build(deps): bump the misc-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the misc-dependencies group with 2 updates in the /hack/tools directory: github.com/golangci/golangci-lint/v2 and github.com/mikefarah/yq/v4.

Updates github.com/golangci/golangci-lint/v2 from 2.11.4 to 2.12.2

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.12.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• 0b01827ae79a0cb92002b4b39867d133cef4c05c build(deps): bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2 in /pkg/golinters/ginkgolinter/testdata in the linter-testdata group across 1 directory (#6559)
• 1a0697fc84d7f1376c8d8b1ebe20d9331c3d221f build(deps): bump github.com/pelletier/go-toml/v2 from 2.3.0 to 2.3.1 (#6548)
• f11cfe0f968601fb4cf40c704ca18e97b49282dd build(deps): bump github.com/ryancurrah/gomodguard/v2 from 2.1.0 to 2.1.3 (#6549)
• fb2c2411a7e6b05778c097c971e4017d2a6ef5c9 build(deps): bump github.com/shirou/gopsutil/v4 from 4.26.3 to 4.26.4 (#6547)
• 9a10710cd9d198dbda7ebdf39f7be4c659bc20c9 build(deps): bump github.com/uudashr/iface from 1.4.1 to 1.4.2 (#6557)
• 81e8f81bbb341152bb21dc516981cb4c30712088 gomodguard: fix blocked configuration (#6561)

v2.12.1

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

[!IMPORTANT] If you are using the install script from the master branch: https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh This branch is not used anymore, we are using main.

We recommend using https://golangci-lint.run/install.sh as URL to install golangci-lint.

https://golangci-lint.run/docs/welcome/install/local/#binaries

• 35b2189782a6a059489289257e6523550167cb64 fix: install.sh script (#6539)
• 3a006ab284f52a5aac0a7daa77ae683e43fb7b69 gomodguard: fix panic with migration suggestion (#6542)

v2.12.0

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

... (truncated)

Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.12.2

Released on 2026-05-06

1. Linters bug fixes
   • gomodguard_v2: fix blocked configuration
   • gomodguard_v2: from 2.1.0 to 2.1.3
   • iface: from 1.4.1 to 1.4.2

v2.12.1

Released on 2026-05-01

1. Linters bug fixes
   • gomodguard_v2: fix panic with migration suggestion
2. Misc.
   • fix install.sh script (if you are still using an URL based on the branch master, please update to use https://golangci-lint.run/install.sh)

v2.12.0

Released on 2026-05-01

1. New linters
   • Add clickhouselint linter https://github.com/ClickHouse/clickhouse-go-linter
2. Linters new features or changes
   • dupl: from f665c8d69b32 to c99c5cf5c202 (extended detection)
   • funcorder: from 0.5.0 to 0.6.0 (new option: function)
   • goconst: add an option to ignore strings from tests
   • goconst: from 1.8.2 to 1.10.0 (extended detection)
   • gomodguard_v2: from 1.4.1 to 2.1.0 (major version with new configuration)
   • gosec: from 619ce2117e08 to 2.26.1 (new checks: G124, G708, G709, G710)
   • govet: add inline analyzer
   • makezero: from 2.1.0 to 2.2.1 (support slice type aliases)
   • paralleltest: expose checkcleanup option
   • sloglint: from 0.11.1 to 0.12.0 (new options: allowed-keys, custom-funcs)
   • wsl_v5: from 5.6.0 to 5.8.0 (new option: cuddle-max-statements; new checks: after-decl, after-defer, after-expr, after-go, cuddle-group)
3. Linters bug fixes
   • forbidigo: from 2.3.0 to 2.3.1
   • godot: from 1.5.4 to 1.5.6
   • govet-modernize: from 0.43.0 to 0.44.0
   • ireturn: from 0.4.0 to 0.4.1
   • rowserrcheck: from 1.1.1 to c5f79b8
4. Misc.
   • Decrease cache entropy
   • Embed the JSON schema in the binary
   • Filter env vars when cloning the repository with the custom command

Commits

• c0d3ddc chore: prepare release
• 41f8dfb dev: keep only JSONSchema (#6564)
• 81e8f81 gomodguard: fix blocked configuration (#6561)
• 9a10710 build(deps): bump github.com/uudashr/iface from 1.4.1 to 1.4.2 (#6557)
• 0b01827 build(deps): bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2 in /pkg/gol...
• 18bc4bf docs: update GitHub Action assets (#6554)
• 54a04eb dev: update Hugo (#6553)
• 0e8093b docs: update documentation assets (#6552)
• b665704 dev: workaround for post-release trigger (#6551)
• 006d012 dev: update documentation theme (#6550)
• Additional commits viewable in compare view

Updates github.com/mikefarah/yq/v4 from 4.44.5 to 4.53.2

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.53.2

• Releases and tags now signed and immutable!
• Add system(command; args) operator (disabled by default) (#2640)
• TOML encoder: prefer readable table sections over inline tables (#2649)
• Fix TOML encoder to quote keys containing special characters (#2648)
• Add string slicing support (#2639)
• Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
• Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
• Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
• Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
• Bumped dependencies

v4.52.5

• Fix: reset TOML decoder state between files (#2634) thanks @​terminalchai
• Fix: preserve original filename when using --front-matter (#2613) thanks @​cobyfrombrooklyn-bot
• Fix typo in filename (#2611) thanks @​alexandear
• Bumped dependencies

v4.52.4

• Dropping windows/arm - no longer supported in cross-compile
• Fixing comments in TOML arrays (#2592)
• Bumped dependencies

v4.52.2

• Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
• Fixed TOML table scope after comments (#2588) Thanks @​tomers
• Multiply uses a readonly context (#2558)
• Fixed merge globbing wildcards in keys (#2564)
• Fixing TOML subarray parsing issue (#2581)

v4.52.1 - TOML roundtrip and more!

• TOML encoder support - you can now roundtrip! #1364

• Parent now supports negative indices, and added a 'root' command for referencing the top level document

• Fixed scalar encoding for HCL

• Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

• Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

• Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

• Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

• Added K8S KYAML output format support (#2560) Thanks @​robbat2

• Bumped dependencies

• Special shout out to @​ccoVeille for reviewing my PRs!

Thanks to everyone that contributed ❤️

v4.50.1 - HCL!

• Added HCL Support - First cut - hopefully it works well! (#1844)
• Fixing handling of CRLF #2352
• Bumped dependencies

... (truncated)

Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.53.2:

• Fixing release process

4.53.1:

• Releases and tags now signed and immutable!
• Add system(command; args) operator (disabled by default) (#2640)
• TOML encoder: prefer readable table sections over inline tables (#2649)
• Fix TOML encoder to quote keys containing special characters (#2648)
• Add string slicing support (#2639)
• Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
• Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
• Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
• Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
• Bumped dependencies

4.52.5:

• Fix: reset TOML decoder state between files (#2634) thanks @​terminalchai
• Fix: preserve original filename when using --front-matter (#2613) thanks @​cobyfrombrooklyn-bot
• Fix typo in filename (#2611) thanks @​alexandear
• Bumped dependencies

4.52.4:

• Dropping windows/arm - no longer supported in cross-compile

4.52.3:

• Fixing comments in TOML arrays (#2592)
• Bumped dependencies

4.52.2:

• Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
• Fixed TOML table scope after comments (#2588) Thanks @​tomers
• Multiply uses a readonly context (#2558)
• Fixed merge globbing wildcards in keys (#2564)
• Fixing TOML subarray parsing issue (#2581)

4.52.1:

• TOML encoder support - you can now roundtrip! #1364

• Parent now supports negative indices, and added a 'root' command for referencing the top level document

• Fixed scalar encoding for HCL

• Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

• Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

• Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

• Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

• Added K8S KYAML output format support (#2560) Thanks @​robbat2

• Bumped dependencies

• Special shout out to @​ccoVeille for reviewing my PRs!

... (truncated)

Commits

• 751d8ad Bumping version
• 6dd681a Fixing release signing
• fc7c337 Updating bump version script
• e969dd7 Bumping version
• dc4b4ea Preparing release notes
• 602586d Create scorecard.yml
• 9a0335a fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege...
• 838c516 Trying to test release
• c8f6c1a Updating release to sign checksums
• 0e80383 chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF ...
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.34.0 to 0.35.0

Commits

• 03901d3 go.mod: update golang.org/x dependencies
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated development tool dependencies and indirect requirements to their latest versions for improved stability and compatibility.

[openshift-merge-bot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: b196b26b-85da-4613-8ddf-88a2ddbc3011

📥 Commits

Reviewing files that changed from the base of the PR and between 37f46b9 and eebc701.

⛔ Files ignored due to path filters (299)

• hack/tools/go.sum is excluded by !**/*.sum
• hack/tools/vendor/charm.land/lipgloss/v2/.editorconfig is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/.gitattributes is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/.gitignore is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/.goreleaser.yml is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/README.md is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/Taskfile.yaml is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/UPGRADE_GUIDE_V2.md is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/align.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/ansi_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/ansi_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/blending.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/borders.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/canvas.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/color.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/get.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/join.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/layer.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/lipgloss.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/position.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/query.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/ranges.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/runes.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/set.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/size.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/style.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/terminal.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/unset.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/whitespace.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/wrap.go is excluded by !**/vendor/**
• hack/tools/vendor/charm.land/lipgloss/v2/writer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ClickHouse/clickhouse-go-linter/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ClickHouse/clickhouse-go-linter/internal/util/util.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ClickHouse/clickhouse-go-linter/passes/chbatchclose/chbatchclose.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ClickHouse/clickhouse-go-linter/passes/chrowserr/chrowserr.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/Masterminds/semver/v3/.gitignore is excluded by !**/vendor/**
• hack/tools/vendor/github.com/Masterminds/semver/v3/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/Masterminds/semver/v3/constraints.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/Masterminds/semver/v3/version.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/a8m/envsubst/parse/parse.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/.gitignore is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/.travis.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/DCO is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/MAINTAINERS is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/NOTICE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/levenshtein.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/agext/levenshtein/params.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/COPYING is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/Dockerfile is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/formatters/svg/font_liberation_mono.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/ampl.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/erb.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/gas.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/gettext.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/graphql.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/javascript.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/json.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/lateralus.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/lua.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/luau.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/materialize_sql_dialect.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/meson.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/mysql.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/php.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/scdoc.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/spade.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/typescript.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/embedded/xml.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/lexers/erb.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/regexp.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/api.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/compat.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/darcula.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/github-dark.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/kanagawa-dragon.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/kanagawa-lotus.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/kanagawa-wave.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/styles/solarized-light.xml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/tokentype_enumer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/chroma/v2/types.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/participle/v2/lexer/simple.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/participle/v2/lexer/stateful.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/alecthomas/participle/v2/lexer/text_scanner.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/all_tokens.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/emoji_table.rl is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/generate.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/grapheme_clusters.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/grapheme_clusters.rl is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/grapheme_clusters_table.rl is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/tables.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/unicode2ragel.rb is excluded by !**/vendor/**
• hack/tools/vendor/github.com/apparentlymart/go-textseg/v15/textseg/utf8_seqs.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ashanbrown/forbidigo/v2/forbidigo/patterns.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/ashanbrown/makezero/v2/makezero/makezero.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/aymanbagabas/go-osc52/v2/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/aymanbagabas/go-osc52/v2/osc52.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/CHECKS.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/analyzer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/config.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/cursor.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/bombsimon/wsl/v5/wsl.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/butuzov/ireturn/analyzer/analyzer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/butuzov/ireturn/analyzer/internal/config/new.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/butuzov/ireturn/analyzer/std.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/env.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/env_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/profile.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/colorprofile/writer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/lipgloss/ansi_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/lipgloss/ansi_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/lipgloss/color.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/lipgloss/renderer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/.gitattributes is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/.goreleaser.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/TUTORIAL.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/border.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/buffer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/cancelreader_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/cancelreader_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/cell.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/cursor.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/decoder.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/doc.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/environ.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/event.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/key.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/key_table.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/layout.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/logger.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/mouse.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/styled.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/tabstop.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_bsdly.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_bsdly_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_reader.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_reader_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_reader_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_renderer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_renderer_hardscroll.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_renderer_hashmap.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_tabdly.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_tabdly_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/terminal_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/tty.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/tty_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/tty_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/tty_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/utils.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/uv.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/winch.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/winch_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/ultraviolet/winch_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/cursor.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/inband.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/kitty/decoder.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/kitty/encoder.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/kitty/graphics.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/kitty/options.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/kitty/writer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/method.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/mode.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/mode_deprecated.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/mouse.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/notification.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/palette.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/parser_decode.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/parser_sync.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/progress.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/sgr.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/style.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/truncate.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/urxvt.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/width.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/winop.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/ansi/wrap.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/buffer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/cell.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/errors.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/geom.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/link.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/screen.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/sequence.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/style.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/utils.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/wrap.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/cellbuf/writer.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/term/term.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/term/term_plan9.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/term/term_unix.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/term/term_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/term/util.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/bit_bsd.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/bit_darwin.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/bit_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/syscalls_bsd.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/syscalls_darwin.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/syscalls_linux.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/termios.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/termios_bsd.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/termios_linux.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/termios_other.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/termios/termios_solaris.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/doc.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/syscall_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/types.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/types_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/charmbracelet/x/windows/zsyscall_windows.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/.gitignore is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/AGENTS.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/CHANGELOG.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/gen.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/graphemes.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/options.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/trie.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/truncate.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/displaywidth/width.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/ansi.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/ansi8.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/iterator.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/reader.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/splitfunc.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/clipperhouse/uax29/v2/graphemes/trie.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/dlclark/regexp2/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/dlclark/regexp2/runner.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/elliotchance/orderedmap/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/elliotchance/orderedmap/orderedmap.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/.editorconfig is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/.gitignore is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/.golangci.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/LICENSE is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/Makefile is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/README.md is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/codecov.yml is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/data_source.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/deprecated.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/error.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/file.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/helper.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/ini.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/key.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/parser.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/section.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/go-ini/ini/struct.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/decoder/compile.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/decoder/compile_norace.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/decoder/compile_race.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/encoder/code.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/encoder/compiler.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/encoder/compiler_norace.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/encoder/compiler_race.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/encoder/encoder.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-json/internal/runtime/type.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/ast/ast.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/decode.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/encode.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/internal/format/format.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/option.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/parser/parser.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/path.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/scanner/scanner.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/goccy/go-yaml/yaml.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/dupl/printer/html.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/dupl/suffixtree/dupl.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/dupl/suffixtree/suffixtree.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/dupl/syntax/golang/golang.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/dupl/syntax/syntax.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/internal/cache/cache.go is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/custom-gcl.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.next.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.57.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.58.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.59.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.60.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.61.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.62.jsonschema.json is excluded by !**/vendor/**
• hack/tools/vendor/github.com/golangci/golangci-lint/v2/jsonschema/golangci.v1.63.jsonschema.json is excluded by !**/vendor/**

📒 Files selected for processing (1)

• hack/tools/go.mod

---

📝 Walkthrough

Walkthrough

The hack/tools/go.mod file was updated with version bumps across Go tool dependencies and indirect requirements. Direct tooling dependencies were upgraded, including golangci-lint/v2 from v2.11.4 to v2.12.2, mikefarah/yq/v4 from v4.44.5 to v4.53.2, and golang.org/x/mod from v0.34.0 to v0.35.0. Additionally, numerous indirect dependencies were updated to newer versions across linting, analysis, and security-related modules. New indirect dependencies were added, including charm.land/lipgloss/v2 and go.yaml.in/yaml/v4. Existing replace directives remained unchanged.

🚥 Pre-merge checks | ✅ 10 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Microshift Test Compatibility	⚠️ Warning	New e2e tests use MicroShift-unavailable APIs without required protection tags. external_oidc_test.go uses ClusterOperator API but lacks [apigroup:config.openshift.io] tag.	Add [apigroup:config.openshift.io] tag to tests using ClusterOperator. Mark tests using machine.openshift.io or OLM APIs with appropriate [apigroup:...] tags.
Title check	❓ Inconclusive	The title is vague and generic, using non-descriptive phrasing like 'misc-dependencies group' that obscures the actual technical changes; it doesn't clearly convey what dependencies are being updated or why.	Consider a more specific title like 'build(deps): upgrade golangci-lint, yq, and golang.org/x/mod in hack/tools' to clearly identify the primary dependencies being updated.

✅ Passed checks (10 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	PR modifies only hack/tools/go.mod, a dependency file with no test code. Custom check applies only to Ginkgo test names, which are not present here.
Test Structure And Quality	✅ Passed	Custom check for Ginkgo test code quality is not applicable to this PR, which only updates Go module dependencies in hack/tools/go.mod with no test code changes.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR is a Go module dependency update (golangci-lint, yq, golang.org/x/mod) in hack/tools and does not add any Ginkgo e2e tests. The SNO compatibility check is not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only modifies hack/tools/go.mod, a Go module dependency file for build/linting tools. No deployment manifests, operator code, controllers, or scheduling constraints are affected.
Ote Binary Stdout Contract	✅ Passed	PR only modifies hack/tools/go.mod with dependency version bumps. No source code changes present, so no stdout writes can be introduced.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR only updates Go module dependencies in hack/tools/go.mod. No new Ginkgo e2e tests are being added, so this check is not applicable.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/hack/tools/misc-dependencies-18a5f88f7e

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign jparrill for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/images	eebc701	link	true	/test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[hypershift-jira-solve-ci]

Test Failure Analysis Complete

Job Information

• Prow Job: pull-ci-openshift-hypershift-main-images
• Build ID: 2052555691607986176
• PR: build(deps): bump the misc-dependencies group across 1 directory with 3 updates #8463 — build(deps): bump the misc-dependencies group across 1 directory with 3 updates
• Failed Jobs: 3 (ci/prow/images, verify / Verify, gitlint / Gitlint)

Test Failure Analysis

Error

vendor/github.com/hashicorp/hcl/v2/tools.go:10:2: import "golang.org/x/tools/cmd/stringer"
is a program, not an importable package
make: *** [Makefile:158: /home/runner/_work/hypershift/hypershift/hack/tools/bin/yq] Error 1

Summary

The dependabot PR bumps yq/v4 from v4.44.5 → v4.53.2 and golangci-lint/v2 from v2.11.4 → v2.12.2 in hack/tools/. The yq upgrade introduced a new transitive dependency on hashicorp/hcl/v2 v2.24.0, which contains a tools.go file that imports golang.org/x/tools/cmd/stringer (a binary, not a library). Because the Makefile builds yq with -tags=tools, the hcl/v2/tools.go file is compiled, causing the build to fail. The Prow images job failure is unrelated — it is an infrastructure issue where the CI image registry cannot find ocp_5.0_vcf-migration-operator. The gitlint failure is a cosmetic issue with dependabot's auto-generated commit message exceeding the 140-character line length limit.

Root Cause

Verify failure (primary): The bump of github.com/mikefarah/yq/v4 from v4.44.5 to v4.53.2 introduced github.com/hashicorp/hcl/v2 v2.24.0 as a new transitive dependency. This version of hcl/v2 ships a tools.go file with a //go:build tools constraint that imports golang.org/x/tools/cmd/stringer — a Go binary program, not an importable library.

The HyperShift Makefile builds yq with go build -tags=tools, which activates every //go:build tools file in the vendored dependency tree, including hcl/v2/tools.go. When the Go compiler encounters the import of a main package (cmd/stringer), it correctly rejects it with: import "golang.org/x/tools/cmd/stringer" is a program, not an importable package.

This is a known upstream issue in hashicorp/hcl/v2 — their tools.go pattern is designed for go generate (running stringer) but is incompatible with consumers who use -tags=tools to build tool binaries from vendored dependencies.

Prow images failure (unrelated): The ci-operator step [release-inputs:latest] failed trying to import the image tag ocp_5.0_vcf-migration-operator from the OCP 5.0 release stream. This image does not exist in the registry (quay.io/openshift/ci:ocp_5.0_vcf-migration-operator not found). This is a CI infrastructure / release configuration issue completely unrelated to the PR's dependency changes.

Gitlint failure (cosmetic): Dependabot's auto-generated commit body line exceeds the 140-character limit enforced by gitlint (line is 227 characters). This is a standard dependabot formatting issue, not related to the code changes.

Recommendations

1. Fix the yq build (primary fix): Delete the offending vendored file: rm hack/tools/vendor/github.com/hashicorp/hcl/v2/tools.go and commit. This file is only needed for hcl/v2's own code generation and is not required by consumers.

2. Alternative: Stop using -tags=tools for yq build: Change the Makefile to build yq without -tags=tools (e.g., go build -o $(BIN_DIR)/yq github.com/mikefarah/yq/v4). However, this requires ensuring the tools import file (hack/tools/tools.go) still works for dependency tracking.

3. Gitlint: Either reword the dependabot commit message to wrap lines under 140 characters, or squash-merge with a shorter commit message.

4. Prow images job: Retry after the OCP 5.0 release stream is updated to include vcf-migration-operator, or file a CI infrastructure issue. This failure will resolve independently and is not blocking the PR's changes.

Evidence

Evidence	Detail
Verify error	vendor/github.com/hashicorp/hcl/v2/tools.go:10:2: import "golang.org/x/tools/cmd/stringer" is a program, not an importable package
Offending file	hack/tools/vendor/github.com/hashicorp/hcl/v2/tools.go — new file introduced by hcl/v2 v2.24.0, has //go:build tools constraint
Build command	cd ./hack/tools; GO111MODULE=on GOWORK=off GOFLAGS=-mod=vendor go build -tags=tools -o bin/yq github.com/mikefarah/yq/v4
Dependency chain	yq/v4 v4.44.5→v4.53.2 pulled in hashicorp/hcl/v2 v2.24.0 (not present before this PR)
hcl/v2 was absent before PR	go.sum on base branch (37f46b94) has zero entries for hashicorp/hcl/v2
Prow images error	failed to reimport tag ci-op-isr6d9j3/stable:vcf-migration-operator: … "ocp_5.0_vcf-migration-operator" not found — CI infra issue
Gitlint error	3: B1 Line exceeds max length (227>140) on dependabot auto-generated commit body
golangci-lint bump	v2.11.4 → v2.12.2 (not contributing to the build failure)

---