Skip to content

fix(deps): update gomod dependencies#671

Open
red-hat-konflux-kflux-prd-rh03[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/gomod-dependencies
Open

fix(deps): update gomod dependencies#671
red-hat-konflux-kflux-prd-rh03[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/gomod-dependencies

Conversation

@red-hat-konflux-kflux-prd-rh03

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
github.com/Masterminds/semver/v3 v3.4.0v3.5.0 age confidence indirect minor
github.com/fatih/color v1.18.0v1.19.0 age confidence indirect minor
github.com/fsnotify/fsnotify v1.9.0v1.10.1 age confidence indirect minor
github.com/fxamacker/cbor/v2 v2.9.0v2.9.2 age confidence indirect patch
github.com/go-openapi/analysis v0.22.2v0.25.3 age confidence indirect minor
github.com/go-openapi/errors v0.21.0v0.22.8 age confidence indirect minor
github.com/go-openapi/jsonpointer v0.21.0v0.24.0 age confidence indirect minor
github.com/go-openapi/jsonreference v0.20.4v0.21.6 age confidence indirect minor
github.com/go-openapi/loads v0.21.5v0.24.0 age confidence indirect minor
github.com/go-openapi/runtime v0.26.2v0.32.4 age confidence require minor
github.com/go-openapi/spec v0.20.14v0.22.6 age confidence indirect minor
github.com/go-openapi/strfmt v0.22.0v0.26.4 age confidence require minor
github.com/go-openapi/swag v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/cmdutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/conv v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/fileutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/jsonname v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/jsonutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/loading v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/mangling v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/netutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/stringutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/typeutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/swag/yamlutils v0.25.4v0.27.0 age confidence indirect minor
github.com/go-openapi/validate v0.22.6v0.26.0 age confidence indirect minor
github.com/golang/glog v1.2.4v1.2.5 age confidence indirect patch
github.com/google/gnostic-models v0.7.0v0.7.1 age confidence indirect patch
github.com/google/pprof 27863c87023385 age confidence indirect digest
github.com/mattn/go-colorable v0.1.13v0.1.15 age confidence indirect patch
github.com/mattn/go-isatty v0.0.20v0.0.22 age confidence indirect patch
github.com/microcosm-cc/bluemonday v1.0.26v1.0.27 age confidence indirect patch
github.com/onsi/ginkgo/v2 v2.27.2v2.32.0 age confidence require minor
github.com/onsi/gomega v1.38.3v1.42.1 age confidence require minor
github.com/openshift-online/ocm-api-model/clientapi v0.0.449v0.0.461 age confidence require patch
github.com/openshift-online/ocm-api-model/model v0.0.449v0.0.461 age confidence indirect patch
github.com/openshift-online/ocm-sdk-go v0.1.494v0.1.504 age confidence require patch v0.1.505
github.com/openshift/api 534616132c3490 require digest
github.com/openshift/client-go df412d424d059a require digest
github.com/openshift/library-go dd144d2c6cd1a2 age confidence require digest
github.com/openshift/osde2e-common 097ba22751e0d2 age confidence require digest
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.74.0v0.92.1 age confidence require minor
github.com/prometheus/alertmanager v0.26.0v0.33.1 age confidence require minor
github.com/prometheus/common v0.66.1v0.69.0 age confidence indirect minor
github.com/prometheus/procfs v0.16.1v0.21.1 age confidence indirect minor
go (source) 1.25.111.26.4 age confidence toolchain minor 1.26.5
go.mongodb.org/mongo-driver v1.13.1v1.17.9 age confidence indirect minor
go.opentelemetry.io/auto/sdk v1.1.0v1.2.1 age confidence indirect minor
go.opentelemetry.io/otel v1.36.0v1.44.0 age confidence indirect minor
go.opentelemetry.io/otel/metric v1.36.0v1.44.0 age confidence indirect minor
go.opentelemetry.io/otel/trace v1.36.0v1.44.0 age confidence indirect minor
go.uber.org/mock v0.4.0v0.6.0 age confidence require minor
go.uber.org/zap v1.27.0v1.28.0 age confidence require minor
go.yaml.in/yaml/v2 v2.4.3v2.4.4 age confidence indirect patch
golang.org/x/mod v0.35.0v0.37.0 age confidence indirect minor
golang.org/x/net v0.55.1-0.20260602153038-42abb857022cv0.56.0 age confidence indirect minor
golang.org/x/oauth2 v0.30.0v0.36.0 age confidence indirect minor
golang.org/x/sync v0.20.0v0.21.0 age confidence indirect minor
golang.org/x/sys v0.45.0v0.46.0 age confidence indirect minor
golang.org/x/term v0.43.0v0.44.0 age confidence indirect minor
golang.org/x/text v0.37.0v0.39.0 age confidence indirect minor
golang.org/x/tools v0.44.0v0.47.0 age confidence indirect minor
gomodules.xyz/jsonpatch/v2 v2.4.0v2.5.0 age confidence indirect minor
google.golang.org/protobuf v1.36.8v1.36.11 age confidence indirect patch
k8s.io/api v0.35.1v0.36.2 age confidence require minor
k8s.io/apiextensions-apiserver v0.35.1v0.36.2 age confidence indirect minor
k8s.io/apimachinery v0.35.1v0.36.2 age confidence require minor
k8s.io/client-go v0.35.1v0.36.2 age confidence require minor
k8s.io/code-generator v0.35.1v0.36.2 age confidence indirect minor
k8s.io/gengo/v2 v2.0.0-20250922181213-ec3ebc5fd46bv2.0.0-20260408192533-25e2208e0dc3 age confidence indirect patch
sigs.k8s.io/controller-runtime v0.21.0v0.24.1 age confidence require minor
sigs.k8s.io/controller-tools v0.20.1v0.21.0 age confidence require minor
sigs.k8s.io/e2e-framework v0.5.0v0.7.0 age confidence indirect minor
sigs.k8s.io/structured-merge-diff/v6 v6.3.2v6.4.0 age confidence indirect minor v6.4.2 (+1)

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

Masterminds/semver (github.com/Masterminds/semver/v3)

v3.5.0

Compare Source

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.4.0...v3.5.0

fatih/color (github.com/fatih/color)

v1.19.0

Compare Source

What's Changed

New Contributors

Full Changelog: fatih/color@v1.18.0...v1.19.0

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.10.1

Compare Source

Changes and fixes
  • inotify: don't remove sibling watches sharing a path prefix (#​754)

  • inotify, windows: don't rename sibling watches sharing a path prefix
    (#​755)

v1.10.0

Compare Source

This version of fsnotify needs Go 1.23.

Changes and fixes
  • inotify: improve initialization error message (#​731)

  • inotify: send Rename event if recursive watch is renamed (#​696)

  • inotify: avoid copying event buffers when reading names (#​741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#​748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#​740)

  • windows: fix nil pointer dereference in remWatch (#​736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#​709, #​749)

fxamacker/cbor (github.com/fxamacker/cbor/v2)

v2.9.2

Compare Source

This release refactors and hardens the streaming encoder by adding stricter checks for encoding CBOR indefinite-length data. Other changes include minor bugfixes, defensive checks, and more tests.

Projects that don't use CBOR indefinite-length data may also want to upgrade (summary of prior releases).

The stricter checks in the encoder prevent improper use of the library and bad inputs from producing malformed CBOR indefinite-length data that would be rejected by the decoder.

This release passed fuzz tests (billions of execs) and it is production quality.

What's Changed

  • Reject encoding indefinite-length map with odd item count by @​fxamacker in #​764
  • Reject encoding indefinite-length data item as a chunk inside indefinite-length byte string or text string by @​fxamacker in #​765
  • Make TagSet.Remove a no-op when contentType is nil by @​fxamacker in #​766
  • Refactor indefinite-length encoding and improve chunk validation during encoding by @​fxamacker in #​767
  • Add more tests, fix a nit in unreachable panic message, update docs & ci by @​fxamacker in #​768
CI / GitHub Actions and Docs
🔎 Details...

Full Changelog: fxamacker/cbor@v2.9.1...v2.9.2

v2.9.1

Compare Source

This release includes important bugfixes, defensive checks, improved code quality, and more tests. Although not public, the fuzzer was also improved by adding more fuzz tests.

🐞 Bug fixes related to the keyasint feature

These changes only affect Go struct fields tagged with keyasint:

  • [Decoding] Reject integer keys that exceed math.MaxInt64 when decoding CBOR map to a struct with keyasint field (PR #​757)
  • [Decoding] Prevent string representation of an integer key from matching the struct field tagged by keyasint (PR #​757)
  • [Encoding & Decoding] Deduplicate struct fields with the same normalized keyasint tag values (PR #​757)
🐞 Other bug fixes and defensive checks

Some of the bugs fixed are related to decoding extreme values that cannot be encoded with this library. For example, the decoder checks if epoch time encoded as CBOR float value representing hundreds of billions of years overflows int64(seconds).

NOTE: It is generally good practice to avoid using floating point to store epoch time (even when not using CBOR).

  • [Decoding] Reject decoding epoch time encoded as floats that overflow int64 (PR #​753)
  • [Encoding] Return a cloned slice for an empty RawMessage from RawMessage.MarshalCBOR (PR #​753)
  • [Encoding] Reject encoding nil inside indefinite-length strings (PR #​750)
  • [Diagnostic] Accept valid U+FFFD replacement character (PR #​753)

What's Changed

CI / GitHub Actions and Docs
🔎 Details...

New Contributors

Full Changelog: fxamacker/cbor@v2.9.0...v2.9.1

go-openapi/analysis (github.com/go-openapi/analysis)

v0.25.3

Compare Source

0.25.3 - 2026-06-27

Full Changelog: go-openapi/analysis@v0.25.2...v0.25.3

14 commits in this release.


Documentation
Miscellaneous tasks
Updates

People who contributed to this release

analysis license terms

License

Per-module changes


internal/testintegration (0.25.3)

Updates

v0.25.2

Compare Source

0.25.2 - 2026-06-02

Full Changelog: go-openapi/analysis@v0.25.1...v0.25.2

5 commits in this release.


Implemented enhancements
  • feat(ci): added shared workflow for bot-pr monitoring by @​fredbi ...
Documentation
Miscellaneous tasks

Note

PR body was truncated to here.

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. labels Jun 26, 2026
@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot enabled auto-merge (squash) June 26, 2026 04:03
@openshift-ci openshift-ci Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Jun 26, 2026
@openshift-ci

openshift-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Hi @red-hat-konflux-kflux-prd-rh03[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

/retest-required

Remaining retests: 0 against base HEAD 10dc3b9 and 2 for PR HEAD 2ad32cd in total

@openshift-ci

openshift-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

@red-hat-konflux-kflux-prd-rh03[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/validate 2ad32cd link true /test validate
ci/prow/test 2ad32cd link true /test test
ci/prow/coverage 2ad32cd link true /test coverage
ci/prow/lint 2ad32cd link true /test lint

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot force-pushed the konflux/mintmaker/master/gomod-dependencies branch from 2ad32cd to e60b3cd Compare June 29, 2026 04:03
@openshift-ci openshift-ci Bot removed the lgtm Indicates that a PR is ready to be merged. label Jun 29, 2026
@openshift-ci

openshift-ci Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

New changes are detected. LGTM label has been removed.

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot force-pushed the konflux/mintmaker/master/gomod-dependencies branch from e60b3cd to a1c9286 Compare June 30, 2026 04:03
@openshift-ci

openshift-ci Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: red-hat-konflux-kflux-prd-rh03[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot force-pushed the konflux/mintmaker/master/gomod-dependencies branch 3 times, most recently from 2236dfc to 49f601c Compare July 6, 2026 04:03
@red-hat-konflux-kflux-prd-rh03

red-hat-konflux-kflux-prd-rh03 Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 2 additional dependencies were updated

Details:

Package Change
k8s.io/kube-openapi v0.0.0-20260519202549-bbf5c5577288 -> v0.0.0-20260603220949-865597e52e25
k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 -> v0.0.0-20260507154919-ff6756f316d2

@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot force-pushed the konflux/mintmaker/master/gomod-dependencies branch from 49f601c to 1576864 Compare July 7, 2026 04:03
Signed-off-by: red-hat-konflux-kflux-prd-rh03 <206760901+red-hat-konflux-kflux-prd-rh03[bot]@users.noreply.github.com>
@red-hat-konflux-kflux-prd-rh03 red-hat-konflux-kflux-prd-rh03 Bot force-pushed the konflux/mintmaker/master/gomod-dependencies branch from 1576864 to b24254f Compare July 8, 2026 04:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants