Sourced from github.com/KimMachineGun/automemlimit's releases.

v0.7.2

What's Changed

• fix(memlimit): fix mountinfo validation logic when super options have spaces by @​KimMachineGun in https://github.com/KimMachineGun/automemlimit/commit/a659ed11b8c2b268723cc09710e52a4bddfcf5bb

Full Changelog: https://github.com/KimMachineGun/automemlimit/compare/v0.7.1...v0.7.2

• a9a712b ci: bump ubuntu version
• a659ed1 fix(memlimit): fix mountinfo validation logic when super options have spaces
• b5e3683 chore(examples/gosigar): remove gosigar example
• See full diff in compare view

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.55.7 (2025-04-22)

SDK Bugs

• service/s3/s3manager: Abort multipart download if object is modified during download
  • Fixes 4986

• 163aada release v1.55.7 (2025-04-22) (#5346)
• 9eb2bfd Abort multi part download if the object is modified during download
• 8d203cc Update bug-report.yml
• See full diff in compare view

• 495c409 client: introduce DataCommand
• f9e8d24 Implement RRVS
• e2dbc50 server: handle newline characters in error messages
• b7d48ab Upgrade dependencies
• 8a5b093 Add checking for auth to Server example
• c6c3019 server: reset session on EHLO
• e764d71 client: allow manual Hello after Reset
• 274020d readme: drop CI badge
• b63eede client: save greet error
• 75e52af Allow manual Hello after StartTLS
• Additional commits viewable in compare view

Sourced from github.com/getsentry/sentry-go's releases.

0.32.0

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.32.0.

Breaking Changes

• Bump the minimum Go version to 1.22. The supported versions are 1.22, 1.23 and 1.24. (#967)
• Setting any values on span.Extra has no effect anymore. Use SetData(name string, value interface{}) instead. (#864)

Features

• Add a MockTransport and MockScope. (#972)

Bug Fixes

• Fix writing *http.Request in the Logrus JSONFormatter. (#955)

Misc

• Transaction data attributes are now seralized as trace context data attributes, allowing you to query these attributes in the Trace Explorer.

Sourced from github.com/getsentry/sentry-go's changelog.

0.32.0

The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.32.0.

Breaking Changes

• Bump the minimum Go version to 1.22. The supported versions are 1.22, 1.23 and 1.24. (#967)
• Setting any values on span.Extra has no effect anymore. Use SetData(name string, value interface{}) instead. (#864)

Features

• Add a MockTransport and MockScope. (#972)

Bug Fixes

• Fix writing *http.Request in the Logrus JSONFormatter. (#955)

Misc

• Transaction data attributes are now seralized as trace context data attributes, allowing you to query these attributes in the Trace Explorer.

• 530f74d release: 0.32.0
• e068944 Prepare 0.32.0 (#992)
• 32c062f Add transaction.data to contexts.trace.data (#864)
• 6019770 Fix lint issues (#981)
• cfbfc6b Expose MockTransport, MockScope in root sentry package (#972)
• a4e0ea8 Remove github token in lint (#982)
• 031ec47 build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.5.0 (#975)
• bdbb6be build(deps): bump codecov/codecov-action from 5.3.1 to 5.4.0 (#974)
• 3d8d0e1 build(deps): bump actions/create-github-app-token from 1.11.2 to 1.11.5 (#973)
• e56ac30 build(deps): bump codecov/codecov-action from 5.1.2 to 5.3.1 (#962)
• Additional commits viewable in compare view

Sourced from github.com/gorilla/csrf's releases.

v1.7.3

This Release fixes the following:

• CVE-2025-24358

Full Changelog: https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3

• 9dd6af1 Merge commit from fork
• See full diff in compare view

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.11.3

Changelog

Refer to the 2.11 Upgrade Guide for backwards compatibility notes with 2.10.x.

Go Version

• 1.24.2

Added

MQTT

• New js_api_timeout option controls how long to wait for JetStream operations caused by MQTT calls (#6833)

Improved

JetStream

• Reduced allocations in subject tree matching (#6837)

Fixed

General

• Fixed TLS 1.2 negotiation when using ECDSA certificates from the Windows certificate store (#6803)

JetStream

• Fix a regression introduced in v2.11.2 which can affect calculating consumer subject interest (#6845)
• Consumer state reporting of filtered consumers is now more consistent (#6835)
• Raft nodes will now correctly report to the upper layer when a preferred node does not become the leader, fixing some issues where multiple assets can believe they are the leader after a scale-up operation (#6851)

Monitoring

• The connz endpoint will now return open connections correctly with state set to all (#6849)

Complete Changes

https://github.com/nats-io/nats-server/compare/v2.11.2...v2.11.3

Release v2.11.3-RC.2

Changelog

Refer to the 2.11 Upgrade Guide for backwards compatibility notes with 2.10.x.

Go Version

• 1.24.2

... (truncated)

• a82cfda Release v2.11.3
• 707f953 TLS 1.2 Negotiation on Windows with ECDSA server certificate (#6803)
• 47d3b26 fix: TLS 1.2 negotiation on windows with ECDSA cert
• 743429f Add test to demonstrate TLS1.2 issue on Windows
• 852a8ce Release v2.11.3-RC.2
• 433b200 [ADDED] MQTT: allow custom timeout for JS API calls (#6833)
• 5ddbdbd [FIXED] Monitoring: Issue with Connz filters "cid" and "state=all" (#6849)
• ba329b9 NRG: Stepping down from preferred candidate (#6851)
• ea43d74 NRG: Stepping down from preferred candidate
• c2042ca Release v2.11.3-RC.1
• Additional commits viewable in compare view

Sourced from github.com/nats-io/nats.go's releases.

Release v1.41.2

Changelog

ADDED

• Core NATS:
  • Add nc.RemoveStatusListener() method (#1856)

FIXED

• Legacy JetStream:
  • Fix Fetch and FetchBatch memory leak (#1856)
• Legacy KeyValue:
  • Use context in when purging stream in kv.PurgeDeletes() (#1858)
• Bump golang.org/x/crypto to fix vulnerability (#1857)

Complete Changes

https://github.com/nats-io/nats.go/compare/v1.41.1...v1.41.2

Release v1.41.1

Changelog

FIXED

• ObjectStore:
  • Use default timeout for ObjectStore.Get when no deadline is set on ctx (#1850)

IMPROVED

• Remove golang.org/x/text dependency (#1849)

Complete Changes

https://github.com/nats-io/nats.go/compare/v1.41.0...v1.41.1

• d1cdbf5 Release v1.41.2 (#1859)
• ca54e50 [FIXED] Bump golang.org/x/crypto to fix vulnerability (#1857)
• aeebc8d [FIXED] Use context in when purging stream in kv.PurgeDeletes() (#1858)
• 7bfd96a [FIXED] Add RemoveStatusListener method and fixFetch memory leak (#1856)
• 50e6153 Release v1.41.1 (#1851)
• e04728e [FIXED] Use default timeout for ObjectStore.Get when no deadline is set on ct...
• 8a2bd73 [IMPROVED] Remove golang.org/x/text dependency (#1849)
• See full diff in compare view

Sourced from github.com/prometheus/client_golang's releases.

v1.22.0 - 2025-04-07

:warning: This release contains potential breaking change if you use experimental zstd support introduce in #1496 :warning:

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)

• [FEATURE] prometheus: Add new CollectorFunc utility #1724
• [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
• [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
• [CHANGE] :warning: promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

• build(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0 by @​dependabot in prometheus/client_golang#1720
• build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.3 by @​dependabot in prometheus/client_golang#1719
• Update RELEASE.md by @​bwplotka in prometheus/client_golang#1721
• chore(docs): Add links for the upstream PRs by @​kakkoyun in prometheus/client_golang#1722
• Added tips on releasing client and checking with k8s. by @​bwplotka in prometheus/client_golang#1723
• feat: Add new CollectorFunc utility by @​Saumya40-codes in prometheus/client_golang#1724
• build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @​dependabot in prometheus/client_golang#1725
• build(deps): bump the github-actions group with 5 updates by @​dependabot in prometheus/client_golang#1726
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1727
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1731
• build(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0 by @​dependabot in prometheus/client_golang#1739
• build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @​dependabot in prometheus/client_golang#1740
• Cleanup dependabot config by @​SuperQ in prometheus/client_golang#1741
• Upgrade Golang version v1.24 by @​dongjiang1989 in prometheus/client_golang#1738
• build(deps): bump the github-actions group with 2 updates by @​dependabot in prometheus/client_golang#1742
• Merging 1.21 release back to main. by @​bwplotka in prometheus/client_golang#1744
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/client_golang#1745
• Add support for undocumented query options for API by @​mahendrapaipuri in prometheus/client_golang#1743
• exp/api: Add experimental exp module; Add remote API with write client and handler. by @​bwplotka in prometheus/client_golang#1658
• exp/api: Add accepted msg type validation to handler by @​saswatamcode in prometheus/client_golang#1750
• build(deps): bump the github-actions group with 5 updates by @​dependabot in prometheus/client_golang#1751
• build(deps): bump github.com/klauspost/compress from 1.17.11 to 1.18.0 by @​dependabot in prometheus/client_golang#1752
• build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @​dependabot in prometheus/client_golang#1753
• exp: Reset snappy buf by @​saswatamcode in prometheus/client_golang#1756
• Merge release 1.21.1 to main. by @​bwplotka in prometheus/client_golang#1762
• exp: Add dependabot config by @​saswatamcode in prometheus/client_golang#1754
• build(deps): bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 in the github-actions group by @​dependabot in prometheus/client_golang#1764

... (truncated)

Sourced from github.com/prometheus/client_golang's changelog.

1.22.0 / 2025-04-07

:warning: This release contains potential breaking change if you use experimental zstd support introduce in #1496 :warning:

Experimental support for zstd on scrape was added, controlled by the request Accept-Encoding header. It was enabled by default since version 1.20, but now you need to add a blank import to enable it. The decision to make it opt-in by default was originally made because the Go standard library was expected to have default zstd support added soon, golang/go#62513 however, the work took longer than anticipated and it will be postponed to upcoming major Go versions.

e.g.:

import (
  _ "github.com/prometheus/client_golang/prometheus/promhttp/zstd"
)

• [FEATURE] prometheus: Add new CollectorFunc utility #1724
• [CHANGE] Minimum required Go version is now 1.22 (we also test client_golang against latest go version - 1.24) #1738
• [FEATURE] api: WithLookbackDelta and WithStats options have been added to API client. #1743
• [CHANGE] :warning: promhttp: Isolate zstd support and klauspost/compress library use to promhttp/zstd package. #1765

• d50be25 Cut 1.22.0 (#1793)
• 1043db7 Cut 1.22.0-rc.0 (#1768)
• e575c9c promhttp: Isolate zstd support and klauspost/compress library use to promhttp...
• f2276aa Merge pull request #1764 from prometheus/dependabot/github_actions/github-act...
• 9df772c build(deps): bump peter-evans/create-pull-request
• a3548c5 Merge pull request #1754 from saswatamcode/exp-eh
• 60fd2b0 Remove go.work file for now
• 8f9d0de exp: Add dependabot config
• c5cf981 Merge pull request #1762 from prometheus/release-1.21
• e84c305 exp: Reset snappy buf (#1756)
• Additional commits viewable in compare view

Sourced from github.com/redis/go-redis/v9's releases.

v9.8.0

9.8.0 (2025-04-30)

🚀 Highlights

• Redis 8 Support: Full compatibility with Redis 8.0, including testing and CI integration
• Enhanced Hash Operations: Added support for new hash commands (HGETDEL, HGETEX, HSETEX) and HSTRLEN command
• Search Improvements: Enabled Search DIALECT 2 by default and added CountOnly argument for FT.Search

✨ New Features

• Added support for new hash commands: HGETDEL, HGETEX, HSETEX (#3305)
• Added HSTRLEN command for hash operations (#2843)
• Added Do method for raw query by single connection from pool.Conn() (#3182)
• Prevent false-positive marshaling by treating zero time.Time as empty in isEmptyValue (#3273)
• Added FailoverClusterClient support for Universal client (#2794)
• Added support for cluster mode with IsClusterMode config parameter (#3255)
• Added client name support in HELLO RESP handshake (#3294)
• Enabled Search DIALECT 2 by default (#3213)
• Added read-only option for failover configurations (#3281)
• Added CountOnly argument for FT.Search to use LIMIT 0 0 (#3338)
• Added DB option support in NewFailoverClusterClient (#3342)
• Added nil check for the options when creating a client (#3363)

🐛 Bug Fixes

• Fixed PubSub concurrency safety issues (#3360)
• Fixed panic caused when argument is nil (#3353)
• Improved error handling when fetching master node from sentinels (#3349)
• Fixed connection pool timeout issues and increased retries (#3298)
• Fixed context cancellation error leading to connection spikes on Primary instances (#3190)
• Fixed RedisCluster client to consider MASTERDOWN a retriable error (#3164)
• Fixed tracing to show complete commands instead of truncated versions (#3290)
• Fixed OpenTelemetry instrumentation to prevent multiple span reporting (#3168)
• Fixed FT.Search Limit argument and added CountOnly argument for limit 0 0 (#3338)
• Fixed missing command in interface (#3344)
• Fixed slot calculation for COUNTKEYSINSLOT command (#3327)
• Updated PubSub implementation with correct context (#3329)

📚 Documentation

• Added hash search examples (#3357)
• Fixed documentation comments (#3351)
• Added CountOnly search example (#3345)
• Added examples for list commands: LLEN, LPOP, LPUSH, LRANGE, RPOP, RPUSH (#3234)
• Added SADD and SMEMBERS command examples (#3242)
• Updated README.md to use Redis Discord guild (#3331)
• Updated HExpire command documentation (#3355)
• Featured OpenTelemetry instrumentation more prominently (#3316)
• Updated README.md with additional information (#310ce55)

⚡ Performance and Reliability

• Bound connection pool background dials to configured dial timeout (#3089)
• Ensured context isn't exhausted via concurrent query (#3334)

... (truncated)

• fba6dec Merge branch 'master' into v9.8
• 46ede21 chore(release): Update version to v9.8.0
• 2299211 feat(options): panic when options are nil (#3363)
• 8f58235 chore(ci): Use redis 8 rc2 image. (#3361)
• 09dc351 migrate golangci-lint config to v2 format (#3354)
• cb2cfb0 fix: PubSub isn't concurrency-safe (#3360)
• 46d4b20 feat: func isEmptyValue support time.Time (#3273)
• f9b0e70 update HExpire command documentation (#3355)
• b28606c Update README.md, use redis discord guild (#3331)
• adb4798 fix: Fix panic caused when arg is nil (#3353)
• Additional commits viewable in compare view

Sourced from github.com/spf13/cast's releases.

v1.8.0

What's Changed

• Updates by @​sagikazarmark in spf13/cast#237
• Bump actions/setup-go from 4.0.1 to 4.1.0 by @​dependabot in spf13/cast#193
• Generic by @​sagikazarmark in spf13/cast#238
• Add unsigned integer support in ToStringSliceE function by @​nicklaus-dev in spf13/cast#200
• Add function to cast interface{} to []float64 by @​ste93cry in spf13/cast#179
• Add cast methods ToUintSlice by @​nmvalera in spf13/cast#236
• build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 by @​dependabot in spf13/cast#240
• build(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by @​dependabot in spf13/cast#239
• build(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by @​dependabot in spf13/cast#242
• Add ToInt64Slice() and ToInt64SliceE() by @​arui1628 in spf13/cast#234

New Contributors

• @​nicklaus-dev made their first contribution in spf13/cast#200
• @​ste93cry made their first contribution in spf13/cast#179
• @​nmvalera made their first contribution in spf13/cast#236
• @​arui1628 made their first contribution in spf13/cast#234

Full Changelog: https://github.com/spf13/cast/compare/v1.7.1...v1.8.0

• 01004f2 Merge pull request #234 from arui1628/master
• 4f997d9 refactor: use generic toSlice for ToInt64SliceE
• 76b8370 Merge pull request #242 from spf13/dependabot/github_actions/github/codeql-ac...
• 0af7fb9 build(deps): bump github/codeql-action from 3.28.15 to 3.28.17
• 929f138 Add ToInt64Slice() and ToInt64SliceE()
• ac031ef Merge pull request #239 from spf13/dependabot/github_actions/github/codeql-ac...
• 79b62f3 Merge pull request #240 from spf13/dependabot/github_actions/actions/dependen...
• 1bd7e4f build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0
• 0c806f9 build(deps): bump github/codeql-action from 2.13.4 to 3.28.15
• e929a71 Merge pull request #236 from nmvalera/master
• Additional commits viewable in compare view

• 959f8f3 go.mod: update golang.org/x dependencies
• 769bcd6 ssh: use the configured rand in kex init
• d0a798f cryptobyte: fix typo 'octects' into 'octets' for asn1.go
• acbcbef acme: remove unnecessary []byte conversion
• 376eb14 x509roots: support constrained roots
• b369b72 crypto/internal/poly1305: implement function update in assembly on loong64
• 6b853fb ssh/knownhosts: check more than one key
• See full diff in compare view

• 7d6e62a go.mod: update golang.org/x dependencies
• ea0c1d9 internal/timeseries: use built-in max/min to simplify the code
• 3e7a445 quic: skip packet numbers for optimistic ack defense
• 3f563d3 quic: use an enum for sentPacket state
• a3b6e77 quic: don't re-lose packets when discarding keys
• 22500a6 quic: decode packet numbers >255 in tests
• dd0b200 quic: remove go1.21 build constraint
• b8d8877 go.mod: update golang.org/x dependencies
• See full diff in compare view

• cf14319 oauth2: fix expiration time window check
• 32d34ef internal: include clientID in auth style cache key
• 2d34e30 oauth2: replace a magic number with AuthStyleUnknown
• 696f7b3 all: modernize with doc links and any
• 471209b oauth2: drop dependency on go-cmp
• 6968da2 oauth2: sync Token.ExpiresIn from internal Token
• d2c4e0a oauth2: context instead of golang.org/x/net/context in doc
• 883dc3c endpoints: add various endpoints from stale CLs
• 1c06e87 all: make use of oauth.Token.ExpiresIn
• 65c15a3 oauth2: remove extra period
• Additional commits viewable in compare view

• 506c70f errgroup: propagate panic and Goexit through Wait
• 396f3a0 errgroup: document calling Go before Wait
• See full diff in compare view

Sourced from google.golang.org/grpc's releases.

Release 1.72.0

Dependencies

• Minimum supported Go version is now 1.23 (#8108)

API Changes

• resolver: add experimental AddressMapV2 with generics to ultimately replace AddressMap. Deprecate AddressMap for deletion (#8187)
• resolver: convert EndpointMap in place to use generics (#8189)

New Features

• xds: add grpc.xds_client.server_failure counter metric on xDS client to record connectivity errors (#8203)
• balancer/rls: allow maxAge to exceed 5 minutes if staleAge is set in the LB policy configuration (#8137)
• ringhash: implement gRFC A76 improvements. (#8159)
• pickfirst: The new pick first LB policy is made the default. The new LB policy implements the Happy Eyeballs algorithm. To disable the new policy set the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to false (case insensitive).

Bug Fixes

• xds: fix support for circuit breakers and load reporting in LOGICAL_DNS clusters (#8169, #8170)
• xds/cds: improve RPC error messages when resources are not found (#8122)
• balancer/priority: fix race that could leak balancers and goroutines during shutdown (#8095)
• stats/opentelemetry: fix trace attributes message sequence numbers to start from 0 (#8237)
• balancer/pickfirstleaf: fix panic if deprecated Address.Metadata field is set to a non-comparable value by ignoring the field (#8227)

Behavior Changes

• transport: make servers send an HTTP/2 RST_STREAM frame to cancel a stream when the deadline expires (#8071)

Documentation

• stats: clarify the expected sequence of events on a stats handler (#7885)
  • Special Thanks: @​RyanBlaney

• a43eba6 Change version to 1.72.0 (#8218)
• 48f48c1 balancer/pickfirstleaf: Avoid reading Address.Metadata (#8227) (#8259)
• fd6f585 Cherry-pick #8159 and #8243 to v1.72.x (#8255)
• 79ca174 stats/opentelemetry: fix trace attributes message sequence numbers to start f...
• 57a2605 xdsclient: fix TestServerFailureMetrics_BeforeResponseRecv test to wait for w...
• 5edab9e xdsclient: add grpc.xds_client.server_failure counter mertric (#8203)
• 78ba661 regenerate protos (#8208)
• 6819ed7 delegatingresolver: Stop calls into delegates once the parent resolver is clo...
• a51009d resolver: convert EndpointMap to use generics (#8189)
• b0d1203 resolver: create AddressMapV2 with generics to replace AddressMap (#8187)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions