chore(deps): bump the dev-dependencies group with 4 updates

[dependabot]

Bumps the dev-dependencies group with 4 updates: github.com/hashicorp/consul/api, github.com/kubernetes-csi/csi-lib-utils, golang.org/x/net and google.golang.org/grpc.

Updates github.com/hashicorp/consul/api from 1.22.0 to 1.24.0

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.16.1 (August 8, 2023)

SECURITY:

• Update golang.org/x/net to v0.13.0 to address CVE-2023-3978. [GH-18358]
• Upgrade golang.org/x/net to address CVE-2023-29406 [GH-18186]
• Upgrade to use Go 1.20.6. This resolves CVE-2023-29406(net/http) for uses of the standard library. A separate change updates dependencies on golang.org/x/net to use 0.12.0. [GH-18190]
• Upgrade to use Go 1.20.7. This resolves vulnerability CVE-2023-29409(crypto/tls). [GH-18358]

FEATURES:

• cli: consul members command uses -filter expression to filter members based on bexpr. [GH-18223]
• cli: consul operator raft list-peers command shows the number of commits each follower is trailing the leader by to aid in troubleshooting. [GH-17582]
• cli: consul watch command uses -filter expression to filter response from checks, services, nodes, and service. [GH-17780]
• reloadable config: Made enable_debug config reloadable and enable pprof command to work when config toggles to true [GH-17565]
• ui: consul version is displayed in nodes list with filtering and sorting based on versions [GH-17754]

IMPROVEMENTS:

• Fix some typos in metrics docs [GH-18080]
• acl: added builtin ACL policy that provides global read-only access (builtin/global-read-only) [GH-18319]
• acl: allow for a single slash character in policy names [GH-18319]
• connect: Add capture group labels from Envoy cluster FQDNs to Envoy exported metric labels [GH-17888]
• connect: Improve transparent proxy support for virtual services and failovers. [GH-17757]
• connect: update supported envoy versions to 1.23.12, 1.24.10, 1.25.9, 1.26.4 [GH-18303]
• debug: change default setting of consul debug command. now default duration is 5ms and default log level is 'TRACE' [GH-17596]
• extensions: Improve validation and error feedback for property-override builtin Envoy extension [GH-17759]
• hcp: Add dynamic configuration support for the export of server metrics to HCP. [GH-18168]
• hcp: Removes requirement for HCP to provide a management token [GH-18140]
• http: GET API operator/usage endpoint now returns node count cli: consul operator usage command now returns node count [GH-17939]
• mesh: Expose remote jwks cluster configuration through jwt-provider config entry [GH-17978]
• mesh: Stop jwt providers referenced by intentions from being deleted. [GH-17755]
• ui: the topology view now properly displays services with mixed connect and non-connect instances. [GH-13023]
• xds: Explicitly enable WebSocket connection upgrades in HTTP connection manager [GH-18150]

BUG FIXES:

• Fix a bug that wrongly trims domains when there is an overlap with DC name. [GH-17160]
• api-gateway: fix race condition in proxy config generation when Consul is notified of the bound-api-gateway config entry before it is notified of the api-gateway config entry. [GH-18291]
• api: Fix client deserialization errors by marking new Enterprise-only prepared query fields as omit empty [GH-18184]
• ca: Fixes a Vault CA provider bug where updating RootPKIPath but not IntermediatePKIPath would not renew leaf signing certificates [GH-18112]
• connect/ca: Fixes a bug preventing CA configuration updates in secondary datacenters [GH-17846]
• connect: (Enterprise only) Fix bug where intentions referencing sameness groups would not always apply to members properly.
• connect: Fix incorrect protocol config merging for transparent proxy implicit upstreams. [GH-17894]
• connect: Removes the default health check from the consul connect envoy command when starting an API Gateway. This health check would always fail. [GH-18011]

... (truncated)

Commits

• c920b29 release: sdk version bump to v0.14.1 in api module
• 1d431de Backport of Add redirects for mesh-gateway docs into release/1.16.x (#18380)
• 82160a7 Backport of ui: fix typos for peer service imports into release/1.16.x (#18074)
• e6e7ad7 Backport of NET-4897 - update comment to include the current issue url from t...
• 53355c8 Backport of Fix policy lookup to allow for slashes into release/1.16.x (#18372)
• a014854 Backport of [NET-5146] security: Update Go version to 1.20.7 and x/net to 0...
• c56781a Backport of [HCP Telemetry] Periodic Refresh for Dynamic Telemetry Configurat...
• 61cf766 Backport of NET-4240 - Snapshots are failing on Windows into release/1.16.x ...
• afcd8bf Backport of api gw 1.16 updates into release/1.16.x (#18348)
• fa0746e Backport of [CC-5719] Add support for builtin global-read-only policy into re...
• Additional commits viewable in compare view

Updates github.com/kubernetes-csi/csi-lib-utils from 0.14.0 to 0.15.0

Release notes

Sourced from github.com/kubernetes-csi/csi-lib-utils's releases.

v0.15.0

Changelog

https://github.com/kubernetes-csi/csi-lib-utils/blob/v0.15.0/CHANGELOG/CHANGELOG-0.15.md

v0.15.0-rc0

No release notes provided.

Commits

• 32c3fb3 Merge pull request #146 from xing-yang/changelog_0.15
• 0f875ae Add changelog for v0.15.0
• 7b02e8d Merge pull request #140 from DataDog/fricounet/upstream/otel-tracing-grpc
• 47cfaa9 connection: export timeout and metrics options
• c487210 connection: restore ConnectWithoutMetrics
• 2eb6147 Merge remote-tracking branch 'upstream/master' into fricounet/upstream/otel-t...
• 0911089 Merge pull request #144 from Sneha-at/module-update-master
• fc8ccf5 Update dependency go modules for k8s v1.28.0
• 1c17c11 Merge commit '95cf84d6d2580a1e18931757c735838e844f7118' into module-update-ma...
• 95cf84d Squashed 'release-tools/' changes from 1df23db..de2fba8
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.13.0 to 0.14.0

Commits

• c8c0290 go.mod: update golang.org/x dependencies
• 0b21d06 quic: framework for testing blocking operations
• 4648651 quic: add -vv flag for more verbose tests
• 60ae793 quic: don't send session tickets
• a7da556 http2: optimize buffer allocation in transport
• 167593b quic: create and accept streams
• See full diff in compare view

Updates google.golang.org/grpc from 1.56.2 to 1.57.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.57.0

API Changes

• resolver: remove deprecated Target.Scheme and Target.Authority. Use URL.Scheme and URL.Host instead, respectively (#6363)

Behavior Changes

• client: percent-encode the default authority for the channel (#6428)
• xds: require EDS service name to be set in a CDS cluster with an 'xdstp' resource name (gRFC A47) (#6438)

New Features

• reflection: support the v1 reflection service and update Register to register both v1alpha and v1 (#6329)
• xds: add support for string matcher in RBAC header matching (#6419)
• alts: add support for GRPC_ALTS_MAX_CONCURRENT_HANDSHAKES env var (#6267)
• balancer/weightedroundrobin: de-experimentalize name of LB policy (#6477)

Bug Fixes

• status: status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil (#6374)
  • Special Thanks: @​atollena
• server: fix bug preventing TCP user timeout from being set on the connection when TLS is used (#6321)
  • Special Thanks: @​tobotg
• client: eliminate connection churn during an address update that differs only in balancer attributes (#6439)
• clusterresolver: handle EDS nacks, resource-not-found errors, and DNS Resolver errors correctly (#6436, #6461)
• xds/ringhash: cache connectivity state of subchannels inside picker to avoid rare races (#6351)

Commits

• 87bf02a Change version to 1.57.0 (#6448)
• 6b64be9 resolver/weighted_round_robin: remove experimental suffix from name
• 9489082 github: replace deprecated command with environment file (#6417)
• d1868a5 clusterresolver: add logs for dns discovery mechanism error cases (#6444)
• 8e9c8f8 grpc: do not use balancer attributes during address comparison (#6439)
• db32c5b Fix preloader mode in benchmarks (#6359)
• f0280f9 xds: require EDS service name in new-style CDS clusters (gRFC A47) (#6438)
• bf5b7ae clusterresolver: handle EDS nacks and resource-not-found errors correctly (#6...
• fc0aa46 client: encode the authority by default (#6428)
• 11feb0a resolver: delete Target.Scheme and Target.Authority (#6363)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependencies.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.