Skip to content

Bump the gomod group across 1 directory with 16 updates#4376

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/gomod-86747dfc95
Open

Bump the gomod group across 1 directory with 16 updates#4376
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/gomod-86747dfc95

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps the gomod group with 12 updates in the / directory:

Package From To
code.cloudfoundry.org/bytefmt 0.74.0 0.79.0
github.com/aws/aws-sdk-go-v2/config 1.32.18 1.32.26
github.com/aws/aws-sdk-go-v2/service/ecr 1.57.2 1.58.5
github.com/buildpacks/pack 0.40.6 0.40.7
github.com/google/go-containerregistry 0.21.6 0.21.7
github.com/pivotal/kpack 0.17.1 0.17.2
k8s.io/api 0.36.1 0.36.2
k8s.io/client-go 0.36.1 0.36.2
k8s.io/metrics 0.36.1 0.36.2
k8s.io/pod-security-admission 0.36.1 0.36.2
sigs.k8s.io/gateway-api 1.5.1 1.6.0
k8s.io/apiextensions-apiserver 0.36.1 0.36.2

Updates code.cloudfoundry.org/bytefmt from 0.74.0 to 0.79.0

Commits

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.18 to 1.32.26

Commits
  • 26060c5 Release 2026-06-29
  • 24e918a Regenerated Clients
  • 334471f Update API model
  • 96d81dc Deprecate iotevents, ioteventsdata, panorama and simspaceweaver (#3458)
  • 30502cb feat: mark common plugins and fix per-op ordering for invokeOperation refacto...
  • 8881653 Revert "feat: mark common plugins and fix per-op ordering for invokeOperation...
  • eba2f01 feat: mark common plugins and fix per-op ordering for invokeOperation… (#3443)
  • 2c5e1db Release 2026-06-23
  • d09eeb5 Regenerated Clients
  • 2f5f5f9 Update API model
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.57.2 to 1.58.5

Commits
  • 26060c5 Release 2026-06-29
  • 24e918a Regenerated Clients
  • 334471f Update API model
  • 96d81dc Deprecate iotevents, ioteventsdata, panorama and simspaceweaver (#3458)
  • 30502cb feat: mark common plugins and fix per-op ordering for invokeOperation refacto...
  • 8881653 Revert "feat: mark common plugins and fix per-op ordering for invokeOperation...
  • eba2f01 feat: mark common plugins and fix per-op ordering for invokeOperation… (#3443)
  • 2c5e1db Release 2026-06-23
  • d09eeb5 Regenerated Clients
  • 2f5f5f9 Update API model
  • Additional commits viewable in compare view

Updates github.com/buildpacks/pack from 0.40.6 to 0.40.7

Release notes

Sourced from github.com/buildpacks/pack's releases.

pack v0.40.7

Prerequisites

  • A container runtime such as Docker or podman must be available to execute builds.

Install

For instructions on installing pack, see our installation docs.

Run

Run the command pack.

You should see the following output

CLI for building apps using Cloud Native Buildpacks

Usage: pack [command]

Available Commands: build Generate app image from source code builder Interact with builders buildpack Interact with buildpacks extension Interact with extensions config Interact with your local pack config file inspect Show information about a built app image stack (deprecated) Interact with stacks rebase Rebase app image with latest run image sbom Interact with SBoM completion Outputs completion script location report Display useful information for reporting an issue version Show current 'pack' version help Help about any command

Flags: --force-color Force color output -h, --help Help for 'pack' --no-color Disable color output -q, --quiet Show less output --timestamps Enable timestamps in output -v, --verbose Show more output --version Show current 'pack' version

Use "pack [command] --help" for more information about a command.

Info

... (truncated)

Commits
  • 2df3b8c chore: suppress unreachable docker daemon CVEs in grype config (#2644)
  • 7f2f74e build(deps): bump Go directive to 1.25.11 for stdlib security fixes (#2642)
  • 5185a57 build(deps): bump x/crypto, x/net, and go-git for security fixes (#2641)
  • e0e21cd fix(buildpack): fix malformed yank PR template body (#2631)
  • e7ca39a chore: remove direct dependency on github.com/docker/docker (#2617)
  • a7f39ca Suggest heroku/builder:26 instead of heroku/builder:24 (#2611)
  • See full diff in compare view

Updates github.com/google/go-containerregistry from 0.21.6 to 0.21.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.7

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.21.6...v0.21.7

Commits
  • c68d899 Bump go version to 1.26.4 (#2350)
  • da61d86 transport: do not re-attach bearer token after cross-host redirect (#2349)
  • 09fe1e5 fix(tarball): normalize paths when matching files (#2334)
  • 5baa399 build(deps): bump the go-deps group across 3 directories with 4 updates (#2348)
  • 97a8a17 fix(transport): apply refreshed bearer token after cross-host redirect (#2337)
  • e963497 internal/gzip: fix goroutine leak in ReadCloserLevel (#2347)
  • 02649ea fix: prevent SSRF in google.List() pagination (#2332)
  • 7204b40 build(deps): bump the actions group across 1 directory with 2 updates (#2344)
  • 4cfaa93 build(deps): bump the go-deps group across 1 directory with 2 updates (#2343)
  • 6849394 pkg/registry: export RedirectError (#2177)
  • Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.29.0 to 2.32.0

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.32.0

2.32.0

-fd generate RSpec-style documentation output. Thank @​woodie ! --sleep-on-failure pauses a failed spec before teardown. Thanks @​qinqon !

v2.31.0

2.31.0

Add a bunch of Claude Skills via the marketplace:

/plugin marketplace add onsi/ginkgo
/plugin install ginkgo@ginkgo

v2.30.0

2.30.0

Features

Ginkgo now allows extentions/global.Reset to support running multiple suites from within a single process. This may take some massaging on your part (see 1672) but can dramatically speed up codebases with O(hundreds) of test suites.

Thanks @​lawrencejones !

Fixes

  • Fix nested --github-output group for progress report nested inside timeline [4f62d7a]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.32.0

-fd generate RSpec-style documentation output. Thank @​woodie ! --sleep-on-failure pauses a failed spec before teardown. Thanks @​qinqon !

2.31.0

Add a bunch of Claude Skills via the marketplace:

/plugin marketplace add onsi/ginkgo
/plugin install ginkgo@ginkgo

2.30.0

Features

Ginkgo now allows extentions/global.Reset to support running multiple suites from within a single process. This may take some massaging on your part (see 1672) but can dramatically speed up codebases with O(hundreds) of test suites.

Thanks @​lawrencejones !

Fixes

  • Fix nested --github-output group for progress report nested inside timeline [4f62d7a]
Commits
  • 9ff1646 v2.32.0
  • 0491f2a Make -fd exclusive of -p/-procs and -randomize-all
  • 334f74a respect SilenceSkips in fd mode, add test
  • 21047ce No need for a new method.
  • 7d281e1 Break out to two methods.
  • 5313727 More integration, fewer changes.
  • b83f524 Fewer new methods.
  • 73c59df feat: add -fd flag for RSpec-style documentation output
  • 76a2074 feat: add --sleep-on-failure to pause a failed spec before teardown
  • 3c7bde4 v2.31.0
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.41.0 to 1.42.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.42.1

1.42.1

Bump Dependencies

v1.42.0

1.42.0

Add a set of Claude skill as a marketplace plugin

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.42.1

Bump Dependencies

1.42.0

Add a set of Claude skill as a marketplace plugin

Commits

Updates github.com/pivotal/kpack from 0.17.1 to 0.17.2

Release notes

Sourced from github.com/pivotal/kpack's releases.

kpack v0.17.2

Full Changelog:

What's Changed

New Contributors

Full Changelog: buildpacks-community/kpack@v0.17.1...v0.17.2

sha256 checksum:

6e3ed15d7a4fa4dec8fc95c7ece023c9951724b840a9c5cb536cf662c0bbdf8d  release-0.17.2.yaml
Commits
  • bfa95d7 reimplement subpath filtering experiment (#1944)
  • c50f129 build: publish genuine multi-arch (amd64+arm64) images via ko-direct build (#...
  • d9fc433 Reject SecretKeyRef in Build/Image env validation (#1945)
  • 6be46df Document the shallow clone resolver feature flag (#1943)
  • a4eb48f Implement subPath filtering (#1936)
  • 156854a Update codegen (#1939)
  • 5e37296 Bump dependencies (#1931)
  • c236024 Bump github.com/secure-systems-lab/go-securesystemslib from 0.9.0 to 0.9.1 (#...
  • e39d74e Bump github.com/Azure/azure-sdk-for-go/sdk/storage/azblob from 1.6.1 to 1.6.3...
  • b860ca7 Bump github.com/Azure/azure-sdk-for-go/sdk/storage/azfile from 1.5.0 to 1.5.3...
  • See full diff in compare view

Updates golang.org/x/text from 0.37.0 to 0.38.0

Commits

Updates k8s.io/api from 0.36.1 to 0.36.2

Commits

Updates k8s.io/apimachinery from 0.36.1 to 0.36.2

Commits

Updates k8s.io/client-go from 0.36.1 to 0.36.2

Commits

Updates k8s.io/metrics from 0.36.1 to 0.36.2

Commits

Updates k8s.io/pod-security-admission from 0.36.1 to 0.36.2

Commits

Updates sigs.k8s.io/gateway-api from 1.5.1 to 1.6.0

Release notes

Sourced from sigs.k8s.io/gateway-api's releases.

Release v1.6.0

v1.6.0

Changes Since v1.5.1

GEP & API Graduation

  • UDPRoute & TCPRoute Graduation:
    • UDPRoute has graduated to GA. We recommend using the "v1" API version with this API now. The "v1alpha2" version of this API is deprecated and will be removed in the future. (#4923, @​zac-nixon)
    • TCPRoute has graduated to GA. We recommend using the "v1" API version with this API now. The "v1alpha2" version of this API is deprecated and will be removed in the future. (#4920, @​zac-nixon)
  • GEP Status Updates:

Feature

  • API & Validation Enhancements:
    • API validation updated for HTTPRoute retries: retry.codes must now be unique and retry.attempts must be >= 1. (#4907, @​snorwin)
    • Increase the number of allowed Certificate Authority references from 8 to 16. (#4088, @​root30)
    • The TLSRoute CRD validation has been adjusted to allow up to 1024 hostnames and rules per TLSRoute resource. Operators must validate kube-apiserver, etcd and Gateway controller behavior with representative manifests prior to enabling the new limit in production. (#4332, @​alexanderstephan)
    • BackendTLSPolicy now can be used in combination with other routes types. (#4745, @​rikatz)
    • Allow the usage of up to 16 annotations on the gateway infrastructure object. (#4707, @​wenisman)
  • Conformance Infrastructure:
    • Added conformance tests for UDPRoute (GEP-2645), a new GATEWAY-UDP conformance profile, a SupportTCPRoute feature, and a UDP/TCP echo server in echo-basic gated on UDP_ECHO_SERVER. (#4861, @​zac-nixon)
  • Remove the idleTimeout field from the experimental SessionPersistence API. (#4771, @​gcs278)

Documentation

  • Migration & Site Updates:
  • API Specs & Guidance Clarifications:
    • Add missing apidoc for BackendTLSPolicy extended support. (#4828, @​rikatz)
    • Add the missing ListenersNotValid programmed reason for listenerSets. (#4586, @​davidjumani)
    • Added documentation guidance recommending GRPCRoute for gRPC traffic. (#4513, @​kahirokunn)
    • Clarified CORS API documentation to describe behavior based on allowCredentials instead of credentialed requests. (#4663, @​snorwin)
    • Previously, implementations were required to reject GRPCRoute and HTTPRoutes on the same hostname (however, few implementations did this). Now, implementations may optionally do this, or allow them to coincide. (#4598, @​howardjohn)
    • Updates the documentation around the ListenerConditionConflicted condition. (#4659, @​davidjumani)
  • Fixes:

Bug or Regression

  • IPv6 Support:
    • Fix GatewayFrontendClientCertificateValidationInsecureFallback, GatewayFrontendClientCertificateValidation, and GatewayFrontendInvalidDefaultClientCertificateValidation failing on IPv6 clusters. (#4636, @​zirain)
    • Fix GatewayFrontendInvalidDefaultClientCertificateValidation failing on IPv6 clusters. (#4629, @​zirain)
  • ValidatingAdmissionPolicy (VAP) Fixes:
    • Fixed an issue where the ValidatingAdmissionPolicy prevented experimental CRDs from being installed at all (instead of only when standard CRDs already exist). (#4603, @​howardjohn)

... (truncated)

Commits
  • 89b3b0c version bump and changelog update for v1.6.0 release. (#5029)
  • 0298cb4 conformance: add missing gateway-api/skip-this-for-readiness annotation to in...
  • a96f1d3 Revert "fix: enforce TLS configuration for HTTPS listeners via CEL (#4788)" (...
  • 2a8f364 Preping v1.6.0-rc.2 release. (#5007)
  • cb01760 Add an injectable WebSocket dialer to the conformance suite (#5003)
  • abd72ae Route the GRPCRouteWeight sampler through the injectable GRPCClient (#5004)
  • 42243a4 Derive percentage-mirror tolerance from the binomial standard deviation (#5005)
  • c4e2190 conformance: avoid mirror log races (#4887) (#5002)
  • 740d32e document tightened listener API validation as breaking change in CHANGELOG (#...
  • f38a978 [release-1.6] test(conformance): add test covering shared and dedicated route...
  • Additional commits viewable in compare view

Updates k8s.io/apiextensions-apiserver from 0.36.1 to 0.36.2

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [code.cloudfoundry.org/bytefmt](https://github.com/cloudfoundry/bytefmt) | `0.74.0` | `0.79.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.18` | `1.32.26` |
| [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) | `1.57.2` | `1.58.5` |
| [github.com/buildpacks/pack](https://github.com/buildpacks/pack) | `0.40.6` | `0.40.7` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.6` | `0.21.7` |
| [github.com/pivotal/kpack](https://github.com/pivotal/kpack) | `0.17.1` | `0.17.2` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.36.1` | `0.36.2` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.36.1` | `0.36.2` |
| [k8s.io/metrics](https://github.com/kubernetes/metrics) | `0.36.1` | `0.36.2` |
| [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) | `0.36.1` | `0.36.2` |
| [sigs.k8s.io/gateway-api](https://github.com/kubernetes-sigs/gateway-api) | `1.5.1` | `1.6.0` |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.36.1` | `0.36.2` |



Updates `code.cloudfoundry.org/bytefmt` from 0.74.0 to 0.79.0
- [Release notes](https://github.com/cloudfoundry/bytefmt/releases)
- [Commits](cloudfoundry/bytefmt@v0.74.0...v0.79.0)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.18 to 1.32.26
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.32.18...config/v1.32.26)

Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.57.2 to 1.58.5
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ssm/v1.57.2...service/ecr/v1.58.5)

Updates `github.com/buildpacks/pack` from 0.40.6 to 0.40.7
- [Release notes](https://github.com/buildpacks/pack/releases)
- [Changelog](https://github.com/buildpacks/pack/blob/main/RELEASE.md)
- [Commits](buildpacks/pack@v0.40.6...v0.40.7)

Updates `github.com/google/go-containerregistry` from 0.21.6 to 0.21.7
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.6...v0.21.7)

Updates `github.com/onsi/ginkgo/v2` from 2.29.0 to 2.32.0
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.29.0...v2.32.0)

Updates `github.com/onsi/gomega` from 1.41.0 to 1.42.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.41.0...v1.42.1)

Updates `github.com/pivotal/kpack` from 0.17.1 to 0.17.2
- [Release notes](https://github.com/pivotal/kpack/releases)
- [Changelog](https://github.com/buildpacks-community/kpack/blob/main/RELEASE.md)
- [Commits](buildpacks-community/kpack@v0.17.1...v0.17.2)

Updates `golang.org/x/text` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.37.0...v0.38.0)

Updates `k8s.io/api` from 0.36.1 to 0.36.2
- [Commits](kubernetes/api@v0.36.1...v0.36.2)

Updates `k8s.io/apimachinery` from 0.36.1 to 0.36.2
- [Commits](kubernetes/apimachinery@v0.36.1...v0.36.2)

Updates `k8s.io/client-go` from 0.36.1 to 0.36.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.36.1...v0.36.2)

Updates `k8s.io/metrics` from 0.36.1 to 0.36.2
- [Commits](kubernetes/metrics@v0.36.1...v0.36.2)

Updates `k8s.io/pod-security-admission` from 0.36.1 to 0.36.2
- [Commits](kubernetes/pod-security-admission@v0.36.1...v0.36.2)

Updates `sigs.k8s.io/gateway-api` from 1.5.1 to 1.6.0
- [Release notes](https://github.com/kubernetes-sigs/gateway-api/releases)
- [Changelog](https://github.com/kubernetes-sigs/gateway-api/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/gateway-api@v1.5.1...v1.6.0)

Updates `k8s.io/apiextensions-apiserver` from 0.36.1 to 0.36.2
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.36.1...v0.36.2)

---
updated-dependencies:
- dependency-name: code.cloudfoundry.org/bytefmt
  dependency-version: 0.79.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.26
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr
  dependency-version: 1.58.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/buildpacks/pack
  dependency-version: 0.40.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.42.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/pivotal/kpack
  dependency-version: 0.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: golang.org/x/text
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: k8s.io/api
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: k8s.io/client-go
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: k8s.io/metrics
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: k8s.io/pod-security-admission
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: sigs.k8s.io/gateway-api
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants