Sourced from github.com/go-logr/logr's releases.

v1.4.3

Minor release.

What's Changed

• Fix slog tests for 1.25 by @​hoeppi-google in go-logr/logr#361
• Remove one exception from Slog testing by @​thockin in go-logr/logr#362

New Contributors

• @​hoeppi-google made their first contribution in go-logr/logr#361

Full Changelog: https://github.com/go-logr/logr/compare/v1.4.2...v1.4.3

• 38a1c47 build(deps): bump github/codeql-action from 3.28.17 to 3.28.18
• f08bedd build(deps): bump actions/setup-go from 5.4.0 to 5.5.0
• 6295e99 build(deps): bump golangci/golangci-lint-action from 7.0.0 to 8.0.0
• 028840d build(deps): bump github/codeql-action from 3.28.15 to 3.28.17
• 511e5fa Merge pull request #367 from go-logr/dependabot/github_actions/github/codeql-...
• d806463 build(deps): bump github/codeql-action from 3.28.13 to 3.28.15
• 158c311 Merge pull request #366 from thockin/master
• c79ddb3 Update to support golangci-lint v2
• 20a64ba build(deps): bump github/codeql-action from 3.28.12 to 3.28.13
• 0385e14 Add comments around slog exceptions
• Additional commits viewable in compare view

• e1f5485 Add a new RateLimitLinearJitterBackoff policy
• b0cac1e Merge pull request #262 from hashicorp/dependabot-intge
• 66c110b few new parameters added to dependabot.yml
• 25b39e6 IND-3836 additions of new parameters to dependabot.yml
• eeac125 add comment for bodyType param in client.Post
• 390c1d8 Merge pull request #254 from hashicorp/compliance/add-headers
• f4d7325 [COMPLIANCE] Add Copyright and License Headers
• a881d6c Merge pull request #251 from hashicorp/build-test
• 9c1b40b go-version matrix updated
• e3867e3 resolved comments
• Additional commits viewable in compare view

Sourced from github.com/hashicorp/vault/api's releases.

v1.20.0

1.20.0

June 25, 2025

SECURITY:

• core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794]

CHANGES:

• UI: remove outdated and unneeded js string extensions [GH-29834]
• activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.
• activity (enterprise): provided values for start_time and end_time in sys/internal/counters/activity are aligned to the corresponding billing period.
• activity: provided value for end_time in sys/internal/counters/activity is now capped at the end of the last completed month. [GH-30164]
• api: Update the default API client to check for the Retry-After header and, if it exists, wait for the specified duration before retrying the request. [GH-30887]
• auth/alicloud: Update plugin to v0.21.0 [GH-30810]
• auth/azure: Update plugin to v0.20.2. Login requires resource_group_name, vm_name, and vmss_name to match token claims [GH-30052]
• auth/azure: Update plugin to v0.20.3 [GH-30082]
• auth/azure: Update plugin to v0.20.4 [GH-30543]
• auth/azure: Update plugin to v0.21.0 [GH-30872]
• auth/azure: Update plugin to v0.21.1 [GH-31010]
• auth/cf: Update plugin to v0.20.1 [GH-30583]
• auth/cf: Update plugin to v0.21.0 [GH-30842]
• auth/gcp: Update plugin to v0.20.2 [GH-30081]
• auth/jwt: Update plugin to v0.23.2 [GH-30431]
• auth/jwt: Update plugin to v0.24.1 [GH-30876]
• auth/kerberos: Update plugin to v0.15.0 [GH-30845]
• auth/kubernetes: Update plugin to v0.22.1 [GH-30910]
• auth/oci: Update plugin to v0.19.0 [GH-30841]
• auth/saml: Update plugin to v0.6.0
• core: Bump Go version to 1.24.4.
• core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [GH-29774]
• database/couchbase: Update plugin to v0.14.0 [GH-30836]
• database/elasticsearch: Update plugin to v0.18.0 [GH-30796]
• database/mongodbatlas: Update plugin to v0.15.0 [GH-30856]
• database/redis-elasticache: Update plugin to v0.7.0 [GH-30785]
• database/redis: Update plugin to v0.6.0 [GH-30797]
• database/snowflake: Update plugin to v0.14.0 [GH-30748]
• database/snowflake: Update plugin to v0.14.1 [GH-30868]
• logical/system: add ent stub for plugin catalog handling [GH-30890]
• quotas/rate-limit: Round up the Retry-After value to the nearest second when calculating the retry delay. [GH-30887]
• secrets/ad: Update plugin to v0.21.0 [GH-30819]
• secrets/alicloud: Update plugin to v0.20.0 [GH-30809]
• secrets/azure: Update plugin to v0.21.2 [GH-30037]
• secrets/azure: Update plugin to v0.21.3 [GH-30083]
• secrets/azure: Update plugin to v0.22.0 [GH-30832]
• secrets/gcp: Update plugin to v0.21.2 [GH-29970]
• secrets/gcp: Update plugin to v0.21.3 [GH-30080]
• secrets/gcp: Update plugin to v0.22.0 [GH-30846]
• secrets/gcpkms: Update plugin to v0.21.0 [GH-30835]

