Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): Bump the production-dependencies group across 1 directory with 33 updates #583

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 19, 2024

Bumps the production-dependencies group with 18 updates in the / directory:

Package From To
github.com/tektoncd/pipeline 0.65.2 0.66.0
k8s.io/apimachinery 0.31.2 0.32.0
cloud.google.com/go/iam 1.1.11 1.3.0
github.com/containerd/stargz-snapshotter/estargz 0.15.1 0.16.3
github.com/docker/cli 27.3.1+incompatible 27.4.1+incompatible
github.com/go-jose/go-jose/v4 4.0.3 4.0.4
github.com/golang/glog 1.2.2 1.2.3
github.com/google/cel-go 0.20.1 0.22.1
github.com/google/gnostic-models 0.6.9-0.20230804172637-c7be7c783f49 0.6.9
github.com/grpc-ecosystem/grpc-gateway/v2 2.20.0 2.24.0
github.com/k8snetworkplumbingwg/network-attachment-definition-client 1.7.4 1.7.5
github.com/mailru/easyjson 0.7.7 0.9.0
github.com/prometheus/client_golang 1.19.1 1.20.5
github.com/prometheus/common 0.55.0 0.61.0
github.com/prometheus/statsd_exporter 0.26.1 0.28.0
github.com/secure-systems-lab/go-securesystemslib 0.8.0 0.9.0
github.com/sigstore/sigstore 1.8.7 1.8.11
sigs.k8s.io/kustomize/api 0.17.3 0.18.0

Updates github.com/tektoncd/pipeline from 0.65.2 to 0.66.0

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.66.0 "American Curl AL-76"

-Docs @ v0.66.0 -Examples @ v0.66.0

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.66.0/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677aaef800dc5c82c7e8a7dc72d7ed947dc0e166c29c7bfd9f2b6edca989022cb90c

Obtain the attestation:

REKOR_UUID=108e9186e8c5677aaef800dc5c82c7e8a7dc72d7ed947dc0e166c29c7bfd9f2b6edca989022cb90c
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.66.0/release.yaml
REKOR_UUID=108e9186e8c5677aaef800dc5c82c7e8a7dc72d7ed947dc0e166c29c7bfd9f2b6edca989022cb90c
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.66.0@sha256:" + .digest.sha256')
Download the release file
curl "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

  • ✨ Fix StepAction support in Cluster resolver (#8382)

... (truncated)

Changelog

Sourced from github.com/tektoncd/pipeline's changelog.

Tekton Pipeline Releases

Release Frequency

Tekton Pipelines follows the Tekton community [release policy][release-policy] as follows:

  • Versions are numbered according to semantic versioning: vX.Y.Z
  • A new release is produced on a monthly basis
  • Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
    • LTS releases take place in January, April, July and October every year
    • The first Tekton Pipelines LTS release will be v0.41.0 in October 2022
    • Releases happen towards the middle of the month, between the 13th and the 20th, depending on week-ends and readiness

Tekton Pipelines produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.41 Tekton Pipelines has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.37 and v0.40.

Release Process

Tekton Pipeline releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-pipeline-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

  • The Tekton Pipeline [release process][tekton-releases-docs]
  • [Installing Tekton][tekton-installation]
  • Standard for [release notes][release-notes-standards]

Release

v0.66

  • Latest Release: [v0.66.0][v0.66-0] (2024-12-04) ([docs][v0.66-0-docs], [examples][v0.66-0-examples])
  • Initial Release: [v0.66.0][v0.66-0] (2024-12-04)
  • Estimated End of Life: 2024-12-28
  • Patch Releases: [v0.66.0][v0.66-0]

v0.65 (LTS)

... (truncated)

Commits
  • 1dd488e build(deps): bump github/codeql-action from 3.27.4 to 3.27.5
  • 1f50ecd build(deps): bump the all group in /tekton with 2 updates
  • 0f2d9f1 Fixes git-resolver configuration for serverUrl and scmType
  • cfc5c7b build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0
  • 27c87f0 build(deps): bump the all group in /tekton with 2 updates
  • bfe7b03 build(deps): bump github.com/golangci/golangci-lint in /tools
  • 3714d4f build(deps): bump step-security/harden-runner from 2.10.1 to 2.10.2
  • 85dc300 fix: add missing stepaction RBAC permission for resolver
  • 0d39e02 build(deps): bump the all group in /tekton with 2 updates
  • ccf8cfb build(deps): bump github/codeql-action from 3.27.1 to 3.27.4
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.31.2 to 0.32.0

Commits
  • 59e9003 Merge remote-tracking branch 'origin/master' into release-1.32
  • 639247c Drop use of winreadlinkvolume godebug option
  • 220d7c3 Merge remote-tracking branch 'origin/master' into release-1.32
  • c199d3b Revert to go1.22 windows filesystem stdlib behavior
  • 16af2ff implement unsafe deletion, and wire it
  • 6ff8305 api: run codegen
  • ca9b8b2 api: add a new field to meta/v1 DeleteOptions
  • d941d9f Merge pull request #128503 from benluddy/cbor-codecs-featuregate
  • 3b4250f Wire serving codecs to CBOR feature gate.
  • daaad09 Merge pull request #128501 from benluddy/watch-cbor-seq
  • Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20240711033017-18e509b52bc8 to 0.0.0-20241104100929-3ea5e8cea738

Commits

Updates cloud.google.com/go/iam from 1.1.11 to 1.3.0

Release notes

Sourced from cloud.google.com/go/iam's releases.

iam: v1.3.0

1.3.0 (2024-12-04)

Features

  • iam: Add ResourcePolicyMember to google/iam/v1 (8dedb87)

cloudquotas: v1.2.0

1.2.0 (2024-11-14)

Features

  • cloudquotas: A new value NOT_ENOUGH_USAGE_HISTORY is added to enum IneligibilityReason (e85151d)
  • cloudquotas: A new value NOT_SUPPORTED is added to enum IneligibilityReason (e85151d)
Changelog

Sourced from cloud.google.com/go/iam's changelog.

1.3.0 (2022-02-22)

Features

  • documentai: add symbols field, and auto-format comments (f9fe0f2)
  • documentai: add symbols field, and auto-format comments (f9fe0f2)

1.2.0 (2022-02-11)

Features

  • documentai: add file for tracking version (17b36ea)
  • documentai: add question_id field in ReviewDocumentOperationMetadata (2fae584)

1.1.0 (2022-02-03)

Features

  • documentai: add question_id field in ReviewDocumentOperationMetadata (6e56077)

1.0.1 (2022-01-13)

Bug Fixes

  • documentai: add ancillary service bindings to service_yaml (3bbe8c0)

1.0.0

Stabilize GA surface.

v0.1.0

This is the first tag to carve out documentai as its own module. See Add a module to a multi-module repository.

Commits
  • 63b704e chore: release main (#11176)
  • 481f97b chore(main): release auth 0.12.0 (#11187)
  • 191a664 feat(dialogflow): make TrainingPhrase name field output-only (#11217)
  • a7db927 fix(storage): add backoff to gRPC write retries (#11200)
  • 364b639 feat(bigquery): expose IsCaseInsensitive for dataset metadata (#11216)
  • d3de944 feat(managedkafka): A new field satisfies_pzi is added to message `.google....
  • d93c2d9 feat(bigquery): support IAM conditions in datasets (#11123)
  • ab75177 chore(main): release pubsub 1.45.2 (#11102)
  • f843d50 fix(pubsub): only init batch span if trace enabled (#11193)
  • 8dedb87 docs(batch): Rephrase reservation field doc (#11180)
  • Additional commits viewable in compare view

Updates cloud.google.com/go/kms from 1.18.3 to 1.20.0

Release notes

Sourced from cloud.google.com/go/kms's releases.

billing: v1.20.0

1.20.0 (2024-12-04)

