v1.5.3

What's Changed

Storage

MySQL

• mysql: check for error when getting subtrees by @jsha in #3173

Documentation

• Added comments to show how snippets were generated by @mhutchinson in #3048

Misc

• Export logserver read counter metric together with logIDs by @phbnf in #3077
• Register DoFns by @AlCutter in #3083
• Add docker package-ecosystem to Dependabot config by @roger2hk in #3038
• Fix CVE vulnerabilities in mysql base Docker image by @roger2hk in #3037
• Fix db_server Docker image vulnerabilities by @roger2hk in #3049
• Add missing docker and npm Dependabot configs by @roger2hk in #3062
• Add govulncheck GitHub action by @roger2hk in #3089
• Pin Dockerfile base images by hash by @roger2hk in #3090
• Pin golang/govulncheck-action by hash by @roger2hk in #3091
• Pin Dockerfile base images by hash by @roger2hk in #3093
• Add top level read-only permission in govulncheck.yml by @roger2hk in #3092

Dependency updates

• Bump go.etcd.io/etcd/etcdctl/v3 from 3.5.8 to 3.5.9 by @dependabot in #3003
• Bump google.golang.org/api from 0.121.0 to 0.122.0 by @dependabot in #3006
• Bump golang.org/x/tools from 0.8.0 to 0.9.1 by @dependabot in #3005
• Bump github.com/apache/beam/sdks/v2 from 2.47.0-RC3 to 2.47.0 by @dependabot in #3000
• Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in #3007
• Bump go.etcd.io/etcd/v3 from 3.5.8 to 3.5.9 by @dependabot in #3004
• Bump actions/setup-go from 4.0.0 to 4.0.1 by @dependabot in #3008
• Bump google.golang.org/api from 0.122.0 to 0.123.0 by @dependabot in #3010
• Bump github/codeql-action from 2.3.3 to 2.3.5 by @dependabot in #3013
• Bump github/codeql-action from 2.3.5 to 2.3.6 by @dependabot in #3020
• Bump golang.org/x/tools from 0.9.1 to 0.9.3 by @dependabot in #3016
• Bump github.com/cockroachdb/cockroach-go/v2 from 2.3.3 to 2.3.4 by @dependabot in #3017
• Bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @dependabot in #3021
• Bump golang.org/x/sys from 0.8.0 to 0.9.0 by @dependabot in #3025
• Bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @dependabot in #3027
• Bump github/codeql-action from 2.3.6 to 2.13.4 by @dependabot in #3026
• Bump actions/checkout from 3.5.2 to 3.5.3 by @dependabot in #3028
• Bump golang.org/x/tools from 0.9.3 to 0.10.0 by @dependabot in #3029
• Bump github.com/cockroachdb/cockroach-go/v2 from 2.3.4 to 2.3.5 by @dependabot in #3035
• Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in #3030
• Update mysql Dockerfile base image from ubuntu:trusty to ubuntu:jammy by @roger2hk in #3036
• Bump golang.org/x/tools from 0.10.0 to 0.11.0 by @dependabot in #3044
• Bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in #3039
• Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @dependabot in #3041
• Bump golang.org/x/tools from 0.11.0 to 0.12.0 by @dependabot in #3055
• Bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #3059
• Bump google-auth-library from 8.7.0 to 9.0.0 in /scripts/gcb2slack by @dependabot in #3069
• Bump golang from 1.19-buster to 1.20-buster in /examples/deployment/docker/db_client by @dependabot in #3064
• Bump alpine from 3.8 to 3.18 in /examples/deployment/docker/envsubst by @dependabot in #3067
• Bump golang from 1.19-buster to 1.20-buster in /integration/cloudbuild/testbase by @dependabot in #3065
• Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in #3063
• Bump golang from 1.19-buster to 1.20-buster in /examples/deployment/docker/log_server by @dependabot in #3066
• Bump golang from 1.19-buster to 1.20-buster in /examples/deployment/docker/log_signer by @dependabot in #3071
• Bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #3076
• Bump go from 1.19 to 1.20 by @mhutchinson in #3080
• Bump golang.org/x/sys from 0.11.0 to 0.12.0 by @dependabot in #3081
• Bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #3082
• Bump golang.org/x/crypto from 0.12.0 to 0.13.0 by @dependabot in #3084
• Bump golang.org/x/tools from 0.12.0 to 0.13.0 by @dependabot in #3086
• Bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #3085
• Bump Go version in Docker base images to 1.20.8-bookworm by @roger2hk in #3094
• Bump golang from 1.20.8-bookworm to 1.21.1-bookworm in /examples/deployment/docker/db_client by @dependabot in #3100
• Bump gcr.io/kaniko-project/executor from 1.6.0 to 1.15.0 by @roger2hk in #3095
• Bump golang from 1.20.8-bookworm to 1.21.1-bookworm in /integration/cloudbuild/testbase by @dependabot in #3098
• Bump golang from 1.20.8-bookworm to 1.21.1-bookworm in /examples/deployment/docker/log_signer by @dependabot in #3097
• Bump golang from 1.20.8-bookworm to 1.21.1-bookworm in /examples/deployment/docker/log_server by @dependabot in #3099
• Bump golang from d3114db to a0b3bc4 in /integration/cloudbuild/testbase by @dependabot in #3104
• Bump golang from d3114db to a0b3bc4 in /examples/deployment/docker/log_server by @dependabot in #3105
• Bump golang from d3114db to a0b3bc4 in /examples/deployment/docker/log_signer by @dependabot in #3106
• Bump golang from d3114db to a0b3bc4 in /examples/deployment/docker/db_client by @dependabot in #3107
• Bump golang from e06b3a4 to 114b9cc in /examples/deployment/docker/log_signer by @dependabot in #3108
• Bump trillian-opensource-ci/mysql5 from 51cc6df to edf7def in /examples/deployment/docker/db_server by @dependabot in #3110
• Bump golang from a0b3bc4 to 114b9cc in /examples/deployment/docker/log_server by @dependabot in #3109
• Bump golang from a0b3bc4 to 114b9cc in /integration/cloudbuild/testbase by @dependabot in #3111
• Bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #3117
• Bump golang from 114b9cc to 9c7ea4a in /examples/deployment/docker/db_client by @dependabot in #3116
• Bump golang from 114b9cc to 9c7ea4a in /examples/deployment/docker/log_server by @dependabot in #3114
• Bump golang from 114b9cc to 9c7ea4a in /examples/deployment/docker/log_signer by @dependabot in #3115
• Bump nick-fields/retry from 2.8.3 to 2.9.0 by @dependabot in #3119
• Bump trillian-opensource-ci/mysql5 from edf7def to f45c849 in /examples/deployment/docker/db_server by @dependabot in #3120
• Bump golang from 9c7ea4a to 61f84bc in /examples/deployment/docker/db_client by @dependabot in #3121
• Bump golang from 9c7ea4a to 61f84bc in /integration/cloudbuild/testbase by @dependabot in #3124
• Bump golang from 9c7ea4a to 61f84bc in /examples/deployment/docker/log_server by @dependabot in #3122
• Bump alpine from 7144f7b to eece025 in /examples/deployment/docker/envsubst by @dependabot in #3125
• Bump golang from 9c7ea4a to 61f84bc in /examples/deployment/docker/log_signer by @dependabot in #3123
• Bump ubuntu from aabed32 to 9b8dec3 in /examples/deployment/kubernetes/mysql/image by @dependabot in #3127
• Bump distroless/base-debian12 from d64f548 to cc22d6d in /examples/deployment/docker/log_signer by @dependabot in #3128
• Bump distroless/base-debian12 from d64f548 to cc22d6d in /examples/deployment/docker/log_server by @dependabot in #3129
• Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /integration/cloudbuild/testbase by @dependabot in #3134
• Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /examples/deployment/docker/log_server by @dependabot in #3135
• Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /examples/deployment/docker/log_signer by @dependabot in #3136
• Bump golang from 0bd76fd to a44d05d in /integration/cloudbuild/testbase by @dependabot in #3137
• Bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #3139
• Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /examples/deployment/docker/db_client by @dependabot in #3138
• Bump distroless/base-debian12 from cc22d6d to 5be49de in /examples/deployment/docker/log_signer by @dependabot in #3141
• Bump distroless/base-debian12 from cc22d6d to 5be49de in /examples/deployment/docker/log_server by @dependabot in #3142
• Bump trillian-opensource-ci/mysql5 from f45c849 to 99d6043 in /examples/deployment/docker/db_server by @dependabot in #3143
• Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /integration/cloudbuild/testbase by @dependabot in #3147
• Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /examples/deployment/docker/log_server by @dependabot in #3145
• Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /examples/deployment/docker/log_signer by @dependabot in #3148
• Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /examples/deployment/docker/db_client by @dependabot in #3144
• Bump go-version-input from 1.20.8 to 1.20.10 in govulncheck by @roger2hk in #3151
• Bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in #3150
• Bump @slack/webhook from 5.0.4 to 7.0.0 in /scripts/gcb2slack by @dependabot in #3130
• Bump google-auth-library from 9.0.0 to 9.1.0 in /scripts/gcb2slack by @dependabot in #3126
• Bump golang from efde471 to 5cc7ddc in /integration/cloudbuild/testbase by @dependabot in #3156
• Bump golang from efde471 to 5cc7ddc in /examples/deployment/docker/log_server by @dependabot in #3155
• Bump golang from efde471 to 20f9ab5 in /examples/deployment/docker/db_client by @dependabot in #3152
• Bump golang from efde471 to 20f9ab5 in /examples/deployment/docker/log_signer by @dependabot in #3154
• Bump golang from 5cc7ddc to 20f9ab5 in /integration/cloudbuild/testbase by @dependabot in #3158
• Bump ubuntu from 9b8dec3 to 2b7412e in /examples/deployment/kubernetes/mysql/image by @dependabot in #3157
• Bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #3160
• Bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #3164
• Bump google.golang.org/grpc to 1.59.0 fixing CVE-2023-44487 (GHSA-qppj-fm5r-hxr3) by @cpanato in #3166
• Bump distroless/base-debian12 from 5be49de to 1dfdb5e in /examples/deployment/docker/log_server by @dependabot in #3167
• Bump google-auth-library from 9.1.0 to 9.2.0 in /scripts/gcb2slack by @dependabot in #3168
• Bump distroless/base-debian12 from 5be49de to 1dfdb5e in /examples/deployment/docker/log_signer by @dependabot in #3169
• Bump trillian-opensource-ci/mysql5 from 99d6043 to c079e4e in /examples/deployment/docker/db_server by @dependabot in #3161
• Bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible by @dependabot in #3170
• Bump trillian-opensource-ci/mysql5 from c079e4e to 3f355be in /examples/deployment/docker/db_server by @dependabot in #3171
• Bump @slack/webhook from 7.0.0 to 7.0.1 in /scripts/gcb2slack by @dependabot in #3172
• Bump @google-cloud/functions-framework from 1.3.2 to 3.3.0 in /scripts/gcb2slack by @dependabot in #3072

New Contributors

• @cpanato made their first contribution in #3166

Full Changelog: v1.5.2...v1.5.3