Bump the all-deps group with 8 updates by dependabot[bot] · Pull Request #702 · transparency-dev/tesseract

dependabot · 2026-02-16T02:19:45Z

Bumps the all-deps group with 8 updates:

Package	From	To
cloud.google.com/go/storage	`1.59.2`	`1.60.0`
github.com/fsouza/fake-gcs-server	`1.53.1`	`1.54.0`
github.com/transparency-dev/formats	`0.0.0-20251017110053-404c0d5b696c`	`0.1.0`
golang.org/x/crypto	`0.47.0`	`0.48.0`
golang.org/x/mod	`0.32.0`	`0.33.0`
golang.org/x/net	`0.49.0`	`0.50.0`
google.golang.org/api	`0.265.0`	`0.266.0`
google.golang.org/grpc	`1.78.0`	`1.79.1`

Updates cloud.google.com/go/storage from 1.59.2 to 1.60.0

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage 1.60.0

1.60.0 (2026-02-10)

Features

adding support for max-retry-duration for all api other than resumable-upload (#13749) (31c352bd)

support checksum validation in resumable json uploads (#13573) (337ca078)

Added a new field ComposeObjectRequest.delete_source_objects field (PiperOrigin-RevId: 863087065) (611f2392)

Bug Fixes

change TestValidateChecksumFromServer error message (#13810) (07414143)

fix panic error in transfermanager downloads (#13815) (42722719)

deadlock in event loop while coordinating channels (#13652) (7d9d00c6)

Documentation

Updated documentation for BidiReadObject, ReadObjectRequest, and ObjectContexts (PiperOrigin-RevId: 863087065) (611f2392)

Commits

0be35b0 chore(main): release spanner 1.60.0 (#9601)
79efda0 chore: add header & system param docs (#9591)
1c9a26e chore(storage/control): add config to generate apiv2 (#9600)
37ef892 chore(spanner): release v1.60.0 (#9597)
e4b663c feat: allow attempt direct path xds via env var (#9582)
1a04baf feat(auth): move credentials to base auth package (#9590)
93c7bc0 chore(secretmanager): add config to generate apiv1beta2 (#9593)
d6b1088 chore(internal/postprocessor): add validation command and CI (#9575)
141f2a5 chore: release main (#9571)
25c3f2d feat(datacatalog): Add RANGE type to Data Catalog (#9573)
Additional commits viewable in compare view

Updates github.com/fsouza/fake-gcs-server from 1.53.1 to 1.54.0

Release notes

Sourced from github.com/fsouza/fake-gcs-server's releases.

v1.54.0

What's Changed

Added support from gcloud cli resumable uploads by @danieldanieltata in fsouza/fake-gcs-server#1976

build(deps): bump google.golang.org/api from 0.264.0 to 0.265.0 by @dependabot[bot] in fsouza/fake-gcs-server#2134

build(deps): bump cloud.google.com/go/pubsub/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in fsouza/fake-gcs-server#2138

build(deps): bump @google-cloud/storage from 7.18.0 to 7.19.0 in /examples/node by @dependabot[bot] in fsouza/fake-gcs-server#2137

build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.35.0 by @dependabot[bot] in fsouza/fake-gcs-server#2139

build(deps): bump cloud.google.com/go/storage from 1.59.2 to 1.60.0 by @dependabot[bot] in fsouza/fake-gcs-server#2140

build(deps): bump docker/build-push-action from 6.18.0 to 6.19.1 by @dependabot[bot] in fsouza/fake-gcs-server#2141

build(deps): bump golang from 1.25 to 1.26 by @dependabot[bot] in fsouza/fake-gcs-server#2143

build(deps): bump google.golang.org/api from 0.265.0 to 0.266.0 by @dependabot[bot] in fsouza/fake-gcs-server#2142

build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.0 by @dependabot[bot] in fsouza/fake-gcs-server#2145

build(deps): bump docker/build-push-action from 6.19.1 to 6.19.2 by @dependabot[bot] in fsouza/fake-gcs-server#2144

Go 1.26 is out, drop 1.24 by @fsouza in fsouza/fake-gcs-server#2146

build(deps): bump google.golang.org/grpc from 1.79.0 to 1.79.1 by @dependabot[bot] in fsouza/fake-gcs-server#2147

Add environment variable support for all configuration options by @ota2000 in fsouza/fake-gcs-server#1925

Fix metadata headers not being preserved during upload and retrieval by @louisnow in fsouza/fake-gcs-server#2103

New Contributors

@danieldanieltata made their first contribution in fsouza/fake-gcs-server#1976

@ota2000 made their first contribution in fsouza/fake-gcs-server#1925

@louisnow made their first contribution in fsouza/fake-gcs-server#2103

Full Changelog: fsouza/fake-gcs-server@v1.53.1...v1.54.0

Commits

024d541 internal/config: remove usage of test := test
ec92f99 Fix metadata headers not being preserved during upload and retrieval (#2103)
0ec5cfa Add environment variable support for all configuration options (#1925)
eef285f build(deps): bump google.golang.org/grpc from 1.79.0 to 1.79.1 (#2147)
524ba69 Stop using the test := test hack
6a268d6 github/workflows/main: use Go 1.26 for linting
1d90985 examples/go: Go 1.26.0
6492478 Go 1.26 is out, drop 1.24
4f31450 build(deps): bump docker/build-push-action from 6.19.1 to 6.19.2 (#2144)
2a2a79f build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.0 (#2145)
Additional commits viewable in compare view

Updates github.com/transparency-dev/formats from 0.0.0-20251017110053-404c0d5b696c to 0.1.0

Release notes

Sourced from github.com/transparency-dev/formats's releases.

v0.1.0

What's Changed

Added link to GenerateKey and noted algorithm id is required by @mhutchinson in transparency-dev/formats#1

Added a section on checkpoint merging by @mhutchinson in transparency-dev/formats#2

Add CI test + coverage by @AlCutter in transparency-dev/formats#3

Add CODEOWNERS with default team assignment by @AlCutter in transparency-dev/formats#4

Added lint config and presubmit script by @mhutchinson in transparency-dev/formats#5

Format code according to go1.19rc2 by @mhutchinson in transparency-dev/formats#6

Create scorecards.yml by @AlCutter in transparency-dev/formats#7

Create codeql.yml by @AlCutter in transparency-dev/formats#8

Tighten action permissions by @AlCutter in transparency-dev/formats#9

Add dependabot.yml by @AlCutter in transparency-dev/formats#10

Pin GitHub actions to git hashes by @AlCutter in transparency-dev/formats#13

Breaking change: Change the log ID function to also include the origin string by @mhutchinson in transparency-dev/formats#15

Enable all the linters by @mhutchinson in transparency-dev/formats#20

Update go version to minimum supported version by @mhutchinson in transparency-dev/formats#21

Update the docs on Origin string re #22 by @mhutchinson in transparency-dev/formats#23

Update ecosystem -> origin. by @jiggoha in transparency-dev/formats#24

Update and rename scorecards.yml to scorecard.yml by @AlCutter in transparency-dev/formats#26

Add dns_name recommendations for the Origin by @phbnf in transparency-dev/formats#25

Update log ID to not include the public key. by @jiggoha in transparency-dev/formats#27

Added scorecard badge by @mhutchinson in transparency-dev/formats#30

Added scorecard token by @mhutchinson in transparency-dev/formats#31

Update linter action and version, and auto-update by @mhutchinson in transparency-dev/formats#32

Add a benchmark on signing/verifying by @AlCutter in transparency-dev/formats#43

Group dependabot updates by ecosystem by @AlCutter in transparency-dev/formats#52

Updated Slack channel details by @mhutchinson in transparency-dev/formats#64

Migrate signers by @AlCutter in transparency-dev/formats#66

Add support for extracting CoSigV1 timestamps from signatures by @AlCutter in transparency-dev/formats#69

Bump to go1.21 by @AlCutter in transparency-dev/formats#100

Add support for verifying Sunlight checkpoints by @AlCutter in transparency-dev/formats#99

Update dependabot weekly instead of daily by @mhutchinson in transparency-dev/formats#131

Drop dep on the certificate-transparency-go repo by @AlCutter in transparency-dev/formats#125

Update token used for scorecard by @mhutchinson in transparency-dev/formats#141

Bump to go1.22 by @AlCutter in transparency-dev/formats#148

Drop TLS dep entirely by @AlCutter in transparency-dev/formats#150

Fix cosig timestamp endianness by @AlCutter in transparency-dev/formats#153

Added test for sigsum ID by @mhutchinson in transparency-dev/formats#157

Fix typo by @phbnf in transparency-dev/formats#163

Bump go version from 1.22 to 1.23 by @roger2hk in transparency-dev/formats#179

Bump golangci lint by @AlCutter in transparency-dev/formats#183

Update slack invite link by @taknira in transparency-dev/formats#197

Added function to generate vkey from skey by @mhutchinson in transparency-dev/formats#199

Fix failed scorecard analysis by @roger2hk in transparency-dev/formats#205

Bump Go version in go test workflow by @roger2hk in transparency-dev/formats#206

Add support for native CosignatureV1 (alg 0x04) verifier keys by @AlCutter in transparency-dev/formats#216

Deps

... (truncated)

Commits

See full diff in compare view

Updates golang.org/x/crypto from 0.47.0 to 0.48.0

Commits

e08b067 go.mod: update golang.org/x dependencies
7d0074c scrypt: fix panic on parameters <= 0
See full diff in compare view

Updates golang.org/x/mod from 0.32.0 to 0.33.0

Commits

27761a2 go.mod: update golang.org/x dependencies
See full diff in compare view

Updates golang.org/x/net from 0.49.0 to 0.50.0

Commits

ebddb99 go.mod: update golang.org/x dependencies
4a490d4 internal/http3: add Expect: 100-continue support to ClientConn
73fe701 internal/http3: add Expect: 100-continue support to Server
af0c9df html: add NodeType.String() method
e02fb33 internal/http3: make responseWriter.Flush write headers if not done yet
da558ff internal/http3: ensure bodyReader cannot be read after being closed
d7c76fa internal/http3: make responseWriter behave closer to other http.ResponseWriter
64b3af9 http2: prevent transport deadlock due to WINDOW_UPDATE that exceeds limit
1973e8d internal/http3: add Server support for handling HEAD requests
57ea86d icmp, internal/socket, ipv4, ipv6: use binary.NativeEndian
Additional commits viewable in compare view

Updates google.golang.org/api from 0.265.0 to 0.266.0

Release notes

Sourced from google.golang.org/api's releases.

v0.266.0

0.266.0 (2026-02-10)

Features

all: Auto-regenerate discovery clients (#3483) (a3a61ce)

all: Auto-regenerate discovery clients (#3485) (200d140)

all: Auto-regenerate discovery clients (#3486) (870909e)

all: Auto-regenerate discovery clients (#3487) (6018e80)

all: Auto-regenerate discovery clients (#3489) (402353b)

all: Auto-regenerate discovery clients (#3490) (49c652f)

Changelog

Sourced from google.golang.org/api's changelog.

0.266.0 (2026-02-10)

Features

all: Auto-regenerate discovery clients (#3483) (a3a61ce)

all: Auto-regenerate discovery clients (#3485) (200d140)

all: Auto-regenerate discovery clients (#3486) (870909e)

all: Auto-regenerate discovery clients (#3487) (6018e80)

all: Auto-regenerate discovery clients (#3489) (402353b)

all: Auto-regenerate discovery clients (#3490) (49c652f)

Commits

26a317d chore(main): release 0.266.0 (#3484)
49c652f feat(all): auto-regenerate discovery clients (#3490)
b9fd5c2 chore(all): update all (#3488)
402353b feat(all): auto-regenerate discovery clients (#3489)
6018e80 feat(all): auto-regenerate discovery clients (#3487)
870909e feat(all): auto-regenerate discovery clients (#3486)
200d140 feat(all): auto-regenerate discovery clients (#3485)
a3a61ce feat(all): auto-regenerate discovery clients (#3483)
See full diff in compare view

Updates google.golang.org/grpc from 1.78.0 to 1.79.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.1

Bug Fixes

grpc: Remove the -dev suffix from the User-Agent header. (grpc/grpc-go#8902)

Release 1.79.0

API Changes

mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#8806)

Special Thanks: @vanja-p

experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#8780)

Behavior Changes

balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#8841)

New Features

experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#8780)

pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.

This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#8864)

xds: Implement :authority rewriting, as specified in gRFC A81. (#8779)

balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#8650)

Special Thanks: @marek-szews

Bug Fixes

credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#8726)

Special Thanks: @Atul1710

xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#8813)

health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#8765)

Special Thanks: @sanki92

transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#8769)

Special Thanks: @joybestourous

server: Propagate status detail headers, if available, when terminating a stream during request header processing. (#8754)

Special Thanks: @joybestourous

Performance Improvements

credentials/alts: Optimize read buffer alignment to reduce copies. (#8791)

mem: Optimize pooling and creation of buffer objects. (#8784)

transport: Reduce slice re-allocations by reserving slice capacity. (#8797)

Commits

782f2de Change version to 1.79.1 (#8902)
850eccb Change version to 1.79.1-dev (#8851)
765ff05 Change version to 1.79.0 (#8850)
68804be Cherry pick #8864 to v1.79.x (#8896)
0381eb6 xds: Support :authority header rewriting for LOGICAL_DNS clusters (#8822)
90f571d xds: remove references to ResolverState.Addresses (#8841)
679565f xds: remove HashKey field from xdsresource.Endpoint struct (#8844)
bb2073d mem: Allow overriding the default buffer pool. (#8806)
bd4444a Fix flaky TestServer_RedundantUpdateSuppression. (#8839)
623b3f0 test: add regression test for RecvMsg() error shadowing #7510 (#8820)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all-deps group with 8 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.59.2` | `1.60.0` | | [github.com/fsouza/fake-gcs-server](https://github.com/fsouza/fake-gcs-server) | `1.53.1` | `1.54.0` | | [github.com/transparency-dev/formats](https://github.com/transparency-dev/formats) | `0.0.0-20251017110053-404c0d5b696c` | `0.1.0` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.47.0` | `0.48.0` | | [golang.org/x/mod](https://github.com/golang/mod) | `0.32.0` | `0.33.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.49.0` | `0.50.0` | | [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.265.0` | `0.266.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.78.0` | `1.79.1` | Updates `cloud.google.com/go/storage` from 1.59.2 to 1.60.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@storage/v1.59.2...spanner/v1.60.0) Updates `github.com/fsouza/fake-gcs-server` from 1.53.1 to 1.54.0 - [Release notes](https://github.com/fsouza/fake-gcs-server/releases) - [Commits](fsouza/fake-gcs-server@v1.53.1...v1.54.0) Updates `github.com/transparency-dev/formats` from 0.0.0-20251017110053-404c0d5b696c to 0.1.0 - [Release notes](https://github.com/transparency-dev/formats/releases) - [Commits](https://github.com/transparency-dev/formats/commits/v0.1.0) Updates `golang.org/x/crypto` from 0.47.0 to 0.48.0 - [Commits](golang/crypto@v0.47.0...v0.48.0) Updates `golang.org/x/mod` from 0.32.0 to 0.33.0 - [Commits](golang/mod@v0.32.0...v0.33.0) Updates `golang.org/x/net` from 0.49.0 to 0.50.0 - [Commits](golang/net@v0.49.0...v0.50.0) Updates `google.golang.org/api` from 0.265.0 to 0.266.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.265.0...v0.266.0) Updates `google.golang.org/grpc` from 1.78.0 to 1.79.1 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.78.0...v1.79.1) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-version: 1.60.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: github.com/fsouza/fake-gcs-server dependency-version: 1.54.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: github.com/transparency-dev/formats dependency-version: 0.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: golang.org/x/crypto dependency-version: 0.48.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: golang.org/x/mod dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: golang.org/x/net dependency-version: 0.50.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: google.golang.org/api dependency-version: 0.266.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: google.golang.org/grpc dependency-version: 1.79.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 16, 2026

dependabot bot requested a review from a team as a code owner February 16, 2026 02:19

dependabot bot added the dependencies Pull requests that update a dependency file label Feb 16, 2026

dependabot bot requested review from AlCutter and removed request for a team February 16, 2026 02:19

dependabot bot added the go Pull requests that update Go code label Feb 16, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-deps group with 8 updates#702

Bump the all-deps group with 8 updates#702
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-deps-4e446a5a40

dependabot bot commented on behalf of github Feb 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Feb 16, 2026

storage 1.60.0

1.60.0 (2026-02-10)

Features

Bug Fixes

Documentation

v1.54.0

What's Changed

New Contributors

v0.1.0

What's Changed

Deps

v0.266.0

0.266.0 (2026-02-10)

Features

0.266.0 (2026-02-10)

Features

Release 1.79.1

Bug Fixes

Release 1.79.0

API Changes

Behavior Changes

New Features

Bug Fixes

Performance Improvements

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants