Skip to content

chore(deps): bump the all group across 1 directory with 8 updates#1637

Merged
tekton-robot merged 2 commits into
mainfrom
dependabot/go_modules/all-de917eee94
Apr 21, 2026
Merged

chore(deps): bump the all group across 1 directory with 8 updates#1637
tekton-robot merged 2 commits into
mainfrom
dependabot/go_modules/all-de917eee94

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 16, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 6 updates in the / directory:

Package From To
cloud.google.com/go/storage 1.62.0 1.62.1
github.com/google/go-containerregistry 0.21.4 0.21.5
github.com/in-toto/go-witness 0.9.2 0.10.0
k8s.io/api 0.35.3 0.35.4
k8s.io/client-go 0.35.3 0.35.4
k8s.io/code-generator 0.35.3 0.35.4

Updates cloud.google.com/go/storage from 1.62.0 to 1.62.1

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.62.1

v1.62.1 (2026-04-13)

Commits
  • f4b10ee chore: librarian release pull request: 20260413T041034Z (#14421)
  • dc245af feat(storage): add client feature tracking support (#14320)
  • cfdd7ba chore(.github/CODEOWNERS): Add AION SDK as code owners for the auth library (...
  • e2d578c test(datastore): skip flaky tests due to datastore contention (#14416)
  • 56e1a62 chore: librarian release pull request: 20260409T222456Z (#14413)
  • 5ca653a chore: regenerate libraries using protobuf 31, and update generation check wo...
  • b4c40aa chore(all): update module go.opentelemetry.io/otel/sdk to v1.43.0 [SECURITY] ...
  • eb896d0 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /comp...
  • 26c0341 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /cont...
  • 8a7febc feat(firestore): Implement Search pipeline stage and related expressions (#14...
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.4 to 0.21.5

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.5

What's Changed

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

Commits
  • 5b80281 build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps gro...
  • b99bca2 build(deps): bump aws-actions/configure-aws-credentials (#2257)
  • f8be1d4 update to Go 1.26.2 (#2255)
  • 87ad88b Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 (#2254)
  • See full diff in compare view

Updates github.com/in-toto/go-witness from 0.9.2 to 0.10.0

Commits
  • ca49d4d chore: bump softprops/action-gh-release from 2.6.1 to 3.0.0 (#703)
  • 905a400 chore: bump actions/upload-artifact from 7.0.0 to 7.0.1 (#702)
  • a589679 chore: bump step-security/harden-runner from 2.16.1 to 2.17.0 (#701)
  • f0ee6dd chore: bump github.com/mattn/go-isatty from 0.0.20 to 0.0.21 (#700)
  • 03c39ab chore: bump fossas/fossa-action from 1.8.0 to 1.9.0 (#697)
  • fba24ec chore(dep): update dependencies and more (#693)
  • 164f71d chore: bump step-security/harden-runner from 2.16.0 to 2.16.1 (#696)
  • 695c252 chore: bump github.com/sigstore/sigstore from 1.10.4 to 1.10.5 (#690)
  • 5f634b5 chore: bump github.com/openvex/go-vex from 0.2.7 to 0.2.8 (#691)
  • c2f9dea chore: bump actions/setup-go from 6.3.0 to 6.4.0 (#692)
  • Additional commits viewable in compare view

Updates golang.org/x/exp from 0.0.0-20250620022241-b7579e27df2b to 0.0.0-20260312153236-7ab1446f8b90

Commits

Updates k8s.io/api from 0.35.3 to 0.35.4

Commits
  • e8f0e9f Update dependencies to v0.35.4 tag
  • 0b2a75e Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • e1ef9bc Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • See full diff in compare view

Updates k8s.io/apimachinery from 0.35.3 to 0.35.4

Commits
  • 475c941 Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 6c08bb5 Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • 45398ef Merge pull request #137927 from lalitc375/cherry-pick-137864
  • b414b94 Fix backport differences for 1.35 (remove WithOrigin and MarkAlpha)
  • f933a4d Add slice and map union member support with tests
  • 977ad5b Use IsZero instead of IsNil for union ratcheting check
  • a128230 Fix union validation ratcheting when oldObj is nil
  • See full diff in compare view

Updates k8s.io/client-go from 0.35.3 to 0.35.4

Commits
  • d43aed2 Update dependencies to v0.35.4 tag
  • 8ebd9bb Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 00b2f2b Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • See full diff in compare view

Updates k8s.io/code-generator from 0.35.3 to 0.35.4

Commits
  • dbc8933 Update dependencies to v0.35.4 tag
  • cb0dd49 Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • b99401c Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • 52e49d4 Merge pull request #137927 from lalitc375/cherry-pick-137864
  • 1e02847 Fix backport differences for 1.35 (remove WithOrigin and MarkAlpha)
  • f76e992 Add slice and map union member support with tests
  • a71a093 Add nil OldValue test coverage for union doc_tests
  • See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
k8s.io/apimachinery [>= 0.23.a, < 0.24]

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Apr 16, 2026
@tekton-robot tekton-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Apr 16, 2026
Bumps the all group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.62.0` | `1.62.1` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.4` | `0.21.5` |
| [github.com/in-toto/go-witness](https://github.com/in-toto/go-witness) | `0.9.2` | `0.10.0` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.35.3` | `0.35.4` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.35.3` | `0.35.4` |
| [k8s.io/code-generator](https://github.com/kubernetes/code-generator) | `0.35.3` | `0.35.4` |



Updates `cloud.google.com/go/storage` from 1.62.0 to 1.62.1
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@spanner/v1.62.0...storage/v1.62.1)

Updates `github.com/google/go-containerregistry` from 0.21.4 to 0.21.5
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.4...v0.21.5)

Updates `github.com/in-toto/go-witness` from 0.9.2 to 0.10.0
- [Release notes](https://github.com/in-toto/go-witness/releases)
- [Commits](in-toto/go-witness@v0.9.2...v0.10.0)

Updates `golang.org/x/exp` from 0.0.0-20250620022241-b7579e27df2b to 0.0.0-20260312153236-7ab1446f8b90
- [Commits](https://github.com/golang/exp/commits)

Updates `k8s.io/api` from 0.35.3 to 0.35.4
- [Commits](kubernetes/api@v0.35.3...v0.35.4)

Updates `k8s.io/apimachinery` from 0.35.3 to 0.35.4
- [Commits](kubernetes/apimachinery@v0.35.3...v0.35.4)

Updates `k8s.io/client-go` from 0.35.3 to 0.35.4
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.35.3...v0.35.4)

Updates `k8s.io/code-generator` from 0.35.3 to 0.35.4
- [Commits](kubernetes/code-generator@v0.35.3...v0.35.4)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-version: 1.62.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/in-toto/go-witness
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/exp
  dependency-version: 0.0.0-20260312153236-7ab1446f8b90
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/code-generator
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/all-de917eee94 branch from fc4272b to ef1ef7f Compare April 20, 2026 16:43
Signed-off-by: Anitha Natarajan <anataraj@redhat.com>
@anithapriyanatarajan

Copy link
Copy Markdown
Contributor

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 21, 2026
@anithapriyanatarajan

Copy link
Copy Markdown
Contributor

/approve

@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anithapriyanatarajan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:
  • OWNERS [anithapriyanatarajan]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 21, 2026
@tekton-robot tekton-robot merged commit 05d8255 into main Apr 21, 2026
20 checks passed
@dependabot dependabot Bot deleted the dependabot/go_modules/all-de917eee94 branch April 21, 2026 10:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants