Skip to content

Comments

[release-1.15][gomod]: Bump the minor group across 1 directory with 6 updates#1110

Open
dependabot[bot] wants to merge 1 commit intorelease-1.15from
dependabot/go_modules/release-1.15/minor-54ead53623
Open

[release-1.15][gomod]: Bump the minor group across 1 directory with 6 updates#1110
dependabot[bot] wants to merge 1 commit intorelease-1.15from
dependabot/go_modules/release-1.15/minor-54ead53623

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 17, 2026
edited
Loading

Bumps the minor group with 4 updates in the / directory: github.com/cloudevents/sdk-go/v2, github.com/google/go-containerregistry, github.com/wavesoftware/go-commandline and sigs.k8s.io/yaml.

Updates github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.2

Release notes

Sourced from github.com/cloudevents/sdk-go/v2's releases.

Release v2.16.2

No release notes provided.

Release v2.16.1

CloudEvents SDK Go v2.16.1

🐛 Bug Fixes and Improvements

  • ⚡ NATS JetStream Enhancement: Made send subject optional via context by @​kmpm in cloudevents/sdk-go#1143

    • Added WithSubject function to override the default subject when sending messages
    • Added comprehensive tests and updated samples
    • Non-breaking enhancement that adds flexibility for NATS users

  • 📝 CloudEvents JSON Handling Fixes by @​alank-ps:

    • WriteJson Fix in cloudevents/sdk-go#1162: Fixed WriteJson to properly handle data as JSON when dataContentType is application/cloudevents+json or batch
    • ConsumeData Fix in cloudevents/sdk-go#1164: Fixed consumeData functions to properly recognize structured mode JSON content types
    • Improves compatibility with the CloudEvents specification

  • 🔧 CI/Test Improvements: Fix failing CI tests by @​embano1 in cloudevents/sdk-go#1156

🔄 Maintenance and Dependency Updates

  • 🛠️ Dependency Management Overhaul by @​embano1 in cloudevents/sdk-go#1145
    • Added script (hack/update-deps.sh) to update Go dependencies across all modules
    • Replaced Dependabot with custom script for better dependency management
    • Removed stale and broken OpenTelemetry samples

📦 Key Dependency Updates:

  • github.com/google/go-cmp: v0.6.0 → v0.7.0
  • golang.org/x/sync: v0.12.0 → v0.13.0
  • github.com/nats-io/nats.go: v1.37.0 → v1.41.2
  • github.com/IBM/sarama: v1.40.1 → v1.45.1
  • github.com/docker/docker: v20.10.17 → v27.1.1
  • go.opentelemetry.io/otel: v1.18.0 → v1.35.0
  • 🐹 Go version: Updated from 1.22 to 1.23.0 (toolchain 1.23.8)

🚨 Breaking Changes

None. All updates are either backward-compatible improvements, bug fixes, or internal refactors.

👥 New Contributors

📋 What's Changed

... (truncated)

Commits
  • af3e859 Merge pull request #1184 from cloudevents/dependabot/github_actions/actions/s...
  • bf5b8a6 chore(deps): Bump actions/setup-go from 5.5.0 to 6.0.0
  • 945d930 Merge pull request #1180 from philicious/refactor-pubsubv2
  • 35623f2 chore: Replace deprecated grpc.Dial calls
  • f0bd406 fix: Properly test that supplied ReceiveSettings are being used
  • ae89eba Refactor pubsub protocol to use new upstream v2 library
  • 34f7f6f Merge pull request #1183 from embano1/go-version
  • cafbb12 chore: update go version in workflows
  • 0a1147c Merge pull request #1182 from cloudevents/automated-dependency-updates
  • 835c486 chore: update dependencies
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.19.1 to 0.20.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.7

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.20.6...v0.20.7

v0.20.6

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.20.4...v0.20.6

v0.20.5

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.20.3...v0.20.5

v0.20.4 - Not usable as a go module

... (truncated)

Commits
  • e075f20 go mod tidy on dependabot update (#2171)
  • 45aacf4 Bump the actions group across 1 directory with 3 updates (#2170)
  • 073b936 Update dependencies and deprecate DockerVersion field (#2164)
  • 390dacd Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /cmd/krane (#2163)
  • ca44d47 Bump golang.org/x/crypto from 0.38.0 to 0.45.0 in /pkg/authn/k8schain (#2162)
  • 999cc1f Bump github.com/docker/docker (#2161)
  • d1809c8 Build artifacts for riscv64 (#2159)
  • 7471efd Bump the auxiliary-deps group across 3 directories with 4 updates (#2156)
  • 2bb5bb0 Bump the actions group with 5 updates (#2155)
  • 16371c1 Remove manual vendor setting for dependabot (#2151)
  • Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.10.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

  • If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
  • or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: spf13/cobra#2303

✨ Features

🐛 Fix

🪠 Testing

📝 Docs

New Contributors

... (truncated)

Commits
  • 7da941c chore: Bump pflag to v1.0.9 (#2305)
  • 51d6751 Bump pflag to 1.0.8 (#2303)
  • 3f3b818 Update README.md with new logo
  • dcaf42e Add Periscope to the list of projects using Cobra (#2299)
  • 6dec1ae The default ShellCompDirective can be customized for a command and its subcom...
  • c8289c1 chore(golangci-lint): add some exclusion presets
  • 4af7b64 refactor: apply golangci-lint autofixes, work around false positives
  • 75790e4 chore(golangci-lint): upgrade to v2
  • db3ddb5 Adding sponsorship to README.md
  • 67171d6 putting sponsorship below header
  • Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.11.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Fixes

Documentation, Build & CI

... (truncated)

Commits
  • b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
  • 69831f3 build(deps): bump actions/checkout from 4 to 5
  • a53be35 Improve captureTestingT helper
  • aafb604 mock: improve formatting of error message
  • 7218e03 improve error msg
  • 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
  • bc7459e suite: faster filtering of methods (-testify.m)
  • 7d37b5c suite: refactor methodFilter
  • c58bc90 Merge pull request #1764 from stretchr/dolmen/suite-refactor-stats-for-readab...
  • 87101a6 suite.Run: refactor handling of stats
  • Additional commits viewable in compare view

Updates github.com/wavesoftware/go-commandline from 1.0.0 to 1.3.0

Release notes

Sourced from github.com/wavesoftware/go-commandline's releases.

v1.3.0

What's Changed

Full Changelog: wavesoftware/go-commandline@v1.2.0...v1.3.0

v1.2.0

What's Changed

Full Changelog: wavesoftware/go-commandline@v1.1.0...v1.2.0

v1.1.0

What's Changed

Full Changelog: wavesoftware/go-commandline@v1.0.0...v1.1.0

Commits
  • b448e1c 💝 Allow error handlers to access the Cobra' command object (#4)
  • b266316 🎁 Custom error handler (#3)
  • 24d49d4 💝 A general purpose WithCommand option. (#2)
  • See full diff in compare view

Updates sigs.k8s.io/yaml from 1.4.0 to 1.6.0

Release notes

Sourced from sigs.k8s.io/yaml's releases.

v1.6.0

What's Changed

v1.5.0

Full Changelog: kubernetes-sigs/yaml@v1.4.0...v1.5.0

Commits
  • 048d724 Merge pull request #132 from thockin/master
  • 23c836c Bolster tests, mostly in error-handling
  • 2e3340b Add compact output tests
  • 4a4f539 Add test case for tabs in multi-line strings
  • 13509ad Change which methods get a newline and fix tests
  • 59c2c43 Add compact mode so KYAML can be used in more places
  • abc1add kyaml: Implement escaping closer to YAML spec
  • 7749171 Add a yamlfmt cmd
  • a932007 Add KYAML support
  • 0f318dc Merge pull request #134 from kubernetes-sigs/forgot-to-add-redirects-for-cons...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
[release-1.15][gomod]: Bump the minor group across 1 directory with 6…
7dbe114 
… updates

Bumps the minor group with 4 updates in the / directory: [github.com/cloudevents/sdk-go/v2](https://github.com/cloudevents/sdk-go), [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry), [github.com/wavesoftware/go-commandline](https://github.com/wavesoftware/go-commandline) and [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml).


Updates `github.com/cloudevents/sdk-go/v2` from 2.15.2 to 2.16.2
- [Release notes](https://github.com/cloudevents/sdk-go/releases)
- [Commits](cloudevents/sdk-go@v2.15.2...v2.16.2)

Updates `github.com/google/go-containerregistry` from 0.19.1 to 0.20.7
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.19.1...v0.20.7)

Updates `github.com/spf13/cobra` from 1.8.0 to 1.10.1
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.8.0...v1.10.1)

Updates `github.com/stretchr/testify` from 1.9.0 to 1.11.0
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.9.0...v1.11.0)

Updates `github.com/wavesoftware/go-commandline` from 1.0.0 to 1.3.0
- [Release notes](https://github.com/wavesoftware/go-commandline/releases)
- [Commits](wavesoftware/go-commandline@v1.0.0...v1.3.0)

Updates `sigs.k8s.io/yaml` from 1.4.0 to 1.6.0
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/yaml@v1.4.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/cloudevents/sdk-go/v2
  dependency-version: 2.16.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.20.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: github.com/wavesoftware/go-commandline
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
- dependency-name: sigs.k8s.io/yaml
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Feb 17, 2026
@openshift-ci
Copy link

openshift-ci bot commented Feb 17, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign dsimansk for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci
Copy link

openshift-ci bot commented Feb 17, 2026

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jrangelramos jrangelramos Awaiting requested review from jrangelramos

@rudyredhat1 rudyredhat1 Awaiting requested review from rudyredhat1

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code needs-ok-to-test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants