chore(deps): bump the go group with 11 updates#2035
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Bumps the go group with 11 updates: | Package | From | To | | --- | --- | --- | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.27` | `1.32.29` | | [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2) | `1.19.26` | `1.19.28` | | [github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager](https://github.com/aws/aws-sdk-go-v2) | `0.2.13` | `0.3.1` | | [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) | `1.58.6` | `1.59.0` | | [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.104.2` | `1.105.0` | | [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) | `2.3.2` | `2.3.3` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.53.0` | `0.54.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.56.0` | `0.57.0` | | [golang.org/x/text](https://github.com/golang/text) | `0.38.0` | `0.40.0` | | [helm.sh/helm/v4](https://github.com/helm/helm) | `4.2.2` | `4.2.3` | | [oras.land/oras-go/v2](https://github.com/oras-project/oras-go) | `2.6.1` | `2.6.2` | Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.27 to 1.32.29 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.32.27...config/v1.32.29) Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.19.26 to 1.19.28 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.19.26...credentials/v1.19.28) Updates `github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager` from 0.2.13 to 0.3.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@feature/s3/transfermanager/v0.2.13...service/internal/s3shared/v0.3.1) Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.58.6 to 1.59.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/ecr/v1.58.6...service/s3/v1.59.0) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.104.2 to 1.105.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.104.2...service/s3/v1.105.0) Updates `github.com/containerd/containerd/v2` from 2.3.2 to 2.3.3 - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v2.3.2...v2.3.3) Updates `golang.org/x/crypto` from 0.53.0 to 0.54.0 - [Commits](golang/crypto@v0.53.0...v0.54.0) Updates `golang.org/x/net` from 0.56.0 to 0.57.0 - [Commits](golang/net@v0.56.0...v0.57.0) Updates `golang.org/x/text` from 0.38.0 to 0.40.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.38.0...v0.40.0) Updates `helm.sh/helm/v4` from 4.2.2 to 4.2.3 - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v4.2.2...v4.2.3) Updates `oras.land/oras-go/v2` from 2.6.1 to 2.6.2 - [Release notes](https://github.com/oras-project/oras-go/releases) - [Commits](oras-project/oras-go@v2.6.1...v2.6.2) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-version: 1.32.29 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-version: 1.19.28 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/transfermanager dependency-version: 0.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr dependency-version: 1.59.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-version: 1.105.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: github.com/containerd/containerd/v2 dependency-version: 2.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: golang.org/x/crypto dependency-version: 0.54.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/net dependency-version: 0.57.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: golang.org/x/text dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go - dependency-name: helm.sh/helm/v4 dependency-version: 4.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go - dependency-name: oras.land/oras-go/v2 dependency-version: 2.6.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the go group with 11 updates:
1.32.271.32.291.19.261.19.280.2.130.3.11.58.61.59.01.104.21.105.02.3.22.3.30.53.00.54.00.56.00.57.00.38.00.40.04.2.24.2.32.6.12.6.2Updates
github.com/aws/aws-sdk-go-v2/configfrom 1.32.27 to 1.32.29Commits
ed75d3dRelease 2026-07-08.2d67404aRegenerated Clients8a21e09Update API modelcb69824Release 2026-07-080f18a1fRegenerated Clients982e0d0Update API model2872baeAdd missing options.RequestChecksumCalculation (#3470)ef1f0fefix(feature/s3/transfermanager): allow multiple symlinks to share the same ta...0df1b91Release 2026-07-07b4ef730Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/credentialsfrom 1.19.26 to 1.19.28Commits
ed75d3dRelease 2026-07-08.2d67404aRegenerated Clients8a21e09Update API modelcb69824Release 2026-07-080f18a1fRegenerated Clients982e0d0Update API model2872baeAdd missing options.RequestChecksumCalculation (#3470)ef1f0fefix(feature/s3/transfermanager): allow multiple symlinks to share the same ta...0df1b91Release 2026-07-07b4ef730Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/feature/s3/transfermanagerfrom 0.2.13 to 0.3.1Commits
eecb375Release 2020-10-30de723b1checkout for release metadata8f61400regenerated clientsffc8bcdUpdate tests to use camel-cased enums0a71fb9Update generated code1ea978eAutomatically filter streaming operations472c933Update generated code4f64b96smithy-go replace commands (#865)0061141Merge pull request #858 from aws/xmlnamespace-on-service72580deuncomment xmlns attr addition for putBucketAccelerateConfigration operationUpdates
github.com/aws/aws-sdk-go-v2/service/ecrfrom 1.58.6 to 1.59.0Commits
1d44177Release 2024-08-15bab4916Regenerated Clients2d4ecf5Update endpoints modeldf4f4e1Update API model51ca5b5bump smithy-go and go version (#2750)39ddd61Release 2024-08-14ffaf282Regenerated Clients6beafa8Update API model57f6f2dRelease 2024-08-13cdeb8a6Regenerated ClientsUpdates
github.com/aws/aws-sdk-go-v2/service/s3from 1.104.2 to 1.105.0Commits
fc087caRelease 2026-07-06a0dc66eRegenerated Clients0e93979Update endpoints model1e51eb5Update API modela4cd1c9add serialization snapshot tests (#3463)8d5a855set rollout strategy 2 (#3467)bdb9681Release 2026-07-02dad37d5Regenerated Clients019a359Update endpoints modelc51ba98Update API modelUpdates
github.com/containerd/containerd/v2from 2.3.2 to 2.3.3Release notes
Sourced from github.com/containerd/containerd/v2's releases.
... (truncated)
Commits
aad1100Merge pull request #13750 from chrishenzie/prepare-v2.3.37f6cee0Prepare release notes for v2.3.3bc63467Merge pull request #13744 from AkihiroSuda/cherrypick-13728-2.37316210CI: migrate Vagrant to Limadc84019Merge pull request #13738 from k8s-infra-cherrypick-robot/cherry-pick-13547-t...457fba3remotes: surface OCI error body on HEAD 403 via GET fallback5e5581fMerge pull request #13732 from k8s-infra-cherrypick-robot/cherry-pick-13725-t...dc2df93Update go to 1.26.5e2240efMerge pull request #13711 from k8s-infra-cherrypick-robot/cherry-pick-13707-t...5be0495ci: pin fog-json to resolve gem conflictUpdates
golang.org/x/cryptofrom 0.53.0 to 0.54.0Commits
cdce021go.mod: update golang.org/x dependenciesd9474ccopenpgp: make the deprecation message more explicit7626c50ssh: verify declared key type matches decoded key in authorized_keys0471e79ssh/agent: enforce strict limits on DSA key parameters6435c37ssh: sanitize client disconnect messages7d695dassh/agent: drain channel stderr in agent forwarders5b7f841acme/autocert: fix data race in Manager.createCert0b316e7argon2: update RFC 9106 parameter recommendations55aec0ax509roots/fallback: update bundle5f2de1ainternal: remove wycheproof testsUpdates
golang.org/x/netfrom 0.56.0 to 0.57.0Commits
b8f09f6go.mod: update golang.org/x dependenciesf05f21bidna: reject all-ASCII xn-- labels on all Go versions0f748cfinternal/http3: clean up stream I/O methods usages in tests0bb961einternal/http3: add net/http.ResponseController support0ca694dwebdav: document Dir's lack of defense against filesystem modificationbd5f1dchttp2: initialize Transport on NewClientConn488ff63bpf: add security considerations to package docs93d1f25xsrftoken: avoid token collisions5a3baeeinternal/http3: prevent panic in QPACK decoder due to overflowUpdates
golang.org/x/textfrom 0.38.0 to 0.40.0Commits
724af9cgo.mod: update golang.org/x dependenciesbf5b9d6internal/export/idna: always treat Punycode encoding pure ASCII as an errorb326f3dgo.mod: update golang.org/x dependencies5ae8e57unicode/norm: avoid infinite loop on invalid input0dc94a2all: fix some commentsUpdates
helm.sh/helm/v4from 4.2.2 to 4.2.3Release notes
Sourced from helm.sh/helm/v4's releases.
Commits
43e8b7fchore(deps): bump golang.org/x/crypto from 0.53.0 to 0.54.0Updates
oras.land/oras-go/v2from 2.6.1 to 2.6.2Release notes
Sourced from oras.land/oras-go/v2's releases.
Commits
105715erelease: v2.6.2 (#1235)31da196Merge commit from forkadab2f2Merge commit from fork948a1dcbuild(deps): bump golang.org/x/sync from 0.21.0 to 0.22.0 (#1242)c463c65fix: prevent hardlink path traversal via process CWD (GHSA-fxhp-mv3v-67qp) (#...91c04abfix(content): bound ReadAll allocation by content, not descriptor size (#1223)314e836fix: bound tag and referrer list pagination to prevent unbounded requests (#1...122e88fbuild(deps): bump golang.org/x/sync from 0.20.0 to 0.21.0 (#1208)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions