build(deps): bump the all-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the all-dependencies group with 6 updates in the / directory:

Package	From	To
github.com/ipfs/boxo	0.29.1	0.30.0
github.com/ipfs/go-block-format	0.2.0	0.2.1
github.com/ipfs/go-ipld-format	0.6.0	0.6.1
github.com/ipld/go-car/v2	2.14.2	2.14.3
go.sia.tech/jape	0.13.1	0.14.0
go.sia.tech/renterd/v2	2.0.2-0.20250429133416-0719be4614ed	2.1.0

Updates github.com/ipfs/boxo from 0.29.1 to 0.30.0

Release notes

Sourced from github.com/ipfs/boxo's releases.

v0.30.0

What's Changed

Added

• Control over UnixFS DAG Width
  • We have made some changes to allow setting custom max width of UnixFS DAGs. This enables users to produce DAGs that follow current and future community conventions (see the related discussion).
  • ipld/unixfs: DagModifier now allows specifying file DAG Width (MaxLinks) #898
  • ipld/unixfs/io/directory: We have made some changes to unixfs directory tooling #906
    • We have exposed creator methods for new BasicDirectory and HAMTDirectory, that complement the existing NewDirectory() which creates dynamic directories.
    • We have added WithCidBuilder(...), WithMaxLinks(...), WithMaxHAMTFanout(...) and WithStat(...) as options to these new methods so that empty directories can be initilized as wished from the get-go.
    • WithMaxLinks(...) and WithMaxHAMTFanout(...) are new options that allow to set a limit to the number of children that a directory DAG node can have. For details on what they exactly do for each of the directory type, please check the documentation.
  • mfs supports as well the new MaxLinks and MaxHAMTFanout options. They have been made part of the MkdirOptions object and the methods NewEmptyDirectory() and NewEmptyRoot() have been added to facilitate the initialization of MFS objects. #906
• provider: added support for walking partial DAGs in offline mode #905
  • a KeyChanFunc that traverses DAGs from a given root (NewDAGProvider).
  • a KeyChanFunc that buffers all the CIDs in memory from another KeyChanFunc (NewBufferedProvider).
  • fetcher/impl/blockservice: new option SkipNotFound for the IPLD fetcher. It will skip not found nodes when traversing the DAG. This allows offline traversal of DAGs when using, for example, an offline blockservice.
  • This enables use case of providing lazy-loaded, partially local DAGs (like ipfs files in Kubo's MFS implementation, see kubo#10386)
• gateway: generated HTML with UnixFS directory listings now include a button for copying CIDs of child entities #899
• bitswap/server: Add ability to enable/disable bitswap server using WithServerEnabled bitswap option (#911)[https://github.com/feat(bitswap): add option to disable Bitswap server  ipfs/boxo#911]

Changed

• upgrade to go-libp2p v0.41.1
• bitswap/network: Add a new requests_in_flight metric gauge that measures how many bitswap streams are being written or read at a given time.
• improve speed of data onboarding by batching/bufering provider queue writes #888
• provider: providing queue is now independent from reprovides, speeding up initial provides #907
  • renamed provider.ReproviderStats.TotalProvides => provider.ReproviderStats.TotalReprovides
  • renamed provider.ReproviderStats.AvgProvideDuration => provider.ReproviderStats.AvgReprovideDuration
• provider/queue deduplicates CIDs #910

Fixed

• gateway: query parameters are now supported and preserved in redirects triggered by a _redirects file #886
• provider: adjusted first reprovide timing after node reboot #890
• gateway: validate configuration and warn when UseSubdomains=true is used with IP-based hostnames #903

Full Changelog: ipfs/boxo@v0.29.1...v0.30.0

Changelog

Sourced from github.com/ipfs/boxo's changelog.

[v0.30.0]

Added

• Control over UnixFS DAG Width
  • We have made some changes to allow setting custom max width of UnixFS DAGs. This enables users to produce DAGs that follow current and future community conventions (see the related discussion).
  • ipld/unixfs: DagModifier now allows specifying file DAG Width (MaxLinks) #898
  • ipld/unixfs/io/directory: We have made some changes to unixfs directory tooling #906
    • We have exposed creator methods for new BasicDirectory and HAMTDirectory, that complement the existing NewDirectory() which creates dynamic directories.
    • We have added WithCidBuilder(...), WithMaxLinks(...), WithMaxHAMTFanout(...) and WithStat(...) as options to these new methods so that empty directories can be initilized as wished from the get-go.
    • WithMaxLinks(...) and WithMaxHAMTFanout(...) are new options that allow to set a limit to the number of children that a directory DAG node can have. For details on what they exactly do for each of the directory type, please check the documentation.
  • mfs supports as well the new MaxLinks and MaxHAMTFanout options. They have been made part of the MkdirOptions object and the methods NewEmptyDirectory() and NewEmptyRoot() have been added to facilitate the initialization of MFS objects. #906
• provider: added support for walking partial DAGs in offline mode #905
  • a KeyChanFunc that traverses DAGs from a given root (NewDAGProvider).
  • a KeyChanFunc that buffers all the CIDs in memory from another KeyChanFunc (NewBufferedProvider).
  • fetcher/impl/blockservice: new option SkipNotFound for the IPLD fetcher. It will skip not found nodes when traversing the DAG. This allows offline traversal of DAGs when using, for example, an offline blockservice.
  • This enables use case of providing lazy-loaded, partially local DAGs (like ipfs files in Kubo's MFS implementation, see kubo#10386)
• gateway: generated HTML with UnixFS directory listings now include a button for copying CIDs of child entities #899
• bitswap/server: Add ability to enable/disable bitswap server using WithServerEnabled bitswap option (#911)[https://github.com/feat(bitswap): add option to disable Bitswap server  ipfs/boxo#911]

Changed

• upgrade to go-libp2p v0.41.1
• bitswap/network: Add a new requests_in_flight metric gauge that measures how many bitswap streams are being written or read at a given time.
• improve speed of data onboarding by batching/bufering provider queue writes #888
• provider: providing queue is now independent from reprovides, speeding up initial provides #907
  • renamed provider.ReproviderStats.TotalProvides => provider.ReproviderStats.TotalReprovides
  • renamed provider.ReproviderStats.AvgProvideDuration => provider.ReproviderStats.AvgReprovideDuration
• provider/queue deduplicates CIDs #910

Fixed

• gateway: query parameters are now supported and preserved in redirects triggered by a _redirects file #886
• provider: adjusted first reprovide timing after node reboot #890
• gateway: validate configuration and warn when UseSubdomains=true is used with IP-based hostnames #903

Commits

• a19e342 Merge pull request #915 from ipfs/release-v0.30.0
• b712c67 tidy changelog
• 0dfee28 Document additional changes
• cad6021 bump version
• 1d99797 Release v0.30.0
• 64141fd Update dependencies (#913)
• f54c309 feat(bitswap): add option to disable Bitswap server (#911)
• 95aa3f0 provider: dedicated provide queue (#907)
• bace665 provider: deduplicate cids in queue (#910)
• dc60fe7 feat(unixfs/mfs): support MaxLinks and MaxHAMTFanout (#906)
• Additional commits viewable in compare view

Updates github.com/ipfs/go-block-format from 0.2.0 to 0.2.1

Release notes

Sourced from github.com/ipfs/go-block-format's releases.

v0.2.1

What's Changed

• ci: uci/update-go by @​web3-bot in ipfs/go-block-format#49
• ci: uci/copy-templates by @​web3-bot in ipfs/go-block-format#50
• Update go-ipfs-util to use boxo by @​gammazero in ipfs/go-block-format#52
• ci: uci/update-go by @​web3-bot in ipfs/go-block-format#54
• ci: uci/update-go by @​web3-bot in ipfs/go-block-format#55
• ci: uci/copy-templates by @​web3-bot in ipfs/go-block-format#57
• Update dependencies by @​gammazero in ipfs/go-block-format#59

New Contributors

• @​gammazero made their first contribution in ipfs/go-block-format#52

Full Changelog: ipfs/go-block-format@v0.2.0...v0.2.1

Commits

• d812ab8 Update version (#60)
• 7332240 Update dependencies (#59)
• ff2e2f0 ci: uci/copy-templates (#57)
• a8ca084 chore!: bump go.mod to Go 1.23 and run go fix (#55)
• 9176289 chore: bump go.mod to Go 1.22 and run go fix (#54)
• b7a5c11 Update go-ipfs-util to use boxo (#52)
• 5f19216 ci: uci/copy-templates (#50)
• a7c33b9 ci: uci/update-go (#49)
• 6cf8e0a chore: Update .github/workflows/stale.yml [skip ci]
• See full diff in compare view

Updates github.com/ipfs/go-ipld-format from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/ipfs/go-ipld-format's releases.

v0.6.1

What's Changed

• ci: uci/update-go by @​web3-bot in ipfs/go-ipld-format#88
• ci: uci/copy-templates by @​web3-bot in ipfs/go-ipld-format#89
• ci: uci/update-go by @​web3-bot in ipfs/go-ipld-format#90
• ci: uci/update-go by @​web3-bot in ipfs/go-ipld-format#91
• ci: uci/copy-templates by @​web3-bot in ipfs/go-ipld-format#92
• update dependencies by @​gammazero in ipfs/go-ipld-format#93

New Contributors

• @​gammazero made their first contribution in ipfs/go-ipld-format#93

Full Changelog: ipfs/go-ipld-format@v0.6.0...v0.6.1

Commits

• f21568f bump version (#94)
• 19ff051 Merge pull request #93 from ipfs/update-deps
• 7adec4a Remove .gx directory
• c9c067e update dependencies
• 44a7b59 ci: uci/copy-templates (#92)
• a7315a8 chore!: bump go.mod to Go 1.23 and run go fix (#91)
• 7942ea4 chore: bump go.mod to Go 1.22 and run go fix (#90)
• 002504f ci: uci/copy-templates (#89)
• f19e097 ci: uci/update-go (#88)
• fb6532c chore: Update .github/workflows/stale.yml [skip ci]
• See full diff in compare view

Updates github.com/ipld/go-car/v2 from 2.14.2 to 2.14.3

Release notes

Sourced from github.com/ipld/go-car/v2's releases.

v2.14.3

What's Changed

• chore(deps): bump github.com/ipld/go-car/v2 from 2.14.1 to 2.14.2 in /cmd by @​dependabot in ipld/go-car#543
• chore(deps): bump github.com/ipfs/go-ipld-cbor from 0.1.0 to 0.2.0 in /v2 by @​dependabot in ipld/go-car#544
• chore(deps): bump github.com/ipfs/go-ipld-cbor from 0.1.0 to 0.2.0 by @​dependabot in ipld/go-car#545
• chore(deps): bump github.com/urfave/cli/v2 from 2.27.4 to 2.27.5 in /cmd by @​dependabot in ipld/go-car#546
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.9.1 to 1.9.2 in /v2 by @​dependabot in ipld/go-car#548
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.9.1 to 1.9.2 in /cmd by @​dependabot in ipld/go-car#547
• chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /v2 by @​dependabot in ipld/go-car#549
• chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @​dependabot in ipld/go-car#550
• chore(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /v2 by @​dependabot in ipld/go-car#551
• chore(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0 by @​dependabot in ipld/go-car#552
• chore(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0 in /cmd by @​dependabot in ipld/go-car#553
• chore(deps): bump github.com/ipfs/go-cid from 0.4.1 to 0.5.0 in /cmd by @​dependabot in ipld/go-car#557
• chore(deps): bump github.com/ipfs/go-cid from 0.4.1 to 0.5.0 in /v2 by @​dependabot in ipld/go-car#556
• chore(deps): bump github.com/ipfs/go-cid from 0.4.1 to 0.5.0 by @​dependabot in ipld/go-car#555
• ci: uci/update-go by @​web3-bot in ipld/go-car#558
• chore(deps): bump github.com/ipld/go-codec-dagpb from 1.6.0 to 1.7.0 in /cmd by @​dependabot in ipld/go-car#561
• chore(deps): bump github.com/ipld/go-codec-dagpb from 1.6.0 to 1.7.0 in /v2 by @​dependabot in ipld/go-car#560
• chore(deps): bump github.com/ipld/go-codec-dagpb from 1.6.0 to 1.7.0 by @​dependabot in ipld/go-car#559
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.9.2 to 1.10.0 in /v2 by @​dependabot in ipld/go-car#562
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.9.2 to 1.10.0 in /cmd by @​dependabot in ipld/go-car#563
• Add a concatination cli utility by @​willscott in ipld/go-car#565
• chore(deps): bump github.com/urfave/cli/v2 from 2.27.5 to 2.27.6 in /cmd by @​dependabot in ipld/go-car#567
• chore(deps): bump github.com/rogpeppe/go-internal from 1.13.1 to 1.14.1 in /cmd by @​dependabot in ipld/go-car#566
• feat: car debug handles the zero length block by @​rvagg in ipld/go-car#569
• ci: uci/copy-templates by @​web3-bot in ipld/go-car#570
• chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 by @​dependabot in ipld/go-car#572
• chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 in /v2 by @​dependabot in ipld/go-car#571
• chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 in /cmd by @​dependabot in ipld/go-car#573
• chore: update to boxo merkledag package by @​gammazero in ipld/go-car#577
• chore: update go-block-format and go-ipld-format by @​gammazero in ipld/go-car#578
• bump version by @​gammazero in ipld/go-car#579

Full Changelog: ipld/go-car@v2.14.2...v2.14.3

Commits

• 8940768 Merge pull request #579 from gammazero/new-version
• 80340d6 bump version
• 2ff63cb chore: update go-block-format and go-ipld-format
• 6325153 chore: update to boxo merkledag package
• 9c2418d chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 in /cmd (#573)
• 9e3091f chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 in /v2 (#571)
• e58107d Merge pull request #572 from ipld/dependabot/go_modules/golang.org/x/crypto-0...
• 1f1f29e Merge pull request #570 from ipld/uci/copy-templates
• 7cffcce chore: add or force update .github/workflows/generated-pr.yml
• 992c5af chore: add or force update .github/workflows/stale.yml
• Additional commits viewable in compare view

Updates github.com/libp2p/go-libp2p-kad-dht from 0.31.0 to 0.32.0

Release notes

Sourced from github.com/libp2p/go-libp2p-kad-dht's releases.

v0.32.0

What's Changed

• chore: bump go-log to v2 by @​guillaumemichel in libp2p/go-libp2p-kad-dht#1074
• chore(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by @​dependabot in libp2p/go-libp2p-kad-dht#1075
• fix: use correct message type attribute in metrics by @​diogo464 in libp2p/go-libp2p-kad-dht#1076
• fix: netsize warning by @​guillaumemichel in libp2p/go-libp2p-kad-dht#1077
• chore: update deps by @​guillaumemichel in libp2p/go-libp2p-kad-dht#1078

New Contributors

• @​diogo464 made their first contribution in libp2p/go-libp2p-kad-dht#1076

Full Changelog: libp2p/go-libp2p-kad-dht@v0.31.0...v0.32.0

This release was brought to you by the Shipyard team.

Commits

• 4304f67 chore: release v0.31.1 (#1079)
• 858fc2c chore: update deps (#1078)
• 8f175ae fix: netsize warning (#1077)
• 7cc3df8 fix: use correct message type attribute in metrics (#1076)
• 13968bd chore(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 (#1075)
• 31c3612 chore: bump go-log to v2 (#1074)
• See full diff in compare view

Updates go.sia.tech/jape from 0.13.1 to 0.14.0

Release notes

Sourced from go.sia.tech/jape's releases.

0.14.0 (2025-04-30)

Breaking Changes

Limit the default size of incoming request bodies to 10MB

Changelog

Sourced from go.sia.tech/jape's changelog.

0.14.0 (2025-04-30)

Breaking Changes

Limit the default size of incoming request bodies to 10MB

Add Context.DecodeLimit to override the size limit

Commits

• e597db5 Merge pull request #34 from SiaFoundation/release
• 4000f23 chore: prepare release 0.14.0
• 089575d Merge pull request #33 from SiaFoundation/nate/limit-request-bodies
• 6f6f964 fix lint
• 81d6902 add test, use http.MaxBytesReader
• 3deae90 fix lint
• c0ce14b limit default request bodie size
• See full diff in compare view

Updates go.sia.tech/renterd/v2 from 2.0.2-0.20250429133416-0719be4614ed to 2.1.0

Release notes

Sourced from go.sia.tech/renterd/v2's releases.

v2.1.0

Migrations

This update requires rescanning the blockchain. This can take between 2-10 hours depending on hardware. We recommend upgrading when no contracts are up for renewals.

Features

• Add dl query param to download endpoint to be able to change the Content-Disposition to "attachment"

Fixes

• Fixes an issue where renterd gets stuck on the Zen testnet
• Add compate code to migrate the config from v1.1.1 to v2.0.1
• Add missing descriptions to all routes and schemas in openapi spec
• Include unconfirmed parents of transactions when broadcasting revisions for expired contracts
• Fix listing objects with a slash delimiter and similar paths across buckets.
• Fix missing inferred MimeType for objects uploaded via multipart uploads
• Fix out of bounds panic in alerts manager
• Fix renter expecting host putting up too much collateral for v2 contracts.
• Fixed a deadlock in the migration loop.
• Increase default number of migrator threads
• Redistribute wallet into 100 outputs instead of 10.
• Remove context from bus initialisation
• Split renewContractV2 up into renewContractV2 for renewals and refreshContractV2 for refreshes.
• Update go import path to v2
• Update jape dependency to v0.13.0

v2.1.0-beta.1

Migrations

This release performs a migration of the consensus database which can take a couple of hours.

Features

• Add dl query param to download endpoint to be able to change the Content-Disposition to "attachment"

Fixes

• Fixes an issue where renterd gets stuck on the Zen testnet
• Add compate code to migrate the config from v1.1.1 to v2.0.1
• Add missing descriptions to all routes and schemas in openapi spec
• Include unconfirmed parents of transactions when broadcasting revisions for expired contracts
• Fix listing objects with a slash delimiter and similar paths across buckets.
• Fix missing inferred MimeType for objects uploaded via multipart uploads
• Fix out of bounds panic in alerts manager
• Fix renter expecting host putting up too much collateral for v2 contracts.
• Fixed a deadlock in the migration loop.
• Increase default number of migrator threads
• Redistribute wallet into 100 outputs instead of 10.
• Remove context from bus initialisation

... (truncated)

Changelog

Sourced from go.sia.tech/renterd/v2's changelog.

2.1.0 (2025-04-29)

Features

• Add dl query param to download endpoint to be able to change the Content-Disposition to "attachment"

Fixes

• Add compate code to migrate the config from v1.1.1 to v2.0.1
• Add missing descriptions to all routes and schemas
• Include unconfirmed parents of transactions when broadcasting revisions for expired contracts
• Fix listing objects with a slash delimiter and similar paths across buckets.
• Fix missing inferred MimeType for objects uploaded via multipart uploads
• Fix out of bounds panic in alerts manager
• Fix renter expecting host putting up too much collateral for v2 contracts.
• Fixed a deadlock in the migration loop.
• Increase default number of migrator threads
• Redistribute wallet into 100 outputs instead of 10.
• Remove context from bus initialisation
• Split renewContractV2 up into renewContractV2 for renewals and refreshContractV2 for refreshes.
• Update go import path to v2
• Update jape dependency to v0.13.0

2.0.1 (2025-03-07)

Fixes

• Fix default S3 address in README.md
• Fix issue with remaining storage and version scoring for v2 hosts
• Improve logging in v2 migration code and fix scan during migration not timing out

2.0.0 (2025-02-18)

This version of renterd introduces full v2 support for the renting software. This means it contains all the required changes to support the hardfork later this year which also makes this a major version increase since it introduces breaking changes.

Both the API as well as the config changed in this version. The up-to-date specs for the API can be found in the openapi.yml file. As we release the stable version we will update the official api documentation. If you are using a renterd.yml config file you might need to update that before your renter is able to start. Either that or delete the current one and create a new one using renterd config.

Breaking Changes

• API refactor and introduction of an openapi.yml spec
• Enforce S3 bucket name validation rules on bucket creation request
• Migrations are now performed by the autopilot without a worker
• Removed the concept of contract sets
• Removed event webhooks
• Contract lifecycles are no longer aligned
• Removed concept of an allowance

Features

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions