chore(deps): bump the all group with 13 updates#1727
Merged
vdemeester merged 1 commit intoJun 30, 2026
Merged
Conversation
Bumps the all group with 13 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.57.1` | `1.57.2` | | [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.20.7` | `0.20.8` | | [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.6.2` | `2.6.3` | | [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.10.3` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) | `1.10.3` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/azure](https://github.com/sigstore/sigstore) | `1.10.3` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) | `1.10.3` | `1.10.8` | | [github.com/sigstore/sigstore/pkg/signature/kms/hashivault](https://github.com/sigstore/sigstore) | `1.10.3` | `1.10.8` | | [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.56.0` | `0.56.9` | | [k8s.io/api](https://github.com/kubernetes/api) | `0.34.1` | `0.34.9` | | [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.34.1` | `0.34.9` | | [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.34.1` | `0.34.9` | | [k8s.io/code-generator](https://github.com/kubernetes/code-generator) | `0.26.5` | `0.26.15` | Updates `cloud.google.com/go/storage` from 1.57.1 to 1.57.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@storage/v1.57.1...storage/v1.57.2) Updates `github.com/google/go-containerregistry` from 0.20.7 to 0.20.8 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.20.7...v0.20.8) Updates `github.com/sigstore/cosign/v2` from 2.6.2 to 2.6.3 - [Release notes](https://github.com/sigstore/cosign/releases) - [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md) - [Commits](sigstore/cosign@v2.6.2...v2.6.3) Updates `github.com/sigstore/sigstore` from 1.10.3 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.3...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/aws` from 1.10.3 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.3...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/azure` from 1.10.3 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.3...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/gcp` from 1.10.3 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.3...v1.10.8) Updates `github.com/sigstore/sigstore/pkg/signature/kms/hashivault` from 1.10.3 to 1.10.8 - [Release notes](https://github.com/sigstore/sigstore/releases) - [Commits](sigstore/sigstore@v1.10.3...v1.10.8) Updates `github.com/tektoncd/pipeline` from 0.56.0 to 0.56.9 - [Release notes](https://github.com/tektoncd/pipeline/releases) - [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md) - [Commits](tektoncd/pipeline@v0.56.0...v0.56.9) Updates `k8s.io/api` from 0.34.1 to 0.34.9 - [Commits](kubernetes/api@v0.34.1...v0.34.9) Updates `k8s.io/apimachinery` from 0.34.1 to 0.34.9 - [Commits](kubernetes/apimachinery@v0.34.1...v0.34.9) Updates `k8s.io/client-go` from 0.34.1 to 0.34.9 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.34.1...v0.34.9) Updates `k8s.io/code-generator` from 0.26.5 to 0.26.15 - [Commits](kubernetes/code-generator@v0.26.5...v0.26.15) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-version: 1.57.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/google/go-containerregistry dependency-version: 0.20.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/cosign/v2 dependency-version: 2.6.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/azure dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/hashivault dependency-version: 1.10.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github.com/tektoncd/pipeline dependency-version: 0.56.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/api dependency-version: 0.34.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/apimachinery dependency-version: 0.34.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/client-go dependency-version: 0.34.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: k8s.io/code-generator dependency-version: 0.26.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
|
/lgtm |
Member
|
/approve |
1 similar comment
Member
|
/approve |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jkhelil The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
Member
|
@vdemeester Can you merge this please |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the all group with 13 updates:
1.57.11.57.20.20.70.20.82.6.22.6.31.10.31.10.81.10.31.10.81.10.31.10.81.10.31.10.81.10.31.10.80.56.00.56.90.34.10.34.90.34.10.34.90.34.10.34.90.26.50.26.15Updates
cloud.google.com/go/storagefrom 1.57.1 to 1.57.2Commits
54f5f63chore: librarian release pull request: 20251114T145800Z (#13361)315f65bfix(spanner): decoding spanner rows using SelectAll should map values in corr...d1224e8test(spanner): additional tests for SelectAll() (#13360)b9196cffeat: Add grpc.xds.resource_type label to xDS client metrics (#13358)b0f1362fix(storage): Handle redirect on takeover. (#13354)5574f5bchore: librarian update image pull request: 20251113T211851Z (#13355)3fef58bchore(internal/librariangen): bump gapic-generator-go to 0.55.1 (#13352)e978a68chore: update the go version in renovate.json (#13348)29b6c97chore: librarian update image pull request: 20251112T170525Z (#13346)1f4da37chore(internal/librariangen): bump gapic-generator-go to 0.55.0 (#13345)Updates
github.com/google/go-containerregistryfrom 0.20.7 to 0.20.8Commits
b58334fDisable taint gosec lints (#2215)88b39edBump the go-deps group across 3 directories with 3 updates (#2213)102ac75join go.mod dependency updates (#2212)d5817d5Bump go version across packages to 1.25.6 (#2211)23f0632Fix error messages in crane_test.go (#2189)438abdeBump the root-deps group across 1 directory with 7 updates (#2195)b6eadd8Bump the actions group across 1 directory with 4 updates (#2207)93aa273Improve performance of v1.NewHash (#2194)795787cmutate: don't skip dir replacements via whiteout in export (#2191)Updates
github.com/sigstore/cosign/v2from 2.6.2 to 2.6.3Release notes
Sourced from github.com/sigstore/cosign/v2's releases.
Changelog
Sourced from github.com/sigstore/cosign/v2's changelog.
Commits
fecddd3Fix DSSE predicate check (#4802)564c5b1Backport bundle detection to sign and attest (#4727)Updates
github.com/sigstore/sigstorefrom 1.10.3 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/awsfrom 1.10.3 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/aws's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/azurefrom 1.10.3 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/azure's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/gcpfrom 1.10.3 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/gcp's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/sigstore/sigstore/pkg/signature/kms/hashivaultfrom 1.10.3 to 1.10.8Release notes
Sourced from github.com/sigstore/sigstore/pkg/signature/kms/hashivault's releases.
Commits
c761681Support standard PKCS#8 encrypted private key decryption (#2333)005faf9Extend PEM private key unmarshalling to support legacy format (#2332)e70e4edadd functional options to DSSE to improve memory usage, validation (#2326)899684dbuild(deps): Bump github.com/letsencrypt/boulder (#2307)181dc40build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#2308)2c141a7build(deps): Bump golangci/golangci-lint-action in the all group (#2328)b6c0214build(deps): Bump actions/upload-artifact from 6.0.0 to 7.0.1 (#2329)2ff50c9build(deps): Bump actions/dependency-review-action from 4.8.3 to 5.0.0 (#2330)d0204c3build(deps): Bump hashicorp/vault from 1.21.4 to 2.0.1 in /test/e2e (#2331)afdf897build(deps): Bump google.golang.org/grpc in /pkg/signature/kms/gcp (#2312)Updates
github.com/tektoncd/pipelinefrom 0.56.0 to 0.56.9Release notes
Sourced from github.com/tektoncd/pipeline's releases.
... (truncated)
Commits
2b7eeecFix number of completed and failed task in case of ValidationFailed95e7a4eRemove permanent error and improve skip logicc418e52Exit reconcilation and markfailed if finally is not presenteffd78fResolve review comments 152b25edRun finally pipeline even if task is failed at the validation3380e34Backport release "scripts" changes from main…f63fb0eFix isolated workspaces ignored when using StepTemplate01616c1Mark steps as deleted when TaskRun failsd2b057dpkg/taskrunmetrics/fake shouldn't be imported…064bafcRefine check if the result is from a matrix taskUpdates
k8s.io/apifrom 0.34.1 to 0.34.9Commits
65439aeUpdate dependencies to v0.34.9 tagad42a1fMerge pull request #138357 from dims/update-moby-spdystream-v0.5.1-1.34f7287d9Merge pull request #138349 from dashpole/update_prop_3439fcc47Update github.com/moby/spdystream from v0.5.0 to v0.5.1dfcdfcdupdate go.opentelemetry.io/otel to v1.41.0Updates
k8s.io/apimachineryfrom 0.34.1 to 0.34.9Commits
454f531Merge pull request #138357 from dims/update-moby-spdystream-v0.5.1-1.34e44e450Merge pull request #138349 from dashpole/update_prop_34e2c5a26Update github.com/moby/spdystream from v0.5.0 to v0.5.103b02abupdate go.opentelemetry.io/otel to v1.41.0Updates
k8s.io/client-gofrom 0.34.1 to 0.34.9Commits
1976477Update dependencies to v0.34.9 tage4156f3Merge pull request #138357 from dims/update-moby-spdystream-v0.5.1-1.34e7de3f2Merge pull request #138349 from dashpole/update_prop_3432b5239Update github.com/moby/spdystream from v0.5.0 to v0.5.13f8d3efupdate go.opentelemetry.io/otel to v1.41.03a88ce1Merge pull request #135716p0lyn0mial/automated-cherry-pick-of-#135591c80976cdowngrade reflector watchlist fallback log to V(4)ab04e77Merge pull request #135592serathius/automated-cherry-pick-of-#13558025da701Use transformer in consistency checker0c76ee5Add unit tests for Data Consistency DetectorUpdates
k8s.io/code-generatorfrom 0.26.5 to 0.26.15Commits
d0d5d3aMerge pull request #123767 from liggitt/proto-1.26878d4dd[CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...c45891cMerge pull request #121547dims/automated-cherry-pick-of-#121364c8fec61bump golang.org/grpc to v1.56.387375c6Merge pull request #121126 from MadhavJivrajani/bump-x-net-126cc4d3de.: bump golang.org/x/net to v0.17.0b770688Merge pull request #118168neolit123/automated-cherry-pick-of-#118150395ef9ecall ./hack/update-vendor.sh3d1270eMerge pull request #118555 from puerco/bump-1.26-go-1.19.1038348bbupdate-vendor: update vendored go.sumsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions