Skip to content

chore: bump the all group with 6 updates#255

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-6026664e20
Closed

chore: bump the all group with 6 updates#255
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-6026664e20

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 1, 2026

Bumps the all group with 6 updates:

Package From To
github.com/onsi/ginkgo/v2 2.27.2 2.28.1
github.com/onsi/gomega 1.38.2 1.39.0
k8s.io/api 0.34.2 0.35.2
k8s.io/apimachinery 0.34.2 0.35.2
k8s.io/client-go 0.34.2 0.35.2
sigs.k8s.io/controller-runtime 0.22.4 0.23.1

Updates github.com/onsi/ginkgo/v2 from 2.27.2 to 2.28.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.1

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

v2.27.3

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Commits

Updates github.com/onsi/gomega from 1.38.2 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits
  • 49561ad v1.39.0
  • 8f7f425 document MatchErrorStrictly
  • bae643d add matcher relecting errors.Is behavior
  • a3ca2ca v1.38.3
  • 4dada36 fix failing have http tests
  • d40c691 make string formatitng more consistent for users who use format.Object directly
  • 2a37b46 doc: fix typos
  • ee26170 docs: fix HaveValue example
  • cc85c05 Bump actions/setup-go from 5 to 6 (#866)
  • 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
  • Additional commits viewable in compare view

Updates k8s.io/api from 0.34.2 to 0.35.2

Commits
  • 8a137cd Update dependencies to v0.35.2 tag
  • bbcbaa8 Merge remote-tracking branch 'origin/master' into release-1.35
  • 5bced61 Bump golang.org/x/crypto to v0.45.0
  • 39e2e26 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • c22b4a1 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • e3b1f3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 3da327c Update vendored dependencies
  • c764b44 Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
  • aced136 Generated files from API changes
  • 02d790d Adding Resources and AllocatedResoures fields to the list of expected fields ...
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.2 to 0.35.2

Commits
  • 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
  • e2a2dbc Bump golang.org/x/crypto to v0.45.0
  • 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 52154f7 Update vendored dependencies
  • 5a348c5 KEP-5471: Extend tolerations operators (#134665)
  • 6f89492 Merge pull request #133648 from richabanker/merged-discovery
  • c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
  • 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.34.2 to 0.35.2

Commits
  • a21b329 Update dependencies to v0.35.2 tag
  • 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
  • 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
  • 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
  • 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
  • 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
  • 97256a6 Bump golang.org/x/crypto to v0.45.0
  • 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • 171ef8c Use transformer in consistency checker
  • 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.22.4 to 0.23.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.23.1

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.0...v0.23.1

v0.23.0

🔆 Highlights

⚠️ Breaking changes

✨ Features

🐛 Bugfixes

... (truncated)

Commits
  • f52bbb8 Merge pull request #3437 from k8s-infra-cherrypick-robot/cherry-pick-3430-to-...
  • 4f41337 Merge pull request #3438 from k8s-infra-cherrypick-robot/cherry-pick-3434-to-...
  • e29a1b9 seedling: Test cache reader waits for cache sync
  • 83c8dc3 bug: Fakeclient: Fix status apply if existing object has managedFields set
  • bf6bcd5 Merge pull request #3436 from k8s-infra-cherrypick-robot/cherry-pick-3431-to-...
  • b6a3a46 bug: Fix panic when using CRs with embedded pointer structs
  • 7866fb0 Merge pull request #3433 from k8s-infra-cherrypick-robot/cherry-pick-3425-to-...
  • 90b26f7 check to see if informer is synced and started before returning cache
  • 129853d Merge pull request #3419 from alvaroaleman/limit-cardinality
  • 00b8b07 🐛 Limit depthWithPriorityMetric cardinality to 25
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the all group with 6 updates
983de35 
Bumps the all group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.27.2` | `2.28.1` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.38.2` | `1.39.0` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.34.2` | `0.35.2` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.34.2` | `0.35.2` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.34.2` | `0.35.2` |
| [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.22.4` | `0.23.1` |


Updates `github.com/onsi/ginkgo/v2` from 2.27.2 to 2.28.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.27.2...v2.28.1)

Updates `github.com/onsi/gomega` from 1.38.2 to 1.39.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.2...v1.39.0)

Updates `k8s.io/api` from 0.34.2 to 0.35.2
- [Commits](kubernetes/api@v0.34.2...v0.35.2)

Updates `k8s.io/apimachinery` from 0.34.2 to 0.35.2
- [Commits](kubernetes/apimachinery@v0.34.2...v0.35.2)

Updates `k8s.io/client-go` from 0.34.2 to 0.35.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.34.2...v0.35.2)

Updates `sigs.k8s.io/controller-runtime` from 0.22.4 to 0.23.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.22.4...v0.23.1)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested review from a team as code owners March 1, 2026 20:55
@jamiezieziula
Copy link
Contributor

jamiezieziula commented Mar 2, 2026

Dependency Review Summary

Changes

Dependency Old New Bump
github.com/onsi/ginkgo/v2 2.27.2 2.28.1 minor
github.com/onsi/gomega 1.38.2 1.39.0 minor
k8s.io/api 0.34.2 0.35.2 minor
k8s.io/apimachinery 0.34.2 0.35.2 minor
k8s.io/client-go 0.34.2 0.35.2 minor
sigs.k8s.io/controller-runtime 0.22.4 0.23.1 minor

Release Notes Highlights

sigs.k8s.io/controller-runtime 0.22.4 -> 0.23.1 (v0.23.0 release notes, v0.23.1 release notes)

  • BREAKING: Webhook API changes - builder pattern and validator/defaulter method signatures now use concrete types instead of runtime.Object
  • BREAKING: Events API migration - RBAC manifests must use events.k8s.io apiGroup instead of core apiGroup
  • Priority queue now enabled by default
  • New subresource Apply support
  • Bug fix in v0.23.1: Cache reader waits for sync when ReaderFailOnMissingInformer is true

k8s.io/ libraries 0.34.2 -> 0.35.2* (Kubernetes 1.35 release notes)

  • Kubernetes API update from 1.34 to 1.35
  • KEP-5471: Extended tolerations operators
  • Pod-level in-place resize API changes
  • New util/sort functions for topological sorting

github.com/onsi/ginkgo/v2 2.27.2 -> 2.28.1 (releases)

  • Requires Go 1.24 (Go 1.23 out of support)
  • Adds SemVer filter support
  • Memory optimizations and bug fixes

github.com/onsi/gomega 1.38.2 -> 1.39.0 (releases)

  • Adds MatchErrorStrictly matcher

Recommendation

🛑 Test before merging — This PR contains breaking changes in controller-runtime that require code modifications:

  1. Webhook implementations must be updated if the operator uses webhooks (method signatures changed from runtime.Object to concrete types)
  2. RBAC manifests must be updated if using event recorders (switch to events.k8s.io apiGroup)
  3. Kubernetes version jump from 1.34 to 1.35 requires testing with supported clusters
  4. Go 1.24 must be available in CI/CD

Required actions before merge:

  • Search codebase for builder.WebhookManagedBy, ValidateCreate, ValidateUpdate, ValidateDelete, Default methods
  • Review RBAC for event recorder permissions
  • Run full integration test suite
  • Verify operator works with Kubernetes 1.34-1.35

See the dependency triage runbook for validation steps.

Reviewed by Claude Code /review-deps skill

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 4, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@jamiezieziula jamiezieziula deleted the dependabot/go_modules/all-6026664e20 branch March 4, 2026 14:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

automated-dependency-updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jamiezieziula