Skip to content

chore(deps): bump the go group across 1 directory with 22 updates #751

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump the go group across 1 directory with 22 updates #751

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 28, 2025
edited
Loading

Bumps the go group with 13 updates in the / directory:

Package From To
cuelang.org/go 0.14.0 0.14.1
github.com/containers/image/v5 5.36.1 5.36.2
github.com/cyphar/filepath-securejoin 0.4.1 0.5.0
github.com/fluxcd/helm-controller/api 1.3.0 1.4.0
github.com/fluxcd/kustomize-controller/api 1.6.1 1.7.0
github.com/fluxcd/pkg/apis/event 0.18.0 0.19.0
github.com/fluxcd/pkg/http/fetch 0.17.0 0.19.0
github.com/fluxcd/pkg/kustomize 1.19.0 1.22.0
github.com/fluxcd/pkg/runtime 0.79.0 0.86.0
github.com/fluxcd/source-controller/api 1.6.2 1.7.0
github.com/mikefarah/yq/v4 4.45.4 4.47.2
helm.sh/helm/v3 3.18.5 3.19.0
ocm.software/ocm 0.27.0 0.30.0

Updates cuelang.org/go from 0.14.0 to 0.14.1

Updates github.com/containers/image/v5 from 5.36.1 to 5.36.2

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.36.2

What's Changed

Full Changelog: containers/image@v5.36.1...v5.36.2

Commits
  • d464a25 Bump to v5.36.2
  • 50a6b67 Merge pull request #2943 from TomSweeneyRedHat/dev/tsweeney/backport_2938
  • d3eb538 [release-5.36] rekor: do not cancel http context
  • 6ed8326 Merge pull request #2920 from TomSweeneyRedHat/dev/tsweeney/v5.36.1
  • See full diff in compare view

Updates github.com/cyphar/filepath-securejoin from 0.4.1 to 0.5.0

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.5.0] - 2025-09-26

Let the past die. Kill it if you have to.

NOTE: With this release, some parts of github.com/cyphar/filepath-securejoin are now licensed under the Mozilla Public License (version 2). Please see COPYING.md as well as the the license header in each file for more details.

Breaking

  • The new API introduced in the [0.3.0][] release has been moved to a new subpackage called pathrs-lite. This was primarily done to better indicate the split between the new and old APIs, as well as indicate to users the purpose of this subpackage (it is a less complete version of [libpathrs][]).

    We have added some wrappers to the top-level package to ease the transition, but those are deprecated and will be removed in the next minor release of filepath-securejoin. Users should update their import paths.

    This new subpackage has also been relicensed under the Mozilla Public License (version 2), please see COPYING.md for more details.

Added

  • Most of the key bits the safe procfs API have now been exported and are available in github.com/cyphar/filepath-securejoin/pathrs-lite/procfs. At the moment this primarily consists of a new procfs.Handle API:

    • OpenProcRoot returns a new handle to /proc, endeavouring to make it safe if possible (subset=pid to protect against mistaken write attacks and leaks, as well as using fsopen(2) to avoid racing mount attacks).

      OpenUnsafeProcRoot returns a handle without attempting to create one with subset=pid, which makes it more dangerous to leak. Most users should use OpenProcRoot (even if you need to use ProcRoot as the base of an operation, as filepath-securejoin will internally open a handle when necessary).

    • The (*procfs.Handle).Open* family of methods lets you get a safe O_PATH handle to subpaths within /proc for certain subpaths.

      For OpenThreadSelf, the returned ProcThreadSelfCloser needs to be called after you completely finish using the handle (this is necessary because Go is multi-threaded and ProcThreadSelf references /proc/thread-self which may disappear if we do not runtime.LockOSThread -- ProcThreadSelfCloser is currently equivalent to runtime.UnlockOSThread).

      Note that you cannot open any procfs symlinks (most notably magic-links)

... (truncated)

Commits
  • bb9e81f VERSION: release 0.5.0
  • 17e58e1 CHANGELOG: minor updates
  • cc071b2 hack: properly test ./...
  • a1c1895 CHANGELOG: fix kernel version for open_tree(2)
  • 432c95e doc: minor godoc improvements
  • 90002f2 CHANGELOG: mention MPLv2 in pathrs-lite entry
  • 59fcb8b COPYING: fix reference to pathrs-lite internal pkgs
  • 43797e7 pathrs-lite: add Close to procfs wrapper
  • 2a0e2b6 pathrs-lite: move Reopen impl to internal/procfs
  • 3c5e239 *: update and improve godocs
  • Additional commits viewable in compare view

Updates github.com/fluxcd/helm-controller/api from 1.3.0 to 1.4.0

Release notes

Sourced from github.com/fluxcd/helm-controller/api's releases.

v1.4.0

Changelog

v1.4.0 changelog

Container images

  • docker.io/fluxcd/helm-controller:v1.4.0
  • ghcr.io/fluxcd/helm-controller:v1.4.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.4.0-rc.1

This release candidate is meant for testing.

Container images

  • docker.io/fluxcd/helm-controller:v1.4.0-rc.1
  • ghcr.io/fluxcd/helm-controller:v1.4.0-rc.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/helm-controller/api's changelog.

1.4.0

Release date: 2025-09-25

This minor release comes with various bug fixes and improvements.

⚠️ The v2beta1 APIs were removed. Before upgrading the CRDs, Flux users must run flux migrate to migrate the cluster storage off v2beta1.

The controller now supports ExternalArtifact Helm chart sources under the feature gate ExternalArtifact.

A new RetryOnFailure strategy has been added for automatic retries on Helm release failures.

Dependencies can now be evaluated using CEL expressions via the new readyExpr field, providing more flexible and powerful dependency readiness checks.

Support for workload identity authentication has been added for remote clusters. This is supported both at the controller and object levels. For object-level, enable the feature gate ObjectLevelWorkloadIdentity.

In addition, the Kubernetes dependencies have been updated to v1.34, Helm has been updated to v3.19 and various other controller dependencies have been updated to their latest version. The controller is now built with Go 1.25.

Fixes:

  • Fix continuous drift due to unstable hashing of values #1267
  • Fix watch index conflict between HelmChart and OCIRepository kinds #1266
  • Fix requeue interval for SourceNotReady #1276

Improvements:

  • [RFC-0010] Add workload identity auth for remote clusters #1249
  • [RFC-0010] Support all Azure clouds for remote clusters #1262
  • [RFC-0010] Add multi-tenancy lockdown for kubeconfig #1284
  • [RFC-0010] Add object-level configuration validation #1286
  • [RFC-0012] Add ExternalArtifact feature gate and reconciliation support #1293
  • [RFC-0012] Add support for ExternalArtifact revision with digest #1296
  • Remove deprecated helm.toolkit.fluxcd.io/v2beta1 API group

... (truncated)

Commits
  • 3db605b Merge pull request #1311 from fluxcd/release-v1.4.0
  • 349a1c9 Release v1.4.0
  • 81cb78c Add changelog entry for v1.4.0
  • f716265 Merge pull request #1310 from fluxcd/fix-release
  • 60f04c9 Fix release workflow
  • a3bc6a3 Merge pull request #1309 from fluxcd/dependabot/github_actions/ci-e1f752511b
  • 54fd680 Bump fluxcd/gha-workflows from 0.3.0 to 0.4.0 in the ci group
  • 7ef5e6b Merge pull request #1307 from fluxcd/ci-improve
  • ca91a05 ci: Extract verify to Makefile
  • 82398b7 Merge pull request #1305 from fluxcd/fluxcd/gha-workflows
  • Additional commits viewable in compare view

Updates github.com/fluxcd/kustomize-controller/api from 1.6.1 to 1.7.0

Release notes

Sourced from github.com/fluxcd/kustomize-controller/api's releases.

v1.7.0

Changelog

v1.7.0 changelog

Container images

  • docker.io/fluxcd/kustomize-controller:v1.7.0
  • ghcr.io/fluxcd/kustomize-controller:v1.7.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.7.0-rc.1

This release candidate is meant for testing.

Container images

  • docker.io/fluxcd/kustomize-controller:v1.7.0-rc.1
  • ghcr.io/fluxcd/kustomize-controller:v1.7.0-rc.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/kustomize-controller/api's changelog.

1.7.0

Release date: 2025-09-24

This minor release comes with various bug fixes and improvements.

⚠️ The v1beta1 APIs were removed. Before upgrading the CRDs, Flux users must run flux migrate to migrate the cluster storage off v1beta1.

The Kustomization API now supports reconciling content from external storage systems through the new ExternalArtifact CRD. This feature is controlled by the ExternalArtifact feature gate and enables reconciliation of artifacts stored outside of Git repositories.

Kustomizations now track their reconciliation history in .status.history, providing visibility into past reconciliation attempts and their outcomes.

Dependencies can now be evaluated using CEL expressions through the new readyExpr field in dependsOn. This feature is controlled by the AdditiveCELDependencyCheck feature gate and allows for more flexible dependency readiness checks.

The controller now supports global SOPS Age key decryption, allowing centralized management of decryption keys.

Support for workload identity authentication has been added for remote clusters. This is support both at the controller and object levels. For object-level, enable the feature gate ObjectLevelWorkloadIdentity.

The new .spec.ignoreMissingComponents field allows Kustomizations to continue reconciliation even when referenced components are missing, providing more resilient deployments.

A feature gate CancelHealthChecksOnNewRevision has been added to cancel ongoing health checks when a new revision is detected.

In addition, the Kubernetes dependencies have been updated to v1.34, Kustomize has been updated to v5.7 and various other controller dependencies have been updated to their latest version. The controller is now built with Go 1.25.

Fixes:

  • Fix skipped entries from SSA being stored in the inventory #1513

Improvements:

  • [RFC-0010] Add workload identity authentication for remote clusters #1476
  • [RFC-0010] Add multi-tenancy lockdown for decryption and kubeconfig #1495
  • [RFC-0010] Add object-level configuration validation

... (truncated)

Commits
  • 91e762e Merge pull request #1521 from fluxcd/release-v1.7.0
  • 020caf4 Release v1.7.0
  • 8a3619d Add changelog entry for v1.7.0
  • d7d96f5 Merge pull request #1520 from fluxcd/cancel-health-checks
  • b28d750 Add feature gate to cancel health checks on new revisions
  • bce9a08 Merge pull request #1517 from fluxcd/fix-release
  • 2b35fd8 Fix release workflow
  • 14d88d4 Merge pull request #1515 from fluxcd/dependabot/github_actions/ci-e1f752511b
  • a7fce1b Bump fluxcd/gha-workflows from 0.3.0 to 0.4.0 in the ci group
  • e5d2e36 Merge pull request #1513 from fluxcd/fix-1510
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/event from 0.18.0 to 0.19.0

Commits
  • e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
  • 2b974af Update sigs.k8s.io/controller-tools to v0.15.0
  • 52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
  • c906252 Update dependencies to Kubernetes 1.30
  • 92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
  • ccb916a build(deps): bump the ci group with 3 updates
  • 6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
  • abf5675 kustomize: Add support for namePrefix and nameSuffix
  • 98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
  • efcd824 build(deps): bump docker/setup-buildx-action in the ci group
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.18.0 to 1.21.0

Commits
  • 6ce1a83 Merge pull request #1019 from fluxcd/update-otel
  • 828f74f Prepare release
  • e7a2b15 Update otel to v1.38.0
  • d2f54dd Merge pull request #1018 from fluxcd/meta-artifact
  • 9adb480 apis: Add Artifact type to meta package
  • 7201e2c Merge pull request #1017 from fluxcd/kustomize-ignore-components
  • 929f4b4 kustomize: Add ignoreMissingComponents option
  • a5e02ce Merge pull request #1013 from fluxcd/meta-history
  • 71c0a08 Prepare release
  • 4aaf176 meta: Add History API for tracking reconcile runs in status
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/http/fetch from 0.17.0 to 0.19.0

Commits
  • e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
  • 2b974af Update sigs.k8s.io/controller-tools to v0.15.0
  • 52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
  • c906252 Update dependencies to Kubernetes 1.30
  • 92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
  • ccb916a build(deps): bump the ci group with 3 updates
  • 6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
  • abf5675 kustomize: Add support for namePrefix and nameSuffix
  • 98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
  • efcd824 build(deps): bump docker/setup-buildx-action in the ci group
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/kustomize from 1.19.0 to 1.22.0

Commits
  • bf02f0a Merge pull request #1026 from fluxcd/storage-refactoring
  • e2dd3d1 artifact: Refactor storage package structure
  • ee36d78 Merge pull request #1025 from fluxcd/controller-runtime-v0.22.1
  • b5ab5b9 Prepare release
  • 6ce90c6 Add the Artifact Management SDK to readme
  • e4f3937 Update controller-runtime to v0.22.1
  • 9e2ac7d Merge pull request #1024 from fluxcd/dependabot/github_actions/ci-43e6514044
  • 93ac531 build(deps): bump the ci group across 1 directory with 5 updates
  • 24724be Merge pull request #1023 from fluxcd/runtime-env-vars
  • 85cb1e2 runtime: Add environment variables
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.79.0 to 0.86.0

Commits
  • a4d6607 Merge pull request #1030 from fluxcd/cel-any
  • 633addb Prepare for release
  • e2a9309 runtime/cel: introduce Evaluate()
  • 4e0af91 Merge pull request #1028 from fluxcd/cel-string-slice
  • 3adc488 Prepare for release
  • c302901 runtime/cel: introduce EvaluateStringSlice()
  • 6914a6a Merge pull request #1027 from fluxcd/helm-v0.34.0
  • 75e64b1 Update Helm to v3.19.0
  • bf02f0a Merge pull request #1026 from fluxcd/storage-refactoring
  • e2dd3d1 artifact: Refactor storage package structure
  • Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/tar from 0.13.0 to 0.14.0

Commits
  • 909b315 Merge pull request #651 from fluxcd/git-upgrade-deps
  • 3249e6d git: upgrade dependencies
  • 6eae7b4 Merge pull request #650 from pjbgf/upstream-billy
  • e8ee260 git/gogit: Replaces fs with upstream osfs.BoundOS
  • 01981ea Merge pull request #649 from fluxcd/dependabot/github_actions/ci-915f3d3f9a
  • c6bb1fa build(deps): bump the ci group with 2 updates
  • eedb1a0 Merge pull request #646 from fluxcd/oci-cr-logger
  • e6669d8 oci/auth: Add test to check for non-test flags
  • f01d884 oci: Use controller-runtime pkg/log explicitly
  • 488252e Merge pull request #643 from fluxcd/dependabot/github_actions/ci-81eb07bab1
  • Additional commits viewable in compare view

Updates github.com/fluxcd/source-controller/api from 1.6.2 to 1.7.0

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.7.0

Changelog

v1.7.0 changelog

Container images

  • docker.io/fluxcd/source-controller:v1.7.0
  • ghcr.io/fluxcd/source-controller:v1.7.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.7.0-rc.3

This release candidate is meant for testing.

Container images

  • docker.io/fluxcd/source-controller:v1.7.0-rc.3
  • ghcr.io/fluxcd/source-controller:v1.7.0-rc.3

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.7.0-rc.2

This release candidate is meant for testing.

Container images

  • docker.io/fluxcd/source-controller:v1.7.0-rc.2
  • ghcr.io/fluxcd/source-controller:v1.7.0-rc.2

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.7.0-rc.1

This release candidate is meant for testing.

Container images

  • docker.io/fluxcd/source-controller:v1.7.0-rc.1

... (truncated)

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.7.0

Release date: 2025-09-15

This minor release comes with new features, improvements and bug fixes.

ExternalArtifact

A new ExternalArtifact API has been added to the source.toolkit.fluxcd.io group. This API enables advanced source composition and decomposition patterns implemented by the source-watcher controller.

GitRepository

GitRepository controller now includes fixes for stalling issues and improved error handling. Multi-tenant workload identity support has been added for Azure repositories when the ObjectLevelWorkloadIdentity feature gate is enabled. TLS configuration support has been added for GitHub App authentication.

Bucket

Bucket controller now supports multi-tenant workload identity for AWS, Azure and GCP providers when the ObjectLevelWorkloadIdentity feature gate is enabled. A default service account flag has been added for lockdown scenarios.

General updates

The controller now supports system certificate pools for improved CA compatibility, and TLS ServerName pinning has been removed from TLS configuration for better flexibility. A --default-service-account=<sa name> flag was introduced for workload identity multi-tenancy lockdown.

In addition, the Kubernetes dependencies have been updated to v1.34, Helm has been updated to v3.19 and various other controller dependencies have been updated to their latest version. The controller is now built with Go 1.25.

Fixes:

  • Fix GitRepository controller stalling when it shouldn't #1865

Improvements:

  • [RFC-0010] Add multi-tenant workload identity support for GCP Bucket #1862
  • [RFC-0010] Add multi-tenant workload identity support for AWS Bucket #1868
  • [RFC-0010] Add multi-tenant workload identity support for Azure GitRepository #1871
  • [RFC-0010] Add default-service-account for lockdown #1872
  • [RFC-0010] Add multi-tenant workload identity support for Azure Blob Storage #1875
  • [RFC-0012] Add ExternalArtifact API documentation #1881
  • [RFC-0012] Refactor controller to use fluxcd/pkg/artifact #1883
  • Migrate OCIRepository controller to runtime/secrets #1851
  • Migrate Bucket controller to runtime/secrets #1852

... (truncated)

Commits
  • 39b9314 Merge pull request #1889 from fluxcd/release-v1.7.0
  • 9531d5a Release v1.7.0
  • ca2c18f Add changelog entry for v1.7.0
  • eae8d19 Merge pull request #1888 from fluxcd/helm-v3.19
  • ee1aebf Update Helm to v3.19.0
  • eb1ff72 Merge pull request #1887 from fluxcd/external-artifact-conform-runtime
  • 8d7ef1d api: Make ExternalArtifact conform to runtime Getter/Setter interface
  • 5f4f360 Merge pull request #1886 from fluxcd/ea-conform-source
  • 4880652 api: Make ExternalArtifact conform to the Source interface
  • cf72221 Merge pull request #1883 from fluxcd/refactor-artifact
  • Additional commits viewable in compare view

Updates github.com/mikefarah/yq/v4 from 4.45.4 to 4.47.2

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.47.2

v4.47.1 - Merge Anchor fixes (with flag)

  • Fixed merge anchor behaviour (<<); #2404, #2110, #2386, #2178 Huge thanks to @​stevenwdv! Note that you will need to set --yaml-fix-merge-anchor-to-spec to see the fixes
  • Fixed panic for syntax error when creating a map #2423
  • Bumped dependencies

v4.46.1 - INI support + bug fixes

  • Added INI support
  • Fixed 'add' operator when piped in with no data #2378, #2383, #2384
  • Fixed delete after slice problem (bad node path) #2387 Thanks @​antoinedeschenes
  • Fixed yq small build Thanks @​imzue
  • Switched to YAML org supported go-yaml!
  • Bumped dependencies
Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.47.2:

4.47.1:

  • Fixed merge anchor behaviour (<<); #2404, #2110, #2386, #2178 Huge thanks to @​stevenwdv! Note that you will need to set --yaml-fix-merge-anchor-to-spec to see the fixes
  • Fixed panic for syntax error when creating a map #2423
  • Bumped dependencies

4.46.1:

  • Added INI support
  • Fixed 'add' operator when piped in with no data #2378, #2383, #2384
  • Fixed delete after slice problem (bad node path) #2387 Thanks @​antoinedeschenes
  • Fixed yq small build Thanks @​imzue
  • Switched to YAML org supported go-yaml!
  • Bumped dependencies
Commits
  • 6251e95 Bumping version
  • b2155eb Preparing release
  • 911e394 Bumping pflag
  • 35d338c modify empty table decode
  • 6d7aa38 Bump github.com/spf13/cobra from 1.9.1 to 1.10.1
  • e890011 Adding gah as a community supported install method
  • c34edcf Bump actions/checkout from 4 to 5
  • a46a576 Bump golang from 1.24.5 to 1.25.0
  • af2f868 Bump golang.org/x/net from 0.42.0 to 0.43.0
  • 76c8170 Use ghcr.io instead of ghrc.io
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.0 to 1.38.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.2

1.38.2

  • roll back to go 1.23.0 [c404969]

v1.38.1

1.38.1

Fixes

Numerous minor fixes and dependency bumps

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.2

  • roll back to go 1.23.0 [c404969]

1.38.1

Fixes

Numerous minor fixes and dependency bumps

Commits

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Fixes

Documentation, Build & CI

... (truncated)

Commits
  • 2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
  • af8c912 Backport #1786 to release/1.11
  • b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
  • 69831f3 build(deps): bump actions/checkout from 4 to 5
  • a53be35 Improve captureTestingT helper
  • aafb604 mock: improve formatting of error message
  • 7218e03 improve error msg
  • 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
  • bc7459e suite: faster filtering of methods (-testify.m)
  • 7d37b5c suite: refactor methodFilter
  • Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.18.5 to 3.19.0

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.19.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • Fixed a helm pull regression from 3.18 - error pulling OCI charts with --password #31230
  • Fixed a helm lint regression from Helm 3.18 - rejected JSON Schema $ref URLs that worked in 3.17.x #31166
  • Fixed go mod tidy #31154
  • Fixed k8s version parsing not matching original #31091
  • Fixed charts failing when using a redirect registry

@dependabot dependabot bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Sep 28, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 28, 2025 15:05
@dependabot dependabot bot added kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. labels Sep 28, 2025
@morri-son morri-son requested a review from Skarlso October 1, 2025 09:09
@morri-son
Copy link
Contributor

morri-son commented Oct 1, 2025

@Skarlso are we ready to switch to go 1.25 or do we close this PR?

@Skarlso
Copy link
Contributor

Skarlso commented Oct 1, 2025

Sure.

@dependabot
chore(deps): bump the go group across 1 directory with 22 updates
81ebe49 
Bumps the go group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| cuelang.org/go | `0.14.0` | `0.14.1` |
| [github.com/containers/image/v5](https://github.com/containers/image) | `5.36.1` | `5.36.2` |
| [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.4.1` | `0.5.0` |
| [github.com/fluxcd/helm-controller/api](https://github.com/fluxcd/helm-controller) | `1.3.0` | `1.4.0` |
| [github.com/fluxcd/kustomize-controller/api](https://github.com/fluxcd/kustomize-controller) | `1.6.1` | `1.7.0` |
| [github.com/fluxcd/pkg/apis/event](https://github.com/fluxcd/pkg) | `0.18.0` | `0.19.0` |
| [github.com/fluxcd/pkg/http/fetch](https://github.com/fluxcd/pkg) | `0.17.0` | `0.19.0` |
| [github.com/fluxcd/pkg/kustomize](https://github.com/fluxcd/pkg) | `1.19.0` | `1.22.0` |
| [github.com/fluxcd/pkg/runtime](https://github.com/fluxcd/pkg) | `0.79.0` | `0.86.0` |
| [github.com/fluxcd/source-controller/api](https://github.com/fluxcd/source-controller) | `1.6.2` | `1.7.0` |
| [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) | `4.45.4` | `4.47.2` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.18.5` | `3.19.0` |
| [ocm.software/ocm](https://github.com/open-component-model/ocm) | `0.27.0` | `0.30.0` |



Updates `cuelang.org/go` from 0.14.0 to 0.14.1

Updates `github.com/containers/image/v5` from 5.36.1 to 5.36.2
- [Release notes](https://github.com/containers/image/releases)
- [Commits](containers/image@v5.36.1...v5.36.2)

Updates `github.com/cyphar/filepath-securejoin` from 0.4.1 to 0.5.0
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](cyphar/filepath-securejoin@v0.4.1...v0.5.0)

Updates `github.com/fluxcd/helm-controller/api` from 1.3.0 to 1.4.0
- [Release notes](https://github.com/fluxcd/helm-controller/releases)
- [Changelog](https://github.com/fluxcd/helm-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/helm-controller@v1.3.0...v1.4.0)

Updates `github.com/fluxcd/kustomize-controller/api` from 1.6.1 to 1.7.0
- [Release notes](https://github.com/fluxcd/kustomize-controller/releases)
- [Changelog](https://github.com/fluxcd/kustomize-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/kustomize-controller@v1.6.1...v1.7.0)

Updates `github.com/fluxcd/pkg/apis/event` from 0.18.0 to 0.19.0
- [Commits](fluxcd/pkg@git/v0.18.0...git/v0.19.0)

Updates `github.com/fluxcd/pkg/apis/meta` from 1.18.0 to 1.21.0
- [Commits](fluxcd/pkg@apis/meta/v1.18.0...apis/meta/v1.21.0)

Updates `github.com/fluxcd/pkg/http/fetch` from 0.17.0 to 0.19.0
- [Commits](fluxcd/pkg@git/v0.17.0...git/v0.19.0)

Updates `github.com/fluxcd/pkg/kustomize` from 1.19.0 to 1.22.0
- [Commits](fluxcd/pkg@apis/meta/v1.19.0...kustomize/v1.22.0)

Updates `github.com/fluxcd/pkg/runtime` from 0.79.0 to 0.86.0
- [Commits](fluxcd/pkg@runtime/v0.79.0...runtime/v0.86.0)

Updates `github.com/fluxcd/pkg/tar` from 0.13.0 to 0.14.0
- [Commits](fluxcd/pkg@git/v0.13.0...git/v0.14.0)

Updates `github.com/fluxcd/source-controller/api` from 1.6.2 to 1.7.0
- [Release notes](https://github.com/fluxcd/source-controller/releases)
- [Changelog](https://github.com/fluxcd/source-controller/blob/main/CHANGELOG.md)
- [Commits](fluxcd/source-controller@v1.6.2...v1.7.0)

Updates `github.com/mikefarah/yq/v4` from 4.45.4 to 4.47.2
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.45.4...v4.47.2)

Updates `github.com/onsi/gomega` from 1.38.0 to 1.38.2
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.0...v1.38.2)

Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.10.0...v1.11.1)

Updates `helm.sh/helm/v3` from 3.18.5 to 3.19.0
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.18.5...v3.19.0)

Updates `k8s.io/api` from 0.33.3 to 0.34.0
- [Commits](kubernetes/api@v0.33.3...v0.34.0)

Updates `k8s.io/apiextensions-apiserver` from 0.33.3 to 0.34.0
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.33.3...v0.34.0)

Updates `k8s.io/apimachinery` from 0.33.3 to 0.34.0
- [Commits](kubernetes/apimachinery@v0.33.3...v0.34.0)

Updates `k8s.io/client-go` from 0.33.3 to 0.34.0
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.33.3...v0.34.0)

Updates `ocm.software/ocm` from 0.27.0 to 0.30.0
- [Release notes](https://github.com/open-component-model/ocm/releases)
- [Changelog](https://github.com/open-component-model/ocm/blob/main/RELEASE_PROCESS.md)
- [Commits](open-component-model/ocm@v0.27...v0.30)

Updates `sigs.k8s.io/controller-runtime` from 0.21.0 to 0.22.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.21.0...v0.22.1)

---
updated-dependencies:
- dependency-name: cuelang.org/go
  dependency-version: 0.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/containers/image/v5
  dependency-version: 5.36.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-version: 0.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/helm-controller/api
  dependency-version: 1.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/kustomize-controller/api
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/apis/event
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/apis/meta
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/http/fetch
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/kustomize
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/runtime
  dependency-version: 0.86.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/pkg/tar
  dependency-version: 0.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/fluxcd/source-controller/api
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/mikefarah/yq/v4
  dependency-version: 4.47.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.38.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/api
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: ocm.software/ocm
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/go-c92c29fd19 branch from a5c119a to 81ebe49 Compare October 5, 2025 15:03
@Skarlso Skarlso closed this Oct 15, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 15, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/go_modules/go-c92c29fd19 branch October 15, 2025 08:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Skarlso Skarlso Awaiting requested review from Skarlso

Assignees

No one assigned

Labels

kind/chore chore, maintenance, etc. kind/dependency dependency update, etc.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@morri-son @Skarlso