Skip to content

chore(deps): update module github.com/prometheus/common to v0.69.0#439

Open
red-hat-konflux[bot] wants to merge 1 commit into
v1.xfrom
konflux/mintmaker/v1.x/github.com-prometheus-common-0.x
Open

chore(deps): update module github.com/prometheus/common to v0.69.0#439
red-hat-konflux[bot] wants to merge 1 commit into
v1.xfrom
konflux/mintmaker/v1.x/github.com-prometheus-common-0.x

Conversation

@red-hat-konflux

Copy link
Copy Markdown

This PR contains the following updates:

Package Change Age Confidence
github.com/prometheus/common v0.67.5v0.69.0 age confidence

Warning

Some dependencies could not be looked up. Check the warning logs for more information.


Release Notes

prometheus/common (github.com/prometheus/common)

v0.69.0

Compare Source

Security / behavior changes
  • config: credentials are no longer forwarded across cross-host redirects. When FollowRedirects is enabled, the HTTP client now strips Authorization, Cookie, Proxy-Authorization and other sensitive headers, and skips basic-auth, bearer-token and OAuth2 credentials, when a redirect points to a different host. This aligns with Go's net/http behavior. Callers that relied on credentials being sent to a redirect target on another host will need to target that host directly. #​901 #​920 #​921
  • config: LoadHTTPConfigFile now resolves relative file paths (e.g. *_file credentials, http_headers files) against the config file's own directory instead of its parent directory. Configs that worked around the old behavior by prefixing paths with the config's directory name must drop that prefix. #​925
Bugfixes
  • expfmt: fix nil pointer panic when parsing empty braces {}. #​922
  • model: fix Time.UnmarshalJSON for larger negative numbers. #​918
Performance
  • model: reduce allocations in Time.UnmarshalJSON. #​918
Internal
  • Synchronize common files from prometheus/prometheus. #​917
  • Modernize Go. #​919

Full Changelog: prometheus/common@v0.68.1...v0.69.0

v0.68.1

Compare Source

Security / behavior changes
  • config: credentials are no longer forwarded across cross-host redirects. When FollowRedirects is enabled, the HTTP client now strips Authorization, Cookie, Proxy-Authorization and other sensitive headers, and skips basic-auth, bearer-token and OAuth2 credentials, when a redirect points to a different host. This aligns with Go's net/http behavior. Callers that relied on credentials being sent to a redirect target on another host will need to target that host directly. #​901 #​920 #​921
  • config: LoadHTTPConfigFile now resolves relative file paths (e.g. *_file credentials, http_headers files) against the config file's own directory instead of its parent directory. Configs that worked around the old behavior by prefixing paths with the config's directory name must drop that prefix. #​925
Bugfixes
  • expfmt: fix nil pointer panic when parsing empty braces {}. #​922
  • model: fix Time.UnmarshalJSON for larger negative numbers. #​918
Performance
  • model: reduce allocations in Time.UnmarshalJSON. #​918
Internal
  • Synchronize common files from prometheus/prometheus. #​917
  • Modernize Go. #​919

Full Changelog: prometheus/common@v0.68.1...v0.69.0

v0.68.0

Compare Source

What's Changed
New Contributors

Full Changelog: prometheus/common@v0.67.5...v0.68.0


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "on saturday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. labels Jul 4, 2026
@coderabbitai

coderabbitai Bot commented Jul 4, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 442d8aad-5d50-40d1-a9d1-206509e20d97

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch konflux/mintmaker/v1.x/github.com-prometheus-common-0.x

Comment @coderabbitai help to get the list of available commands.

@openshift-ci

openshift-ci Bot commented Jul 4, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

2 similar comments
@openshift-ci

openshift-ci Bot commented Jul 4, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci

openshift-ci Bot commented Jul 4, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants