Bump the go-deps group across 1 directory with 5 updates

[dependabot]

Bumps the go-deps group with 5 updates in the / directory:

Package	From	To
github.com/dgraph-io/badger/v4	4.8.0	4.9.0
github.com/fluxcd/pkg/runtime	0.90.0	0.92.0
github.com/google/go-containerregistry	0.20.6	0.20.7
github.com/onsi/gomega	1.38.2	1.38.3
go.uber.org/zap	1.27.0	1.27.1

Updates github.com/dgraph-io/badger/v4 from 4.8.0 to 4.9.0

Release notes

Sourced from github.com/dgraph-io/badger/v4's releases.

v4.9.0

What's Changed

• fix(docs): fix typos by @​kianmeng in dgraph-io/badger#2227
• fix(y): shall always return empty slice rather than nil by @​kooltuoehias in dgraph-io/badger#2245
• fix: test.sh error by @​kianmeng in dgraph-io/badger#2225
• fix: typo of abandoned by @​jas4711 in dgraph-io/badger#2222
• chore(deps): Update go minor and patch by @​renovate[bot] in dgraph-io/badger#2212
• chore(deps): Update dependency node to v22 by @​renovate[bot] in dgraph-io/badger#2219
• chore: update the trunk conf file by @​matthewmcneely in dgraph-io/badger#2217
• chore(deps): Update go minor and patch by @​renovate[bot] in dgraph-io/badger#2218
• chore(deps): Update actions/checkout action to v5 by @​renovate[bot] in dgraph-io/badger#2221
• chore(deps): Update actions (major) by @​renovate[bot] in dgraph-io/badger#2229
• move docs pages in the repo by @​raphael-istari in dgraph-io/badger#2232
• chore: configure renovate to leave go version as declared by @​matthewmcneely in dgraph-io/badger#2235
• chore: change renovate to maintain backwards compatible go version by @​matthewmcneely in dgraph-io/badger#2236
• chore: update README.md with correct links and badges by @​matthewmcneely in dgraph-io/badger#2239
• chore: add doc for encryption at rest by @​raphael-istari in dgraph-io/badger#2240
• chore(ci): restrict Dgraph test to core packages only by @​matthewmcneely in dgraph-io/badger#2242
• chore: prepare for v4.9.0 release by @​matthewmcneely in dgraph-io/badger#2247

New Contributors

• @​matthewmcneely made their first contribution in dgraph-io/badger#2217
• @​jas4711 made their first contribution in dgraph-io/badger#2222
• @​raphael-istari made their first contribution in dgraph-io/badger#2232
• @​kianmeng made their first contribution in dgraph-io/badger#2225
• @​kooltuoehias made their first contribution in dgraph-io/badger#2245

Full Changelog: dgraph-io/badger@v4.8.0...v4.9.0

Changelog

Sourced from github.com/dgraph-io/badger/v4's changelog.

[4.9.0] - 2025-12-15

Fixed

• fix(y): y.SafeCopy shall always return empty slice rather than nil (#2245)

  WARNING SafeCopy now returns an empty slice rather than nil. For those using our y utility package, this could be a breaking change. This has implications for empty slices stored in badger, specifically, upon retrieval the value stored with the key will be equal to what was set (an empty []byte). See #2067 for more details.

• fix: test.sh error (#2225)
• fix: typo of abandoned (#2222)

Docs

• add doc for encryption at rest (#2240)
• move docs pages in the repo (#2232)

Chores

• chore(ci): restrict Dgraph test to core packages only (#2242)
• chore: update README.md with correct links and badges (#2239)
• chore: change renovate to maintain backwards compatible go version (#2236)
• chore: configure renovate to leave go version as declared (#2235)
• chore(deps): Update actions (major) (#2229)
• chore(deps): Update actions/checkout action to v5 (#2221)
• chore(deps): Update go minor and patch (#2218)
• chore: update the trunk conf file (#2217)
• chore(deps): Update dependency node to v22 (#2219)
• chore(deps): Update go minor and patch (#2212)

CI

• move to GitHub Actions runners

Full Changelog: dgraph-io/badger@v4.8.0...v4.8.1

Commits

• a700dc3 chore: prepare for v4.9.0 release (#2247)
• 2a8b604 fix(y): shall always return empty slice rather than nil (#2245)
• 81b3cb9 fix(docs): fix typos (#2227)
• b61f866 chore(ci): restrict Dgraph test to core packages only (#2242)
• 0b1ebf5 fix: test.sh error (#2225)
• d071e69 add doc for encryption at rest (#2240)
• 65917cc chore: update README.md with correct links and badges (#2239)
• 31342dc chore: change renovate to maintain backwards compatible go version (#2236)
• ca9ca3e chore: configure renovate to leave go version as declared (#2235)
• 5e2ced7 move docs pages in the repo (#2232)
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.90.0 to 0.92.0

Commits

• cac5502 Merge pull request #1054 from cappyzawa/proxy-url-validation
• e4755ca Prepare for release
• 8a1b950 runtime/secrets: validate proxy URL scheme and length
• c346f72 Merge pull request #1052 from fluxcd/dependabot/github_actions/ci-5da62fd8be
• 1f716af build(deps): bump the ci group across 1 directory with 6 updates
• 6c31cd0 Merge pull request #1051 from fluxcd/gate-watch-config
• 42a3f1b Prepare for release
• 1449666 runtime/controller: add feature gate for config watchers
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.20.6 to 0.20.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.7

What's Changed

• Fix ArgsEscaped lint directive by @​Subserial in google/go-containerregistry#2137
• transport: Fix broken links to distribution docs by @​guzalv in google/go-containerregistry#2136
• fix(remote): using customized retry predicate func if provided by @​derekhjray in google/go-containerregistry#2135
• Adding docker file by @​HassanJasim in google/go-containerregistry#2138
• crane: Add timestamp to flatten layer by @​Stephanie0829 in google/go-containerregistry#2117
• feat(remote): pass retryBackoff option to transport by @​aslafy-z in google/go-containerregistry#1628
• Expose clobber refusal error by @​pjbgf in google/go-containerregistry#2146
• Build artifacts for riscv64 by @​ffgan in google/go-containerregistry#2159
• Update dependencies and deprecate DockerVersion field by @​Subserial in google/go-containerregistry#2164

New Contributors

• @​guzalv made their first contribution in google/go-containerregistry#2136
• @​derekhjray made their first contribution in google/go-containerregistry#2135
• @​HassanJasim made their first contribution in google/go-containerregistry#2138
• @​Stephanie0829 made their first contribution in google/go-containerregistry#2117
• @​pjbgf made their first contribution in google/go-containerregistry#2146
• @​ffgan made their first contribution in google/go-containerregistry#2159

Full Changelog: google/go-containerregistry@v0.20.6...v0.20.7

Commits

• e075f20 go mod tidy on dependabot update (#2171)
• 45aacf4 Bump the actions group across 1 directory with 3 updates (#2170)
• 073b936 Update dependencies and deprecate DockerVersion field (#2164)
• 390dacd Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /cmd/krane (#2163)
• ca44d47 Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /pkg/authn/k8schain (#2162)
• 999cc1f Bump github.com/docker/docker (#2161)
• d1809c8 Build artifacts for riscv64 (#2159)
• 7471efd Bump the auxiliary-deps group across 3 directories with 4 updates (#2156)
• 2bb5bb0 Bump the actions group with 5 updates (#2155)
• 16371c1 Remove manual vendor setting for dependabot (#2151)
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.38.3

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

• a3ca2ca v1.38.3
• 4dada36 fix failing have http tests
• d40c691 make string formatitng more consistent for users who use format.Object directly
• 2a37b46 doc: fix typos
• ee26170 docs: fix HaveValue example
• cc85c05 Bump actions/setup-go from 5 to 6 (#866)
• 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
• 67552c5 chore: apply fixes from Go modernize command
• See full diff in compare view

Updates go.uber.org/zap from 1.27.0 to 1.27.1

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.1

Enhancements:

• #1501[]: prevent Object from panicking on nils
• #1511[]: Fix a race condition in WithLazy.

Thanks to @​rabbbit, @​alshopov, @​jquirke, @​arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.1 (19 Nov 2025)

Enhancements:

• #1501[]: prevent Object from panicking on nils
• #1511[]: Fix a race condition in WithLazy.

Thanks to @​rabbbit, @​alshopov, @​jquirke, @​arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Commits

• 7b755a3 release 1.27.1 (#1521)
• d6b395b Update lazy logger not to materialize unless it's being written to (#1519)
• 4b9cea0 ci: Test with Go 1.24, Go 1.25 (#1508)
• 7c80d7b Fix race condition in WithLazy implementation (#1426) (#1511)
• 07077a6 Prevent zap.Object from panicing on nils (#1501)
• a6afd05 Fix lint check name (#1502)
• 6d48253 chore: fix typo (#1482)
• 32f2ec1 Fix the field test for bool type (#1480)
• fe16eb5 Upgrade grpc in zapgrc test package & bump go version (#1478)
• 5f00c34 test(AtomicLevel): demonstrate Handler is not vulnerable to XSS (#1477)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions