chore: bump the gomod-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the gomod-dependencies group with 5 updates in the / directory:

Package	From	To
github.com/jaypipes/ghw	0.17.0	0.19.0
github.com/k8snetworkplumbingwg/network-attachment-definition-client	1.7.5	1.7.7
github.com/onsi/gomega	1.37.0	1.38.1
github.com/stretchr/testify	1.10.0	1.11.0
google.golang.org/grpc	1.73.0	1.75.0

Updates github.com/jaypipes/ghw from 0.17.0 to 0.19.0

Release notes

Sourced from github.com/jaypipes/ghw's releases.

v0.19.0

What's Changed

• fix: only mark non-rotational HDDs as SSD by @​dudyas6 in jaypipes/ghw#422
• uplift all third-party dependencies by @​jaypipes in jaypipes/ghw#423

New Contributors

• @​dudyas6 made their first contribution in jaypipes/ghw#422

Full Changelog: jaypipes/ghw@v0.0.18...v0.19.0

Commits

• 0dc4664 Merge pull request #423 from jaypipes/deps
• e844def uplift all third-party dependencies
• 6633b10 Merge pull request #422 from dudyas6/ssd-detecting
• 7ba5253 Add comment to explain the change in behaviour
• 066e436 fix: only mark non-rotational HDDs as SSD
• d0f46e2 Merge pull request #419 from jaypipes/jaypipes/windows-accel
• 8259033 make pkg/accelerator.Info() return empty not error
• ffa8970 Merge pull request #416 from jaypipes/cleanups
• 18b5d56 update GH actions
• ab608e5 Merge pull request #415 from OrbintSoft/pass-options-pci
• Additional commits viewable in compare view

Updates github.com/jaypipes/pcidb from 1.0.1 to 1.1.0

Release notes

Sourced from github.com/jaypipes/pcidb's releases.

v1.1.0

What's Changed

• tidy up library and disable harden-runner by @​jaypipes in jaypipes/pcidb#33
• update golangci-lint by @​jaypipes in jaypipes/pcidb#34
• remove mitchellh/go-homedir dep by @​jaypipes in jaypipes/pcidb#35
• update docs on discovery, add examples by @​jaypipes in jaypipes/pcidb#37

Full Changelog: jaypipes/pcidb@v1.0.1...v1.1.0

Commits

• 0cfb7ab correct bad link in README, again
• dee974b correct bad link in README
• 097bc9d Merge pull request #37 from jaypipes/doc-direct-path
• 9679ff7 update docs on discovery, add examples
• aae91f1 Merge pull request #35 from jaypipes/deps
• 083e13a remove mitchellh/go-homedir dep
• 4829d32 Merge pull request #34 from jaypipes/linter-fix
• 75ea205 update golangci-lint
• cfa2831 Merge pull request #33 from jaypipes/cleanup
• 97f0f89 update harden-runner Github Action step
• Additional commits viewable in compare view

Updates github.com/k8snetworkplumbingwg/network-attachment-definition-client from 1.7.5 to 1.7.7

Release notes

Sourced from github.com/k8snetworkplumbingwg/network-attachment-definition-client's releases.

1.7.7

This release contains a few fixes described below

Fix IP assignment for plugins without interface index Restores behavior assigning IPs without interface index to the last network status, fixing a regression.

Minor update to net-attach-def_test.go in the pkg/utils package.

Allow multiple IP sources in NetworkSelectionElement Removes restriction so both ipam-claim-reference and IPRequest can be used together for flexible IP management.

Full Changelog: k8snetworkplumbingwg/network-attachment-definition-client@v1.7.6...v1.7.7

v1.7.6

This release fixes a regression affecting CNI plugins that do not specify interfaces in their CNI ADD result.

Previously, IP addresses returned without an associated interface index were not being assigned to any network-status entry. This release restores the prior behavior by assigning such IPs to the last network status (i.e., the last sandboxed interface), ensuring consistent handling across plugins, especially those that omit the interfaces field entirely.

This change is important for compatibility with certain CNI plugins and maintains expected behavior from earlier versions of the net-attach-def library.

Special thanks to @​Brian-McM for identifying the issue and providing the fix!

Commits

• 46fcc41 Merge pull request #80 from qinqon/remove-ip-sources-limitation-upstream
• 372cca2 Remove TooManyIPSources limitation for NetworkSelectionElement
• e12bd55 Merge pull request #77 from Brian-McM/assign-ips-with-no-interface-to-default...
• 77dfd49 Update pkg/utils/net-attach-def_test.go
• 1945b69 Assign IPs that don't have an interface index to the last network status
• See full diff in compare view

Updates github.com/onsi/gomega from 1.37.0 to 1.38.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.1

1.38.1

Fixes

Numerous minor fixes and dependency bumps

v1.38.0

1.38.0

Features

• gstruct handles extra unexported fields [4ee7ed0]

Fixes

• support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

• Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
• Fix typo [acd1f55]
• Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
• Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
• Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
• Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
• Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
• Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.1

Fixes

Numerous minor fixes and dependency bumps

1.38.0

Features

• gstruct handles extra unexported fields [4ee7ed0]

Fixes

• support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

• Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]
• Fix typo [acd1f55]
• Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]
• Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]
• Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]
• Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]
• Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]
• Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]
• Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Commits

• c36e89a v1.38.1
• 92eaa57 go mod tidy
• b9ed3cd deprecate CompileTest*
• 2a5bf77 fix invalid fmt.Errorf
• 3e9e385 bump ginkgo
• 7f37abe Replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3
• 69e4761 fix(async_assertion): use correct error in errors.As
• 95737c0 Bump golang.org/x/net from 0.41.0 to 0.43.0 (#856)
• 91b20ea chore: fix Go vet issue with Go 1.15
• 6823587 Bump nokogiri from 1.18.8 to 1.18.9 in /docs (#854)
• Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

• Call stack perf change for CallerInfo by @​mikeauclair in stretchr/testify#1614
• Lazily render mock diff output on successful match by @​mikeauclair in stretchr/testify#1615
• assert: check early in Eventually, EventuallyWithT, and Never by @​cszczepaniak in stretchr/testify#1427
• assert: add IsNotType by @​bartventer in stretchr/testify#1730
• assert.JSONEq: shortcut if same strings by @​dolmen in stretchr/testify#1754
• assert.YAMLEq: shortcut if same strings by @​dolmen in stretchr/testify#1755
• assert: faster and simpler isEmpty using reflect.Value.IsZero by @​dolmen in stretchr/testify#1761
• suite: faster methods filtering (internal refactor) by @​dolmen in stretchr/testify#1758

Fixes

• assert.ErrorAs: log target type by @​craig65535 in stretchr/testify#1345
• Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062
• Improve ErrorIs message when error is nil but an error was expected by @​tsioftas in stretchr/testify#1681
• fix Subset/NotSubset when calling with mixed input types by @​siliconbrain in stretchr/testify#1729
• Improve ErrorAs failure message when error is nil by @​ccoVeille in stretchr/testify#1734
• mock.AssertNumberOfCalls: improve error msg by @​3scalation in stretchr/testify#1743

Documentation, Build & CI

• docs: Fix typo in README by @​alexandear in stretchr/testify#1688
• Replace deprecated io/ioutil with io and os by @​alexandear in stretchr/testify#1684
• Document consequences of calling t.FailNow() by @​greg0ire in stretchr/testify#1710
• chore: update docs for Unset #1621 by @​techfg in stretchr/testify#1709
• README: apply gofmt to examples by @​alexandear in stretchr/testify#1687
• refactor: use %q and %T to simplify fmt.Sprintf by @​alexandear in stretchr/testify#1674
• Propose Christophe Colombier (ccoVeille) as approver by @​brackendawson in stretchr/testify#1716
• Update documentation for the Error function in assert or require package by @​architagr in stretchr/testify#1675
• assert: remove deprecated build constraints by @​alexandear in stretchr/testify#1671
• assert: apply gofumpt to internal test suite by @​ccoVeille in stretchr/testify#1739
• CI: fix shebang in .ci.*.sh scripts by @​dolmen in stretchr/testify#1746
• assert,require: enable parallel testing on (almost) all top tests by @​dolmen in stretchr/testify#1747
• suite.Passed: add one more status test report by @​Ararsa-Derese in stretchr/testify#1706
• Add Helper() method in internal mocks and assert.CollectT by @​dolmen in stretchr/testify#1423
• assert.Same/NotSame: improve usage of Sprintf by @​ccoVeille in stretchr/testify#1742
• mock: enable parallel testing on internal testsuite by @​dolmen in stretchr/testify#1756
• suite: cleanup use of 'testing' internals at runtime by @​dolmen in stretchr/testify#1751
• assert: check test failure message for Empty and NotEmpty by @​ccoVeille in stretchr/testify#1745
• deps: fix dependency cycle with objx (again) by @​dolmen in stretchr/testify#1567
• assert.Empty: comprehensive doc of "Empty"-ness rules by @​dolmen in stretchr/testify#1753
• doc: improve godoc of top level 'testify' package by @​dolmen in stretchr/testify#1760
• assert.ErrorAs: simplify retrieving the type name by @​ccoVeille in stretchr/testify#1740
• assert.EqualValues: improve test coverage to 100% by @​dolmen in stretchr/testify#1763
• suite.Run: simplify running of Setup/TeardownSuite by @​renzoarreaza in stretchr/testify#1769
• assert.CallerInfo: micro optimization by using LastIndexByte by @​dolmen in stretchr/testify#1767
• assert.CallerInfo: micro cleanup by @​dolmen in stretchr/testify#1768
• assert: refactor TestFileExists and TestDirExists tests to enable parallel testing by @​dolmen in stretchr/testify#1766

... (truncated)

Commits

• b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
• 69831f3 build(deps): bump actions/checkout from 4 to 5
• a53be35 Improve captureTestingT helper
• aafb604 mock: improve formatting of error message
• 7218e03 improve error msg
• 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
• bc7459e suite: faster filtering of methods (-testify.m)
• 7d37b5c suite: refactor methodFilter
• c58bc90 Merge pull request #1764 from stretchr/dolmen/suite-refactor-stats-for-readab...
• 87101a6 suite.Run: refactor handling of stats
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.73.0 to 1.75.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.75.0

Behavior Changes

• xds: Remove support for GRPC_EXPERIMENTAL_XDS_FALLBACK environment variable. Fallback support can no longer be disabled. (#8482)
• stats: Introduce DelayedPickComplete event, a type alias of PickerUpdated. (#8465)
  • This (combined) event will now be emitted only once per call, when a transport is successfully selected for the attempt.
  • OpenTelemetry metrics will no longer have multiple "Delayed LB pick complete" events in Go, matching other gRPC languages.
  • A future release will delete the PickerUpdated symbol.
• credentials: Properly apply grpc.WithAuthority as the highest-priority option for setting authority, above the setting in the credentials themselves. (#8488)
  • Now that this WithAuthority is available, the credentials should not be used to override the authority.
• round_robin: Randomize the order in which addresses are connected to in order to spread out initial RPC load between clients. (#8438)
• server: Return status code INTERNAL when a client sends more than one request in unary and server streaming RPC. (#8385)
  • This is a behavior change but also a bug fix to bring gRPC-Go in line with the gRPC spec.

New Features

• dns: Add an environment variable (GRPC_ENABLE_TXT_SERVICE_CONFIG) to provide a way to disable TXT lookups in the DNS resolver (by setting it to false). By default, TXT lookups are enabled, as they were previously. (#8377)

Bug Fixes

• xds: Fix regression preventing empty node IDs in xDS bootstrap configuration. (#8476)
  • Special Thanks: @​davinci26
• xds: Fix possible panic when certain invalid resources are encountered. (#8412)
  • Special Thanks: @​wooffie
• xdsclient: Fix a rare panic caused by processing a response from a closed server. (#8389)
• stats: Fix metric unit formatting by enclosing non-standard units like call and endpoint in curly braces to comply with UCUM and gRPC OpenTelemetry guidelines. (#8481)
• xds: Fix possible panic when clusters are removed from the xds configuration. (#8428)
• xdsclient: Fix a race causing "resource doesn not exist" when rapidly subscribing and unsubscribing to the same resource. (#8369)
• client: When determining the authority, properly percent-encode (if needed, which is unlikely) when the target string omits the hostname and only specifies a port (grpc.NewClient(":<port-number-or-name>")). (#8488)

Release 1.74.2

New Features

• grpc: introduce new DialOptions and ServerOptions (WithStaticStreamWindowSize, WithStaticConnWindowSize, StaticStreamWindowSize, StaticConnWindowSize) that force fixed window sizes for all HTTP/2 connections. By default, gRPC uses dynamic sizing of these windows based upon a BDP estimation algorithm. The existing options (WithInitialWindowSize, etc) also disable BDP estimation, but this behavior will be changed in a following release. (#8283)

API Changes

• balancer: add ExitIdle method to Balancer interface. Earlier, implementing this method was optional. (#8367)

Behavior Changes

• xds: Remove the GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST environment variable that allows disabling the least request balancer with xDS. Least request was made available by default with xDS in v1.72.0. (#8248)
  • Special Thanks: @​atollena
• server: allow 0s grpc-timeout header values, which older gRPC-Java versions could send. This restores the behavior of grpc-go before v1.73.0. (#8439)

Bug Fixes

• googledirectpath: avoid logging the error message Attempt to set a bootstrap configuration... when creating multiple directpath channels. (#8419)

Performance Improvements

... (truncated)

Commits

• b9788ef Change version to 1.75.0 (#8493)
• 2bd74b2 credentials: fix behavior of grpc.WithAuthority and credential handshake prec...
• 9fa3267 xds: remove xds client fallback environment variable (#8482)
• 62ec29f grpc: Fix cardinality violations in non-client streaming RPCs. (#8385)
• 85240a5 stats: change non-standard units to annotations (#8481)
• ac13172 update deps (#8478)
• 0a895bc examples/opentelemetry: use experimental metrics in example (#8441)
• 8b61e8f xdsclient: do not process updates from closed server channels (#8389)
• 7238ab1 Allow empty nodeID (#8476)
• 9186ebd cleanup: use slices.Equal to simplify code (#8472)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coveralls]

Pull Request Test Coverage Report for Build 17924557389

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 74.508%

---

Totals
Change from base Build 17769727857:	0.0%
Covered Lines:	2122
Relevant Lines:	2848

---

💛 - Coveralls

[dependabot]

Dependabot wasn't able to update downloading. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot wasn't able to update downloading. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot wasn't able to update downloading. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot wasn't able to update downloading. Because of this, Dependabot cannot update this pull request.