build(deps): bump the go-deps group across 1 directory with 12 updates #1873

dependabot · 2025-08-17T16:52:39Z

Bumps the go-deps group with 10 updates in the / directory:

Package	From	To
github.com/fluxcd/pkg/git/gogit	`0.38.0`	`0.39.0`
github.com/fluxcd/pkg/helmtestserver	`0.26.0`	`0.27.0`
github.com/fluxcd/pkg/oci	`0.52.0`	`0.53.0`
github.com/minio/minio-go/v7	`7.0.94`	`7.0.95`
github.com/onsi/gomega	`1.37.0`	`1.38.0`
github.com/prometheus/client_golang	`1.22.0`	`1.23.0`
github.com/sigstore/cosign/v2	`2.5.2`	`2.5.3`
github.com/spf13/pflag	`1.0.6`	`1.0.7`
golang.org/x/crypto	`0.40.0`	`0.41.0`
google.golang.org/api	`0.241.0`	`0.247.0`

Updates github.com/fluxcd/pkg/git/gogit from 0.38.0 to 0.39.0

Commits

bd579fc Merge pull request #802 from fluxcd/k8s-1.31-internal
c06927b Update internal packages
be8df7e Merge pull request #801 from fluxcd/k8s-1.31
76035f8 Update Helm to v3.15.4
3f5cf4c Build with Go 1.23
4b90241 Update dependencies to Kubernetes v1.31.0
0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
6bf4bad build(deps): bump the ci group with 4 updates
968f190 Merge pull request #795 from fluxcd/dependabot/github_actions/ci-8fa51b1870
bce8cab build(deps): bump the ci group across 1 directory with 8 updates
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/gittestserver from 0.18.0 to 0.19.0

Commits

e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
2b974af Update sigs.k8s.io/controller-tools to v0.15.0
52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
c906252 Update dependencies to Kubernetes 1.30
92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
ccb916a build(deps): bump the ci group with 3 updates
6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
abf5675 kustomize: Add support for namePrefix and nameSuffix
98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
efcd824 build(deps): bump docker/setup-buildx-action in the ci group
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/helmtestserver from 0.26.0 to 0.27.0

Commits

7e9c75b Merge pull request #913 from fluxcd/update-deps-internal-k8s-1.33
9d7ac7b Update internal dependencies
7a0e0e2 Merge pull request #903 from fluxcd/dependabot/github_actions/ci-eefd586f05
0b69606 build(deps): bump the ci group across 1 directory with 12 updates
1b76ef3 Merge pull request #912 from fluxcd/k8s-1.33
bcb62f2 Update to Kubernetes 1.33.0 and Go 1.24.0
See full diff in compare view

Updates github.com/fluxcd/pkg/oci from 0.52.0 to 0.53.0

Commits

74ade96 Merge pull request #1010 from fluxcd/int-tests
65cd49c Prepare for release
c7e0128 tests: move testdata to tests/testdata
c5a640c tests: move integration tests to tests/integration
f8a54d7 Merge pull request #1009 from fluxcd/auth-envs
52c5ff2 Prepare for release
0179627 auth: test registry with lockdown
97eaca1 auth: ensure that decryption default sa is ignored
d3cd6ac auth: fix t scope for t.Cleanup calls
6c8189e auth: eliminate unreasonable use of env vars
Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/testserver from 0.11.0 to 0.12.0

Commits

bf62fd3 Merge pull request #550 from fluxcd/push-to-ref
adda160 git: add PushConfig.Force for force pushing
39b978a gogit: rename CloneOptions to CloneConfig for consistency
88da1a6 git: add support for specifying refspecs for a push
e0c94db Merge pull request #553 from fluxcd/int-cleanup-gcp
c87edab Add integration test resource cleanup workflow
c5096c2 Merge pull request #552 from fluxcd/oci-test-buildx
1013011 oci/test: update docker build command for buildx
b21e269 Merge pull request #551 from fluxcd/cloud-e2e-workflow-secret
7f01962 workflows: Update GCP & AZ secret names
Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.94 to 7.0.95

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix Release

What's Changed

test: add test for PresignedPostPolicy with empty fileName by @jiuker in minio/minio-go#2119

fix: prefix should use stringLike when new a bucketPolicy (2) by @mannreis in minio/minio-go#2124

update all deps by @harshavardhana in minio/minio-go#2125

set checksum headers requested properly by @harshavardhana in minio/minio-go#2130

fix: missing append() API behavior by @harshavardhana in minio/minio-go#2131

extend more missing headers for PartUploads by @harshavardhana in minio/minio-go#2132

fix: explicitly use UTC for expiration field when marshaling PostPolicy by @qwwqe in minio/minio-go#2135

fix: DurationSeconds is a QueryValues not a Form data (#2128) by @vlaborie in minio/minio-go#2129

make sure to avoid closing the input reader by @harshavardhana in minio/minio-go#2137

New Contributors

@mannreis made their first contribution in minio/minio-go#2124

@qwwqe made their first contribution in minio/minio-go#2135

@vlaborie made their first contribution in minio/minio-go#2129

Full Changelog: minio/minio-go@v7.0.94...v7.0.95

Commits

bd91926 make sure to avoid closing the input reader (#2137)
94f7e5e fix: DurationSeconds is a QueryValues not a Form data (#2128) (#2129)
456f9b2 fix: explicitly use UTC for expiration field when marshaling PostPolicy (#2135)
beae4df setting multiple keys to trailer is not allowed
6358be6 extend more missing headers for PartUploads (#2132)
bab3180 fix: missing append() API behavior (#2131)
8a07725 set checksum headers requested properly (#2130)
9b18e49 update all deps (#2125)
68615a3 fix: prefix should use stringLike when new a bucketPolicy (2) (#2124)
8eacd80 test: add test for PresignedPostPolicy with empty fileName (#2119)
Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.37.0 to 1.38.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.0

1.38.0

Features

gstruct handles extra unexported fields [4ee7ed0]

Fixes

support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]

Fix typo [acd1f55]

Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]

Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]

Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]

Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]

Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]

Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]

Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.0

Features

gstruct handles extra unexported fields [4ee7ed0]

Fixes

support [] in IgnoringTopFunction function signatures (#851) [36bbf72]

Maintenance

Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846) [529d408]

Fix typo [acd1f55]

Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835) [bae65a0]

Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842) [8dda91f]

Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843) [212d812]

Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839) [59bd7f9]

Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834) [328c729]

Bump uri from 1.0.2 to 1.0.3 in /docs (#826) [9a798a1]

Bump golang.org/x/net from 0.37.0 to 0.39.0 (#841) [04a72c6]

Commits

c1237df v1.38.0
36bbf72 support [] in IgnoringTopFunction function signatures (#851)
4ee7ed0 gstruct handles extra unexported fields
529d408 Bump golang.org/x/net from 0.40.0 to 0.41.0 (#846)
acd1f55 Fix typo
bae65a0 Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 (#835)
8dda91f Bump nokogiri from 1.18.4 to 1.18.8 in /docs (#842)
212d812 Bump golang.org/x/net from 0.39.0 to 0.40.0 (#843)
59bd7f9 Bump github.com/onsi/ginkgo/v2 from 2.23.3 to 2.23.4 (#839)
328c729 Bump nokogiri from 1.18.1 to 1.18.4 in /docs (#834)
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.22.0 to 1.23.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.0 - 2025-07-30

[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812

[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766

[FEATURE] Add exemplars for native histograms #1686

[ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823

[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833

[BUGFIX] exp/api: client prompt return on context cancellation #1729

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.0 / 2025-07-30

[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812

[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766

[FEATURE] Add exemplars for native histograms #1686

[ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823

[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833

[BUGFIX] exp/api: client prompt return on context cancellation #1729

Commits

e4b2208 Cut v1.23.0 (#1848)
d9492af cut v1.23.0-rc.1 (#1842)
aeae8a0 Cut v1.23.0-rc.0 (#1837)
b157309 Update common Prometheus files (#1832)
a704e28 build(deps): bump the github-actions group with 3 updates (#1826)
c774311 Fix errNotImplemented reference (#1835)
db4db7b Update runtime metrics for Go v1.23 and v1.24 (#1833)
99d380e Update common Prometheus files (#1831)
f3ef320 Merge pull request #1828 from prometheus/dependabot/go_modules/exp/github.com...
520c91a build(deps): bump github.com/prometheus/common in /exp
Additional commits viewable in compare view

Updates github.com/sigstore/cosign/v2 from 2.5.2 to 2.5.3

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.5.3

Changelog

488ef8ceed5ab5d77379e9077a124a0d0df41d06 Add signing-config create command (#4280)

722207e0059efea600a7c03ea4ff6caa889d84d3 Allow multiple services to be specified for trusted-root create (#4285)

2ee22fcdf520a984281ff0195be89810a952280c force when copying the latest image to overwrite (#4298)

86560e15eb407f7fa2ddddc7d9dbc4ba33cff635 Fix cert verification logic for trusted-root/SCTs (#4294)

9f3b013feb3d46c8ee6d5539e7b13eb736ba14ce Fix lint error for types package (#4295)

3b3c0fc20b621ed148b3efea00204f67bfda039d feat: Add OCI 1.1+ experimental support to tree (#4205)

49c8d784a78d298d0eef1f9898d70eb2d0f07536 Add validity period end for trusted-root create (#4271)

ba8214ec0c6e50ef8c4e4272a16ccfacf5f3147d avoid double-loading trustedroot from file (#4264)

Thanks to all contributors!

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.5.3

Features

Add signing-config create command (#4280)

Allow multiple services to be specified for trusted-root create (#4285)

feat: Add OCI 1.1+ experimental support to tree (#4205)

Add validity period end for trusted-root create (#4271)

Bug Fixes

Fix cert verification logic for trusted-root/SCTs (#4294)

force when copying the latest image to overwrite (#4298)

avoid double-loading trustedroot from file (#4264)

Commits

488ef8c Add signing-config create command (#4280)
722207e Allow multiple services to be specified for trusted-root create (#4285)
e31d70b bump go-github to v73 (#4297)
2ee22fc force when copying the latest image to overwrite (#4298)
86560e1 Fix cert verification logic for trusted-root/SCTs (#4294)
9f3b013 Fix lint error for types package (#4295)
34f0ff9 chore(deps): bump github.com/buildkite/agent/v3 from 3.101.0 to 3.102.1 (#4288)
b2b9462 chore(deps): bump github.com/sigstore/protobuf-specs from 0.4.3 to 0.5.0 (#4289)
60d47a0 chore(deps): bump google.golang.org/api from 0.240.0 to 0.241.0 (#4291)
5dac117 chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 (#4293)
Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.6 to 1.0.7

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.7

What's Changed

Fix defaultIsZeroValue check for generic Value types by @MidnightRocket in spf13/pflag#422

feat: Use structs for errors returned by pflag. by @eth-p in spf13/pflag#425

Fix typos by @co63oc in spf13/pflag#428

fix #423 : Add helper function and some documentation to parse shorthand go test flags. by @valdar in spf13/pflag#424

add support equivalent to golang flag.TextVar(), also fixes the test failure as described in #368 by @hujun-open in spf13/pflag#418

add support for Func() and BoolFunc() #426 by @LeGEC in spf13/pflag#429

fix: correct argument length check in FlagSet.Parse by @ShawnJeffersonWang in spf13/pflag#409

fix usage message for func flags, fix arguments order by @LeGEC in spf13/pflag#431

Add support for time.Time flags by @max-frank in spf13/pflag#348

New Contributors

@MidnightRocket made their first contribution in spf13/pflag#422

@eth-p made their first contribution in spf13/pflag#425

@co63oc made their first contribution in spf13/pflag#428

@valdar made their first contribution in spf13/pflag#424

@hujun-open made their first contribution in spf13/pflag#418

@LeGEC made their first contribution in spf13/pflag#429

@ShawnJeffersonWang made their first contribution in spf13/pflag#409

@max-frank made their first contribution in spf13/pflag#348

Full Changelog: spf13/pflag@v1.0.6...v1.0.7

Commits

f9cbdd9 Merge pull request #348 from max-frank/add-time-flag-support
e3be2eb Reduce duplication by forwarding to sibling functions
7cc25e3 Don't export TimeValue (yet)
d15848d Remove unnecessary time test stderr dev null redirect
c5ce22e Use time.Time for expectations in time flag tests
1992c5a Add support for time.Time flags
1c62fb2 Merge pull request #431 from LeGEC/430-fix-usage-message-for-func-flags
1a4b5b2 fix discrepancy in order of arguments for Func() and BoolFunc() #433
4730aa0 fix help message for Func and BoolFunc flags #430
f4c97c2 minor: fix typos in comments
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.40.0 to 0.41.0

Commits

ef5341b go.mod: update golang.org/x dependencies
b999374 acme: fix pebble subprocess output data race
c247dea x509roots/fallback: store bundle certs directly in DER
1fda731 acme: increase pebble test waitForServer attempts
1b4c3d2 x509roots/fallback: update bundle
b903b53 acme: capture pebble test subprocess stdout/stderr
See full diff in compare view

Updates google.golang.org/api from 0.241.0 to 0.247.0

Release notes

Sourced from google.golang.org/api's releases.

v0.247.0

0.247.0 (2025-08-11)

Features

all: Auto-regenerate discovery clients (#3264) (82513ca)

all: Auto-regenerate discovery clients (#3266) (e57e8b1)

all: Auto-regenerate discovery clients (#3267) (10c5490)

all: Auto-regenerate discovery clients (#3268) (2dbf1ac)

all: Auto-regenerate discovery clients (#3270) (23a4031)

v0.246.0

0.246.0 (2025-08-06)

Features

all: Auto-regenerate discovery clients (#3261) (b792200)

Bug Fixes

idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

v0.245.0

0.245.0 (2025-08-05)

Features

all: Auto-regenerate discovery clients (#3252) (0716728)

all: Auto-regenerate discovery clients (#3254) (702998a)

all: Auto-regenerate discovery clients (#3255) (0f10366)

all: Auto-regenerate discovery clients (#3256) (83176a9)

all: Auto-regenerate discovery clients (#3257) (efc3371)

all: Auto-regenerate discovery clients (#3259) (bf38d3a)

Bug Fixes

gensupport: Fix transferChunk race condition by returning response with non-cancelled context. (#3258) (091d422)

v0.244.0

0.244.0 (2025-07-30)

Features

all: Auto-regenerate discovery clients (#3241) (2c20485)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.247.0 (2025-08-11)

Features

all: Auto-regenerate discovery clients (#3264) (82513ca)

all: Auto-regenerate discovery clients (#3266) (e57e8b1)

all: Auto-regenerate discovery clients (#3267) (10c5490)

all: Auto-regenerate discovery clients (#3268) (2dbf1ac)

all: Auto-regenerate discovery clients (#3270) (23a4031)

0.246.0 (2025-08-06)

Features

all: Auto-regenerate discovery clients (#3261) (b792200)

Bug Fixes

idtoken: Don't assume DefaultTransport is a http.Transport (#3263) (61fba51), refs #3260

0.245.0 (2025-08-05)

Features

all: Auto-regenerate discovery clients (#3252) (0716728)

all: Auto-regenerate discovery clients (#3254) (702998a)

all: Auto-regenerate discovery clients (#3255) (0f10366)

all: Auto-regenerate discovery clients (#3256) (83176a9)

all: Auto-regenerate discovery clients (#3257) (efc3371)

all: Auto-regenerate discovery clients (#3259) (bf38d3a)

Bug Fixes

gensupport: Fix transferChunk race condition by returning response with non-cancelled context. (#3258) (091d422)

0.244.0 (2025-07-30)

Features

all: Auto-regenerate discovery clients (#3241) (2c20485)

all: Auto-regenerate discovery clients (#3243) (cac72a1)

all: Auto-regenerate discovery clients (#3244) (e6b1c87)

all: Auto-regenerate discovery clients (#3245) (2c1ff18)

all: Auto-regenerate discovery clients (#3247) (09e5c07)

... (truncated)

Commits

56a3682 chore(main): release 0.247.0 (#3265)
fbed808 chore(all): update all (#3269)
23a4031 feat(all): auto-regenerate discovery clients (#3270)
2dbf1ac feat(all): auto-regenerate discovery clients (#3268)
10c5490 feat(all): auto-regenerate discovery clients (#3267)
e57e8b1 feat(all): auto-regenerate discovery clients (#3266)
82513ca feat(all): auto-regenerate discovery clients (#3264)
3341cca chore(main): release 0.246.0 (#3262)
61fba51 fix(idtoken): don't assume DefaultTransport is a http.Transport (#3263)
b792200 feat(all): auto-regenerate discovery clients (#3261)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/fluxcd/pkg/git/gogit](https://github.com/fluxcd/pkg) | `0.38.0` | `0.39.0` | | [github.com/fluxcd/pkg/helmtestserver](https://github.com/fluxcd/pkg) | `0.26.0` | `0.27.0` | | [github.com/fluxcd/pkg/oci](https://github.com/fluxcd/pkg) | `0.52.0` | `0.53.0` | | [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.94` | `7.0.95` | | [github.com/onsi/gomega](https://github.com/onsi/gomega) | `1.37.0` | `1.38.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.22.0` | `1.23.0` | | [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) | `2.5.2` | `2.5.3` | | [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.6` | `1.0.7` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.40.0` | `0.41.0` | | [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.241.0` | `0.247.0` | Updates `github.com/fluxcd/pkg/git/gogit` from 0.38.0 to 0.39.0 - [Commits](fluxcd/pkg@oci/v0.38.0...oci/v0.39.0) Updates `github.com/fluxcd/pkg/gittestserver` from 0.18.0 to 0.19.0 - [Commits](fluxcd/pkg@git/v0.18.0...git/v0.19.0) Updates `github.com/fluxcd/pkg/helmtestserver` from 0.26.0 to 0.27.0 - [Commits](fluxcd/pkg@git/v0.26.0...git/v0.27.0) Updates `github.com/fluxcd/pkg/oci` from 0.52.0 to 0.53.0 - [Commits](fluxcd/pkg@oci/v0.52.0...oci/v0.53.0) Updates `github.com/fluxcd/pkg/testserver` from 0.11.0 to 0.12.0 - [Commits](fluxcd/pkg@git/v0.11.0...git/v0.12.0) Updates `github.com/minio/minio-go/v7` from 7.0.94 to 7.0.95 - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](minio/minio-go@v7.0.94...v7.0.95) Updates `github.com/onsi/gomega` from 1.37.0 to 1.38.0 - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.37.0...v1.38.0) Updates `github.com/prometheus/client_golang` from 1.22.0 to 1.23.0 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.22.0...v1.23.0) Updates `github.com/sigstore/cosign/v2` from 2.5.2 to 2.5.3 - [Release notes](https://github.com/sigstore/cosign/releases) - [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md) - [Commits](sigstore/cosign@v2.5.2...v2.5.3) Updates `github.com/spf13/pflag` from 1.0.6 to 1.0.7 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.6...v1.0.7) Updates `golang.org/x/crypto` from 0.40.0 to 0.41.0 - [Commits](golang/crypto@v0.40.0...v0.41.0) Updates `google.golang.org/api` from 0.241.0 to 0.247.0 - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.241.0...v0.247.0) --- updated-dependencies: - dependency-name: github.com/fluxcd/pkg/git/gogit dependency-version: 0.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/gittestserver dependency-version: 0.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/helmtestserver dependency-version: 0.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/oci dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fluxcd/pkg/testserver dependency-version: 0.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/minio/minio-go/v7 dependency-version: 7.0.95 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: github.com/onsi/gomega dependency-version: 1.38.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/sigstore/cosign/v2 dependency-version: 2.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: github.com/spf13/pflag dependency-version: 1.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps - dependency-name: golang.org/x/crypto dependency-version: 0.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: google.golang.org/api dependency-version: 0.247.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency label Aug 17, 2025

dependabot bot force-pushed the dependabot/go_modules/go-deps-4dec771c65 branch from 99898b3 to 74e4bbe Compare August 22, 2025 09:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the go-deps group across 1 directory with 12 updates #1873

build(deps): bump the go-deps group across 1 directory with 12 updates #1873

Uh oh!

dependabot bot commented on behalf of github Aug 17, 2025 •

edited

Loading

Uh oh!

Uh oh!

build(deps): bump the go-deps group across 1 directory with 12 updates #1873

Are you sure you want to change the base?

build(deps): bump the go-deps group across 1 directory with 12 updates #1873

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 17, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Bugfix Release

What's Changed

New Contributors

v1.38.0

1.38.0

Features

Fixes

Maintenance

1.38.0

Features

Fixes

Maintenance

v1.23.0 - 2025-07-30

1.23.0 / 2025-07-30

v2.5.3

Changelog

Thanks to all contributors!

v2.5.3

Features

Bug Fixes

v1.0.7

What's Changed

New Contributors

v0.247.0

0.247.0 (2025-08-11)

Features

v0.246.0

0.246.0 (2025-08-06)

Features

Bug Fixes

v0.245.0

0.245.0 (2025-08-05)

Features

Bug Fixes

v0.244.0

0.244.0 (2025-07-30)

Features

0.247.0 (2025-08-11)

Features

0.246.0 (2025-08-06)

Features

Bug Fixes

0.245.0 (2025-08-05)

Features

Bug Fixes

0.244.0 (2025-07-30)

Features

Uh oh!

Uh oh!

dependabot bot commented on behalf of github Aug 17, 2025 •

edited

Loading