Skip to content

Bump the patch-updates group with 3 updates#116

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/patch-updates-37ffcc1c4d
Open

Bump the patch-updates group with 3 updates#116
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/patch-updates-37ffcc1c4d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor

Bumps the patch-updates group with 3 updates: github.com/aws/aws-sdk-go-v2/config, github.com/aws/aws-sdk-go-v2/service/kms and github.com/nats-io/nats-server/v2.

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.25 to 1.32.27

Commits

Updates github.com/aws/aws-sdk-go-v2/service/kms from 1.53.4 to 1.53.6

Commits

Updates github.com/nats-io/nats-server/v2 from 2.14.2 to 2.14.3

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.14.3

Changelog

Refer to the 2.14 Upgrade Guide for backwards compatibility notes with 2.12.x. Please note that the 2.13.x version was skipped.

Go Version

Dependencies

  • golang.org/x/crypto v0.53.0 (#8297)
  • golang.org/x/sys v0.46.0 (#8297)
  • github.com/nats-io/jwt/v2 v2.8.2
  • github.com/nats-io/nkeys v0.4.16

Improved

General

  • Per-connection log lines that could be noisy in normal operation have been demoted to debug level (#8289)
  • Writer options are now applied consistently when using the s2_fast compression mode (#8047)

JetStream

  • Stream and consumer assignment handling has been refactored for more consistent migration and info behavior (#8262)
  • Meta, stream and consumer write errors are now registered more consistently for health and recovery handling (#8293)

Removed

Monitoring

  • JSONP callback support has been removed from monitoring endpoints

Fixed

General

  • Long-running reconnect and OCSP loops no longer retain unused timers, reducing memory pressure over time (#8204)
  • Inherited JWT default permissions are now refreshed when account claims are updated (#8276)
  • External auth configuration is now cleared correctly when account claims are updated (#8275)
  • PROXY protocol detection, TLS sniffing with allow_non_tls and PROXY v1 address-family parsing have been fixed (#8302)
  • A race in gateway CONNECT handling has been fixed (#8306)
  • Trusted proxy tracking no longer leaks closed clients during concurrent updates (#8307)
  • Service import replies can now be delivered across cluster routes (#8317)
  • Message tracing now works correctly with service imports and exports
  • Several panic, fatal and data race conditions in authentication, routing, monitoring and clustered request handling have been fixed
  • NoAuthUser now checks connection restrictions
  • Leaf connections no longer bypass Nats-Trace-Dest publish permission checks
  • CONNZ and SUBSZ pagination now guard against Offset and Limit integer overflow panics

... (truncated)

Commits
  • 9b17a58 Release v2.14.3
  • 2be2525 Release v2.14.3-RC.2
  • 563d55f Cherry-picks for v2.14.3-RC.2 (#126)
  • e242ca0 NRG: Don't campaign with an uncommitted membership change about ourselves
  • 0e4d935 NRG: Exclude uncommitted membership change from snapshot
  • 0ab7302 NRG: Remove redundant known peer tracking
  • 6eb7d76 NRG: Truncated uncommitted membership change leaves stale state
  • 8157b56 [TEST] Campaign early on NRG tests
  • 712b3d2 [FIXED] Nil pointer panic when resolver dir parent is not traversable
  • f11c26b [FIXED] Skipped messages set last time to now
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the patch-updates group with 3 updates: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/service/kms](https://github.com/aws/aws-sdk-go-v2) and [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server).


Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.25 to 1.32.27
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.32.25...config/v1.32.27)

Updates `github.com/aws/aws-sdk-go-v2/service/kms` from 1.53.4 to 1.53.6
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/kms/v1.53.4...service/ecs/v1.53.6)

Updates `github.com/nats-io/nats-server/v2` from 2.14.2 to 2.14.3
- [Release notes](https://github.com/nats-io/nats-server/releases)
- [Changelog](https://github.com/nats-io/nats-server/blob/main/RELEASES.md)
- [Commits](nats-io/nats-server@v2.14.2...v2.14.3)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: github.com/aws/aws-sdk-go-v2/service/kms
  dependency-version: 1.53.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: github.com/nats-io/nats-server/v2
  dependency-version: 2.14.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants