Skip to content

chore(deps): update go dependencies#341

Open
red-hat-konflux[bot] wants to merge 1 commit into
release-1.3from
konflux/mintmaker/release-1.3/go-deps
Open

chore(deps): update go dependencies#341
red-hat-konflux[bot] wants to merge 1 commit into
release-1.3from
konflux/mintmaker/release-1.3/go-deps

Conversation

@red-hat-konflux
Copy link
Copy Markdown

@red-hat-konflux red-hat-konflux Bot commented Apr 28, 2026
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
cloud.google.com/go/iam indirect minor v1.9.0v1.11.0
cloud.google.com/go/kms indirect minor v1.29.0v1.31.0
cloud.google.com/go/longrunning indirect major v0.11.0v1.0.0
cloud.google.com/go/security require minor v1.22.0v1.24.0
github.com/AzureAD/microsoft-authentication-library-for-go indirect patch v1.7.1v1.7.2
github.com/Masterminds/semver/v3 indirect minor v3.4.0v3.5.0
github.com/aws/aws-sdk-go indirect patch v1.55.6v1.55.8
github.com/aws/aws-sdk-go-v2 indirect patch v1.41.6v1.41.7
github.com/aws/aws-sdk-go-v2/config indirect patch v1.32.14v1.32.17
github.com/aws/aws-sdk-go-v2/credentials indirect patch v1.19.15v1.19.16
github.com/aws/aws-sdk-go-v2/feature/ec2/imds indirect patch v1.18.22v1.18.23
github.com/aws/aws-sdk-go-v2/internal/configsources indirect patch v1.4.22v1.4.23
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 indirect patch v2.7.22v2.7.23
github.com/aws/aws-sdk-go-v2/internal/v4a indirect patch v1.4.23v1.4.24
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding indirect patch v1.13.8v1.13.9
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url indirect patch v1.13.22v1.13.23
github.com/aws/aws-sdk-go-v2/service/kms indirect minor v1.50.5v1.52.0
github.com/aws/aws-sdk-go-v2/service/signin indirect patch v1.0.10v1.0.11
github.com/aws/aws-sdk-go-v2/service/sso indirect patch v1.30.16v1.30.17
github.com/aws/aws-sdk-go-v2/service/ssooidc indirect patch v1.35.20v1.35.21
github.com/aws/aws-sdk-go-v2/service/sts indirect patch v1.42.0v1.42.1
github.com/aws/smithy-go indirect patch v1.25.0v1.25.1
github.com/cenkalti/backoff/v4 indirect major v4.3.0v5.0.3
github.com/fsnotify/fsnotify indirect minor v1.9.0v1.10.1
github.com/go-chi/chi require major v4.1.2+incompatiblev5.2.5
github.com/go-openapi/runtime indirect minor v0.29.4v0.31.0
github.com/go-openapi/runtime require minor v0.29.4v0.31.0
github.com/go-openapi/strfmt indirect patch v0.26.1v0.26.2
github.com/go-openapi/strfmt require patch v0.26.1v0.26.2
github.com/go-playground/validator/v10 require minor v10.26.0v10.30.2
github.com/golang-jwt/jwt/v5 indirect patch v5.3.0v5.3.1
github.com/google/go-containerregistry indirect patch v0.21.5v0.21.6
github.com/hashicorp/hcl indirect major v1.0.1-vault-7v2.24.0
github.com/letsencrypt/boulder indirect minor v0.20260420.0v0.20260518.0
github.com/pelletier/go-toml/v2 indirect minor v2.2.4v2.3.1
github.com/sigstore/sigstore require patch v1.10.5v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/aws require patch v1.10.5v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/azure require patch v1.10.5v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/gcp require patch v1.10.5v1.10.6
github.com/sigstore/sigstore/pkg/signature/kms/hashivault require patch v1.10.5v1.10.6
github.com/tink-crypto/tink-go-awskms/v2 require major v2.1.0v3.0.0
github.com/tink-crypto/tink-go-hcvault/v2 require minor v2.3.0v2.5.0
github.com/urfave/negroni require major v1.0.0v3.1.1
go.step.sm/crypto require minor v0.77.7v0.81.0
go.uber.org/zap require minor v1.27.0v1.28.0
go.yaml.in/yaml/v2 indirect major v2.4.3v3.0.4
golang.org/x/crypto indirect minor v0.50.0v0.51.0
golang.org/x/mod indirect minor v0.35.0v0.36.0
golang.org/x/net indirect minor v0.53.0v0.54.0
golang.org/x/net require minor v0.53.0v0.54.0
golang.org/x/sys indirect minor v0.43.0v0.44.0
golang.org/x/term indirect minor v0.42.0v0.43.0
golang.org/x/text indirect minor v0.36.0v0.37.0
golang.org/x/tools indirect minor v0.44.0v0.45.0
google.golang.org/api indirect minor v0.276.0v0.280.0
google.golang.org/genproto indirect digest 7cedc36aa98bba
google.golang.org/genproto/googleapis/api indirect digest 7cedc36aa98bba
google.golang.org/genproto/googleapis/rpc indirect digest 7cedc36aa98bba
google.golang.org/grpc indirect minor v1.80.0v1.81.1
gopkg.in/yaml.v2 indirect major v2.4.0v3.0.1

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

googleapis/google-cloud-go (cloud.google.com/go/longrunning)

v0.13.0

Compare Source

  • bigquery: UseLegacySQL options for CreateTable and QueryConfig. Use these
    options to continue using Legacy SQL after the client switches its default
    to Standard SQL.

  • bigquery: Support for updating dataset labels.

  • bigquery: Set DatasetIterator.ProjectID to list datasets in a project other
    than the client's. DatasetsInProject is no longer needed and is deprecated.

  • bigtable: Fail ListInstances when any zones fail.

  • spanner: support decoding of slices of basic types (e.g. []string, []int64,
    etc.)

  • logging/logadmin: UpdateSink no longer creates a sink if it is missing
    (actually a change to the underlying service, not the client)

  • profiler: Service and ServiceVersion replace Target in Config.

v0.12.0

Compare Source

  • pubsub: Subscription.Receive now uses streaming pull.

  • pubsub: add Client.TopicInProject to access topics in a different project
    than the client.

  • errors: renamed errorreporting. The errors package will be removed shortly.

  • datastore: improved retry behavior.

  • bigquery: support updates to dataset metadata, with etags.

  • bigquery: add etag support to Table.Update (BREAKING: etag argument added).

  • bigquery: generate all job IDs on the client.

  • storage: support bucket lifecycle configurations.

AzureAD/microsoft-authentication-library-for-go (github.com/AzureAD/microsoft-authentication-library-for-go)

v1.7.2

Compare Source

What's Changed

New Contributors

Full Changelog: AzureAD/microsoft-authentication-library-for-go@v1.7.1...v1.7.2

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.5.0

Compare Source

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.4.0...v3.5.0

aws/aws-sdk-go (github.com/aws/aws-sdk-go)

v1.55.8

Compare Source

SDK Features
  • Mark the module and all packages as deprecated.
    • This SDK has entered end-of-support.

v1.55.7

Compare Source

===

SDK Bugs
  • service/s3/s3manager: Abort multipart download if object is modified during download
aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2)

v1.41.7

Compare Source

Module Highlights

  • github.com/aws/aws-sdk-go-v2/service/ecs: v1.41.7
    • Documentation: Documentation only update for Amazon ECS.
  • github.com/aws/aws-sdk-go-v2/service/glue: v1.78.0
    • Feature: Adding View related fields to responses of read-only Table APIs.
  • github.com/aws/aws-sdk-go-v2/service/ivschat: v1.12.5
    • Documentation: Doc-only update. Changed "Resources" to "Key Concepts" in docs and updated text.
  • github.com/aws/aws-sdk-go-v2/service/rolesanywhere: v1.10.0
    • Feature: This release increases the limit on the roleArns request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs.
  • github.com/aws/aws-sdk-go-v2/service/securityhub: v1.47.2
    • Documentation: Documentation updates for AWS Security Hub
aws/smithy-go (github.com/aws/smithy-go)

v1.25.1

Compare Source

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.25.1
    • Bug Fix: Fixed a memory leak in the LRU cache implementation used by some AWS services.
cenkalti/backoff (github.com/cenkalti/backoff/v4)

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.10.1

Compare Source

Changes and fixes

  • inotify: don't remove sibling watches sharing a path prefix (#​754)

  • inotify, windows: don't rename sibling watches sharing a path prefix
    (#​755)

v1.10.0

Compare Source

This version of fsnotify needs Go 1.23.

Changes and fixes

  • inotify: improve initialization error message (#​731)

  • inotify: send Rename event if recursive watch is renamed (#​696)

  • inotify: avoid copying event buffers when reading names (#​741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#​748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#​740)

  • windows: fix nil pointer dereference in remWatch (#​736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#​709, #​749)

go-chi/chi (github.com/go-chi/chi)

v5.2.5

Compare Source

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.2.3...v5.2.5

v5.2.4

Compare Source

v5.2.3

Compare Source

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.2.2...v5.2.3

v5.2.2

Compare Source

What's Changed

Security fix

  • Fixes GHSA-vrw8-fxc6-2r93 - "Host Header Injection Leads to Open Redirect in RedirectSlashes" commit
    • a lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header
    • reported by Anuraag Baishya, @​anuraagbaishya. Thank you!

New Contributors

Full Changelog: go-chi/chi@v5.2.1...v5.2.2

v5.2.1

Compare Source

⚠️ Chi supports Go 1.20+

Starting this release, we will now support the four most recent major versions of Go. See #​963 for related discussion.

What's Changed

Full Changelog: go-chi/chi@v5.2.0...v5.2.1

v5.2.0

Compare Source

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.1.0...v5.2.0

v5.1.0

Compare Source

What's Changed

  • middleware: add Discard method to WrapResponseWriter by @​patrislav in #​926
    • Adds Discard() method to the middleware.WrapResponseWriter interface. This is technically an API breaking change. However after some discussion at #​926 (comment), we decided to move forward, and release as minor version, as we don't expect anyone to rely on this interface / implement it externally.

New Contributors

Full Changelog: go-chi/chi@v5.0.14...v5.1.0

v5.0.14

Compare Source

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.0.12...v5.0.14

v5.0.13

Compare Source

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.0.12...v5.0.13

v5.0.12

Compare Source

v5.0.11

Compare Source

v5.0.10

Compare Source

v5.0.9

Compare Source

v5.0.8

Compare Source

v5.0.7

Compare Source

v5.0.6

Compare Source

v5.0.5

Compare Source

v5.0.4

Compare Source

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source

v4.1.3

Compare Source

go-openapi/runtime (github.com/go-openapi/runtime)

v0.31.0

Compare Source

0.31.0 - 2026-05-17

Full Changelog: go-openapi/runtime@v0.30.0...v0.31.0

33 commits in this release.

Implemented enhancements
  • feat(client): TLS diagnostic mode for Runtime.Trace by @​fredbi ...
  • feat(client): add Runtime.Trace for connection-level diagnostics by @​fredbi ...
Fixed bugs
Documentation
Code quality
Testing
Miscellaneous tasks
Security
  • test(security): fuzz targets for BindForm parse + filename cap by @​fredbi ...
  • test(security): fuzz targets for header-parsing surface by @​fredbi ...
  • fix(negotiate/header): reject q-values greater than 1 by @​fredbi ...
  • docs(security): document constant-time-comparison contract for auth callbacks by @​fredbi in #​457 ...
  • feat(runtime): BindForm helper for multipart/urlencoded body binding by @​fredbi in #​446 ...
Updates
Other (technical)
People who contributed to this release
New Contributors

runtime license terms

License

Per-module changes

client-middleware/opentracing (0.31.0)

Code quality
Miscellaneous tasks

docs/examples (0.31.0)

Documentation
Code quality
Miscellaneous tasks
Security
  • docs(security): document constant-time-comparison contract for auth callbacks by @​fredbi in #​457 ...

server-middleware (0.31.0)

Documentation
Code quality
Security
  • test(security): fuzz targets for header-parsing surface by @​fredbi ...
  • fix(negotiate/header): reject q-values greater than 1 by @​fredbi ...
Other (technical)

v0.30.0

Compare Source

0.30.0 - 2026-05-13

Long awaited fixes and additions

  • Fixed most long standing issues.

  • Added standalone middleware module (swagger UI, serve spec).

  • Improved content negotiation.

  • Context-aware request submission

Full Changelog: go-openapi/runtime@v0.29.5...v0.30.0

33 commits in this release.

Implemented enhancements
  • feat(client): honor context cancellation in multipart upload goroutine by @​fredbi ...
  • feat(client): introduce SubmitContext by @​fredbi ...
  • feat: extract media type match validation to separate package by @​fredbi ...
  • feat(mediatype): typed media-type and symmetric Accept negotiatio

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux
Copy link
Copy Markdown
Author

red-hat-konflux Bot commented Apr 28, 2026
edited
Loading

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.25.0 -> 1.26.0

@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch from 772ff0d to 89bf53d Compare April 29, 2026 02:31
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module go.step.sm/crypto to v0.77.9 chore(deps): update go dependencies Apr 29, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go dependencies chore(deps): update module go.step.sm/crypto to v0.77.9 Apr 29, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch from 89bf53d to a4d1be8 Compare April 29, 2026 19:01
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module go.step.sm/crypto to v0.77.9 chore(deps): update go dependencies Apr 29, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch 20 times, most recently from b4389af to 9793ac2 Compare May 6, 2026 06:52
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch 3 times, most recently from c85e669 to 78f93dd Compare May 7, 2026 23:21
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch 14 times, most recently from b9f426c to e478016 Compare May 15, 2026 14:34
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch 14 times, most recently from 4821d44 to 3d746ce Compare May 20, 2026 13:39
@red-hat-konflux
chore(deps): update go dependencies
d4c9fa2 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/release-1.3/go-deps branch from 3d746ce to d4c9fa2 Compare May 20, 2026 23:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants