Skip to content

build(deps): bump the all group across 1 directory with 8 updates #216

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the all group across 1 directory with 8 updates #216

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 21, 2025
edited
Loading

Bumps the all group with 8 updates in the /tools directory:

Package From To
github.com/daixiang0/gci 0.13.5 0.13.6
github.com/golangci/golangci-lint 1.63.4 1.64.8
github.com/open-policy-agent/conftest 0.55.0 0.58.0
github.com/tektoncd/chains 0.22.2 0.24.0
github.com/tektoncd/cli 0.38.0 0.40.0
helm.sh/helm/v3 3.16.4 3.17.2
k8s.io/kubernetes 1.31.3 1.32.3
sigs.k8s.io/kustomize/kustomize/v5 5.5.0 5.6.0

Updates github.com/daixiang0/gci from 0.13.5 to 0.13.6

Release notes

Sourced from github.com/daixiang0/gci's releases.

v0.13.6

What's Changed

Full Changelog: daixiang0/gci@v0.13.5...v0.13.6

Commits

Updates github.com/golangci/golangci-lint from 1.63.4 to 1.64.8

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.64.8

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 8b37f14162043f908949f1b363d061dc9ba713c0 fix: check version of the configuration (#5564)

v1.64.7

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 94946f3c52a89774b2c7d255311c34f17f8fac7a build(deps): bump github.com/OpenPeeDeeP/depguard/v2 from 2.2.0 to 2.2.1 (#5509)
  • 132365e252c985a191c6eaea3f0cc01ca9120ccc build(deps): bump github.com/golangci/dupl from 3e9179ac440a to f665c8d69b32 (#5512)
  • bddd1bcedbc2f3d767e2362be91ff9eb481493cd build(deps): bump github.com/securego/gosec/v2 from 2.22.1 to 2.22.2 (#5515)
  • 624fb4e717dc89f1b55d6a84a69355fe64d60036 build(deps): bump golang.org/x/mod from 0.23.0 to 0.24.0 (#5507)
  • 8cffdb7d21e5b2b89f163f70c60ac9686c9d6180 build(deps): bump golang.org/x/oauth2 from 0.27.0 to 0.28.0 in /scripts/gen_github_action_config in the scripts group (#5521)
  • 7a3f3d7c941475ee01edca221c44ea5ba59290a3 build(deps): bump golang.org/x/tools from 0.30.0 to 0.31.0 (#5508)
  • c13fd5b7627c436246f36044a575990b5ec75c7d build(deps): bump honnef.co/go/tools from 0.6.0 to 0.6.1 (#5510)

v1.64.6

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 3d28c57b576da4671faa9ec73890a6dd63f021ef Require type for oneOf mutual exclusion (#5426)
  • 84ab7530439226915db56606ca08cadaa05d2dae build(deps): bump 4d63.com/gocheckcompilerdirectives from 1.2.1 to 1.3.0 (#5485)
  • 9fddfc4769d6300e7c29ca3e5c2c8ffbe8caa9f8 build(deps): bump github.com/4meepo/tagalign from 1.4.1 to 1.4.2 (#5430)
  • 404916a76cdfb5741677e9bdfd2e2cee8595d65c build(deps): bump github.com/GaijinEntertainment/go-exhaustruct/v3 from 3.3.0 to 3.3.1 (#5467)
  • 3b6b9da36740ba61c3b0878a96b2fdc1a40eeb29 build(deps): bump github.com/catenacyber/perfsprint from 0.8.1 to 0.8.2 (#5441)
  • 336b21bb5c21d6538d6b1d8aa1fc3c778a8d0212 build(deps): bump github.com/kisielk/errcheck from 1.8.0 to 1.9.0 (#5447)
  • baad5bb7bd258e693266831b4a2b3dbf330405b6 build(deps): bump github.com/kkHAIKE/contextcheck from 1.1.5 to 1.1.6 (#5482)
  • 9e832c95a4156a00d3a899ec567eba071fe50507 build(deps): bump github.com/ldez/exptostd from 0.4.1 to 0.4.2 (#5456)
  • f2c630353beae8e62bbd71821de0ec56161fd567 build(deps): bump github.com/mgechev/revive from 1.6.1 to 1.7.0 (#5422)
  • 9a2423aa4bbbb26b3b8954a208abadc053c6e9c8 build(deps): bump github.com/nunnatsa/ginkgolinter from 0.19.0 to 0.19.1 (#5435)

... (truncated)

Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.64.8

  • Detects use pf configuration files from golangci-lint v2

v1.64.7

  1. Linters bug fixes
    • depguard: from 2.2.0 to 2.2.1
    • dupl: from 3e9179ac440a to f665c8d69b32
    • gosec: from 2.22.1 to 2.22.2
    • staticcheck: from 0.6.0 to 0.6.1
  2. Documentation
    • Add GitLab documentation

v1.64.6

  1. Linters bug fixes
    • asciicheck: from 0.4.0 to 0.4.1
    • contextcheck: from 1.1.5 to 1.1.6
    • errcheck: from 1.8.0 to 1.9.0
    • exptostd: from 0.4.1 to 0.4.2
    • ginkgolinter: from 0.19.0 to 0.19.1
    • go-exhaustruct: from 3.3.0 to 3.3.1
    • gocheckcompilerdirectives: from 1.2.1 to 1.3.0
    • godot: from 1.4.20 to 1.5.0
    • perfsprint: from 0.8.1 to 0.8.2
    • revive: from 1.6.1 to 1.7.0
    • tagalign: from 1.4.1 to 1.4.2

v1.64.5

  1. Bug fixes
    • Add missing flag new-from-merge-base-flag
  2. Linters bug fixes
    • asciicheck: from 0.3.0 to 0.4.0
    • forcetypeassert: from 0.1.0 to 0.2.0
    • gosec: from 2.22.0 to 2.22.1

v1.64.4

  1. Linters bug fixes
    • gci: fix standard packages list for go1.24

v1.64.3

  1. Linters bug fixes
    • ginkgolinter: from 0.18.4 to 0.19.0
    • go-critic: from 0.11.5 to 0.12.0
    • revive: from 1.6.0 to 1.6.1
    • gci: fix standard packages list for go1.24

... (truncated)

Commits
  • 8b37f14 fix: check version of the configuration (#5564)
  • 7bcf51e docs: update documentation assets (#5527)
  • 2e83e32 docs: update GitHub Action assets (#5528)
  • 8cffdb7 build(deps): bump golang.org/x/oauth2 from 0.27.0 to 0.28.0 in /scripts/gen_g...
  • bddd1bc build(deps): bump github.com/securego/gosec/v2 from 2.22.1 to 2.22.2 (#5515)
  • 132365e build(deps): bump github.com/golangci/dupl from 3e9179ac440a to f665c8d69b32 ...
  • c13fd5b build(deps): bump honnef.co/go/tools from 0.6.0 to 0.6.1 (#5510)
  • 94946f3 build(deps): bump github.com/OpenPeeDeeP/depguard/v2 from 2.2.0 to 2.2.1 (#5509)
  • 7a3f3d7 build(deps): bump golang.org/x/tools from 0.30.0 to 0.31.0 (#5508)
  • 624fb4e build(deps): bump golang.org/x/mod from 0.23.0 to 0.24.0 (#5507)
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/conftest from 0.55.0 to 0.58.0

Release notes

Sourced from github.com/open-policy-agent/conftest's releases.

v0.58.0

Announcements

⚠️ Upcoming Breaking Changes ⚠️

In the v0.59 release of conftest (in April 2025), we will bump the hcl2json library which is used by the HCL2 parser. This makes the behavior of the conversion more consistent by always using arrays for blocks that can be repeated. See open-policy-agent/conftest#1074 and open-policy-agent/conftest#1006 for more info.

ℹ️ Breaking Changes Reminder ℹ️

In the v0.60 release of conftest (in May 2025), we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.

  • Individual policies can be updated gradually, by adding import rego.v1 to the policy.
  • The rego-version flag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag to v0.

For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.

Changelog

New Features

  • 41549499ab4e816b47a4b21003bd1b1528bd80b9: feat(test): Enable inter-query cache (#1073) (@​jalseth)
  • d62aa8d90c9c023bedc76151cb44dcbe4f6e7a79: feat: add --absolute-paths flag to pull command (#1078) (@​thevilledev)

Bug Fixes

  • 4435c65cd37eddf69b9ee710bd4a84addaefbc5c: fix: Conftest can now successfully load files using a file URL (e.g., file:///C:/path/to/data.yaml) on windows (#999) (@​pckvcode)

OPA Changes

  • 6424545eb03efbc0bdd2e773eea7539ecd9557d5: build(deps): bump github.com/open-policy-agent/opa from 1.1.0 to 1.2.0 (#1080) (@​dependabot[bot])

Other Changes

  • 8e0fdf294b342f01d20d11365e8ac2085bc98248: build(deps): bump alpine from 3.21.2 to 3.21.3 (#1072) (@​dependabot[bot])
  • 6cb9d19737ce7e7aac4cdf0cb4021474879efefd: build(deps): bump github.com/moby/buildkit from 0.19.0 to 0.20.0 (#1076) (@​dependabot[bot])
  • 43264f4e481d7248dc4af141502315c718b759c2: build(deps): bump golang from 1.23.6-alpine to 1.24.0-alpine (#1071) (@​dependabot[bot])
  • 155cd3c95342d627d3160888d804df3d228352c9: chore: Change empty interface{} to any throughout the codebase (#1057) (@​jalseth)
  • 278f7355cd0f2dab8615777c5e823222140570f8: chore: Update all examples to OPA V1 syntax (#1058) (@​jalseth)
  • 39bd5fcee10393a902ebd48387920bf89411a5b7: ci: Revert "replace Makefile-based Docker builds with GitHub Action… (#1075)" (#1081) (@​jalseth)
  • 854183bc52bd266750b1f66a7ace9fa5717a7f0a: refactor(ci): replace Makefile-based Docker builds with GitHub Action… (#1075) (@​Amamgbu)
  • cdd65ba3a46b8292a96ac4a30ca3c04d4a28674e: refactor(output): Add CheckResults type and helpers (#1063) (@​jalseth)

v0.57.0

Announcements

⚠️ Upcoming Breaking Changes ⚠️

In the May 2025 release of conftest, we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.

  • With this release of conftest, users may opt-in to this behavior early by setting the --rego-version flag to v1.
  • Individual policies can be updated gradually, by adding import rego.v1 to the policy.
  • The rego-version flag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag to v0.

For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.

Changelog

New Features

... (truncated)

Commits
  • 39bd5fc ci: Revert "replace Makefile-based Docker builds with GitHub Action… (#1075)"...
  • 4435c65 fix: Conftest can now successfully load files using a file URL (e.g., `file:/...
  • 5ae180f docs: clarify --trace flag behavior with --output flag (#1060)
  • d62aa8d feat: add --absolute-paths flag to pull command (#1078)
  • 43264f4 build(deps): bump golang from 1.23.6-alpine to 1.24.0-alpine (#1071)
  • 854183b refactor(ci): replace Makefile-based Docker builds with GitHub Action… (#1075)
  • 6cb9d19 build(deps): bump github.com/moby/buildkit from 0.19.0 to 0.20.0 (#1076)
  • 8e0fdf2 build(deps): bump alpine from 3.21.2 to 3.21.3 (#1072)
  • 6424545 build(deps): bump github.com/open-policy-agent/opa from 1.1.0 to 1.2.0 (#1080)
  • 4154949 feat(test): Enable inter-query cache (#1073)
  • Additional commits viewable in compare view

Updates github.com/tektoncd/chains from 0.22.2 to 0.24.0

Changelog

Sourced from github.com/tektoncd/chains's changelog.

Tekton Chains Releases

Release Frequency

Tekton Chains follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • At a minimum four LTS release are produced. Additional releases are produced based on availability of new features to be released
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month.
    • The first Tekton Chains LTS release will be v0.13.0 in October 2022

Tekton Chains produces nightly builds, publicly available on ghcr.io/tektoncd/chains/controller-92006fd957c0afd31de6a40b3e33b39f.

Transition Process

Before release v0.13 Tekton Chains has worked on the basis of an undocumented support period, providing patch releases when needed. While transitioning to the new support model, v0.11 and v0.12 will be supported for four months from the initial publishing date.

Release Process

Tekton Chains releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-chains-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

  • The Tekton Chains [release process][tekton-releases-docs]
  • [Installing Tekton][tekton-installation]
  • Standard for [release notes][release-notes-standards]

Backwards Incompatible Changes

In general we aim for new features to be added in a backwards compatible way, but sometimes we will need to make breaking changes. This policy outlines how we will make and communicate these.

NOTE: Tekton Chains is working towards a formal beta release. Until then, all features are technically considered alpha (though we continue to do our best to retain backwards compatibility).

... (truncated)

Commits
  • 65f8d90 Fixes go.mod (#1304)
  • 7397d97 Bump the all group across 1 directory with 9 updates
  • c7590b6 Fixes alibabacloud-go/cr-20160607 license (#1301)
  • b0cb959 Update release info (#1293)
  • 7306686 Merge pull request #1289 from tektoncd/dependabot/github_actions/ko-build/set...
  • 115c4b2 Merge pull request #1288 from tektoncd/dependabot/github_actions/imjasonh/set...
  • 48e225f Merge pull request #1290 from tektoncd/dependabot/github_actions/golangci/gol...
  • f488a69 Add buildType for Chains format slsa/v2alpha2 (SLSAv1.0 predicate). (#906)
  • a286796 Bump golangci/golangci-lint-action from 6.1.0 to 6.2.0
  • 4055eda Bump ko-build/setup-ko from 0.7 to 0.8
  • Additional commits viewable in compare view

Updates github.com/tektoncd/cli from 0.38.0 to 0.40.0

Release notes

Sourced from github.com/tektoncd/cli's releases.

v0.40.0 Release 🎉

This release comes with support for Pipelines LTS v0.68.0, Triggers v0.31.0, Chains v0.24.0 and Hub v1.20.0 CLI. This release contains bug fix around logs and list commands of pipelinerun and taskrun.

ChangeLog 📋

Fixes 🐛

Misc 🔨

... (truncated)

Changelog

Sourced from github.com/tektoncd/cli's changelog.

Tekton CLI Releases

Release Frequency

Tekton CLI follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • A new release is produced on a monthly basis
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
    • LTS releases take place in January, April, July and October every year
    • The first Tekton CLI LTS release will be v0.30.0 in January 2023
    • Releases happen towards the middle of the month, but the exact date may vary, depending on week-ends and readiness

Tekton CLI produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.28 Tekton CLI has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.26 and v0.27.

Release Process

Read about releasing the Tekton CLI in the [release process documentation] [tekton-release-process].

Further documentation available:

  • [Tekton resources][tekton-releases-docs]
  • Standard for [release notes][release-notes-standards]

Releases

v0.40 (LTS)

  • Latest Release: [v0.40.0][v0-40-0] (2025-02-25) ([docs][v0-40-0-docs])
  • Initial Release: [v0.40.0][v0-40-0] (2025-02-26) ([docs][v0-40-0-docs])
  • End of Life: 2026-02-25

v0.39 (LTS)

  • Latest Release: [v0.39.1][v0-39-1] (2025-01-31) ([docs][v0-39-1-docs])
  • Initial Release: [v0.39.0][v0-39-0] (2024-11-26) ([docs][v0-39-0-docs])
  • End of Life: 2025-11-25

... (truncated)

Commits
  • 994290b New version v0.40.0
  • 8769a03 Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5
  • 723c8d2 Bump github.com/google/go-cmp from 0.6.0 to 0.7.0
  • 73b74e1 Bump the go-docker-dependencies group with 2 updates
  • e11c3b8 Bump github.com/sigstore/cosign/v2 from 2.4.2 to 2.4.3
  • d025e8b Bump github.com/spf13/cobra from 1.8.1 to 1.9.1
  • 840577c Use go v1.23.4 and bump goreleaser to v2.5.0
  • e24d525 Bump the go-k8s-dependencies group with 4 updates
  • fc9ea37 Bump github.com/golangci/golangci-lint from 1.64.4 to 1.64.5 in /tools
  • 9cfee4d Bump github.com/golangci/golangci-lint from 1.63.4 to 1.64.4 in /tools
  • Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.16.4 to 3.17.2

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.17.2 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.17.2. The common platform binaries are here:

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.17.3 is the next patch release and will be on April 09, 2025
  • 3.18.0 is the next minor release and will be on May 14, 2025

Changelog

  • Updating to 0.37.0 for x/net cc0bbbd6d6276b83880042c1ecb34087e84d41eb (Matt Farina)
  • build(deps): bump the k8s-io group with 7 updates ecb7a74f19c23f76e7c18d1ce99f88bf1926a9ae (dependabot[bot])

Helm v3.17.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

... (truncated)

Commits
  • cc0bbbd Updating to 0.37.0 for x/net
  • ecb7a74 build(deps): bump the k8s-io group with 7 updates
  • 980d8ac add test for nullifying nested global value
  • c23e3b6 Add test case for removing an entire object
  • 3110d5f Tests for bugfix: Override subcharts with null values #12879
  • 9520c71 merge null child chart objects
  • ab7dedd build(deps): bump the k8s-io group with 7 updates
  • a2d3602 fix: check group for resource info match
  • 301108e bump version to v3.17.0
  • 0ac5d28 Merge pull request #13588 from mattfarina/v3-backport-oci-digest
  • Additional commits viewable in compare view

Updates k8s.io/kubernetes from 1.31.3 to 1.32.3

Release notes

Sourced from k8s.io/kubernetes's releases.

Kubernetes v1.32.3

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0-rc.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0-rc.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0-rc.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0-beta.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.0-alpha.3

... (truncated)

Commits

Updates sigs.k8s.io/kustomize/kustomize/v5 from 5.5.0 to 5.6.0

Release notes

Sourced from sigs.k8s.io/kustomize/kustomize/v5's releases.

kustomize/v5.6.0

Announce

This release introduces a unified internal package version (v0.19.0) across the entire kustomize repository. ref. kubernetes-sigs/kustomize#5800

Chore

#5809: fix: "edit add labels" make labels handle -f flag same as commonLabels

Dependencies

#5825: Update to latest kube-opeapi to drop govalidator dependency #5830: downgrade go-difflib and go-spew to tagged releases #5837: Update kyaml to v0.19.0 #5839: Update cmd/config to v0.19.0 #5840: Update api to v0.19.0

Commits
  • 95db4aa Merge pull request #5840 from koba1t/pinToApi
  • 07f62bd Update api to v0.19.0
  • b69e765 Merge pull request #5839 from koba1t/pinToCmdConfig
  • 8a51255 Update cmd/config to v0.19.0
  • ce667b7 Merge pull request #5837 from koba1t/pinToKyaml
  • 1b33db5 Update kyaml to v0.19.0
  • 880a7a0 add go work verification step for github actions (#5833)
  • 2867f35 downgrade go-difflib and go-spew to tagged releases (#5830)
  • 214aa2a Merge pull request #5823 from kubernetes-sigs/dependabot/go_modules/hack/gola...
  • 6f62ee7 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 in /hack
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps): bump the all group across 1 directory with 8 updates
cc4fdd7 
Bumps the all group with 8 updates in the /tools directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/daixiang0/gci](https://github.com/daixiang0/gci) | `0.13.5` | `0.13.6` |
| [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) | `1.63.4` | `1.64.8` |
| [github.com/open-policy-agent/conftest](https://github.com/open-policy-agent/conftest) | `0.55.0` | `0.58.0` |
| [github.com/tektoncd/chains](https://github.com/tektoncd/chains) | `0.22.2` | `0.24.0` |
| [github.com/tektoncd/cli](https://github.com/tektoncd/cli) | `0.38.0` | `0.40.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.16.4` | `3.17.2` |
| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.31.3` | `1.32.3` |
| [sigs.k8s.io/kustomize/kustomize/v5](https://github.com/kubernetes-sigs/kustomize) | `5.5.0` | `5.6.0` |



Updates `github.com/daixiang0/gci` from 0.13.5 to 0.13.6
- [Release notes](https://github.com/daixiang0/gci/releases)
- [Commits](daixiang0/gci@v0.13.5...v0.13.6)

Updates `github.com/golangci/golangci-lint` from 1.63.4 to 1.64.8
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.63.4...v1.64.8)

Updates `github.com/open-policy-agent/conftest` from 0.55.0 to 0.58.0
- [Release notes](https://github.com/open-policy-agent/conftest/releases)
- [Changelog](https://github.com/open-policy-agent/conftest/blob/master/.goreleaser.yml)
- [Commits](open-policy-agent/conftest@v0.55.0...v0.58.0)

Updates `github.com/tektoncd/chains` from 0.22.2 to 0.24.0
- [Release notes](https://github.com/tektoncd/chains/releases)
- [Changelog](https://github.com/tektoncd/chains/blob/main/releases.md)
- [Commits](tektoncd/chains@v0.22.2...v0.24.0)

Updates `github.com/tektoncd/cli` from 0.38.0 to 0.40.0
- [Release notes](https://github.com/tektoncd/cli/releases)
- [Changelog](https://github.com/tektoncd/cli/blob/main/releases.md)
- [Commits](tektoncd/cli@v0.38.0...v0.40.0)

Updates `helm.sh/helm/v3` from 3.16.4 to 3.17.2
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.16.4...v3.17.2)

Updates `k8s.io/kubernetes` from 1.31.3 to 1.32.3
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](kubernetes/kubernetes@v1.31.3...v1.32.3)

Updates `sigs.k8s.io/kustomize/kustomize/v5` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@kustomize/v5.5.0...kustomize/v5.6.0)

---
updated-dependencies:
- dependency-name: github.com/daixiang0/gci
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/open-policy-agent/conftest
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/tektoncd/chains
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/tektoncd/cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: k8s.io/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: sigs.k8s.io/kustomize/kustomize/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 21, 2025
This was referenced Mar 21, 2025
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant