Skip to content

fix(deps): update all non-major go dependencies#757

Merged
mnencia merged 1 commit intomainfrom
renovate/all-non-major-go-dependencies
Mar 6, 2026
Merged

fix(deps): update all non-major go dependencies#757
mnencia merged 1 commit intomainfrom
renovate/all-non-major-go-dependencies

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 2, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update
github.com/cert-manager/cert-manager v1.19.3v1.19.4 age confidence require patch
github.com/cloudnative-pg/api v1.28.0v1.28.1 age confidence require patch
github.com/cloudnative-pg/barman-cloud ced266c53b8620 require digest
github.com/cloudnative-pg/cloudnative-pg v1.28.0v1.28.1 age confidence require patch
google.golang.org/grpc v1.78.0v1.79.2 age confidence require minor

Release Notes

cert-manager/cert-manager (github.com/cert-manager/cert-manager)

v1.19.4

Compare Source

cloudnative-pg/api (github.com/cloudnative-pg/api)

v1.28.1

Compare Source

cloudnative-pg/cloudnative-pg (github.com/cloudnative-pg/cloudnative-pg)

v1.28.1

Compare Source

Release date: Feb 5, 2026

Enhancements
  • Added support for Azure's DefaultAzureCredential authentication mechanism for backup and recovery operations. This can be enabled by setting azureCredentials.useDefaultAzureCredentials: true in the backup configuration, simplifying authentication in Azure environments without requiring explicit storage account keys or SAS tokens. (#​9468)
Fixes

  • Fixed validation of PostgreSQL extension names containing underscores (e.g., pg_partman, pg_ivm). Extension names with underscores are automatically sanitized to use hyphens for Kubernetes volume names while preserving the original name in mount paths. Webhook validation prevents naming conflicts after sanitization. Contributed by @​shusaan. (#​9386)

  • Fixed a critical issue where the TimelineID in the cluster status was not reset to 1 after a major version upgrade. Because pg_upgrade initializes a new timeline, keeping the old ID (e.g., timeline 2) caused replicas to attempt to restore incompatible history files from object storage, leading to fatal "requested timeline is not a child of this server's history" errors. (#​9830)

  • Fixed an issue where stale TLS status fields in the Pooler were not cleared after being removed from the specification. This was particularly critical when upgrading to v1.28.0, where the ServerTLS field was repurposed, causing PgBouncer to use incorrect certificates and resulting in "unsupported certificate" errors that blocked all application connectivity. The operator now explicitly clears ServerCA, ClientCA, ClientTLS, and ServerTLS status fields when they are no longer configured. (#​9397)

  • Fixed a bug where replicas could enter a crash-loop by attempting to download timeline history files from future timelines. This occurred when stale files remained in the WAL archive from a previous cluster life, and replicas would incorrectly try to fetch them during recovery. (#​9650)

  • Fixed a race condition in replica_cluster setups during designated primary transitions, preventing transient "no primary" states in the replica cluster. (#​9601)

  • The backup controller now uses the unique instance session ID to detect instance manager restarts. This prevents the operator from incorrectly assuming a backup is still progressing if the underlying container has crashed and restarted, which previously led to orphaned backup objects. (#​9370)

  • Fixed a validation gap in Azure object store configurations where the storageAccount was not required when using explicit credentials (such as a storage key or SAS token). The operator now enforces that a storage account name is provided in these cases and that connectionString is mutually exclusive with other authentication parameters. (#​9604)

  • Optimized the deletion path so the operator begins cleaning up resources immediately when a cluster is marked for deletion. This significantly reduces the time a cluster remains in Terminating status while waiting for internal reconciliation loops. (#​9555)

  • Fixed an issue where replication slots were not properly dropped from replicas when the feature was disabled or the cluster was reconfigured. This ensures that unused slots do not cause WAL build-up on the primary. (#​9381)

  • Fixed an issue where imagePullSecrets were not added to the ServiceAccount created for the Pooler. Previously, these secrets were applied to the Deployment but not the SA, which caused image pull failures in restricted environments using certain security policies. (#​9427)

  • Added a check to verify ownership before the operator deletes a PodMonitor. This prevents the operator from accidentally deleting manually managed monitoring resources that happen to share a name with expected CNPG resources. Contributed by @​juliamertz. (#​9340)

  • Fixed a bug where pg_stat_archiver metrics would continue to report stale data on standby instances after a switchover. The exporter now skips these metrics on standbys, as PostgreSQL only provides valid archiver stats on the primary. (#​9411)

  • Clarified the interpretation of timestamp formats for recovery targetTime. Timestamps provided without an explicit timezone are now consistently interpreted as UTC. Contributed by @​pchovelon. (#​8937)

  • Fixed backup status updates to prevent "resource has been modified" errors during concurrent updates. (#​9551)

  • Fixed event reporting to use the correct pod name when a backup pod is not found. (#​9552)

  • Improved performance of scheduled backup operations for clusters with a very high number of historical backups. (#​9489)

  • Fixed error handling when removing finalizers on Database objects. (#​9431)

  • cnpg plugin:

    • Updated the status command to display "Disabled" when the skipWalArchiving annotation is present on a cluster. This replaces confusing "starting up" or "unknown" states when WAL archiving is intentionally bypassed. (#​9709)

    • Fixed the logs --follow command to continue polling for new pods instead of exiting prematurely when all current log streams complete. (#​9599)

grpc/grpc-go (google.golang.org/grpc)

v1.79.2: Release 1.79.2

Compare Source

Bug Fixes

  • stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (#​8874)

v1.79.1: Release 1.79.1

Compare Source

Bug Fixes

  • grpc: Remove the -dev suffix from the User-Agent header. (#​8902)

v1.79.0: Release 1.79.0

Compare Source

API Changes

  • mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#​8806)
  • experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#​8780)

Behavior Changes

  • balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#​8841)

New Features

  • experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#​8780)
  • pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.
    • This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#​8864)
  • xds: Implement :authority rewriting, as specified in gRFC A81. (#​8779)
  • balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#​8650)
  • server: Include status detail headers, if available, when terminating a stream during request header processing. (#​8754)

Bug Fixes

  • credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#​8726)
  • xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#​8813)
  • health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#​8765)
  • transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#​8769)

Performance Improvements

  • credentials/alts: Optimize read buffer alignment to reduce copies. (#​8791)
  • mem: Optimize pooling and creation of buffer objects. (#​8784)
  • transport: Reduce slice re-allocations by reserving slice capacity. (#​8797)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner February 2, 2026 14:57
@dosubot dosubot bot added lgtm This PR has been approved by a maintainer size:XS This PR changes 0-9 lines, ignoring generated files. labels Mar 6, 2026
@renovate
fix(deps): update all non-major go dependencies
c1379c5 
| datasource | package                                  | from    | to      |
| ---------- | ---------------------------------------- | ------- | ------- |
| go         | github.com/cert-manager/cert-manager     | v1.19.3 | v1.19.4 |
| go         | github.com/cloudnative-pg/api            | v1.28.0 | v1.28.1 |
| go         | github.com/cloudnative-pg/cloudnative-pg | v1.28.0 | v1.28.1 |
| go         | google.golang.org/grpc                   | v1.78.0 | v1.79.2 |


Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/all-non-major-go-dependencies branch from f4b38b9 to c1379c5 Compare March 6, 2026 11:41
@renovate
Copy link
Contributor Author

renovate bot commented Mar 6, 2026

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 10 additional dependencies were updated

Details:

Package Change
cel.dev/expr v0.24.0 -> v0.25.1
github.com/lib/pq v1.10.9 -> v1.11.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.86.2 -> v0.87.1
go.opentelemetry.io/otel v1.38.0 -> v1.40.0
go.opentelemetry.io/otel/metric v1.38.0 -> v1.40.0
go.opentelemetry.io/otel/sdk v1.38.0 -> v1.40.0
go.opentelemetry.io/otel/trace v1.38.0 -> v1.40.0
golang.org/x/sys v0.40.0 -> v0.41.0
google.golang.org/genproto/googleapis/api v0.0.0-20251029180050-ab9386a59fda -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/rpc v0.0.0-20251029180050-ab9386a59fda -> v0.0.0-20251202230838-ff82c1b0f217

@mnencia mnencia merged commit d031c23 into main Mar 6, 2026
8 checks passed
@mnencia mnencia deleted the renovate/all-non-major-go-dependencies branch March 6, 2026 12:23
@cnpg-bot cnpg-bot mentioned this pull request Mar 6, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gbartolini gbartolini gbartolini approved these changes

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

Assignees

No one assigned

Labels

automated lgtm This PR has been approved by a maintainer no-issue size:XS This PR changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gbartolini @mnencia