Commit Graph

5 Commits

Author SHA1 Message Date
Matthew McPherrin b26b116861
Update certificate-transparency-go for bugfix (#8160)
This updates to current `master`,
bc7acd89f703743d050f5cd4a3b9746808e0fdae

Notably, it includes a bug-fix to error handling in the HTTP client,
which we found was hiding errors from CT logs, hindering our debugging.

That fix is
https://github.com/google/certificate-transparency-go/pull/1695

No release has been tagged since this PR merged, so using the `master`
commit.

A few mutual dependencies used by both Boulder and ct-go are updated,
including mysql, otel, and grpc.
2025-05-06 12:10:53 -07:00
Aaron Gable 1c1c4dcfef
Update certificate-transparency-go to get static/tiled log support (#8150)
Update github.com/google/certificate-transparency-go from v1.1.6 to
v1.3.1. This updates the loglist file schema to recognize logs which are
tagged as being tiled logs / implementing the static CT API.

Transitively update:
- github.com/go-sql-driver/mysql from v1.7.1 to v1.8.1
- github.com/prometheus/client_golang from v1.15.1 to v1.22.0
- github.com/prometheus/client_model from v0.4.0 to v0.6.1
- go.opentelemetry.io/otel from v1.30.0 to v1.31.0
- google.golang.org/grpc from v1.66.1 to v1.69.4
- google.golang.org/protobuf from v1.34.2 to v1.36.5
- and a variety of indirect dependencies

Remove one indirect dependency:
- github.com/matttproud/golang_protobuf_extensions

Add two new indirect dependencies:
- filippo.io/edwards25519@v1.1.0 (used by go-sql-driver to handle
mariadb's custom encryption implementation)
- github.com/munnerz/goautoneg@v0.0.0-20191010083416-a7dc8b61c822
(previously inlined into prometheus/common)

Also fix two unit tests which need minor modifications to work with
updated type signatures and behavior.

Part of https://github.com/letsencrypt/boulder/issues/7872
2025-04-30 15:56:31 -07:00
dependabot[bot] 61ff7f606d
Update OTel dependencies (#7713)
Updates:
- go.opentelemetry.io/contrib/instrumentation (and subpackages) from 0.52.0 to 0.55.0
- go.opentelemetry.io/otel (and subpackages) from 1.27.0 to 1.30.0

Upstream release notes:
https://github.com/open-telemetry/opentelemetry-go-contrib/releases

Also transitively updates a few golang.org/x/ dependencies, and the grpc and protobuf
dependencies.
2024-10-07 13:22:08 -07:00
dependabot[bot] 1053352d1f
build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.46.1 to 0.51.0 (#7467)
Bumps
[go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib)
from 0.46.1 to 0.51.0.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aaron Gable <aaron@letsencrypt.org>
2024-05-20 12:14:27 -04:00
Matthew McPherrin e8d382aec0
Upgrade the protobuf and grpc dependencies in Boulder (#7232)
Protobuf v1.32 fixes a potential stack overflow crash. Boulder doesn't
expose grpc externally so the risk is minimal, but it seems prudent to
upgrade on a regular cadence.  IE, this is not a security fix for Boulder.
2024-01-08 11:23:23 -08:00