automatically assigned from google/trillian-examples-reviews

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dpebot