Skip to content

chore(deps): update go dependencies #172

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
JasonPowr merged 3 commits into from
May 20, 2026
Merged

chore(deps): update go dependencies #172

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2ae406b
chore(deps): update go dependencies
red-hat-konflux[bot] May 20, 2026
e88e928
deps: run go mod tidy
JasonPowr May 20, 2026
c7dbe1f
fix: suppress linter issues
JasonPowr May 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,6 @@ jobs:
go-version-file: './go.mod'

- name: golangci-lint
uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
with:
version: v2.6
version: v2.12
2 changes: 1 addition & 1 deletion cmd/api-docs/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ const (
)

var (
links = map[string]string{
links = map[string]string{ //nolint:gosec // G101 false positive - these are URLs, not credentials
"metav1.ObjectMeta": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#objectmeta-v1-meta",
"metav1.ListMeta": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#listmeta-v1-meta",
"metav1.LabelSelector": "https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#labelselector-v1-meta",
Expand Down
2 changes: 1 addition & 1 deletion cmd/webhook/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ var (
)

func main() {
opts := webhook.Options{
opts := webhook.Options{ //nolint:gosec // G101 false positive - SecretName is a k8s resource name, not a credential
ServiceName: "webhook",
Port: 8443,
SecretName: "webhook-certs",
Expand Down
139 changes: 70 additions & 69 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
module github.com/sigstore/policy-controller

go 1.25.6
go 1.26.0

require (
github.com/aws/aws-sdk-go v1.55.7
github.com/aws/aws-sdk-go v1.55.8
github.com/aws/aws-sdk-go-v2 v1.41.7 // indirect
github.com/golang/snappy v1.0.0 // indirect
github.com/google/go-cmp v0.7.0
github.com/google/go-containerregistry v0.21.5
github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20260421225946-d4f10504a3c9
github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20260421225946-d4f10504a3c9
github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20260520013816-d807d512681c
github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20260520013816-d807d512681c
github.com/hashicorp/errwrap v1.1.0
github.com/hashicorp/go-cleanhttp v0.5.2
github.com/hashicorp/go-multierror v1.1.1
Expand All @@ -19,32 +19,30 @@ require (
github.com/hashicorp/go-secure-stdlib/strutil v0.1.2
github.com/hashicorp/go-sockaddr v1.0.7
github.com/hashicorp/golang-lru v1.0.2
github.com/hashicorp/hcl v1.0.1-vault-7
github.com/kelseyhightower/envconfig v1.4.0
github.com/letsencrypt/boulder v0.20260420.0
github.com/letsencrypt/boulder v0.20260518.0
github.com/mitchellh/go-homedir v1.1.0
github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c
github.com/ryanuber/go-glob v1.0.0
github.com/sigstore/cosign/v2 v2.5.0
github.com/sigstore/rekor v1.5.0
github.com/sigstore/sigstore v1.10.5
github.com/sigstore/rekor v1.5.1
github.com/sigstore/sigstore v1.10.6
github.com/stretchr/testify v1.11.1
github.com/theupdateframework/go-tuf v0.7.0
github.com/theupdateframework/go-tuf/v2 v2.4.2 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399
go.uber.org/zap v1.27.1
golang.org/x/crypto v0.50.0
golang.org/x/net v0.53.0
golang.org/x/sys v0.43.0 // indirect
go.uber.org/zap v1.28.0
golang.org/x/crypto v0.51.0
golang.org/x/net v0.54.0
golang.org/x/sys v0.44.0 // indirect
golang.org/x/time v0.15.0
google.golang.org/grpc v1.80.0 // indirect
google.golang.org/protobuf v1.36.11
google.golang.org/grpc v1.81.1 // indirect
google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af
gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.35.4
k8s.io/apimachinery v0.35.4
k8s.io/client-go v0.35.4
k8s.io/code-generator v0.35.4
k8s.io/kube-openapi v0.0.0-20260414162039-ec9c827d403f
knative.dev/hack v0.0.0-20260421155212-aeb7b4a9bf96
k8s.io/api v0.36.1
k8s.io/apimachinery v0.36.1
k8s.io/client-go v0.36.1
k8s.io/code-generator v0.36.1
k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288
knative.dev/hack v0.0.0-20260428014158-b2a37f1b6e7b
sigs.k8s.io/release-utils v0.12.4
sigs.k8s.io/yaml v1.6.0
)
Expand All @@ -58,19 +56,22 @@ require (
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.12.0
github.com/cenkalti/backoff/v4 v4.3.0
github.com/docker/docker v28.5.2+incompatible
github.com/docker/docker-credential-helpers v0.9.6
github.com/docker/docker-credential-helpers v0.9.7
github.com/docker/go-connections v0.7.0
github.com/go-jose/go-jose/v4 v4.1.4
github.com/hashicorp/hcl v1.0.1-vault-7
github.com/sigstore/cosign/v2 v2.4.3
github.com/sigstore/protobuf-specs v0.5.1
github.com/sigstore/scaffolding v0.7.22
github.com/sigstore/sigstore-go v1.1.4
github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.5
github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.5
github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.5
github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.5
github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.6
github.com/spf13/viper v1.21.0
github.com/theupdateframework/go-tuf v0.7.0
knative.dev/hack/schema v0.0.0-20260428014158-b2a37f1b6e7b
knative.dev/pkg v0.0.0-20260504154321-7a25a8db5ce0
knative.dev/pkg v0.0.0-20260507212125-df317a52d112
)

require (
Expand All @@ -84,8 +85,8 @@ require (
cloud.google.com/go/auth v0.20.0 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
cloud.google.com/go/compute/metadata v0.9.0 // indirect
cloud.google.com/go/iam v1.10.0 // indirect
cloud.google.com/go/kms v1.30.0 // indirect
cloud.google.com/go/iam v1.11.0 // indirect
cloud.google.com/go/kms v1.31.0 // indirect
cloud.google.com/go/longrunning v1.0.0 // indirect
cuelang.org/go v0.16.1 // indirect
github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.20.0 // indirect
Expand All @@ -102,7 +103,7 @@ require (
github.com/Azure/go-autorest/autorest/date v0.3.1 // indirect
github.com/Azure/go-autorest/logger v0.2.2 // indirect
github.com/Azure/go-autorest/tracing v0.6.1 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.7.1 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.7.2 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/ProtonMail/go-crypto v1.4.1 // indirect
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
Expand All @@ -116,22 +117,21 @@ require (
github.com/alibabacloud-go/openapi-util v0.1.2 // indirect
github.com/alibabacloud-go/tea v1.4.0 // indirect
github.com/alibabacloud-go/tea-utils v1.4.5 // indirect
github.com/alibabacloud-go/tea-utils/v2 v2.0.7 // indirect
github.com/alibabacloud-go/tea-utils/v2 v2.0.9 // indirect
github.com/alibabacloud-go/tea-xml v1.1.3 // indirect
github.com/aliyun/credentials-go v1.4.12 // indirect
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
github.com/aws/aws-sdk-go-v2/config v1.32.10 // indirect
github.com/aws/aws-sdk-go-v2/config v1.32.17 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.19.16 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.23 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.24 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.55.3 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.10 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.57.2 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.38.15 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.9 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.23 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.50.1 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.51.1 // indirect
github.com/aws/aws-sdk-go-v2/service/signin v1.0.11 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.30.17 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.21 // indirect
Expand All @@ -141,13 +141,13 @@ require (
github.com/blang/semver v3.5.1+incompatible // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/blendle/zapdriver v1.3.1 // indirect
github.com/buildkite/agent/v3 v3.118.0 // indirect
github.com/cenkalti/backoff/v5 v5.0.3 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 // indirect
github.com/clbanning/mxj/v2 v2.7.0 // indirect
github.com/cloudflare/circl v1.6.3 // indirect
github.com/cncf/xds/go v0.0.0-20260202195803-dba9d589def2 // indirect
github.com/cockroachdb/apd/v3 v3.2.1 // indirect
github.com/cockroachdb/apd/v3 v3.2.3 // indirect
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
Expand All @@ -159,15 +159,14 @@ require (
github.com/digitorus/timestamp v0.0.0-20250524132541-c45532741eea // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/cli v29.4.0+incompatible // indirect
github.com/docker/cli v29.5.1+incompatible // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/emicklei/go-restful/v3 v3.12.2 // indirect
github.com/envoyproxy/protoc-gen-validate v1.3.3 // indirect
github.com/emicklei/go-restful/v3 v3.13.0 // indirect
github.com/evanphx/json-patch/v5 v5.9.11 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.10.1 // indirect
github.com/fxamacker/cbor/v2 v2.9.0 // indirect
github.com/fxamacker/cbor/v2 v2.9.2 // indirect
github.com/gaganhr94/docker-credential-acr v1.0.2 // indirect
github.com/go-chi/chi/v5 v5.2.5 // indirect
github.com/go-logr/logr v1.4.3 // indirect
Expand All @@ -178,7 +177,8 @@ require (
github.com/go-openapi/jsonpointer v0.23.1 // indirect
github.com/go-openapi/jsonreference v0.21.5 // indirect
github.com/go-openapi/loads v0.23.3 // indirect
github.com/go-openapi/runtime v0.29.5 // indirect
github.com/go-openapi/runtime v0.31.0 // indirect
github.com/go-openapi/runtime/server-middleware v0.30.0 // indirect
github.com/go-openapi/spec v0.22.4 // indirect
github.com/go-openapi/strfmt v0.26.2 // indirect
github.com/go-openapi/swag v0.26.0 // indirect
Expand All @@ -194,12 +194,13 @@ require (
github.com/go-openapi/swag/typeutils v0.26.0 // indirect
github.com/go-openapi/swag/yamlutils v0.26.0 // indirect
github.com/go-openapi/validate v0.25.2 // indirect
github.com/go-piv/piv-go/v2 v2.5.0 // indirect
github.com/go-viper/mapstructure/v2 v2.5.0 // indirect
github.com/gobuffalo/flect v1.0.3 // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/goccy/go-json v0.10.6 // indirect
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
github.com/google/certificate-transparency-go v1.3.3 // indirect
github.com/google/gnostic-models v0.7.1 // indirect
github.com/google/go-github/v55 v55.0.0 // indirect
Expand All @@ -208,7 +209,7 @@ require (
github.com/google/uuid v1.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.15 // indirect
github.com/googleapis/gax-go/v2 v2.22.0 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0 // indirect
github.com/hashicorp/vault/api v1.23.0 // indirect
github.com/in-toto/attestation v1.2.0 // indirect
github.com/in-toto/in-toto-golang v0.11.0 // indirect
Expand Down Expand Up @@ -236,7 +237,7 @@ require (
github.com/natefinch/atomic v1.0.1 // indirect
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
github.com/oklog/ulid/v2 v2.1.1 // indirect
github.com/open-policy-agent/opa v1.16.1 // indirect
github.com/open-policy-agent/opa v1.16.2 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
Expand All @@ -255,9 +256,10 @@ require (
github.com/secure-systems-lab/go-securesystemslib v0.11.0 // indirect
github.com/segmentio/asm v1.2.1 // indirect
github.com/shibumi/go-pathspec v1.3.0 // indirect
github.com/sigstore/rekor-tiles/v2 v2.0.1 // indirect
github.com/sigstore/timestamp-authority v1.2.9 // indirect
github.com/sigstore/timestamp-authority/v2 v2.0.3 // indirect
github.com/sigstore/fulcio v1.8.5 // indirect
github.com/sigstore/rekor-tiles/v2 v2.2.1 // indirect
github.com/sigstore/timestamp-authority v1.2.4 // indirect
github.com/sigstore/timestamp-authority/v2 v2.0.6 // indirect
github.com/sirupsen/logrus v1.9.4 // indirect
github.com/spf13/afero v1.15.0 // indirect
github.com/spf13/cast v1.10.0 // indirect
Expand All @@ -266,18 +268,18 @@ require (
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
github.com/thales-e-security/pool v0.0.2 // indirect
github.com/theupdateframework/go-tuf/v2 v2.3.0 // indirect
github.com/tjfoc/gmsm v1.4.1 // indirect
github.com/transparency-dev/formats v0.1.0 // indirect
github.com/transparency-dev/merkle v0.0.2 // indirect
github.com/valyala/fastjson v1.6.10 // indirect
github.com/vbatts/tar-split v0.12.3 // indirect
github.com/vektah/gqlparser/v2 v2.5.32 // indirect
github.com/vektah/gqlparser/v2 v2.5.33 // indirect
github.com/x448/float16 v0.8.4 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/yashtewari/glob-intersection v0.2.0 // indirect
gitlab.com/gitlab-org/api/client-go v1.23.0 // indirect
github.com/zalando/go-keyring v0.2.8 // indirect
gitlab.com/gitlab-org/api/client-go v1.46.0 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.68.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.68.0 // indirect
Expand All @@ -299,28 +301,27 @@ require (
go.uber.org/multierr v1.11.0 // indirect
go.yaml.in/yaml/v2 v2.4.4 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f // indirect
golang.org/x/mod v0.35.0 // indirect
golang.org/x/mod v0.36.0 // indirect
golang.org/x/oauth2 v0.36.0 // indirect
golang.org/x/sync v0.20.0 // indirect
golang.org/x/term v0.42.0 // indirect
golang.org/x/text v0.36.0 // indirect
golang.org/x/tools v0.44.0 // indirect
golang.org/x/term v0.43.0 // indirect
golang.org/x/text v0.37.0 // indirect
golang.org/x/tools v0.45.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
google.golang.org/api v0.277.0 // indirect
google.golang.org/genproto v0.0.0-20260504160031-60b97b32f348 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20260504160031-60b97b32f348 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260504160031-60b97b32f348 // indirect
google.golang.org/api v0.280.0 // indirect
google.golang.org/genproto v0.0.0-20260519071638-aa98bba5eb94 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20260519071638-aa98bba5eb94 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260519071638-aa98bba5eb94 // indirect
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.67.1 // indirect
k8s.io/apiextensions-apiserver v0.35.4 // indirect
gopkg.in/ini.v1 v1.67.2 // indirect
k8s.io/apiextensions-apiserver v0.36.1 // indirect
k8s.io/gengo/v2 v2.0.0-20260408192533-25e2208e0dc3 // indirect
k8s.io/klog/v2 v2.130.1 // indirect
k8s.io/utils v0.0.0-20260319190234-28399d86e0b5 // indirect
k8s.io/klog/v2 v2.140.0 // indirect
k8s.io/utils v0.0.0-20260507154919-ff6756f316d2 // indirect
sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
sigs.k8s.io/randfill v1.0.0 // indirect
sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
sigs.k8s.io/structured-merge-diff/v6 v6.4.0 // indirect
)

// TODO: this dependency causes issues on webhook startup due
Expand All @@ -329,6 +330,6 @@ replace github.com/golang/glog => github.com/jdolitsky/glog v0.0.0-2021082011531

replace (
// knative deps require to use an old k8s.io/gengo so we need to replace these ones
k8s.io/code-generator => k8s.io/code-generator v0.35.4
k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20260414162039-ec9c827d403f
k8s.io/code-generator => k8s.io/code-generator v0.36.1
k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288
)
Loading
Loading