Skip to content

Bump the gomod group with 2 updates#2392

Merged
stefanvanburen merged 1 commit intomainfrom
dependabot/go_modules/gomod-5a44e270a9
Apr 13, 2026
Merged

Bump the gomod group with 2 updates#2392
stefanvanburen merged 1 commit intomainfrom
dependabot/go_modules/gomod-5a44e270a9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps the gomod group with 2 updates: github.com/google/go-containerregistry and golang.org/x/mod.

Updates github.com/google/go-containerregistry from 0.21.3 to 0.21.5

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.5

What's Changed

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

v0.21.4

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.21.3...v0.21.4

Commits
  • 5b80281 build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps gro...
  • b99bca2 build(deps): bump aws-actions/configure-aws-credentials (#2257)
  • f8be1d4 update to Go 1.26.2 (#2255)
  • 87ad88b Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 (#2254)
  • e8813dd goreleaser: Update goreleaser config and GH action for releases (#2253)
  • e90447d replace gcloud in binary calls in pkg/v1/google tests (#2085)
  • 0d0368c revert path traversal and symlink escape changes (#2250)
  • a2f47d4 transport: validate Bearer realm URL to prevent SSRF (#2243)
  • 19a36cd fork distribution client v3 auth-challenge as an internal package (squashed) ...
  • c612a9b Bump codecov/codecov-action from 5.5.2 to 5.5.3 in the actions group (#2240)
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.34.0 to 0.35.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gomod group with 2 updates
98cef88 
Bumps the gomod group with 2 updates: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) and [golang.org/x/mod](https://github.com/golang/mod).


Updates `github.com/google/go-containerregistry` from 0.21.3 to 0.21.5
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.3...v0.21.5)

Updates `golang.org/x/mod` from 0.34.0 to 0.35.0
- [Commits](golang/mod@v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: golang.org/x/mod
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 13, 2026
@stefanvanburen stefanvanburen merged commit afc27b7 into main Apr 13, 2026
4 checks passed
@stefanvanburen stefanvanburen deleted the dependabot/go_modules/gomod-5a44e270a9 branch April 13, 2026 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stefanvanburen stefanvanburen stefanvanburen approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stefanvanburen