Skip to content

🌱 Bump the dependencies group across 1 directory with 8 updates #951

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🌱 Bump the dependencies group across 1 directory with 8 updates #951

wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 5, 2025
edited
Loading

Bumps the dependencies group with 8 updates in the /hack/tools directory:

Package From To
github.com/a8m/envsubst 1.4.2 1.4.3
github.com/mikefarah/yq/v4 4.44.6 4.45.1
github.com/spf13/pflag 1.0.5 1.0.6
k8s.io/apimachinery 0.31.4 0.31.6
k8s.io/code-generator 0.31.2 0.31.6
sigs.k8s.io/controller-tools 0.16.5 0.17.2
sigs.k8s.io/kind 0.26.0 0.27.0
sigs.k8s.io/kustomize/kustomize/v5 5.5.0 5.6.0

Updates github.com/a8m/envsubst from 1.4.2 to 1.4.3

Release notes

Sourced from github.com/a8m/envsubst's releases.

v1.4.3

New Contributors

Full Changelog: a8m/envsubst@v1.4.2...v1.4.3

Commits

Updates github.com/mikefarah/yq/v4 from 4.44.6 to 4.45.1

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.45.1 - Create parent directories when --split-exp is used!

  • Create parent directories when --split-exp is used, Thanks @​rudo-thomas
  • Bumped dependencies
Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.45.1:

  • Create parent directories when --split-exp is used, Thanks @​rudo-thomas
  • Bumped dependencies
Commits
  • 8bf425b Bumping version
  • f755755 Updated release notes
  • 0f390b2 Bumping goccy
  • 31ad7fb Bump github.com/magiconair/properties from 1.8.7 to 1.8.9
  • 566cf82 Bump github.com/goccy/go-json from 0.10.3 to 0.10.4
  • 2c9f833 Bump github.com/elliotchance/orderedmap from 1.7.0 to 1.7.1
  • c02d44d Bump golang.org/x/net from 0.32.0 to 0.33.0
  • f73c862 feat: Create parent directories if --split-exp is used.
  • 294a170 Bumping version
  • See full diff in compare view

Updates github.com/spf13/pflag from 1.0.5 to 1.0.6

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.6

What's Changed

New Contributors

Full Changelog: spf13/pflag@v1.0.5...v1.0.6

Commits

Updates k8s.io/apimachinery from 0.31.4 to 0.31.6

Commits

Updates k8s.io/code-generator from 0.31.2 to 0.31.6

Commits
  • 05794ca Update dependencies to v0.31.6 tag
  • 16efc01 Merge pull request #129741bobsongplus/automated-cherry-pick-of-#129629
  • 0ebe3ef Fix: touch /dev/null permission denied on macos
  • See full diff in compare view

Updates sigs.k8s.io/controller-tools from 0.16.5 to 0.17.2

Release notes

Sourced from sigs.k8s.io/controller-tools's releases.

v0.17.2

What's Changed

Dependencies

New Contributors

Full Changelog: kubernetes-sigs/controller-tools@v0.17.1...v0.17.2

v0.17.1

What's Changed

Dependencies

Full Changelog: kubernetes-sigs/controller-tools@v0.17.0...v0.17.1

v0.17.0

What's Changed

... (truncated)

Commits
  • bbc5992 Merge pull request #1147 from kubernetes-sigs/dependabot/github_actions/all-g...
  • 99c1b2c 🌱 Bump the all-github-actions group with 2 updates
  • dac769d Merge pull request #1145 from cbandy/alias-deepcopy
  • 6eea484 🐛 Handle pointer to alias in DeepCopy
  • d1f73b5 Merge pull request #1142 from kubernetes-sigs/dependabot/go_modules/all-go-mo...
  • de21282 🌱 Bump github.com/spf13/pflag
  • aeb46e2 Merge pull request #1128 from davidxia/patch2
  • ca675ed Merge pull request #1141 from davidxia/patch4
  • 8afaf2b 🐛 fix minor typo in kubebuilder
  • fd6668c ✨ Allow customizing generated webhook K8s Service
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kind from 0.26.0 to 0.27.0

Release notes

Sourced from sigs.k8s.io/kind's releases.

v0.27.0

This release moves kind to containerd 2.x and contains fixes for nerdctl. It also moves Kubernetes to 1.32.2 by default.

WARNING: kind v0.27.0+ will be required to use kind load ... subcommands with these new containerd 2.0+ images (built by kind v0.27+). For other use cases, the new images should still work with recent kind releases, but are not guaranteed. As always we strongly recommend consuming images by their sha256 digest for security and reliability. kubernetes-sigs/kind#3853

Older images from recent releases should continue to work with kind v0.27.0+.

NOTE: As previously warned containerd 2.x requires that you must be using config_path mode for containerd registry config. If you're using the local registry script at, or more recent than kubernetes-sigs/kind@791b3dc (kind v0.20.0 / May 22, 2023) then no changes should be necessary.

The default node image is now kindest/node:v1.32.2@sha256:f226345927d7e348497136874b6d207e0b32cc52154ad8323129352923a3142f

  • Updated to containerd 2.x
  • Updated default node image to Kubernetes 1.32.2
  • Updated go to 1.23.6

Images pre-built for this release:

  • v1.32.2: kindest/node:v1.32.2@sha256:f226345927d7e348497136874b6d207e0b32cc52154ad8323129352923a3142f
  • v1.31.6: kindest/node:v1.31.6@sha256:28b7cbb993dfe093c76641a0c95807637213c9109b761f1d422c2400e22b8e87
  • v1.30.10: kindest/node:v1.30.10@sha256:4de75d0e82481ea846c0ed1de86328d821c1e6a6a91ac37bf804e5313670e507
  • v1.29.14: kindest/node:v1.29.14@sha256:8703bd94ee24e51b778d5556ae310c6c0fa67d761fae6379c8e0bb480e6fea29

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

See also:

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see kubernetes-sigs/kind#2718

  • Compatibility fixes for containerd 2.x
  • Fix kind get clusters with nerdctl
  • Statically link CNI binaries to match upstream
  • Fix no-arguments validation for multiple subcommands
  • Update shellescape dependency to current vanity import
  • When building node images: wait for containerd to be ready, and retry image pulls

Thank you to everyone who contributed to this kind over the years!

Committers for this release:

... (truncated)

Commits
  • 6cb9342 version v0.27.0
  • 1bb527b Merge pull request #3864 from BenTheElder/imaage-bumpity
  • cb29b1b update node image with latest base image
  • 3e90cfb bump local-path-storage to latest
  • 0557520 bump kindnetd to latest
  • 574e613 bump base image to latest
  • acbabc1 Merge pull request #3863 from BenTheElder/go-patch
  • 8bed47a bump go to 1.23.6
  • 8094f03 Merge pull request #3861 from BenTheElder/bump-base-static
  • b258ce2 update default node image to 1.32.2
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kustomize/v5 from 5.5.0 to 5.6.0

Release notes

Sourced from sigs.k8s.io/kustomize/kustomize/v5's releases.

kustomize/v5.6.0

Announce

This release introduces a unified internal package version (v0.19.0) across the entire kustomize repository. ref. kubernetes-sigs/kustomize#5800

Chore

#5809: fix: "edit add labels" make labels handle -f flag same as commonLabels

Dependencies

#5825: Update to latest kube-opeapi to drop govalidator dependency #5830: downgrade go-difflib and go-spew to tagged releases #5837: Update kyaml to v0.19.0 #5839: Update cmd/config to v0.19.0 #5840: Update api to v0.19.0

Commits
  • 95db4aa Merge pull request #5840 from koba1t/pinToApi
  • 07f62bd Update api to v0.19.0
  • b69e765 Merge pull request #5839 from koba1t/pinToCmdConfig
  • 8a51255 Update cmd/config to v0.19.0
  • ce667b7 Merge pull request #5837 from koba1t/pinToKyaml
  • 1b33db5 Update kyaml to v0.19.0
  • 880a7a0 add go work verification step for github actions (#5833)
  • 2867f35 downgrade go-difflib and go-spew to tagged releases (#5830)
  • 214aa2a Merge pull request #5823 from kubernetes-sigs/dependabot/go_modules/hack/gola...
  • 6f62ee7 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 in /hack
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 5, 2025

Labels

The following labels could not be found: area/dependency, kind/cleanup, ok-to-test, release-note-none. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot mentioned this pull request Mar 5, 2025
Closed
@spectro-prow
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
To complete the pull request process, please assign after the PR has been reviewed.
You can assign the PR to them by writing /assign in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@spectro-prow
Copy link

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a spectrocloud member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dependabot dependabot bot force-pushed the dependabot/go_modules/hack/tools/dependencies-2a41d4794a branch from 35a4364 to d714ab6 Compare March 10, 2025 10:11
@dependabot
🌱 Bump the dependencies group across 1 directory with 8 updates
12f6ecf 
Bumps the dependencies group with 8 updates in the /hack/tools directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/a8m/envsubst](https://github.com/a8m/envsubst) | `1.4.2` | `1.4.3` |
| [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) | `4.44.6` | `4.45.1` |
| [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.5` | `1.0.6` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.31.4` | `0.31.6` |
| [k8s.io/code-generator](https://github.com/kubernetes/code-generator) | `0.31.2` | `0.31.6` |
| [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) | `0.16.5` | `0.17.2` |
| [sigs.k8s.io/kind](https://github.com/kubernetes-sigs/kind) | `0.26.0` | `0.27.0` |
| [sigs.k8s.io/kustomize/kustomize/v5](https://github.com/kubernetes-sigs/kustomize) | `5.5.0` | `5.6.0` |



Updates `github.com/a8m/envsubst` from 1.4.2 to 1.4.3
- [Release notes](https://github.com/a8m/envsubst/releases)
- [Commits](a8m/envsubst@v1.4.2...v1.4.3)

Updates `github.com/mikefarah/yq/v4` from 4.44.6 to 4.45.1
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.44.6...v4.45.1)

Updates `github.com/spf13/pflag` from 1.0.5 to 1.0.6
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](spf13/pflag@v1.0.5...v1.0.6)

Updates `k8s.io/apimachinery` from 0.31.4 to 0.31.6
- [Commits](kubernetes/apimachinery@v0.31.4...v0.31.6)

Updates `k8s.io/code-generator` from 0.31.2 to 0.31.6
- [Commits](kubernetes/code-generator@v0.31.2...v0.31.6)

Updates `sigs.k8s.io/controller-tools` from 0.16.5 to 0.17.2
- [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/main/envtest-releases.yaml)
- [Commits](kubernetes-sigs/controller-tools@v0.16.5...v0.17.2)

Updates `sigs.k8s.io/kind` from 0.26.0 to 0.27.0
- [Release notes](https://github.com/kubernetes-sigs/kind/releases)
- [Commits](kubernetes-sigs/kind@v0.26.0...v0.27.0)

Updates `sigs.k8s.io/kustomize/kustomize/v5` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@kustomize/v5.5.0...kustomize/v5.6.0)

---
updated-dependencies:
- dependency-name: github.com/a8m/envsubst
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/mikefarah/yq/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/spf13/pflag
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: k8s.io/code-generator
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/controller-tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/kind
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/kustomize/kustomize/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/hack/tools/dependencies-2a41d4794a branch from d714ab6 to 12f6ecf Compare March 19, 2025 15:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

needs-ok-to-test size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@spectro-prow