chore(deps): update go dependencies by red-hat-konflux[bot] · Pull Request #88 · securesign/policy-controller

red-hat-konflux · 2026-01-29T17:35:13Z

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
cloud.google.com/go/auth	indirect	patch	`v0.18.0` -> `v0.18.1`
cloud.google.com/go/longrunning	indirect	minor	`v0.7.0` -> `v0.8.0`
cuelang.org/go	indirect	patch	`v0.15.3` -> `v0.15.4`
github.com/Azure/azure-sdk-for-go/sdk/azcore	require	minor	`v1.20.0` -> `v1.21.0`
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric	indirect	minor	`v0.54.0` -> `v0.55.0`
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping	indirect	minor	`v0.54.0` -> `v0.55.0`
github.com/ThalesIgnite/crypto11	indirect	minor	`v1.2.5` -> `v1.6.0`
github.com/alibabacloud-go/openapi-util	indirect	patch	`v0.1.1` -> `v0.1.2`
github.com/alibabacloud-go/tea	indirect	minor	`v1.3.14` -> `v1.4.0`
github.com/aliyun/credentials-go	indirect	patch	`v1.4.10` -> `v1.4.11`
github.com/aws/aws-sdk-go-v2/credentials	indirect	patch	`v1.19.6` -> `v1.19.7`
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	indirect	patch	`v1.18.16` -> `v1.18.17`
github.com/aws/aws-sdk-go-v2/internal/configsources	indirect	patch	`v1.4.16` -> `v1.4.17`
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	indirect	patch	`v1.13.16` -> `v1.13.17`
github.com/aws/aws-sdk-go-v2/service/signin	indirect	patch	`v1.0.4` -> `v1.0.5`
github.com/cloudflare/circl	indirect	patch	`v1.6.2` -> `v1.6.3`
github.com/cncf/xds/go	indirect	digest	`ee656c7` -> `dba9d58`
github.com/containerd/stargz-snapshotter/estargz	indirect	patch	`v0.18.1` -> `v0.18.2`
github.com/docker/docker-credential-helpers	require	patch	`v0.9.4` -> `v0.9.5`
github.com/emicklei/proto	indirect	patch	`v1.14.2` -> `v1.14.3`
github.com/google/go-containerregistry/pkg/authn/k8schain	require	digest	`e075f20` -> `93aa273`
github.com/google/go-containerregistry/pkg/authn/kubernetes	require	digest	`e075f20` -> `93aa273`
github.com/googleapis/enterprise-certificate-proxy	indirect	patch	`v0.3.7` -> `v0.3.11`
github.com/in-toto/in-toto-golang	indirect	minor	`v0.9.0` -> `v0.10.0`
github.com/klauspost/compress	indirect	patch	`v1.18.2` -> `v1.18.3`
github.com/letsencrypt/boulder	require	minor	`v0.20250721.0` -> `v0.20260202.0`
github.com/miekg/pkcs11	indirect	patch	`v1.1.1` -> `v1.1.2`
github.com/open-policy-agent/opa	indirect	minor	`v1.1.0` -> `v1.13.1`
github.com/prometheus/common	indirect	patch	`v0.67.4` -> `v0.67.5`
github.com/secure-systems-lab/go-securesystemslib	indirect	minor	`v0.9.1` -> `v0.10.0`
github.com/sigstore/rekor	require	minor	`v1.4.3` -> `v1.5.0`
github.com/sigstore/scaffolding	require	patch	`v0.7.22` -> `v0.7.33`
github.com/sigstore/sigstore	require	minor	`v1.9.6-0.20251017153808-5089bd7668f3` -> `v1.10.4`
github.com/sigstore/sigstore-go	require	patch	`v1.1.3` -> `v1.1.4`
github.com/sigstore/sigstore/pkg/signature/kms/aws	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/azure	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/gcp	require	minor	`v1.9.6-0.20251017153808-5089bd7668f3` -> `v1.10.4`
github.com/sigstore/sigstore/pkg/signature/kms/hashivault	require	minor	`v1.9.5` -> `v1.10.4`
github.com/sirupsen/logrus	indirect	patch	`v1.9.3` -> `v1.9.4`
github.com/transparency-dev/formats	indirect	digest	`0e991b4` -> `9975703`
gitlab.com/gitlab-org/api/client-go	indirect	minor	`v1.10.0` -> `v1.23.0`
go.mongodb.org/mongo-driver	indirect	patch	`v1.17.6` -> `v1.17.9`
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	indirect	minor	`v0.64.0` -> `v0.65.0`
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	indirect	minor	`v0.64.0` -> `v0.65.0`
go.opentelemetry.io/contrib/instrumentation/runtime	indirect	minor	`v0.64.0` -> `v0.65.0`
go.opentelemetry.io/otel/exporters/prometheus	indirect	minor	`v0.61.0` -> `v0.62.0`
golang.org/x/crypto	require	minor	`v0.46.0` -> `v0.47.0`
golang.org/x/exp	indirect	digest	`944ab1f` -> `716be56`
golang.org/x/net	require	minor	`v0.48.0` -> `v0.49.0`
golang.org/x/oauth2	indirect	minor	`v0.34.0` -> `v0.35.0`
golang.org/x/sys	indirect	minor	`v0.39.0` -> `v0.41.0`
golang.org/x/term	indirect	minor	`v0.38.0` -> `v0.39.0`
golang.org/x/text	indirect	minor	`v0.32.0` -> `v0.33.0`
golang.org/x/tools	indirect	minor	`v0.40.0` -> `v0.41.0`
google.golang.org/api	indirect	minor	`v0.258.0` -> `v0.265.0`
google.golang.org/genproto	indirect	digest	`0a764e5` -> `546029d`
google.golang.org/genproto/googleapis/api	indirect	digest	`0a764e5` -> `546029d`
google.golang.org/genproto/googleapis/rpc	indirect	digest	`0a764e5` -> `546029d`
k8s.io/api	require	minor	`v0.34.3` -> `v0.35.0`
k8s.io/apiextensions-apiserver	indirect	minor	`v0.34.3` -> `v0.35.0`
k8s.io/apimachinery	require	minor	`v0.34.3` -> `v0.35.0`
k8s.io/client-go	require	minor	`v0.34.3` -> `v0.35.0`
k8s.io/code-generator	replace	minor	`v0.34.2` -> `v0.35.0`
k8s.io/code-generator	require	minor	`v0.34.3` -> `v0.35.0`
k8s.io/kube-openapi	replace	digest	`4e65d59` -> `a19766b`
k8s.io/kube-openapi	require	digest	`4e65d59` -> `a19766b`
k8s.io/utils	indirect	digest	`718f0e5` -> `914a6e7`
knative.dev/hack	require	digest	`1484a9e` -> `6d9b47b`
knative.dev/hack/schema	require	digest	`1484a9e` -> `6d9b47b`
knative.dev/pkg	require	digest	`51874fe` -> `57e664f`
sigs.k8s.io/release-utils	require	patch	`v0.12.2` -> `v0.12.3`

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

googleapis/google-cloud-go (cloud.google.com/go/longrunning)

`v0.8.0`

Compare Source

profiler package added.
storage:
- Retry Objects.Insert call.
- Add ProgressFunc to WRiter.
pubsub: breaking changes:
- Publish is now asynchronous (announcement).
- Subscription.Pull replaced by Subscription.Receive, which takes a callback (announcement).
- Message.Done replaced with Message.Ack and Message.Nack.

cue-lang/cue (cuelang.org/go)

`v0.15.4`

Compare Source

Evaluator

Fix a panic which could occur when using the error built-in with cyclic references.

Fix a panic which could occur when loading @experiment(aliasv2) syntax with an invalid alias name.

`cmd/cue`

Relax the cue login --token validation to allow future Central Registry token types.

Encodings

Fix a bug in the TOML decoder where nested arrays were causing incorrect "duplicate key" errors.

Full list of changes since v0.15.3

internal/cueversion: bump LanguageVersion for v0.15.4 by @mvdan in 50c137c
internal/ci: bump Go and goreleaser for v0.15.4 by @mvdan in 8e3eaa9
cmd/cue: relax login --token prefix validation by @rustyx in d0bd478
cue/ast/astutil: fix nil pointer dereference in postfix alias error by @mvdan in c5df0af
internal/core/debug: fix stack overflow in error formatting by @mvdan in bf7a40d
encoding/toml: correctly check for duplicate keys with arrays by @mvdan in 4a5fd52

GoogleCloudPlatform/opentelemetry-operations-go (github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric)

`v0.55.0`: v1.31.0/v0.55.0

Compare Source

What's Changed

Add feature gate to allow sending log trace context without a prefix by @dashpole in #1079
[exporter/collector/logs] Support httpRequest.status field as integer or string containing an integer. by @franciscovalentecastro in #1080
Fix CI by @dashpole in #1086
precompile regex from resource filters by @dashpole in #1085
Add region tags in OTLP Trace Sample by @psx95 in #1089
[exporter/collector/logs] Create Int32OrString and Int64OrString to handle integer fields in gcp.http_request. by @franciscovalentecastro in #1091
[chore] Pre-release steps for opentelemetry-operations-go repo release. by @franciscovalentecastro in #1092

Full Changelog: GoogleCloudPlatform/opentelemetry-operations-go@v0.54.0...v0.55.0

ThalesIgnite/crypto11 (github.com/ThalesIgnite/crypto11)

What's Changed

Fix findkeys error and eval byte nil or len zero by @Nicolas-Peiffer in ThalesGroup#122
Update go1.24.5 by @Nicolas-Peiffer in ThalesGroup#123

Full Changelog: ThalesGroup/crypto11@v1.4.1...v1.5.0

`v1.4.1`

Compare Source

What's Changed

update to go 1.23.6
fix: underlying library context is reused through reference counting by @ek-1n574 in ThalesGroup#114

New Contributors

@ek-1n574 made their first contribution in ThalesGroup#114

Full Changelog: ThalesGroup/crypto11@v1.4.0...v1.4.1

`v1.4.0`

Compare Source

What's Changed

upgrade to go1.23.6 by @Nicolas-Peiffer in ThalesGroup#116

New Contributors

@Nicolas-Peiffer made their first contribution in ThalesGroup#116

Full Changelog: ThalesGroup/crypto11@v1.3.0...v1.4.0

`v1.3.0`

Compare Source

What's Changed

feature: optimized aes cbc support by @IceManGreen in ThalesGroup#107
RSA support for asymmetric decryption by @IceManGreen in ThalesGroup#115

New Contributors

@IceManGreen made their first contribution in ThalesGroup#107

Full Changelog: ThalesGroup/crypto11@v1.2.1...v1.3.0

alibabacloud-go/openapi-util (github.com/alibabacloud-go/openapi-util)

`v0.1.2`

Compare Source

alibabacloud-go/tea (github.com/alibabacloud-go/tea)

`v1.4.0`

Compare Source

What's Changed

fix: improve DNS robustness and refine timeout logic by @yndu13 in #156

Full Changelog: alibabacloud-go/tea@v1.3.14...v1.4.0

aliyun/credentials-go (github.com/aliyun/credentials-go)

`v1.4.11`

Compare Source

What's Changed

fix: improve OAuth token handling for ChainableRamRoleArn and refresh… by @yndu13 in #153

Full Changelog: aliyun/credentials-go@v1.4.10...v1.4.11

cloudflare/circl (github.com/cloudflare/circl)

`v1.6.3`: CIRCL v1.6.3

Compare Source

CIRCL v1.6.3

Fix a bug on ecc/p384 scalar multiplication.

What's Changed

sign/mldsa: Check opts for nil value by @armfazh in #582
ecc/p384: Point addition must handle point doubling case. by @armfazh in #583
Release CIRCL v1.6.3 by @armfazh in #584

Full Changelog: cloudflare/circl@v1.6.2...v1.6.3

containerd/stargz-snapshotter (github.com/containerd/stargz-snapshotter/estargz)

`v0.18.2`

Compare Source

Notable Changes

Fixed restart failure when kubeconfig-based authentication is enabled (#2217)
Fixed the filesystem to display ".." and "." entries in directories (#2188)
Allowed asynchronous prefetch via configurable threshold (#2216), thanks to @wswsmao
Allowed configuring the global request timeout duration (#2215), thanks to @wswsmao
Allowed optionally adding log file access information on first access (#2205), thanks to @wswsmao
Fixed ctr-remote's "-t" flag's not defined error when optimizing an image (#2186), thanks to @bettermultiply
Fixed ctr-remote's "--reuse" flag being ignored when "--no-optimize" is set (#2206), thanks to @wswsmao
Fixed passthrough mode to ensure closing fds (#2226), thanks to @luochenglcs
Fixed incorrect variable assign in the estargz lib (#2222), thanks to @bettermultiply
Fixed errors in k3s CI (#2207), thanks to @wswsmao

docker/docker-credential-helpers (github.com/docker/docker-credential-helpers)

`v0.9.5`

Compare Source

What's Changed

build(deps): bump actions/checkout from 5 to 6 #395
build(deps): bump actions/upload-artifact from 4 to 6 #398
build(deps): bump softprops/action-gh-release from 2.3.3 to 2.4.1 #391
build(deps): bump softprops/action-gh-release from 2.4.1 to 2.5.0 #397
Dockerfile: remove redundant DEBIAN_FRONTEND=noninteractive #404
Dockerfile: update golangci-lint to v2.8 #402
gha: update some actions to ubuntu 24.04 #401
update to go1.25.2 #392
update to go1.25.5 #399

Full Changelog: docker/docker-credential-helpers@v0.9.4...v0.9.5

emicklei/proto (github.com/emicklei/proto)

`v1.14.3`

Compare Source

googleapis/enterprise-certificate-proxy (github.com/googleapis/enterprise-certificate-proxy)

`v0.3.11`

Compare Source

What's Changed

chore: Update version.txt to v0.3.11 by @agrawalradhika-cell in #176
chore: Update logging in http_proxy to be enabled via ENABLE_ENTERPRSE_CERTIFICATE_LOGS by @agrawalradhika-cell in #175
feat: Update CODEOWNERS to add Radhika and Nolan to ECP code by @agrawalradhika-cell in #166
build(deps): bump golang.org/x/crypto from 0.35.0 to 0.45.0 by @dependabot[bot] in #161
chore(deps): update dependency go to 1.25 by @renovate-bot in #144
fix(deps): update module golang.org/x/sys to v0.40.0 by @renovate-bot in #145
fix(deps): update module golang.org/x/crypto to v0.47.0 by @renovate-bot in #177

New Contributors

@dependabot[bot] made their first contribution in #161

Full Changelog: googleapis/enterprise-certificate-proxy@0.3.10...v0.3.11

`v0.3.9`

Compare Source

What's Changed

Revert "feat: Add logging for ECP such that it is enabled/disabled using ENABLE_ENTERPRISE_CERTIFICATE_LOGS flag" by @agrawalradhika-cell in #168
chore: Remove logging from http_proxy to reduce noise for customers, will add them back later. by @agrawalradhika-cell in #169

Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.8...v0.3.9

`v0.3.8`

Compare Source

What's Changed

feat: Add logging for ECP such that it is enabled/disabled using ENABLE_ENTERPRISE_CERTIFICATE_LOGS flag by @agrawalradhika-cell in #164
chore: Update version.txt to update version to v0.3.8 by @agrawalradhika-cell in #167

New Contributors

@agrawalradhika-cell made their first contribution in #164

Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.7...v0.3.8

in-toto/in-toto-golang (github.com/in-toto/in-toto-golang)

`v0.10.0`

Compare Source

What's Changed

chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot[bot] in #232
Update maintainers and governance by @adityasaky in #233
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot[bot] in #234
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.3 to 2.1.5 by @dependabot[bot] in #235
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot[bot] in #236
Fix expired signature in test by @adityasaky in #241
chore(deps): bump golang.org/x/sys from 0.8.0 to 0.9.0 by @dependabot[bot] in #240
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.6 by @dependabot[bot] in #239
chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot[bot] in #242
chore(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot[bot] in #243
Update GitHub Actions workflows by @adityasaky in #246
chore(deps): bump golang.org/x/sys from 0.9.0 to 0.10.0 by @dependabot[bot] in #245
remove linters that are no longer supported and add to make file by @pxp928 in #249
Add match products feature by @adityasaky in #237
Remove unfinished link on record stop by @PradyumnaKrishna in #248
chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.2 by @dependabot[bot] in #250
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 by @dependabot[bot] in #251
chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 by @dependabot[bot] in #255
Add tests for coverage in envelope.go by @adityasaky in #256
chore(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 by @dependabot[bot] in #257
chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot[bot] in #258
chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot[bot] in #259
Fixes filepath pattern matching in windows by @PradyumnaKrishna in #254
chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot[bot] in #261
chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot[bot] in #262
chore(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 by @dependabot[bot] in #263
chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by @dependabot[bot] in #264
chore(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by @dependabot[bot] in #266
Deprecate Provenance v1 struct in favor of /attestation protobufs by @marcelamelara in #267
chore(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2 by @dependabot[bot] in #269
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot[bot] in #270
Drop use of any for hash objects by @adityasaky in #238
chore(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 by @dependabot[bot] in #271
chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot[bot] in #273
chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot[bot] in #272
chore(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 by @dependabot[bot] in #274
chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot[bot] in #275
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot[bot] in #276
Trigger workflow on pushes only to master branch by @adityasaky in #280
chore(deps): bump golang.org/x/sys from 0.13.0 to 0.14.0 by @dependabot[bot] in #278
chore(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot[bot] in #277
add openssf scorecard by @viveksahu26 in #281
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 by @dependabot[bot] in #282
Fix coveralls, use action by @adityasaky in #285
Secure System Lab Sign/Verify by @Forrin in #279
chore(deps): bump golang.org/x/sys from 0.14.0 to 0.15.0 by @dependabot[bot] in #287
chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot[bot] in #289
chore(deps): bump google.golang.org/grpc from 1.59.0 to 1.60.0 by @dependabot[bot] in #290
chore(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot[bot] in #291
chore(deps): bump google.golang.org/grpc from 1.60.0 to 1.60.1 by @dependabot[bot] in #292
chore(deps): bump github.com/in-toto/attestation from 0.1.1-0.20230828220013-11b7a1a4ca51 to 1.0.1 by @dependabot[bot] in #294
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.7.0 to 0.8.0 by @dependabot[bot] in #293
chore(deps): bump golang.org/x/sys from 0.15.0 to 0.16.0 by @dependabot[bot] in #295
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.6 to 2.1.7 by @dependabot[bot] in #296
chore(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 by @dependabot[bot] in #298
chore(deps): bump golang.org/x/sys from 0.16.0 to 0.17.0 by @dependabot[bot] in #299
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 3.7.1 by @dependabot[bot] in #300
chore(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @dependabot[bot] in #301
chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 by @dependabot[bot] in #302
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot[bot] in #303
chore(deps): bump golang.org/x/sys from 0.17.0 to 0.18.0 by @dependabot[bot] in #304
chore(deps): bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot[bot] in #305
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot[bot] in #306
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot[bot] in #307
chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 by @dependabot[bot] in #308
chore(deps): bump google.golang.org/grpc from 1.62.1 to 1.63.0 by @dependabot[bot] in #310
chore(deps): bump golang.org/x/sys from 0.18.0 to 0.19.0 by @dependabot[bot] in #311
chore(deps): bump google.golang.org/grpc from 1.63.0 to 1.63.2 by @dependabot[bot] in #312
chore(deps): bump github.com/in-toto/attestation from 1.0.1 to 1.0.2 by @dependabot[bot] in #313
Bump Go versions by @adityasaky in #314
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.7 to 2.2.0 by @dependabot[bot] in #309
chore(deps): bump actions/checkout from 4.1.2 to 4.1.4 by @dependabot[bot] in #317
chore(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot[bot] in #318
chore(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot[bot] in #319
chore(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot[bot] in #320
chore(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0 by @dependabot[bot] in #321
chore(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot[bot] in #322
chore(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot[bot] in #324
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot[bot] in #323
chore(deps): bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot[bot] in #325
Fix serialization of SLSA BuildMetadata.InvocationID by @msuozzo in #328
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot[bot] in #330
Added necessary checks for type assertion by @Yaxhveer in #327
chore(deps): bump coverallsapp/github-action from 2.2.3 to 2.3.0 by @dependabot[bot] in #326
chore(deps): bump google.golang.org/grpc from 1.63.2 to 1.64.0 by @dependabot[bot] in #329
chore(deps): bump github.com/in-toto/attestation from 1.0.2 to 1.1.0 by @dependabot[bot] in #331
chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @dependabot[bot] in #337
chore(deps): bump golang.org/x/sys from 0.20.0 to 0.21.0 by @dependabot[bot] in #335
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.2.0 to 2.3.0 by @dependabot[bot] in #338
chore(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot[bot] in #341
chore(deps): bump golang.org/x/sys from 0.21.0 to 0.22.0 by @dependabot[bot] in #340
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot[bot] in #336
chore(deps): bump golang.org/x/sys from 0.22.0 to 0.24.0 by @dependabot[bot] in #344
chore(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot[bot] in #339
chore(deps): bump golang.org/x/sys from 0.24.0 to 0.25.0 by @dependabot[bot] in #346
chore(deps): bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot[bot] in #342
chore(deps): bump google.golang.org/grpc from 1.65.0 to 1.66.0 by @dependabot[bot] in #345
chore(deps): bump google.golang.org/grpc from 1.66.0 to 1.66.1 by @dependabot[bot] in #348
chore(deps): bump google.golang.org/grpc from 1.66.1 to 1.66.2 by @dependabot[bot] in #349
chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot[bot] in #351
chore(deps): bump google.golang.org/grpc from 1.66.2 to 1.67.1 by @dependabot[bot] in #352
chore(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot[bot] in #353
chore(deps): bump coverallsapp/github-action from 2.3.0 to 2.3.1 by @dependabot[bot] in #357
chore(deps): bump coverallsapp/github-action from 2.3.1 to 2.3.2 by @dependabot[bot] in #358
chore(deps): bump coverallsapp/github-action from 2.3.2 to 2.3.3 by @dependabot[bot] in #359
chore(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot[bot] in #360
chore(deps): bump actions/checkout from 4.2.0 to 4.2.2 by @dependabot[bot] in #361
chore(deps): bump coverallsapp/github-action from 2.3.3 to 2.3.4 by @dependabot[bot] in #362
chore(deps): bump golang.org/x/sys from 0.25.0 to 0.27.0 by @dependabot[bot] in #364
chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in #354
Bump versions by @adityasaky in #365
chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 by @dependabot[bot] in #366
chore(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0 by @dependabot[bot] in #367
chore(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1 by @dependabot[bot] in #368
chore(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by @dependabot[bot] in #370
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.8.0 to 0.9.0 by @dependabot[bot] in #372
chore(deps): bump google.golang.org/grpc from 1.68.1 to 1.69.0 by @dependabot[bot] in #371
chore(deps): bump google.golang.org/grpc from 1.69.0 to 1.69.2 by @dependabot[bot] in #373
chore(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0 by @dependabot[bot] in #374
chore(deps): bump google.golang.org/grpc from 1.69.2 to 1.69.4 by @dependabot[bot] in #375
chore(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 by @dependabot[bot] in #376
chore(deps): bump golang.org/x/net from 0.31.0 to 0.33.0 by @dependabot[bot] in #377
chore(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by @dependabot[bot] in #378
chore(deps): bump github.com/in-toto/attestation from 1.1.0 to 1.1.1 by @dependabot[bot] in #380
chore(deps): bump coverallsapp/github-action from 2.3.4 to 2.3.6 by @dependabot[bot] in #381
chore(deps): bump google.golang.org/grpc from 1.69.4 to 1.70.0 by @dependabot[bot] in #379
chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 by @dependabot[bot] in #384
chore(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0 by @dependabot[bot] in #383
chore(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.3.2 by @dependabot[bot] in #386
chore(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.4.1 by @dependabot[bot] in #388
chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by @dependabot[bot] in #390
chore(deps): bump github.com/go-jose/go-jose/v4 from

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

red-hat-konflux · 2026-01-29T17:35:16Z

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: github.com/ThalesIgnite/crypto11@v1.6.0: parsing go.mod:
	module declares its path as: github.com/ThalesGroup/crypto11
	        but was required as: github.com/ThalesIgnite/crypto11

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

red-hat-konflux bot added the dependencies label Jan 29, 2026

red-hat-konflux bot force-pushed the konflux/mintmaker/main/go-deps branch 19 times, most recently from 18b6f4d to d2593d3 Compare February 5, 2026 18:37

red-hat-konflux bot force-pushed the konflux/mintmaker/main/go-deps branch 9 times, most recently from 1d44f5f to 6e98437 Compare February 8, 2026 21:25

red-hat-konflux bot force-pushed the konflux/mintmaker/main/go-deps branch from 6e98437 to cdb1107 Compare February 9, 2026 01:19

chore(deps): update go dependencies

c13a8c8

Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>

red-hat-konflux bot force-pushed the konflux/mintmaker/main/go-deps branch from cdb1107 to c13a8c8 Compare February 9, 2026 06:31

JasonPowr force-pushed the konflux/mintmaker/main/go-deps branch from 78c2416 to 97c6e95 Compare February 9, 2026 11:05

deps: run go mod tidy

f8af2da

JasonPowr force-pushed the konflux/mintmaker/main/go-deps branch from 97c6e95 to f8af2da Compare February 9, 2026 11:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update go dependencies#88

chore(deps): update go dependencies#88
red-hat-konflux[bot] wants to merge 2 commits intomainfrom
konflux/mintmaker/main/go-deps

red-hat-konflux bot commented Jan 29, 2026 •

edited

Loading

Uh oh!

red-hat-konflux bot commented Jan 29, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

red-hat-konflux bot commented Jan 29, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Evaluator

cmd/cue

Encodings

v0.55.0: v1.31.0/v0.55.0

What's Changed

What's Changed

What's Changed

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

What's Changed

v1.6.3: CIRCL v1.6.3

CIRCL v1.6.3

What's Changed

Notable Changes

What's Changed

What's Changed

New Contributors

What's Changed

What's Changed

New Contributors

What's Changed

Configuration

Documentation

Uh oh!

red-hat-konflux bot commented Jan 29, 2026

⚠️ Artifact update problem

File name: go.sum

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

red-hat-konflux bot commented Jan 29, 2026 •

edited

Loading

`cmd/cue`

`v0.55.0`: v1.31.0/v0.55.0

`v1.6.3`: CIRCL v1.6.3