Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6 #418

Merged
merged 1 commit into from
Mar 3, 2025
Merged

build(deps): bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6 #418

merged 1 commit into from
Mar 3, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2025
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps github.com/hashicorp/nomad from 1.9.5 to 1.9.6.

Release notes

Sourced from github.com/hashicorp/nomad's releases.

v1.9.6

1.9.6 (February 11, 2025)

BREAKING CHANGES:

  • fingerprint: Consul and Vault fingerprints no longer reload periodically [GH-24526]

SECURITY:

  • api: sanitize the SignedIdentities in allocations of events to clean the identity token. [GH-24966]
  • build: Updated Go to 1.23.6 [GH-25041]
  • event stream: fixes vulnerability CVE-2025-0937, where using a wildcard namespace to subscribe to the events API grants a user with "read" capabilites on any namespace, the ability to read events from all namespaces. [GH-25089]

IMPROVEMENTS:

  • auth: adds VerboseLogging option to auth-method config for debugging SSO [GH-24892]
  • cli: Added actions available to a job when running nomad job status command [GH-24959]
  • event stream: adds ability to authenticate using workload identities [GH-24849]
  • services: Nomad service checks now support the tls_skip_verify parameter [GH-24781]
  • task schedule: The task being paused no longer impacts restart attempts [GH-25085]
  • ui: Contextualizes the Start Job button on whether it is startable, revertable, or not [GH-24985]

BUG FIXES:

  • agent: Fixed a bug where Nomad error log messages within syslog showed via the notice priority [GH-24820]
  • agent: Fixed a bug where all syslog entries were marked as notice when using JSON logging format [GH-24865]
  • client: Fixed a bug where temporary RPC errors cause the client to poll for changes more frequently thereafter [GH-25039]
  • csi: Fixed a bug where volume context from the plugin would be erased on volume updates [GH-24922]
  • docker: Fixed a bug that prevented image_pull_timeout from being applied [GH-24991]
  • docker: Fixed a bug where "error reading image pull progress" caused the allocation to get stuck pending [GH-24981]
  • reporting (Enterprise): Updated the reporting metric to utilize node active heartbeat count. [GH-24919]
  • state store: fix for setting correct status for a job version when reverting, and also fixes an issue where jobs were briefly marked dead during restarts [GH-24974]
  • taskrunner: fix panic when a task with dynamic user is recovered [GH-24739]
  • ui: Ensure pending service check blocks are filled [GH-24818]
  • ui: Remove unrequired node read API call when attempting to stream task logs [GH-24973]
  • vault: Fixed a bug where successful renewal was logged as an error [GH-25040]
Changelog

Sourced from github.com/hashicorp/nomad's changelog.

1.9.6 (February 11, 2025)

BREAKING CHANGES:

  • fingerprint: Consul and Vault fingerprints no longer reload periodically [GH-24526]

SECURITY:

  • api: sanitize the SignedIdentities in allocations of events to clean the identity token. [GH-24966]
  • build: Updated Go to 1.23.6 [GH-25041]
  • event stream: fixes vulnerability CVE-2025-0937, where using a wildcard namespace to subscribe to the events API grants a user with "read" capabilites on any namespace, the ability to read events from all namespaces. [GH-25089]

IMPROVEMENTS:

  • auth: adds VerboseLogging option to auth-method config for debugging SSO [GH-24892]
  • cli: Added actions available to a job when running nomad job status command [GH-24959]
  • event stream: adds ability to authenticate using workload identities [GH-24849]
  • services: Nomad service checks now support the tls_skip_verify parameter [GH-24781]
  • task schedule: The task being paused no longer impacts restart attempts [GH-25085]
  • ui: Contextualizes the Start Job button on whether it is startable, revertable, or not [GH-24985]

BUG FIXES:

  • agent: Fixed a bug where Nomad error log messages within syslog showed via the notice priority [GH-24820]
  • agent: Fixed a bug where all syslog entries were marked as notice when using JSON logging format [GH-24865]
  • client: Fixed a bug where temporary RPC errors cause the client to poll for changes more frequently thereafter [GH-25039]
  • csi: Fixed a bug where volume context from the plugin would be erased on volume updates [GH-24922]
  • docker: Fixed a bug that prevented image_pull_timeout from being applied [GH-24991]
  • docker: Fixed a bug where "error reading image pull progress" caused the allocation to get stuck pending [GH-24981]
  • reporting (Enterprise): Updated the reporting metric to utilize node active heartbeat count. [GH-24919]
  • state store: fix for setting correct status for a job version when reverting, and also fixes an issue where jobs were briefly marked dead during restarts [GH-24974]
  • taskrunner: fix panic when a task with dynamic user is recovered [GH-24739]
  • ui: Ensure pending service check blocks are filled [GH-24818]
  • ui: Remove unrequired node read API call when attempting to stream task logs [GH-24973]
  • vault: Fixed a bug where successful renewal was logged as an error [GH-25040]
Commits
  • 7f8b449 Generate files for 1.9.6 release
  • de58c83 backport of commit c4f232f23ed2f45a93f77d35131d81f463c9d15e (#25091)
  • 4d2a690 backport of commit 92c90af5421da594eb375554ccd764b2f6146af3 (#25090)
  • 5ad790f Backport of Enable workload identity for event stream into release/1.9.x (#24...
  • 4e84ea0 backport of commit 87741dd9088eff31f523751adabcd8131afbdc9d (#25080)
  • 4535d21 backport of commit 8a597a172d8081ee386d81d1c15a9095f09cc584 (#25087)
  • 999de69 Backport of state store: remove reschedulable check when getting job status i...
  • 2acf105 backport of commit 63dacd2d6e13ac66f51ec077f33a52b67d9e70a2 (#24895)
  • dd14d5b backport of commit 9367929d87c0a5d654fb4deacfd4f008de6b6a78 (#25019)
  • b2d2e35 backport of commit 91194b3cc27bcdc2fb8c84dd5850fb1650ab6fcc (#25056)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested a review from a team as a code owner March 1, 2025 01:13
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/hashicorp/nomad-1.9.6 branch from 5495a74 to 62fbc31 Compare March 3, 2025 08:24
@dependabot
build(deps): bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6
48e2316 
Bumps [github.com/hashicorp/nomad](https://github.com/hashicorp/nomad) from 1.9.5 to 1.9.6.
- [Release notes](https://github.com/hashicorp/nomad/releases)
- [Changelog](https://github.com/hashicorp/nomad/blob/main/CHANGELOG.md)
- [Commits](hashicorp/nomad@v1.9.5...v1.9.6)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/nomad
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/hashicorp/nomad-1.9.6 branch from 62fbc31 to 48e2316 Compare March 3, 2025 08:49
@jrasell jrasell merged commit f889af3 into main Mar 3, 2025
7 checks passed
@jrasell jrasell deleted the dependabot/go_modules/github.com/hashicorp/nomad-1.9.6 branch March 3, 2025 09:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jrasell jrasell jrasell approved these changes

Assignees
No one assigned
Labels
theme/dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jrasell