chore(deps): bump the go group with 17 updates #1261

dependabot · 2025-01-19T09:01:12Z

Bumps the go group with 17 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2	`1.32.8`	`1.33.0`
github.com/aws/aws-sdk-go-v2/config	`1.28.10`	`1.29.1`
github.com/aws/aws-sdk-go-v2/credentials	`1.17.51`	`1.17.54`
github.com/aws/aws-sdk-go-v2/feature/s3/manager	`1.17.48`	`1.17.52`
github.com/aws/aws-sdk-go-v2/service/ecr	`1.38.3`	`1.38.6`
github.com/aws/aws-sdk-go-v2/service/s3	`1.72.2`	`1.73.2`
github.com/containers/image/v5	`5.33.0`	`5.33.1`
github.com/docker/cli	`27.4.1+incompatible`	`27.5.0+incompatible`
github.com/docker/docker	`27.4.1+incompatible`	`27.5.0+incompatible`
github.com/sigstore/rekor	`1.3.7`	`1.3.8`
helm.sh/helm/v3	`3.16.4`	`3.17.0`
k8s.io/api	`0.32.0`	`0.32.1`
k8s.io/apiextensions-apiserver	`0.32.0`	`0.32.1`
k8s.io/apimachinery	`0.32.0`	`0.32.1`
k8s.io/cli-runtime	`0.32.0`	`0.32.1`
k8s.io/client-go	`0.32.0`	`0.32.1`
sigs.k8s.io/controller-runtime	`0.19.4`	`0.20.0`

Updates github.com/aws/aws-sdk-go-v2 from 1.32.8 to 1.33.0

Commits

8fac7d4 Release 2025-01-15
9eff8ac Regenerated Clients
f47aa72 Update endpoints model
5934dd3 Update API model
6636822 feat: flexible checksum updates (#2808)
4ffbb7c Release 2025-01-14
2f70ff4 Regenerated Clients
434159f Update endpoints model
a80fac9 Update API model
44e779a fix several waiter issues (#2953)
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.10 to 1.29.1

Commits

fa8a15e Release 2025-01-17
e08f26d Regenerated Clients
177bcda Update endpoints model
a5b6a2f Update API model
74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
7ea97e5 Add integration test case for flex checksum (#2967)
c578cdd Release 2025-01-16
45afab3 Regenerated Clients
30703fe Update partitions file
de0c8ef Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.51 to 1.17.54

Commits

fa8a15e Release 2025-01-17
e08f26d Regenerated Clients
177bcda Update endpoints model
a5b6a2f Update API model
74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
7ea97e5 Add integration test case for flex checksum (#2967)
c578cdd Release 2025-01-16
45afab3 Regenerated Clients
30703fe Update partitions file
de0c8ef Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.48 to 1.17.52

Commits

4ffbb7c Release 2025-01-14
2f70ff4 Regenerated Clients
434159f Update endpoints model
a80fac9 Update API model
44e779a fix several waiter issues (#2953)
ca3399b Release 2025-01-13
602e3da Regenerated Clients
b79c6b7 Update endpoints model
2746203 Update API model
7a7d202 Release 2025-01-10
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.38.3 to 1.38.6

Commits

fa8a15e Release 2025-01-17
e08f26d Regenerated Clients
177bcda Update endpoints model
a5b6a2f Update API model
74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
7ea97e5 Add integration test case for flex checksum (#2967)
c578cdd Release 2025-01-16
45afab3 Regenerated Clients
30703fe Update partitions file
de0c8ef Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.72.2 to 1.73.2

Commits

fa8a15e Release 2025-01-17
e08f26d Regenerated Clients
177bcda Update endpoints model
a5b6a2f Update API model
74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
7ea97e5 Add integration test case for flex checksum (#2967)
c578cdd Release 2025-01-16
45afab3 Regenerated Clients
30703fe Update partitions file
de0c8ef Update endpoints model
Additional commits viewable in compare view

Updates github.com/containers/image/v5 from 5.33.0 to 5.33.1

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.33.1

[release-5.33] Bump c/storage to v1.56.1, c/image to v5.33.1 by @TomSweeneyRedHat in containers/image#2683

Full Changelog: containers/image@v5.33.0...v5.33.1

Commits

44ce03e [release-5.33] Bump c/image to v5.33.1
3d4c26e [release-5.33] Bump c/storage to v1.56.1
See full diff in compare view

Updates github.com/docker/cli from 27.4.1+incompatible to 27.5.0+incompatible

Commits

a187fa5 Merge pull request #5736 from thaJeztah/27.x_vendor_docker_27.5.0
e32d69e vendor: github.com/docker/docker 38b84dce32c4 (v27.5.0)
2767e9e Merge pull request #5732 from thaJeztah/27.x_vendor_docker_27.5.0-rc.2
a999a40 Merge pull request #5735 from vvoland/5734-27.x
b277537 gha/build: Publish bin image for release branches
919350d vendor: github.com/docker/docker v27.5.0-rc.2
80f7848 Merge pull request #5726 from thaJeztah/27.x_update_engine
0d27375 Merge pull request #5723 from thaJeztah/27.x_backport_rm_oom_score_adj
0ced103 vendor: github.com/docker/docker 43fc912ef59a (v27.5.0-rc.2)
f068c14 contrib/completion: remove --oom-score-adj daemon flag
Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.1+incompatible to 27.5.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 27.5.0 milestone

moby/moby, 27.5.0 milestone

Bugfixes and enhancements

containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194

Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137

Preserve network labels during daemon startup. moby/moby#49200

Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247

pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209

pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255

pkg/reexec: This package is deprecated and moved to a separate module. Use github.com/moby/sys/reexec instead. moby/moby#49135

Packaging updates

Update containerd to v1.7.25 moby/moby#49253

Update runc to v1.2.4 moby/moby#49243

Update BuildKit to v0.18.2 moby/moby#48949

Update Compose to v2.32.2 docker/docker-ce-packaging#1140

v27.5.0-rc.2

27.5.0-rc.2

This is a pre-release of the upcoming 27.5.0 release.

Pre-releases are intended for testing new releases: only install in a test environment!
curl -fsSL https://get.docker.com -o get-docker.sh
sudo CHANNEL=test sh get-docker.sh
Known issues:

There is no changelog yet; an overview of pull requests included in this release can be found on GitHub:

docker cli: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0

docker engine: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0

There are no packages available yet for the s390x and ppc64le architectures

Bugs and regressions can be reported in these issue trackers:

... (truncated)

Commits

38b84dc Merge pull request #49255 from thaJeztah/27.x_backport_ioutils_more_deprecations
ae82113 Merge pull request #49253 from thaJeztah/27.x_backport_bump_containerd_binary...
8a2fd51 pkg/ioutils: deprecate NopWriteCloser
cf37b66 pkg/ioutils: deprecate NopWriter
c83f658 Dockerfile: update containerd to v1.7.25
931be8e Merge pull request #49246 from thaJeztah/27.x_backport_ioutils_deprecations
2e1aee3 Merge pull request #49249 from robmry/backport-27.x/fix_unit_tests_for_nftabl...
f53d72e Fix unit tests for an nftables host
55f7055 Merge pull request #49243 from thaJeztah/27.x_backport_bump_runc_binary_1.2.4
36ad318 Merge pull request #49247 from thaJeztah/27.x_backport_deprecate_runtime_numcpu
Additional commits viewable in compare view

Updates github.com/sigstore/rekor from 1.3.7 to 1.3.8

Release notes

Sourced from github.com/sigstore/rekor's releases.

v1.3.8

Changelog

Please see https://github.com/sigstore/rekor/blob/main/CHANGELOG.md for changes included in this release.

New Contributors

@sgpinkus made their first contribution in sigstore/rekor#2322

@dnwe made their first contribution in sigstore/rekor#2325

Full Changelog: sigstore/rekor@v1.3.7...v1.3.8

Changelog

Sourced from github.com/sigstore/rekor's changelog.

v1.3.8

Bug Fixes

fix zizmor issues (#2298)

remove unneeded value in log message (#2282)

Quality Enhancements

chore: relax go directive to permit 1.22.x

fetch minisign from homebrew instead of custom ppa (#2329)

fix(ci): simplify GOVERSION extraction

chore(deps): bump actions pins to latest

Updates go and golangci-lint (#2302)

update builder to use go1.23.4 (#2301)

clean up spaces

log request body on 500 error to aid debugging (#2283)

Contributors

Appu Goundan

Bob Callaway

Carlos Tadeu Panato Junior

Dominic Evans

sgpinkus

Commits

88b5ce5 add changelog for v1.3.8 (#2331)
1e9cdae chore: relax go directive to permit 1.22.x
dcad58c build(deps): Bump google.golang.org/api from 0.214.0 to 0.216.0 (#2328)
1082f48 build(deps): Bump the all group with 11 updates (#2327)
362ccea build(deps): Bump google/cloud-sdk from 504.0.1 to 505.0.0 (#2326)
c505919 fetch minisign from homebrew instead of custom ppa (#2329)
280c8c1 fix(ci): simplify GOVERSION extraction
7bf4b21 chore(deps): bump actions pins to latest
513c30e Update types.md (#2322)
8f7b5a0 build(deps): Bump sigs.k8s.io/release-utils from 0.8.5 to 0.9.0
Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.16.4 to 3.17.0

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.17.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

Join the discussion in Kubernetes Slack:

for questions and just to hang out

for discussing PRs, code, and bugs

Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom

Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

Allow pulling and installation by OCI digest

Annotations and dependencies are now in chart metadata output

New --take-ownership flag for install and upgrade commands

SDK: Authorizer and registry authorizer are now configurable

Removed the Kubernetes configuration file permissions check

Added username/password to helm push and dependency build/update subcommands

Added toYamlPretty template function

Installation and Upgrading

Download Helm v3.17.0. The common platform binaries are here:

MacOS amd64 (checksum / 0d5fd51cf51eb4b9712d52ecd8f2a3cd865680595cca57db38ee01802bd466ea)

MacOS arm64 (checksum / 5db292c69ba756ddbf139abb623b02860feef15c7f1a4ea69b77715b9165a261)

Linux amd64 (checksum / fb5d12662fde6eeff36ac4ccacbf3abed96b0ee2de07afdde4edb14e613aee24)

Linux arm (checksum / a388478049bf4ad440fa394f28421aa43cec3631ba197a8203c485edbec3e3fe)

Linux arm64 (checksum / c4d4be8e80082b7eaa411e3e231d62cf05d01cddfef59b0d01006a7901e11ee4)

Linux i386 (checksum / af89be03bb15175cd27573b48f4b9621e08982ab7788dd36e073baac988d6b2e)

Linux ppc64le (checksum / 32833acf72b240e9ca78a3eac630a0ba420e073b02df3030c369a287b8bdc769)

Linux s390x (checksum / 4b002d673ef35d78843c45cc169faf1040eec75937f19fccce41d2074f459653)

Linux riscv64 (checksum / 38297aca2046fd13f2e0415ecc9cdb006f4008b286467f5f217187647dbbab5b)

Windows amd64 (checksum / 0625e51437107991922f76adbec4a4f12a4438942182677399ab758a3ec8bdc5)

Windows arm64 (checksum / 5fd16dde353aa5909562f127befea8db3879ecf63050fea3fb106ff8bfdd1a9c)

This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at @r6by keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

3.17.1 is the next patch release and will be on February 12, 2025

3.18.0 is the next minor release and will be on May 14, 2025

Changelog

bump version to v3.17.0 301108edc7ac2a8ba79e4ebf5701b0b6ce6a31e4 (Matt Farina)

fix: make ORAS reference private 949b2e604067a43797c640db4d6ed69af7aa3e5b (Terry Howe)

fix: issue with helm template and oci chart aba95b9cb4827fe932e5eebabd55513333543d7c (Terry Howe)

... (truncated)

Commits

301108e bump version to v3.17.0
0ac5d28 Merge pull request #13588 from mattfarina/v3-backport-oci-digest
949b2e6 fix: make ORAS reference private
aba95b9 fix: issue with helm template and oci chart
c3e5217 feat: allow installation by OCI digest
fbfbf1a Merge pull request #13555 from helm/dependabot/go_modules/dev-v3/k8s-io-b0222...
33a0ee7 Bump the k8s-io group with 7 updates
c6b8d2b Merge pull request #13585 from mattfarina/backport-xnet-33-fix
79993d2 Upgrade golang.org/x/net to v0.33.0 to address CVE-2024-45338
9ade3b5 Merge pull request #13574 from gjenkins8/v3_13343
Additional commits viewable in compare view

Updates k8s.io/api from 0.32.0 to 0.32.1

Commits

bc0564c Update dependencies to v0.32.1 tag
25d8df3 Merge pull request #129544pohly/automated-cherry-pick-of-#129543
5b9e013 DRA API: bump maximum size of ReservedFor to 256
See full diff in compare view

Updates k8s.io/apiextensions-apiserver from 0.32.0 to 0.32.1

Commits

ab6ba90 Update dependencies to v0.32.1 tag
See full diff in compare view

Updates k8s.io/apimachinery from 0.32.0 to 0.32.1

Commits

See full diff in compare view

Updates k8s.io/cli-runtime from 0.32.0 to 0.32.1

Commits

e76aa84 Update dependencies to v0.32.1 tag
See full diff in compare view

Updates k8s.io/client-go from 0.32.0 to 0.32.1

Commits

9d43434 Update dependencies to v0.32.1 tag
See full diff in compare view

Updates sigs.k8s.io/controller-runtime from 0.19.4 to 0.20.0

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.20.0

Highlights

Based on k8s.io/* v1.32 libraries and minimum Go version is now v1.23

New experimental priority queue feature

More details in #3013 and #2374

Can be enabled via manager.Options.Controller.UsePriorityQueue

Please give it a try and provide feedback in #2374

AggregatedDiscovery is automatically used when available (#2901)

As usual, many improvements to the fake client

Changes since v0.19.0

⚠️ Breaking Changes

Bump to k8s.io/* v1.32 libraries (#2971 #2990 #3001 #3007 #3029 #3043)

logging: Stop deduplicating API warnings by default (#2953)

webhook: Stop deleting unknown fields in CustomDefaulter (#2982 #3056)

webhook: Remove deprecated Defaulter and Validator (#2877 #2945)

cluster: Remove deprecated SyncPeriod option (#2970)

✨ New Features

cache: Add EnableWatchBookmarks option (defaults to true) (#3017)

cache: Export NewInformer option (#3061)

cert-watcher: Add polling (#3020 #3050)

controller: Add experimental priority queue (off per default) (#3013 #3014 #3060 #3066)

fake client: Allow adding indexes at runtime (#3021)

fake client: Add support for ServiceAccountToken subresource (#2969)

restmapper: Use AggregatedDiscovery if available (#2901)

util: Add HasOwnerReference func (#2882)

webhook: Add custom path option (#2998)

🐛 Bug Fixes

controller: Error when source.Start() never returns (#2997 #3006 #3008)

fake client: Don't return items on invalid selector (#3022)

fake client: Fix TOCTOU races (#2980)

fake client: Preserve TypeMeta during Get call with PartialObjectMeta (#2949)

fake client: Preserve TypeMeta during List call with UnstructuredList (#3074)

manager: Fix RenewDeadline typo in leader election (#3032)

manager: Use leader elector with client timeout (#3028 #3034)

🌱 Others

cache: Switch to Go 1.23+ stdlib maps/slices packages (#3012)

controller: Log the syncing source when WaitForSync fails (#3016)

setup-envtest: drop support for GCS (#2915)

Some fixes for typos (#3011 #3033 #2993)

... (truncated)

Commits

8f7e114 Merge pull request #3074 from sbueringer/pr-fix-fake-list
3b23354 fake client: preserve TypeMeta during List call with UnstructuredList
1ec7c1b Merge pull request #3069 from kubernetes-sigs/dependabot/github_actions/all-g...
189b6d8 🌱 Bump the all-github-actions group across 1 directory with 3 updates
d19d76c Merge pull request #3066 from alvaroaleman/fix-wow
e667a8f 🐛 Fix a bug in the priorityqueue metrics
1de5a3e Merge pull request #3062 from ranakan19/cache_options
2484715 Merge pull request #3064 from alvaroaleman/remove-gosec
3b0b995 🌱 Remove gosec linter
c80ea33 Merge pull request #3060 from alvaroaleman/pq-2
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go group with 17 updates: | Package | From | To | | --- | --- | --- | | [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.32.8` | `1.33.0` | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.28.10` | `1.29.1` | | [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.17.51` | `1.17.54` | | [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.17.48` | `1.17.52` | | [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) | `1.38.3` | `1.38.6` | | [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.72.2` | `1.73.2` | | [github.com/containers/image/v5](https://github.com/containers/image) | `5.33.0` | `5.33.1` | | [github.com/docker/cli](https://github.com/docker/cli) | `27.4.1+incompatible` | `27.5.0+incompatible` | | [github.com/docker/docker](https://github.com/docker/docker) | `27.4.1+incompatible` | `27.5.0+incompatible` | | [github.com/sigstore/rekor](https://github.com/sigstore/rekor) | `1.3.7` | `1.3.8` | | [helm.sh/helm/v3](https://github.com/helm/helm) | `3.16.4` | `3.17.0` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.32.0` | `0.32.1` | | [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.32.0` | `0.32.1` | | [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.32.0` | `0.32.1` | | [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.32.0` | `0.32.1` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.32.0` | `0.32.1` | | [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.19.4` | `0.20.0` | Updates `github.com/aws/aws-sdk-go-v2` from 1.32.8 to 1.33.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@v1.32.8...v1.33.0) Updates `github.com/aws/aws-sdk-go-v2/config` from 1.28.10 to 1.29.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@config/v1.28.10...config/v1.29.1) Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.51 to 1.17.54 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.51...credentials/v1.17.54) Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.17.48 to 1.17.52 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.48...credentials/v1.17.52) Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.38.3 to 1.38.6 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.38.3...service/ecr/v1.38.6) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.72.2 to 1.73.2 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.72.2...service/s3/v1.73.2) Updates `github.com/containers/image/v5` from 5.33.0 to 5.33.1 - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.33.0...v5.33.1) Updates `github.com/docker/cli` from 27.4.1+incompatible to 27.5.0+incompatible - [Commits](docker/cli@v27.4.1...v27.5.0) Updates `github.com/docker/docker` from 27.4.1+incompatible to 27.5.0+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.4.1...v27.5.0) Updates `github.com/sigstore/rekor` from 1.3.7 to 1.3.8 - [Release notes](https://github.com/sigstore/rekor/releases) - [Changelog](https://github.com/sigstore/rekor/blob/main/CHANGELOG.md) - [Commits](sigstore/rekor@v1.3.7...v1.3.8) Updates `helm.sh/helm/v3` from 3.16.4 to 3.17.0 - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.16.4...v3.17.0) Updates `k8s.io/api` from 0.32.0 to 0.32.1 - [Commits](kubernetes/api@v0.32.0...v0.32.1) Updates `k8s.io/apiextensions-apiserver` from 0.32.0 to 0.32.1 - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.32.0...v0.32.1) Updates `k8s.io/apimachinery` from 0.32.0 to 0.32.1 - [Commits](kubernetes/apimachinery@v0.32.0...v0.32.1) Updates `k8s.io/cli-runtime` from 0.32.0 to 0.32.1 - [Commits](kubernetes/cli-runtime@v0.32.0...v0.32.1) Updates `k8s.io/client-go` from 0.32.0 to 0.32.1 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.32.0...v0.32.1) Updates `sigs.k8s.io/controller-runtime` from 0.19.4 to 0.20.0 - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.19.4...v0.20.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/docker/cli dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/sigstore/rekor dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2025-01-19T09:02:50Z

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	5
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	14
HIGH RISK LICENSES	9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

dependabot bot requested a review from a team as a code owner January 19, 2025 09:01

dependabot bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Jan 19, 2025

github-actions bot added the size/m Medium label Jan 19, 2025

hilmarf added this to the 2025-Q1 milestone Jan 20, 2025

hilmarf enabled auto-merge (squash) January 20, 2025 07:31

hilmarf approved these changes Jan 20, 2025

View reviewed changes

hilmarf merged commit 28bfd87 into main Jan 20, 2025
24 checks passed

hilmarf deleted the dependabot/go_modules/go-8ec6fd8bc4 branch January 20, 2025 07:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the go group with 17 updates #1261

chore(deps): bump the go group with 17 updates #1261

dependabot bot commented on behalf of github Jan 19, 2025

github-actions bot commented Jan 19, 2025

chore(deps): bump the go group with 17 updates #1261

chore(deps): bump the go group with 17 updates #1261

Conversation

dependabot bot commented on behalf of github Jan 19, 2025

v5.33.1

v27.5.0

27.5.0

Bugfixes and enhancements

Go SDK

Packaging updates

v27.5.0-rc.2

27.5.0-rc.2

Known issues:

v1.3.8

Changelog

New Contributors

v1.3.8

Bug Fixes

Quality Enhancements

Contributors

Notable Changes

Installation and Upgrading

What's Next

Changelog

v0.20.0

Highlights

Changes since v0.19.0

⚠️ Breaking Changes

✨ New Features

🐛 Bug Fixes

🌱 Others

github-actions bot commented Jan 19, 2025

Mend Scan Summary: ❌

Repository: open-component-model/ocm