388 Commits

Author	SHA1	Message	Date
Julien Pivotto	1f5690d89a	Update CODEOWNERS in LTS ... Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>	2026-04-13 11:17:10 +02:00
Julien Pivotto	ec34996111	Bump go to 1.25; bump dependencies ... Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>	2026-04-13 10:48:12 +02:00
Julien Pivotto	1c93b41cb1	Do not run tests with previous go version ... Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>	2026-04-10 11:50:30 +02:00
Julien	2834efc2bb	ci: disable fuzzing CI on LTS branch (#18500) ... Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>	2026-04-09 18:33:48 +02:00
Ben Kochie	a967901a9f	Bump promci action (#17912) (#17918) ... Update promci to pick up `latest` tag fix. Fixes: https://github.com/prometheus/prometheus/issues/16238 Signed-off-by: SuperQ <superq@gmail.com>	2026-01-22 22:23:15 +01:00
Ayoub Mrini	44f78bb3c8	Merge pull request #16623 from machine424/reprep ... fix: add reproducer for a dangling-reference issue in parsers and fix	2025-05-27 05:24:48 +02:00
Joe Harvey	79c9e9348f	ci: address zizmor gh action vulnerabilities (#16530) ... * ci: address zizmor gh action vulnerabilities --------- Signed-off-by: Joe Harvey <51208233+jharvey10@users.noreply.github.com> Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-05-26 15:38:09 +00:00
machine424	2bfbd8a714	fix: add reproducer for a dangling-reference issue in parsers ... Signed-off-by: machine424 <ayoubmrini424@gmail.com>	2025-05-22 17:22:51 +02:00
Ayoub Mrini	2edc3ed6c5	feat(tsdb): introduce --use-uncached-io feature flag and allow using it for chunks writing (#15365) ... Signed-off-by: machine424 <ayoubmrini424@gmail.com> Signed-off-by: Ayoub Mrini <ayoubmrini424@gmail.com>	2025-05-21 14:42:30 +02:00
dependabot[bot]	c3ce1f1927	chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (#16533) ... Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.3.0 to 4.4.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](cdca7365b2...49933ea528) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-05-04 11:50:04 +02:00
github-actions[bot]	504a130722	Merge pull request #16535 from prometheus/dependabot/github_actions/github/codeql-action-3.28.16 ... chore(deps): bump github/codeql-action from 3.28.13 to 3.28.16	2025-05-04 11:21:45 +02:00
Matthieu MOREL	9d7a37ae18	Bump golangci-lint to v2.1.5 (#16545) ... Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-05-04 11:17:22 +02:00
Bryan Boreham	ca416c580c	Merge branch 'main' into slicelabels ... Signed-off-by: Bryan Boreham <bjboreham@gmail.com>	2025-05-02 10:31:57 +01:00
dependabot[bot]	9dcc160049	chore(deps): bump github/codeql-action from 3.28.13 to 3.28.16 ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.16. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](1b549b9259...28deaeda66) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.28.16 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-05-02 00:14:05 +00:00
machine424	37000f6f3d	chore: sync golang versions ... use 1.24 as intended in https://github.com/prometheus/prometheus/pull/16180 Signed-off-by: machine424 <ayoubmrini424@gmail.com>	2025-04-17 15:40:13 +02:00
github-actions[bot]	917a26ce97	Merge pull request #16384 from prometheus/dependabot/github_actions/github/codeql-action-3.28.13 ... chore(deps): bump github/codeql-action from 3.28.12 to 3.28.13	2025-04-17 13:05:30 +02:00
Lukasz Mierzwa	bb76966992	Use stringlabels by default ... This removes the stringlabels build tag, makes that implementation the default one, and moves the old labels implementation under the slicelabels build tag. Fixes #16064. Signed-off-by: Lukasz Mierzwa <l.mierzwa@gmail.com>	2025-04-15 17:52:24 +01:00
Matthieu MOREL	08aa5e3f97	ci: update golangci-lint to v2.0.2 and adjust configuration (#16356) ... * ci: update golangci-lint to v2.0.2 and adjust configuration --------- Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>	2025-04-02 13:05:30 +02:00
dependabot[bot]	b76e49d1c1	chore(deps): bump github/codeql-action from 3.28.12 to 3.28.13 ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.12 to 3.28.13. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](5f8171a638...1b549b9259) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-04-02 00:05:16 +00:00
dependabot[bot]	6e508f8553	chore(deps): bump actions/setup-go from 5.3.0 to 5.4.0 ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](f111f3307d...0aaccfd150) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-27 21:07:19 +00:00
github-actions[bot]	38fe7f463a	Merge pull request #16310 from prometheus/dependabot/github_actions/actions/upload-artifact-4.6.2 ... chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2	2025-03-27 21:49:28 +01:00
dependabot[bot]	8d980bf747	chore(deps): bump actions/setup-node from 4.2.0 to 4.3.0 ... Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](1d0ff469b7...cdca7365b2) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-24 09:56:09 +00:00
dependabot[bot]	c7f4e41e79	chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2 ... Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](4cec3d8aa0...ea165f8d65) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-24 09:56:06 +00:00
Julius Volz	475092ff79	Remove dependabot configs for npm-based dependencies (#16307) ... This is just IMO, but getting my inbox flooded every month with hundreds of dependabot PRs is annoying, even if I don't end up handling most of them myself (thanks to others who do!). And then philosophically, I don't know if this is even the right approach. I don't think that whoever merges these PRs actually has the capacity or the knowledge to check that everything is still working as expected. Often subtle things can break after package updates, like a class name from an npm package not fitting to a style definition in our code anymore (as happened once with e.g. codemirror in the past, and nobody noticed when merging, and that bug is still present in Thanos' port of our UI). And you can't look in detail at the UI for every little PR that dependabot sends. Node module dependencies are inherently very noisy because there are so many of them, but I think a better approach would be to update them maybe once or twice a year (or whenever really needed), with all deps updated together, at a time when a maintainer has the time to really look at things carefully, and then do a comprehensive manual check of the UI to see that everything is still behaving as before. Signed-off-by: Julius Volz <julius.volz@gmail.com>	2025-03-24 10:55:01 +01:00
dependabot[bot]	dc82666ed4	chore(deps): bump prometheus/promci from 0.4.6 to 0.4.7 (#16262) ... Bumps [prometheus/promci](https://github.com/prometheus/promci) from 0.4.6 to 0.4.7. - [Release notes](https://github.com/prometheus/promci/releases) - [Commits](c3c93a50d5...443c7fc239) --- updated-dependencies: - dependency-name: prometheus/promci dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-22 18:40:11 +01:00
dependabot[bot]	e375e7c84d	chore(deps): bump github/codeql-action from 3.28.10 to 3.28.12 (#16260) ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.12. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](b56ba49b26...5f8171a638) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-22 18:40:03 +01:00
dependabot[bot]	b71ad4f6b7	chore(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.2 ... Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.5.0 to 6.5.2. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](2226d7cb06...55c2c1448f) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-22 16:51:17 +00:00
github-actions[bot]	9b6c8a9ea3	Merge pull request #16259 from prometheus/dependabot/github_actions/actions/cache-4.2.3 ... chore(deps): bump actions/cache from 4.2.2 to 4.2.3	2025-03-22 17:50:28 +01:00
dependabot[bot]	6d45ea4e5b	chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 ... Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](62b2cac7ed...f49aabe0b5) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-22 13:04:10 +00:00
dependabot[bot]	43b0eac343	chore(deps): bump actions/cache from 4.2.2 to 4.2.3 ... Bumps [actions/cache](https://github.com/actions/cache) from 4.2.2 to 4.2.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](d4323d4df1...5a3ec84eff) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-22 13:04:00 +00:00
Matthieu MOREL	64905156f4	chore: use directories to simplify dependabot config (#16241) ... Signed-off-by: Matthieu MOREL <matthieu.morel35@gmail.com>	2025-03-22 14:03:17 +01:00
zhengkezhou1	1b92962484	ci: attempt to run Go tests on Windows ... Signed-off-by: zhengkezhou1 <madzhou1@gmail.com>	2025-03-10 23:17:46 +08:00
dependabot[bot]	de784ce6e0	chore(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 (#16129) ... Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](65c4c4a1dd...4cec3d8aa0) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-07 15:05:03 +01:00
dependabot[bot]	71cb219eb6	chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.5.0 (#16124) ... Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.2.0 to 6.5.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](ec5d18412c...2226d7cb06) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-07 13:38:20 +01:00
dependabot[bot]	3de752572e	chore(deps): bump actions/cache from 4.2.0 to 4.2.2 (#16128) ... Bumps [actions/cache](https://github.com/actions/cache) from 4.2.0 to 4.2.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](1bd1e32a3b...d4323d4df1) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-07 13:36:53 +01:00
dependabot[bot]	a1430c9766	chore(deps): bump actions/setup-node from 4.1.0 to 4.2.0 (#16130) ... Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](39370e3970...1d0ff469b7) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-07 13:36:43 +01:00
github-actions[bot]	c4a26a8868	Merge pull request #16126 from prometheus/dependabot/github_actions/github/codeql-action-3.28.10 ... chore(deps): bump github/codeql-action from 3.28.8 to 3.28.10	2025-03-07 12:36:06 +00:00
Arve Knudsen	f2d8af008d	Fix testing of previous Go version ... Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	2025-03-07 11:47:33 +01:00
Arve Knudsen	56929ffa42	Upgrade to Go v1.24 (#16180) ... * Upgrade to Go v1.24 * Upgrade golangci-lint --------- Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	2025-03-07 11:28:26 +01:00
dependabot[bot]	62715de317	chore(deps): bump github/codeql-action from 3.28.8 to 3.28.10 ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](dd746615b3...b56ba49b26) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2025-03-01 23:48:01 +00:00
Jan Fajerski	d5b18be9e2	ci: fix build-all status trigger to contain always ... Otherwise a failure in the dependent job skips the status job, which is treated as success. Signed-off-by: Jan Fajerski <jfajersk@redhat.com>	2025-02-20 11:41:24 +01:00
Bartlomiej Plotka	8fe24ced82	ci: Add GH action that clicks "enable auto-merge" on dependabot PRs (#15967) ... This will merge on green all non-conflicting dependabot PRs. Signed-off-by: bwplotka <bwplotka@gmail.com>	2025-02-12 16:51:40 +00:00
Bartlomiej Plotka	8baad1a73e	Bump promci to latest to avoid deprecated actions/cache CI issue. (#16013) ... Current main is broken due to: ``` Error: This request has been automatically failed because it uses a deprecated version of `actions/cache: 0c45773b623bea8c8e75f6c82b208c3cf94ea4f9`. Please update your workflow to use v3/v4 of actions/cache to avoid interruptions. Learn more: https://github.blog/changelog/2024-12-05-notice-of-upcoming-releases-and-breaking-changes-for-github-actions/#actions-cache-v1-v2-and-actions-toolkit-cache-package-closing-down ``` This is odd given `actions/cache: 0c45773b623bea8c8e75f6c82b208c3cf94ea4f9` has a comment of v4.0.2 (so not v1 and v2), trying 4.1.0. https://github.com/prometheus/prometheus/actions/runs/13267052807/job/37037025130?pr=16011 Signed-off-by: bwplotka <bwplotka@gmail.com>	2025-02-11 18:09:21 +00:00
dependabot[bot]	9c5fd0b9fb	chore(deps): bump actions/setup-go from 5.2.0 to 5.3.0 (#15957) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](3041bf56c9...f111f3307d) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:10:17 +00:00
dependabot[bot]	6db18abe4e	chore(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (#15958) ... Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.1.1 to 6.2.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](971e284b60...ec5d18412c) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:13:23 +01:00
dependabot[bot]	bc07189662	chore(deps): bump actions/stale from 9.0.0 to 9.1.0 (#15959) ... Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](28ca103628...5bef64f19d) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:12:51 +01:00
dependabot[bot]	92873bbfe8	chore(deps): bump github/codeql-action from 3.28.0 to 3.28.8 (#15960) ... Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.0 to 3.28.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](48ab28a6f5...dd746615b3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:12:24 +01:00
dependabot[bot]	f453f43178	chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 (#15961) ... Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.5.0 to 4.6.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](6f51ac03b9...65c4c4a1dd) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:12:03 +01:00
dependabot[bot]	151d7e6c28	chore(deps): bump bufbuild/buf-setup-action from 1.48.0 to 1.50.0 (#15962) ... Bumps [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) from 1.48.0 to 1.50.0. - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](1115d0acd3...a47c93e0b1) --- updated-dependencies: - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-07 19:11:47 +01:00
dongjiang	b3a9fa3df9	chore: Upgrade to golangci-lint v1.63.4 (#15799) ... update golangci-lint and enable more lntiers This updates golangci-lint to v1.63.4 and enables linters `nilnesserr` and `exptostd` Signed-off-by: dongjiang <dongjiang1989@126.com> --------- Signed-off-by: dongjiang <dongjiang1989@126.com>	2025-01-14 19:22:22 +01:00