Bump the dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the dependencies group with 5 updates in the / directory:

Package	From	To
github.com/cloudwego/hertz	0.9.3	0.9.5
github.com/hertz-contrib/monitor-prometheus	0.1.2	0.1.3
github.com/ringsaturn/protoc-gen-go-hertz	0.3.1	0.3.3
github.com/ringsaturn/tzf	0.16.0	0.16.1
golang.org/x/sync	0.8.0	0.10.0

Updates github.com/cloudwego/hertz from 0.9.3 to 0.9.5

Release notes

Sourced from github.com/cloudwego/hertz's releases.

v0.9.5

Fix:

[#1252] fix: call conn.release method in ext.ReleaseBodystream

Chore:

[#1254] ci(lint): new linter and new issues only [#1253] chore: update comments for ClientIP function

v0.9.4

Feature

[#1214] feat: response support hijack for upgrade conn

Fix

[#1246] fix(client): use the latest host in Location header when redirect [#1232] fix(http1): use bytes.EqualFold for header value check

Refactor

[#1234] refactor(validator): use internal tagexpr

Tests:

[#1216] test(app): speed up client & server tests

Commits

• dcda12a chore: release v0.9.5 (#1255)
• 2a22913 chore: update version v0.9.5
• 5729635 fix: call conn.release method in ext.ReleaseBodystream (#1252)
• a859259 chore: update comments for ClientIP function (#1253)
• 4cc53fe merge back: v0.9.4 (#1251)
• ac920f3 chore: release v0.9.4 (#1250)
• c277f58 feat(hz): optional filed parse for client (#1177)
• 67455c5 chore: update version v0.9.4
• e644b1c fix(client): use the latest host in Location header when redirect (#1246)
• 7d63572 refactor(binding): use internal tagexpr (#1234)
• Additional commits viewable in compare view

Updates github.com/hertz-contrib/monitor-prometheus from 0.1.2 to 0.1.3

Release notes

Sourced from github.com/hertz-contrib/monitor-prometheus's releases.

v0.1.3

What's Changed

• chore: update ci to use ubuntu-latest by default by @​GuangmingLuo in hertz-contrib/monitor-prometheus#14
• feat: use internal http server not default mux by @​Gaojianli in hertz-contrib/monitor-prometheus#13

New Contributors

• @​Gaojianli made their first contribution in hertz-contrib/monitor-prometheus#13

Full Changelog: hertz-contrib/monitor-prometheus@v0.1.2...v0.1.3

Commits

• 44ddd1d feat: use internal http server not default mux (#13)
• 5297e2a chore: update ci to use ubuntu-latest by default (#14)
• See full diff in compare view

Updates github.com/ringsaturn/protoc-gen-go-hertz from 0.3.1 to 0.3.3

Release notes

Sourced from github.com/ringsaturn/protoc-gen-go-hertz's releases.

v0.3.3

Full Changelog: ringsaturn/protoc-gen-go-hertz@v0.3.2...v0.3.3

v0.3.2

What's Changed

• Bump google.golang.org/grpc from 1.62.1 to 1.63.2 by @​dependabot in ringsaturn/protoc-gen-go-hertz#14
• Bump golang.org/x/net from 0.21.0 to 0.23.0 in /_example/hertz-blog-service by @​dependabot in ringsaturn/protoc-gen-go-hertz#15
• Bump the dependencies group across 1 directory with 3 updates by @​dependabot in ringsaturn/protoc-gen-go-hertz#21
• Bump golangci/golangci-lint-action from 4 to 6 in the dependencies group across 1 directory by @​dependabot in ringsaturn/protoc-gen-go-hertz#19
• Bump the dependencies group across 1 directory with 3 updates by @​dependabot in ringsaturn/protoc-gen-go-hertz#25
• Bump the dependencies group across 1 directory with 3 updates by @​dependabot in ringsaturn/protoc-gen-go-hertz#32

Full Changelog: ringsaturn/protoc-gen-go-hertz@v0.3.1...v0.3.2

Commits

• 2e2c26d bump
• 88f4fce add buf.yaml
• 64ba29b bump buf config
• 077b621 bump
• 20cfb3d Bump the dependencies group across 1 directory with 3 updates (#32)
• 3dbe108 Bump the dependencies group across 1 directory with 3 updates (#25)
• cdae00e Bump golangci/golangci-lint-action (#19)
• a915cc4 Bump the dependencies group across 1 directory with 3 updates (#21)
• dd7db76 Reduce CI
• 72a80e9 Bump golang.org/x/net in /_example/hertz-blog-service (#15)
• Additional commits viewable in compare view

Updates github.com/ringsaturn/tzf from 0.16.0 to 0.16.1

Release notes

Sourced from github.com/ringsaturn/tzf's releases.

v0.16.1

What's Changed

• Bump github.com/ringsaturn/go-cities.json from 0.6.2 to 0.6.3 in the dependencies group by @​dependabot in ringsaturn/tzf#168
• Bump denoland/setup-deno from 1 to 2 in the dependencies group by @​dependabot in ringsaturn/tzf#171
• Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 in the dependencies group by @​dependabot in ringsaturn/tzf#170
• Bump github.com/ringsaturn/go-cities.json from 0.6.3 to 0.6.5 in the dependencies group by @​dependabot in ringsaturn/tzf#172
• Bump codecov/codecov-action from 4 to 5 in the dependencies group by @​dependabot in ringsaturn/tzf#175
• Bump the dependencies group across 1 directory with 2 updates by @​dependabot in ringsaturn/tzf#174
• Bump google.golang.org/protobuf from 1.35.2 to 1.36.1 in the dependencies group across 1 directory by @​dependabot in ringsaturn/tzf#177
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.2 in the dependencies group by @​dependabot in ringsaturn/tzf#178
• Bump google.golang.org/protobuf from 1.36.2 to 1.36.3 in the dependencies group by @​dependabot in ringsaturn/tzf#179
• Bump tzf-rel-lite to 2025a

Full Changelog: ringsaturn/tzf@v0.16.0...v0.16.1

Commits

• 9ae5dd5 Bump google.golang.org/protobuf in the dependencies group
• d8b7c2b bump version
• 03992fa fix bot freq
• e011fee Bump google.golang.org/protobuf in the dependencies group (#179)
• 1329d56 Bump google.golang.org/protobuf in the dependencies group (#178)
• f4ffe33 Bump google.golang.org/protobuf (#177)
• f1cf38a Bump the dependencies group across 1 directory with 2 updates (#174)
• 9acb988 Bump codecov/codecov-action from 4 to 5 in the dependencies group (#175)
• f19cf41 init NOTICE
• 7453895 Update README
• Additional commits viewable in compare view

Updates github.com/ringsaturn/tzf-rel-lite from 0.0.2024-b to 0.0.2025-a

Release notes

Sourced from github.com/ringsaturn/tzf-rel-lite's releases.

v0.0.2025-a

Full Changelog: ringsaturn/tzf-rel-lite@v0.0.2024-b...v0.0.2025-a

Commits

• f48e6d8 bump version
• See full diff in compare view

Updates golang.org/x/sync from 0.8.0 to 0.10.0

Commits

• 913fb63 singleflight: fix typo in singleflight_test.go
• 151027e README: don't recommend go get
• See full diff in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20240903143218-8af14fe29dc1

Commits

• See full diff in compare view

Updates google.golang.org/grpc from 1.67.1 to 1.68.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.68.0

Known Issues

• The recently added grpc.NewClient function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. This bug has been present since the introduction of NewClient. A fix is expected to be a part of grpc-go v1.70. (#7556)

---

Behavior Changes

• stats/opentelemetry/csm: Get mesh_id local label from "CSM_MESH_ID" environment variable, rather than parsing from bootstrap file (#7740)
• orca (experimental): if using an ORCA listener, it must now be registered only on a READY SubConn, and the listener will automatically be stopped when the connection is lost. (#7663)
• client: ClientConn.Close() now closes transports simultaneously and waits for transports to be closed before returning. (#7666)
• credentials: TLS credentials created via NewTLS that use tls.Config.GetConfigForClient will now have CipherSuites, supported TLS versions and ALPN configured automatically. These were previously only set for configs not using the GetConfigForClient option. (#7709)

Bug Fixes

• transport: prevent deadlock in client transport shutdown when writing the GOAWAY frame hangs. (#7662)
• mem: reuse buffers more accurately by using slice capacity instead of length (#7702)
  • Special Thanks: @​PapaCharlie
• status: Fix regression caused by #6919 in status.Details() causing it to return a wrapped type when getting proto messages generated with protoc-gen-go < v1. (#7724)

Dependencies

• Bump minimum supported Go version to go1.22.7. (#7624)

Release 1.67.3

Dependencies

• Remove the experimental stats/opentelemetry module and instead add the experimental packages it contains directly into the main google.golang.org/grpc module (#7935)

Release 1.67.2

Bug Fixes

• credentials/alts: avoid SRV and TXT lookups for handshaker service to work around hangs caused by buggy versions of systemd-resolved. (#7861)

Commits

• acba4d3 Change version to 1.68.0 (#7743)
• 5363dca credentials: Apply defaults to TLS configs provided through GetConfigForClien...
• 056dc64 status: Fix status incompatibility introduced by #6919 and move non-regenerat...
• b79fb61 mem: use slice capacity instead of length, to determine whether to pool buffe...
• 54841ef stats/opentelemetry/csm: Get mesh_id local label from "CSM_MESH_ID" environme...
• ad81c20 pickfirstleaf: minor simplification to reconcileSubConnsLocked method (#7731)
• b850ea5 transport : wait for goroutines to exit before transport closes (#7666)
• 00b9e14 pickfirst: New pick first policy for dualstack (#7498)
• 18a4eac testutils: add couple of log statements to the restartable listener type (#7716)
• fdc2ec2 xdsclient: deflake TestADS_ResourcesAreRequestedAfterStreamRestart (#7720)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.35.1 to 1.36.4

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions