Bump the go-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the go-dependencies group with 2 updates in the / directory: github.com/itchyny/gojq and github.com/onsi/ginkgo/v2.

Updates github.com/itchyny/gojq from 0.12.18 to 0.12.19

Release notes

Sourced from github.com/itchyny/gojq's releases.

Release v0.12.19

• fix gsub and sub when the replacement emits multiple values
• fix fmax, fmin, modf functions against NaN and infinities
• fix join/1 to use add/0 implementation and handle null separator
• fix del and delpaths on null to emit null
• fix arithmetic operations on the minimum integer
• fix significand function against subnormal numbers
• fix handling of -- in cli flag parsing for jq compatibility
• fix flatten/1 to emit error when the depth is NaN
• fix array slice update to validate index types
• fix string repetition boundary check to match jq behavior
• implement splits/2 using match/2 for better jq compatibility
• implement to_entries and from_entries in jq for simplicity
• improve performance of regexp functions by caching compiled regexps

Changelog

Sourced from github.com/itchyny/gojq's changelog.

v0.12.19 (2026-04-01)

• fix gsub and sub when the replacement emits multiple values
• fix fmax, fmin, modf functions against NaN and infinities
• fix join/1 to use add/0 implementation and handle null separator
• fix del and delpaths on null to emit null
• fix arithmetic operations on the minimum integer
• fix significand function against subnormal numbers
• fix handling of -- in cli flag parsing for jq compatibility
• fix flatten/1 to emit error when the depth is NaN
• fix array slice update to validate index types
• fix string repetition boundary check to match jq behavior
• implement splits/2 using match/2 for better jq compatibility
• implement to_entries and from_entries in jq for simplicity
• improve performance of regexp functions by caching compiled regexps

Commits

• b7ebffb bump up version to 0.12.19
• b02c97b update CHANGELOG.md for v0.12.19
• d7ca9b5 implement to_entries and from_entries in jq for simplicity
• bac8b0b update dependencies
• 183cbec bump up Docker actions
• 40707cf fix repeated argument type any
• b5ece86 fix handling of -- in cli flag parsing for jq compatibility
• cca2307 re-generate the parser.go file
• ca5066d fix gsub and sub when the replacement emits multiple values
• 0878958 improve performance of regexp functions by caching compiled regexps (fix #230)
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.3

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.3

2.28.3

Maintenance

Bump all dependencies

v2.28.2

2.28.2

• Add ArtifactDir() to support Go 1.26 testing.TB interface [f3a36b6]
• Implement shell completion [94151c8]
• Add asan CLI option mirroring msan implementation [4d21dbb]
• Bump uri from 1.0.3 to 1.0.4 in /docs (#1630) [c102161]
• fix aspect ratio [9619647]
• update logos [5779304]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.3

Maintenance

Bump all dependencies

2.28.2

• Add ArtifactDir() to support Go 1.26 testing.TB interface [f3a36b6]
• Implement shell completion [94151c8]
• Add asan CLI option mirroring msan implementation [4d21dbb]
• Bump uri from 1.0.3 to 1.0.4 in /docs (#1630) [c102161]
• fix aspect ratio [9619647]
• update logos [5779304]

Commits

• 5de9c15 v2.28.3
• 7e2fa19 bump dependencies
• 1a81912 v2.28.2
• f3a36b6 Add ArtifactDir() to support Go 1.26 testing.TB interface
• 94151c8 Implement shell completion
• 4d21dbb Add asan CLI option mirroring msan implementation
• c102161 Bump uri from 1.0.3 to 1.0.4 in /docs (#1630)
• 9619647 fix aspect ratio
• 5779304 update logos
• See full diff in compare view

Updates github.com/onsi/gomega from 1.39.1 to 1.40.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.40.0

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Commits

• 87ee9d3 v1.40.0
• ea66027 v1.40.0 (full)
• e3fd789 update docs to reflect new versioning strategy
• 7d4ee30 first push to master-lite
• e4a82d1 Bump github/codeql-action from 3 to 4 (#875)
• af62723 Bump rexml from 3.4.0 to 3.4.2 in /docs (#870)
• e164221 Bump github.com/onsi/ginkgo/v2 from 2.28.0 to 2.28.1 (#895)
• 334a282 Bump faraday from 2.12.2 to 2.14.1 in /docs (#896)
• See full diff in compare view

Updates golang.org/x/crypto from 0.48.0 to 0.50.0

Commits

• 03ca0dc go.mod: update golang.org/x dependencies
• 8400f4a ssh: respect signer's algorithm preference in pickSignatureAlgorithm
• 81c6cb3 ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLength
• 982eaa6 go.mod: update golang.org/x dependencies
• 159944f ssh,acme: clean up tautological/impossible nil conditions
• a408498 acme: only require prompt if server has terms of service
• cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
• 2f26647 x509roots/fallback: update bundle
• See full diff in compare view

Updates golang.org/x/tools from 0.42.0 to 0.44.0

Commits

• 3dd188d go.mod: update golang.org/x dependencies
• aebd870 gopls: improve doc link matching to support links followed by a colon
• 5357b43 go/analysis/passes/modernize: rangeint: handle type parameter constraints
• bf04c61 go/types/internal/play: show normal terms of selected type
• 0ae2de0 gopls/internal/filecache: cache decoded objects in memCache
• 8e51a5f go/ssa: support direct references to embedded fields in struct lit
• 5005b9e internal/gcimporter: rename ureader_yes.go to ureader.go
• 5ca865b go/types/objectpath: add debugging command
• f6476fb internal/gcimporter: consume generic methods in gcimporter
• b36d1d1 internal/pkgbits: sync version.go with goroot
• Additional commits viewable in compare view

[ValClarkson]

LGTM. All non-pre-existing checks (go-test, golangci-lint, govulncheck, kubernetes-k3d, kubernetes-api, coverage-report, CodeQL) pass. The failing e2e-* and trivy-related jobs are pre-existing failures on main and unrelated to this PR.

gojq upgrade only affects internal/crd/post-process.go (build-time CRD post-processor)
x/crypto upgrade only affects internal/postgres/password/scram.go (stable pbkdf2.Key API)
All other bumps are test-only or indirect

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.