Sourced from github.com/authzed/spicedb's releases.

v1.45.4

What's Changed

• LookupResources v3, based on a new cursored iterator library by @​josephschorr in authzed/spicedb#2451
• Move github.com/go-viper/mapstructure/v2 to v2.4.0 to fix a vuln in that lib by @​josephschorr in authzed/spicedb#2541
• ci: Integrate commitizen for conventional commit validation by @​mazdakb in authzed/spicedb#2537
• vuln: update go from 1.24.0 to latest 1.25.0 by @​kartikaysaxena in authzed/spicedb#2539
• fix: improve the cluster error message when errors from all dispatchers by @​josephschorr in authzed/spicedb#2543
• revamp readme by @​miparnisari in authzed/spicedb#2474
• LookupResources 3 improvements by @​josephschorr in authzed/spicedb#2540
• build(deps): bump the github-actions group with 7 updates by @​dependabot[bot] in authzed/spicedb#2544
• Implement two new packages: query and schema/v2 by @​barakmich in authzed/spicedb#2531
• query: Implement an executor pattern for the iterators by @​barakmich in authzed/spicedb#2546
• test: Hook up the conformance tests to the new query package by @​barakmich in authzed/spicedb#2547
• feat: add exclusion iterator by @​barakmich in authzed/spicedb#2548
• refactor: Query iterators now operate in Objects and ObjectRelations instead of strings by @​barakmich in authzed/spicedb#2550
• Cursor concurrency improvements by @​josephschorr in authzed/spicedb#2549
• chore: bump authzed-go and pin OTEL libraries by @​miparnisari in authzed/spicedb#2556
• feat: Introduce the alias iterator by @​barakmich in authzed/spicedb#2552
• remove deprecated otel interceptors by @​vroldanbet in authzed/spicedb#2561
• fix: handling of multiple metadata for a single revision in Watch by @​josephschorr in authzed/spicedb#2563
• perf: Add support in LookupSubjects for skipping caveats/expiration by @​josephschorr in authzed/spicedb#2564
• chore: improve the code coverage of the warnings code in development by @​josephschorr in authzed/spicedb#2566
• chore: improve rows.Err linter check by @​miparnisari in authzed/spicedb#2555

Full Changelog: authzed/spicedb@v1.45.3...v1.45.4

Docker Images

This release is available at authzed/spicedb:v1.45.4, quay.io/authzed/spicedb:v1.45.4, ghcr.io/authzed/spicedb:v1.45.4

• 4ff0d47 Merge pull request #2555 from authzed/amend-rowerrcheck
• eb29f80 Merge pull request #2566 from josephschorr/warning-code-cov
• ca2b74f chore: improve the code coverage of the warnings code in development
• 57eaa43 Merge pull request #2564 from josephschorr/skip-ls
• b8f2f47 fix: handle wildcards with expiration properly in the schema compiler
• a0dacf6 perf: Add support in LookupSubjects for skipping caveats/expiration
• a776e70 Merge pull request #2563 from josephschorr/metadata-fix
• 931af3d chore: improve rows.Err linter check
• 97a6a1d Merge pull request #2561 from authzed/remove-deprecated-otel-middleware
• 647d7b7 Merge pull request #2552 from authzed/barakmich/alias
• Additional commits viewable in compare view

Sourced from github.com/hamba/avro/v2's releases.

v2.30.0

What's Changed

• adding support for is-compatible-schema endpoint by @​Pavelsky89 in hamba/avro#546
• chore: bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in the all group by @​dependabot[bot] in hamba/avro#549
• fix: parse struct tag field name correctly by @​taeuk in hamba/avro#551
• chore: bump golang.org/x/tools from 0.34.0 to 0.35.0 in the all group by @​dependabot[bot] in hamba/avro#553
• Add schema info bytes method by @​survivorbat in hamba/avro#554
• chore: bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in the all group by @​dependabot[bot] in hamba/avro#555
• feat(api): expose Name and Type functions of TypeResolver by @​ekazakas in hamba/avro#552
• fix: enum schema compatibility by @​nrwiersma in hamba/avro#557
• chore: bump actions/checkout from 4 to 5 in the all group by @​dependabot[bot] in hamba/avro#562
• chore: bump golang.org/x/tools from 0.35.0 to 0.36.0 in the all group by @​dependabot[bot] in hamba/avro#563
• feat: limit decimal encoding to values allowed by schema by @​vpapp in hamba/avro#565
• Add -logicaltype flag to avrogen by @​n-oden in hamba/avro#566
• chore: bump actions/setup-go from 5 to 6 in the all group by @​dependabot[bot] in hamba/avro#567

New Contributors

• @​Pavelsky89 made their first contribution in hamba/avro#546
• @​taeuk made their first contribution in hamba/avro#551
• @​survivorbat made their first contribution in hamba/avro#554

Full Changelog: hamba/avro@v2.29.0...v2.30.0

• 59f4ba4 chore: bump actions/setup-go from 5 to 6 in the all group (#567)
• 9716ee8 feat: add -logicaltype flag to avrogen (#566)
• fa1080c feat: limit decimal encoding to values allowed by schema (#565)
• 3a21909 chore: bump golang.org/x/tools from 0.35.0 to 0.36.0 in the all group (#563)
• 6b58326 chore: bump actions/checkout from 4 to 5 in the all group (#562)
• 4e405ff fix: enum schema compatibility (#557)
• 07bcb49 feat(api): expose Name and Type functions of TypeResolver (#552)
• 7d552fd chore: bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in the al...
• 969818f feat: add schema info bytes method (#554)
• 1531309 chore: bump golang.org/x/tools from 0.34.0 to 0.35.0 in the all group (#553)
• Additional commits viewable in compare view

Sourced from github.com/mark3labs/mcp-go's releases.

Release v0.41.1

What's Changed

• fix: replace bufio.Scanner with bufio.Reader to support large message… by @​ezynda3 in mark3labs/mcp-go#603

Full Changelog: mark3labs/mcp-go@v0.41.0...v0.41.1

Release v0.41.0

What's Changed

• fix(oauth): use oauth-authorization-server discovery before default endpoints by @​trungutt in mark3labs/mcp-go#581
• Improve JSON-RPC error handling with typed errors and response constructors by @​peteski22 in mark3labs/mcp-go#595
• fix: Streamable HTTP client ping response handling by @​havasik in mark3labs/mcp-go#578
• feat: add support for call tool result annotations by @​Crescent617 in mark3labs/mcp-go#547

New Contributors

• @​trungutt made their first contribution in mark3labs/mcp-go#581
• @​havasik made their first contribution in mark3labs/mcp-go#578
• @​Crescent617 made their first contribution in mark3labs/mcp-go#547

Full Changelog: mark3labs/mcp-go@v0.40.0...v0.41.0

• a1dd4ef fix: replace bufio.Scanner with bufio.Reader to support large messages in std...
• b8297f5 More tests
• 0e185e5 Update coverage job
• 6ee5d6c Fix linting issue
• edba7f3 Add simple tests
• 0f6be05 Fix action
• d1a73bf Add coverage report
• 1737192 format
• 7657c15 feat: add support for call tool result annotations (#547)
• aefdc0d fix: Streamable HTTP client ping response handling (#578)
• Additional commits viewable in compare view

• afe12b2 Merge pull request #295 from olekukonko/counter
• fe53e02 v1.1.0 in readme
• aa751db make count variadic update #294
• be92b88 initial lien count support #294
• e520aed Merge pull request #292 from EppO/fix-colorized-hmerge-footer
• f541e24 Fix AlignRight override for footer HMerge/TOTAL pattern
• 842268a Merge pull request #291 from Saurabh2402/improvement/setup-linter
• 8d10b0e lint code after sync
• 3fd0b25 Merge branch 'master' of https://github.com/Saurabh2402/tablewriter into impr...
• c0bceba add support for TrimLine update #290
• Additional commits viewable in compare view

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

• chore: upgrade pflags v1.0.9 by @​jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

• 7da941c chore: Bump pflag to v1.0.9 (#2305)
• See full diff in compare view

Sourced from github.com/spf13/pflag's releases.

v1.0.9

What's Changed

• fix: Restore ParseErrorsWhitelist name for now by @​tomasaschan in spf13/pflag#446

Full Changelog: spf13/pflag@v1.0.8...v1.0.9

• 1043857 Merge pull request #446 from spf13/fix-backwards-compat
• 7412009 fix: Restore ParseErrorsWhitelist name for now
• See full diff in compare view

• See full diff in compare view

• f8a9fe2 go.mod: update golang.org/x dependencies
• ea04085 go.mod: update golang.org/x dependencies
• See full diff in compare view

• 3b23d57 http2: fix race condition when disabling goroutine debugging for one test
• 8741050 http2: simplify TestServer_Push_RejectAfterGoAway
• 96e405c http2: modernize TestTransportRoundtripCloseOnWriteError
• 6dc6880 http2: simplify ClientConn Close and Shutdown tests
• 4e2915b http2: modernize TestTransportAllocationsAfterResponseBodyClose
• 30b0e78 http2: modernize TestRoundTripDoesntConsumeRequestBodyEarly
• b9acd77 http2: speed up TestTransportFlowControl
• 5153f4d go.mod: update golang.org/x dependencies
• 9338bdd http2: speed up TestTransportHandlerBodyClose
• 6b20036 http2: add synchronous handler support to serverTester
• Additional commits viewable in compare view

• 04914c2 all: upgrade go directive to at least 1.24.0 [generated]
• 7fad2c9 errgroup: revert propagation of panics
• See full diff in compare view

• 1a11b45 go.mod: update golang.org/x dependencies
• d862cd5 all: upgrade go directive to at least 1.24.0 [generated]
• a35244d go.mod: update golang.org/x dependencies
• 4f53e0c term: allow multi-line bracketed paste to not create single line with verbati...
• 27f29d8 term: remove duplicate flag and add comment on windows
• 30da5dd go.mod: update golang.org/x dependencies
• See full diff in compare view

• See full diff in compare view

Sourced from google.golang.org/grpc's releases.

Release 1.75.1

Bug Fixes

• transport: Fix a data race while copying headers for stats handlers in the std lib http2 server transport. (#8519)
• xdsclient:
  • Fix a data race caused while reporting load to LRS. (#8483)
  • Fix regression preventing empty node IDs when creating an LRS client. (#8483)
• server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)

Release 1.75.0

Behavior Changes

• xds: Remove support for GRPC_EXPERIMENTAL_XDS_FALLBACK environment variable. Fallback support can no longer be disabled. (#8482)
• stats: Introduce DelayedPickComplete event, a type alias of PickerUpdated. (#8465)
  • This (combined) event will now be emitted only once per call, when a transport is successfully selected for the attempt.
  • OpenTelemetry metrics will no longer have multiple "Delayed LB pick complete" events in Go, matching other gRPC languages.
  • A future release will delete the PickerUpdated symbol.
• credentials: Properly apply grpc.WithAuthority as the highest-priority option for setting authority, above the setting in the credentials themselves. (#8488)
  • Now that this WithAuthority is available, the credentials should not be used to override the authority.
• round_robin: Randomize the order in which addresses are connected to in order to spread out initial RPC load between clients. (#8438)
• server: Return status code INTERNAL when a client sends more than one request in unary and server streaming RPC. (#8385)
  • This is a behavior change but also a bug fix to bring gRPC-Go in line with the gRPC spec.

New Features

• dns: Add an environment variable (GRPC_ENABLE_TXT_SERVICE_CONFIG) to provide a way to disable TXT lookups in the DNS resolver (by setting it to false). By default, TXT lookups are enabled, as they were previously. (#8377)

Bug Fixes

• xds: Fix regression preventing empty node IDs in xDS bootstrap configuration. (#8476)
  • Special Thanks: @​davinci26
• xds: Fix possible panic when certain invalid resources are encountered. (#8412)
  • Special Thanks: @​wooffie
• xdsclient: Fix a rare panic caused by processing a response from a closed server. (#8389)
• stats: Fix metric unit formatting by enclosing non-standard units like call and endpoint in curly braces to comply with UCUM and gRPC OpenTelemetry guidelines. (#8481)
• xds: Fix possible panic when clusters are removed from the xds configuration. (#8428)
• xdsclient: Fix a race causing "resource doesn not exist" when rapidly subscribing and unsubscribing to the same resource. (#8369)
• client: When determining the authority, properly percent-encode (if needed, which is unlikely) when the target string omits the hostname and only specifies a port (grpc.NewClient(":<port-number-or-name>")). (#8488)

Release 1.74.3

Bug Fixes

• xds: Fix a regression preventing empty node IDs in the bootstrap configuration. (#8476 , #8483)
• xdsclient: Fix a data race caused while reporting load to LRS. (#8483)
• server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)

Release 1.74.2

New Features

• grpc: introduce new DialOptions and ServerOptions (WithStaticStreamWindowSize, WithStaticConnWindowSize, StaticStreamWindowSize, StaticConnWindowSize) that force fixed window sizes for all HTTP/2 connections. By default, gRPC uses dynamic sizing of these windows based upon a BDP estimation algorithm. The existing options (WithInitialWindowSize, etc) also disable BDP estimation, but this behavior will be changed in a following release. (#8283)

... (truncated)

• b4dc263 Change version to 1.75.1 (#8559)
• 1fffee7 Cherry-pick #8528 to v1.75.x (#8555)
• a52e42b Cherry pick #8483 into v1.75.x (#8541)
• 369c9aa Cherry-pick #8519 to v1.75.x (#8530)
• 7269d5f Change version to 1.75.1-dev (#8494)
• b9788ef Change version to 1.75.0 (#8493)
• 2bd74b2 credentials: fix behavior of grpc.WithAuthority and credential handshake prec...
• 9fa3267 xds: remove xds client fallback environment variable (#8482)
• 62ec29f grpc: Fix cardinality violations in non-client streaming RPCs. (#8385)
• 85240a5 stats: change non-standard units to annotations (#8481)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions