Bump the gomod group across 1 directory with 2 updates

[dependabot]

Bumps the gomod group with 2 updates in the / directory: github.com/IBM/sarama and github.com/prometheus/client_golang.

Updates github.com/IBM/sarama from 1.43.0 to 1.43.2

Release notes

Sourced from github.com/IBM/sarama's releases.

Version 1.43.2 (2024-04-25)

What's Changed

🐛 Fixes

• chore(ci): add 32-bit alignment check by @​dnwe in IBM/sarama#2874

📦 Dependency updates

• chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 by @​dependabot in IBM/sarama#2866
• chore(deps): bump the golang-org-x group with 2 updates by @​dependabot in IBM/sarama#2853
• chore(deps): bump github.com/klauspost/compress from 1.17.7 to 1.17.8 by @​dependabot in IBM/sarama#2857
• chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 in /examples/txn_producer in the go_modules group by @​dependabot in IBM/sarama#2865
• chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 in /examples/consumergroup in the go_modules group by @​dependabot in IBM/sarama#2867
• chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 in /examples/exactly_once in the go_modules group by @​dependabot in IBM/sarama#2868
• chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 in /examples/interceptors in the go_modules group by @​dependabot in IBM/sarama#2869

Full Changelog: IBM/sarama@v1.43.1...v1.43.2

Version 1.43.1 (2024-03-27)

What's Changed

🐛 Fixes

• fix: message.max.bytes should default to 1048576 not 1 MB by @​puellanivis in IBM/sarama#2804
• fix: add locking around broker throttle timer to prevent race condition by @​chengsha in IBM/sarama#2826

📦 Dependency updates

• chore(deps): bump go.opentelemetry.io/otel/sdk from 1.23.1 to 1.24.0 in /examples/interceptors by @​dependabot in IBM/sarama#2816
• chore(deps): bump the golang-org-x group with 1 update by @​dependabot in IBM/sarama#2825
• chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @​dependabot in IBM/sarama#2822
• chore(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdoutmetric from 1.23.1 to 1.24.0 in /examples/interceptors by @​dependabot in IBM/sarama#2815

New Contributors

• @​chengsha made their first contribution in IBM/sarama#2826

Full Changelog: IBM/sarama@v1.43.0...v1.43.1

Commits

• 0ab2bb7 chore(ci): go mod tidy examples tree (#2883)
• a8d8e7a chore(ci): bump actions/upload-artifact from 4.3.1 to 4.3.3 (#2882)
• e4d54f0 chore(ci): re-enable gocache in golangci-lint step
• 18c39e4 chore(ci): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0
• 3d0d427 chore(ci): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 (#2880)
• cf0ca71 chore(ci): bump actions/dependency-review-action from 4.1.3 to 4.2.5 (#2879)
• 709e313 chore(ci): bump ubi8/ubi-minimal from 8.8 to 8.9 (#2878)
• 681001f fix(fv): use docker's tini/init for FV containers
• 1cb9154 fix(ci): fix dependabot docker action
• 532dda6 chore(ci): bump actions/checkout from 4.1.1 to 4.1.4 (#2876)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.19.0 to 1.19.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.19.1

What's Changed

• Security patches for golang.org/x/sys and google.golang.org/protobuf

New Contributors

• @​lukasauk made their first contribution in prometheus/client_golang#1494

Full Changelog: prometheus/client_golang@v1.19.0...v1.19.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

Commits

• 6e3f4b1 Cut 1.19.1 (#1494)
• cad1bfa Merge pull request #1454 from prometheus/small-nits
• 0aa8c9f Rephrase incompatibility with common v0.48.0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions