Skip to content

build(deps): bump the go-deps group across 1 directory with 8 updates #1869

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump the go-deps group across 1 directory with 8 updates #1869

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 14, 2025
edited
Loading

Bumps the go-deps group with 8 updates in the / directory:

Package From To
github.com/fluxcd/pkg/auth 0.21.0 0.24.0
github.com/minio/minio-go/v7 7.0.94 7.0.95
github.com/onsi/gomega 1.37.0 1.38.0
github.com/prometheus/client_golang 1.22.0 1.23.0
github.com/sigstore/cosign/v2 2.5.2 2.5.3
github.com/spf13/pflag 1.0.6 1.0.7
golang.org/x/crypto 0.40.0 0.41.0
google.golang.org/api 0.241.0 0.247.0

Updates github.com/fluxcd/pkg/auth from 0.21.0 to 0.24.0

Commits
  • c964ce7 Merge pull request #858 from fluxcd/custom-healthchecks-impl
  • 62d235c Add CEL library with custom healthchecks to runtime
  • 243510f Merge pull request #863 from fluxcd/dependabot/github_actions/ci-83dfb6cda2
  • 3cffbeb build(deps): bump the ci group across 1 directory with 3 updates
  • 2f763a4 Merge pull request #857 from fluxcd/custom-healthchecks
  • a6353b2 Add healthcheck expressions to kustomize types
  • af0f283 Merge pull request #859 from fluxcd/cel-meta
  • 1178930 Add InvalidCELExpressionReason to apis/meta
  • f39dac4 Merge pull request #861 from fluxcd/deps-kube-v0.32.1
  • 70e88cb Update dependencies
  • Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.94 to 7.0.95

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix Release

What's Changed

New Contributors

Full Changelog: minio/minio-go@v7.0.94...v7.0.95

Commits
  • bd91926 make sure to avoid closing the input reader (#2137)
  • 94f7e5e fix: DurationSeconds is a QueryValues not a Form data (#2128) (#2129)
  • 456f9b2 fix: explicitly use UTC for expiration field when marshaling PostPolicy (#2135)
  • beae4df setting multiple keys to trailer is not allowed
  • 6358be6 extend more missing headers for PartUploads (#2132)
  • bab3180 fix: missing append() API behavior (#2131)
  • 8a07725 set checksum headers requested properly (#2130)
  • 9b18e49 update all deps (#2125)
  • 68615a3 fix: prefix should use stringLike when new a bucketPolicy (2) (#2124)
  • 8eacd80 test: add test for PresignedPostPolicy with empty fileName (#2119)
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.37.0 to 1.38.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.0

1.38.0

Features

  • gstruct handles extra unexported fields [4ee7ed0]

Fixes

  • support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

  • Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
  • Fix typo [acd1f55]
  • Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
  • Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
  • Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
  • Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
  • Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
  • Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
  • Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.0

Features

  • gstruct handles extra unexported fields [4ee7ed0]

Fixes

  • support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

  • Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
  • Fix typo [acd1f55]
  • Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
  • Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
  • Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
  • Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
  • Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
  • Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
  • Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]
Commits
  • c1237df v1.38.0
  • 36bbf72 support [] in IgnoringTopFunction function signatures (#851)
  • 4ee7ed0 gstruct handles extra unexported fields
  • 529d408 Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846)
  • acd1f55 Fix typo
  • bae65a0 Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835)
  • 8dda91f Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842)
  • 212d812 Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843)
  • 59bd7f9 Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839)
  • 328c729 Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834)
  • Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.22.0 to 1.23.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.0 - 2025-07-30

  • [CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812
  • [FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766
  • [FEATURE] Add exemplars for native histograms #1686
  • [ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823
  • [ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833
  • [BUGFIX] exp/api: client prompt return on context cancellation #1729

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.0 / 2025-07-30

  • [CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812
  • [FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766
  • [FEATURE] Add exemplars for native histograms #1686
  • [ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823
  • [ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833
  • [BUGFIX] exp/api: client prompt return on context cancellation #1729
Commits

Updates github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.5.3

Changelog

  • 488ef8ceed5ab5d77379e9077a124a0d0df41d06 Add signing-config create command (#4280)
  • 722207e0059efea600a7c03ea4ff6caa889d84d3 Allow multiple services to be specified for trusted-root create (#4285)
  • 2ee22fcdf520a984281ff0195be89810a952280c force when copying the latest image to overwrite (#4298)
  • 86560e15eb407f7fa2ddddc7d9dbc4ba33cff635 Fix cert verification logic for trusted-root/SCTs (#4294)
  • 9f3b013feb3d46c8ee6d5539e7b13eb736ba14ce Fix lint error for types package (#4295)
  • 3b3c0fc20b621ed148b3efea00204f67bfda039d feat: Add OCI 1.1+ experimental support to tree (#4205)
  • 49c8d784a78d298d0eef1f9898d70eb2d0f07536 Add validity period end for trusted-root create (#4271)
  • ba8214ec0c6e50ef8c4e4272a16ccfacf5f3147d avoid double-loading trustedroot from file (#4264)

Thanks to all contributors!

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.5.3

Features

  • Add signing-config create command (#4280)
  • Allow multiple services to be specified for trusted-root create (#4285)
  • feat: Add OCI 1.1+ experimental support to tree (#4205)
  • Add validity period end for trusted-root create (#4271)

Bug Fixes

  • Fix cert verification logic for trusted-root/SCTs (#4294)
  • force when copying the latest image to overwrite (#4298)
  • avoid double-loading trustedroot from file (#4264)
Commits
  • 488ef8c Add signing-config create command (#4280)
  • 722207e Allow multiple services to be specified for trusted-root create (#4285)
  • e31d70b bump go-github to v73 (#4297)
  • 2ee22fc force when copying the latest image to overwrite (#4298)
  • 86560e1 Fix cert verification logic for trusted-root/SCTs (#4294)
  • 9f3b013 Fix lint error for types package (#4295)
  • 34f0ff9 chore(deps): bump github.com/buildkite/agent/v3 from 3.101.0 to 3.102.1 (#4288)
  • b2b9462 chore(deps): bump github.com/sigstore/protobuf-specs from 0.4.3 to 0.5.0 (#4289)
  • 60d47a0 chore(deps): bump google.golang.org/api from 0.240.0 to 0.241.0 (#4291)
  • 5dac117 chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (#4293)
  • Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.6 to 1.0.7

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.7

What's Changed

New Contributors

Full Changelog: spf13/pflag@v1.0.6...v1.0.7

Commits
  • f9cbdd9 Merge pull request #348 from max-frank/add-time-flag-support
  • e3be2eb Reduce duplication by forwarding to sibling functions
  • 7cc25e3 Don't export TimeValue (yet)
  • d15848d Remove unnecessary time test stderr dev null redirect
  • c5ce22e Use time.Time for expectations in time flag tests
  • 1992c5a Add support for time.Time flags
  • 1c62fb2 Merge pull request #431 from LeGEC/430-fix-usage-message-for-func-flags
  • 1a4b5b2 fix discrepancy in order of arguments for Func() and BoolFunc() #433
  • 4730aa0 fix help message for Func and BoolFunc flags #430
  • f4c97c2 minor: fix typos in comments
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.40.0 to 0.41.0

Commits
  • ef5341b go.mod: update golang.org/x dependencies
  • b999374 acme: fix pebble subprocess output data race
  • c247dea x509roots/fallback: store bundle certs directly in DER
  • 1fda731 acme: increase pebble test waitForServer attempts
  • 1b4c3d2 x509roots/fallback: update bundle
  • b903b53 acme: capture pebble test subprocess stdout/stderr
  • See full diff in compare view

Updates google.golang.org/api from 0.241.0 to 0.247.0

Release notes

Sourced from google.golang.org/api's releases.

v0.247.0

0.247.0 (2025-08-11)

Features

v0.246.0

0.246.0 (2025-08-06)

Features

Bug Fixes

  • idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

v0.245.0

0.245.0 (2025-08-05)

Features

Bug Fixes

  • gensupport: Fix transferChunk race condition by returning response with non-cancelled context. (#3258) (091d422)

v0.244.0

0.244.0 (2025-07-30)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.247.0 (2025-08-11)

Features

0.246.0 (2025-08-06)

Features

Bug Fixes

  • idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

0.245.0 (2025-08-05)

Features

Bug Fixes

  • gensupport: Fix transferChunk race condition by returning response with non-cancelled context. (#3258) (091d422)

0.244.0 (2025-07-30)

Features

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the dependencies Pull requests that update a dependency label Aug 14, 2025
@dependabot
build(deps): bump the go-deps group across 1 directory with 8 updates
70ff921 
Bumps the go-deps group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/fluxcd/pkg/auth](https://github.com/fluxcd/pkg) | `0.21.0` | `0.24.0` |
| [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.94` | `7.0.95` |
| [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.37.0` | `1.38.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.22.0` | `1.23.0` |
| [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.5.2` | `2.5.3` |
| [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.6` | `1.0.7` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.40.0` | `0.41.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.241.0` | `0.247.0` |



Updates `github.com/fluxcd/pkg/auth` from 0.21.0 to 0.24.0
- [Commits](fluxcd/pkg@git/v0.21.0...git/v0.24.0)

Updates `github.com/minio/minio-go/v7` from 7.0.94 to 7.0.95
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](minio/minio-go@v7.0.94...v7.0.95)

Updates `github.com/onsi/gomega` from 1.37.0 to 1.38.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.37.0...v1.38.0)

Updates `github.com/prometheus/client_golang` from 1.22.0 to 1.23.0
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.22.0...v1.23.0)

Updates `github.com/sigstore/cosign/v2` from 2.5.2 to 2.5.3
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v2.5.2...v2.5.3)

Updates `github.com/spf13/pflag` from 1.0.6 to 1.0.7
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](spf13/pflag@v1.0.6...v1.0.7)

Updates `golang.org/x/crypto` from 0.40.0 to 0.41.0
- [Commits](golang/crypto@v0.40.0...v0.41.0)

Updates `google.golang.org/api` from 0.241.0 to 0.247.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.241.0...v0.247.0)

---
updated-dependencies:
- dependency-name: github.com/fluxcd/pkg/auth
  dependency-version: 0.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/minio/minio-go/v7
  dependency-version: 7.0.95
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/prometheus/client_golang
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/sigstore/cosign/v2
  dependency-version: 2.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: golang.org/x/crypto
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: google.golang.org/api
  dependency-version: 0.247.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/go-deps-119a6c5b7b branch from fd51446 to 70ff921 Compare August 14, 2025 14:24
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 17, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Aug 17, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/go-deps-119a6c5b7b branch August 17, 2025 16:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants