deps:chore - update module github.com/sirupsen/logrus to v1.9.4 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/sirupsen/logrus	v1.8.1 → v1.9.4

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

sirupsen/logrus (github.com/sirupsen/logrus)

v1.9.4

Compare Source

Notable changes

• go.mod: update minimum supported go version to v1.17 #​1460
• go.mod: bump up dependencies #​1460
• Touch-up godoc and add "doc" links.
• README: fix links, grammar, and update examples.
• Add GNU/Hurd support #​1364
• Add WASI wasip1 support #​1388
• Remove uses of deprecated ioutil package #​1472
• CI: update actions and golangci-lint #​1459
• CI: remove appveyor, add macOS #​1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

v1.9.3

Compare Source

• Fix a potential denial of service vulnerability in logrus.Writer() that could be triggered by logging text longer than 64kb without newlines f9291a5 (re-apply #​1376)
• Fix panic in Writer d40e25c

Full Changelog: sirupsen/logrus@v1.9.2...v1.9.3

v1.9.2

Compare Source

• Revert #​1376, which introduced a regression in v1.9.1

Full Changelog: sirupsen/logrus@v1.9.1...v1.9.2

v1.9.1

Compare Source

What's Changed

• Fix data race in hooks.test package by @​FrancoisWagner in #​1362
• Add instructions to use different log levels for local and syslog by @​tommyblue in #​1372
• This commit fixes a potential denial of service vulnerability in logrus.Writer() that could be triggered by logging text longer than 64kb without newlines. by @​ozfive in #​1376
• Use text when shows the logrus output by @​xieyuschen in #​1339

New Contributors

• @​FrancoisWagner made their first contribution in #​1362
• @​tommyblue made their first contribution in #​1372
• @​ozfive made their first contribution in #​1376
• @​xieyuschen made their first contribution in #​1339

Full Changelog: sirupsen/logrus@v1.9.0...v1.9.1

v1.9.0

Compare Source

v1.8.3

Compare Source

What's Changed

• Add instructions to use different log levels for local and syslog by @​tommyblue in #​1372
• This commit fixes a potential denial of service vulnerability in logrus.Writer() that could be triggered by logging text longer than 64kb without newlines. by @​ozfive in #​1376
• Use text when shows the logrus output by @​xieyuschen in #​1339

New Contributors

• @​tommyblue made their first contribution in #​1372
• @​ozfive made their first contribution in #​1376
• @​xieyuschen made their first contribution in #​1339

Full Changelog: sirupsen/logrus@v1.8.2...v1.8.3

v1.8.2

Compare Source

What's Changed

• CI: use GitHub Actions by @​thaJeztah in #​1239
• go.mod: github.com/stretchr/testify v1.7.0 by @​thaJeztah in #​1246
• Change godoc badge to pkg.go.dev badge by @​minizilla in #​1249
• Add support for the logger private buffer pool. by @​edoger in #​1253
• bump golang.org/x/sys depency version by @​dgsb in #​1280
• Update README.md by @​runphp in #​1266
• indicates issues as stale automatically by @​dgsb in #​1281
• ci: add go 1.17 to test matrix by @​anajavi in #​1277
• reduce the list of cross build target by @​dgsb in #​1282
• Improve Log methods documentation by @​dgsb in #​1283
• fix race condition for SetFormatter and SetReportCaller by @​rubensayshi in #​1263
• bump version of golang.org/x/sys dependency by @​nathanejohnson in #​1333
• update gopkg.in/yaml.v3 to v3.0.1 by @​izhakmo in #​1337
• update dependencies by @​dgsb in #​1343
• Fix data race in hooks.test package by @​FrancoisWagner in #​1362

New Contributors

• @​minizilla made their first contribution in #​1249
• @​edoger made their first contribution in #​1253
• @​runphp made their first contribution in #​1266
• @​anajavi made their first contribution in #​1277
• @​rubensayshi made their first contribution in #​1263
• @​nathanejohnson made their first contribution in #​1333
• @​izhakmo made their first contribution in #​1337
• @​FrancoisWagner made their first contribution in #​1362

Full Changelog: sirupsen/logrus@v1.8.1...v1.8.2

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 4 additional dependencies were updated

Details:

Package	Change
github.com/stretchr/testify	v1.7.0 -> v1.10.0
github.com/stretchr/objx	v0.3.0 -> v0.5.2
golang.org/x/sys	v0.0.0-20220114195835-da31bd327af9 -> v0.13.0
gopkg.in/yaml.v3	v3.0.0-20210107192922-496545a6307b -> v3.0.1

[snykbotzup]

⛔ Snyk checks have failed. 25 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (25)
⛔	Open Source Security	1	24	0	0	25 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[gitbotzup]

Overall Summary

This Pull Request updates several Go module dependencies to newer versions, aiming to incorporate bug fixes, new features, and important security patches. The changes affect both the go.mod and go.sum files, ensuring that the project uses the latest compatible versions of its dependencies and that their integrity is verified.

---

Changed Files and Their Summaries

1. go.mod

• Summary of Changes:

  • Updated the following dependencies:
    • github.com/sirupsen/logrus: v1.8.1 → v1.9.4
    • github.com/stretchr/testify: v1.7.0 → v1.10.0
    • github.com/stretchr/objx (indirect): v0.3.0 → v0.5.2
    • golang.org/x/sys (indirect): v0.0.0-20220114195835-da31bd327af9 → v0.13.0
    • gopkg.in/yaml.v3 (indirect): v3.0.0-20210107192922-496545a6307b → v3.0.1
  • These updates are likely to bring in bug fixes, new features, and security patches.

• Security Concerns:

  • Upgrading dependencies generally improves security by including patches for known vulnerabilities.
  • Point of Attention: New versions may introduce breaking changes or new vulnerabilities. It is recommended to thoroughly test the application after these updates.

---

2. go.sum

• Summary of Changes:

  • Added checksums for the updated dependencies listed above.
  • These changes ensure the integrity and authenticity of the downloaded modules.

• Security Concerns:

  • No direct security concerns; these changes are a result of dependency updates and are required for Go module verification.

---

Security Advice

• Testing Required: After updating dependencies, it is crucial to run all tests and verify application behavior to catch any breaking changes or issues introduced by the new versions.
• Monitor for Vulnerabilities: Keep monitoring the updated dependencies for any newly reported vulnerabilities.

---

In summary:
This PR is focused on keeping dependencies up-to-date, which is a best practice for maintaining security and stability. Please ensure comprehensive testing before merging.
This is an AI-generated summary, which may be innacurate.
This aims only to assist human reviewers, and does not replace code reviews in any way.
Use responsibly and please submit any feedback to this form.