Skip to content

chore(deps): update go dependencies#1881

Open
red-hat-konflux[bot] wants to merge 1 commit into
release-1.4from
konflux/mintmaker/release-1.4/go-deps
Open

chore(deps): update go dependencies#1881
red-hat-konflux[bot] wants to merge 1 commit into
release-1.4from
konflux/mintmaker/release-1.4/go-deps

Conversation

@red-hat-konflux

@red-hat-konflux red-hat-konflux Bot commented May 25, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
github.com/docker/cli indirect minor v29.5.2+incompatiblev29.6.1+incompatible
github.com/docker/docker-credential-helpers indirect patch v0.9.7v0.9.8
github.com/go-openapi/jsonpointer indirect patch v0.23.1v0.23.2
github.com/go-openapi/jsonreference indirect patch v0.21.5v0.21.6
github.com/go-openapi/swag indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/cmdutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/conv indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/fileutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/jsonname indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/jsonutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/loading indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/mangling indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/netutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/stringutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/typeutils indirect patch v0.26.0v0.26.1
github.com/go-openapi/swag/yamlutils indirect patch v0.26.0v0.26.1
github.com/google/go-containerregistry require patch v0.21.6v0.21.7
github.com/google/pprof indirect digest 92041b77023385
github.com/onsi/ginkgo/v2 require minor v2.29.0v2.32.0
github.com/onsi/gomega require minor v1.41.0v1.42.1
github.com/openshift/api require digest 09730f83d22ba1
github.com/operator-framework/api require minor v0.42.0v0.44.0
github.com/prometheus/common indirect minor v0.67.5v0.69.0
go.yaml.in/yaml/v2 indirect major v2.4.3v3.0.4
golang.org/x/mod indirect minor v0.36.0v0.37.0
golang.org/x/net indirect minor v0.55.0v0.56.0
golang.org/x/sync indirect minor v0.20.0v0.21.0
golang.org/x/sys indirect minor v0.45.0v0.46.0
golang.org/x/term indirect minor v0.43.0v0.44.0
golang.org/x/text indirect minor v0.37.0v0.38.0
golang.org/x/tools indirect minor v0.45.0v0.47.0
gomodules.xyz/jsonpatch/v2 indirect major v2.4.0v3.0.1
gopkg.in/evanphx/json-patch.v4 indirect major v4.13.0v5.9.11
k8s.io/api require patch v0.36.1v0.36.2
k8s.io/apiextensions-apiserver indirect patch v0.36.1v0.36.2
k8s.io/apimachinery require patch v0.36.1v0.36.2
k8s.io/client-go require patch v0.36.1v0.36.2
k8s.io/kube-aggregator require patch v0.36.1v0.36.2
k8s.io/kube-openapi indirect digest aa012df8f3fa49
k8s.io/streaming indirect patch v0.36.1v0.36.2

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

docker/cli (github.com/docker/cli)

v29.6.1+incompatible

Compare Source

v29.6.0+incompatible

Compare Source

v29.5.3+incompatible

Compare Source

docker/docker-credential-helpers (github.com/docker/docker-credential-helpers)

v0.9.8

Compare Source

What's Changed

  • update to go1.26.4
  • wincred: inline label, and append to existing
  • build(deps): bump actions/checkout from 6.0.2 to 6.0.3
  • build(deps): bump codecov/codecov-action from 6.0.0 to 6.0.1
  • build(deps): bump crazy-max/.github/.github/workflows/zizmor.yml from 1.7.1 to 1.10.0
  • build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
  • build(deps): bump docker/setup-buildx-action from 4.0.0 to 4.1.0
  • build(deps): bump docker/setup-qemu-action from 4.0.0 to 4.1.0

Full Changelog: docker/docker-credential-helpers@v0.9.7...v0.9.8

go-openapi/jsonpointer (github.com/go-openapi/jsonpointer)

v0.23.2

Compare Source

0.23.2 - 2026-06-26

Full Changelog: go-openapi/jsonpointer@v0.23.1...v0.23.2

13 commits in this release.

Implemented enhancements
  • feat(ci): added shared workflow for bot-pr monitoring by @​fredbi ...
Documentation
Miscellaneous tasks
Updates
People who contributed to this release

jsonpointer license terms

License

go-openapi/jsonreference (github.com/go-openapi/jsonreference)

v0.21.6

Compare Source

0.21.6 - 2026-05-31

Full Changelog: go-openapi/jsonreference@v0.21.5...v0.21.6

21 commits in this release.

Documentation
Code quality
Miscellaneous tasks
Updates
People who contributed to this release

jsonreference license terms

License

go-openapi/swag (github.com/go-openapi/swag)

v0.26.1

Compare Source

0.26.1 - 2026-06-07

Full Changelog: go-openapi/swag@v0.26.0...v0.26.1

12 commits in this release.

Implemented enhancements
  • feat(loading): sandbox local loading with WithRoot (GHSA-v2xp-g8xf-22pf) by @​fredbi in #​203 ...
  • feat(ci): added shared workflow for bot-pr monitoring by @​fredbi ...
Documentation
Miscellaneous tasks
Security
Updates
People who contributed to this release

swag license terms

License

Per-module changes

conv (0.26.1)

Miscellaneous tasks
Updates

fileutils (0.26.1)

Updates

jsonname (0.26.1)

Updates

jsonutils/adapters/easyjson (0.26.1)

Miscellaneous tasks
Updates

jsonutils/adapters/testintegration/benchmarks (0.26.1)

Miscellaneous tasks
Updates

jsonutils/adapters/testintegration (0.26.1)

Miscellaneous tasks
Updates

jsonutils/fixtures_test (0.26.1)

Updates

jsonutils (0.26.1)

Miscellaneous tasks
Updates

loading (0.26.1)

Implemented enhancements
  • feat(loading): sandbox local loading with WithRoot (GHSA-v2xp-g8xf-22pf) by @​fredbi in #​203 ...
Miscellaneous tasks
Security
Updates

mangling (0.26.1)

Updates

netutils (0.26.1)

Updates

stringutils (0.26.1)

Updates

typeutils (0.26.1)

Updates

yamlutils (0.26.1)

Miscellaneous tasks
Updates
google/go-containerregistry (github.com/google/go-containerregistry)

v0.21.7

Compare Source

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.21.6...v0.21.7

onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.32.0

Compare Source

2.32.0

-fd generate RSpec-style documentation output. Thank @​woodie !
--sleep-on-failure pauses a failed spec before teardown. Thanks @​qinqon !

v2.31.0

Compare Source

2.31.0

Add a bunch of Claude Skills via the marketplace:

/plugin marketplace add onsi/ginkgo
/plugin install ginkgo@ginkgo

v2.30.0

Compare Source

2.30.0

Features

Ginkgo now allows extentions/global.Reset to support running multiple suites from within a single process. This may take some massaging on your part (see 1672) but can dramatically speed up codebases with O(hundreds) of test suites.

Thanks @​lawrencejones !

Fixes
  • Fix nested --github-output group for progress report nested inside timeline [4f62d7a]
onsi/gomega (github.com/onsi/gomega)

v1.42.1

Compare Source

1.42.1

Bump Dependencies

v1.42.0

Compare Source

1.42.0

Add a set of Claude skill as a marketplace plugin

operator-framework/api (github.com/operator-framework/api)

v0.44.0

Compare Source

What's Changed

Full Changelog: operator-framework/api@v0.43.0...v0.44.0

v0.43.0

Compare Source

What's Changed

New Contributors

Full Changelog: operator-framework/api@v0.42.0...v0.43.0

prometheus/common (github.com/prometheus/common)

v0.69.0

Compare Source

Security / behavior changes
  • config: credentials are no longer forwarded across cross-host redirects. When FollowRedirects is enabled, the HTTP client now strips Authorization, Cookie, Proxy-Authorization and other sensitive headers, and skips basic-auth, bearer-token and OAuth2 credentials, when a redirect points to a different host. This aligns with Go's net/http behavior. Callers that relied on credentials being sent to a redirect target on another host will need to target that host directly. #​901 #​920 #​921
  • config: LoadHTTPConfigFile now resolves relative file paths (e.g. *_file credentials, http_headers files) against the config file's own directory instead of its parent directory. Configs that worked around the old behavior by prefixing paths with the config's directory name must drop that prefix. #​925
Bugfixes
  • expfmt: fix nil pointer panic when parsing empty braces {}. #​922
  • model: fix Time.UnmarshalJSON for larger negative numbers. #​918
Performance
  • model: reduce allocations in Time.UnmarshalJSON. #​918
Internal
  • Synchronize common files from prometheus/prometheus. #​917
  • Modernize Go. #​919

Full Changelog: prometheus/common@v0.68.1...v0.69.0

v0.68.1

Compare Source

Security / behavior changes
  • config: credentials are no longer forwarded across cross-host redirects. When FollowRedirects is enabled, the HTTP client now strips Authorization, Cookie, Proxy-Authorization and other sensitive headers, and skips basic-auth, bearer-token and OAuth2 credentials, when a redirect points to a different host. This aligns with Go's net/http behavior. Callers that relied on credentials being sent to a redirect target on another host will need to target that host directly. #​901 #​920 #​921
  • config: LoadHTTPConfigFile now resolves relative file paths (e.g. *_file credentials, http_headers files) against the config file's own directory instead of its parent directory. Configs that worked around the old behavior by prefixing paths with the config's directory name must drop that prefix. #​925
Bugfixes
  • expfmt: fix nil pointer panic when parsing empty braces {}. #​922
  • model: fix Time.UnmarshalJSON for larger negative numbers. #​918
Performance
  • model: reduce allocations in Time.UnmarshalJSON. #​918
Internal
  • Synchronize common files from prometheus/prometheus. #​917
  • Modernize Go. #​919

Full Changelog: prometheus/common@v0.68.1...v0.69.0

v0.68.0

Compare Source

What's Changed

Note

PR body was truncated to here.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch 9 times, most recently from 315c6f8 to fbcb8ac Compare June 3, 2026 14:35
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch 6 times, most recently from 531230b to 08dcc6a Compare June 5, 2026 18:36
@red-hat-konflux

red-hat-konflux Bot commented Jun 5, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.26.0 -> 1.26.3

@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch 13 times, most recently from 179ed24 to 1f52ab8 Compare June 18, 2026 22:34
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch 21 times, most recently from 6c15323 to cae3e9d Compare June 26, 2026 05:49
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch 7 times, most recently from a446352 to 454b994 Compare June 28, 2026 21:25
@red-hat-konflux
chore(deps): update go dependencies
3215c09 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.4/go-deps branch from 454b994 to 3215c09 Compare June 29, 2026 05:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants