build(deps): bump github.com/golangci/golangci-lint/v2 from 2.11.1 to 2.11.3 in /hack/tools in the misc-dependencies group

[dependabot]

Bumps the misc-dependencies group in /hack/tools with 1 update: github.com/golangci/golangci-lint/v2.

Updates github.com/golangci/golangci-lint/v2 from 2.11.1 to 2.11.3

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.11.3

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• 697a1899cc458a617306273776854c4a4fd3c09d build(deps): bump github.com/securego/gosec/v2 from v2.24.7 to 619ce2117e08 (#6424)
• 760f8ab58f508c36d0da483000e7dec66c5096c3 build(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in /scripts/gen_github_action_config in the scripts group (#6425)
• 5ea763ec8d0060c93002d79ab2bce1bad7480600 build(deps): bump the github-actions group with 2 updates (#6426)

v2.11.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• 6ebd82f6a722198cd276533485d7a458450d1ed3 fix: fmt with path (#6418)

Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.11.3

Released on 2026-03-10

1. Linters bug fixes
   • gosec: from v2.24.7 to 619ce2117e08

v2.11.2

Released on 2026-03-07

1. Fixes
   • fmt: fix error when using the fmt command with explicit paths.

Commits

• 6008b81 chore: prepare release
• 697a189 build(deps): bump github.com/securego/gosec/v2 from v2.24.7 to 619ce2117e08 (...
• 5ea763e build(deps): bump the github-actions group with 2 updates (#6426)
• 760f8ab build(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 in /scripts/gen_g...
• bba7663 docs: update GitHub Action assets (#6419)
• e8f6219 chore: prepare release
• 6ebd82f fix: fmt with path (#6418)
• 9cab9dc docs: update GitHub Action assets (#6415)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Bumped development and CI dependency versions (linting, security scanning, and Go tooling/os-package modules), improving developer tooling, static checks, and build-time utilities.
  • These updates do not alter public APIs or runtime behavior; they only affect development, tooling, and CI processes.

[openshift-ci-robot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: c8136a6e-3e16-4082-b457-85e95d8d28e8

📥 Commits

Reviewing files that changed from the base of the PR and between e99d380 and 644a54f.

⛔ Files ignored due to path filters (70)

• hack/tools/go.sum is excluded by !**/*.sum
• hack/tools/vendor/github.com/fatih/color/color.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/fatih/color/color_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/x/tools/analysisflags/readme.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/x/tools/analysisinternal/readme.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/x/tools/driverutil/readfile.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/x/tools/driverutil/readme.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/x/tools/driverutil/url.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/pkg/goanalysis/runner_checker.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/pkg/goformat/runner.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/pkg/golinters/sqlclosecheck/sqlclosecheck.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/pkg/lint/lintersdb/builder_linter.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ryanrolds/sqlclosecheck/pkg/analyzer/analyzer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ryanrolds/sqlclosecheck/pkg/analyzer/closed.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ryanrolds/sqlclosecheck/pkg/analyzer/configurable.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ryanrolds/sqlclosecheck/pkg/analyzer/defer_only.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/action.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/analyzer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/analyzers/context_propagation.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/analyzers/conversion_overflow.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/securego/gosec/v2/taint/taint.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/sonatard/noctx/.goreleaser.yml is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/crypto/ssh/agent/server.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/http2.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/server.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/transport.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/writesched.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/net/http2/writesched_random.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sync/singleflight/singleflight.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/asm_darwin_arm64_gc.s is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/cpu_arm64.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/cpu/syscall_darwin_arm64_gc.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/plan9/syscall_plan9.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/unix/ztypes_linux.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/windows/aliases.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/windows/registry/key.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/sys/windows/syscall_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/analysis.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/lostcancel/lostcancel.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/atomic.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/doc.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/errorsastype.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/fmtappendf.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/minmax.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/modernize.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/rangeint.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/reflect.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/slicescontains.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/stditerators.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/stringsbuilder.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/stringscut.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/stringscutprefix.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/unsafefuncs.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/analysis/passes/modernize/waitgroup.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/packages/golist.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/packages/packages.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/go/ssa/builder.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/internal/astutil/comment.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/internal/astutil/stringlit.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/internal/astutil/util.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/internal/goplsexport/export.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/internal/refactor/refactor.go is excluded by !**/vendor/**
• hack/tools/vendor/golang.org/x/tools/refactor/satisfy/find.go is excluded by !**/vendor/**
• hack/tools/vendor/modules.txt is excluded by !**/vendor/**

📒 Files selected for processing (1)

• hack/tools/go.mod

🚧 Files skipped from review as they are similar to previous changes (1)

• hack/tools/go.mod

---

📝 Walkthrough

Walkthrough

This pull request updates dependency versions in hack/tools/go.mod. The direct lint tool github.com/golangci/golangci-lint/v2 is bumped from v2.11.1 to v2.11.4. Several indirect dependencies were advanced, including github.com/fatih/color v1.18.0→v1.19.0, github.com/ryanrolds/sqlclosecheck v0.5.1→v0.6.0, github.com/securego/gosec/v2 to v2.24.8-0.20260309165252-619ce2117e08, github.com/sonatard/noctx v0.5.0→v0.5.1, and multiple golang.org/x modules (crypto, mod, net, sync, sys, term, text, tools) were advanced. No module metadata or exported/public APIs were changed.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the primary change: bumping golangci-lint from 2.11.1 to 2.11.3 in the /hack/tools directory. It is specific, clear, and directly reflects the main modification in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	PR modifies only hack/tools/go.mod for dependency version updates with no changes to test files or Ginkgo test names.
Test Structure And Quality	✅ Passed	This PR updates Go module dependencies without modifying any test files or Ginkgo test code, making the test structure and quality check outside scope.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/hack/tools/misc-dependencies-2f9d1fc2e4

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign enxebre for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@dependabot[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[dependabot]

Looks like github.com/golangci/golangci-lint/v2 is updatable in another way, so this is no longer needed.