chore(deps): bump the all group across 1 directory with 21 updates#1768
Merged
Conversation
Bumps the all group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.62.1` | `1.63.0` | | [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.5` | `0.21.7` | | [github.com/in-toto/go-witness](https://github.com/in-toto/go-witness) | `0.10.0` | `0.11.0` | | [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.10.6` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.10.6` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.10.6` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.10.6` | `1.10.8` | | [github.com/spiffe/go-spiffe/v2](https://github.com/spiffe/go-spiffe) | `2.6.0` | `2.8.1` | | [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `1.12.0` | `1.14.0` | | [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.81.1` | `1.82.0` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.36.1` | `0.36.2` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.36.1` | `0.36.2` | | [k8s.io/code-generator](https://github.com/kubernetes/code-generator) | `0.36.1` | `0.36.2` | Updates `cloud.google.com/go/storage` from 1.62.1 to 1.63.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@storage/v1.62.1...compute/v1.63.0) Updates `github.com/google/go-containerregistry` from 0.21.5 to 0.21.7 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.21.5...v0.21.7) Updates `github.com/in-toto/go-witness` from 0.10.0 to 0.11.0 - [Release notes](https://github.com/in-toto/go-witness/releases) - [Commits](in-toto/go-witness@v0.10.0...v0.11.0) Updates `github.com/sigstore/sigstore` from 1.10.6 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.6...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.10.6 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.6...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.10.6 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.6...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.10.6 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.6...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.10.6 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.6...v1.10.8) Updates `github.com/spiffe/go-spiffe/v2` from 2.6.0 to 2.8.1 - [Release notes](https://github.com/spiffe/go-spiffe/releases) - [Changelog](https://github.com/spiffe/go-spiffe/blob/main/CHANGELOG.md) - [Commits](spiffe/go-spiffe@v2.6.0...v2.8.1) Updates `github.com/tektoncd/pipeline` from 1.12.0 to 1.14.0 - [Release notes](https://github.com/tektoncd/pipeline/releases) - [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md) - [Commits](tektoncd/pipeline@v1.12.0...v1.14.0) Updates `go.opentelemetry.io/otel` from 1.43.0 to 1.44.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.43.0...v1.44.0) Updates `go.opentelemetry.io/otel/metric` from 1.43.0 to 1.44.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.43.0...v1.44.0) Updates `go.opentelemetry.io/otel/sdk/metric` from 1.43.0 to 1.44.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.43.0...v1.44.0) Updates `golang.org/x/crypto` from 0.51.0 to 0.53.0 - [Commits](golang/crypto@v0.51.0...v0.53.0) Updates `golang.org/x/exp` from 0.0.0-20260312153236-7ab1446f8b90 to 0.0.0-20260410095643-746e56fc9e2f - [Commits](https://github.com/golang/exp/commits) Updates `google.golang.org/grpc` from 1.81.1 to 1.82.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.81.1...v1.82.0) Updates `k8s.io/api` from 0.36.1 to 0.36.2 - [Commits](kubernetes/api@v0.36.1...v0.36.2) Updates `k8s.io/apimachinery` from 0.36.1 to 0.36.2 - [Commits](kubernetes/apimachinery@v0.36.1...v0.36.2) Updates `k8s.io/client-go` from 0.36.1 to 0.36.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.36.1...v0.36.2) Updates `k8s.io/code-generator` from 0.36.1 to 0.36.2 - [Commits](kubernetes/code-generator@v0.36.1...v0.36.2) Updates `knative.dev/pkg` from 0.0.0-20260318013857-98d5a706d4fd to 0.0.0-20260531000007-52dbd5ece63f - [Commits](https://github.com/knative/pkg/commits) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-version: 1.63.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/google/go-containerregistry dependency-version: 0.21.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/in-toto/go-witness dependency-version: 0.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/sigstore/sigstore dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/spiffe/go-spiffe/v2 dependency-version: 2.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github.com/tektoncd/pipeline dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: go.opentelemetry.io/otel dependency-version: 1.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: go.opentelemetry.io/otel/metric dependency-version: 1.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-version: 1.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/crypto dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golang.org/x/exp dependency-version: 0.0.0-20260410095643-746e56fc9e2f dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: google.golang.org/grpc dependency-version: 1.82.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: k8s.io/api dependency-version: 0.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/apimachinery dependency-version: 0.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/client-go dependency-version: 0.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/code-generator dependency-version: 0.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: knative.dev/pkg dependency-version: 0.0.0-20260531000007-52dbd5ece63f dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>
Member
|
/retest |
6 tasks
…1772) Signed-off-by: Shubham Bhardwaj <shubbhar@redhat.com>
Member
|
/hold |
Member
|
/unhold |
Member
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jkhelil The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the all group with 13 updates in the / directory:
1.62.11.63.00.21.50.21.70.10.00.11.01.10.61.10.81.10.61.10.81.10.61.10.81.10.61.10.82.6.02.8.11.12.01.14.01.81.11.82.00.36.10.36.20.36.10.36.20.36.10.36.2Updates
cloud.google.com/go/storagefrom 1.62.1 to 1.63.0Release notes
Sourced from cloud.google.com/go/storage's releases.
Commits
033f4fechore: librarian release pull request: 20260514T191310Z (#14589)bf1c57achore(agentplatform): Organize the replay tests.d600fbbchore(agentplatform): Mock backend for unit testingec55a12test(spanner): retry query after database recreation in integration test (#14...66574dbfix(agentplatform): Set the agentplatform's dedicated user-agent in header.9072072fix(pubsub/v2/pstest): make ackIDs unique per delivery (#14554)9873268refactor(pubsub/v2): flatten implementation control logic for Ack and ModAck ...b1db39echore(storage): Fix corner cases in MRD (#14522)df96b2efeat: update API sources and regenerate (#14581)658faa8fix(bigquery): handle reset case for table clustering (#14579)Updates
github.com/google/go-containerregistryfrom 0.21.5 to 0.21.7Release notes
Sourced from github.com/google/go-containerregistry's releases.
... (truncated)
Commits
c68d899Bump go version to 1.26.4 (#2350)da61d86transport: do not re-attach bearer token after cross-host redirect (#2349)09fe1e5fix(tarball): normalize paths when matching files (#2334)5baa399build(deps): bump the go-deps group across 3 directories with 4 updates (#2348)97a8a17fix(transport): apply refreshed bearer token after cross-host redirect (#2337)e963497internal/gzip: fix goroutine leak in ReadCloserLevel (#2347)02649eafix: prevent SSRF in google.List() pagination (#2332)7204b40build(deps): bump the actions group across 1 directory with 2 updates (#2344)4cfaa93build(deps): bump the go-deps group across 1 directory with 2 updates (#2343)6849394pkg/registry: export RedirectError (#2177)Updates
github.com/in-toto/go-witnessfrom 0.10.0 to 0.11.0Commits
8d09cb4fix(ci): add write permissions to release workflow to allow attestation creat...711119bfix(ci): save attestations and upload to workflow run instead of sending to a...93a9da1chore: bump github.com/aws/aws-sdk-go-v2/config from 1.32.22 to 1.32.25 (#751)d0c1e71chore: bump github/codeql-action from 4.36.1 to 4.36.2 (#749)46ce9c9chore: bump go.step.sm/crypto from 0.81.0 to 0.81.1 (#752)e34241bchore: bump github.com/aws/aws-sdk-go-v2/feature/ec2/imds from 1.18.27 to 1.1...5183a28chore: bump github.com/sigstore/sigstore from 1.10.6 to 1.10.8 (#754)ff4d56cAddnetworktraceattestor with support for invisible TCP proxy (#629)a7a9708chore: bump github.com/aws/aws-sdk-go-v2/service/codebuild from 1.68.14 to 1....35150c3chore: bump github/codeql-action from 4.36.0 to 4.36.1 (#744)Updates
github.com/sigstore/sigstorefrom 1.10.6 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/awsfrom 1.10.6 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/azurefrom 1.10.6 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/gcpfrom 1.10.6 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/hashivaultfrom 1.10.6 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/spiffe/go-spiffe/v2from 2.6.0 to 2.8.1Release notes
Sourced from github.com/spiffe/go-spiffe/v2's releases.
Changelog
Sourced from github.com/spiffe/go-spiffe/v2's changelog.
Commits
e9973f6v2.8.1 changelog (#396)bbc6dc1Add wit-svid to marshaled WIT bundle keys (#395)dbebcf8v2.8.0 changelog (#394)f685b2dAdd Broker API (#388)76b14bdv2.7.0 changelog (#392)8580a01Add missing witbundle APIs for parity with jwtbundle (#391)280d52efix(x509svid): reject leaf SPIFFE IDs with root path (#375)c7f2701Add WIT-SVID (#385)af3667aBump google.golang.org/grpc from 1.75.0 to 1.79.3 (#380)c925be7Bump christophebedard/dco-check from 0.5.0 to 0.5.1 (#390)Updates
github.com/tektoncd/pipelinefrom 1.12.0 to 1.14.0Release notes
Sourced from github.com/tektoncd/pipeline's releases.
... (truncated)
Changelog
Sourced from github.com/tektoncd/pipeline's changelog.
... (truncated)
Commits
8afd0f7Fix race condition in TestStepTimeout29270cdbuild(deps): bump github.com/spiffe/go-spiffe/v2 from 2.7.0 to 2.8.14bd5a94feat(tracing): record errors on TaskRun createPod and update spans8462269Add namespace attribute to cancel/timeout child spans88f102ffeat(tracing): add spans to PipelineRun cancel and timeout paths4a8636cfix(taskrun): prevent concurrent map writes when resolving StepAction refsfcd1e0cci: pin ko to v0.18.1 to avoid v0.19.0 regressionsa538445fix: replace kodata LICENSE symlinks with actual files9f71682chore(docs): fix "pipeline" typo in examplese8f857cbuild(deps): bump chainguard-dev/actions/setup-kindUpdates
go.opentelemetry.io/otelfrom 1.43.0 to 1.44.0Changelog
Sourced from go.opentelemetry.io/otel's changelog.