... (truncated)

Sourced from github.com/hashicorp/vault/api's changelog.

1.20.0

June 25, 2025

SECURITY:

• core: require a nonce when cancelling a rekey operation that was initiated within the last 10 minutes. [GH-30794],[HCSEC-2025-11]

CHANGES:

• UI: remove outdated and unneeded js string extensions [GH-29834]
• activity (enterprise): The sys/internal/counters/activity endpoint will return actual values for new clients in the current month.
• activity (enterprise): provided values for start_time and end_time in sys/internal/counters/activity are aligned to the corresponding billing period.
• activity: provided value for end_time in sys/internal/counters/activity is now capped at the end of the last completed month. [GH-30164]
• api: Update the default API client to check for the Retry-After header and, if it exists, wait for the specified duration before retrying the request. [GH-30887]
• auth/alicloud: Update plugin to v0.21.0 [GH-30810]
• auth/azure: Update plugin to v0.20.2. Login requires resource_group_name, vm_name, and vmss_name to match token claims [GH-30052]
• auth/azure: Update plugin to v0.20.3 [GH-30082]
• auth/azure: Update plugin to v0.20.4 [GH-30543]
• auth/azure: Update plugin to v0.21.0 [GH-30872]
• auth/azure: Update plugin to v0.21.1 [GH-31010]
• auth/cf: Update plugin to v0.20.1 [GH-30583]
• auth/cf: Update plugin to v0.21.0 [GH-30842]
• auth/gcp: Update plugin to v0.20.2 [GH-30081]
• auth/jwt: Update plugin to v0.23.2 [GH-30431]
• auth/jwt: Update plugin to v0.24.1 [GH-30876]
• auth/kerberos: Update plugin to v0.15.0 [GH-30845]
• auth/kubernetes: Update plugin to v0.22.1 [GH-30910]
• auth/oci: Update plugin to v0.19.0 [GH-30841]
• auth/saml: Update plugin to v0.6.0
• core: Bump Go version to 1.24.4.
• core: Verify that the client IP address extracted from an X-Forwarded-For header is a valid IPv4 or IPv6 address [GH-29774]
• database/couchbase: Update plugin to v0.14.0 [GH-30836]
• database/elasticsearch: Update plugin to v0.18.0 [GH-30796]
• database/mongodbatlas: Update plugin to v0.15.0 [GH-30856]
• database/redis-elasticache: Update plugin to v0.7.0 [GH-30785]
• database/redis: Update plugin to v0.6.0 [GH-30797]
• database/snowflake: Update plugin to v0.14.0 [GH-30748]
• database/snowflake: Update plugin to v0.14.1 [GH-30868]
• logical/system: add ent stub for plugin catalog handling [GH-30890]
• quotas/rate-limit: Round up the Retry-After value to the nearest second when calculating the retry delay. [GH-30887]
• secrets/ad: Update plugin to v0.21.0 [GH-30819]
• secrets/alicloud: Update plugin to v0.20.0 [GH-30809]
• secrets/azure: Update plugin to v0.21.2 [GH-30037]
• secrets/azure: Update plugin to v0.21.3 [GH-30083]
• secrets/azure: Update plugin to v0.22.0 [GH-30832]
• secrets/gcp: Update plugin to v0.21.2 [GH-29970]
• secrets/gcp: Update plugin to v0.21.3 [GH-30080]
• secrets/gcp: Update plugin to v0.22.0 [GH-30846]
• secrets/gcpkms: Update plugin to v0.21.0 [GH-30835]
• secrets/kubernetes: Update plugin to v0.11.0 [GH-30855]

... (truncated)

• 6fdd6b5 [VAULT-37323] This is an automated pull request to build all artifacts for a ...
• aa9c6cc Backport of Add Enos benchmark scenario into release/1.20.x (#31055)
• fbdc4e9 backport of commit 0e11fbfe59f8d38f36384269019991891bf64400 (#31060)
• f168725 backport of commit ed31706e40227be22f1d61de82f15713643634ce (#31047)
• 4721701 backport of commit 642b4f18173d8c5d759ab840c7a2f010b262f7ae (#31046)
• 030d564 backport of commit 1d2c3caa21dea8b233ee069303820f383c11ff9e (#31040)
• 469b476 [DOCS] LTS upgrade summary (#30981) (#31041)
• dbac299 backport of commit bc7456370fc5e3c56eeecbbe4cbe1f7bf86dca61 (#31039)
• be7fcd6 backport of commit d755c7cd1d826835c98e1843bea975ac17a75278 (#31033)
• 78ae0ca enos(fips1403): simplify semver constraint to only consider currently mixed v...
• Additional commits viewable in compare view

Sourced from github.com/spf13/cast's releases.

v1.9.2

What's Changed

• fix: float string to number parsing by @​sagikazarmark in spf13/cast#276

Full Changelog: https://github.com/spf13/cast/compare/v1.9.1...v1.9.2

v1.9.1

What's Changed

• fix: indirection of typed nils by @​sagikazarmark in spf13/cast#273

Full Changelog: https://github.com/spf13/cast/compare/v1.9.0...v1.9.1

v1.9.0

Notable new features 🎉

• Casting from type aliases is now supported for basic types
• Added generic functions: To/ToE, Must, ToNumber/ToNumberE
• Increased test coverage
• Converting float numbers from string is now supported

What's Changed

• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​dependabot in spf13/cast#248
• build(deps): bump actions/dependency-review-action from 4.6.0 to 4.7.1 by @​dependabot in spf13/cast#247
• build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @​dependabot in spf13/cast#245
• refactor: move number parsing to generic functions by @​sagikazarmark in spf13/cast#250
• Improve ToString/ToStringE performance by @​ganigeorgiev in spf13/cast#244
• Split caste.go into smaller files by @​sagikazarmark in spf13/cast#251
• refactor: remove unused initial int conversion by @​sagikazarmark in spf13/cast#253
• Generate code to make maintenance easier by @​sagikazarmark in spf13/cast#252
• feat: add To and ToNumber functions by @​sagikazarmark in spf13/cast#255
• build(deps): bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 by @​dependabot in spf13/cast#243
• Move tests next to their implementation by @​sagikazarmark in spf13/cast#256
• Refactor number tests by @​sagikazarmark in spf13/cast#257
• feat: return 0 when casting an empty string to a number by @​sagikazarmark in spf13/cast#259
• Support converting string float numbers to integer types by @​sagikazarmark in spf13/cast#261
• Test improvements by @​sagikazarmark in spf13/cast#262
• Improvements by @​sagikazarmark in spf13/cast#263
• refactor: return indirection result from indirect function by @​sagikazarmark in spf13/cast#264
• Slice improvements by @​sagikazarmark in spf13/cast#265
• refactor: move error message to a constant by @​sagikazarmark in spf13/cast#267
• chore: improve map cast functions by @​sagikazarmark in spf13/cast#269
• Resolve aliases by @​sagikazarmark in spf13/cast#271

New Contributors

• @​ganigeorgiev made their first contribution in spf13/cast#244

Full Changelog: https://github.com/spf13/cast/compare/v1.8.0...v1.9.0

• 40e8e07 Merge pull request #276 from spf13/improve-string-float
• fa4ea64 fix: float string to number parsing
• cb5df5f Merge pull request #273 from spf13/fix-indiretion
• 1b425f3 fix: indirection of typed nils
• a79ffed Merge pull request #271 from spf13/alias
• 3166f3b test: add more alias tests
• f8fe065 chore: bump minimum Go version to 1.21
• 9ffddd4 feat: add alias resolution
• a6d26bd feat: add alias resolution function
• 633e5d0 Merge pull request #269 from spf13/maps
• Additional commits viewable in compare view

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.17.4

The MongoDB Go Driver Team is pleased to release version 1.17.4 of the official MongoDB Go Driver.

Release Notes

This release resolves two bugs in the Go Driver: it removes a buggy and unnecessary connection liveness check that could run unexpectedly or fail intermittently when maxIdleTimeMS was set, and it fixes an issue where regular expressions were marshaled to invalid JSON due to improper character escaping, ensuring all generated JSON is now valid.

---

For a full list of tickets included in this release, please see the list of fixed issues.

Full Changelog: v1.17.3...v1.17.4

Documentation for the Go Driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go Driver is greatly appreciated!

What's Changed

• Add GitHub Actions workflow for merge ups by @​alcaeus in mongodb/mongo-go-driver#1962
• Use different credentials for merge-up PRs by @​alcaeus in mongodb/mongo-go-driver#1968
• GODRIVER-3476 Escape for Regex Options. by @​qingyang-hu in mongodb/mongo-go-driver#1929
• Ignore unmaintained branches when merging up by @​alcaeus in mongodb/mongo-go-driver#2062
• GODRIVER-3549 Fix timeouts in CSE custom endpoint test (#2028) (#2031) by @​prestonvasquez in mongodb/mongo-go-driver#2061
• GODRIVER-3516 Remove isAlive by @​linfeip in mongodb/mongo-go-driver#2060
• GODRIVER-3560 Assume ec2 role explicitly in CI by @​prestonvasquez in mongodb/mongo-go-driver#2080
• GODRIVER-3524 Sync updates to reflect showExpandedEvents omissions by @​prestonvasquez in mongodb/mongo-go-driver#2084

New Contributors

• @​linfeip made their first contribution in mongodb/mongo-go-driver#2060

Full Changelog: https://github.com/mongodb/mongo-go-driver/compare/v1.17.3...v1.17.4

• 4c4cafc BUMP v1.17.4
• 431cf52 GODRIVER-3524 Sync updates to reflect showExpandedEvents omissions (#2084)
• 835c5e1 GODRIVER-3560 Assume ec2 role explicitly in CI (#2080)
• 6966434 GODRIVER-3516 Remove isAlive (#2060)
• 029da41 GODRIVER-3549 Fix timeouts in CSE custom endpoint test (#2028) (#2031) (#2061)
• 49f0c81 Ignore unmaintained branches when merging up (#2062)
• 7d03307 GODRIVER-3476 Escape for Regex Options. (#1929)
• 785d943 Use different credentials for merge-up PRs (#1968)
• c2ca35c Add GitHub Actions workflow for merge ups (#1962)
• See full diff in compare view

• 3bf9d2a ssh/test: skip KEX test if unsupported by system SSH client
• 9bab967 go.mod: update golang.org/x dependencies
• 4f9f0ca x509roots/fallback: add init time benchmark
• eac7cf0 x509roots/fallback: move parsing code to a non-generated file
• 18228cd acme: return err from deprecated TLS-SNI-[01|02] functions
• 73f6362 acme: remove dead code
• ebc8e46 ssh: add server side support for Diffie Hellman Group Exchange
• e944286 ssh: expose negotiated algorithms
• 78a1fd7 ssh: automatically add curve25519-sha256@libssh.org KEX alias
• ac58737 ssh: export supported algorithms
• Additional commits viewable in compare view

Sourced from sigs.k8s.io/yaml's releases.

v1.5.0

• Bugfix: Handle unhashable keys during merge (kubernetes-sigs/yaml#122)
• Improvement: wrap errors returned by JSON unmarshal (kubernetes-sigs/yaml#106)
• Deprecation: Deprecate code in goyaml.v2 and goyaml.v3 directories, and redirect to equivalents in go.yaml.in/yaml/v2 and go.yaml.in/yaml/v3 (kubernetes-sigs/yaml#133)

Full Changelog: https://github.com/kubernetes-sigs/yaml/compare/v1.4.0...v1.5.0

• 0f318dc Merge pull request #134 from kubernetes-sigs/forgot-to-add-redirects-for-cons...
• b8fc0c0 Forgot to add redirects for v3 constants
• 8eaa802 Merge pull request #133 from kubernetes-sigs/deprecate-code-in-goyaml.v3-goya...
• 69e45c1 Deprecate code in goyaml.v2/goyaml.v3 directories and redirect
• 0fe7da3 Merge pull request #125 from kragniz/go-1.24
• 14cbb88 Test against go 1.24.x
• c6ac2c9 Merge pull request #126 from kragniz/remove-travis
• 203ded9 Remove old travisci config file
• b9a9b1c Merge pull request #106 from ThatsMrTalbot/patch-1
• 4c6913f fix: wrap errors returned by JSON unmarshal
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions