chore(deps): update go dependencies #478

red-hat-konflux · 2025-08-10T08:25:36Z

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
al.essio.dev/pkg/shellescape	indirect	minor	`v1.5.1` -> `v1.6.0`
cel.dev/expr	indirect	minor	`v0.24.0` -> `v0.25.1`
cloud.google.com/go	indirect	minor	`v0.121.6` -> `v0.123.0`
cloud.google.com/go/auth	indirect	minor	`v0.17.0` -> `v0.18.1`
cloud.google.com/go/longrunning	indirect	minor	`v0.6.7` -> `v0.8.0`
github.com/AdamKorcz/go-fuzz-headers-1	require	digest	`12e09ab` -> `8b5d3ce`
github.com/Azure/azure-sdk-for-go/sdk/azcore	indirect	minor	`v1.19.1` -> `v1.21.0`
github.com/Azure/azure-sdk-for-go/sdk/azidentity	indirect	patch	`v1.13.0` -> `v1.13.1`
github.com/AzureAD/microsoft-authentication-library-for-go	indirect	minor	`v1.5.0` -> `v1.6.0`
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric	indirect	minor	`v0.53.0` -> `v0.55.0`
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping	indirect	minor	`v0.53.0` -> `v0.55.0`
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	indirect	minor	`v1.6.3` -> `v1.7.4`
github.com/aws/aws-sdk-go-v2/credentials	indirect	minor	`v1.18.20` -> `v1.19.7`
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	indirect	patch	`v1.18.12` -> `v1.18.17`
github.com/aws/aws-sdk-go-v2/feature/s3/manager	indirect	minor	`v1.17.10` -> `v1.21.0`
github.com/aws/aws-sdk-go-v2/internal/configsources	indirect	patch	`v1.4.12` -> `v1.4.17`
github.com/aws/aws-sdk-go-v2/internal/v4a	indirect	minor	`v1.3.15` -> `v1.4.17`
github.com/aws/aws-sdk-go-v2/service/internal/checksum	indirect	minor	`v1.3.17` -> `v1.9.8`
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	indirect	patch	`v1.13.12` -> `v1.13.17`
github.com/aws/aws-sdk-go-v2/service/internal/s3shared	indirect	minor	`v1.17.15` -> `v1.19.17`
github.com/aws/smithy-go	indirect	patch	`v1.23.1` -> `v1.23.2`
github.com/cncf/xds/go	indirect	digest	`2ac532f` -> `a486691`
github.com/cyberphone/json-canonicalization	require	digest	`57a0ce2` -> `19d51d7`
github.com/cyphar/filepath-securejoin	indirect	minor	`v0.2.3` -> `v0.6.1`
github.com/danieljoos/wincred	indirect	patch	`v1.2.2` -> `v1.2.3`
github.com/envoyproxy/protoc-gen-validate	indirect	minor	`v1.2.1` -> `v1.3.0`
github.com/go-openapi/jsonpointer	indirect	minor	`v0.21.2` -> `v0.22.4`
github.com/go-openapi/jsonpointer	indirect	patch	`v0.22.1` -> `v0.22.4`
github.com/go-openapi/jsonreference	indirect	patch	`v0.21.0` -> `v0.21.4`
github.com/go-openapi/jsonreference	indirect	patch	`v0.21.3` -> `v0.21.4`
github.com/go-openapi/loads	indirect	minor	`v0.22.0` -> `v0.23.2`
github.com/go-openapi/runtime	indirect	minor	`v0.28.0` -> `v0.29.2`
github.com/go-openapi/spec	indirect	minor	`v0.21.0` -> `v0.22.3`
github.com/go-openapi/spec	require	patch	`v0.22.1` -> `v0.22.3`
github.com/go-openapi/strfmt	indirect	minor	`v0.23.0` -> `v0.25.0`
github.com/go-openapi/swag	indirect	minor	`v0.23.1` -> `v0.25.4`
github.com/go-openapi/swag	require	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/cmdutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/conv	require	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/fileutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/jsonname	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/jsonutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/loading	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/mangling	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/netutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/stringutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/typeutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/go-openapi/swag/yamlutils	indirect	patch	`v0.25.1` -> `v0.25.4`
github.com/google/go-containerregistry	indirect	patch	`v0.20.6` -> `v0.20.7`
github.com/google/pprof	indirect	digest	`c6617b8` -> `294ebfa`
github.com/google/wire	indirect	minor	`v0.6.0` -> `v0.7.0`
github.com/googleapis/enterprise-certificate-proxy	indirect	patch	`v0.3.6` -> `v0.3.11`
github.com/hashicorp/go-sockaddr	indirect	patch	`v1.0.6` -> `v1.0.7`
github.com/hashicorp/vault/api	indirect	minor	`v1.20.0` -> `v1.22.0`
github.com/in-toto/in-toto-golang	require	minor	`v0.9.0` -> `v0.10.0`
github.com/jedisct1/go-minisign	require	digest	`1c139d1` -> `d2f9f49`
github.com/klauspost/compress	indirect	patch	`v1.18.0` -> `v1.18.3`
github.com/letsencrypt/boulder	indirect	minor	`v0.0.0-20240620165639-de9c06129bec` -> `v0.20260120.0`
github.com/mailru/easyjson	indirect	patch	`v0.9.0` -> `v0.9.1`
github.com/mattn/go-sqlite3	indirect	patch	`v1.14.24` -> `v1.14.33`
github.com/prometheus/common	indirect	minor	`v0.66.1` -> `v0.67.5`
github.com/prometheus/procfs	indirect	minor	`v0.16.1` -> `v0.19.2`
github.com/sagikazarmark/locafero	indirect	minor	`v0.10.0` -> `v0.12.0`
github.com/sagikazarmark/locafero	indirect	minor	`v0.11.0` -> `v0.12.0`
github.com/secure-systems-lab/go-securesystemslib	require	minor	`v0.9.1` -> `v0.10.0`
github.com/sigstore/sigstore	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/aws	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/azure	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/gcp	require	minor	`v1.9.6-0.20250729224751-181c5d3339b3` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/hashivault	require	minor	`v1.9.5` -> `v1.10.4`
github.com/spf13/afero	indirect	minor	`v1.14.0` -> `v1.15.0`
github.com/spf13/cast	indirect	minor	`v1.9.2` -> `v1.10.0`
github.com/spf13/cobra	require	patch	`v1.10.1` -> `v1.10.2`
github.com/spf13/pflag	indirect	patch	`v1.0.7` -> `v1.0.10`
github.com/spf13/viper	indirect	minor	`v1.20.1` -> `v1.21.0`
github.com/ulikunitz/xz	indirect	patch	`v0.5.14` -> `v0.5.15`
go.mongodb.org/mongo-driver	indirect	patch	`v1.17.4` -> `v1.17.7`
go.mongodb.org/mongo-driver	indirect	patch	`v1.17.6` -> `v1.17.7`
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	indirect	minor	`v0.61.0` -> `v0.64.0`
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	indirect	minor	`v0.61.0` -> `v0.64.0`
gocloud.dev	require	minor	`v0.40.0` -> `v0.44.0`
golang.org/x/crypto	indirect	minor	`v0.41.0` -> `v0.47.0`
golang.org/x/crypto	require	minor	`v0.43.0` -> `v0.47.0`
golang.org/x/mod	indirect	minor	`v0.26.0` -> `v0.32.0`
golang.org/x/mod	require	minor	`v0.30.0` -> `v0.32.0`
golang.org/x/net	require	minor	`v0.46.0` -> `v0.49.0`
golang.org/x/oauth2	indirect	minor	`v0.32.0` -> `v0.34.0`
golang.org/x/sync	indirect	minor	`v0.16.0` -> `v0.19.0`
golang.org/x/sync	require	minor	`v0.18.0` -> `v0.19.0`
golang.org/x/sys	indirect	minor	`v0.35.0` -> `v0.40.0`
golang.org/x/sys	indirect	minor	`v0.37.0` -> `v0.40.0`
golang.org/x/term	indirect	minor	`v0.36.0` -> `v0.39.0`
golang.org/x/text	indirect	minor	`v0.28.0` -> `v0.33.0`
golang.org/x/text	indirect	minor	`v0.30.0` -> `v0.33.0`
golang.org/x/tools	indirect	minor	`v0.35.0` -> `v0.41.0`
golang.org/x/xerrors	indirect	digest	`93cc26a` -> `7835f81`
google.golang.org/api	require	minor	`v0.254.0` -> `v0.262.0`
google.golang.org/genproto	indirect	digest	`513f239` -> `8e98ce8`
google.golang.org/genproto/googleapis/api	indirect	digest	`3122310` -> `8e98ce8`
google.golang.org/genproto/googleapis/rpc	require	digest	`3a174f9` -> `8e98ce8`
sigs.k8s.io/release-utils	require	patch	`v0.12.2` -> `v0.12.3`
software.sslmate.com/src/go-pkcs12	indirect	minor	`v0.5.0` -> `v0.7.0`

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

alessio/shellescape (al.essio.dev/pkg/shellescape)

`v1.6.0`

Compare Source

What's Changed

Fix ExampleQuoteCommand by @alexandear in #31
README: fix typo by @alexandear in #30
github actions by @ccoVeille in #32
golangci lint by @ccoVeille in #33
Bump golangci/golangci-lint-action from 6.1.0 to 6.2.0 by @dependabot in #36
Bump actions/dependency-review-action from 4.4.0 to 4.5.0 by @dependabot in #35
Bump codecov/codecov-action from 4.6.0 to 5.3.1 by @dependabot in #34
Bump golangci/golangci-lint-action from 6.2.0 to 6.5.0 by @dependabot in #38
Update codacy.yml by @alessio in #39
Update build.yaml by @alessio in #40
Update golangci-lint.yml by @alessio in #41
Update dependency-review.yml by @alessio in #42
Update CODE_OF_CONDUCT.md by @alessio in #44
Update README.md by @alessio in #45
Refresh Go toolchain by @alessio in #46
shellescape: new ScanTokens function by @alessio in #47
add CODECOV_TOKEN by @alessio in #48

New Contributors

@alexandear made their first contribution in #31
@ccoVeille made their first contribution in #32
@dependabot made their first contribution in #36

Full Changelog: alessio/shellescape@v1.5.1...v1.6.0

google/cel-spec (cel.dev/expr)

`v0.25.1`

Compare Source

Minor additions to the v0.25.0 release

What's Changed

Remove test/v1 directory and its protos by @l46kok in #487
Add parsing tests for string and bytes literals by @hudlow in #489

Full Changelog: google/cel-spec@v0.25.0...v0.25.1

`v0.25.0`

Compare Source

What's Changed

Initial version of the policy specification by @jcking in #477
Remove orphaned ToC entry for enums as ints from the specification by @timostamm in #476
Tests for selector, function, and field names formerly defined as reserved by @hudlow in #480
Add a test case for lastIndexOf in string_ext against an empty string by @l46kok in #468
Remove TOC from language definition by @hudlow in #482
Remove int(enum) -> int signature by @hudlow in #483
Clarify formatting decimals, add %f formatting test cases around rounding by @l46kok in #485
Remove remaining google.rpc.Status deps from cel-spec by @TristonianJones in #486

New Contributors

@timostamm made their first contribution in #476

Full Changelog: google/cel-spec@v0.24.0...v0.25.0

googleapis/google-cloud-go (cloud.google.com/go)

`v0.123.0`

Compare Source

Features

internal/stategen: Populate the latest googleapis commit (#12880) (7b017a0)
librariangen: Implement the build command (#12817) (14734c8)

Bug Fixes

internal/librariangen: Add link to source commit in release notes (#12881) (1c06cc6)
internal/librariangen: Fix CHANGES.md headers (#12849) (baf515d)
internal/librariangen: Remove go mod init/tidy from postprocessor (#12832) (1fe506a)
internal/librariangen: Test for error path with flags (#12830) (f0da7b2)
internal/postprocessor: Add dlp to skip-module-scan-paths (#12857) (45a7d9b)
librariangen: Honor original container contract (#12846) (71c8fd3)
librariangen: Improvements to release-init (#12842) (0db677a)
stategen: Specify an appropriate tag format for google-cloud-go (#12835) (ffcff33)

`v0.122.0`

Compare Source

Features

internal/librariangen: Add release-init command (#12751) (52e84cc)

Bug Fixes

internal/godocfx: Better support for v2 modules (#12797) (4bc8785)
internal/godocfx: Module detection when tidy errors (#12801) (83d46cd)
internal/librariangen: Fix goimports errors (#12765) (83bdaa4)

AzureAD/microsoft-authentication-library-for-go (github.com/AzureAD/microsoft-authentication-library-for-go)

`v1.6.0`

Compare Source

What's Changed

Deprecate ROPC flow by @Ugonnaak1 in #584
Added a cache lookup for AcquireTokenByCredential by @4gust in #590
Fix panic in AcquireTokenSilent for public clients due to nil Credential by @4gust in #581
Adding support for FMI (Federated Managed Identity) by @4gust in #586
Adjust issuer validation to handle cases where instance discovery is not performed by @Avery-Dunn in #591

New Contributors

@Ugonnaak1 made their first contribution in #584

Full Changelog: AzureAD/microsoft-authentication-library-for-go@v1.5.0...v1.6.0

GoogleCloudPlatform/opentelemetry-operations-go (github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric)

`v0.55.0`: v1.31.0/v0.55.0

Compare Source

What's Changed

Add feature gate to allow sending log trace context without a prefix by @dashpole in #1079
[exporter/collector/logs] Support httpRequest.status field as integer or string containing an integer. by @franciscovalentecastro in #1080
Fix CI by @dashpole in #1086
precompile regex from resource filters by @dashpole in #1085
Add region tags in OTLP Trace Sample by @psx95 in #1089
[exporter/collector/logs] Create Int32OrString and Int64OrString to handle integer fields in gcp.http_request. by @franciscovalentecastro in #1091
[chore] Pre-release steps for opentelemetry-operations-go repo release. by @franciscovalentecastro in #1092

Full Changelog: GoogleCloudPlatform/opentelemetry-operations-go@v0.54.0...v0.55.0

`v0.54.0`: v1.30.0/v0.54.0

Compare Source

What's Changed

Add OTel Logging sample by @psx95 in #1055
Update slog example by @psx95 in #1056
Show structured logging in Go by @psx95 in #1057
log project name when metric requests fail by @dashpole in #1059
Migrate from pkg/translator/prometheus to otlptranslator by @dashpole in #1061
feat: Populate description for gcm.TimeSeries by @bwplotka in #1063
Bump mapstructure dependency manually by @braydonk in #1066
post-release: fix segfault in script when no replace is found by @ridwanmsharif in #1025
Update all dependencies, bump go version by @dashpole in #1069
prepare for v1.30.0/v0.54.0 by @dashpole in #1072

New Contributors

@bwplotka made their first contribution in #1063

Full Changelog: GoogleCloudPlatform/opentelemetry-operations-go@v0.53.0...v0.54.0

aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream)

`v1.7.2`

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/aws-sdk-go-v2/service/amp: v1.34.0
- Feature: Add QueryLoggingConfiguration APIs for Amazon Managed Prometheus
github.com/aws/aws-sdk-go-v2/service/auditmanager: v1.39.0
- Feature: With this release, the AssessmentControl description field has been deprecated, as of May 19, 2025. Additionally, the UpdateAssessment API can now return a ServiceQuotaExceededException when applicable service quotas are exceeded.
github.com/aws/aws-sdk-go-v2/service/dsql: v1.5.0
- Feature: Features: support for customer managed encryption keys
github.com/aws/aws-sdk-go-v2/service/glue: v1.113.0
- Feature: This release supports additional ConversionSpec parameter as part of IntegrationPartition Structure in CreateIntegrationTableProperty API. This parameter is referred to apply appropriate column transformation for columns that are used for timestamp based partitioning
github.com/aws/aws-sdk-go-v2/service/internal/checksum: v1.7.2
- Bug Fix: Handle checksum for unseekable body with 0 content length

`v1.7.1`

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/aws-sdk-go-v2/service/acm: v1.32.0
- Feature: Add support for file-based HTTP domain control validation, available through Amazon CloudFront.
github.com/aws/aws-sdk-go-v2/service/cloudfront: v1.46.0
- Feature: Add distribution tenant, connection group, and multi-tenant distribution APIs to the CloudFront SDK.
github.com/aws/aws-sdk-go-v2/service/dynamodb: v1.43.1
- Documentation: Doc only update for GSI descriptions.
github.com/aws/aws-sdk-go-v2/service/imagebuilder: v1.42.0
- Feature: Add integration with SSM Parameter Store to Image Builder.
github.com/aws/aws-sdk-go-v2/service/internal/checksum: v1.7.1
- Bug Fix: Don't emit warnings about lack of checksum validation for non-200 responses.

`v1.7.0`

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/aws-sdk-go-v2/service/ec2: v1.209.0
- Feature: This release adds the GroupLongName field to the response of the DescribeAvailabilityZones API.
github.com/aws/aws-sdk-go-v2/service/ecr: v1.43.0
- Feature: This release adds Amazon ECR to Amazon ECR pull through cache rules support.
github.com/aws/aws-sdk-go-v2/service/ecs: v1.54.2
- Documentation: This is a documentation only update for Amazon ECS to address various tickets.
github.com/aws/aws-sdk-go-v2/service/inspector2: v1.36.0
- Feature: Adding componentArn to network reachability details
github.com/aws/aws-sdk-go-v2/service/internal/checksum: v1.7.0
- Feature: Add extra check during output checksum validation so the validation skip warning would not be logged if object is not fetched from s3
github.com/aws/aws-sdk-go-v2/service/medialive: v1.71.0
- Feature: Add an enum option DISABLED for Output Locking Mode under Global Configuration.

`v1.6.9`

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream: v1.6.9
- Bug Fix: Remove max limit on event stream messages
github.com/aws/aws-sdk-go-v2/service/codebuild: v1.52.0
- Feature: Added test suite names to test case metadata
github.com/aws/aws-sdk-go-v2/service/connect: v1.125.0
- Feature: Release Notes: 1) Analytics API enhancements: Added new ListAnalyticsDataLakeDataSets API. 2) Onboarding API Idempotency: Adds ClientToken to instance creation and management APIs to support idempotency.
github.com/aws/aws-sdk-go-v2/service/databasemigrationservice: v1.48.0
- Feature: Introduces premigration assessment feature to DMS Serverless API for start-replication and describe-replications
github.com/aws/aws-sdk-go-v2/service/rdsdata: v1.27.0
- Feature: Add support for Stop DB feature.
github.com/aws/aws-sdk-go-v2/service/s3: v1.77.0
- Feature: Added support for Content-Range header in HeadObject response.
github.com/aws/aws-sdk-go-v2/service/wafv2: v1.56.0
- Feature: The WAFv2 API now supports configuring data protection in webACLs.

aws/smithy-go (github.com/aws/smithy-go)

`v1.23.2`

Compare Source

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.23.2
- Bug Fix: Adjust the initial sizes of each middleware phase to avoid some unnecessary reallocation.
- Bug Fix: Avoid unnecessary allocation overhead from the metrics system when not in use.

cyphar/filepath-securejoin (github.com/cyphar/filepath-securejoin)