From d28088e7415b2566ef9f6c04247b1286fe02afc2 Mon Sep 17 00:00:00 2001 From: Ben Kochie Date: Fri, 5 Sep 2025 15:36:41 +0200 Subject: [PATCH 1/7] Update GitHub Actions (#346) Pin GitHub Actions to hash for supply chain security. Signed-off-by: SuperQ --- .github/workflows/ci.yml | 2 +- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/golangci-lint.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0469cc7f..8e1e0230 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,7 +17,7 @@ jobs: GODEBUG: "x509sha1=1,tls10default=1" steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: prometheus/promci@443c7fc2397e946bc9f5029e313a9c3441b9b86d # v0.4.7 - uses: ./.github/promci/actions/setup_environment - run: make test diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 29f5fe2a..42bd6f65 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1 diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index afa8e906..3fd986a3 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Install Go From efac154b2d0394e476da2856cfba674a0f4d2d69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20R=C3=BCger?= Date: Fri, 5 Sep 2025 15:36:54 +0200 Subject: [PATCH 2/7] feat: Add rate limiting (#331) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds a rate limiting mechanism, that will send HTTP/429 responses once a defined limit is reached (Token Bucket) Signed-off-by: Manuel Rüger --- docs/web-config.yml | 5 ++ docs/web-configuration.md | 7 ++ go.mod | 1 + go.sum | 2 + web/handler.go | 7 ++ .../web_config_rate_limiter_nonblocking.yaml | 3 + .../web_config_rate_limiter_one_second.yaml | 3 + web/tls_config.go | 21 +++++- web/tls_config_test.go | 66 ++++++++++++------- 9 files changed, 90 insertions(+), 25 deletions(-) create mode 100644 web/testdata/web_config_rate_limiter_nonblocking.yaml create mode 100644 web/testdata/web_config_rate_limiter_one_second.yaml diff --git a/docs/web-config.yml b/docs/web-config.yml index 942d9812..8b8cd148 100644 --- a/docs/web-config.yml +++ b/docs/web-config.yml @@ -10,3 +10,8 @@ tls_server_config: basic_auth_users: alice: $2y$10$mDwo.lAisC94iLAyP81MCesa29IzH37oigHC/42V2pdJlUprsJPze bob: $2y$10$hLqFl9jSjoAAy95Z/zw8Ye8wkdMBM8c5Bn1ptYqP/AXyV0.oy0S8m + +# Rate limiting requests on the endpoint using a token bucket +rate_limit: + interval: "1s" # time interval between two requests, set to 0 to disable rate limiter + burst: 20 # and permits a burst of up to 20 requests. diff --git a/docs/web-configuration.md b/docs/web-configuration.md index a7823349..c3b1cf12 100644 --- a/docs/web-configuration.md +++ b/docs/web-configuration.md @@ -20,6 +20,7 @@ Generic placeholders are defined as follows: * ``: a valid path in the current working directory * ``: a regular string that is a secret, such as a password * ``: a regular string +* ``: a regular integer ``` tls_server_config: @@ -125,6 +126,12 @@ http_server_config: # required. Passwords are hashed with bcrypt. basic_auth_users: [ : ... ] + + +# Rate limiting requests on the endpoint using a token bucket +rate_limit: + interval: # time interval between two requests, set to 0 to disable rate limiter + burst: # and permits a burst of requests. ``` [A sample configuration file](web-config.yml) is provided. diff --git a/go.mod b/go.mod index f91240e2..8dfc4363 100644 --- a/go.mod +++ b/go.mod @@ -10,6 +10,7 @@ require ( go.yaml.in/yaml/v2 v2.4.2 golang.org/x/crypto v0.41.0 golang.org/x/sync v0.16.0 + golang.org/x/time v0.12.0 ) require ( diff --git a/go.sum b/go.sum index 84debf69..c4fa9637 100644 --- a/go.sum +++ b/go.sum @@ -62,6 +62,8 @@ golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= +golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= +golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/web/handler.go b/web/handler.go index 51da762c..0a2718d5 100644 --- a/web/handler.go +++ b/web/handler.go @@ -24,6 +24,7 @@ import ( "sync" "golang.org/x/crypto/bcrypt" + "golang.org/x/time/rate" ) // extraHTTPHeaders is a map of HTTP headers that can be added to HTTP @@ -80,6 +81,7 @@ type webHandler struct { handler http.Handler logger *slog.Logger cache *cache + limiter *rate.Limiter // bcryptMtx is there to ensure that bcrypt.CompareHashAndPassword is run // only once in parallel as this is CPU intensive. bcryptMtx sync.Mutex @@ -93,6 +95,11 @@ func (u *webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } + if u.limiter != nil && !u.limiter.Allow() { + http.Error(w, http.StatusText(http.StatusTooManyRequests), http.StatusTooManyRequests) + return + } + // Configure http headers. for k, v := range c.HTTPConfig.Header { w.Header().Set(k, v) diff --git a/web/testdata/web_config_rate_limiter_nonblocking.yaml b/web/testdata/web_config_rate_limiter_nonblocking.yaml new file mode 100644 index 00000000..75a0083d --- /dev/null +++ b/web/testdata/web_config_rate_limiter_nonblocking.yaml @@ -0,0 +1,3 @@ +rate_limit: + interval: 0 + burst: 0 diff --git a/web/testdata/web_config_rate_limiter_one_second.yaml b/web/testdata/web_config_rate_limiter_one_second.yaml new file mode 100644 index 00000000..5b9e7995 --- /dev/null +++ b/web/testdata/web_config_rate_limiter_one_second.yaml @@ -0,0 +1,3 @@ +rate_limit: + interval: "1s" + burst: 0 diff --git a/web/tls_config.go b/web/tls_config.go index 531bfcde..c760d88c 100644 --- a/web/tls_config.go +++ b/web/tls_config.go @@ -26,12 +26,14 @@ import ( "path/filepath" "strconv" "strings" + "time" "github.com/coreos/go-systemd/v22/activation" "github.com/mdlayher/vsock" config_util "github.com/prometheus/common/config" "go.yaml.in/yaml/v2" "golang.org/x/sync/errgroup" + "golang.org/x/time/rate" ) var ( @@ -40,9 +42,10 @@ var ( ) type Config struct { - TLSConfig TLSConfig `yaml:"tls_server_config"` - HTTPConfig HTTPConfig `yaml:"http_server_config"` - Users map[string]config_util.Secret `yaml:"basic_auth_users"` + TLSConfig TLSConfig `yaml:"tls_server_config"` + HTTPConfig HTTPConfig `yaml:"http_server_config"` + RateLimiterConfig RateLimiterConfig `yaml:"rate_limit"` + Users map[string]config_util.Secret `yaml:"basic_auth_users"` } type TLSConfig struct { @@ -109,6 +112,11 @@ type HTTPConfig struct { Header map[string]string `yaml:"headers,omitempty"` } +type RateLimiterConfig struct { + Burst int `yaml:"burst"` + Interval time.Duration `yaml:"interval"` +} + func getConfig(configPath string) (*Config, error) { content, err := os.ReadFile(configPath) if err != nil { @@ -365,11 +373,18 @@ func Serve(l net.Listener, server *http.Server, flags *FlagConfig, logger *slog. return err } + var limiter *rate.Limiter + if c.RateLimiterConfig.Interval != 0 { + limiter = rate.NewLimiter(rate.Every(c.RateLimiterConfig.Interval), c.RateLimiterConfig.Burst) + logger.Info("Rate Limiter is enabled.", "burst", c.RateLimiterConfig.Burst, "interval", c.RateLimiterConfig.Interval) + } + server.Handler = &webHandler{ tlsConfigPath: tlsConfigPath, logger: logger, handler: handler, cache: newCache(), + limiter: limiter, } config, err := ConfigToTLSConfig(&c.TLSConfig) diff --git a/web/tls_config_test.go b/web/tls_config_test.go index 0bc645bd..a0d700ce 100644 --- a/web/tls_config_test.go +++ b/web/tls_config_test.go @@ -72,6 +72,7 @@ var ( // Introduced in Go 1.21 "Certificate required": regexp.MustCompile(`certificate required`), "Unknown CA": regexp.MustCompile(`unknown certificate authority`), + "Too Many Requests": regexp.MustCompile(`Too Many Requests`), } ) @@ -98,6 +99,7 @@ type TestInputs struct { Username string Password string ClientCertificate string + Requests int } func TestYAMLFiles(t *testing.T) { @@ -364,6 +366,20 @@ func TestServerBehaviour(t *testing.T) { ClientCertificate: "client2_selfsigned", ExpectedError: ErrorMap["Invalid client cert"], }, + { + Name: "valid rate limiter (no rate limiter set up) that doesn't block", + YAMLConfigPath: "testdata/web_config_rate_limiter_nonblocking.yaml", + UseTLSClient: false, + Requests: 10, + ExpectedError: nil, + }, + { + Name: "valid rate limiter with an interval of one second", + YAMLConfigPath: "testdata/web_config_rate_limiter_one_second.yaml", + UseTLSClient: false, + Requests: 10, + ExpectedError: ErrorMap["Too Many Requests"], + }, } for _, testInputs := range testTables { t.Run(testInputs.Name, testInputs.Test) @@ -511,35 +527,41 @@ func (test *TestInputs) Test(t *testing.T) { if test.Username != "" { req.SetBasicAuth(test.Username, test.Password) } + return client.Do(req) } go func() { time.Sleep(250 * time.Millisecond) - r, err := ClientConnection() - if err != nil { - recordConnectionError(err) - return - } - if test.ActualCipher != 0 { - if r.TLS.CipherSuite != test.ActualCipher { - recordConnectionError( - fmt.Errorf("bad cipher suite selected. Expected: %s, got: %s", - tls.CipherSuiteName(test.ActualCipher), - tls.CipherSuiteName(r.TLS.CipherSuite), - ), - ) + for req := 0; req <= test.Requests; req++ { + + r, err := ClientConnection() + + if err != nil { + recordConnectionError(err) + return } - } - body, err := io.ReadAll(r.Body) - if err != nil { - recordConnectionError(err) - return - } - if string(body) != "Hello World!" { - recordConnectionError(errors.New(string(body))) - return + if test.ActualCipher != 0 { + if r.TLS.CipherSuite != test.ActualCipher { + recordConnectionError( + fmt.Errorf("bad cipher suite selected. Expected: %s, got: %s", + tls.CipherSuiteName(test.ActualCipher), + tls.CipherSuiteName(r.TLS.CipherSuite), + ), + ) + } + } + + body, err := io.ReadAll(r.Body) + if err != nil { + recordConnectionError(err) + return + } + if string(body) != "Hello World!" { + recordConnectionError(errors.New(string(body))) + return + } } recordConnectionError(nil) }() From a016cbcc48dd15d288fe81a236cf61abc455df4e Mon Sep 17 00:00:00 2001 From: Ben Kochie Date: Thu, 23 Oct 2025 15:36:29 +0200 Subject: [PATCH 3/7] Update supported Go versions (#352) Update to Go 1.25, minimum 1.24.0. Signed-off-by: SuperQ --- .github/workflows/ci.yml | 2 +- go.mod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8e1e0230..28b75b88 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,8 +8,8 @@ jobs: strategy: matrix: go_version: - - "1.23" - "1.24" + - "1.25" container: image: quay.io/prometheus/golang-builder:${{ matrix.go_version }}-base env: diff --git a/go.mod b/go.mod index 8dfc4363..582d5c77 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/prometheus/exporter-toolkit -go 1.23.0 +go 1.24.0 require ( github.com/alecthomas/kingpin/v2 v2.4.0 From f3b01c3479ee36ce9b55963d07bc06abf1ba8843 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Oct 2025 15:37:19 +0200 Subject: [PATCH 4/7] Bump golang.org/x/time from 0.12.0 to 0.13.0 (#348) Bumps [golang.org/x/time](https://github.com/golang/time) from 0.12.0 to 0.13.0. - [Commits](https://github.com/golang/time/compare/v0.12.0...v0.13.0) --- updated-dependencies: - dependency-name: golang.org/x/time dependency-version: 0.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 582d5c77..70141cd6 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( go.yaml.in/yaml/v2 v2.4.2 golang.org/x/crypto v0.41.0 golang.org/x/sync v0.16.0 - golang.org/x/time v0.12.0 + golang.org/x/time v0.13.0 ) require ( diff --git a/go.sum b/go.sum index c4fa9637..1a8c4a32 100644 --- a/go.sum +++ b/go.sum @@ -62,8 +62,8 @@ golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= -golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE= -golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= +golang.org/x/time v0.13.0 h1:eUlYslOIt32DgYD6utsuUeHs4d7AsEYLuIAdg7FlYgI= +golang.org/x/time v0.13.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 3e873c7cab88b651a048690c110cf7029639ef8d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Oct 2025 15:41:45 +0200 Subject: [PATCH 5/7] Bump golang.org/x/crypto from 0.41.0 to 0.42.0 (#351) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.41.0 to 0.42.0. - [Commits](https://github.com/golang/crypto/compare/v0.41.0...v0.42.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 10 +++++----- go.sum | 20 ++++++++++---------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/go.mod b/go.mod index 70141cd6..7858fc50 100644 --- a/go.mod +++ b/go.mod @@ -8,8 +8,8 @@ require ( github.com/mdlayher/vsock v1.2.1 github.com/prometheus/common v0.66.1 go.yaml.in/yaml/v2 v2.4.2 - golang.org/x/crypto v0.41.0 - golang.org/x/sync v0.16.0 + golang.org/x/crypto v0.43.0 + golang.org/x/sync v0.17.0 golang.org/x/time v0.13.0 ) @@ -26,9 +26,9 @@ require ( github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/xhit/go-str2duration/v2 v2.1.0 // indirect - golang.org/x/net v0.43.0 // indirect + golang.org/x/net v0.45.0 // indirect golang.org/x/oauth2 v0.30.0 // indirect - golang.org/x/sys v0.35.0 // indirect - golang.org/x/text v0.28.0 // indirect + golang.org/x/sys v0.37.0 // indirect + golang.org/x/text v0.30.0 // indirect google.golang.org/protobuf v1.36.8 // indirect ) diff --git a/go.sum b/go.sum index 1a8c4a32..7798d3d0 100644 --- a/go.sum +++ b/go.sum @@ -50,18 +50,18 @@ github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8 github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= -golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= -golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= -golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE= -golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg= +golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= +golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= +golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM= +golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY= golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= -golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw= -golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= -golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= -golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= -golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= +golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug= +golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= +golang.org/x/sys v0.37.0 h1:fdNQudmxPjkdUTPnLn5mdQv7Zwvbvpaxqs831goi9kQ= +golang.org/x/sys v0.37.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k= +golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM= golang.org/x/time v0.13.0 h1:eUlYslOIt32DgYD6utsuUeHs4d7AsEYLuIAdg7FlYgI= golang.org/x/time v0.13.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4= google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc= From 371c300b3894266715fefacc8a4338db6a810dfe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Oct 2025 15:46:18 +0200 Subject: [PATCH 6/7] Bump go.yaml.in/yaml/v2 from 2.4.2 to 2.4.3 (#350) Bumps [go.yaml.in/yaml/v2](https://github.com/yaml/go-yaml) from 2.4.2 to 2.4.3. - [Commits](https://github.com/yaml/go-yaml/compare/v2.4.2...v2.4.3) --- updated-dependencies: - dependency-name: go.yaml.in/yaml/v2 dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7858fc50..756f57a2 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/coreos/go-systemd/v22 v22.6.0 github.com/mdlayher/vsock v1.2.1 github.com/prometheus/common v0.66.1 - go.yaml.in/yaml/v2 v2.4.2 + go.yaml.in/yaml/v2 v2.4.3 golang.org/x/crypto v0.43.0 golang.org/x/sync v0.17.0 golang.org/x/time v0.13.0 diff --git a/go.sum b/go.sum index 7798d3d0..249eb299 100644 --- a/go.sum +++ b/go.sum @@ -48,8 +48,8 @@ github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/xhit/go-str2duration/v2 v2.1.0 h1:lxklc02Drh6ynqX+DdPyp5pCKLUQpRT8bp8Ydu2Bstc= github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= -go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI= -go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU= +go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0= +go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8= golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04= golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0= golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM= From 003133f12fdd60f3e72b46babe3818d335cc81ac Mon Sep 17 00:00:00 2001 From: Ben Kochie Date: Thu, 23 Oct 2025 16:09:44 +0200 Subject: [PATCH 7/7] Remove obsolete CircleCI config (#355) Builds have been stopped in CircleCI, we can remove the config. Signed-off-by: SuperQ --- .circleci/config.yml | 33 --------------------------------- 1 file changed, 33 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 965b2739..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,33 +0,0 @@ ---- -# Prometheus has switched to GitHub action. -# Circle CI is not disabled repository-wise so that previous pull requests -# continue working. -# This file does not generate any CircleCI workflow. - -version: 2.1 - -executors: - golang: - docker: - - image: busybox - -jobs: - noopjob: - executor: golang - - steps: - - run: - command: "true" - -workflows: - version: 2 - prometheus: - jobs: - - noopjob - triggers: - - schedule: - cron: "0 0 30 2 *" - filters: - branches: - only: - - main