chore(deps): update go dependencies by red-hat-konflux[bot] · Pull Request #110 · securesign/policy-controller

red-hat-konflux · 2026-02-26T14:10:54Z

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
github.com/ThalesIgnite/crypto11	indirect	minor	`v1.2.5` -> `v1.6.0`
github.com/google/certificate-transparency-go	indirect	patch	`v1.3.2` -> `v1.3.3`
github.com/open-policy-agent/opa	indirect	minor	`v1.13.2` -> `v1.14.0`
github.com/sigstore/scaffolding	require	patch	`v0.7.22` -> `v0.7.33`
github.com/valyala/fastjson	indirect	patch	`v1.6.7` -> `v1.6.10`
google.golang.org/genproto	indirect	digest	`2f722ef` -> `a57be14`
google.golang.org/genproto/googleapis/api	indirect	digest	`2f722ef` -> `a57be14`
google.golang.org/genproto/googleapis/rpc	indirect	digest	`2f722ef` -> `a57be14`

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

ThalesIgnite/crypto11 (github.com/ThalesIgnite/crypto11)

What's Changed

Fix findkeys error and eval byte nil or len zero by @Nicolas-Peiffer in ThalesGroup#122
Update go1.24.5 by @Nicolas-Peiffer in ThalesGroup#123

Full Changelog: ThalesGroup/crypto11@v1.4.1...v1.5.0

`v1.4.1`

Compare Source

What's Changed

update to go 1.23.6
fix: underlying library context is reused through reference counting by @ek-1n574 in ThalesGroup#114

New Contributors

@ek-1n574 made their first contribution in ThalesGroup#114

Full Changelog: ThalesGroup/crypto11@v1.4.0...v1.4.1

`v1.4.0`

Compare Source

What's Changed

upgrade to go1.23.6 by @Nicolas-Peiffer in ThalesGroup#116

New Contributors

@Nicolas-Peiffer made their first contribution in ThalesGroup#116

Full Changelog: ThalesGroup/crypto11@v1.3.0...v1.4.0

`v1.3.0`

Compare Source

What's Changed

feature: optimized aes cbc support by @IceManGreen in ThalesGroup#107
RSA support for asymmetric decryption by @IceManGreen in ThalesGroup#115

New Contributors

@IceManGreen made their first contribution in ThalesGroup#107

Full Changelog: ThalesGroup/crypto11@v1.2.1...v1.3.0

google/certificate-transparency-go (github.com/google/certificate-transparency-go)

`v1.3.3`

Compare Source

CTFE

set explicit http server timeouts by @1seal in #1755
Regenerate protos by @phbnf in #1743
Update instructions to generate protos by @phbnf in #1742
ctfe: Enforce max request and header size limits by @fghanmi in #1720
[CTFE] Add a /log.v3.json endpoint to help satisfy a requirement of the Chrome CT Log Policy by @robstradling in #1703

Tools

Log list library

Support tiled logs in the loglist3 logfilter functions by @robstradling in #1762
Add FindTiledLog* functions by @robstradling in #1763

Submission proxy

Cap request body size in submission proxy by @1seal in #1754
add some additional log messages around CT log compatibility by @breadyzhang in #1734

Other

jsonclient: don't depend on error text from other packages in tests by @neild in #1741
Parse klog flags in preloader. by @phbnf in #1711
Fix incorrect leaf hash calculation for precertificates in upload command by @Barre in #1710

Misc

Remove internal witness by @roger2hk in #1765
Update transparency-dev slack invite link by @taknira in #1718

Dependency updates

Bump golangci-lint version to v2.10.1 by @roger2hk in #1769
Bump the all-deps group with 7 updates by @dependabot[bot] in #1768
Bump github/codeql-action from 4.32.0 to 4.32.4 in the all-deps group by @dependabot[bot] in #1767
Bump the docker-deps group across 2 directories with 2 updates by @dependabot[bot] in #1766
Bump filippo.io/edwards25519 from 1.1.0 to 1.1.1 by @dependabot[bot] in #1764
Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in #1758
Bump the all-deps group with 3 updates by @dependabot[bot] in #1757
Bump golang.org/x/crypto from 0.46.0 to 0.47.0 in the all-deps group by @dependabot[bot] in #1756
Bumped linter and fixed a potential race condition by @mhutchinson in #1753
Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in #1750
Bump the all-deps group with 9 updates by @dependabot[bot] in #1749
Bump the all-deps group across 1 directory with 5 updates by @dependabot[bot] in #1748
Bump the all-deps group with 4 updates by @dependabot[bot] in #1745
Bump the docker-deps group across 4 directories with 1 update by @dependabot[bot] in #1744
Bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @dependabot[bot] in #1740
Bump the docker-deps group across 5 directories with 3 updates by @dependabot[bot] in #1737
Bump the all-deps group with 4 updates by @dependabot[bot] in #1736
Bump the all-deps group with 2 updates by @dependabot[bot] in #1735
Bump Go from 1.23 to 1.24 by @roger2hk in #1733
Bump the docker-deps group across 4 directories with 2 updates by @dependabot[bot] in #1732
Bump the all-deps group with 10 updates by @dependabot[bot] in #1731
Bump the all-deps group with 3 updates by @dependabot[bot] in #1730
Bump the docker-deps group across 4 directories with 2 updates by @dependabot[bot] in #1727
Bump the all-deps group with 2 updates by @dependabot[bot] in #1726
Bump the all-deps group with 6 updates by @dependabot[bot] in #1725
Bump github/codeql-action from 3.29.2 to 3.29.5 in the all-deps group by @dependabot[bot] in #1723
Bump the docker-deps group across 5 directories with 2 updates by @dependabot[bot] in #1722
Bump the all-deps group with 8 updates by @dependabot[bot] in #1721
Bump the all-deps group with 8 updates by @dependabot[bot] in #1717
Bump the docker-deps group across 4 directories with 2 updates by @dependabot[bot] in #1716
Bump github/codeql-action from 3.29.0 to 3.29.2 in the all-deps group by @dependabot[bot] in #1715
add continuous mode by @phbnf in #1714
Bump golangci-lint from 2.0.2 to 2.1.6 by @roger2hk in #1713
Bump the all-deps group with 4 updates by @dependabot[bot] in #1706

open-policy-agent/opa (github.com/open-policy-agent/opa)

`v1.14.0`

Compare Source

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

Improved rule indexing of variable assignments and x in {...} expressions
Support for --h2c with unix domain socket for opa run
A new glossary tooltip for technical terms in the docs
Fixes published in the v1.13.1 and v1.13.2 releases

Improved rule indexing of variable assignments and `x in {...}` expressions (#1841)

With this change, the rule indexer will index expressions like:

allow if input.role in {"admin", "user"}

On lookup, the rule body will only be returned if input.role is either one of "admin" or "user".

The reverse case is also indexed:

allow if "admin" in input.roles

in which the searched collection is unknown.

Authored by @srenatus reported by @nischalsheth

Runtime, SDK, Tooling

cmd,run: Support --h2c with unix domain socket (UDS) (#8282) authored by @srenatus reported by @theJC
cmd,tester: Add line number next to test file in pretty format (#8328) authored by @sspaink reported by @anderseknert
plugins: Fix race accessing registeredTriggers (#8363) reported and authored by @szuecs
rego: Add ResultValue[T]() helper method (#8320) authored by @srenatus
runtime: Add custom storage backend registration API (#8277) authored and reported by @alex60217101990
topdown: Add config option to disable named inter-query built-in cache (#7519) authored by @sspaink reported by @johanfylling

Compiler, Topdown and Rego

ast: Add index else == nil test, fix it (#8348) authored by @srenatus
ast: Add scaffolding to introspect and skip compiler stages (#8304) (authored by @srenatus)
ast: Ensure term values implement ast.StringLengther (#8374) authored by @charlieegan3
ast: Fix double-fix for refs["with-a"].dash as package (#8286) authored by @srenatus
ast: Optimized template-expression handling of values known to be defined (#8310) authored by @anderseknert
ast: Put rule indices into rule tree, change Values to []*Rule (#8298) authored by @srenatus
ast: Replace true expr when appending to empty body (#8299) authored by @anderseknert
ast: Return correct location of unsafe var in object (#7935) authored by @sspaink reported by @anderseknert
ast: Use StageID in WithStageAfterID, also for QueryCompiler (follow-up) (#8306) authored by @srenatus
compile: Add StringLength to lazy object (#8369) authored by @charlieegan3 reported by @robmyersrobmyers
parser: Add test to verify filename interning in Location (#8322) authored by @anderseknert
perf: Allocate less in array unification (#8351) authored by @anderseknert
perf: Various minor eval performance tweaks (#8290) authored by @anderseknert
perf: json.patch + interning improvements (#8289) authored by @anderseknert
topdown: Optimize bindings allocation with dynamic pre-sizing (#7266) authored by @alex60217101990
topdown: Preserve original package name with special characters in optimized builds (#8284) authored by @sspaink reported by @at50989
wasm: Updates (LLVM+tools) (#8295) authored by @srenatus

Docs, Website, Ecosystem

docs: Add examples to glob.match built-in documentation (#8252) authored by @sibasispadhi reported by @anderseknert
docs: Add workflow to auto update Regal docs (#8318) authored by @charlieegan3
docs: Document metrics for http.send, regex, and glob built-ins (#6730) authored by @anivar reported by @rudrakhp
docs: Fix json.patch target description (#8271) authored by @anderseknert
docs: Update broken links (#8285) authored by @charlieegan3
docs: Update bundle signing docs to clarify key config (#8307) authored by @charlieegan3
docs: Update faulty example using bundle optimize (#5379) authored by @sspaink reported by @bluebrown
docs: Update interface{} -> any in golang snippets (#8373) authored by @srenatus
docs/website: Add a new KubeCon event page (#8311) authored by @charlieegan3
docs/website: Add formatting and linting checks (#8288) authored by @charlieegan3
docs/website: Allow Regal import to use local dir (#8312) authored by @charlieegan3
docs/website: Implement new GlossaryTooltip component (#8367) authored by @charlieegan3
docs/website: Markdown linting and spell checking for documentation (#8292) authored by @charlieegan3
docs/website: Redirect /docs/latest/ecosystem (#8315) authored by @charlieegan3 reported by @tweekSun1

Miscellaneous

maintainers: Moving nilekhc to emeritus, and renew maintainer terms (#8276) authored by @JaydipGabani
ast: Add public method to extend the compliance test cases with IR plans (#7556) authored by @sspaink reported by @shomron
ast: Tiny nitpicky cleanup (#8309) authored by @srenatus
chore: Clean up bundle storage tests (#8267) authored by @anderseknert
chore: Remove unnecessary comment from bundle JWT verification impl (#8354) authored by @johanfylling
ci: Bump golangci-lint (v2.9.0), fix issues (#8314) authored by @srenatus
ci: Harden and update all GH Actions workflows (#8356, #8377, #8368 authored by @philipaconrad and @srenatus
go: Cleanup old build flags (#8314) authored by @srenatus
rego: Remove superfluous package import of plugins (#6754) authored by @srenatus reported by @oxisto
tests: Extract runtime Info to new package (#8362) authored by @charlieegan3
tests: Fix BenchmarkFunctionArgumentCounts query (#8327) authored by @alex60217101990
tests: Disable rule indexing for benchmark (#8375) authored by @srenatus
workflows: Add nightly vuln checks for released versions/images (#8336 #8339) authored by @srenatus
Dependency updates; notably:
- build: bump golang from 1.25.6 to 1.26.0
- build(deps): build(deps): bump go.opentelemetry.io deps from 1.39.0/0.64.0 to 1.40.0/0.65.0
  Applying fix for GHSA-9h8m-3fm2-qjrq
- build(deps): bump github.com/dgraph-io/badger/v4 from 4.9.0 to 4.9.1
- build(deps): bump github.com/huandu/go-sqlbuilder from 1.39.0 to 1.39.1
- build(deps): bump golang.org/x/net from 0.49.0 to 0.50.0
- build(deps): bump golang.org/x/text from 0.33.0 to 0.34.0
- build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.1
- build(deps): bump go.opentelemetry.io deps from 1.39.0/0.64.0 to 1.40.0/0.65.0

sigstore/scaffolding (github.com/sigstore/scaffolding)

`v0.7.33`

Compare Source

`v0.7.32`

Compare Source

`v0.7.31`

Compare Source

What's Changed

Add namespace to tesseract images in #1792

Full Changelog: sigstore/scaffolding@v0.7.30...v0.7.31

`v0.7.30`

Compare Source

What's Changed

Build and publish GCP & POSIX TesseraCT in #1789

Full Changelog: sigstore/scaffolding@v0.7.29...v0.7.30

`v0.7.29`

Compare Source

What's Changed

This release reverts a previous change to the prober to allow for insecure gRPC connections, in favor of allowing for gRPC testing to be disabled.

Allow disabling Fulcio gRPC testing via flag in #1787

Full Changelog: sigstore/scaffolding@v0.7.28...v0.7.29

`v0.7.28`

Compare Source

What's Changed

Allow insecure transport for Fulcio gRPC requests to be configured by flag in #1786

Full Changelog: sigstore/scaffolding@v0.7.27...v0.7.28

`v0.7.27`

Compare Source

What's Changed

fix: Adjust Fulcio gRPC URL handling for internal services in #1774

Full Changelog: sigstore/scaffolding@v0.7.26...v0.7.27

`v0.7.26`

Compare Source

What's Changed

Build GCP omniwitness on release in #1775

Full Changelog: sigstore/scaffolding@v0.7.25...v0.7.26

`v0.7.25`

Compare Source

What's Changed

Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @dependabot[bot] in #1617
update docs and clean up scripts by @cpanato in #1624
Parallelize service setup by @cmurphy in #1618
Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #1626
Bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in #1629
Bump github.com/letsencrypt/boulder from 0.0.0-20240620165639-de9c06129bec to 0.20250707.0 by @dependabot[bot] in #1630
Bump cloud-sql-connectors/cloud-sql-proxy from 2.17.1-alpine to 2.18.0-alpine by @dependabot[bot] in #1632
Bump github.com/go-jose/go-jose/v4 from 4.1.0 to 4.1.1 by @dependabot[bot] in #1622
Clean up GHAs using zizmor by @haydentherapper in #1633
Bump chainguard-dev/actions from 1.4.5 to 1.4.7 by @dependabot[bot] in #1644
Bump google.golang.org/grpc from 1.73.0 to 1.74.2 by @dependabot[bot] in #1646
Bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #1645
Bump github.com/letsencrypt/boulder from 0.20250707.0 to 0.20250721.0 by @dependabot[bot] in #1647
Create utility for generating Tink keysets by @haydentherapper in #1627
Bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #1652
Bump chainguard-dev/actions from 1.4.7 to 1.4.8 by @dependabot[bot] in #1651
Bump go.step.sm/crypto from 0.67.0 to 0.68.0 by @dependabot[bot] in #1650
Bump github.com/go-jose/go-jose/v4 from 4.1.1 to 4.1.2 by @dependabot[bot] in #1648
Bump docker/login-action from 3.4.0 to 3.5.0 by @dependabot[bot] in #1658
Bump github/codeql-action from 3.29.7 to 3.29.8 by @dependabot[bot] in #1657
Bump go.step.sm/crypto from 0.68.0 to 0.69.0 by @dependabot[bot] in #1659
Bump github.com/letsencrypt/boulder from 0.20250721.0 to 0.20250805.0 by @dependabot[bot] in #1654
Bump chainguard-dev/actions from 1.4.8 to 1.4.9 by @dependabot[bot] in #1656
Bump sigs.k8s.io/release-utils from 0.11.1 to 0.12.1 by @dependabot[bot] in #1653
Add checkpoint key ID as output for create-tink-keyset by @haydentherapper in #1661
macOS support for hermetic environment by @haydentherapper in #1662
Bump chainguard-dev/actions from 1.4.9 to 1.4.10 by @dependabot[bot] in #1666
Bump github.com/letsencrypt/boulder from 0.20250805.0 to 0.20250812.0 by @dependabot[bot] in #1674
Bump k8s.io/api from 0.33.2 to 0.33.4 by @dependabot[bot] in #1672
Bump github.com/sigstore/rekor-tiles from 0.1.6 to 0.1.9 by @dependabot[bot] in #1673
Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #1667
Bump k8s.io/client-go from 0.33.2 to 0.33.4 by @dependabot[bot] in #1671
Bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 by @dependabot[bot] in #1665
Bump k8s.io/code-generator from 0.33.2 to 0.33.4 by @dependabot[bot] in #1669
Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in #1675
Bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 by @dependabot[bot] in #1677
Bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in #1676
Bump github/codeql-action from 3.29.8 to 3.29.9 by @dependabot[bot] in #1668
Move deps dockerfile to dedicated directory by @haydentherapper in #1678
Bump projectsigstore/rekor-server from v1.3.9 to v1.4.0 in /config/rekor/rekor by @dependabot[bot] in #1683
Bump projectsigstore/fulcio from v1.6.6 to v1.7.1 in /config/fulcio/fulcio by @dependabot[bot] in #1682
Bump trillian-opensource-ci/db_server from ce3a107 to 3dcf614 in /config/trillian/mysql by @dependabot[bot] in #1680
Bump github/codeql-action from 3.29.9 to 3.29.10 by @dependabot[bot] in #1679
Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in #1685
Bump chainguard-dev/actions from 1.4.10 to 1.4.12 by @dependabot[bot] in #1689
Bump go.step.sm/crypto from 0.69.0 to 0.70.0 by @dependabot[bot] in #1691
Bump trillian-opensource-ci/db_server from 3dcf614 to dfbfa89 in /config/trillian/mysql by @dependabot[bot] in #1693
Bump github.com/letsencrypt/boulder from 0.20250812.0 to 0.20250819.0 by @dependabot[bot] in #1690
Bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in #1687
Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @dependabot[bot] in #1688
Trigger Prober Unit Test on pull request by @aaronlew02 in #1694
Bump projectsigstore/rekor-server from v1.4.0 to v1.4.1 in /config/rekor/rekor by @dependabot[bot] in #1704
Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @dependabot[bot] in #1696
Bump github.com/sigstore/rekor from 1.4.0 to 1.4.1 by @dependabot[bot] in #1697
Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3 by @dependabot[bot] in #1637
Bump github.com/sigstore/rekor-tiles from 0.1.9 to 0.1.10 by @dependabot[bot] in #1700
drop 1.30 k8s, add 1.34 and update knative by @cpanato in #1705
Bump projectsigstore/rekor-server from v1.4.1 to v1.4.2 in /config/rekor/rekor by @dependabot[bot] in #1716
Bump trillian-opensource-ci/db_server from dfbfa89 to ce905c8 in /config/trillian/mysql by @dependabot[bot] in #1715
Bump github.com/prometheus/client_golang from 1.23.0 to 1.23.2 by @dependabot[bot] in #1712
Bump golang.org/x/time from 0.12.0 to 0.13.0 by @dependabot[bot] in #1711
Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in #1710
Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #1707
Bump github/codeql-action from 3.29.10 to 3.30.1 by @dependabot[bot] in #1706
Bump chainguard-dev/actions from 1.4.13 to 1.4.14 by @dependabot[bot] in #1708
Bump k8s.io/client-go from 0.33.4 to 0.34.0 by @dependabot[bot] in #1698
Bump sigstore/cosign-installer from 3.9.0 to 3.9.2 by @dependabot[bot] in #1635
Bump cloud-sql-connectors/cloud-sql-proxy from 2.18.0-alpine to 2.18.2-alpine in /deps by @dependabot[bot] in #1684
Bump github.com/letsencrypt/boulder from 0.20250819.0 to 0.20250902.0 by @dependabot[bot] in #1714
Bump k8s.io/code-generator from 0.33.4 to 0.34.0 by @dependabot[bot] in #1709
Bump github.com/sigstore/rekor from 1.4.1 to 1.4.2 by @dependabot[bot] in #1713
Bump sigstore/cosign-installer from 3.9.2 to 3.10.0 by @dependabot[bot] in #1721
Bump chainguard-dev/actions from 1.4.14 to 1.4.15 by @dependabot[bot] in #1720
Bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in #1722
Bump github.com/sigstore/timestamp-authority from 1.2.8 to 1.2.9 by @dependabot[bot] in #1726
Bump github.com/sigstore/rekor-tiles from 0.1.10 to 0.1.11 by @dependabot[bot] in #1723
Bump golang.org/x/net from 0.43.0 to 0.44.0 by @dependabot[bot] in #1724
Bump github.com/sigstore/sigstore-go from 1.1.2-0.20250811211025-bac873564adb to 1.1.2 by @dependabot[bot] in #1727
Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @dependabot[bot] in #1728
Bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @dependabot[bot] in #1731
Bump github.com/spf13/viper from 1.20.1 to 1.21.0 by @dependabot[bot] in #1730
Bump sigstore/cosign/cosign from v2.5.3 to v2.6.0 in /actions/setup-sigstore-env by @dependabot[bot] in #1732
Bump github.com/sigstore/cosign/v2 from 2.5.3 to 2.6.0 by @dependabot[bot] in #1729
Bump chainguard-dev/actions from 1.4.15 to 1.5.1 by @dependabot[bot] in #1734
Bump trillian-opensource-ci/db_server from ce905c8 to 834c7fe in /config/trillian/mysql by @dependabot[bot] in #1735
Get services from signing config for prober by @aaronlew02 in #1663
Add Rekor v2 and TSA probers by @aaronlew02 in #1719
Update prober for local testing by @aaronlew02 in #1733
Bump actions/cache from 4.2.4 to 4.3.0 by @dependabot[bot] in #1743
Bump sigs.k8s.io/release-utils from 0.12.1 to 0.12.2 by @dependabot[bot] in #1739
Bump chainguard-dev/actions from 1.5.1 to 1.5.2 by @dependabot[bot] in #1740
Bump github/codeql-action from 3.30.3 to 3.30.5 by @dependabot[bot] in #1737
Bump github.com/letsencrypt/boulder from 0.20250908.0 to 0.20250922.0 by @dependabot[bot] in #1736
Bump github.com/sigstore/sigstore-go from 1.1.2 to 1.1.3 by @dependabot[bot] in #1738
Bump github.com/go-openapi/strfmt from 0.23.0 to 0.24.0 by @dependabot[bot] in #1742
Bump github.com/go-openapi/swag/conv from 0.24.0 to 0.25.1 by @dependabot[bot] in #1741

New Contributors

@aaronlew02 made their first contribution in #1694

Full Changelog: sigstore/scaffolding@v0.7.24...v0.7.25

`v0.7.24`

Compare Source

Changelog

819d566 Bump github.com/sigstore/cosign/v2 from 2.5.0 to 2.5.2 (#1611)

Thanks to all contributors!

What's Changed

Revert "Fix dependabot" by @bobcallaway in #1576
Bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot in #1581
Bump golang.org/x/net from 0.39.0 to 0.40.0 by @dependabot in #1580
Bump github.com/sigstore/sigstore-go from 0.7.2 to 0.7.3 by @dependabot in #1579
Bump github.com/sigstore/timestamp-authority from 1.2.6 to 1.2.7 by @dependabot in #1578
Bump github.com/sigstore/sigstore-go from 0.7.3 to 1.0.0 by @dependabot in #1587
Bump k8s.io/client-go from 0.33.0 to 0.33.1 by @dependabot in #1582
Bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in #1588
Bump go.step.sm/crypto from 0.63.0 to 0.64.0 by @dependabot in #1589
setup-sigstore-env: Support signingconfig 0.2 by @jku in #1590
Bump go.step.sm/crypto from 0.64.0 to 0.66.0 by @dependabot in #1591
Bump golang.org/x/time from 0.11.0 to 0.12.0 by @dependabot in #1598
Bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot in #1593
Bump github.com/sigstore/timestamp-authority from 1.2.7 to 1.2.8 by @dependabot in #1595
Bump golang.org/x/crypto from 0.38.0 to 0.39.0 by @dependabot in #1596
Bump google.golang.org/grpc from 1.72.2 to 1.73.0 by @dependabot in #1594
Bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot in #1597
Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 by @dependabot in #1599
Bump github.com/go-sql-driver/mysql from 1.9.2 to 1.9.3 by @dependabot in #1600
Bump cloud-sql-connectors/cloud-sql-proxy from 2.16.0-alpine to 2.17.1-alpine by @dependabot in #1604
Bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot in #1603
Bump github.com/google/certificate-transparency-go from 1.3.1 to 1.3.2 by [@dependabot](https://redirect.github.c

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

red-hat-konflux · 2026-02-26T14:10:56Z

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: github.com/ThalesIgnite/crypto11@v1.6.0: parsing go.mod:
	module declares its path as: github.com/ThalesGroup/crypto11
	        but was required as: github.com/ThalesIgnite/crypto11

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

red-hat-konflux Bot added the dependencies label Feb 26, 2026

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-deps branch from e9be94b to 1193ada Compare February 26, 2026 18:43

chore(deps): update go dependencies

147316e

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go-deps branch from 1193ada to 147316e Compare February 27, 2026 02:22

build: run go mod tidy

04e1c84

JasonPowr approved these changes Feb 27, 2026

View reviewed changes

JasonPowr merged commit 47dd229 into main Feb 27, 2026
101 of 102 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update go dependencies#110

chore(deps): update go dependencies#110
JasonPowr merged 2 commits intomainfrom
konflux/mintmaker/main/go-deps

red-hat-konflux Bot commented Feb 26, 2026 •

edited

Loading

Uh oh!

red-hat-konflux Bot commented Feb 26, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

red-hat-konflux Bot commented Feb 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

CTFE

Tools

Log list library

Submission proxy

Other

Misc

Dependency updates

Improved rule indexing of variable assignments and x in {...} expressions (#​1841)

Runtime, SDK, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

Miscellaneous

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

Changelog

Thanks to all contributors!

What's Changed

Configuration

Documentation

Uh oh!

red-hat-konflux Bot commented Feb 26, 2026

⚠️ Artifact update problem

File name: go.sum

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

red-hat-konflux Bot commented Feb 26, 2026 •

edited

Loading

Improved rule indexing of variable assignments and `x in {...}` expressions (#1841)