build(deps): bump the go-deps group across 1 directory with 15 updates

[dependabot]

Bumps the go-deps group with 13 updates in the / directory:

Package	From	To
github.com/elazarl/goproxy	1.7.2	1.8.0
github.com/fluxcd/cli-utils	0.36.0-flux.15	0.37.0-flux.1
github.com/fluxcd/pkg/apis/meta	1.23.0	1.24.0
github.com/fluxcd/pkg/artifact	0.5.0	0.6.0
github.com/fluxcd/pkg/auth	0.33.0	0.35.0
github.com/fluxcd/pkg/runtime	0.90.0	0.95.0
github.com/foxcpp/go-mockdns	1.1.0	1.2.0
github.com/minio/minio-go/v7	7.0.95	7.0.98
github.com/onsi/gomega	1.38.3	1.39.0
github.com/sigstore/cosign/v2	2.5.2	2.6.2
github.com/sirupsen/logrus	1.9.3	1.9.4
golang.org/x/crypto	0.46.0	0.47.0
golang.org/x/oauth2	0.33.0	0.34.0

Updates github.com/elazarl/goproxy from 1.7.2 to 1.8.0

Release notes

Sourced from github.com/elazarl/goproxy's releases.

v1.8.0

What's Changed

• Fix typo in example code snippet by @​PrinceShaji in elazarl/goproxy#653
• Bump golang.org/x/net from 0.35.0 to 0.36.0 in /ext by @​dependabot[bot] in elazarl/goproxy#656
• Only chunk MITM response when body was modified by @​Skn0tt in elazarl/goproxy#720
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in elazarl/goproxy#728
• Bump golangci/golangci-lint-action from 6 to 9 by @​dependabot[bot] in elazarl/goproxy#725
• Fix keep alive logic and replace legacy response write logic by @​ErikPelli in elazarl/goproxy#734
• Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in /ext by @​dependabot[bot] in elazarl/goproxy#708
• Bump github.com/coder/websocket from 1.8.12 to 1.8.14 in /examples by @​dependabot[bot] in elazarl/goproxy#711
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in elazarl/goproxy#709
• fix auth remote proxy in cascadeproxy by @​mcarbonneaux in elazarl/goproxy#664
• Fix linter configuration & issues by @​ErikPelli in elazarl/goproxy#735

New Contributors

• @​PrinceShaji made their first contribution in elazarl/goproxy#653
• @​Skn0tt made their first contribution in elazarl/goproxy#720
• @​mcarbonneaux made their first contribution in elazarl/goproxy#664

Full Changelog: elazarl/goproxy@v1.7.2...v1.8.0

Commits

• 26d3e75 Fix linter configuration & issues (#735)
• 5f52967 fix auth remote proxy in cascadeproxy (#664)
• b81733c Bump actions/setup-go from 5 to 6 (#709)
• 2df6d8b Bump github.com/coder/websocket from 1.8.12 to 1.8.14 in /examples (#711)
• 1854770 Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in /ext (#708)
• 78c76be Fix keep alive logic and replace legacy response write logic (#734)
• 8766328 Bump golangci/golangci-lint-action from 6 to 9 (#725)
• fad3713 Merge pull request #728 from elazarl/dependabot/github_actions/actions/checko...
• 3cfbd83 Bump actions/checkout from 4 to 6
• 29d1550 Merge pull request #720 from Skn0tt/reproduce-mitm-content-length-bug
• Additional commits viewable in compare view

Updates github.com/fluxcd/cli-utils from 0.36.0-flux.15 to 0.37.0-flux.1

Commits

• aebccc7 Merge pull request #17 from mattfarina/1.35-support
• 5202163 Updating golangci-lint for Go 1.25
• 86f17bb Upgrade golangci-lint and fix warnings
• 244d65b Add k8s 1.35 support
• See full diff in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.23.0 to 1.24.0

Commits

• f3c7b60 Merge pull request #1042 from fluxcd/add-queue
• 9b058c8 Prepare for release
• 4f7f34b runtime/controller: add support for detecting enqueue events while reconciling
• 22fc427 Merge pull request #1060 from arvatoaws-labs/main
• aa1f17c feat: add support for aws eusc domain
• a65ff96 Merge pull request #1059 from fluxcd/improve-job-kstatus
• 077fa74 runtime/statusreaders: improve Job status reader
• cac5502 Merge pull request #1054 from cappyzawa/proxy-url-validation
• e4755ca Prepare for release
• 8a1b950 runtime/secrets: validate proxy URL scheme and length
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/artifact from 0.5.0 to 0.6.0

Commits

• 288cd7a Merge pull request #752 from fluxcd/handle-in-cluster-annotation
• 4971c85 Return a DiffTypeExclude when exclusion annotation is set in cluster
• 46467e7 Merge pull request #754 from fluxcd/update-docker
• 43f36aa Update docker dependencies
• e350b5b Merge pull request #750 from fluxcd/update-deps-go-1.22
• 3ad72d9 Update dependencies to Go 1.22 and Kubernetes 1.29.3
• 6ad47ef Merge pull request #751 from fluxcd/disable-bitbucket-server-tests
• 9ba119b Disable bitbucket-server e2e
• e8f9e40 Merge pull request #723 from gdasson/main
• 5c27146 Adding common "reason" constants
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/auth from 0.33.0 to 0.35.0

Commits

• f01e8d6 Merge pull request #999 from abhijith-darshan/feat/gh_app_ca
• e77a11b Prepare for release
• 9fd9628 git/github: Add support for mTLS to GitHub App transport
• 04d916d Merge pull request #997 from cappyzawa/feat/tls-config-from-secret-ref-options
• 4642dab Prepare for release
• 27b414e runtime/secrets: add TLSConfigOption support to TLSConfigFromSecretRef
• dbf1d22 Merge pull request #995 from cappyzawa/feat/tls-config-options
• cb022f7 Prepare for release
• 488ca09 runtime/secrets: add WithSystemCertPool for CA handling
• 1c8c7bb Merge pull request #993 from cappyzawa/feat/remove-insecure-parameter
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.90.0 to 0.95.0

Commits

• 2818265 Merge pull request #1076 from fluxcd/gh-app-owner-helpers
• b5e6bdd Prepare for release
• 33c862d runtime/secrets: introduce gh app owner in secret helpers
• 558cc75 Merge pull request #1074 from fluxcd/gh-app-owner
• 3ca633a git/github: introduce support for looking up app installation ID
• d6af17e Merge pull request #1071 from fluxcd/fix-flux2-5677
• 1e27082 auth: remove cluster host matching requirement
• 2f71d01 Merge pull request #1068 from fluxcd/cel-improvements
• 9307c2c Prepare for release
• f5abb7c runtime/cel: simplify status reader
• Additional commits viewable in compare view

Updates github.com/foxcpp/go-mockdns from 1.1.0 to 1.2.0

Release notes

Sourced from github.com/foxcpp/go-mockdns's releases.

v1.2.0

What's Changed

• Fix CNAME chain handling when querying for a CNAME by @​horkhe in foxcpp/go-mockdns#20

New Contributors

• @​horkhe made their first contribution in foxcpp/go-mockdns#20

Full Changelog: foxcpp/go-mockdns@v1.1.0...v1.2.0

Commits

• f736582 Fix CNAME chain following (#20)
• See full diff in compare view

Updates github.com/minio/minio-go/v7 from 7.0.95 to 7.0.98

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

v7.0.98

What's Changed

• Only marshal lifecycle rule Filter XML when not empty by @​amigan in minio/minio-go#2177
• Add post-call checks on AppendObject by @​klauspost in minio/minio-go#2178
• Replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 by @​emike922 in minio/minio-go#2182
• Support GCS bulk delete with serialized single DELETE requests by @​harshavardhana in minio/minio-go#2185
• Add automatic checksum test by @​klauspost in minio/minio-go#2184
• Fix wrong checksum type field name by @​klauspost in minio/minio-go#2188
• Upgrade dependencies, remove toolchain by @​klauspost in minio/minio-go#2189
• Increase max object size to ~48.83TiB (5GiB * 10000 parts) by @​harshavardhana in minio/minio-go#2190
• Add generic Set[T comparable] implementation to pkg/set by @​harshavardhana in minio/minio-go#2192
• Refactor: Use pkg/set types for internal set collections by @​harshavardhana in minio/minio-go#2193

New Contributors

• @​amigan made their first contribution in minio/minio-go#2177
• @​emike922 made their first contribution in minio/minio-go#2182

Full Changelog: minio/minio-go@v7.0.97...v7.0.98

Commits

• 3865112 Refactor: Use pkg/set types for internal set collections (#2193)
• affa1da Add generic Set[T comparable] implementation to pkg/set (#2192)
• 5b6d388 Increase max object size to ~48.83TiB (5GiB * 10000 parts) (#2190)
• 78b5cb7 Upgrade dependencies, remove toolchain (#2189)
• 5b1654c Fix wrong checksum type field name (#2188)
• de96281 Add automatic checksum test (#2184)
• 23199ac Support GCS bulk delete with serialized single DELETE requests (#2185)
• 89b666c Replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 (#2182)
• 9f81484 Bump golang.org/x/crypto from 0.39.0 to 0.45.0 in /examples/minio (#2180)
• 977c848 Bump golang.org/x/crypto from 0.39.0 to 0.45.0 in /examples/s3 (#2179)
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.3 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

Commits

• 49561ad v1.39.0
• 8f7f425 document MatchErrorStrictly
• bae643d add matcher relecting errors.Is behavior
• See full diff in compare view

Updates github.com/sigstore/cosign/v2 from 2.5.2 to 2.6.2

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.6.2

Changelog

v2.6.2 contains a fix for GHSA-whqx-f9j3-ch6m

• 3ade80c5f77cefc904f8c994e88618e5892e8f1c Fix bundle verify path for old bundle/trusted root (#4624)
• c4e6a783ce9b6ad08bb545b79a3277f1aaa16add v2.6 branch - bump sigstore deps (#4619)

Thanks to all contributors!

v2.6.1

Changelog

• 634fabe54f9fbbab55d821a83ba93b2d25bdba5f Bump sigstore-go, move conformance back to tagged release
• c5545eda23d770180880c245bf0d8f78c354ecc4 Partially populate the output of cosign verify when working with new bundles (#4416)
• e191024a636883b4e6b7de8db2f5cfb85a1fcd0c bump go builder to use 1.25.1 and cosign (#4417)

Thanks to all contributors!

v2.6.0 introduces a number of new features, including:

• Signing an in-toto statement rather than Cosign constructing one from a predicate, along with verifying a statement's subject using a digest and digest algorithm rather than providing a file reference (#4306)
• Uploading a signature and its verification material (a "bundle") as an OCI Image 1.1 referring artifact, completing #3927 (#4316)
• Providing service URLs for signing and attesting using a SigningConfig. Note that this is required when using a Rekor v2 instance (#4319)

Example generation and verification of a signed in-toto statement:

cosign attest-blob --new-bundle-format=true --bundle="digest-key-test.sigstore.json" --key="cosign.key" --statement="../sigstore-go/examples/sigstore-go-signing/intoto.txt"
cosign verify-blob-attestation --bundle="digest-key-test.sigstore.json" --key=cosign.pub --type=unused --digest="b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9" --digestAlg="sha256"

Example container signing and verification using the new bundle format and referring artifacts:

cosign sign --new-bundle-format=true ghcr.io/user/alpine@sha256:a19367999603840546b8612572e338ec076c6d1f2fec61760a9e11410f546733
cosign verify --new-bundle-format=true ghcr.io/user/alpine@sha256:a19367999603840546b8612572e338ec076c6d1f2fec61760a9e11410f546733

Example usage of a signing config provided by the public good instance's TUF repository:

cosign sign-blob --use-signing-config --bundle sigstore.json README.md
cosign verify-blob --new-bundle-format --bundle sigstore.json --certificate-identity $EMAIL --certificate-oidc-issuer $ISSUER --use-signed-timestamps README.md

v2.6.0 leverages sigstore-go's signing and verification APIs gated behind these new flags. In an upcoming major release, we will be updating Cosign to default to producing and consuming bundles to align with all other Sigstore SDKs.

... (truncated)

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.6.2

v2.6.2 resolves GHSA-whqx-f9j3-ch6m.

Changes

• Fix bundle verify path for old bundle/trusted root (GHSA-whqx-f9j3-ch6m) (#4624)
• bump sigstore deps to resolve build errors (#4619)

v3.0.3

Thank you for all of your feedback on Cosign v3! v3.0.3 fixes a number of bugs reported by the community along with adding compatibility for the new bundle format and attestation storage in OCI to additional commands. We're continuing to work on compatibility with the remaining commands and will have a new release shortly. If you run into any problems, please file an issue

Changes

• 4554: Closes 4554 - Add warning when --output* is used (#4556)
• Protobuf bundle support for subcommand clean (#4539)
• Add staging flag to initialize with staging TUF metadata
• Updating sign-blob to also support signing with a certificate (#4547)
• Protobuf bundle support for subcommands save and load (#4538)
• Fix cert attachment for new bundle with signing config
• Fix OCI verification with local cert - old bundle
• Deprecate tlog-upload flag (#4458)
• fix: Use signal context for sign cli package.
• update offline verification directions (#4526)
• Fix signing/verifying annotations for new bundle
• Add support to download and attach for protobuf bundles (#4477)
• Add --signing-algorithm flag (#3497)
• Refactor signcommon bundle helpers
• Add --bundle and fix --upload for new bundle
• Pass insecure registry flags through to referrers
• Add protobuf bundle support for tree subcommand (#4491)
• Remove stale embed import (#4492)
• Support multiple container identities
• Fix segfault when no attestations are found (#4472)
• Use overridden repository for new bundle format (#4473)
• Remove --out flag from cosign initialize (#4462)
• Deprecate offline flag (#4457)
• Deduplicate code in sign/attest* and verify* commands (#4449)
• Cache signing config when calling initialize (#4456)

v3.0.2

v3.0.2 is a functionally equivalent release to v3.0.0 and v3.0.1, with a fix for CI to publish signed releases in the new bundle format.

• Note that the --bundle flag specifying an output file to write the Sigstore bundle (which contains all relevant verification material) has moved from optional to required in v3.

... (truncated)

Commits

• 3ade80c Fix bundle verify path for old bundle/trusted root (#4624)
• c4e6a78 v2.6 branch - bump sigstore deps (#4619)
• 634fabe Bump sigstore-go, move conformance back to tagged release
• c5545ed Partially populate the output of cosign verify when working with new bundles ...
• e191024 bump go builder to use 1.25.1 and cosign (#4417)
• 37fbfc7 Require exclusively a SigningConfig or service URLs when signing (#4403)
• b1acaeb Add a terminal spinner while signing with sigstore-go (#4402)
• 2581dfd chore(deps): bump the gomod group across 1 directory with 8 updates (#4401)
• 11163ae Bump sigstore-go, support alternative hash algorithms with keys (#4386)
• 153df46 chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 (#4391)
• Additional commits viewable in compare view

Updates github.com/sigstore/sigstore from 1.9.5 to 1.10.3

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.10.3

What's Changed

v1.10.3 adds ValidatePubKey back to the cryptoutils package to avoid a breaking API change.

• Add back ValidatePubKey as a deprecated, minimal function in sigstore/sigstore#2235

Full Changelog: sigstore/sigstore@v1.10.2...v1.10.3

v1.10.2

Functionally equivalent to v1.10.0. v1.10.1 has been retracted to remove copied code.

v1.10.0

Breaking change

sigstore/sigstore#2194 moves cryptoutils.ValidatePubKey to goodkey.ValidatePubKey to minimize the dependency tree for clients using the cryptoutils package.

Features

• feat(hashivault): token helper in sigstore/sigstore#2174
• set GoogleAPIClientOption on GCP KMS provider in sigstore/sigstore#2128

Refactoring

• cryptoutils: move goodkey validation to separate package in sigstore/sigstore#2194
• Stop depending on golang.org/x/crypto for sha3 in sigstore/sigstore#2209
• remove duplicative dependency for portable browser opener in sigstore/sigstore#2178
• consolidate deep Equal usage to one library in sigstore/sigstore#2177
• Drop redundant aws-sdk-go dependency in the e2e kms tests in sigstore/sigstore#2172

v1.10.0

Breaking change

sigstore/sigstore#2194 moves cryptoutils.ValidatePubKey to goodkey.ValidatePubKey to minimize the dependency tree for clients using the cryptoutils package.

Features

• feat(hashivault): token helper in sigstore/sigstore#2174
• set GoogleAPIClientOption on GCP KMS provider in sigstore/sigstore#2128

Refactoring

• cryptoutils: move goodkey validation to separate package in sigstore/sigstore#2194
• Stop depending on golang.org/x/crypto for sha3 in sigstore/sigstore#2209
• remove duplicative dependency for portable browser opener in sigstore/sigstore#2178
• consolidate deep Equal usage to one library in sigstore/sigstore#2177
• Drop redundant aws-sdk-go dependency in the e2e kms tests in sigstore/sigstore#2172

... (truncated)

Commits

• 72f0ed7 build(deps): Bump github.com/aws/aws-sdk-go-v2/config (#2230)
• b257168 build(deps): Bump github.com/aws/aws-sdk-go-v2 in /pkg/signature/kms/aws (#2226)
• 84f57b8 build(deps): Bump github.com/sigstore/sigstore (#2221)
• bdc1a86 build(deps): Bump actions/checkout from 5.0.1 to 6.0.0 (#2220)
• 11dfe81 build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/aws (#2236)
• 0214948 Add back ValidatePubKey as a deprecated, minimal function (#2235)
• cc26bb8 build(deps): Bump localstack/localstack in /test/e2e in the all group (#2227)
• 63ab8d8 build(deps): Bump github.com/aws/aws-sdk-go-v2/service/kms (#2229)
• 9e629f0 build(deps): Bump the all group with 2 updates (#2219)
• 234b99d build(deps): Bump github.com/coreos/go-oidc/v3 from 3.16.0 to 3.17.0 (#2223)
• Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

• go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460
• go.mod: bump up dependencies sirupsen/logrus#1460
• Touch-up godoc and add "doc" links.
• README: fix links, grammar, and update examples.
• Add GNU/Hurd support sirupsen/logrus#1364
• Add WASI wasip1 support sirupsen/logrus#1388
• Remove uses of deprecated ioutil package sirupsen/logrus#1472
• CI: update actions and golangci-lint sirupsen/logrus#1459
• CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits

• b61f268 Merge pull request #1472 from goldlinker/master
• 15c29db refactor: replace the deprecated function in the ioutil package
• cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
• 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
• d916819 Merge pull request #1427 from dolmen/fix-testify-usage
• 135e482 README: small touch-ups
• 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
• 877ecec README: remove travis badge
• 55cf256 Merge pull request #1393 from jsoref/grammar
• 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.46.0 to 0.47.0

Commits

• 506e022 go.mod: update golang.org/x dependencies
• 7dacc38 chacha20poly1305: error out in fips140=only mode
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.33.0 to 0.34.0

Commits

• acc3815 endpoints: fix %q verb use with wrong type
• See full diff in compare view

Updates google.golang.org/api from 0.256.0 to 0.257.0

Release notes

Sourced from google.golang.org/api's releases.

v0.257.0

0.257.0 (2025-12-02)

Features

• all: Auto-regenerate discovery clients (#3376) (b0c07d2)
• all: Auto-regenerate discovery clients (#3380) (47fcc39)
• all: Auto-regenerate discovery clients (#3381) (cf5cf20)
• all: Auto-regenerate discovery clients (#3382) (2931d4b)
• all: Auto-regenerate discovery clients (#3383) (446402e)
• all: Auto-regenerate discovery clients (#3384) (d82a5d0)
• all: Auto-regenerate discovery clients (#3386) (6a0b46d)
• all: Auto-regenerate discovery clients (#3387) (f3dc8f4)
• all: Auto-regenerate discovery clients (#3388) (e3ca7fd)
• all: Auto-regenerate discovery clients (#3389) (b78dd96)

Changelog

Sourced from google.golang.org/api's changelog.

0.257.0 (2025-12-02)

Features

• all: Auto-regenerate discovery clients (#3376) (b0c07d2)
• all: Auto-regenerate discovery clients (#3380) (47fcc39)
• all: Auto-regenerate discovery clients (#3381) (cf5cf20)
• all: Auto-regenerate discovery clients (#3382) (2931d4b)
• all: Auto-regenerate discovery clients (#3383) (446402e)
• all: Auto-regenerate discovery clients (#3384) (d82a5d0)
• all: Auto-regenerate discovery clients (#3386) (6a0b46d)
• all: Auto-regenerate discovery clients (#3387) (f3dc8f4)
• all: Auto-regenerate discovery clients (#3388) (e3ca7fd)
• all: Auto-regenerate discovery clients (#3389) (b78dd96)

Commits

• 3e8573d chore(main): release 0.257.0 (#3377)
• 6159225 chore(all): update all to 79d6a2a (#3390)
• b78dd96 feat(all): auto-regenerate discovery clients (#3389)
• e3ca7fd feat(all): auto-regenerate discovery clients (#3388)
• f3dc8f4 feat(all): auto-regenerate discovery clients (#3387)
• 6a0b46d feat(all): auto-regenerate discovery clients (#3386)
• a07da21 chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#3379)
• 35b0966 chore(deps): bump golang.org/x/crypto from 0.37.0 to 0.45.0 in /internal/koko...
• d82a5d0 feat(all): auto-regenerate discovery clients (#3384)
• 8c1e205 chore(all): update all (#3374)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions