Bump the go-deps group across 1 directory with 6 updates by dependabot[bot] · Pull Request #1478 · fluxcd/helm-controller

dependabot · 2026-04-30T03:05:09Z

Bumps the go-deps group with 5 updates in the / directory:

Package	From	To
github.com/fluxcd/cli-utils	`0.37.2-flux.1`	`1.1.0`
github.com/fluxcd/pkg/ssa	`0.72.0`	`0.73.0`
github.com/google/cel-go	`0.26.1`	`0.28.0`
github.com/onsi/gomega	`1.39.1`	`1.40.0`
go.uber.org/zap	`1.27.1`	`1.28.0`

Updates github.com/fluxcd/cli-utils from 0.37.2-flux.1 to 1.1.0

Release notes

Sourced from github.com/fluxcd/cli-utils's releases.

v1.1.0

What's Changed

ci: Pin govulncheck to v1.1.4 by @stefanprodan in fluxcd/cli-utils#30

Upgrade Go to 1.26 and Kubernetes to 1.36 by @matheuscscp in fluxcd/cli-utils#31

Full Changelog: fluxcd/cli-utils@v1.0.0...v1.1.0

v1.0.0

What's Changed

⚠️ Breaking change: Reduce the project scope to kstatus only by @stefanprodan in fluxcd/cli-utils#27

Update controller-runtime to v0.23.3 by @stefanprodan in fluxcd/cli-utils#28

ci: Setup dependabot and govulncheck by @stefanprodan in fluxcd/cli-utils#29

Full Changelog: fluxcd/cli-utils@v0.38.0-flux.1...v1.0.0

v0.38.0-flux.1

What's Changed

Update readme to document the fork by @stefanprodan in fluxcd/cli-utils#24

Trigger tests on PRs by @matheuscscp in fluxcd/cli-utils#25

fix: async status computation in watcher to prevent multi-minute delays by @mapleeit in fluxcd/cli-utils#20

Update to Kubernetes v1.35.3 by @stefanprodan in fluxcd/cli-utils#26

Full Changelog: https://github.com/fluxcd/cli-utils/commits/v0.38.0-flux.1

Commits

4390742 Merge pull request #31 from fluxcd/go-1.26-k8s-1.36
5723331 Upgrade Go to 1.26 and Kubernetes to 1.36
5efd6fb Merge pull request #30 from fluxcd/govulncheck-v1.1.4
555481e ci: Pin govulncheck to v1.1.4
e2a56bc Merge pull request #29 from fluxcd/ci-scan
bc30a9f ci: Update actions with dependabot
4eb153e ci: Run govulncheck weekly
d9baa70 Merge pull request #28 from fluxcd/controller-runtime-v0.23.3
dc8ab9e Update controller-runtime to v0.23.3
dfed73e Merge pull request #27 from fluxcd/prune-utils
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/ssa from 0.72.0 to 0.73.0

Commits

f1acb23 Merge pull request #1191 from fluxcd/fix-5871
8f3546a ssa: fix incorrect object reference on SkippedAction
a5fa28d Merge pull request #1190 from fluxcd/release-main
7e9c0c0 Prepare for release
9a10458 Merge pull request #1189 from fluxcd/refactor-auth
1923cf3 auth: refactor git credentials
See full diff in compare view

Updates github.com/google/cel-go from 0.26.1 to 0.28.0

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.28.0

High-Level Changes

Enhanced JSON Interoperability: New support for JSON names across the checker, AST, and runtime allows for more seamless data handling when working with JSON-native structures.

Improved Developer Tooling: Integration is now smoother thanks to new utilities for converting Go errors into cel.Issues and more descriptive, context-aware error messages.

Greater Environment Flexibility: You can now redeclare variables as constants and export parse limit options, providing finer control over how CEL environments are configured and constrained.

Native Struct Improvements: Support for mixing CEL and native values within native structs simplifies the handling of complex, hybrid data types.

🚀 Features

Add helper method to check whether a function has a singleton binding in google/cel-go#1266

Helper utility for converting a Go error into cel.Issues in google/cel-go#1267

Policy API improvements in google/cel-go#1268

CEL Test usability requirements in google/cel-go#1269

Better context-related error messages in google/cel-go#1271

Sort env.Config values where reasonable in google/cel-go#1273

Support redeclaring variables as constants in NewEnv in google/cel-go#1275

Add support for exporting parse limit options in google/cel-go#1277

Support mixing CEL values and native values in native structs in google/cel-go#1270

Add checker, AST, and type-provider support for JSON names in google/cel-go#1283

JSON field names runtime support in google/cel-go#1286

Optionally include reachable fieldpaths in prompt in google/cel-go#1285

REPL -- cel-spec pb2 and json name support google/cel-go#1294

🐞 Bug Fixes

Fix support for config-based type references in google/cel-go#1265

Check arg kinds in optional.or and .orValue impl in google/cel-go#1276

Bazel fixes for import in google/cel-go#1278

Support zero-value literals in presence test inlining google/cel-go#1280

Cache concatList.Size() to prevent O(N^2) evaluation time google/cel-go#1291

Preserve runtime error node IDs from Resolve google/cel-go#1290

Default enable identifier escaping with backticks google/cel-go#1295

Cap format string precision to prevent memory exhaustion google/cel-go#1292

🛠️ Maintenance & Internal

chore: Migrate gsutil usage to gcloud storage in google/cel-go#1274

Lint fixes for exported function/type comments in google/cel-go#1279

Lint fixes for import in google/cel-go#1287

Full Changelog: https://github.com/google/cel-go/compare/v0.27.0...v0.28.0-alpha

Release v0.28.0-alpha

High-Level Changes

... (truncated)

Commits

6b8f6d6 fix: cap format string precision to prevent memory exhaustion (#1292)
d942970 Default enable identifier escaping with backticks (#1295)
7114ed2 Preserve runtime error node IDs from Resolve (#1290)
d91350b fix: cache concatList.Size() to prevent O(N^2) evaluation time (#1291)
68bdd8c REPL -- cel-spec pb2 and json name support (#1294)
d19e782 Support zero-value literals in presence test inlining and fix shadowing bugs ...
7c461fc Lint fixes for import (#1287)
09e3119 Optionally include reachable fieldpaths in prompt (#1285)
ae49cd0 Json field names runtime support (#1286)
3624b64 Add checker, ast, and type-provider support for JSON names (#1283)
Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.39.1 to 1.40.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.40.0

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Commits

87ee9d3 v1.40.0
ea66027 v1.40.0 (full)
e3fd789 update docs to reflect new versioning strategy
7d4ee30 first push to master-lite
e4a82d1 Bump github/codeql-action from 3 to 4 (#875)
af62723 Bump rexml from 3.4.0 to 3.4.2 in /docs (#870)
e164221 Bump github.com/onsi/ginkgo/v2 from 2.28.0 to 2.28.1 (#895)
334a282 Bump faraday from 2.12.2 to 2.14.1 in /docs (#896)
See full diff in compare view

Updates go.uber.org/zap from 1.27.1 to 1.28.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.28.0

Enhancements:

#1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.

#1534: uber-go/zap#1534

Changelog

Sourced from go.uber.org/zap's changelog.

1.28.0 (27 Apr 2026)

Enhancements:

#1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.

Commits

5b81b37 release v1.28.0 (#1547)
0ab0d5a zapcore: Add PreWriteHook for transforming entries before write (#1534)
d278c59 [chore] CI: test on Go 1.26 (#1535)
16fb16b chore(dep): replace archived gopkg.in/yaml.v3 with officially maintained go.y...
See full diff in compare view

Updates golang.org/x/text from 0.34.0 to 0.35.0

Commits

7ca2c6d go.mod: update golang.org/x dependencies
73d1ba9 all: upgrade go directive to at least 1.25.0 [generated]
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/fluxcd/cli-utils](https://github.com/fluxcd/cli-utils) | `0.37.2-flux.1` | `1.1.0` | | [github.com/fluxcd/pkg/ssa](https://github.com/fluxcd/pkg) | `0.72.0` | `0.73.0` | | [github.com/google/cel-go](https://github.com/google/cel-go) | `0.26.1` | `0.28.0` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.39.1` | `1.40.0` | | [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.1` | `1.28.0` | Updates `github.com/fluxcd/cli-utils` from 0.37.2-flux.1 to 1.1.0 - [Release notes](https://github.com/fluxcd/cli-utils/releases) - [Commits](fluxcd/cli-utils@v0.37.2-flux.1...v1.1.0) Updates `github.com/fluxcd/pkg/ssa` from 0.72.0 to 0.73.0 - [Commits](fluxcd/pkg@ssa/v0.72.0...ssa/v0.73.0) Updates `github.com/google/cel-go` from 0.26.1 to 0.28.0 - [Release notes](https://github.com/google/cel-go/releases) - [Commits](google/cel-go@v0.26.1...v0.28.0) Updates `github.com/onsi/gomega` from 1.39.1 to 1.40.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.39.1...v1.40.0) Updates `go.uber.org/zap` from 1.27.1 to 1.28.0 - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.27.1...v1.28.0) Updates `golang.org/x/text` from 0.34.0 to 0.35.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: github.com/fluxcd/cli-utils dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/ssa dependency-version: 0.73.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/google/cel-go dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/onsi/gomega dependency-version: 1.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: go.uber.org/zap dependency-version: 1.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: golang.org/x/text dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added the dependencies Pull requests that update a dependency label Apr 30, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-deps group across 1 directory with 6 updates#1478

Bump the go-deps group across 1 directory with 6 updates#1478
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-deps-11525debb3

dependabot Bot commented on behalf of github Apr 30, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.1.0

What's Changed

v1.0.0

What's Changed

v0.38.0-flux.1

What's Changed

Release v0.28.0

High-Level Changes

🚀 Features

🐞 Bug Fixes

🛠️ Maintenance & Internal

Release v0.28.0-alpha

High-Level Changes

v1.40.0

1.40.0

1.40.0

v1.28.0

1.28.0 (27 Apr 2026)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 30, 2026 •

edited

Loading