build(deps): bump the go-deps group across 1 directory with 3 updates

[dependabot]

Bumps the go-deps group with 3 updates in the / directory: github.com/minio/minio-go/v7, github.com/prometheus/client_golang and github.com/sigstore/cosign/v2.

Updates github.com/minio/minio-go/v7 from 7.0.94 to 7.0.95

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix Release

What's Changed

• test: add test for PresignedPostPolicy with empty fileName by @​jiuker in minio/minio-go#2119
• fix: prefix should use stringLike when new a bucketPolicy (2) by @​mannreis in minio/minio-go#2124
• update all deps by @​harshavardhana in minio/minio-go#2125
• set checksum headers requested properly by @​harshavardhana in minio/minio-go#2130
• fix: missing append() API behavior by @​harshavardhana in minio/minio-go#2131
• extend more missing headers for PartUploads by @​harshavardhana in minio/minio-go#2132
• fix: explicitly use UTC for expiration field when marshaling PostPolicy by @​qwwqe in minio/minio-go#2135
• fix: DurationSeconds is a QueryValues not a Form data (#2128) by @​vlaborie in minio/minio-go#2129
• make sure to avoid closing the input reader by @​harshavardhana in minio/minio-go#2137

New Contributors

• @​mannreis made their first contribution in minio/minio-go#2124
• @​qwwqe made their first contribution in minio/minio-go#2135
• @​vlaborie made their first contribution in minio/minio-go#2129

Full Changelog: minio/minio-go@v7.0.94...v7.0.95

Commits

• bd91926 make sure to avoid closing the input reader (#2137)
• 94f7e5e fix: DurationSeconds is a QueryValues not a Form data (#2128) (#2129)
• 456f9b2 fix: explicitly use UTC for expiration field when marshaling PostPolicy (#2135)
• beae4df setting multiple keys to trailer is not allowed
• 6358be6 extend more missing headers for PartUploads (#2132)
• bab3180 fix: missing append() API behavior (#2131)
• 8a07725 set checksum headers requested properly (#2130)
• 9b18e49 update all deps (#2125)
• 68615a3 fix: prefix should use stringLike when new a bucketPolicy (2) (#2124)
• 8eacd80 test: add test for PresignedPostPolicy with empty fileName (#2119)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.23.0 to 1.23.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

• [release-1.23] Upgrade to prometheus/common v0.66 by @​aknuds1 in prometheus/client_golang#1866
• [release-1.23] Cut v1.23.1 by @​aknuds1 in prometheus/client_golang#1867

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Commits

• 4ff40f0 Cut v1.23.1 (#1867)
• 989b029 Upgrade to prometheus/common v0.66 (#1866)
• See full diff in compare view

Updates github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.5.3

Changelog

• 488ef8ceed5ab5d77379e9077a124a0d0df41d06 Add signing-config create command (#4280)
• 722207e0059efea600a7c03ea4ff6caa889d84d3 Allow multiple services to be specified for trusted-root create (#4285)
• 2ee22fcdf520a984281ff0195be89810a952280c force when copying the latest image to overwrite (#4298)
• 86560e15eb407f7fa2ddddc7d9dbc4ba33cff635 Fix cert verification logic for trusted-root/SCTs (#4294)
• 9f3b013feb3d46c8ee6d5539e7b13eb736ba14ce Fix lint error for types package (#4295)
• 3b3c0fc20b621ed148b3efea00204f67bfda039d feat: Add OCI 1.1+ experimental support to tree (#4205)
• 49c8d784a78d298d0eef1f9898d70eb2d0f07536 Add validity period end for trusted-root create (#4271)
• ba8214ec0c6e50ef8c4e4272a16ccfacf5f3147d avoid double-loading trustedroot from file (#4264)

Thanks to all contributors!

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.5.3

Features

• Add signing-config create command (#4280)
• Allow multiple services to be specified for trusted-root create (#4285)
• feat: Add OCI 1.1+ experimental support to tree (#4205)
• Add validity period end for trusted-root create (#4271)

Bug Fixes

• Fix cert verification logic for trusted-root/SCTs (#4294)
• force when copying the latest image to overwrite (#4298)
• avoid double-loading trustedroot from file (#4264)

Commits

• 488ef8c Add signing-config create command (#4280)
• 722207e Allow multiple services to be specified for trusted-root create (#4285)
• e31d70b bump go-github to v73 (#4297)
• 2ee22fc force when copying the latest image to overwrite (#4298)
• 86560e1 Fix cert verification logic for trusted-root/SCTs (#4294)
• 9f3b013 Fix lint error for types package (#4295)
• 34f0ff9 chore(deps): bump github.com/buildkite/agent/v3 from 3.101.0 to 3.102.1 (#4288)
• b2b9462 chore(deps): bump github.com/sigstore/protobuf-specs from 0.4.3 to 0.5.0 (#4289)
• 60d47a0 chore(deps): bump google.golang.org/api from 0.240.0 to 0.241.0 (#4291)
• 5dac117 chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (#4293)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml