build(deps): bump the k8s-dependencies group with 5 updates

[dependabot]

Bumps the k8s-dependencies group with 5 updates:

Package	From	To
k8s.io/api	0.34.2	0.35.0
k8s.io/apimachinery	0.34.2	0.35.0
k8s.io/client-go	0.34.2	0.35.0
k8s.io/cri-api	0.34.2	0.35.0
k8s.io/utils	0.0.0-20250820121507-0af2bda4dd1d	0.0.0-20251002143259-bc988d571ff4

Updates k8s.io/api from 0.34.2 to 0.35.0

Commits

• 9afe7de Update dependencies to v0.35.0 tag
• bbcbaa8 Merge remote-tracking branch 'origin/master' into release-1.35
• 5bced61 Bump golang.org/x/crypto to v0.45.0
• 39e2e26 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• c22b4a1 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• e3b1f3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 3da327c Update vendored dependencies
• c764b44 Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
• aced136 Generated files from API changes
• 02d790d Adding Resources and AllocatedResoures fields to the list of expected fields ...
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.2 to 0.35.0

Commits

• 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
• e2a2dbc Bump golang.org/x/crypto to v0.45.0
• 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 52154f7 Update vendored dependencies
• 5a348c5 KEP-5471: Extend tolerations operators (#134665)
• 6f89492 Merge pull request #133648 from richabanker/merged-discovery
• c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
• 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.34.2 to 0.35.0

Commits

• 9bcb694 Update dependencies to v0.35.0 tag
• 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
• 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
• 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
• 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
• 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
• 97256a6 Bump golang.org/x/crypto to v0.45.0
• 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 171ef8c Use transformer in consistency checker
• 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• Additional commits viewable in compare view

Updates k8s.io/cri-api from 0.34.2 to 0.35.0

Commits

• a417952 Merge remote-tracking branch 'origin/master' into release-1.35
• 907364b Bump golang.org/x/crypto to v0.45.0
• 3700a5e vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• d91f61d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 552a0cb Update vendored dependencies
• 6e530f3 Merge pull request #135004 from pohly/dependencies-x-repos
• 8b4785a dependencies: various minor updates
• e5aea61 Merge pull request #134780 from joshjms/bump-etcd-sdk-v3.6.5
• 89f043d etcd: bump etcd sdk to v3.6.5
• 02decfa Merge pull request #134410 from SergeyKanzhelev/criapichangelog
• Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20250820121507-0af2bda4dd1d to 0.0.0-20251002143259-bc988d571ff4

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[catherinetcai]

Just noting here that I tried to clear the lint errors here by swapping out fake.NewSimpleClientset with fake.NewClientset. That broke a few tests that relied on the informers watching resources:

=== FAIL: pkg/controllers/routing Test_AddPolicies (0.81s)

=== FAIL: pkg/controllers/routing Test_advertiseClusterIPs/add_bgp_path_for_invalid_service_type (20.13s)
    network_routes_controller_test.go:431: timeout exceeded waiting for 1 watch events, got 0

=== FAIL: pkg/controllers/routing Test_advertiseClusterIPs (20.84s)

=== FAIL: pkg/controllers/routing Test_advertiseExternalIPs (unknown)
--- PASS: Test_advertiseExternalIPs/add_bgp_path_for_service_with_external_IPs (0.62s)

I poked around a bit, and I believe that's related to this issue (though I'm not 100% certain): kubernetes/kubernetes#135895. It would take a bit of refactoring to try and implement what's proposed in this comment. Wondering if it makes sense to just ignore linting on this for now? @aauren @mrueg

[aauren]

Just noting here that I tried to clear the lint errors here by swapping out fake.NewSimpleClientset with fake.NewClientset. That broke a few tests that relied on the informers watching resources:

=== FAIL: pkg/controllers/routing Test_AddPolicies (0.81s)

=== FAIL: pkg/controllers/routing Test_advertiseClusterIPs/add_bgp_path_for_invalid_service_type (20.13s)
    network_routes_controller_test.go:431: timeout exceeded waiting for 1 watch events, got 0

=== FAIL: pkg/controllers/routing Test_advertiseClusterIPs (20.84s)

=== FAIL: pkg/controllers/routing Test_advertiseExternalIPs (unknown)
--- PASS: Test_advertiseExternalIPs/add_bgp_path_for_service_with_external_IPs (0.62s)

I poked around a bit, and I believe that's related to this issue (though I'm not 100% certain): kubernetes/kubernetes#135895. It would take a bit of refactoring to try and implement what's proposed in this comment. Wondering if it makes sense to just ignore linting on this for now? @aauren @mrueg

That's a good find. I agree that the issue you found is likely the cause. It looks like upstream is still trying to understand what the approach would be for these changes.

My recommendation would be that we wait a couple of upstream 0.35.X versions and see how upstream handles this. It looks like they're already starting to work on a fix and its not urgent to upgrade to 0.35.

Keeping the deprecation notice will prompt us to upgrade to the new functionality. I'm worried that if we add the ignore now, then we won't get reminded to look into this until they drop the functions from the clientset altogether.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.