Bump the go-dependencies group across 1 directory with 21 updates

[dependabot]

Bumps the go-dependencies group with 15 updates in the / directory:

Package	From	To
github.com/Azure/azure-sdk-for-go/sdk/azcore	1.18.0	1.21.0
github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry	0.2.2	0.2.3
github.com/andygrunwald/go-jira	1.16.0	1.17.0
github.com/aws/aws-sdk-go-v2	1.36.3	1.41.5
github.com/aws/aws-sdk-go-v2/config	1.29.14	1.32.13
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.17.72	1.22.10
github.com/aws/aws-sdk-go-v2/service/ecs	1.54.6	1.75.0
github.com/aws/aws-sdk-go-v2/service/lambda	1.71.2	1.88.5
github.com/containers/image/v5	5.34.3	5.36.2
github.com/go-playground/validator/v10	10.26.0	10.30.2
github.com/open-policy-agent/opa	1.13.2	1.15.1
github.com/zalando/go-keyring	0.2.6	0.2.8
golang.org/x/oauth2	0.34.0	0.36.0
k8s.io/kubernetes	1.35.0	1.35.3
sigs.k8s.io/kind	0.11.1	0.31.0

Updates github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.18.0 to 1.21.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.21.0

1.21.0 (2026-01-12)

Features Added

• Added runtime/datetime package which provides specialized time type wrappers for serializing and deserializing time values in various formats used by Azure services.

Other Changes

• Aligned cloud.AzureGovernment and cloud.AzureChina audience values with Azure CLI

Commits

• f6309d4 Prep azcore@v1.21.0 for release (#25864)
• d0a9819 Update SDK generation as completed when SDK pull request is linked to release...
• aba8672 Configurations: 'specification/resourceconnector/resource-manager/Microsoft....
• 481e4ab Add some missing methods to the types in datetime (#25826)
• 35d6071 Skip unsafeptr check for storage SDKs (#25856)
• 5d68f66 add code (#25837)
• 944cd8d add code (#25836)
• 1191825 [Regeneration]sdk/resourcemanager/quota/armquota (#25835)
• e1a9bfd add code (#25838)
• 1de7ac7 [Automation] Regenerate SDK based on typespec-go branch main (#25729)
• Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.9.0 to 1.10.1

Commits

• a98a0db Prepare azidentity v1.10.1 for release (#24746)
• 8aa9f8b [Release] sdk/resourcemanager/avs/armavs/2.1.0 (#24709)
• 01782ab Fix typo in azidentity troubleshooting guide (#24748)
• 6ba8640 remove reprecated service (#24744)
• 18ff882 [keyvault] upgrade to 7.6 (#24733)
• 214f119 Add in a simple service bus troubleshooting guide. (#24741)
• bb804de [Release] sdk/resourcemanager/containerservice/armcontainerservice/7.0.0-beta...
• 542616a Support 1es canary template validation for unified pipeline (#24731)
• 6d7f1b2 [Release] sdk/resourcemanager/mongodbatlas/armmongodbatlas/0.1.0 (#24590)
• 466a17b upgrade dependency (#24736)
• Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry from 0.2.2 to 0.2.3

Commits

• 338d220 Added mock.WithPredicate ResponseOption (#11959)
• 3ff8ace Omit read-only content from request payloads (#11928)
• 30a759d remove legacy ci.yml file (#11930)
• 165ddcb Minor release v44.2.0 (#11841)
• c446bd0 add ci.yml for azidentity (#11855)
• 9ab3f58 Adding azidentity package (#11845)
• See full diff in compare view

Updates github.com/andygrunwald/go-jira from 1.16.0 to 1.17.0

Release notes

Sourced from github.com/andygrunwald/go-jira's releases.

v1.17.0

This is a maintenance release, but there are two important changes:

• github.com/golang-jwt/jwt/v4 has been updated because of a security issue, see CVE-2025-30204
• Minimum Go version has been raised from v1.15 to v1.21, due to an update of github.com/google/go-cmp

What's Changed

• Replace ioutil.ReadFile with os.ReadFile
• Replace ioutil.ReadAll with io.ReadAll
• upgraded static v2022.1 => v2023.1
• go fmt issue.go, metaissue.go, sprint.go
• Github Actions: Upgrade dominikh/staticcheck-action from v1.2 to v1.4
• Github Actions: Upgrade actions/setup-go from v3 to v6
• Github Actions: Upgrade actions/checkout from v3 to v5
• go mod tidy
• upgraded github.com/google/go-cmp v0.5.8 => v0.7.0
• upgraded go 1.15 => 1.21
• upgraded github.com/golang-jwt/jwt/v4 v4.4.2 => v4.5.2

All these changes have been made by @​andygrunwald in andygrunwald/go-jira#735

Full Changelog: andygrunwald/go-jira@v1.16.1...v1.17.0

v1.16.1

This release is shipping a fix for the deprecation of the GET /rest/api/2/search endpoint. See Deprecation of JQL search and Evaluate expression endpoints / 31 October 2024.

If you are using a Jira Cloud-hosted instance and are using either IssueService.Search() or IssueService.SearchWithContext(), there is a high likelihood that these functions will no longer work for you due to deprecation and removal by Atlassian.

This release introduces IssueService.SearchV2JQL() and IssueService.SearchV2JQLWithContext() with a very similar function signature. To get the same results as with IssueService.Search() or IssueService.SearchWithContext(), you may need to configure a Fields list in the options parameter. Please see Search for issues using JQL enhanced search (GET) for further instructions.

What's Changed

• Add SearchV2JQL to fix the deprecation of JQL search and evaluate expression endpoints by @​conor-naranjo in andygrunwald/go-jira#725

New Contributors

• @​conor-naranjo made their first contribution in andygrunwald/go-jira#725

Full Changelog: andygrunwald/go-jira@v1.16.0...v1.16.1

Changelog

Sourced from github.com/andygrunwald/go-jira's changelog.

1.17.0 (2025-09-16)

All changes in #735.

Breaking Changes

• Minimum Go version increased from 1.15 to 1.21 (due to google/go-cmp dependency update)

Security

• Updated github.com/golang-jwt/jwt/v4 v4.4.2 to v4.5.2 (CVE-2025-30204)

Maintenance

• Replaced deprecated ioutil.ReadFile with os.ReadFile
• Replaced deprecated ioutil.ReadAll with io.ReadAll
• Replaced deprecated ioutil.Discard with io.Discard
• Upgraded staticcheck v2022.1 to v2023.1
• Code formatting updates (issue.go, metaissue.go, sprint.go)

Dependencies

• github.com/google/go-cmp v0.5.8 to v0.7.0
• github.com/golang-jwt/jwt/v4 v4.4.2 to v4.5.2

CI/CD

• Upgraded actions/checkout from v3 to v5
• Upgraded actions/setup-go from v3 to v6
• Upgraded dominikh/staticcheck-action from v1.2 to v1.4

1.16.1 (2025-09-13)

Features

• Added IssueService.SearchV2JQL() and IssueService.SearchV2JQLWithContext() to handle Atlassian's deprecation of GET /rest/api/2/search endpoint (effective October 31, 2024) (#725)

New contributor: @​conor-naranjo

Commits

• 93f28dd Merge pull request #735 from andygrunwald/v1.17.0-dev-upgrade-dependencies
• 00778a6 Replace ioutil.Discard with io.Discard
• 44e617e Replace ioutil.ReadFile with os.ReadFile
• 546b61f Replace ioutil.ReadAll with io.ReadAll
• 79978f0 upgraded static v2022.1 => v2023.1
• 463a8a0 go fmt sprint.go
• e0ea06f go fmt metaissue.go
• 2095c75 go fmt issue.go
• 3d9306e Github Actions: Upgrade dominikh/staticcheck-action from v1.2 to v1.4
• ead0c0c Github Actions: Upgrade actions/setup-go from v3 to v6
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.36.3 to 1.41.5

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.29.14 to 1.32.13

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.67 to 1.19.13

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.72 to 1.22.10

Commits

• d872461 Release 2024-06-07
• dd82156 Regenerated Clients
• 85ebac0 Update endpoints model
• 490e6cb Update API model
• 4892b05 Merge pull request #2668 from aws/feature-clock-skew
• 8bdbe6a Merge branch 'main' into feature-clock-skew
• c4f8ba3 run goimports
• 2474a05 update snapshot tests
• 9fa716b regen clients
• 6d365fb address feedback from pr, mostly moving things around
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecs from 1.54.6 to 1.75.0

Commits

• b820c57 Release 2025-01-29
• 40ddb76 Regenerated Clients
• 2b4adae Update API model
• 78c2be4 Revert "beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)"
• 5c9d67c beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)
• 571aa56 Release 2025-01-28
• 783ff00 Regenerated Clients
• fcdc1bb Update API model
• df279db Release 2025-01-27
• 912497b Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/lambda from 1.71.2 to 1.88.5

Commits

• b9b0c65 Release 2025-10-16
• e2bc8a0 Regenerated Clients
• 8691ee3 Update API model
• 51e8a3f bump to go1.23 (#3211)
• ad2d36c Release 2025-10-15
• 19a35d6 Regenerated Clients
• 35cb02f Update endpoints model
• f673a1b Update API model
• 48421fd Release 2025-10-14
• fedcba7 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.79.2 to 1.97.3

Commits

• 90650dd Release 2026-03-26
• dd88818 Regenerated Clients
• b662c50 Update endpoints model
• 500a9cb Update API model
• 6221102 fix stale skew and delayed skew healing (#3359)
• 0a39373 fix order of generated event header handlers (#3361)
• 098f389 Only generate resolveAccountID when it's required (#3360)
• 6ebab66 Release 2026-03-25
• b2ec3be Regenerated Clients
• abc126f Update API model
• Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.22.3 to 1.24.2

Release notes

Sourced from github.com/aws/smithy-go's releases.

v1.22.4

Release (2025-06-16)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.22.4
  • Bug Fix: Fix CBOR serd empty check for string and enum fields

Commits

• b860661 Release 2026-02-27
• 567846b Bump minimun Go version to 1.24 (#629)
• 8c63558 Release 2026-02-20
• c6d1144 Create new event stream generator (#626)
• f82babd update Smithy version to 1.67.0 (#627)
• 708bee3 move writable and chainwritable up (#622)
• 7bfe108 Add support for OrExpression JMESPath (#620)
• 9dbc5b2 bump smithy to v1.64.0
• 71f5bff Release 2025-12-01
• c94c177 changelog
• Additional commits viewable in compare view

Updates github.com/containers/image/v5 from 5.34.3 to 5.36.2

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.36.2

What's Changed

• [release-5.36] Bump to c/image v5.36.1 by @​TomSweeneyRedHat in containers/image#2920
• [release-5.36] rekor: do not cancel http context by @​TomSweeneyRedHat in containers/image#2943

Full Changelog: containers/image@v5.36.1...v5.36.2

v5.36.1

What's Changed

• [release-5.36] Update the CI image, to match Skopeo's updated test code by @​TomSweeneyRedHat in containers/image#2913

Full Changelog: containers/image@v5.36.0...v5.36.1

v5.36.0

What's Changed

• Bump c/storage to v1.58.0, c/image to v5.35.0 by @​TomSweeneyRedHat in containers/image#2828
• chore(deps): update dependency golangci/golangci-lint to v2.1.2 by @​renovate[bot] in containers/image#2827
• fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.28 by @​renovate[bot] in containers/image#2829
• fix(deps): update module github.com/docker/docker to v28.1.0+incompatible by @​renovate[bot] in containers/image#2834
• fix(deps): update module github.com/docker/cli to v28.1.0+incompatible by @​renovate[bot] in containers/image#2833
• fix(deps): update module github.com/docker/cli to v28.1.1+incompatible by @​renovate[bot] in containers/image#2836
• fix(deps): update module github.com/docker/docker to v28.1.1+incompatible by @​renovate[bot] in containers/image#2835
• chore(deps): update dependency containers/automation_images to v20250422 by @​renovate[bot] in containers/image#2839
• chore(deps): update dependency golangci/golangci-lint to v2.1.5 by @​renovate[bot] in containers/image#2840
• fix(deps): update module github.com/sigstore/sigstore to v1.9.4 by @​renovate[bot] in containers/image#2842
• chore(deps): update dependency golangci/golangci-lint to v2.1.6 by @​renovate[bot] in containers/image#2846
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.0 by @​renovate[bot] in containers/image#2845
• fix(deps): update module golang.org/x/oauth2 to v0.30.0 by @​renovate[bot] in containers/image#2847
• fix(deps): update module golang.org/x/sync to v0.14.0 by @​renovate[bot] in containers/image#2848
• fix(deps): update module golang.org/x/term to v0.32.0 by @​renovate[bot] in containers/image#2850
• fix(deps): update module golang.org/x/crypto to v0.38.0 by @​renovate[bot] in containers/image#2849
• fix(deps): update module dario.cat/mergo to v1.0.2 by @​renovate[bot] in containers/image#2851
• vendor: update c/storage by @​giuseppe in containers/image#2844
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.1 by @​renovate[bot] in containers/image#2853
• Update old indirect dependencies by @​mtrmac in containers/image#2787
• Stop setting the btrfs_noversion build tag by @​mtrmac in containers/image#2831
• fix(deps): update module github.com/santhosh-tekuri/jsonschema/v6 to v6.0.2 by @​renovate[bot] in containers/image#2855
• fix(deps): update module github.com/docker/docker to v28.2.1+incompatible by @​renovate[bot] in containers/image#2859
• fix(deps): update module github.com/docker/cli to v28.2.1+incompatible by @​renovate[bot] in containers/image#2858
• fix(deps): update module github.com/docker/docker to v28.2.2+incompatible by @​renovate[bot] in containers/image#2862
• fix(deps): update module github.com/docker/cli to v28.2.2+incompatible by @​renovate[bot] in containers/image#2861
• INCOMPATIBLE: Remove the implementation of the ostree transport by @​mtrmac in containers/image#2821
• Only upload sigstore signatures to the sigstore tag schema by @​mtrmac in containers/image#2717
• Update old dependencies by @​mtrmac in containers/image#2863
• fix(deps): update github.com/containers/storage digest to 78f4258 by @​renovate[bot] in containers/image#2864
• Queue a partially-pulled layer for commit immediately after staging it by @​mtrmac in containers/image#2799
• fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.2 by @​renovate[bot] in containers/image#2865
• fix(deps): update module golang.org/x/sync to v0.15.0 by @​renovate[bot] in containers/image#2866

... (truncated)

Commits

• d464a25 Bump to v5.36.2
• 50a6b67 Merge pull request #2943 from TomSweeneyRedHat/dev/tsweeney/backport_2938
• d3eb538 [release-5.36] rekor: do not cancel http context
• 6ed8326 Merge pull request #2920 from TomSweeneyRedHat/dev/tsweeney/v5.36.1
• f6ca2da [release-5.36] Bump to c/image v5.36.1
• d18da19 [release-5.36] Bump c/storage to v1.59.1
• ae0c9f3 Merge pull request #2913 from TomSweeneyRedHat/dev/tsweeney/cherrypick2907
• 40d1027 [release-5.36] Update the CI image, to match Skopeo's updated test code
• 08ce6b4 Bump to c/image v5.36.0
• b5e2b66 Bump to c/storage v1.59.0
• Additional commits viewable in compare view

Updates github.com/docker/docker from 28.0.4+incompatible to 28.3.2+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

28.3.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.3.2 milestone
• moby/moby, 28.3.2 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix --use-api-socket not working correctly when targeting a remote daemon. docker/cli#6157
• Fix stray "otel error" logs being printed if debug logging is enabled. docker/cli#6160
• Quote SSH arguments when connecting to a remote daemon over an SSH connection to avoid unexpected expansion. docker/cli#6147
• Warn when DOCKER_AUTH_CONFIG is set during docker login and docker logout. docker/cli#6163

Packaging updates

• Update Compose to v2.38.2. docker/docker-ce-packaging#1225
• Update Docker Model CLI plugin to v0.1.33. docker/docker-ce-packaging#1227
• Update Go runtime to 1.24.5. moby/moby#50354

28.3.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.3.1 milestone
• moby/moby, 28.3.1 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Packaging updates

• Update BuildKit to v0.23.2. moby/moby#50309
• Update Compose to v2.38.1. docker/docker-ce-packaging#1221
• Update Model to v0.1.32 which adds the support for the new top-level models: key in Docker Compose. docker/docker-ce-packaging#1222

28.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.3.0 milestone
• moby/moby, 28.3.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Add support for AMD GPUs in docker run --gpus. moby/moby#49952
• Use DOCKER_AUTH_CONFIG as a credential store. docker/cli#6008

... (truncated)

Commits

• e77ff99 Merge pull request #50354 from vvoland/50353-28.x
• 6e3cf7f Merge pull request #50351 from vvoland/50179-28.x
• 38c0abf update to go1.24.5
• 3b7d703 Merge pull request #50352 from vvoland/50347-28.x
• d14a60f Merge pull request #50348 from vvoland/50314-28.x
• da65c86 Merge pull request #50350 from vvoland/50333-28.x
• 76fbfe9 Merge pull request #50349 from vvoland/50255-28.x
• bfade89 integration/networking: increase context timeout for attach
• a818cfd gha: run windows 2025 on PRs, 2022 scheduled
• 653777a gha: update to windows 2022 / 2025
• Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.26.0 to 10.30.2

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

v10.30.2

What's Changed

• chore(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 by @​dependabot[bot] in go-playground/validator#1523
• feat: add translations for alphaspace and alphanumspace tags in indonesian by @​savioruz in go-playground/validator#1522
• chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.12 to 1.4.13 by @​dependabot[bot] in go-playground/validator#1526
• feat: add cmyk(color) to validator by @​thenicolau in go-playground/validator#1528
• chore(deps): bump golang.org/x/text from 0.33.0 to 0.34.0 by @​dependabot[bot] in go-playground/validator#1534
• chore(deps): bump golang.org/x/crypto from 0.47.0 to 0.48.0 by @​dependabot[bot] in go-playground/validator#1533
• Go 1.26 support by @​nodivbyzero in go-playground/validator#1535
• fix: prevent panic in unique validation with nil pointer elements by @​nodivbyzero in go-playground/validator#1532
• docs: fix typos by @​alexandear in go-playground/validator#1527
• feat: implement ValidatorValuer interface feature by @​thommeo in go-playground/validator#1416
• docs: add Valuer interface documentation and example by @​wofiporia in go-playground/validator#1540
• chore(deps): bump golang.org/x/text from 0.34.0 to 0.35.0 by @​dependabot[bot] in go-playground/validator#1545
• chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0 by @​dependabot[bot] in go-playground/validator#1546
• feat: add postcode patterns for Colombia (CO) and British Virgin Islands (VG) by @​j-ibarra in go-playground/validator#1547
• fix(fqdn): allow hyphens in last domain label by @​alihasan070707 in go-playground/validator#1548

New Contributors

• @​savioruz made their first contribution in go-playground/validator#1522
• @​thenicolau made their first contribution in go-playground/validator#1528
• @​thommeo made their first contribution in go-playground/validator#1416
• @​wofiporia made their first contribution in go-playground/validator#1540
• @​j-ibarra made their first contribution in go-playground/validator#1547
• @​alihasan070707 made their first contribution in go-playground/validator#1548

Full Changelog: go-playground/validator@v10.30.1...v10.30.2

Release 10.30.1

What's Changed

• Feat: uds_exists validator by @​barash-asenov in go-playground/validator#1482
• fix: Revert min limit of e164 regex by @​zemzale in go-playground/validator#1516
• Fix 1513 update ISO 3166-2 codes by @​xyz27900 in go-playground/validator#1514

New Contributors

• @​barash-asenov made their first contribution in go-playground/validator#1482
• @​xyz27900 made their first contribution in go-playground/validator#1514

Full Changelog: go-playground/validator@v10.30.0...v10.30.1

Release 10.30.0

What's Changed

• Bump golang.org/x/crypto from 0.45.0 to 0.46.0 by @​dependabot[bot] in go-playground/validator#1504
• Bump github.com/gabriel-vasile/mimetype from 1.4.11 to 1.4.12 by @​dependabot[bot] in go-playground/validator#1505
• docs: document omitzero by @​minoritea in go-playground/validator#1509
• fix: add missing translations for alpha validators by @​shindonghwi in go-playground/validator#1510
• fix: resolve panic when using aliases with OR operator by @​shindonghwi in go-playground/validator#1507
• fix: resolve panic when using cross-field validators with ValidateMap by @​shindonghwi in go-playground/validator#1508

New Contributors

... (truncated)

Commits

• b9258bd fix(fqdn): allow hyphens in last domain label (#1548)
• b9f1d79 feat: add postcode patterns for Colombia (CO) and British Virgin Islands (VG)...
• 7fa9599 chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0 (#1546)
• 8ca29ec chore(deps): bump golang.org/x/text from 0.34.0 to 0.35.0 (#1545)
• 5e1bedf docs: add Valuer interface documentation and example (#1540)
• 42927a0 feat: implement ValidatorValuer interface feature (#1416)
• c254ece docs: fix typos (#1527)
• 4325386 fix: prevent panic in unique validation with nil pointer elements (#1532)
• d3f35da Go 1.26 support (#1535)
• f5c74ce chore(deps): bump golang.org/x/crypto from 0.47.0 to 0.48.0 (#1533)
• Additional commits viewable in compare view

Updates github.com/hashicorp/go-retryablehttp from 0.7.7 to 0.7.8

Commits

• e1f5485 Add a new RateLimitLinearJitterBackoff policy
• b0cac1e Merge pull request #262 from hashicorp/dependabot-intge
• 66c110b few new parameters added to dependabot.yml
• 25b39e6 IND-3836 additions of new parameters to dependabot.yml
• eeac125 add comment for bodyType param in client.Post
• 3...

  Description has been truncated

[claude]

Claude finished @dependabot[bot]'s task in 2m 14s —— View job

---

Dependency Update Review

• Identify changed dependencies
• Review go.mod diff for breaking changes
• Analyze usage of critical dependencies in codebase
• Check for API changes, deprecations, and risks
• Post final review

---

Summary

This PR bumps 21 Go dependencies (15 direct, 6 indirect). I've analyzed each upgraded dependency against its usage in this codebase. Overall the upgrade looks safe, with one item worth attention.

---

Risk Assessment by Dependency

sigs.k8s.io/kind v0.11.1 → v0.31.0 — ⚠️ Medium Risk

This is the largest jump in the PR (20 minor versions). Used only in test infrastructure (internal/kube/kube_test.go) for creating temporary Kind clusters. The APIs used (cluster.NewProvider(), cluster.ProviderWithDocker(), cluster.CreateWithWaitForReady(), provider.Create(), provider.Delete(), provider.ExportKubeConfig()) are core lifecycle APIs and likely stable, but given the magnitude of the jump, integration tests that exercise Kind cluster creation should be run to verify (make test_integration_full — the K8s tests that are skipped in --short mode).

github.com/aws/smithy-go v1.22.3 → v1.24.2 — ✅ Low Risk

Bumped minimum Go to 1.24. This project uses Go 1.25.0 (go.mod line 3), so no compatibility issue. Used in internal/azure/azure_apps.go for smithyTime.ParseDateTime() — a stable utility function.

AWS SDK v2 packages (multiple) — ✅ Low Risk

All AWS SDK packages are minor/patch bumps within v2. The codebase uses standard, stable APIs:

• ECS: ListClusters, DescribeClusters, ListServices, DescribeServices, ListTasks, DescribeTasks
• Lambda: ListFunctions, GetFunctionConfiguration
• S3: ListObjectsV2 (paginator), Download (manager)

No deprecated APIs are in use. The Lambda pagination uses Marker/NextMarker which is the correct pattern for ListFunctions. New indirect dependency aws/aws-sdk-go-v2/service/signin was added — this is a transitive dependency and not directly used.

github.com/containers/image/v5 v5.34.3 → v5.36.2 — ✅ Low Risk

The release notes mention an INCOMPATIBLE change: removal of the ostree transport. This codebase does not use the ostree transport. Only two packages are used (docker.ParseReference, docker.GetDigest, types.SystemContext, types.DockerAuthConfig in internal/digest/digest.go) — all stable, core APIs.

github.com/open-policy-agent/opa v1.13.2 → v1.15.1 — ✅ Low Risk

Used in internal/evaluate/rego.go via the v1 API (v1/ast, v1/rego). Only standard evaluation APIs are used (rego.New, rego.Query, rego.Module, rego.Input, rego.Eval, ast.ParseModuleWithOpts). These are stable v1 interfaces.

github.com/andygrunwald/go-jira v1.16.0 → v1.17.0 — ✅ Low Risk

Maintenance release. Minimum Go raised to 1.21 (this project uses 1.25.0 ✓). Includes a security fix for golang-jwt/jwt/v4 (CVE-2025-30204). Used in internal/jira/jira.go for BasicAuthTransport, BearerAuthTransport, Issue.Get — all unchanged APIs.

github.com/go-playground/validator/v10 v10.26.0 → v10.30.2 — ✅ Low Risk

Used in cmd/kosli/snapshotPaths.go and internal/server/server.go with basic tags (required, oneof). No breaking changes to these core validation features. New features (CMYK color validation, ValidatorValuer interface, omitzero) don't affect existing usage.

github.com/zalando/go-keyring v0.2.6 → v0.2.8 — ✅ Low Risk

Patch bump. Used in internal/security/security.go for keyring.Get, keyring.Set, keyring.ErrNotFound, keyring.MockInit — stable, minimal API surface.

Other low-risk updates

Dependency	Change	Notes
Azure/azure-sdk-for-go/sdk/azcore	1.18.0 → 1.21.0	Additive: new runtime/datetime package
Azure/azure-sdk-for-go/sdk/azidentity	1.9.0 → 1.10.1	Patch-level fixes
Azure/azure-sdk-for-go/sdk/containers/azcontainerregistry	0.2.2 → 0.2.3	Patch fix
docker/docker	28.0.4 → 28.3.2	Minor bump, additive features
hashicorp/go-retryablehttp	0.7.7 → 0.7.8	Patch: new RateLimitLinearJitterBackoff policy
k8s.io/kubernetes	1.35.0 → 1.35.3	Patch fixes
golang.org/x/oauth2	0.34.0 → 0.36.0	Standard library extension

Removed indirect dependencies (expected)

• github.com/alessio/shellescape — not directly imported, safe removal
• gopkg.in/ini.v1 — not directly imported, safe removal
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp — transitive cleanup

---

Recommendations

1. Run make test_integration_full (including K8s tests) to validate the Kind v0.31.0 upgrade — this is the highest-risk change due to the version gap.
2. Standard integration tests (make test_integration) should cover AWS, Azure, OCI, Jira, OPA, and validator paths.
3. No code changes required — all APIs in use remain stable across these upgrades.

---

[mbevc1]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.