Skip to content

Bump the minor-go-dependencies group across 1 directory with 9 updates#7

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/host/minor-go-dependencies-22881fd3f8
Open

Bump the minor-go-dependencies group across 1 directory with 9 updates#7
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/host/minor-go-dependencies-22881fd3f8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 2, 2026

Bumps the minor-go-dependencies group with 5 updates in the /host directory:

Package From To
github.com/redis/go-redis/v9 9.18.0 9.19.0
github.com/grpc-ecosystem/grpc-gateway/v2 2.28.0 2.29.0
golang.org/x/crypto 0.49.0 0.50.0
golang.org/x/net 0.52.0 0.53.0
go.uber.org/zap 1.27.1 1.28.0

Updates github.com/redis/go-redis/v9 from 9.18.0 to 9.19.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.19.0

🚀 Highlights

FIPS-Compatible Script Helper

Script now supports a FIPS-safe execution mode that avoids client-side SHA-1 computation, which is blocked in strict FIPS environments. A new NewScriptServerSHA constructor uses SCRIPT LOAD to obtain and cache the digest from the server, then runs commands via EVALSHA/EVALSHA_RO. Falls back to EVAL/EVALRO if loading fails, and transparently retries once on NOSCRIPT. The default behavior is unchanged for existing users.

(#3700) by @​chaitanyabodlapati

FT.AGGREGATE Step-Based Pipeline Builder

Added a new step-based FT.AGGREGATE pipeline API via FTAggregateOptions.Steps, allowing LOAD, APPLY, GROUPBY, and SORTBY (with per-step MAX) to be repeated and interleaved in arbitrary order — matching Redis's native multi-stage aggregation semantics. The legacy Load/Apply/GroupBy/SortBy/SortByMax fields are now deprecated.

(#3782) by @​ndyakov

Raw RESP Protocol Access

Added DoRaw and DoRawWriteTo methods for executing arbitrary commands and reading the raw RESP response. Useful for proxying, custom protocol inspection, and working with commands not yet wrapped by go-redis.

(#3713) by @​ofekshenawa

Configurable Dial Retry Backoff

Added DialerRetryBackoff option (plumbed through Options, ClusterOptions, RingOptions, FailoverOptions) to let callers customize the delay between failed dial attempts. Helpers DialRetryBackoffConstant and DialRetryBackoffExponential (with jitter and cap) are provided out of the box. Dial timeout is now also applied per attempt rather than across all retries.

(#3706, #3705) by @​mwhooker

✨ New Features

  • FT.AGGREGATE Steps: Step-based pipeline builder for FT.AGGREGATE with support for repeated/interleaved LOAD, APPLY, GROUPBY, and SORTBY stages (#3782) by @​ndyakov
  • VectorSet commands: Added VISMEMBER and WITHATTRIBS support (#3753) by @​romanpovol
  • FIPS-safe Script: NewScriptServerSHA uses SCRIPT LOAD to obtain the digest from the server, avoiding client-side SHA-1 (#3700) by @​chaitanyabodlapati
  • Raw RESP access: DoRaw and DoRawWriteTo for raw RESP protocol access (#3713) by @​ofekshenawa
  • Dial retry backoff: DialerRetryBackoff function option with constant and exponential helpers (#3706) by @​mwhooker
  • Typed NOSCRIPT error: Redis NOSCRIPT replies are now surfaced as a typed error for easier handling (#3738) by @​LINKIWI
  • PubSub ClientSetName: Added ClientSetName method to PubSub (#3727) by @​Flack74
  • ReplicaOf: New ReplicaOf method replaces the deprecated SlaveOf (#3720) by @​Copilot
  • HSCAN BinaryUnmarshaler: HScan now supports types implementing encoding.BinaryUnmarshaler (#3768) by @​Aaditya-dubey1

🐛 Bug Fixes

  • Auto hostname type detection: Improved endpoint type detection for maintenance notifications using DNS-based classification; handles empty hosts and expanded private-IP ranges (#3789) by @​ndyakov
  • HELLO fallback: Don't send CLIENT MAINT_NOTIFICATIONS handshake when HELLO fails and connection falls back to RESP2; fail fast when explicitly enabled with RESP3 (#3788) by @​ndyakov
  • Dial TCP retry: ShouldRetry now treats net.OpError with Op == "dial" timeout errors as safe to retry since no command was sent (#3787) by @​vladisa88
  • wrappedOnClose leak: Fixed resource leak caused by repeatedly wrapping baseClient close logic; replaced with a bounded, concurrency-safe named-hook registry (#3785) by @​ndyakov
  • Pool Close() on stale connections: Suppress close errors (e.g., TLS closeNotify timeouts) for connections already dropped by the server due to idle timeout (#3778) by @​ofekshenawa
  • FIFO waiter ordering: Fixed race in ConnStateMachine.notifyWaiters that could wake multiple waiters under a single mutex hold and violate FIFO ordering (#3777) by @​0x48core
  • Lua READONLY detection: Detect READONLY errors embedded in Lua script error messages on read-only replicas so commands are correctly retried (#3769) by @​zhengjilei
  • VectorScoreSliceCmd RESP2: Fixed VSimWithScores, VSimWithArgsWithScores, and VLinksWithScores which were broken on RESP2 connections returning flat arrays instead of maps (#3767) by @​Copilot

... (truncated)

Changelog

Sourced from github.com/redis/go-redis/v9's changelog.

9.19.0 (2026-04-27)

🚀 Highlights

FIPS-Compatible Script Helper

Script now supports a FIPS-safe execution mode that avoids client-side SHA-1 computation, which is blocked in strict FIPS environments. A new NewScriptServerSHA constructor uses SCRIPT LOAD to obtain and cache the digest from the server, then runs commands via EVALSHA/EVALSHA_RO. Falls back to EVAL/EVALRO if loading fails, and transparently retries once on NOSCRIPT. The default behavior is unchanged for existing users.

(#3700) by @​chaitanyabodlapati

FT.AGGREGATE Step-Based Pipeline Builder

Added a new step-based FT.AGGREGATE pipeline API via FTAggregateOptions.Steps, allowing LOAD, APPLY, GROUPBY, and SORTBY (with per-step MAX) to be repeated and interleaved in arbitrary order — matching Redis's native multi-stage aggregation semantics. The legacy Load/Apply/GroupBy/SortBy/SortByMax fields are now deprecated.

(#3782) by @​ndyakov

Raw RESP Protocol Access

Added DoRaw and DoRawWriteTo methods for executing arbitrary commands and reading the raw RESP response. Useful for proxying, custom protocol inspection, and working with commands not yet wrapped by go-redis.

(#3713) by @​ofekshenawa

Configurable Dial Retry Backoff

Added DialerRetryBackoff option (plumbed through Options, ClusterOptions, RingOptions, FailoverOptions) to let callers customize the delay between failed dial attempts. Helpers DialRetryBackoffConstant and DialRetryBackoffExponential (with jitter and cap) are provided out of the box. Dial timeout is now also applied per attempt rather than across all retries.

(#3706, #3705) by @​mwhooker

✨ New Features

  • FT.AGGREGATE Steps: Step-based pipeline builder for FT.AGGREGATE with support for repeated/interleaved LOAD, APPLY, GROUPBY, and SORTBY stages (#3782) by @​ndyakov
  • VectorSet commands: Added VISMEMBER and WITHATTRIBS support (#3753) by @​romanpovol
  • FIPS-safe Script: NewScriptServerSHA uses SCRIPT LOAD to obtain the digest from the server, avoiding client-side SHA-1 (#3700) by @​chaitanyabodlapati
  • Raw RESP access: DoRaw and DoRawWriteTo for raw RESP protocol access (#3713) by @​ofekshenawa
  • Dial retry backoff: DialerRetryBackoff function option with constant and exponential helpers (#3706) by @​mwhooker
  • Typed NOSCRIPT error: Redis NOSCRIPT replies are now surfaced as a typed error for easier handling (#3738) by @​LINKIWI
  • PubSub ClientSetName: Added ClientSetName method to PubSub (#3727) by @​Flack74
  • ReplicaOf: New ReplicaOf method replaces the deprecated SlaveOf (#3720) by @​Copilot
  • HSCAN BinaryUnmarshaler: HScan now supports types implementing encoding.BinaryUnmarshaler (#3768) by @​Aaditya-dubey1

🐛 Bug Fixes

  • Auto hostname type detection: Improved endpoint type detection for maintenance notifications using DNS-based classification; handles empty hosts and expanded private-IP ranges (#3789) by @​ndyakov
  • HELLO fallback: Don't send CLIENT MAINT_NOTIFICATIONS handshake when HELLO fails and connection falls back to RESP2; fail fast when explicitly enabled with RESP3 (#3788) by @​ndyakov
  • Dial TCP retry: ShouldRetry now treats net.OpError with Op == "dial" timeout errors as safe to retry since no command was sent (#3787) by @​vladisa88
  • wrappedOnClose leak: Fixed resource leak caused by repeatedly wrapping baseClient close logic; replaced with a bounded, concurrency-safe named-hook registry (#3785) by @​ndyakov
  • Pool Close() on stale connections: Suppress close errors (e.g., TLS closeNotify timeouts) for connections already dropped by the server due to idle timeout (#3778) by @​ofekshenawa
  • FIFO waiter ordering: Fixed race in ConnStateMachine.notifyWaiters that could wake multiple waiters under a single mutex hold and violate FIFO ordering (#3777) by @​0x48core
  • Lua READONLY detection: Detect READONLY errors embedded in Lua script error messages on read-only replicas so commands are correctly retried (#3769) by @​zhengjilei
  • VectorScoreSliceCmd RESP2: Fixed VSimWithScores, VSimWithArgsWithScores, and VLinksWithScores which were broken on RESP2 connections returning flat arrays instead of maps (#3767) by @​Copilot

... (truncated)

Commits
  • e7e9866 chore(release): v9.19.0 (#3796)
  • 22b26f4 feat(ft.aggregate): Add Steps for query building (#3782)
  • d9d7694 fix(pool): two fixes for closed connection handling (#3764)
  • 44e8b73 fix(sch): auto hostname type detection (#3789)
  • ad21622 fix(hello): do not send maintnotifications handshake when hello fails (#3788)
  • 1a7ac74 fix(pool): suppress pool Close() errors for stale connections (#3778)
  • 903d6bd fix(retry): make dial tcp error redirectable (#3786) (#3787)
  • 00a551b fix(credentials): leak in wrappedOnClose (#3785)
  • b5a6f99 refactor(pool): remove redundant Conn.closed atomic field (#3783)
  • 928f27a feat(hscan): add support for encoding.BinaryUnmarshaler (#3768)
  • Additional commits viewable in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.28.0 to 2.29.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.29.0

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0

Commits
  • ba9b55c chore(deps): update dependency rules_shell to v0.8.0 (#6626)
  • 284a82e chore(deps): update googleapis digest to bcfcbda (#6625)
  • f74bc7f chore(deps): update google/oss-fuzz digest to d58fd64 (#6624)
  • efb665d Add edition 2024 support (#6622)
  • c58da15 chore(deps): update google/oss-fuzz digest to 32b8df7 (#6621)
  • 42997a1 Deprecate fields and methods if file is deprecated (#6613)
  • 6f4af8b chore(deps): update googleapis digest to bf85cad (#6620)
  • 68fde5f chore(deps): update google/oss-fuzz digest to 7b814a1 (#6619)
  • 6da2a46 chore(deps): update googleapis digest to 898f25c (#6617)
  • c9c7ad4 chore(deps): update googleapis digest to fc96870 (#6616)
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.49.0 to 0.50.0

Commits
  • 03ca0dc go.mod: update golang.org/x dependencies
  • 8400f4a ssh: respect signer's algorithm preference in pickSignatureAlgorithm
  • 81c6cb3 ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLength
  • See full diff in compare view

Updates golang.org/x/net from 0.52.0 to 0.53.0

Commits
  • a8d1fc1 go.mod: update golang.org/x dependencies
  • 056ac74 quic: avoid depending on golang.org/x/sys/unix
  • c85f611 http3: add http3 package for testing in std
  • 805fc81 http2: add transport API tests
  • e63b894 http2: support testing via net/http.Transport.RoundTrip
  • 9ee1e48 http2/hpack: prevent HeaderField from escaping during encoding
  • 1e71bd8 http2: prevent hanging Transport due to bad SETTINGS frame
  • 7bca150 internal/http3: respect net/http Server Shutdown context when shutting down
  • 44c41be internal/http3: prevent server from holding mutex when sleeping during shutdown
  • 228a67a internal/http3: add CloseIdleConnections support in transport
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.42.0 to 0.43.0

Commits
  • f33a730 windows: support nil security descriptor on GetNamedSecurityInfo
  • 493d172 cpu: add runtime import in cpu_darwin_arm64_other.go
  • 2c2be75 windows: use syscall.SyscallN in Proc.Call
  • a76ec62 cpu: roll back "use IsProcessorFeaturePresent to calculate ARM64 on windows"
  • See full diff in compare view

Updates golang.org/x/text from 0.35.0 to 0.36.0

Commits

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20260401024825-9d38bb4040a9 to 0.0.0-20260414002931-afd174a4e478

Commits

Updates google.golang.org/genproto/googleapis/rpc from 0.0.0-20260401024825-9d38bb4040a9 to 0.0.0-20260414002931-afd174a4e478

Commits

Updates go.uber.org/zap from 1.27.1 to 1.28.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.28.0

Enhancements:

  • #1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.

#1534: uber-go/zap#1534

Changelog

Sourced from go.uber.org/zap's changelog.

1.28.0 (27 Apr 2026)

Enhancements:

  • #1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.
Commits
  • 5b81b37 release v1.28.0 (#1547)
  • 0ab0d5a zapcore: Add PreWriteHook for transforming entries before write (#1534)
  • d278c59 [chore] CI: test on Go 1.26 (#1535)
  • 16fb16b chore(dep): replace archived gopkg.in/yaml.v3 with officially maintained go.y...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the minor-go-dependencies group across 1 directory with 9 updates
1e0ba57 
Bumps the minor-go-dependencies group with 5 updates in the /host directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/redis/go-redis/v9](https://github.com/redis/go-redis) | `9.18.0` | `9.19.0` |
| [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) | `2.28.0` | `2.29.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.49.0` | `0.50.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.52.0` | `0.53.0` |
| [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.1` | `1.28.0` |



Updates `github.com/redis/go-redis/v9` from 9.18.0 to 9.19.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/RELEASE-NOTES.md)
- [Commits](redis/go-redis@v9.18.0...v9.19.0)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.28.0 to 2.29.0
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Commits](grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0)

Updates `golang.org/x/crypto` from 0.49.0 to 0.50.0
- [Commits](golang/crypto@v0.49.0...v0.50.0)

Updates `golang.org/x/net` from 0.52.0 to 0.53.0
- [Commits](golang/net@v0.52.0...v0.53.0)

Updates `golang.org/x/sys` from 0.42.0 to 0.43.0
- [Commits](golang/sys@v0.42.0...v0.43.0)

Updates `golang.org/x/text` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.35.0...v0.36.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20260401024825-9d38bb4040a9 to 0.0.0-20260414002931-afd174a4e478
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20260401024825-9d38bb4040a9 to 0.0.0-20260414002931-afd174a4e478
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `go.uber.org/zap` from 1.27.1 to 1.28.0
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.27.1...v1.28.0)

---
updated-dependencies:
- dependency-name: github.com/redis/go-redis/v9
  dependency-version: 9.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-version: 2.29.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.50.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: golang.org/x/net
  dependency-version: 0.53.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.43.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: golang.org/x/text
  dependency-version: 0.36.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-version: 0.0.0-20260414002931-afd174a4e478
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-go-dependencies
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-version: 0.0.0-20260414002931-afd174a4e478
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: minor-go-dependencies
- dependency-name: go.uber.org/zap
  dependency-version: 1.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants