Skip to content

Bump the dependencies group with 2 updates#61

Merged
ChrisSchinnerl merged 1 commit into
masterfrom
dependabot/go_modules/dependencies-70261f2ab5
Jun 5, 2026
Merged

Bump the dependencies group with 2 updates#61
ChrisSchinnerl merged 1 commit into
masterfrom
dependabot/go_modules/dependencies-70261f2ab5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 5, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 2 updates: go.sia.tech/hostd/v2 and go.sia.tech/indexd.

Updates go.sia.tech/hostd/v2 from 2.8.1-0.20260515083128-dfddf8239725 to 2.9.0

Release notes

Sourced from go.sia.tech/hostd/v2's releases.

v2.9.0

Features

  • Add support for RHP4 account pools.

Fixes

  • Suppress irrelevant errors until host is announced

Apply syncer rate limits to inbound peer connections.

The syncerIngressLimit and syncerEgressLimit settings now correctly throttle inbound peer connections in addition to outbound ones.

v2.9.0-beta.1

Features

  • Add support for RHP4 account pools.

Fixes

  • Suppress irrelevant errors until host is announced

Apply syncer rate limits to inbound peer connections.

The syncerIngressLimit and syncerEgressLimit settings now correctly throttle inbound peer connections in addition to outbound ones.

Changelog

Sourced from go.sia.tech/hostd/v2's changelog.

2.9.0 (2026-05-27)

Features

  • Add support for RHP4 account pools.

Fixes

  • Suppress irrelevant errors until host is announced

Apply syncer rate limits to inbound peer connections.

The syncerIngressLimit and syncerEgressLimit settings now correctly throttle inbound peer connections in addition to outbound ones.

2.8.0 (2026-04-23)

Features

  • Contract renewals and refreshes are now constant time and do not need duplicate sector roots
  • Graceful shutdown of RHP4 server via defer .Close()

Fixes

  • Fix issue causing renewals to fail after a resync.
  • Fixes a mismatch between the announced address of the host and the address displayed in the UI for hosts that had a different address before the hardfork.
  • Update go.sia.tech/core to v0.20.0.
  • Update go.sia.tech/coreutils to 0.21.3.
  • Use new contract not found error

2.7.0 (2026-03-02)

Features

  • Update Go to 1.26.0.

Added consensus pruning

Adds a new experimental config option to enable consensus pruning. With Utreexo, it is no longer required to store every block to fully validate new blocks. This option limits the number of blocks the host will store in its consensus database reducing the size of the consensus database on disk. It is currently defaulted to off. We recommend no less than one day of blocks to ensure protection for deep reorgs (144 blocks on mainnet).

Fixes

  • Added config option to disable Merkle proof cache for low-resource systems.
  • Fixed revisions and resolutions in the same block causing contracts to be considered "active" forever.
  • Remove backup step size limit and don't vacuum backup to speed it up.
  • Update coreutils from v0.20.1 to v0.21.0.
  • Update coreutils to v0.21.1

2.6.0 (2026-01-22)

Features

... (truncated)

Commits

Updates go.sia.tech/indexd from 0.2.2 to 0.2.3

Release notes

Sourced from go.sia.tech/indexd's releases.

v0.2.3

Features

  • Add cutoff argument to PruneSlabs to only prune slabs that have been pinned for some amount of time.
  • Remove ErrAbortedRPC.

Fixes

  • Repinning a slab now rebinds host sectors that have been lost.
  • Use ErrorCodeClientError to prevent transport reset for all client errors.
  • Expose AddFailedRPC on the client
  • Fetch unhealthy slabs for migration in separate goroutine to keep pipeline saturated.
  • Slab migrations no longer move sectors whose contracts are healthy but excluded from appends, e.g. because they are in the renew window, at max size, or low on allowance/collateral.
  • Support compressed Geo IP database downloads from CDN.
  • Update mux to v1.5.1.
Changelog

Sourced from go.sia.tech/indexd's changelog.

0.2.3 (2026-06-04)

Features

  • Add cutoff argument to PruneSlabs to only prune slabs that have been pinned for some amount of time.
  • Remove ErrAbortedRPC.

Fixes

  • Repinning a slab now rebinds host sectors that have been lost.
  • Use ErrorCodeClientError to prevent transport reset for all client errors.
  • Expose AddFailedRPC on the client
  • Fetch unhealthy slabs for migration in separate goroutine to keep pipeline saturated.
  • Slab migrations no longer move sectors whose contracts are healthy but excluded from appends, e.g. because they are in the renew window, at max size, or low on allowance/collateral.
  • Support compressed Geo IP database downloads from CDN.
  • Update mux to v1.5.1.
Commits
  • 4c86380 Merge pull request #970 from SiaFoundation/release
  • 84e828b chore: prepare release 0.2.3
  • 1693f3a Merge pull request #991 from SiaFoundation/pj/sql-drop-redundant-slabs-digest...
  • 7c7b7fe Merge branch 'master' of github.com:SiaFoundation/indexd into pj/sql-drop-red...
  • 84fd1d6 contracts: speed up MarkUnrenewableContractsBad
  • 855c9f2 testing: remove index in test setup
  • d7ebcf8 store: drop unused sectors_next_integrity_check_idx
  • f8f5979 build(deps): bump github.com/jackc/pgx/v5 in the dependencies group
  • fe89521 chnageset
  • d583d6e Potential fix for pull request finding
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group with 2 updates
975652f 
Bumps the dependencies group with 2 updates: [go.sia.tech/hostd/v2](https://github.com/SiaFoundation/hostd) and [go.sia.tech/indexd](https://github.com/SiaFoundation/indexd).


Updates `go.sia.tech/hostd/v2` from 2.8.1-0.20260515083128-dfddf8239725 to 2.9.0
- [Release notes](https://github.com/SiaFoundation/hostd/releases)
- [Changelog](https://github.com/SiaFoundation/hostd/blob/master/CHANGELOG.md)
- [Commits](https://github.com/SiaFoundation/hostd/commits/v2.9.0)

Updates `go.sia.tech/indexd` from 0.2.2 to 0.2.3
- [Release notes](https://github.com/SiaFoundation/indexd/releases)
- [Changelog](https://github.com/SiaFoundation/indexd/blob/master/CHANGELOG.md)
- [Commits](SiaFoundation/indexd@v0.2.2...v0.2.3)

---
updated-dependencies:
- dependency-name: go.sia.tech/hostd/v2
  dependency-version: 2.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: go.sia.tech/indexd
  dependency-version: 0.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 5, 2026
@socket-security

socket-security Bot commented Jun 5, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedgo.sia.tech/​indexd@​v0.2.2 ⏵ v0.2.373 +1100100100100
Updatedgo.sia.tech/​hostd/​v2@​v2.8.1-0.20260515083128-dfddf8239725 ⏵ v2.9.075 +1100100100100
Updatedgo.sia.tech/​coreutils@​v0.22.0 ⏵ v0.22.1-0.20260602072818-74eb647d67d898 +1100100100100

View full report

@ChrisSchinnerl ChrisSchinnerl merged commit 073d1e4 into master Jun 5, 2026
9 checks passed
@ChrisSchinnerl ChrisSchinnerl deleted the dependabot/go_modules/dependencies-70261f2ab5 branch June 5, 2026 07:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ChrisSchinnerl