Bump github.com/smallstep/certificates from 0.28.4 to 0.29.0 in the go_modules group across 1 directory (#17)

Bumps the go_modules group with 1 update in the / directory:
[github.com/smallstep/certificates](https://github.com/smallstep/certificates).

Updates `github.com/smallstep/certificates` from 0.28.4 to 0.29.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/smallstep/certificates/releases">github.com/smallstep/certificates's
releases</a>.</em></p>
<blockquote>
<h2>Step CA v0.29.0 (25-12-03)</h2>
<h2>Official Release Artifacts</h2>
<h4>Linux</h4>
<ul>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_linux_0.29.0_amd64.tar.gz">step-ca_linux_0.29.0_amd64.tar.gz</a></li>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_0.29.0-1_amd64.deb">step-ca_0.29.0-1_amd64.deb</a></li>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca-0.29.0-1.x86_64.rpm">step-ca-0.29.0-1.x86_64.rpm</a></li>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_0.29.0-1_arm64.deb">step-ca_0.29.0-1_arm64.deb</a></li>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca-0.29.0-1.aarch64.rpm">step-ca-0.29.0-1.aarch64.rpm</a></li>
</ul>
<h4>OSX Darwin</h4>
<ul>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_darwin_0.29.0_amd64.tar.gz">step-ca_darwin_0.29.0_amd64.tar.gz</a></li>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_darwin_0.29.0_arm64.tar.gz">step-ca_darwin_0.29.0_arm64.tar.gz</a></li>
</ul>
<h4>Windows</h4>
<ul>
<li>📦 <a
href="https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.29.0/step-ca_windows_0.29.0_amd64.zip">step-ca_windows_0.29.0_amd64.zip</a></li>
</ul>
<p>For more builds across platforms and architectures, see the
<code>Assets</code> section below.
And for packaged versions (Docker, k8s, Homebrew), see our <a
href="https://smallstep.com/docs/step-ca/installation">installation
docs</a>.</p>
<p>Don't see the artifact you need? Open an issue <a
href="https://github.com/smallstep/certificates/issues/new/choose">here</a>.</p>
<h2>Signatures and Checksums</h2>
<p><code>step-ca</code> uses <a
href="https://github.com/sigstore/cosign">sigstore/cosign</a> for
signing and verifying release artifacts.</p>
<p>Below is an example using <code>cosign</code> to verify a release
artifact:</p>
<pre><code>cosign verify-blob \
  --certificate step-ca_darwin_0.29.0_amd64.tar.gz.pem \
  --signature step-ca_darwin_0.29.0_amd64.tar.gz.sig \
--certificate-identity-regexp
&quot;https://github\.com/smallstep/workflows/.*&quot; \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
  step-ca_darwin_0.29.0_amd64.tar.gz
</code></pre>
<p>The <code>checksums.txt</code> file (in the <code>Assets</code>
section below) contains a checksum for every artifact in the
release.</p>
<h2>Changelog</h2>
<ul>
<li>992ff696e95b424a99140bd7edb2144013975059 Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2491">#2491</a>
from smallstep/mariano/update</li>
<li>9d79c59c1d0afdc235047e4509f79564bb0bd9a0 Merge branch 'master' into
mariano/update</li>
<li>8e76e290c0e37f09d13660ed2d5c8b01e80377d6 Disable govulncheck until
go 1.25.5 is available in github actions (<a
href="https://redirect.github.com/smallstep/certificates/issues/2490">#2490</a>)</li>
<li>1011f5f5408b470a636f583bf74c0d7bbaf75d72 Improve validation in
authorization path</li>
<li>48ed3a5d17d1224377d3a36d8e1a67575340c493 Changelog updates for
preparing for v0.29.0 (<a
href="https://redirect.github.com/smallstep/certificates/issues/2488">#2488</a>)</li>
<li>008e6ae94aa641c1350d84d0860c428f05dd444c Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2487">#2487</a>
from
smallstep/dependabot/github_actions/softprops/action-gh-release-2.5.0</li>
<li>895e8c61bfbeda9baed298ba2350a9b1b59cd122 Bump
softprops/action-gh-release from 2.4.2 to 2.5.0</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/smallstep/certificates/blob/master/CHANGELOG.md">github.com/smallstep/certificates's
changelog</a>.</em></p>
<blockquote>
<h2>[0.29.0] - unreleased</h2>
<h3>Added</h3>
<ul>
<li><code>smallstep/certificates#2370</code></li>
<li><code>smallstep/certificates#2382</code></li>
<li><code>smallstep/certificates#2408</code></li>
<li><code>smallstep/certificates#2461</code></li>
<li><code>smallstep/certificates#2463</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li><code>smallstep/certificates#2343</code></li>
</ul>
<h3>Deprecated</h3>
<h3>Removed</h3>
<h3>Fixed</h3>
<ul>
<li><code>smallstep/certificates#2338</code></li>
<li><code>smallstep/certificates#2435</code></li>
<li><code>smallstep/certificates#2444</code></li>
</ul>
<h3>Security</h3>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/smallstep/certificates/commit/992ff696e95b424a99140bd7edb2144013975059"><code>992ff69</code></a>
Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2491">#2491</a>
from smallstep/mariano/update</li>
<li><a
href="https://github.com/smallstep/certificates/commit/9d79c59c1d0afdc235047e4509f79564bb0bd9a0"><code>9d79c59</code></a>
Merge branch 'master' into mariano/update</li>
<li><a
href="https://github.com/smallstep/certificates/commit/8e76e290c0e37f09d13660ed2d5c8b01e80377d6"><code>8e76e29</code></a>
Disable govulncheck until go 1.25.5 is available in github actions (<a
href="https://redirect.github.com/smallstep/certificates/issues/2490">#2490</a>)</li>
<li><a
href="https://github.com/smallstep/certificates/commit/1011f5f5408b470a636f583bf74c0d7bbaf75d72"><code>1011f5f</code></a>
Improve validation in authorization path</li>
<li><a
href="https://github.com/smallstep/certificates/commit/48ed3a5d17d1224377d3a36d8e1a67575340c493"><code>48ed3a5</code></a>
Changelog updates for preparing for v0.29.0 (<a
href="https://redirect.github.com/smallstep/certificates/issues/2488">#2488</a>)</li>
<li><a
href="https://github.com/smallstep/certificates/commit/008e6ae94aa641c1350d84d0860c428f05dd444c"><code>008e6ae</code></a>
Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2487">#2487</a>
from smallstep/dependabot/github_actions/softprops/a...</li>
<li><a
href="https://github.com/smallstep/certificates/commit/895e8c61bfbeda9baed298ba2350a9b1b59cd122"><code>895e8c6</code></a>
Bump softprops/action-gh-release from 2.4.2 to 2.5.0</li>
<li><a
href="https://github.com/smallstep/certificates/commit/930e8fc146c90736ffce71b4f8e62ae573fbd2c3"><code>930e8fc</code></a>
Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2477">#2477</a>
from smallstep/dependabot/go_modules/golang.org/x/cr...</li>
<li><a
href="https://github.com/smallstep/certificates/commit/d7537894c5b534e585e1b794ca3272df0e857878"><code>d753789</code></a>
Bump golang.org/x/crypto from 0.44.0 to 0.45.0</li>
<li><a
href="https://github.com/smallstep/certificates/commit/07fa3454c6c88e9052d2d75e58350bd86d51b239"><code>07fa345</code></a>
Merge pull request <a
href="https://redirect.github.com/smallstep/certificates/issues/2481">#2481</a>
from smallstep/dependabot/go_modules/github.com/newr...</li>
<li>Additional commits viewable in <a
href="https://github.com/smallstep/certificates/compare/v0.28.4...v0.29.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/smallstep/certificates&package-manager=go_modules&previous-version=0.28.4&new-version=0.29.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/liujed/caddy-dns01proxy/network/alerts).

</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

go.mod

@@ -8,35 +8,35 @@ require (
 	github.com/caddyserver/certmagic v0.25.0
 	github.com/libdns/libdns v1.1.1
 	github.com/liujed/goutil v0.0.0
-	github.com/smallstep/certificates v0.28.4
+	github.com/smallstep/certificates v0.29.0
 	github.com/spf13/cobra v1.10.1
 	github.com/spf13/pflag v1.0.10
 	go.uber.org/zap v1.27.1
 )
 
 require (
 	cel.dev/expr v0.24.0 // indirect
-	cloud.google.com/go/auth v0.16.2 // indirect
+	cloud.google.com/go/auth v0.17.0 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
-	cloud.google.com/go/compute/metadata v0.7.0 // indirect
+	cloud.google.com/go/compute/metadata v0.9.0 // indirect
 	dario.cat/mergo v1.0.1 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96 // indirect
 	github.com/KimMachineGun/automemlimit v0.7.4 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
-	github.com/Masterminds/semver/v3 v3.3.0 // indirect
+	github.com/Masterminds/semver/v3 v3.3.1 // indirect
 	github.com/Masterminds/sprig/v3 v3.3.0 // indirect
 	github.com/Microsoft/go-winio v0.6.0 // indirect
 	github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
 	github.com/aryann/difflib v0.0.0-20210328193216-ff5ff6dc229b // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/caddyserver/zerossl v0.1.3 // indirect
-	github.com/ccoveille/go-safecast v1.6.1 // indirect
+	github.com/ccoveille/go-safecast/v2 v2.0.0 // indirect
 	github.com/cespare/xxhash v1.1.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/chzyer/readline v1.5.1 // indirect
 	github.com/cloudflare/circl v1.6.1 // indirect
-	github.com/coreos/go-oidc/v3 v3.14.1 // indirect
+	github.com/coreos/go-oidc/v3 v3.17.0 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
 	github.com/dgraph-io/badger v1.6.2 // indirect
 	github.com/dgraph-io/badger/v2 v2.2007.4 // indirect
@@ -46,7 +46,7 @@ require (
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/francoispqt/gojay v1.2.13 // indirect
 	github.com/go-jose/go-jose/v3 v3.0.4 // indirect
-	github.com/go-jose/go-jose/v4 v4.0.5 // indirect
+	github.com/go-jose/go-jose/v4 v4.1.3 // indirect
 	github.com/go-logr/logr v1.4.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-sql-driver/mysql v1.8.1 // indirect
@@ -55,8 +55,8 @@ require (
 	github.com/google/cel-go v0.26.0 // indirect
 	github.com/google/s2a-go v0.1.9 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
-	github.com/googleapis/gax-go/v2 v2.14.2 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.7 // indirect
+	github.com/googleapis/gax-go/v2 v2.15.0 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
@@ -66,7 +66,7 @@ require (
 	github.com/klauspost/compress v1.18.0 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
 	github.com/manifoldco/promptui v0.9.0 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-colorable v0.1.14 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/mholt/acmez/v3 v3.1.3 // indirect
@@ -77,9 +77,9 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.23.0 // indirect
+	github.com/prometheus/client_golang v1.23.2 // indirect
 	github.com/prometheus/client_model v0.6.2 // indirect
-	github.com/prometheus/common v0.65.0 // indirect
+	github.com/prometheus/common v0.66.1 // indirect
 	github.com/prometheus/procfs v0.16.1 // indirect
 	github.com/quic-go/qpack v0.5.1 // indirect
 	github.com/quic-go/quic-go v0.54.1 // indirect
@@ -88,46 +88,47 @@ require (
 	github.com/shopspring/decimal v1.4.0 // indirect
 	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
 	github.com/slackhq/nebula v1.9.7 // indirect
-	github.com/smallstep/cli-utils v0.12.1 // indirect
-	github.com/smallstep/linkedca v0.23.0 // indirect
+	github.com/smallstep/cli-utils v0.12.2 // indirect
+	github.com/smallstep/linkedca v0.25.0 // indirect
 	github.com/smallstep/nosql v0.7.0 // indirect
 	github.com/smallstep/pkcs7 v0.2.1 // indirect
-	github.com/smallstep/scep v0.0.0-20240926084937-8cf1ca453101 // indirect
+	github.com/smallstep/scep v0.0.0-20250318231241-a25cabb69492 // indirect
 	github.com/smallstep/truststore v0.13.0 // indirect
 	github.com/spf13/cast v1.7.0 // indirect
 	github.com/stoewer/go-strcase v1.2.0 // indirect
 	github.com/tailscale/tscert v0.0.0-20240608151842-d3f834017e53 // indirect
 	github.com/urfave/cli v1.22.17 // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
 	go.etcd.io/bbolt v1.3.10 // indirect
-	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
+	go.opentelemetry.io/auto/sdk v1.2.1 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
-	go.opentelemetry.io/otel v1.37.0 // indirect
-	go.opentelemetry.io/otel/metric v1.37.0 // indirect
-	go.opentelemetry.io/otel/trace v1.37.0 // indirect
-	go.step.sm/crypto v0.67.0 // indirect
+	go.opentelemetry.io/otel v1.38.0 // indirect
+	go.opentelemetry.io/otel/metric v1.38.0 // indirect
+	go.opentelemetry.io/otel/trace v1.38.0 // indirect
+	go.step.sm/crypto v0.74.0 // indirect
 	go.uber.org/automaxprocs v1.6.0 // indirect
-	go.uber.org/mock v0.5.2 // indirect
+	go.uber.org/mock v0.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap/exp v0.3.0 // indirect
+	go.yaml.in/yaml/v2 v2.4.2 // indirect
 	golang.org/x/crypto v0.45.0 // indirect
 	golang.org/x/crypto/x509roots/fallback v0.0.0-20250305170421-49bf5b80c810 // indirect
-	golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
+	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
 	golang.org/x/mod v0.29.0 // indirect
 	golang.org/x/net v0.47.0 // indirect
-	golang.org/x/oauth2 v0.30.0 // indirect
+	golang.org/x/oauth2 v0.33.0 // indirect
 	golang.org/x/sync v0.18.0 // indirect
 	golang.org/x/sys v0.38.0 // indirect
 	golang.org/x/term v0.37.0 // indirect
 	golang.org/x/text v0.31.0 // indirect
-	golang.org/x/time v0.12.0 // indirect
+	golang.org/x/time v0.14.0 // indirect
 	golang.org/x/tools v0.38.0 // indirect
-	google.golang.org/api v0.240.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
-	google.golang.org/grpc v1.73.0 // indirect
+	google.golang.org/api v0.256.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 // indirect
+	google.golang.org/grpc v1.77.0 // indirect
 	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1 // indirect
-	google.golang.org/protobuf v1.36.6 // indirect
+	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	howett.net/plist v1.0.0 // indirect
 )