Skip to content

chore(deps): bump the security group with 5 updates #1913

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the security group with 5 updates #1913

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 3, 2025

Bumps the security group with 5 updates:

Package From To
github.com/cilium/ebpf 0.19.0 0.20.0
github.com/hashicorp/go-getter 1.8.2 1.8.3
github.com/shirou/gopsutil/v4 4.25.9 4.25.10
sigs.k8s.io/controller-runtime 0.22.3 0.22.4
golang.org/x/net 0.45.0 0.46.0

Updates github.com/cilium/ebpf from 0.19.0 to 0.20.0

Release notes

Sourced from github.com/cilium/ebpf's releases.

v0.20.0

Performance Improvements

  • btf: Memory-map vmlinux BTF when possible instead of copying to heap (saves several megabytes)
  • btf: Decode BTF from byte slices instead of io.Reader for better performance
  • btf: Cache BTF during fixups and target search to avoid loading each blob multiple times
  • linker: Resolve kernel symbols in a single pass instead of individually
  • prog: Speed up opening pinned programs by using minimal program info
  • map: Avoid allocations during PerCPUMap batch lookups (76% faster, 99% fewer allocations)

New Features

  • btf: Added LoadSplitSpec function for easier use of split-BTF files
  • btf: Accept empty string tables in BTF data
  • link: Added Detach() method for explicitly detaching links
  • map: Preliminary support for arena maps
  • map: Parse and expose map_extra field in MapSpec (enables bloom filter configuration)
  • prog: Allow explicit ifindex specification when loading programs
  • prog: Support getting context output from syscall programs
  • prog: Allow passing extra targets for CO-RE relocations via ExtraRelocationTargets
  • bpf2go: Allow multiple commands in BPF2GO_CC environment variable (e.g., ccache clang)
  • tracefs: Allow hyphens in tracepoint group names
  • kallsyms: Return ErrRestrictedKernel when reading zero addresses due to kernel.kptr_restrict
  • info: Return ErrRestrictedKernel when program info is restricted by kernel security settings
  • prog: Tolerate ErrRestrictedKernel during ksym resolution unless ksyms are required

Bugfixes

  • ringbuf: Fixed panic when reading after close
  • btf: Fixed race condition when loading cached kernel/module specs
  • ringbuf: Fixed 32-bit compatibility by using uintptr for positions
  • memory: Set cleanup on *Memory instead of **Memory to fix resource leak
  • link: Fixed concurrent cleanup ordering for perf events and tracefs events

Windows Support Improvements

  • ringbuf: Added Windows support for ring buffer operations
  • windows: Fixed compatibility with recent eBPF for Windows changes (XDP_TEST removal, SAMPLE program type)
  • windows: Enabled Hyper-V support in test VMs
  • program: Added workaround for eBPF for Windows rejecting empty ContextOut

Breaking Changes

ProgramOptions.KernelModuleTypes removed

The KernelModuleTypes field in ProgramOptions has been removed. In 99% of cases this field should not be necessary anymore. Module BTF should be merged into the vmlinux BTF, as tools like btfhub do.

For advanced use cases that still require passing additional BTF specs for CO-RE relocations, use the new ExtraRelocationTargets field:

Before:

... (truncated)

Commits
  • c64ffee struct_ops: skip copy for zeroed nested structs and fail on non-zeroed
  • 843f326 docs: document how to build parts of efW
  • 8f23ed6 map, program: add StructOpsMap support
  • e6e4707 ci: install sample_ebpf_ext to provide BPF_PROG_TYPE_SAMPLE
  • e5c623f windows: deal with removal of XDP_TEST from efW
  • c41a50a program: work around efW rejecting an empty ContextOut
  • 9a014ef kallsyms: return ErrRestrictedKernel when reading zero address
  • 1bfe0bc info: return ErrRestrictedKernel when program info is restricted
  • c27ff92 staticcheck.conf: temporarily disable SA4003
  • e653f17 *: convert "go:generate go run ..." to "go:generate go tool ..."
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.8.2 to 1.8.3

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.8.3

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.8.2...v1.8.3

Commits
  • 13f1bb2 Merge pull request #564 from allisonlarson/b-chmod-failed-tar
  • c0ef527 close file before removing
  • d1113d8 Handle failed decompressed files
  • cfc3a4f Merge pull request #563 from hashicorp/dependabot/github_actions/actions-e02f...
  • 0c1f668 [chore] : Bump aws-actions/configure-aws-credentials
  • 5e2f62a Merge pull request #562 from hashicorp/dependabot/github_actions/actions-f175...
  • 5b4c45f [chore] : Bump actions/cache from 4.2.4 to 4.3.0 in the actions group
  • See full diff in compare view

Updates github.com/shirou/gopsutil/v4 from 4.25.9 to 4.25.10

Release notes

Sourced from github.com/shirou/gopsutil/v4's releases.

v4.25.10

What's Changed

cpu

disk

host

net

Other Changes

New Contributors

Full Changelog: shirou/gopsutil@v4.25.9...v4.25.10

Commits
  • 1da1bb1 Merge pull request #1941 from StefanoBalzarottiNozomi/refactor-disk-windows
  • 4bea90c Merge pull request #1942 from shirou/fix/linter_error
  • 5683c90 [net][linux]: fix gosec linter issue
  • 3a9eeb4 fix: linter error about string concat and build tag
  • 94fc64e fix build
  • 1e8bd3e Update disk/disk_windows.go
  • cf1133d Update disk/disk_windows.go
  • 7ebc85a Update disk/disk_windows.go
  • 0a39842 linting
  • b65c122 these tests are only for windows
  • Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.22.3 to 0.22.4

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.22.4

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4

Commits
  • 7a1b16d Merge pull request #3378 from k8s-infra-cherrypick-robot/cherry-pick-3376-to-...
  • 539c94f cache: Allow fine-granular configuration of SyncPeriod
  • 8be8410 Merge pull request #3377 from k8s-infra-cherrypick-robot/cherry-pick-3372-to-...
  • 3f86a10 envtest: respect pre-configured binary paths in ControlPlane
  • 64152a0 Merge pull request #3371 from alvaroaleman/cp-fix
  • b3eff6d priority queue: properly sync the waiter manipulation
  • 88269f3 Merge pull request #3357 from k8s-infra-cherrypick-robot/cherry-pick-3353-to-...
  • c7df7c9 add namespace for test with namespace_client
  • 04b5a29 Merge pull request #3352 from k8s-infra-cherrypick-robot/cherry-pick-3351-to-...
  • f5a9781 update List in namespaced client
  • See full diff in compare view

Updates golang.org/x/net from 0.45.0 to 0.46.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the security group with 5 updates
25105ec 
Bumps the security group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/cilium/ebpf](https://github.com/cilium/ebpf) | `0.19.0` | `0.20.0` |
| [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) | `1.8.2` | `1.8.3` |
| [github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) | `4.25.9` | `4.25.10` |
| [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.22.3` | `0.22.4` |
| [golang.org/x/net](https://github.com/golang/net) | `0.45.0` | `0.46.0` |


Updates `github.com/cilium/ebpf` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](cilium/ebpf@v0.19.0...v0.20.0)

Updates `github.com/hashicorp/go-getter` from 1.8.2 to 1.8.3
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](hashicorp/go-getter@v1.8.2...v1.8.3)

Updates `github.com/shirou/gopsutil/v4` from 4.25.9 to 4.25.10
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](shirou/gopsutil@v4.25.9...v4.25.10)

Updates `sigs.k8s.io/controller-runtime` from 0.22.3 to 0.22.4
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4)

Updates `golang.org/x/net` from 0.45.0 to 0.46.0
- [Commits](golang/net@v0.45.0...v0.46.0)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/shirou/gopsutil/v4
  dependency-version: 4.25.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.22.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: golang.org/x/net
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
...

Signed-off-by: dependabot[bot] <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies go type::security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant