build(deps): bump chainguard.dev/sdk from 0.1.47 to 0.1.48 (#2035)

dependabot[bot] · web-flow · commit 558af548ba93 · 2026-01-26T17:21:42.000+01:00
Bumps [chainguard.dev/sdk](https://github.com/chainguard-dev/sdk) from 0.1.47 to 0.1.48. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chainguard-dev/sdk/releases">chainguard.dev/sdk's releases</a>.</em></p> <blockquote> <h2>v0.1.48</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/chainguard-dev/sdk/compare/v0.1.47...v0.1.48">https://github.com/chainguard-dev/sdk/compare/v0.1.47...v0.1.48</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chainguard-dev/sdk/commit/720e394960f5e681ae52314a81e986e17c74079b"><code>720e394</code></a> Merge pull request <a href="https://redirect.github.com/chainguard-dev/sdk/issues/131">#131</a> from chainguard-dev/create-pull-request/patch</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/8e34c4374ad472e4fe4189007883cb3f80ecc535"><code>8e34c43</code></a> Export c4e6f6a9c7bdc2617097d791f42cca426d99f648</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/54786bc5d1aeb1bbddfc712ea3af9bb66378a095"><code>54786bc</code></a> Export b58d6c3eb71d795ec1b515d6d579fd702a795c82</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/1034e1cf43159d0fd7fb90345594da4c277d0e19"><code>1034e1c</code></a> Export 79c6d05840e9d46e1a14fcd7b9995562df3875c5</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/7c461ce3159ea11704a87b60f742a9a5b558f000"><code>7c461ce</code></a> Export 4a714343a7abc0d77282fe1bd15b781bb4089bd8</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/c424a916b37ad5baa0c58c36a9f47ba2a116fe36"><code>c424a91</code></a> Merge pull request <a href="https://redirect.github.com/chainguard-dev/sdk/issues/130">#130</a> from jml/fix-sts</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/12a56255453ac77563120f7c9285befb790beefa"><code>12a5625</code></a> fix: use workflow_ref not ref</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/e9d3a8917991525b6a3fe6b2ef0bb56610b7ba64"><code>e9d3a89</code></a> Export a9897321798a0bf90e5002935c3b5ba02856c3dc</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/45e9d75a8792b9e4c4283d24cfcb0d61e1794313"><code>45e9d75</code></a> Export 97b7dc1d732637201aa107d3ab0df1df557c42ae</li> <li><a href="https://github.com/chainguard-dev/sdk/commit/56edddab9210024eb49b5ab2f8025fddb68c04d7"><code>56eddda</code></a> Export f3535d812b87000d38e90d91a0c820c67e70ca00</li> <li>Additional commits viewable in <a href="https://github.com/chainguard-dev/sdk/compare/v0.1.47...v0.1.48">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chainguard.dev/sdk&package-manager=go_modules&previous-version=0.1.47&new-version=0.1.48)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module chainguard.dev/apko
 go 1.25.0
 
 require (
-	chainguard.dev/sdk v0.1.47
+	chainguard.dev/sdk v0.1.48
 	github.com/chainguard-dev/clog v1.8.0
 	github.com/charmbracelet/log v0.4.2
 	github.com/go-git/go-git/v5 v5.16.4
diff --git a/go.sum b/go.sum
@@ -1,7 +1,7 @@
 chainguard.dev/go-grpc-kit v0.17.15 h1:y+FBjta2lsC0XxlkG+W5P1VxYl0zG74GRvoYN2o+p7s=
 chainguard.dev/go-grpc-kit v0.17.15/go.mod h1:1wAVAX2CCamtFlfMs9PFzfgQQxX1/TQyF6cbWApbJ2U=
-chainguard.dev/sdk v0.1.47 h1:BQEVQWj1ZnL9DNgHWcAVbj8BNNN/blAZHhbWGKSKzZI=
-chainguard.dev/sdk v0.1.47/go.mod h1:b4isqRFaCBaRuVcHUrFeaqvt3d8J9GNOMS0RAyoawXw=
+chainguard.dev/sdk v0.1.48 h1:WwObi7i4AkKRnbBzQ3Rq9Gikc3DDWkF6peLvx4JZdnE=
+chainguard.dev/sdk v0.1.48/go.mod h1:b4isqRFaCBaRuVcHUrFeaqvt3d8J9GNOMS0RAyoawXw=
 cloud.google.com/go/auth v0.18.1 h1:IwTEx92GFUo2pJ6Qea0EU3zYvKnTAeRCODxfA/G5UWs=
 cloud.google.com/go/auth v0.18.1/go.mod h1:GfTYoS9G3CWpRA3Va9doKN9mjPGRS+v41jmZAhBzbrA=
 cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc=
