build(deps): bump the go-mod group with 8 updates

[dependabot]

Bumps the go-mod group with 8 updates:

Package	From	To
github.com/authzed/authzed-go	1.1.1	1.2.0
github.com/authzed/spicedb	1.38.1-0.20241030210113-595bb46cd8b4	1.39.1
github.com/ccoveille/go-safecast	1.2.0	1.5.0
golang.org/x/sync	0.9.0	0.10.0
golang.org/x/term	0.26.0	0.27.0
google.golang.org/genproto/googleapis/rpc	0.0.0-20241021214115-324edc3d5d38	0.0.0-20241118233622-e639e219e697
google.golang.org/grpc	1.68.0	1.69.2
google.golang.org/protobuf	1.35.2	1.36.1

Updates github.com/authzed/authzed-go from 1.1.1 to 1.2.0

Release notes

Sourced from github.com/authzed/authzed-go's releases.

v1.2.0

Highlights

• Update for new relationship expiration fields in the API by @​josephschorr in authzed/authzed-go#266
• Regenerate clients for internal materialize cursor by @​ecordell in authzed/authzed-go#270

What's Changed

• Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 in the go-mod group by @​dependabot in authzed/authzed-go#263
• Bump the go-mod-magefiles group in /magefiles with 2 updates by @​dependabot in authzed/authzed-go#262
• Bump the go-mod group with 4 updates by @​dependabot in authzed/authzed-go#264
• Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.23.0 to 2.24.0 in /magefiles in the go-mod-magefiles group by @​dependabot in authzed/authzed-go#265
• Bump github.com/golangci/golangci-lint from 1.62.0 to 1.62.2 in the go-mod group by @​dependabot in authzed/authzed-go#267
• Bump github.com/golangci/golangci-lint from 1.62.0 to 1.62.2 in /magefiles in the go-mod-magefiles group by @​dependabot in authzed/authzed-go#268
• Bump github.com/quic-go/quic-go from 0.48.1 to 0.48.2 in /magefiles in the go_modules group by @​dependabot in authzed/authzed-go#269

Full Changelog: authzed/authzed-go@v1.1.1...v1.2.0

Commits

• 3b360db Merge pull request #269 from authzed/dependabot/go_modules/magefiles/go_modul...
• 4e5600b Bump github.com/quic-go/quic-go in /magefiles in the go_modules group
• d99de4b Merge pull request #270 from ecordell/genmatcurs
• ef2c326 regenerate clients for internal materialize cursor
• c6eb2e8 Merge pull request #268 from authzed/dependabot/go_modules/magefiles/go-mod-m...
• 37eaae0 Bump github.com/golangci/golangci-lint
• ccb8c61 Merge pull request #267 from authzed/dependabot/go_modules/go-mod-ac241e8599
• 091f706 Bump github.com/golangci/golangci-lint in the go-mod group
• c77eef2 Merge pull request #266 from josephschorr/rel-expiration-api
• 4cc4999 Update for new relationship expiration fields in the API
• Additional commits viewable in compare view

Updates github.com/authzed/spicedb from 1.38.1-0.20241030210113-595bb46cd8b4 to 1.39.1

Release notes

Sourced from github.com/authzed/spicedb's releases.

v1.39.1

This patch release includes a fix for a bug where exporting relationships were not including caveats.

What's Changed

• Backport changes from #2163 into 1.39.0 by @​josephschorr in authzed/spicedb#2164

Full Changelog: authzed/spicedb@v1.39.0...v1.39.1

Docker Images

This release is available at authzed/spicedb:v1.39.1, quay.io/authzed/spicedb:v1.39.1, ghcr.io/authzed/spicedb:v1.39.1

v1.39.0

[!WARNING]
1.39.0 has a bug in BulkExportRelationships where caveat data is not included in exported relationships. Please update to v1.39.1 if you are using Bulk Export and Caveats.

Highlights

Introducing

📊 Native histograms for gRPC server metrics 🏥 Smarter health checks with user-specified set of safe migrations 🧹 Remove LookupResources v1 implementation 🗃️ Improvements for transaction metadata

Foundational work

⌛ Expiring relationships: foundational work to natively support defining relations in schema that last for set amount of time. This release introduces core system updates and changes to the type system and schema compiler. 🎼 Composable schemas: initial steps to support multi-part SpiceDB schemas by implementing local import functionality in this release.

Features

• Type system changes for first-class expiration support by @​josephschorr in authzed/spicedb#2145
  • Parser changes for supporting relationship expiration by @​josephschorr in authzed/spicedb#2141
  • Schema compiler support for relationship expiration trait by @​josephschorr in authzed/spicedb#2142
  • Add explicit option to enable expiration in schema by @​josephschorr in authzed/spicedb#2144
  • Add support to the core and tuple packages for relationship expiration by @​josephschorr in authzed/spicedb#2146
  • Copy old schema package into new package by @​tstirrat15 in authzed/spicedb#2101
• Implement parsing of local imports by @​tstirrat15 in authzed/spicedb#2103
  • Update compiler to consume local imports by @​tstirrat15 in authzed/spicedb#2116
  • Handle circular and duplicate imports by @​tstirrat15 in authzed/spicedb#2123
• Enable native histograms in server latency metrics by @​bison in authzed/spicedb#2102
• Make all and any into keywords by @​tstirrat15 in authzed/spicedb#2105
• Adds postgres index to support efficient querying via Watch API by @​vroldanbet in authzed/spicedb#2143
  • Add subject filters in schema relation delete to force use of the index by @​josephschorr in authzed/spicedb#2131
• Introduce emission strategy into CockroachDB Watch API by @​vroldanbet in authzed/spicedb#2120
  • Introduces ByteSortable method in Revision by @​vroldanbet in authzed/spicedb#2125

Enhancements

• Increase the aggressive postgres instantiation timeout of 5 seconds to 30 seconds #2094 by @​anoopsundial in authzed/spicedb#2095
• Change from using protos to structs for relationships, ONRs and RRs by @​josephschorr in authzed/spicedb#2081

... (truncated)

Commits

• See full diff in compare view

Updates github.com/ccoveille/go-safecast from 1.2.0 to 1.5.0

Release notes

Sourced from github.com/ccoveille/go-safecast's releases.

v1.5.0

What's Changed

• feat: add MustConvert by @​ccoVeille in ccoVeille/go-safecast#59

Full Changelog: ccoVeille/go-safecast@v1.4.0...v1.5.0

v1.4.0

What's Changed

• Add Convert and support conversion from string and boolean by @​ccoVeille in ccoVeille/go-safecast#55
• More errors were added.
• 💥 Breaking changes: Remove Error struct that was exposed. It brought confusion

Minor

• ci: fix codeclimate by @​ccoVeille in ccoVeille/go-safecast#57
• build(deps): bump crate-ci/typos from 1.28.2 to 1.28.3 in the all group by @​dependabot in ccoVeille/go-safecast#56
• doc: add popularity badge and stargazers graph by @​ccoVeille in ccoVeille/go-safecast#58

Full Changelog: ccoVeille/go-safecast@v1.3.0...v1.4.0

v1.3.0

What's Changed

• ci: improve filename linting by @​ccoVeille in ccoVeille/go-safecast#53
• refactoring by @​ccoVeille in ccoVeille/go-safecast#48
• feat: add conversion to float32 and float64 by @​ccoVeille in ccoVeille/go-safecast#54

Full Changelog: ccoVeille/go-safecast@v1.2.0...v1.3.0

Commits

• 18f613b feat: add MustConvert
• 214bd73 doc: improve documentation
• f0cd846 feat: add Convert
• 5639866 doc: add popularity badge and stargazers graph
• 5230cf7 build(deps): bump crate-ci/typos from 1.28.2 to 1.28.3 in the all group
• f7534d4 ci: try to fix codeclimate
• 74e2586 feat: add conversion to float32 and float64
• cbcae8f chore: simplify code
• 81da728 chore: refactoring Number type is enough
• f468e0b chore: rewrite examples
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.9.0 to 0.10.0

Commits

• 913fb63 singleflight: fix typo in singleflight_test.go
• See full diff in compare view

Updates golang.org/x/term from 0.26.0 to 0.27.0

Commits

• 442846a go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates google.golang.org/genproto/googleapis/rpc from 0.0.0-20241021214115-324edc3d5d38 to 0.0.0-20241118233622-e639e219e697

Commits

• See full diff in compare view

Updates google.golang.org/grpc from 1.68.0 to 1.69.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.69.2

Bug Fixes

• stats/experimental: add type aliases for symbols (Metrics/etc) that were moved to the stats package (#7929).
• client: set user-agent string to the correct version.

Release 1.69.0

Known Issues

• The recently added grpc.NewClient function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. A fix is expected to be a part of grpc-go v1.70. (#7556)

New Features

• stats/opentelemetry: Introduce new APIs to enable OpenTelemetry instrumentation for metrics on servers and clients (#7874)
• xdsclient: add support to fallback to lower priority servers when higher priority ones are down (#7701)
• dns: Add support for link local IPv6 addresses (#7889)
• The new experimental pickfirst LB policy (disabled by default) supports Happy Eyeballs, interleaving IPv4 and IPv6 address as described in RFC-8305 section 4, to attempt connections to multiple backends concurrently. The experimental pickfirst policy can be enabled by setting the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to true. (#7725, #7742)
• balancer/pickfirst: Emit metrics from the pick_first load balancing policy (#7839)
• grpc: export MethodHandler, which is the type of an already-exported field in MethodDesc (#7796)
  • Special Thanks: @​mohdjishin

Bug Fixes

• credentials/google: set scope for application default credentials (#7887)
  • Special Thanks: @​halvards
• xds: fix edge-case issues where some clients or servers would not initialize correctly or would not receive errors when resources are invalid or unavailable if another channel or server with the same target was already in use . (#7851, #7853)
• examples: fix the debugging example, which was broken by a recent change (#7833)

Behavior Changes

• client: update retry attempt backoff to apply jitter per updates to gRFC A6. (#7869)
  • Special Thanks: @​isgj
• balancer/weightedroundrobin: use the pick_first LB policy to manage connections (#7826)

API Changes

• balancer: An internal method is added to the balancer.SubConn interface to force implementors to embed a delegate implementation. This requirement is present in the interface documentation, but wasn't enforced earlier. (#7840)

Performance Improvements

• mem: implement a ReadAll() method for more efficient io.Reader consumption (#7653)
  • Special Thanks: @​ash2k
• mem: use slice capacity instead of length to determine whether to pool buffers or directly allocate them (#7702)
  • Special Thanks: @​PapaCharlie

Documentation

• examples/csm_observability: Add xDS Credentials and switch server to be xDS enabled (#7875)

Release 1.68.2

Dependencies

... (truncated)

Commits

• b615b35 Change version to 1.69.2 (#7947)
• 6b36a3e experimental/stats: re-add type aliases for migration (#7929) (#7941)
• 4535c6d Change version to 1.69.2-dev (#7928)
• b6e7c72 examples/features/csm_observability: Make CSM Observability example server li...
• 9355fbc Change version to 1.69.1 (#7927)
• 927a1e1 Change version to 1.69.1-dev (#7902)
• 97d633a Change version to 1.69.0 (#7901)
• 317271b pickfirst: Register a health listener when used as a leaf policy (#7832)
• 5565631 balancer/pickfirst: replace grpc.Dial with grpc.NewClient in tests (#7879)
• 634497b test: Split import paths for generated message and service code (#7891)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.35.2 to 1.36.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[tstirrat15]

LGTM. I had to update a couple of references and fix a couple of lint errors; I also updated x/net to fix a security issue.