chore(deps): bump the go group across 1 directory with 3 updates

[dependabot]

Bumps the go group with 3 updates in the / directory: github.com/fluxcd/kustomize-controller/api, github.com/fluxcd/pkg/runtime and ocm.software/ocm.

Updates github.com/fluxcd/kustomize-controller/api from 1.6.0 to 1.6.1

Release notes

Sourced from github.com/fluxcd/kustomize-controller/api's releases.

v1.6.1

Changelog

v1.6.1 changelog

Container images

• docker.io/fluxcd/kustomize-controller:v1.6.1
• ghcr.io/fluxcd/kustomize-controller:v1.6.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/kustomize-controller/api's changelog.

1.6.1

Release date: 2025-07-08

This patch release fixes a bug introduced in v1.6.0 that causes SOPS decryption with US Government KMS keys to fail with the error:

STS: AssumeRoleWithWebIdentity, https response error\n   StatusCode: 0, RequestID: ,
request send failed, Post\n \"https://sts.arn.amazonaws.com/\": dial tcp:
lookupts.arn.amazonaws.com on 10.100.0.10:53: no such host

Fixes:

• Fix regression in STS endpoint for SOPS decryption with AWS KMS in US Gov partition #1478

Commits

• 8ec4a6e Merge pull request #1482 from fluxcd/release-v1.6.1
• 84115f6 Release v1.6.1
• 2333a74 Add changelog entry for v1.6.1
• 9a203c8 Merge pull request #1480 from fluxcd/backport-1478-to-release/v1.6.x
• 127d696 Fix regression in STS endpoint for SOPS decryption with AWS KMS in US Gov par...
• See full diff in compare view

Updates github.com/fluxcd/pkg/runtime from 0.62.0 to 0.63.0

Commits

• d07717f Merge pull request #961 from cappyzawa/fix/runtime-secrets-logger-from-context
• ec70e5a runtime/secrets: use context-based logger retrieval
• 3671c3a Merge pull request #958 from cappyzawa/update-kustomize-v5.7.0
• 692aef1 kustomize: Update kustomize to v5.7.0
• 21cbf19 Merge pull request #952 from dgunzy/fix-invalid-cabundle-crd-reconciliation
• 703cbca fix(ssa): remove invalid CABundle from CRD patches
• See full diff in compare view

Updates ocm.software/ocm from 0.25.0 to 0.26.0

Release notes

Sourced from ocm.software/ocm's releases.

v0.26.0

What's Changed

‼️ Breaking Changes

• chore!: migrate to native cobra library by @​Skarlso in open-component-model/ocm#1504

🐛 Bug Fixes

• fix: git access tar methods by @​frewilhelm in open-component-model/ocm#1454
• fix(revert): make sure that ref is an option in the gitHub AccessMethod (#1406) by @​jakobmoellerdev in open-component-model/ocm#1460
• fix: allow spec compliant, but unusually ordered HELM Chart OCI Artifacts in HELM OCI Artifact downloader by @​jakobmoellerdev in open-component-model/ocm#1470
• fix: allow pre-v3.7.0 HELM Charts in HELM OCI Artifact downloader by @​jakobmoellerdev in open-component-model/ocm#1476
• fix: use the updated link checker fork by @​Skarlso in open-component-model/ocm#1475
• fix: make sure that helm downloader does not overwrite chart with provenance data by @​jakobmoellerdev in open-component-model/ocm#1481
• chore: fix correct filename for provenance file by @​frewilhelm in open-component-model/ocm#1492

⬆️ Dependencies

• chore(deps): bump the go group with 7 updates by @​dependabot in open-component-model/ocm#1452
• chore: pin cosign to commit to make sure we are security compliant by @​frewilhelm in open-component-model/ocm#1459
• chore(deps): bump the go group with 7 updates by @​dependabot in open-component-model/ocm#1465
• chore(deps): bump the go group with 5 updates by @​dependabot in open-component-model/ocm#1487
• chore(deps): bump distroless/static-debian12 from to by @​dependabot in open-component-model/ocm#1486
• chore(deps): bump the go group with 7 updates by @​dependabot in open-component-model/ocm#1493
• chore(deps): bump the go group with 10 updates by @​dependabot in open-component-model/ocm#1502
• chore(deps): bump the go group with 8 updates by @​dependabot in open-component-model/ocm#1513
• chore(deps): bump distroless/static-debian12 from to by @​dependabot in open-component-model/ocm#1512

🧰 Maintenance

• chore: bump VERSION to 0.26.0-dev by @​ocmbot in open-component-model/ocm#1443
• chore: GitHub actions add permissions by @​frewilhelm in open-component-model/ocm#1449
• chore: sanitize log by @​frewilhelm in open-component-model/ocm#1450
• chore: adjust GHA permissions by @​frewilhelm in open-component-model/ocm#1451
• chore: remove winget by @​Skarlso in open-component-model/ocm#1463
• chore: use ternary operator to avoid "skipped" integration test job by @​jakobmoellerdev in open-component-model/ocm#1490
• docs: ecrplugin readme by @​ikhandamirov in open-component-model/ocm#1482

... (truncated)

Commits

• 4c74991 chore(deps): bump nosborn/github-action-markdown-cli from 3.4.0 to 3.5.0 in t...
• 7bc621f chore: update 'flake.nix' (#1514)
• c27b5e1 chore(deps): bump distroless/static-debian12 from 188ddfb to 627d6c5 (#1512)
• d74f4c6 chore(deps): bump the go group with 8 updates (#1513)
• d2f8fdc chore: update 'flake.nix' (#1510)
• ceea433 chore!: migrate to native cobra library (#1504)
• 073a4ed chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0 in the ci group...
• 3360f79 chore: update 'flake.nix' (#1503)
• ca24589 chore(deps): bump the go group with 10 updates (#1502)
• c200647 chore: update 'flake.nix' (#1499)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Skarlso]

@dependabot rebase