Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6 #739

Closed
wants to merge 1 commit into from
Closed

Bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6 #739

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 12, 2025
edited
Loading

Bumps github.com/hashicorp/nomad from 1.9.5 to 1.9.6.

Release notes

Sourced from github.com/hashicorp/nomad's releases.

v1.9.6

1.9.6 (February 11, 2025)

BREAKING CHANGES:

  • fingerprint: Consul and Vault fingerprints no longer reload periodically [GH-24526]

SECURITY:

  • api: sanitize the SignedIdentities in allocations of events to clean the identity token. [GH-24966]
  • build: Updated Go to 1.23.6 [GH-25041]
  • event stream: fixes vulnerability CVE-2025-0937, where using a wildcard namespace to subscribe to the events API grants a user with "read" capabilites on any namespace, the ability to read events from all namespaces. [GH-25089]

IMPROVEMENTS:

  • auth: adds VerboseLogging option to auth-method config for debugging SSO [GH-24892]
  • cli: Added actions available to a job when running nomad job status command [GH-24959]
  • event stream: adds ability to authenticate using workload identities [GH-24849]
  • services: Nomad service checks now support the tls_skip_verify parameter [GH-24781]
  • task schedule: The task being paused no longer impacts restart attempts [GH-25085]
  • ui: Contextualizes the Start Job button on whether it is startable, revertable, or not [GH-24985]

BUG FIXES:

  • agent: Fixed a bug where Nomad error log messages within syslog showed via the notice priority [GH-24820]
  • agent: Fixed a bug where all syslog entries were marked as notice when using JSON logging format [GH-24865]
  • client: Fixed a bug where temporary RPC errors cause the client to poll for changes more frequently thereafter [GH-25039]
  • csi: Fixed a bug where volume context from the plugin would be erased on volume updates [GH-24922]
  • docker: Fixed a bug that prevented image_pull_timeout from being applied [GH-24991]
  • docker: Fixed a bug where "error reading image pull progress" caused the allocation to get stuck pending [GH-24981]
  • reporting (Enterprise): Updated the reporting metric to utilize node active heartbeat count. [GH-24919]
  • state store: fix for setting correct status for a job version when reverting, and also fixes an issue where jobs were briefly marked dead during restarts [GH-24974]
  • taskrunner: fix panic when a task with dynamic user is recovered [GH-24739]
  • ui: Ensure pending service check blocks are filled [GH-24818]
  • ui: Remove unrequired node read API call when attempting to stream task logs [GH-24973]
  • vault: Fixed a bug where successful renewal was logged as an error [GH-25040]
Changelog

Sourced from github.com/hashicorp/nomad's changelog.

1.9.6 (February 11, 2025)

BREAKING CHANGES:

  • fingerprint: Consul and Vault fingerprints no longer reload periodically [GH-24526]

SECURITY:

  • api: sanitize the SignedIdentities in allocations of events to clean the identity token. [GH-24966]
  • build: Updated Go to 1.23.6 [GH-25041]
  • event stream: fixes vulnerability CVE-2025-0937, where using a wildcard namespace to subscribe to the events API grants a user with "read" capabilites on any namespace, the ability to read events from all namespaces. [GH-25089]

IMPROVEMENTS:

  • auth: adds VerboseLogging option to auth-method config for debugging SSO [GH-24892]
  • cli: Added actions available to a job when running nomad job status command [GH-24959]
  • event stream: adds ability to authenticate using workload identities [GH-24849]
  • services: Nomad service checks now support the tls_skip_verify parameter [GH-24781]
  • task schedule: The task being paused no longer impacts restart attempts [GH-25085]
  • ui: Contextualizes the Start Job button on whether it is startable, revertable, or not [GH-24985]

BUG FIXES:

  • agent: Fixed a bug where Nomad error log messages within syslog showed via the notice priority [GH-24820]
  • agent: Fixed a bug where all syslog entries were marked as notice when using JSON logging format [GH-24865]
  • client: Fixed a bug where temporary RPC errors cause the client to poll for changes more frequently thereafter [GH-25039]
  • csi: Fixed a bug where volume context from the plugin would be erased on volume updates [GH-24922]
  • docker: Fixed a bug that prevented image_pull_timeout from being applied [GH-24991]
  • docker: Fixed a bug where "error reading image pull progress" caused the allocation to get stuck pending [GH-24981]
  • reporting (Enterprise): Updated the reporting metric to utilize node active heartbeat count. [GH-24919]
  • state store: fix for setting correct status for a job version when reverting, and also fixes an issue where jobs were briefly marked dead during restarts [GH-24974]
  • taskrunner: fix panic when a task with dynamic user is recovered [GH-24739]
  • ui: Ensure pending service check blocks are filled [GH-24818]
  • ui: Remove unrequired node read API call when attempting to stream task logs [GH-24973]
  • vault: Fixed a bug where successful renewal was logged as an error [GH-25040]
Commits
  • 7f8b449 Generate files for 1.9.6 release
  • de58c83 backport of commit c4f232f23ed2f45a93f77d35131d81f463c9d15e (#25091)
  • 4d2a690 backport of commit 92c90af5421da594eb375554ccd764b2f6146af3 (#25090)
  • 5ad790f Backport of Enable workload identity for event stream into release/1.9.x (#24...
  • 4e84ea0 backport of commit 87741dd9088eff31f523751adabcd8131afbdc9d (#25080)
  • 4535d21 backport of commit 8a597a172d8081ee386d81d1c15a9095f09cc584 (#25087)
  • 999de69 Backport of state store: remove reschedulable check when getting job status i...
  • 2acf105 backport of commit 63dacd2d6e13ac66f51ec077f33a52b67d9e70a2 (#24895)
  • dd14d5b backport of commit 9367929d87c0a5d654fb4deacfd4f008de6b6a78 (#25019)
  • b2d2e35 backport of commit 91194b3cc27bcdc2fb8c84dd5850fb1650ab6fcc (#25056)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @openhpi-bot.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/hashicorp/nomad from 1.9.5 to 1.9.6
144c129 
Bumps [github.com/hashicorp/nomad](https://github.com/hashicorp/nomad) from 1.9.5 to 1.9.6.
- [Release notes](https://github.com/hashicorp/nomad/releases)
- [Changelog](https://github.com/hashicorp/nomad/blob/main/CHANGELOG.md)
- [Commits](hashicorp/nomad@v1.9.5...v1.9.6)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/nomad
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 12, 2025
openhpi-bot
openhpi-bot approved these changes Feb 12, 2025
View reviewed changes
Copy link

@openhpi-bot openhpi-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 12, 2025

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 12, 2025

Looks like github.com/hashicorp/nomad is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Feb 12, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/hashicorp/nomad-1.9.6 branch February 12, 2025 11:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@openhpi-bot openhpi-bot openhpi-bot approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@openhpi-bot