chore(deps): Bump chainguard.dev/apko from 1.1.7 to 1.1.9 (#734)

dependabot[bot] · web-flow · commit 12b59c6ab1de · 2026-02-20T15:26:41.000Z
Bumps [chainguard.dev/apko](https://github.com/chainguard-dev/apko) from 1.1.7 to 1.1.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chainguard-dev/apko/releases">chainguard.dev/apko's releases</a>.</em></p> <blockquote> <h2>Release v1.1.9</h2> <h2>Changelog</h2> <ul> <li>1a683b227173c90d68cba68c21b662e1f94276b0 sbom: Include predicate type as the output SBOM. (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2005">#2005</a>)</li> </ul> <h2>Release v1.1.8</h2> <h2>Changelog</h2> <ul> <li>5b0e4ae614eed88cc9d7fea6bcb1db9c41afb5b9 build(deps): bump chainguard-dev/actions from 1.6.0 to 1.6.1 (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2076">#2076</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chainguard-dev/apko/commit/1a683b227173c90d68cba68c21b662e1f94276b0"><code>1a683b2</code></a> sbom: Include predicate type as the output SBOM. (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2005">#2005</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/3f638156a623462e063b7f49b45c1a29e88296eb"><code>3f63815</code></a> build(deps): bump google.golang.org/api from 0.266.0 to 0.267.0 (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2078">#2078</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/006c434146b101ba6b27d7d58e0ab29864337218"><code>006c434</code></a> build(deps): bump chainguard-dev/actions from 1.6.1 to 1.6.2 (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2077">#2077</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/0836d626b5ffd8e2ba5fa9a83643d757a65f1c0e"><code>0836d62</code></a> docs: update GoVersion to go1.25. (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2075">#2075</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/91778a95aaea3da2a1b017a027993c2bad0d6c2e"><code>91778a9</code></a> spdx: set purpose on OCI layers (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2046">#2046</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/5b0e4ae614eed88cc9d7fea6bcb1db9c41afb5b9"><code>5b0e4ae</code></a> build(deps): bump chainguard-dev/actions from 1.6.0 to 1.6.1 (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2076">#2076</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/38b8fb03a957b7277c12e93ff20c8d0106b59a41"><code>38b8fb0</code></a> build(deps): bump github/codeql-action from 4.32.2 to 4.32.3 (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2073">#2073</a>)</li> <li><a href="https://github.com/chainguard-dev/apko/commit/53ac80559d89d4a42feee1be69fb89b80a929cbd"><code>53ac805</code></a> Add LockImageConfigurationWithPackages to return package metadata (<a href="https://redirect.github.com/chainguard-dev/apko/issues/2061">#2061</a>)</li> <li>See full diff in <a href="https://github.com/chainguard-dev/apko/compare/v1.1.7...v1.1.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chainguard.dev/apko&package-manager=go_modules&previous-version=1.1.7&new-version=1.1.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/chainguard-dev/terraform-provider-imagetest
 go 1.25.6
 
 require (
-	chainguard.dev/apko v1.1.7
+	chainguard.dev/apko v1.1.9
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2 v2.2.0
@@ -182,7 +182,7 @@ require (
 	golang.org/x/term v0.40.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
 	golang.org/x/tools v0.42.0 // indirect
-	google.golang.org/api v0.266.0 // indirect
+	google.golang.org/api v0.267.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20260128011058-8636f8732409 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
diff --git a/go.sum b/go.sum
@@ -1,5 +1,5 @@
-chainguard.dev/apko v1.1.7 h1:68X0yUkEVzucKEnCCcTt0Kz79inxI1SQqEE15GfA/8g=
-chainguard.dev/apko v1.1.7/go.mod h1:KrgK+OOmQNnLIekJ0/n8ydL4bA6rDoGCM9lS/15Omxc=
+chainguard.dev/apko v1.1.9 h1:H8mYvb37jMOfG0aniuXd1+lK3SljRCfXcYcdqSPS3ck=
+chainguard.dev/apko v1.1.9/go.mod h1:WSKnReIy2VwQSe1wVb00OTyg5Uv78eYX8Y/WoWHebUA=
 chainguard.dev/go-grpc-kit v0.17.15 h1:y+FBjta2lsC0XxlkG+W5P1VxYl0zG74GRvoYN2o+p7s=
 chainguard.dev/go-grpc-kit v0.17.15/go.mod h1:1wAVAX2CCamtFlfMs9PFzfgQQxX1/TQyF6cbWApbJ2U=
 chainguard.dev/sdk v0.1.50 h1:rCoIYf30+ledJdaChqHVi2vh1BwIaWdVLjPfuPGdQ80=
@@ -607,8 +607,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
 gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
-google.golang.org/api v0.266.0 h1:hco+oNCf9y7DmLeAtHJi/uBAY7n/7XC9mZPxu1ROiyk=
-google.golang.org/api v0.266.0/go.mod h1:Jzc0+ZfLnyvXma3UtaTl023TdhZu6OMBP9tJ+0EmFD0=
+google.golang.org/api v0.267.0 h1:w+vfWPMPYeRs8qH1aYYsFX68jMls5acWl/jocfLomwE=
+google.golang.org/api v0.267.0/go.mod h1:Jzc0+ZfLnyvXma3UtaTl023TdhZu6OMBP9tJ+0EmFD0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
 google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
