Skip to content

build(deps): bump the security group across 1 directory with 17 updates #3387

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the security group across 1 directory with 17 updates #3387

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 17, 2026

Bumps the security group with 7 updates in the / directory:

Package From To
github.com/aws/aws-sdk-go-v2 1.41.0 1.41.1
github.com/aws/aws-sdk-go-v2/config 1.32.6 1.32.7
github.com/aws/aws-sdk-go-v2/feature/s3/manager 1.20.18 1.20.19
github.com/onsi/ginkgo/v2 2.27.3 2.27.5
github.com/replicatedhq/troubleshoot 0.123.16 0.123.17
github.com/vmware-tanzu/velero 1.17.1 1.17.2
helm.sh/helm/v3 3.19.4 3.19.5

Updates github.com/aws/aws-sdk-go-v2 from 1.41.0 to 1.41.1

Commits

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.6 to 1.32.7

Commits

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.19.6 to 1.19.7

Commits

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.20.18 to 1.20.19

Commits

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.95.0 to 1.95.1

Commits

Updates github.com/onsi/ginkgo/v2 from 2.27.3 to 2.27.5

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]
Commits
  • a928307 v2.27.5
  • 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
  • 867ce95 v2.27.4
  • 59bc751 CurrentTreeConstructionNodeReport: fix for nested container nodes
  • See full diff in compare view

Updates github.com/replicatedhq/troubleshoot from 0.123.16 to 0.123.17

Release notes

Sourced from github.com/replicatedhq/troubleshoot's releases.

v0.123.17

Changelog

  • 06a8692de5accad8c3af80c8fb736bcad1306d20 chore(deps): bump helm.sh/helm/v3 from 3.19.2 to 3.19.4 in /examples/sdk/helm-template in the security group (#1951)
  • a50bd612e86993c82aee075e93d965a17a74a4e5 use oras.land/oras-go/v2 (#1957)
  • d5b591d6f1f1c581047108423676a04811632fc9 chore(deps): bump the security group across 1 directory with 3 updates (#1960)
  • ad8ad1bf7471634fa97c529f5f202c6d249ea119 chore(deps): bump actions/download-artifact from 5 to 7 (#1950)
  • 083ec78491142427de3b2636e300ebcabc9ec42c chore(deps): bump actions/upload-artifact from 5 to 6 (#1949)
  • bd102623ebb536287e91e499dc8c86dffaf8a5dc Update modules (#1959)
  • 985416f20c4f945e54eb4ad5d7b5dee82618d3ee Copy TaintExists to pkg/k8sutil and stop importing k8s.io/kubernetes (#1952)
  • 128f9311fef6fa7ce9ece90d6b86de923e435d0c move to go.podman.io dependencies (#1956)
Commits
  • 06a8692 chore(deps): bump helm.sh/helm/v3 from 3.19.2 to 3.19.4 in /examples/sdk/helm...
  • a50bd61 use oras.land/oras-go/v2 (#1957)
  • d5b591d chore(deps): bump the security group across 1 directory with 3 updates (#1960)
  • ad8ad1b chore(deps): bump actions/download-artifact from 5 to 7 (#1950)
  • 083ec78 chore(deps): bump actions/upload-artifact from 5 to 6 (#1949)
  • bd10262 Update modules (#1959)
  • 985416f Copy TaintExists to pkg/k8sutil and stop importing k8s.io/kubernetes (#1952)
  • 128f931 move to go.podman.io dependencies (#1956)
  • See full diff in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4-0.20251023124752-b61f268f75b6

Commits

Updates github.com/vmware-tanzu/velero from 1.17.1 to 1.17.2

Release notes

Sourced from github.com/vmware-tanzu/velero's releases.

v1.17.2

Download

https://github.com/vmware-tanzu/velero/releases/tag/v1.17.2

Container Image

velero/velero:v1.17.2

Documentation

https://velero.io/docs/v1.17/

Upgrading

https://velero.io/docs/v1.17/upgrade-to-1.17/

All Changes

v1.17.2-rc.2

v1.17.2

Download

https://github.com/vmware-tanzu/velero/releases/tag/v1.17.2-rc.2

Container Image

velero/velero:v1.17.2-rc.2

Documentation

https://velero.io/docs/v1.17/

Upgrading

https://velero.io/docs/v1.17/upgrade-to-1.17/

All Changes

v1.17.2-rc.1

v1.17.2

Download

https://github.com/vmware-tanzu/velero/releases/tag/v1.17.2-rc.1

Container Image

velero/velero:v1.17.2-rc.1

... (truncated)

Commits
  • 7013a40 Merge pull request #9479 from blackpiglet/add_role_rolebinding_in_resotre_seq...
  • b188701 Add Role, RoleBinding, ClusterRole, and ClusterRoleBinding in restore sequence.
  • 9d79e48 Merge pull request #9458 from Lyndon-Li/release-1.17
  • 1e350c0 Merge branch 'release-1.17' into release-1.17
  • 339dee0 Merge pull request #9459 from blackpiglet/bump_golang_and_ubuntu
  • 77b6812 Replace golang.org/x/net/context with context package to fix linter issues.
  • 8e35a19 Bump Golang to v1.24.11 and go/x/crypto to v0.45.0 to fix CVEs.
  • 69f2965 1.17.2 changelog
  • df05057 Fix managed fields patch for resources using GenerateName (#9408)
  • cad0169 Merge pull request #9409 from shubham-pampattiwar/fix-volume-info-generatenam...
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.46.0 to 0.47.0

Commits
  • 506e022 go.mod: update golang.org/x dependencies
  • 7dacc38 chacha20poly1305: error out in fips140=only mode
  • See full diff in compare view

Updates golang.org/x/term from 0.38.0 to 0.39.0

Commits

Updates helm.sh/helm/v3 from 3.19.4 to 3.19.5

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.19.5 is a patch release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

  • Fixed bug where removing subchart value via override resulted in warning #31118
  • Fixed bug where helm uninstall with --keep-history did not suspend previous deployed releases helm/helm#12556

Installation and Upgrading

Download Helm v3.19.5. The common platform binaries are here:

This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at @​scottrigby keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 4.1.0 and 3.20.0 is the next minor releases and will be on January 21, 2026
  • 4.1.1 and 3.20.1 are the next patch releases and will be on March 11, 2026

Changelog

  • fix(rollback): errors.Is instead of string comp 4a19a5b6fb912c5c28a779e73f2e0880d9e239a4 (Hidde Beydals)
  • fix(uninstall): supersede deployed releases 7a00235a0622b6eae1d06fbb87c2a33b718cbd7e (Hidde Beydals)
  • fix null merge 578564ee26171e5ca2ee0edd0c06cb58a72fba87 (Ben Foster)
Commits

Updates k8s.io/api from 0.34.3 to 0.35.0

Commits
  • 9afe7de Update dependencies to v0.35.0 tag
  • bbcbaa8 Merge remote-tracking branch 'origin/master' into release-1.35
  • 5bced61 Bump golang.org/x/crypto to v0.45.0
  • 39e2e26 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • c22b4a1 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • e3b1f3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 3da327c Update vendored dependencies
  • c764b44 Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
  • aced136 Generated files from API changes
  • 02d790d Adding Resources and AllocatedResoures fields to the list of expected fields ...
  • Additional commits viewable in compare view

Updates k8s.io/apiextensions-apiserver from 0.34.3 to 0.35.0

Commits
  • a8d2a03 Update dependencies to v0.35.0 tag
  • b9eb912 Merge remote-tracking branch 'origin/master' into release-1.35
  • e526698 Bump golang.org/x/crypto to v0.45.0
  • fd7881d Merge pull request #135278 from aman4433/KUBE-134468
  • 8db5ab6 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • 4ed5bd4 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 704bc3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 7d598d7 Refactor: Contextualize CRDFinalizer to fix goroutine leak
  • 27e5803 Update vendored dependencies
  • c4e434c Merge pull request #134216 from Goend/master
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.3 to 0.35.0

Commits
  • 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
  • e2a2dbc Bump golang.org/x/crypto to v0.45.0
  • 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 52154f7 Update vendored dependencies
  • 5a348c5 KEP-5471: Extend tolerations operators (#134665)
  • 6f89492 Merge pull request #133648 from richabanker/merged-discovery
  • c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
  • 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
  • Additional commits viewable in compare view

Updates k8s.io/cli-runtime from 0.34.3 to 0.35.0

Commits
  • d9055a8 Update dependencies to v0.35.0 tag
  • b1c72f6 Merge remote-tracking branch 'origin/master' into release-1.35
  • 8b2d026 Bump golang.org/x/crypto to v0.45.0
  • dd906d1 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • bf2e5e5 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 6796641 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • fb22739 Update vendored dependencies
  • aaf392a Merge pull request #134870 from pmengelbert/pmengelbert/kuberc/4
  • 5410342 Add client-go credential plugin to kuberc
  • bd08406 Introduce --as-user-extra persistent flag in kubectl (#134378)
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.34.3 to 0.35.0

Commits
  • 9bcb694 Update dependencies to v0.35.0 tag
  • 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
  • 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
  • 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
  • 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
  • 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
  • 97256a6 Bump golang.org/x/crypto to v0.45.0
  • 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • 171ef8c Use transformer in consistency checker
  • 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the security group across 1 directory with 17 updates
9a9da34 
Bumps the security group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.0` | `1.41.1` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.6` | `1.32.7` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.20.18` | `1.20.19` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.27.3` | `2.27.5` |
| [github.com/replicatedhq/troubleshoot](https://github.com/replicatedhq/troubleshoot) | `0.123.16` | `0.123.17` |
| [github.com/vmware-tanzu/velero](https://github.com/vmware-tanzu/velero) | `1.17.1` | `1.17.2` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.19.4` | `3.19.5` |



Updates `github.com/aws/aws-sdk-go-v2` from 1.41.0 to 1.41.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.41.0...v1.41.1)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.6 to 1.32.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.32.6...v1.32.7)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.19.6 to 1.19.7
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/m2/v1.19.6...service/m2/v1.19.7)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.20.18 to 1.20.19
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/emr/v1.20.18...feature/s3/manager/v1.20.19)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.95.0 to 1.95.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.95.0...service/s3/v1.95.1)

Updates `github.com/onsi/ginkgo/v2` from 2.27.3 to 2.27.5
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.27.3...v2.27.5)

Updates `github.com/replicatedhq/troubleshoot` from 0.123.16 to 0.123.17
- [Release notes](https://github.com/replicatedhq/troubleshoot/releases)
- [Commits](replicatedhq/troubleshoot@v0.123.16...v0.123.17)

Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4-0.20251023124752-b61f268f75b6
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/commits)

Updates `github.com/vmware-tanzu/velero` from 1.17.1 to 1.17.2
- [Release notes](https://github.com/vmware-tanzu/velero/releases)
- [Changelog](https://github.com/vmware-tanzu/velero/blob/main/CHANGELOG.md)
- [Commits](vmware-tanzu/velero@v1.17.1...v1.17.2)

Updates `golang.org/x/crypto` from 0.46.0 to 0.47.0
- [Commits](golang/crypto@v0.46.0...v0.47.0)

Updates `golang.org/x/term` from 0.38.0 to 0.39.0
- [Commits](golang/term@v0.38.0...v0.39.0)

Updates `helm.sh/helm/v3` from 3.19.4 to 3.19.5
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.19.4...v3.19.5)

Updates `k8s.io/api` from 0.34.3 to 0.35.0
- [Commits](kubernetes/api@v0.34.3...v0.35.0)

Updates `k8s.io/apiextensions-apiserver` from 0.34.3 to 0.35.0
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.34.3...v0.35.0)

Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.0
- [Commits](kubernetes/apimachinery@v0.34.3...v0.35.0)

Updates `k8s.io/cli-runtime` from 0.34.3 to 0.35.0
- [Commits](kubernetes/cli-runtime@v0.34.3...v0.35.0)

Updates `k8s.io/client-go` from 0.34.3 to 0.35.0
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.34.3...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-version: 1.19.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-version: 1.20.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.95.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.27.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/replicatedhq/troubleshoot
  dependency-version: 0.123.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4-0.20251023124752-b61f268f75b6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: github.com/vmware-tanzu/velero
  dependency-version: 1.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: golang.org/x/crypto
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/term
  dependency-version: 0.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.19.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/api
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: k8s.io/cli-runtime
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
This was referenced Jan 17, 2026
Closed
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies go type::chore

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant