From 7f088073f61a75ecc7349954ab65cd6ee15cff73 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 22 Mar 2024 09:18:38 +0800
Subject: [PATCH] chore(deps): bump github.com/quic-go/quic-go from 0.41.0 to
 0.42.0 (#756)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go)
from 0.41.0 to 0.42.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/quic-go/quic-go/releases">github.com/quic-go/quic-go's
releases</a>.</em></p>
<blockquote>
<h2>v0.42.0</h2>
<h2>New Features</h2>
<ul>
<li>added a qlog tracer for events that happen before / outside of
established connection: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4305">#4305</a></li>
</ul>
<h2>Notable Changes</h2>
<ul>
<li>added a <code>ClientHelloInfo.AddrVerified</code> field: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4360">#4360</a></li>
<li>move callback controlling address verification
(<code>VerifySourceAddress</code>) to the <code>Transport</code>: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4253">#4253</a>
and <a
href="https://redirect.github.com/quic-go/quic-go/issues/4362">#4362</a></li>
<li>connections that are closed before being accepted are not removed
from the server's accept queue: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4245">#4245</a></li>
<li>http3: added a <code>RoundTripOpt.CheckSettings</code> callback to
check the server's SETTINGS: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4355">#4355</a></li>
<li>http3: send the HTTP/3 settings value for Extended CONNECT (RFC
9220): <a
href="https://redirect.github.com/quic-go/quic-go/issues/4341">#4341</a></li>
<li>http3: don't modify the user's <code>quic.Config</code> to enable
QUIC datagram support: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4340">#4340</a></li>
</ul>
<h2>Fixes</h2>
<ul>
<li>mitigate a memory exhaustion attack against QUIC's connection ID
mechanism: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4369">#4369</a></li>
<li>don't delay acknowledgments for packets during the handshake: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4279">#4279</a></li>
<li>fix deadlock when closing both <code>Listener</code> and
<code>Transport</code>: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4332">#4332</a></li>
<li>fix handling of IPv4-mapped IPv6 addresses: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4309">#4309</a></li>
<li>fix duplicate logging of the <code>key_discarded</code> event for
Handshake packets: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4274">#4274</a></li>
<li>send CONNECTION_REFUSED when refusing connections: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4250">#4250</a></li>
<li>http3: tighten validation logic for the :protocol pseudo header: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4261">#4261</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>remove shutdown method on the Connection by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4249">quic-go/quic-go#4249</a></li>
<li>send the CONNECTION_REFUSED error when refusing a connection by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4250">quic-go/quic-go#4250</a></li>
<li>don't remove closed connections from the server's accept queue by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4245">quic-go/quic-go#4245</a></li>
<li>handshake: unexport Set{Read,Write}Key methods on the cryptoSetup by
<a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4254">quic-go/quic-go#4254</a></li>
<li>handshake: fix documentation for updatableAEAD.SetWriteKey by <a
href="https://github.com/putyWang"><code>@​putyWang</code></a> in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4256">quic-go/quic-go#4256</a></li>
<li>add Transport config options to limit the number of handshakes by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4248">quic-go/quic-go#4248</a></li>
<li>remove the RequireAddressValidation callback from the Config by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4253">quic-go/quic-go#4253</a></li>
<li>fix incorrect statement about connection ID lengths in the Transport
by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4247">quic-go/quic-go#4247</a></li>
<li>remove unneeded nil check for new connections in the server by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4260">quic-go/quic-go#4260</a></li>
<li>ci: update to Go 1.22rc2 by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4267">quic-go/quic-go#4267</a></li>
<li>fix flaky handshake limiting test by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4270">quic-go/quic-go#4270</a></li>
<li>http3: only use :protocol pseudo-header for Extended CONNECT by <a
href="https://github.com/taoso"><code>@​taoso</code></a> in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4261">quic-go/quic-go#4261</a></li>
<li>fix flaky accept queue test by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4280">quic-go/quic-go#4280</a></li>
<li>fix flaky handshake limiting test by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4281">quic-go/quic-go#4281</a></li>
<li>only log the discarding of Handshake keys once by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4274">quic-go/quic-go#4274</a></li>
<li>testutils: add a perspective function parameter to
ComposeInitialPacket by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4276">quic-go/quic-go#4276</a></li>
<li>fix flaky outgoing streams map test by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4283">quic-go/quic-go#4283</a></li>
<li>wire: remove FrameParser interface, expose FrameParser struct by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4284">quic-go/quic-go#4284</a></li>
<li>ackhandler: remove unused RTTStats from the received packet handler
by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4287">quic-go/quic-go#4287</a></li>
<li>testutils: make the package public by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4290">quic-go/quic-go#4290</a></li>
<li>ci: remove unused depguard check for qtls by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4291">quic-go/quic-go#4291</a></li>
<li>ci: make Codecov ignore testutils and testdata by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4292">quic-go/quic-go#4292</a></li>
<li>testutils: expose aliases for all frames by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4293">quic-go/quic-go#4293</a></li>
<li>ackhandler: don't delay ACKs for Initial and Handshake packets by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4288">quic-go/quic-go#4288</a></li>
<li>protocol: rename VersionNumber to Version by <a
href="https://github.com/marten-seemann"><code>@​marten-seemann</code></a>
in <a
href="https://redirect.github.com/quic-go/quic-go/pull/4295">quic-go/quic-go#4295</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a"><code>4a99b81</code></a>
close connection when an abnormally large number of frames are queued
(<a
href="https://redirect.github.com/quic-go/quic-go/issues/4369">#4369</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/9971fedd42e9cb853d05fa94809d84743ffa010f"><code>9971fed</code></a>
use Transport.VerifySourceAddress to control the Retry Mechanism (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4362">#4362</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/497d3f58a556ea2aea596609e464e4f0b45b8031"><code>497d3f5</code></a>
http3: add a RoundTripOpt to check the server's SETTINGS frame (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4355">#4355</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/ca787d6f0095a2e192792cf3a49f4f1ec06920f7"><code>ca787d6</code></a>
add an AddrVerified field to the ClientHelloInfo (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4360">#4360</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/f1476390f2c161a66ec51a1b39b81f8e3e2407f6"><code>f147639</code></a>
update gomock to v0.4.0 (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4361">#4361</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/06b421411d88a805723eb01321555a205e6ead9c"><code>06b4214</code></a>
remove unused ReceiveStream.CloseRemote method (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4357">#4357</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/5fd5d7770dfcf7361337dccc57f6e56ea6a33c56"><code>5fd5d77</code></a>
Merge pull request <a
href="https://redirect.github.com/quic-go/quic-go/issues/4305">#4305</a>
from quic-go/qlog-tracer</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/30e01b9524a4a9fbbb285d2280a31ac4c427d0bd"><code>30e01b9</code></a>
use the transport tracer in integration tests</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/55c05aceed4bcc47219058f8d777076bb844815c"><code>55c05ac</code></a>
qlog: log sent packets outside of a QUIC connection</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/aff90a6ffa3b09c73386f8980d67edc3f32679a3"><code>aff90a6</code></a>
qlog: log sent Version Negotiation packets</li>
<li>Additional commits viewable in <a
href="https://github.com/quic-go/quic-go/compare/v0.41.0...v0.42.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/quic-go/quic-go&package-manager=go_modules&previous-version=0.41.0&new-version=0.42.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod |  4 ++--
 go.sum | 10 ++++++----
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 407138e8a..60e011668 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/invopop/jsonschema v0.12.0
 	github.com/joho/godotenv v1.5.1
 	github.com/matoous/go-nanoid/v2 v2.0.0
-	github.com/quic-go/quic-go v0.41.0
+	github.com/quic-go/quic-go v0.42.0
 	github.com/reactivex/rxgo/v2 v2.5.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/second-state/WasmEdge-go v0.13.4
@@ -70,7 +70,7 @@ require (
 	go.opentelemetry.io/otel/metric v1.24.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.1.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/mock v0.3.0 // indirect
+	go.uber.org/mock v0.4.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
diff --git a/go.sum b/go.sum
index 2a2ac6015..876d630f5 100644
--- a/go.sum
+++ b/go.sum
@@ -147,8 +147,8 @@ github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
 github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/quic-go/quic-go v0.41.0 h1:aD8MmHfgqTURWNJy48IYFg2OnxwHT3JL7ahGs73lb4k=
-github.com/quic-go/quic-go v0.41.0/go.mod h1:qCkNjqczPEvgsOnxZ0eCD14lv+B2LHlFAB++CNOh9hA=
+github.com/quic-go/quic-go v0.42.0 h1:uSfdap0eveIl8KXnipv9K7nlwZ5IqLlYOpJ58u5utpM=
+github.com/quic-go/quic-go v0.42.0/go.mod h1:132kz4kL3F9vxhW3CtQJLDVwcFe5wdWeJXXijhsO57M=
 github.com/reactivex/rxgo/v2 v2.5.0 h1:FhPgHwX9vKdNQB2gq9EPt+EKk9QrrzoeztGbEEnZam4=
 github.com/reactivex/rxgo/v2 v2.5.0/go.mod h1:bs4fVZxcb5ZckLIOeIeVH942yunJLWDABWGbrHAW+qU=
 github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
@@ -251,8 +251,8 @@ go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
 go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0=
 go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/mock v0.3.0 h1:3mUxI1No2/60yUYax92Pt8eNOEecx2D3lcXZh2NEZJo=
-go.uber.org/mock v0.3.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
+go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
+go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
 go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
 go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
 go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
@@ -315,6 +315,8 @@ golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
+golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=