RED-175742: Sync with upstream master#1
Merged
petar-valchev-redis merged 253 commits intomasterfrom Mar 12, 2026
Merged
Conversation
Needed-for: prometheus#3032 Signed-off-by: Pranshu Srivastava <[email protected]>
Signed-off-by: mchtech <[email protected]>
Signed-off-by: mchtech <[email protected]>
Signed-off-by: mchtech <[email protected]>
Signed-off-by: myeunee <[email protected]>
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.53.0 to 0.55.0. - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md) - [Commits](prometheus/common@v0.53.0...v0.55.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…heus#3072) * Add include and exclude filter for sensors in hwmon collector Fixes prometheus#2242 This commit adds two new flags (`collector.hwmon.sensor-include` and `collector.hwmon.sensor-exclude`) to the `hwmon` collector to allow inclusion or exclusion of specific sensors. Some devices export nonsensical values for certain sensors. Here is an example: ``` node_hwmon_temp_celsius{chip="platform_nct6775_656",sensor="temp13"} 49.75 node_hwmon_temp_celsius{chip="platform_nct6775_656",sensor="temp15"} 3.892313987e+06 node_hwmon_temp_celsius{chip="platform_nct6775_656",sensor="temp16"} 3.892313987e+06 ``` As a user I would like to only exclude these sensors, not necessarily the complete device (as is currently possible with the `--collector.hwmon.chip-exclude` flag) as other sensor values might be sensical or desired. The new option filters based both on device name and sensor name, separated by a semicolon. For example, to exclude the two sensors above, the following regex can be used: ~~~ --collector.hwmon.sensor-exclude="platform_nct6775_656;temp1[5,6]" ~~~ --------- Signed-off-by: Simon Krenger <[email protected]>
Automatically add a uid to each dashboard. This prevents changing URLs when restarting a grafana pod and re-importing the dashboards via ConfigMaps. Signed-off-by: Stefan Andres <[email protected]>
Signed-off-by: Maarten van den Berg <[email protected]>
…eus#3049) * ref!: convert linux meminfo implementation to use procfs lib Part of prometheus#2957 Prometheus' procfs lib supports collecting memory info and we're using a new enough version of the lib that has it available, so this converts the meminfo collector for Linux to use data from procfs lib instead. The bits I've touched for darwin/openbsd/netbsd are with intent to preserve the original struct implementation/backwards compatibility. Signed-off-by: TJ Hoplock <[email protected]> * fix: meminfo debug log unsupported value Fixes: ``` ts=2024-06-11T19:04:55.591Z caller=meminfo.go:44 level=debug collector=meminfo msg="Set node_mem" memInfo="unsupported value type" ``` Signed-off-by: TJ Hoplock <[email protected]> * fix: don't coerce nil Meminfo entries to 0, leave out if nil Nil entries in procfs.Meminfo fields indicate that the value isn't present on the system. Coercing those nil values to `0` introduces new metrics on systems that should not be present and can break some queries. Addresses PR feedback: prometheus#3049 (comment) prometheus#3049 (comment) Signed-off-by: TJ Hoplock <[email protected]> --------- Signed-off-by: TJ Hoplock <[email protected]>
* collector/zfs: Prevent `procfs` integer underflow Prevent integer underflow when parsing the `procfs` file as it used a `ParseUint` to parse signed values. Fixes: prometheus#2766 --------- Signed-off-by: Pranshu Srivastava <[email protected]>
…3073) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.21.0 to 0.22.0. - [Commits](golang/sys@v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In order to reduce cardinality of the interrupts collector add filtering options * Add include/exclude regexp filter flags. * Add boolean flag to include zero values, enabled by default. Signed-off-by: Ben Kochie <[email protected]>
Signed-off-by: Ricardo F <[email protected]> Co-authored-by: Ricardo F <[email protected]>
* Add node_filesystem_mount_info metric Fixes: prometheus#1384 --------- Signed-off-by: Miguel Oliveira <[email protected]>
Update to Go 1.23. * Use Docker for Arm tests. Signed-off-by: Ben Kochie <[email protected]>
Signed-off-by: Tomas Vilemaitis <[email protected]>
Switch from promlog/go-kit to promslog/slog for logging. * Update Go build to 1.23. Signed-off-by: Ben Kochie <[email protected]>
This PR adds a `exclude[]` URL parameter to exclude specific enabled collectors. Compared to `collect[]` parameter, the `exclude[]` parameter results in a filtered list which equals enabled collectors minus excluded ones. Signed-off-by: Siavash Safi <[email protected]>
Signed-off-by: Daniel Swarbrick <[email protected]>
Signed-off-by: prombot <[email protected]>
…us#3062) node_exporter has reasonable defaults so it is able to start without explicit config. Such a setup is common in /usr/-only images where /etc/ is an empty tmpfs upon boot. Signed-off-by: Nils K <[email protected]>
Signed-off-by: Tobias Nygren <[email protected]>
Log using the machinery introduced in prometheus#3097. Signed-off-by: Pranshu Srivastava <[email protected]>
Signed-off-by: prombot <[email protected]>
Signed-off-by: Steve Wills <[email protected]>
Signed-off-by: Johannes Ziemke <[email protected]>
Signed-off-by: Johannes Ziemke <[email protected]>
Signed-off-by: Johannes Ziemke <[email protected]>
Signed-off-by: Johannes Ziemke <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...de0fac2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…theus#3534) Bumps [github.com/mdlayher/wifi](https://github.com/mdlayher/wifi) from 0.7.1 to 0.7.2. - [Release notes](https://github.com/mdlayher/wifi/releases) - [Commits](mdlayher/wifi@v0.7.1...v0.7.2) --- updated-dependencies: - dependency-name: github.com/mdlayher/wifi dependency-version: 0.7.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…etheus#3531) Bumps [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) from 5.2.0 to 5.2.2. - [Release notes](https://github.com/godbus/dbus/releases) - [Commits](godbus/dbus@v5.2.0...v5.2.2) --- updated-dependencies: - dependency-name: github.com/godbus/dbus/v5 dependency-version: 5.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump BSD Go versions and `vmactions/netbsd-vm`. Signed-off-by: Ben Kochie <[email protected]>
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.13.0 to 1.13.1. - [Release notes](https://github.com/opencontainers/selinux/releases) - [Commits](opencontainers/selinux@v1.13.0...v1.13.1) --- updated-dependencies: - dependency-name: github.com/opencontainers/selinux dependency-version: 1.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Anvesh J <[email protected]>
…heus#3358) When mounting nfs with nconnect, mountstats will show multiple transports. Currently the mountstats exporter fails to create metrics from this information due to repeated entries. Fix this by adding transport metrics a "transport" label enumerating their order in the mountstats output. Signed-off-by: Sagi Grimberg <[email protected]>
…theus#3547) Signed-off-by: Ingmar Stein <[email protected]>
Signed-off-by: prombot <[email protected]>
* Update common Prometheus files Signed-off-by: prombot <[email protected]> * Fix lint issue > S1009: should omit nil check; len() for nil slices is defined as zero Signed-off-by: Ben Kochie <[email protected]> --------- Signed-off-by: prombot <[email protected]> Signed-off-by: Ben Kochie <[email protected]> Co-authored-by: Ben Kochie <[email protected]>
…2.0 (prometheus#3557) Bumps [github.com/jsimonetti/rtnetlink/v2](https://github.com/jsimonetti/rtnetlink) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/jsimonetti/rtnetlink/releases) - [Commits](jsimonetti/rtnetlink@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: github.com/jsimonetti/rtnetlink/v2 dependency-version: 2.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Update Go to 1.26.x. * Update minimum Go version to 1.25.0. * Use Go direct download for OpenBSD. Signed-off-by: Ben Kochie <[email protected]>
…ometheus#3559) Bumps [github.com/mdlayher/ethtool](https://github.com/mdlayher/ethtool) from 0.5.0 to 0.5.1. - [Release notes](https://github.com/mdlayher/ethtool/releases) - [Commits](mdlayher/ethtool@v0.5.0...v0.5.1) --- updated-dependencies: - dependency-name: github.com/mdlayher/ethtool dependency-version: 0.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…rometheus#3558) Bumps [github.com/prometheus/procfs](https://github.com/prometheus/procfs) from 0.19.2 to 0.20.0. - [Release notes](https://github.com/prometheus/procfs/releases) - [Commits](prometheus/procfs@v0.19.2...v0.20.0) --- updated-dependencies: - dependency-name: github.com/prometheus/procfs dependency-version: 0.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: prombot <[email protected]>
* rules: introduce instance:node_network_receive_bytes_physical:rate recording rule This rule uses a user configurable selector with a sane default. That allows users to customize what network devices they want to aggregate. Fixes: prometheus#3524 Signed-off-by: Jan Fajerski <[email protected]> * use dashboard: don't show virtual network links in network graphs Signed-off-by: Jan Fajerski <[email protected]> --------- Signed-off-by: Jan Fajerski <[email protected]>
…3560) Bumps [github.com/prometheus/exporter-toolkit](https://github.com/prometheus/exporter-toolkit) from 0.15.0 to 0.15.1. - [Release notes](https://github.com/prometheus/exporter-toolkit/releases) - [Commits](prometheus/exporter-toolkit@v0.15.0...v0.15.1) --- updated-dependencies: - dependency-name: github.com/prometheus/exporter-toolkit dependency-version: 0.15.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add nvme namespace metrics. --------- Signed-off-by: Shashwat Hiregoudar <[email protected]> Signed-off-by: Shashwat Hiregoudar <[email protected]> Co-authored-by: Shashwat Hiregoudar <[email protected]>
…ometheus#3563) Bumps [github.com/mdlayher/netlink](https://github.com/mdlayher/netlink) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/mdlayher/netlink/releases) - [Changelog](https://github.com/mdlayher/netlink/blob/main/CHANGELOG.md) - [Commits](mdlayher/netlink@v1.8.0...v1.9.0) --- updated-dependencies: - dependency-name: github.com/mdlayher/netlink dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…s#3569) Bumps [vmactions/solaris-vm](https://github.com/vmactions/solaris-vm) from 1.2.7 to 1.3.1. - [Release notes](https://github.com/vmactions/solaris-vm/releases) - [Commits](vmactions/solaris-vm@37d40b6...69d382b) --- updated-dependencies: - dependency-name: vmactions/solaris-vm dependency-version: 1.3.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Use official Go binary download for FreeBSD and Darwin. This allows us to use the same Go version across all UNIX pipelines. * Add architecture handling. Signed-off-by: Ben Kochie <[email protected]>
…etheus#3565) Bumps [vmactions/dragonflybsd-vm](https://github.com/vmactions/dragonflybsd-vm) from 1.2.2 to 1.2.6. - [Release notes](https://github.com/vmactions/dragonflybsd-vm/releases) - [Commits](vmactions/dragonflybsd-vm@00c5014...0460132) --- updated-dependencies: - dependency-name: vmactions/dragonflybsd-vm dependency-version: 1.2.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…#3566) Bumps [vmactions/netbsd-vm](https://github.com/vmactions/netbsd-vm) from 1.3.5 to 1.3.6. - [Release notes](https://github.com/vmactions/netbsd-vm/releases) - [Commits](vmactions/netbsd-vm@88a20b1...e04aec0) --- updated-dependencies: - dependency-name: vmactions/netbsd-vm dependency-version: 1.3.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…s#3567) Bumps [vmactions/freebsd-vm](https://github.com/vmactions/freebsd-vm) from 1.3.8 to 1.4.2. - [Release notes](https://github.com/vmactions/freebsd-vm/releases) - [Commits](vmactions/freebsd-vm@ba6bede...c9f815b) --- updated-dependencies: - dependency-name: vmactions/freebsd-vm dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset. In case there are security findings, they will be communicated to you as a comment inside the PR. Hope you’ll enjoy using Jit. Questions? Comments? Want to learn more? Get in touch with us. |
🛡️ Jit Security Scan Results
🚨 Summary• Critical vulnerability in golang.org/x/crypto may lead to authorization bypass 🔍 FindingsCRITICAL - 1 finding
1. Critical Authorization Bypass in golang.org/x/crypto
Remediation: - golang.org/x/crypto v0.23.0
+ golang.org/x/crypto v0.31.0HIGH - 1 finding
1. Denial of Service Vulnerability in golang.org/x/crypto
Remediation: - golang.org/x/crypto v0.23.0
+ golang.org/x/crypto v0.35.0
|
petar-valchev-redis
force-pushed
the
RED-175742-sync-with-upstream-master
branch
from
9dc5ec1 to
d81f923
Compare
svalchev-redis
approved these changes
Mar 12, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
There is a fix for this vulnerability in prometheus/node_exporter repo. However, it's merged only in master and there is no new version since October, 2025 (check versions).
This is why we will do the following:
RedisLabs/node_exportermaster branch withprometheus/node_exportermaster branch.NOTE: We have previously fixed some security vulnerabilities in our fork. However, we should prefer the versions of
go.sumandgo.modinprometheus/node_exportermaster branch as the version inRedisLabs/node_exportermaster branch was not used for a long time now and it's outdated.node_exporter-rl-1.10.2-patched) from master inRedisLabs/node_exporter.This PR addresses only step 1 from the plan above.
There are 2 security vulnerabilities found by
jit-ci, related togolang.org/x/cryptoversion. They already exist inprometheus/node_exporter(we are not introducing any new vulnerabilities) and will be addressed in this ticket.