Bump the gomod-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the gomod-dependencies group with 4 updates in the / directory: github.com/k8snetworkplumbingwg/network-attachment-definition-client, github.com/onsi/gomega, google.golang.org/grpc and k8s.io/kubelet.

Updates github.com/k8snetworkplumbingwg/network-attachment-definition-client from 1.7.5 to 1.7.7

Release notes

Sourced from github.com/k8snetworkplumbingwg/network-attachment-definition-client's releases.

1.7.7

This release contains a few fixes described below

Fix IP assignment for plugins without interface index Restores behavior assigning IPs without interface index to the last network status, fixing a regression.

Minor update to net-attach-def_test.go in the pkg/utils package.

Allow multiple IP sources in NetworkSelectionElement Removes restriction so both ipam-claim-reference and IPRequest can be used together for flexible IP management.

Full Changelog: k8snetworkplumbingwg/network-attachment-definition-client@v1.7.6...v1.7.7

v1.7.6

This release fixes a regression affecting CNI plugins that do not specify interfaces in their CNI ADD result.

Previously, IP addresses returned without an associated interface index were not being assigned to any network-status entry. This release restores the prior behavior by assigning such IPs to the last network status (i.e., the last sandboxed interface), ensuring consistent handling across plugins, especially those that omit the interfaces field entirely.

This change is important for compatibility with certain CNI plugins and maintains expected behavior from earlier versions of the net-attach-def library.

Special thanks to @​Brian-McM for identifying the issue and providing the fix!

Commits

• 46fcc41 Merge pull request #80 from qinqon/remove-ip-sources-limitation-upstream
• 372cca2 Remove TooManyIPSources limitation for NetworkSelectionElement
• e12bd55 Merge pull request #77 from Brian-McM/assign-ips-with-no-interface-to-default...
• 77dfd49 Update pkg/utils/net-attach-def_test.go
• 1945b69 Assign IPs that don't have an interface index to the last network status
• See full diff in compare view

Updates github.com/onsi/gomega from 1.37.0 to 1.38.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.0

1.38.0

Features

• gstruct handles extra unexported fields [4ee7ed0]

Fixes

• support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

• Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
• Fix typo [acd1f55]
• Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
• Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
• Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
• Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
• Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
• Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.0

Features

• gstruct handles extra unexported fields [4ee7ed0]

Fixes

• support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

• Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
• Fix typo [acd1f55]
• Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
• Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
• Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
• Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
• Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
• Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Commits

• c1237df v1.38.0
• 36bbf72 support [] in IgnoringTopFunction function signatures (#851)
• 4ee7ed0 gstruct handles extra unexported fields
• 529d408 Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846)
• acd1f55 Fix typo
• bae65a0 Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835)
• 8dda91f Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842)
• 212d812 Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843)
• 59bd7f9 Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839)
• 328c729 Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.73.0 to 1.74.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.74.2

New Features

• grpc: introduce new DialOptions and ServerOptions (WithStaticStreamWindowSize, WithStaticConnWindowSize, StaticStreamWindowSize, StaticConnWindowSize) that force fixed window sizes for all HTTP/2 connections. By default, gRPC uses dynamic sizing of these windows based upon a BDP estimation algorithm. The existing options (WithInitialWindowSize, etc) also disable BDP estimation, but this behavior will be changed in a following release. (#8283)

API Changes

• balancer: add ExitIdle method to Balancer interface. Earlier, implementing this method was optional. (#8367)

Behavior Changes

• xds: Remove the GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST environment variable that allows disabling the least request balancer with xDS. Least request was made available by default with xDS in v1.72.0. (#8248)
  • Special Thanks: @​atollena
• server: allow 0s grpc-timeout header values, which older gRPC-Java versions could send. This restores the behavior of grpc-go before v1.73.0. (#8439)

Bug Fixes

• googledirectpath: avoid logging the error message Attempt to set a bootstrap configuration... when creating multiple directpath channels. (#8419)

Performance Improvements

• transport: reduce heap allocations by pooling objects and avoiding method-to-closure conversions. (#8361)
• transport: reduce heap allocations by re-using mem.Reader objects. (#8360)

Documentation

• examples: add examples to demonstrate enabling experimental metrics using the OpenTelemetry plugin. (#8388)
  • Special Thanks: @​vinothkumarr227

Release 1.74.1

Version 1.74.1 retracts release v1.74.0 and itself. Release 1.74.0 was accidentally tagged on the wrong commit and should not be used. Version 1.73.0 should be used until 1.74.2 is released.

Release 1.74.0 was accidentally tagged on the wrong commit and should not be used. Version 1.73.0 should be used until 1.74.1 is released.

Commits

• e9e00cb Change version to 1.74.2 (#8470)
• bd7cb0a Change version to 1.74.2-dev (#8461)
• 002a22c Change version to 1.74.1 (#8455)
• 6e8e7e4 Retract v1.74.0 and v1.74.1 (#8457)
• 48c9e4d Change version to 1.74.1-dev (#8408)
• b8b6cff Change version to 1.74.0 (#8407)
• 077e2c3 Cherry-pick #8411, #8419, #8422, #8445 and #8451 to v1.74.x (#8454)
• b34f845 server: allow 0s grpc-timeout header values, as java is known to be able to s...
• 1787f94 xdsclient: export genericResourceTypeDecoder (#8406)
• 15299cc xdsclient: make a function to return the supported resource type implementati...
• Additional commits viewable in compare view

Updates k8s.io/kubelet from 0.32.0 to 0.33.3

Commits

• f9b0b5e Update dependencies to v0.33.3 tag
• c6b3504 Merge remote-tracking branch 'origin/master' into release-1.33
• 1e1109b Move to released version of prometheus/client_golang v1.22.0 from rc.0
• b83c32f bump etcd 3.5.21 sdk
• 533c0cb Merge pull request #130701 from roycaihw/psi-metrics
• cd9f99a Merge pull request #129296 from carlory/fg-CPUManager
• f5162a4 API definition for PSI metrics
• 2459d5b Remove general available feature-gate CPUManager
• 6abc4fc Merge pull request #129872 from seans3/websocket-https-proxy
• 7395334 Merge pull request #130535 from ffromani/cpumanager-policy-options-ga
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.