Features

  • billing: Added currency field to billing account message (d3de944)

dataplex: v1.20.0

1.20.0 (2024-11-19)

Features

  • dataplex: A new enum TableType is added (c1e936d)
  • dataplex: A new field datascan_id is added to message .google.cloud.dataplex.v1.DiscoveryEvent (c1e936d)
  • dataplex: A new field suspended is added to DataScans (c1e936d)
  • dataplex: A new field table is added to message .google.cloud.dataplex.v1.DiscoveryEvent (c1e936d)
  • dataplex: A new message TableDetails is added (c1e936d)
  • dataplex: Add a DATA_DISCOVERY enum type in DataScanEvent (c1e936d)
  • dataplex: Add a DataDiscoveryAppliedConfigs message (c1e936d)
  • dataplex: Add a TABLE_DELETED field in DiscoveryEvent (c1e936d)
  • dataplex: Add a TABLE_IGNORED field in DiscoveryEvent (c1e936d)
  • dataplex: Add a TABLE_PUBLISHED field in DiscoveryEvent (c1e936d)
  • dataplex: Add a TABLE_UPDATED field in DiscoveryEvent (c1e936d)
  • dataplex: Add an Issue field to DiscoveryEvent.ActionDetails to output the action message in Cloud Logs (c1e936d)
  • dataplex: Add annotations in CreateMetadataJob, GetMetadataJob, ListMetaDataJobs and CancelMetadataJob for cloud audit logging (c1e936d)
  • dataplex: Add data_version field to AspectSource (c1e936d)
  • dataplex: Add new Data Discovery scan type in Datascan (c1e936d)
  • dataplex: Expose create time in DataScanJobAPI (c1e936d)
  • dataplex: Expose create time to customers (c1e936d)
  • dataplex: Release metadata export in private preview (c1e936d)
  • dataplex: Release MetadataJob APIs and related resources in GA (c1e936d)
  • dataplex: Update Go Bigtable import path (c1e936d)
  • dataplex: Update Go Datastore import path (c1e936d)

Documentation

  • dataplex: A comment for message DataScanEvent is changed (c1e936d)
  • dataplex: Add comment for field status in message .google.cloud.dataplex.v1.MetadataJob per https (c1e936d)
  • dataplex: Add comment for field type in message .google.cloud.dataplex.v1.MetadataJob per https (c1e936d)
  • dataplex: Add Identifier for name in message .google.cloud.dataplex.v1.MetadataJob per https (c1e936d)
  • dataplex: Add info about schema changes for BigQuery metadata in Dataplex Catalog (c1e936d)
  • dataplex: Add link to fully qualified names documentation (c1e936d)
  • dataplex: Correct API documentation (c1e936d)
  • dataplex: Correct the dimensions for data quality rules (c1e936d)
  • dataplex: Dataplex Tasks do not support Dataplex Content path as a direct input anymore (c1e936d)
  • dataplex: Scrub descriptions for standalone discovery scans (c1e936d)

... (truncated)

Changelog

Sourced from cloud.google.com/go/kms's changelog.

1.20.0 (2023-06-20)

Features

  • documentai: Add StyleInfo to document.proto (b726d41)
  • documentai: Add StyleInfo to document.proto (b726d41)

Bug Fixes

  • documentai: REST query UpdateMask bug (df52820)

1.19.0 (2023-05-30)

Features

  • documentai: Update all direct dependencies (b340d03)

1.18.1 (2023-05-08)

Bug Fixes

  • documentai: Update grpc to v1.55.0 (1147ce0)

1.18.0 (2023-03-22)

Features

  • documentai: Add ImportProcessorVersion in v1beta3 (c967961)

1.17.0 (2023-03-15)

Features

  • documentai: Added hints.language_hints field in OcrConfig (#7522) (b2c40c3)

1.16.0 (2023-02-22)

Features

1.15.0 (2023-02-14)

... (truncated)

Commits
  • 47bb902 chore: release main (#10988)
  • 2b8ca4b chore: add Protobuf warning to release notes (#11025)
  • 8bb87d5 chore: update google.golang.org/api to v0.203.0 (#11022)
  • d40fbff fix(storage): Skip only specific transport tests. (#11016)
  • ff06fc2 fix: Fix default service account tests on GCE. (#11021)
  • 6071167 feat(alloydb): add new PSC instance configuration setting and output the PSC ...
  • 15eacb9 chore: update SA used for tests (#11018)
  • e78389d chore: fix doc publish creds (#11019)
  • 1d7ee9f chore(main): release auth 0.9.9 (#11003)
  • 6e69d2e feat(texttospeech): add brand voice lite, which lets you clone a voice with j...
  • Additional commits viewable in compare view

Updates github.com/containerd/stargz-snapshotter/estargz from 0.15.1 to 0.16.3

Release notes

Sourced from github.com/containerd/stargz-snapshotter/estargz's releases.

v0.16.3

Notable Changes

  • Fix zstd:chunked converter error on duplicated blobs (#1894)

v0.16.2

Notable Changes

  • go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1 (#1877)

v0.16.1

Notable Changes

  • prevernt go version upgraded to 1.23 in go.mod (#1863)

v0.16.0

Notable Changes

  • Support for the latest CRI-O(>=v1.31.0) and Podman (>=v5.1.0) Additional Layer Store (#1673, #1674)
  • Fix log message in refnode.Lookup (#1595), thanks to @​iain-macdonald
  • store: use OnForget API for checking if a node is reusable (#1808)
  • Support for containerd v2 (#1722), thanks to @​apostasie
  • fs: Check connection only when image isn't fully cached (#1584)
Commits
  • c0389e0 Merge pull request #1898 from ktock/prepare-v0.16.3
  • c6a444e [v0.16] Prepare for v0.16.3
  • 86bbdeb Merge pull request #1894 from ktock/bp-1885
  • 9b706a2 Rely on OpenWriter for retrying opening writer
  • 570ba70 Rely on contaienrd's GC for cleanup of temporary content
  • 1d34a1b Merge pull request #1878 from ktock/prepare-v0.16.2
  • 3971b26 Merge pull request #1877 from ktock/v0.16dev
  • 1e4fad0 Preapre for v0.16.2
  • 4edcebd go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1
  • 7d3230e Merge pull request #1864 from ktock/prepare-v0.16.1
  • Additional commits viewable in compare view

Updates github.com/docker/cli from 27.3.1+incompatible to 27.4.1+incompatible

Commits
  • b9d17ea Merge pull request #5700 from thaJeztah/27.x_backport_remove_use_of_netfilter...
  • a08a120 cli/command/system: remove BridgeNfIptables, BridgeNfIp6tables in tests
  • 4870b3d Merge pull request #5699 from thaJeztah/27.x_backport_remove_system_isabs
  • d3b59fb cli/command/container: use local copy of pkg/system.IsAbs
  • ac40240 Merge pull request #5685 from thaJeztah/27.x_backport_bump_xx
  • 3fa9480 Merge pull request #5690 from thaJeztah/27.x_backport_bump_gomd2man
  • fce7c04 Merge pull request #5692 from thaJeztah/27.x_backport_remove_netfilter_warnings
  • 70815c1 cli/command/system: remove netfilter warnings from tests
  • 12d98b0 update go-md2man to v2.0.5
  • f9783ec update xx to v1.6.1 for compatibility with alpine 3.21
  • Additional commits viewable in compare view

Updates github.com/go-jose/go-jose/v4 from 4.0.3 to 4.0.4

Release notes

Sourced from github.com/go-jose/go-jose/v4's releases.

Version 4.0.4

Fixed

  • Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #136 / #137.
Changelog

Sourced from github.com/go-jose/go-jose/v4's changelog.

v4.0.4

Fixed

  • Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #136 / #137.
Commits

Updates github.com/golang/glog from 1.2.2 to 1.2.3

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.3

What's Changed

Full Changelog: golang/glog@v1.2.2...v1.2.3

Commits

Updates github.com/google/cel-go from 0.20.1 to 0.22.1

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.22.1

Fixes

New Contributors

Full Changelog: google/cel-go@v0.22.0...v0.22.1

Release v0.22.0

What's Changed

Core CEL

Policy

... (truncated)

Commits
  • 933f926 Fix nil-type when two-var comprehension has a dyn range (#1077)
  • ff1302f Fix optional test to be functional (#1076)
  • 4b73ba3 Add two-variable comprehension support to cel-policy (#1074)
  • ba74bf6 Additional nil-safety checks with corresponding test updates (#1073)
  • 72e0977 Rename conformance proto import for ease of syncing (#1071)
  • 24ec244 Fix format string issue (#1072)
  • 7184cb0 Update docs on IO methods (#1070)
  • da44524 Expose public methods to convert function and variable decl to v1 Decl (#1069)
  • f8ecaa2 Harden legacy macros, add support for existsOne macro (#1064)
  • 8ad600b Ensure variables in comprehensions don't collide (#1062)
  • Additional commits viewable in compare view

Updates github.com/google/gnostic-models from 0.6.9-0.20230804172637-c7be7c783f49 to 0.6.9

Commits

Updates github.com/google/pprof from 0.0.0-20240827171923-fa2c70bbbfe5 to 0.0.0-20241029153458-d1b30febd7db

Commits

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.20.0 to 2.24.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.24.0

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.23.0...v2.24.0

v2.23.0

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.22.0...v2.23.0

v2.22.0

... (truncated)

Commits
  • a5f1b64 chore(deps): update dependency com_github_bazelbuild_buildtools to v7 (#4984)
  • ef7b3ac chore(deps): update dependency com_github_bazelbuild_buildtools to v6.4.0 (#4...
  • 6f45ded chore(deps): update googleapis digest to 005b0fd (#4982)
  • e800153 Fix Bazel buildtools dependency (#4980)
  • 5076a6b chore(deps): update googleapis digest to 6f7652b (#4981)
  • 2a4bf6a Errors on valid timestamps (#4973)
  • 1cf390f chore(deps): update googleapis digest to 55c0c09 (#4979)
  • 1ffe4fd Fix marshaler interface function name in examples in docs (#4978)
  • 26d134f chore: use errors.Is to compare errors in generated code (#4971)
  • d7155cb chore(deps): update googleapis digest to 798a8be (#4977)
  • Additional commits viewable in compare view

Updates github.com/k8snetworkplumbingwg/network-attachment-definition-client from 1.7.4 to 1.7.5

Release notes

Sourced from

…y with 33 updates

Bumps the production-dependencies group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.65.2` | `0.66.0` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.31.2` | `0.32.0` |
| [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) | `1.1.11` | `1.3.0` |
| [github.com/containerd/stargz-snapshotter/estargz](https://github.com/containerd/stargz-snapshotter) | `0.15.1` | `0.16.3` |
| [github.com/docker/cli](https://github.com/docker/cli) | `27.3.1+incompatible` | `27.4.1+incompatible` |
| [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) | `4.0.3` | `4.0.4` |
| [github.com/golang/glog](https://github.com/golang/glog) | `1.2.2` | `1.2.3` |
| [github.com/google/cel-go](https://github.com/google/cel-go) | `0.20.1` | `0.22.1` |
| [github.com/google/gnostic-models](https://github.com/google/gnostic-models) | `0.6.9-0.20230804172637-c7be7c783f49` | `0.6.9` |
| [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) | `2.20.0` | `2.24.0` |
| [github.com/k8snetworkplumbingwg/network-attachment-definition-client](https://github.com/k8snetworkplumbingwg/network-attachment-definition-client) | `1.7.4` | `1.7.5` |
| [github.com/mailru/easyjson](https://github.com/mailru/easyjson) | `0.7.7` | `0.9.0` |
| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.19.1` | `1.20.5` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.55.0` | `0.61.0` |
| [github.com/prometheus/statsd_exporter](https://github.com/prometheus/statsd_exporter) | `0.26.1` | `0.28.0` |
| [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) | `0.8.0` | `0.9.0` |
| [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) | `1.8.7` | `1.8.11` |
| [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) | `0.17.3` | `0.18.0` |



Updates `github.com/tektoncd/pipeline` from 0.65.2 to 0.66.0
- [Release notes](https://github.com/tektoncd/pipeline/releases)
- [Changelog](https://github.com/tektoncd/pipeline/blob/main/releases.md)
- [Commits](tektoncd/pipeline@v0.65.2...v0.66.0)

Updates `k8s.io/apimachinery` from 0.31.2 to 0.32.0
- [Commits](kubernetes/apimachinery@v0.31.2...v0.32.0)

Updates `k8s.io/utils` from 0.0.0-20240711033017-18e509b52bc8 to 0.0.0-20241104100929-3ea5e8cea738
- [Commits](https://github.com/kubernetes/utils/commits)

Updates `cloud.google.com/go/iam` from 1.1.11 to 1.3.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](googleapis/google-cloud-go@iam/v1.1.11...iam/v1.3.0)

Updates `cloud.google.com/go/kms` from 1.18.3 to 1.20.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.18.3...dlp/v1.20.0)

Updates `github.com/containerd/stargz-snapshotter/estargz` from 0.15.1 to 0.16.3
- [Release notes](https://github.com/containerd/stargz-snapshotter/releases)
- [Commits](containerd/stargz-snapshotter@v0.15.1...v0.16.3)

Updates `github.com/docker/cli` from 27.3.1+incompatible to 27.4.1+incompatible
- [Commits](docker/cli@v27.3.1...v27.4.1)

Updates `github.com/go-jose/go-jose/v4` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](go-jose/go-jose@v4.0.3...v4.0.4)

Updates `github.com/golang/glog` from 1.2.2 to 1.2.3
- [Release notes](https://github.com/golang/glog/releases)
- [Commits](golang/glog@v1.2.2...v1.2.3)

Updates `github.com/google/cel-go` from 0.20.1 to 0.22.1
- [Release notes](https://github.com/google/cel-go/releases)
- [Commits](google/cel-go@v0.20.1...v0.22.1)

Updates `github.com/google/gnostic-models` from 0.6.9-0.20230804172637-c7be7c783f49 to 0.6.9
- [Commits](https://github.com/google/gnostic-models/commits/v0.6.9)

Updates `github.com/google/pprof` from 0.0.0-20240827171923-fa2c70bbbfe5 to 0.0.0-20241029153458-d1b30febd7db
- [Commits](https://github.com/google/pprof/commits)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.20.0 to 2.24.0
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/main/.goreleaser.yml)
- [Commits](grpc-ecosystem/grpc-gateway@v2.20.0...v2.24.0)

Updates `github.com/k8snetworkplumbingwg/network-attachment-definition-client` from 1.7.4 to 1.7.5
- [Release notes](https://github.com/k8snetworkplumbingwg/network-attachment-definition-client/releases)
- [Commits](k8snetworkplumbingwg/network-attachment-definition-client@v1.7.4...v1.7.5)

Updates `github.com/klauspost/compress` from 1.17.10 to 1.17.11
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.10...v1.17.11)

Updates `github.com/mailru/easyjson` from 0.7.7 to 0.9.0
- [Release notes](https://github.com/mailru/easyjson/releases)
- [Commits](mailru/easyjson@v0.7.7...v0.9.0)

Updates `github.com/prometheus/client_golang` from 1.19.1 to 1.20.5
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](prometheus/client_golang@v1.19.1...v1.20.5)

Updates `github.com/prometheus/common` from 0.55.0 to 0.61.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/RELEASE.md)
- [Commits](prometheus/common@v0.55.0...v0.61.0)

Updates `github.com/prometheus/statsd_exporter` from 0.26.1 to 0.28.0
- [Release notes](https://github.com/prometheus/statsd_exporter/releases)
- [Changelog](https://github.com/prometheus/statsd_exporter/blob/master/CHANGELOG.md)
- [Commits](prometheus/statsd_exporter@v0.26.1...v0.28.0)

Updates `github.com/secure-systems-lab/go-securesystemslib` from 0.8.0 to 0.9.0
- [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases)
- [Commits](secure-systems-lab/go-securesystemslib@v0.8.0...v0.9.0)

Updates `github.com/sigstore/sigstore` from 1.8.7 to 1.8.11
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](sigstore/sigstore@v1.8.7...v1.8.11)

Updates `golang.org/x/oauth2` from 0.23.0 to 0.24.0
- [Commits](golang/oauth2@v0.23.0...v0.24.0)

Updates `golang.org/x/time` from 0.6.0 to 0.7.0
- [Commits](golang/time@v0.6.0...v0.7.0)

Updates `golang.org/x/tools` from 0.25.0 to 0.26.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.25.0...v0.26.0)

Updates `google.golang.org/api` from 0.189.0 to 0.203.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.189.0...v0.203.0)

Updates `google.golang.org/genproto/googleapis/api` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20241118233622-e639e219e697
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20240814211410-ddb44dafa142 to 0.0.0-20241118233622-e639e219e697
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `google.golang.org/grpc` from 1.67.1 to 1.68.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.67.1...v1.68.0)

Updates `google.golang.org/protobuf` from 1.34.2 to 1.35.2

Updates `sigs.k8s.io/json` from 0.0.0-20221116044647-bc3834ca7abd to 0.0.0-20241010143419-9aa6b5e7a4b3
- [Commits](https://github.com/kubernetes-sigs/json/commits)

Updates `sigs.k8s.io/kustomize/api` from 0.17.3 to 0.18.0
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@api/v0.17.3...api/v0.18.0)

Updates `sigs.k8s.io/kustomize/kyaml` from 0.17.2 to 0.18.1
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@api/v0.17.2...kyaml/v0.18.1)

Updates `sigs.k8s.io/structured-merge-diff/v4` from 4.4.1 to 4.4.2
- [Release notes](https://github.com/kubernetes-sigs/structured-merge-diff/releases)
- [Changelog](https://github.com/kubernetes-sigs/structured-merge-diff/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/structured-merge-diff@v4.4.1...v4.4.2)

---
updated-dependencies:
- dependency-name: github.com/tektoncd/pipeline
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: k8s.io/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: cloud.google.com/go/iam
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: cloud.google.com/go/kms
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/containerd/stargz-snapshotter/estargz
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/docker/cli
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/golang/glog
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/google/cel-go
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/google/gnostic-models
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/google/pprof
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/k8snetworkplumbingwg/network-attachment-definition-client
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/klauspost/compress
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/mailru/easyjson
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/prometheus/client_golang
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/prometheus/common
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/prometheus/statsd_exporter
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/secure-systems-lab/go-securesystemslib
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/sigstore/sigstore
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: golang.org/x/oauth2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: golang.org/x/time
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: golang.org/x/tools
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google.golang.org/api
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google.golang.org/genproto/googleapis/api
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sigs.k8s.io/json
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sigs.k8s.io/kustomize/kyaml
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sigs.k8s.io/structured-merge-diff/v4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the release-note-none Denotes a PR that doesn't merit a release note. label Dec 19, 2024
@kubevirt-bot kubevirt-bot added the dco-signoff: yes Indicates the PR's author has DCO signed all their commits. label Dec 19, 2024
@kubevirt-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot requested a review from geetikakay December 19, 2024 12:40
Copy link

openshift-ci bot commented Dec 19, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@codingben
Copy link
Member

@0xFelix Do you think we should bump so many dependencies, or close this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dco-signoff: yes Indicates the PR's author has DCO signed all their commits. release-note-none Denotes a PR that doesn't merit a release note. size/XXL
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants