Skip to content

build(deps): bump the project-dependency group across 1 directory with 14 updates#1723

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/project-dependency-15dfac2a17
Open

build(deps): bump the project-dependency group across 1 directory with 14 updates#1723
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/project-dependency-15dfac2a17

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 17, 2026
edited
Loading

Bumps the project-dependency group with 7 updates in the / directory:

Package From To
github.com/aws/aws-sdk-go-v2 1.41.0 1.41.4
github.com/containerd/cgroups/v3 3.1.2 3.1.3
github.com/docker/docker-credential-helpers 0.8.2 0.9.5
github.com/lima-vm/lima/v2 2.0.3 2.1.0
github.com/onsi/ginkgo/v2 2.27.3 2.28.1
github.com/xorcare/pointer 1.2.2 1.26.0
k8s.io/apimachinery 0.34.3 0.35.2

Updates github.com/aws/aws-sdk-go-v2 from 1.41.0 to 1.41.4

Commits

Updates github.com/containerd/cgroups/v3 from 3.1.2 to 3.1.3

Release notes

Sourced from github.com/containerd/cgroups/v3's releases.

v3.1.3

What's Changed

Full Changelog: containerd/cgroups@v3.1.2...v3.1.3

Commits
  • 076b5e0 Merge pull request #387 from dcantah/cg2-stats-filter
  • 31da8b0 Merge pull request #388 from dcantah/oom-group-kill
  • d72c9ce Cg2: Add ability to set memory.oom.group
  • 4584088 Events: Add OOMGroupKill
  • 9293fbb Cg2: Add the ability to filter stats
  • 568b349 Merge pull request #385 from containerd/dependabot/github_actions/actions/cac...
  • 90c5813 build(deps): bump actions/cache from 4 to 5
  • See full diff in compare view

Updates github.com/docker/docker-credential-helpers from 0.8.2 to 0.9.5

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.9.5

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.9.4...v0.9.5

v0.9.4

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.9.3...v0.9.4

v0.9.3

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.9.2...v0.9.3

v0.9.2

What's Changed

Full Changelog: docker/docker-credential-helpers@v0.9.1...v0.9.2

... (truncated)

Commits
  • b871f76 Merge pull request #404 from thaJeztah/rm_noninteractive
  • 50c1460 Dockerfile: remove redundant DEBIAN_FRONTEND=noninteractive
  • aecf6e5 Merge pull request #402 from thaJeztah/bump_golangci_lint
  • ecf6c1c Merge pull request #399 from ameya-keskar/bump_go_1.25.5
  • b844409 update to go1.25.5
  • 9df2c77 Merge pull request #401 from thaJeztah/bump_ubuntu
  • 7a15b77 Dockerfile: update golangci-lint to v2.8
  • 81f7ebe gha: update some actions to ubuntu 24.04
  • 3f97cf3 Merge pull request #398 from docker/dependabot/github_actions/actions/upload-...
  • 8b5e6df Merge pull request #397 from docker/dependabot/github_actions/softprops/actio...
  • Additional commits viewable in compare view

Updates github.com/lima-vm/lima/v2 from 2.0.3 to 2.1.0

Release notes

Sourced from github.com/lima-vm/lima/v2's releases.

v2.1.0

🎉 Highlights:

Changes

  • Guest OS support:

    • Experimentally support macOS guests (#4595)
    • Experimentally support FreeBSD guests (#4627)

  • limactl CLI:

    • Add limactl watch command (#4489, thanks to @​IrvingMg)
    • Add limactl shell --sync to prevent AI agents from breaking the host files (#4429, thanks to @​unsuman)
    • Add limactl (create|edit|start) --nested-virt as an alias for --set '.nestedVirtualization = true' (#4663)

  • Guest home directory:

    • The guest home directory is changed from /home/${USER}.linux to /home/${USER}.guest (#4578). For compatibility, the old path is symlinked to the new one.

  • QEMU:

    • Use QEMU by default for non-native architectures (#4725)

  • krunkit:

  • Hostagent:

  • Guestagent:

    • Reduce binary footprint (14M -> 6.1M) (#4120, #4536)

  • Internal file structure:

    • basedisk and diffdisk are consolidated into a single disk file for efficiency (#4587, thanks to @​jandubois). No impact is expected for end users. An instance created with Lima v2.0 or v1.x should continue to boot with Lima v2.1 (but not vice versa).

  • Templates:

  • Project:

Full changes: https://github.com/lima-vm/lima/milestone/62?closed=1 Thanks to @​Harry-kp @​IrvingMg @​TatsuyaHayashino @​abiosoft @​afbjorklund @​alexandear @​arixmkii @​bmwiedemann @​hekki @​jandubois @​majiayu000 @​mfenderov @​ningmingxiao @​norio-nomura @​olamilekan000 @​qeinstein @​tharunn0 @​tushar1977 @​unsuman @​xvchris

... (truncated)

Commits
  • f4ff82f Merge pull request #4746 from AkihiroSuda/templates
  • 3dfc65f templates: update
  • 5df56eb hack/update-template-almalinux-kitten.sh: fix updating
  • 11f954b Merge pull request #4741 from lima-vm/dependabot/github_actions/github/codeql...
  • 0806302 Merge pull request #4742 from jandubois/url-handler-docs
  • 0e296f1 Merge pull request #4739 from qeinstein/docs-deprecated-yaml
  • 3e4bc8e Merge pull request #4738 from AkihiroSuda/rawhide
  • fca7ca7 website: document URL handler plugins
  • bb3108a build(deps): bump github/codeql-action from 4.32.6 to 4.33.0
  • 9c0bf11 Merge pull request #4737 from AkihiroSuda/homebrew-macos
  • Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.3 to 2.28.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.1

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]
Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]
Commits

Updates github.com/onsi/gomega from 1.38.3 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

Commits

Updates github.com/sirupsen/logrus from 1.9.4-0.20230606125235-dd1b4c2e81af to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.9.4

Fixes:

  • Remove uses of deprecated ioutil package

Features:

  • Add GNU/Hurd support
  • Add WASI wasip1 support

Code quality:

  • Update minimum supported Go version to 1.17
  • Documentation updates

1.9.3

Fixes:

  • Re-apply fix for potential denial of service in logrus.Writer() when logging >64KB single-line payloads without newlines (#1376)
  • Fix panic in Writer

1.9.2

Fixes:

  • Revert Writer DoS fix (#1376) due to regression

1.9.1

Fixes:

  • Fix potential denial of service in logrus.Writer() when logging >64KB single-line payloads without newlines (#1376)

1.9.0

Fixes:

  • Multiple concurrency and race condition fixes
  • Improve Windows terminal and ANSI handling

Code quality:

  • Internal cleanups and modernization

1.8.3

Fixes:

  • Fix potential denial of service in logrus.Writer() when logging >64KB single-line payloads without newlines (#1376)

1.8.2

... (truncated)

Commits

Updates github.com/xorcare/pointer from 1.2.2 to 1.26.0

Commits
  • af78fd9 Deprecate package for Go 1.26+ (new(expr) replaces helpers)
  • b187755 build(deps): bump actions/checkout from 5 to 6
  • 8116b3f build(deps): bump actions/setup-go from 5 to 6
  • 8e5343c build(deps): bump actions/checkout from 4 to 5
  • 31a2563 build(deps): bump codecov/codecov-action from 4 to 5
  • 4812c54 Change formatting of yaml files
  • e79cacb Update golang workflow
  • 0f6f672 build(deps): bump codecov/codecov-action from 2 to 4
  • 653d950 build(deps): bump actions/checkout from 3 to 4
  • b8e05d2 build(deps): bump actions/setup-go from 3 to 5
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.46.0 to 0.49.0

Commits
  • 982eaa6 go.mod: update golang.org/x dependencies
  • 159944f ssh,acme: clean up tautological/impossible nil conditions
  • a408498 acme: only require prompt if server has terms of service
  • cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
  • 2f26647 x509roots/fallback: update bundle
  • e08b067 go.mod: update golang.org/x dependencies
  • 7d0074c scrypt: fix panic on parameters <= 0
  • 506e022 go.mod: update golang.org/x dependencies
  • 7dacc38 chacha20poly1305: error out in fips140=only mode
  • See full diff in compare view

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits
  • ec11c4a errgroup: fix a typo in the documentation
  • 1a58307 all: modernize interface{} -> any
  • 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates golang.org/x/tools from 0.39.0 to 0.42.0

Commits
  • 009367f go.mod: update golang.org/x dependencies
  • 2182926 go/ast/inspector: add Cursor.ParentEdge{Kind,Index} methods
  • 27020ac internal/server: add module upgrade pathway after vulncheck scanning
  • c4ec0f5 internal/server: list vulnerabilities within vulncheck prompt
  • 80d1715 gopls/internal/protocol: add document uri field type
  • 0e23509 gopls/doc: update link to Acme LSP plugin
  • 7b3ed75 gopls/internal/server: respect SemanticTokens option during initialization
  • fddd4a6 gopls/filecache: prevent premature CAS file eviction
  • e3a69ff gopls/internal/golang: refactor.inline.variable: add parens
  • 955d132 gopls/internal/golang: migrate pkgdoc to cursor
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.3 to 0.35.2

Commits
  • 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
  • e2a2dbc Bump golang.org/x/crypto to v0.45.0
  • 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 52154f7 Update vendored dependencies
  • 5a348c5 KEP-5471: Extend tolerations operators (#134665)
  • 6f89492 Merge pull request #133648 from richabanker/merged-discovery
  • c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
  • 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.39.0 to 0.42.0

Commits
  • eaaaaee windows/registry: correct KeyInfo.ModTime calculation
  • 942780b cpu: darwin/arm64 feature detection
  • acef388 unix/linux: Prefixmsg and PrefixCacheinfo structs
  • 3687fbd cpu: better defaults on darwin ARM64
  • 48062e9 plan9: change Note to alias syscall.Note
  • 4f23f80 windows: change Signal to alias syscall.Signal
  • 7548802 all: upgrade go directive to at least 1.25.0 [generated]
  • fc646e4 cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
  • f11c7bb windows: add IsProcessorFeaturePresent and processor feature consts
  • d25a7aa unix: add IoctlSetString on all platforms
  • Additional commits viewable in compare view

Updates golang.org/x/text from 0.32.0 to 0.35.0

Commits
  • 7ca2c6d go.mod: update golang.org/x dependencies
  • 73d1ba9 all: upgrade go directive to at least 1.25.0 [generated]
  • 817fba9 go.mod: update golang.org/x dependencies
  • 3264de9 all: clean up old Go hacks
  • 74af298 all: fix tags in remaining Unicode tables
  • 117e03b all: delete old Unicode tables
  • 9463ea4 all: update to Unicode 17
  • 7278b25 internal/export/idna: update for post-Unicode 10 idna changes
  • f964ad8 internal/export/idna: delete old code
  • 678d34e unicode/norm: preserve QC Maybe bit in packed forminfo
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 17, 2026
@sondavidb sondavidb mentioned this pull request Mar 19, 2026
Open
1 task
@dependabot
build(deps): bump the project-dependency group across 1 directory wit…
4e25462 
…h 14 updates

Bumps the project-dependency group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.0` | `1.41.4` |
| [github.com/containerd/cgroups/v3](https://github.com/containerd/cgroups) | `3.1.2` | `3.1.3` |
| [github.com/docker/docker-credential-helpers](https://github.com/docker/docker-credential-helpers) | `0.8.2` | `0.9.5` |
| [github.com/lima-vm/lima/v2](https://github.com/lima-vm/lima) | `2.0.3` | `2.1.0` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.27.3` | `2.28.1` |
| [github.com/xorcare/pointer](https://github.com/xorcare/pointer) | `1.2.2` | `1.26.0` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.34.3` | `0.35.2` |



Updates `github.com/aws/aws-sdk-go-v2` from 1.41.0 to 1.41.4
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.41.0...v1.41.4)

Updates `github.com/containerd/cgroups/v3` from 3.1.2 to 3.1.3
- [Release notes](https://github.com/containerd/cgroups/releases)
- [Commits](containerd/cgroups@v3.1.2...v3.1.3)

Updates `github.com/docker/docker-credential-helpers` from 0.8.2 to 0.9.5
- [Release notes](https://github.com/docker/docker-credential-helpers/releases)
- [Commits](docker/docker-credential-helpers@v0.8.2...v0.9.5)

Updates `github.com/lima-vm/lima/v2` from 2.0.3 to 2.1.0
- [Release notes](https://github.com/lima-vm/lima/releases)
- [Commits](lima-vm/lima@v2.0.3...v2.1.0)

Updates `github.com/onsi/ginkgo/v2` from 2.27.3 to 2.28.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.27.3...v2.28.1)

Updates `github.com/onsi/gomega` from 1.38.3 to 1.39.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.3...v1.39.0)

Updates `github.com/sirupsen/logrus` from 1.9.4-0.20230606125235-dd1b4c2e81af to 1.9.4
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/commits/v1.9.4)

Updates `github.com/xorcare/pointer` from 1.2.2 to 1.26.0
- [Commits](xorcare/pointer@v1.2.2...v1.26.0)

Updates `golang.org/x/crypto` from 0.46.0 to 0.49.0
- [Commits](golang/crypto@v0.46.0...v0.49.0)

Updates `golang.org/x/sync` from 0.19.0 to 0.20.0
- [Commits](golang/sync@v0.19.0...v0.20.0)

Updates `golang.org/x/tools` from 0.39.0 to 0.42.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.39.0...v0.42.0)

Updates `k8s.io/apimachinery` from 0.34.3 to 0.35.2
- [Commits](kubernetes/apimachinery@v0.34.3...v0.35.2)

Updates `golang.org/x/sys` from 0.39.0 to 0.42.0
- [Commits](golang/sys@v0.39.0...v0.42.0)

Updates `golang.org/x/text` from 0.32.0 to 0.35.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.32.0...v0.35.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.41.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: project-dependency
- dependency-name: github.com/containerd/cgroups/v3
  dependency-version: 3.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: project-dependency
- dependency-name: github.com/docker/docker-credential-helpers
  dependency-version: 0.9.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: github.com/lima-vm/lima/v2
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: project-dependency
- dependency-name: github.com/xorcare/pointer
  dependency-version: 1.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: golang.org/x/crypto
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: golang.org/x/sync
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: golang.org/x/tools
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: golang.org/x/sys
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
- dependency-name: golang.org/x/text
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: project-dependency
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/project-dependency-15dfac2a17 branch from 267b2b6 to 4e25462 Compare March 20, 2026 16:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants