chore(deps): update all dependencies

[renovate]

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

---

This PR contains the following updates:

Package	Type	Update	Change	Pending	Age	Confidence
actions/cache	action	minor	v4.2.4 -> v4.3.0
aquasecurity/trivy-action	action	minor	0.32.0 -> 0.33.1
docker/login-action	action	minor	v3.5.0 -> v3.6.0
gcr.io/distroless/static	final	digest	2e114d2 -> 87bce11
github.com/kube-logging/logging-operator	require	digest	904ded1 -> 0fad6c6
github.com/kube-logging/telemetry-controller	require	digest	80d5c84 -> c2bf45b
github.com/onsi/gomega	require	patch	v1.38.1 -> v1.38.2
github.com/prometheus/client_golang	require	patch	v1.23.0 -> v1.23.2
github.com/spf13/cast	require	minor	v1.9.2 -> v1.10.0
github.com/stern/stern		minor	1.32.0 -> 1.33.0
github.com/stretchr/testify	require	patch	v1.11.0 -> v1.11.1
github.com/vladopajic/go-test-coverage/v2		minor	2.16.0 -> 2.17.0
github/codeql-action	action	minor	v3.29.11 -> v3.30.6
golang		patch	1.25.0 -> 1.25.1
golang.org/x/exp	require	digest	8b4c13b -> 27f1f14
golang.org/x/net	require	minor	v0.43.0 -> v0.44.0
golangci/golangci-lint		minor	2.4.0 -> 2.5.0
helm.sh/helm/v3	require	minor	v3.18.6 -> v3.19.0
k8s.io/api	require	patch	v0.33.4 -> v0.33.5	v0.34.1 (+1)
k8s.io/apiextensions-apiserver	require	patch	v0.33.4 -> v0.33.5	v0.34.1 (+1)
k8s.io/apimachinery	require	patch	v0.33.4 -> v0.33.5	v0.34.1 (+1)
k8s.io/client-go	require	patch	v0.33.4 -> v0.33.5	v0.34.1 (+1)
kubernetes-sigs/controller-tools		minor	0.18.0 -> 0.19.0
kubernetes-sigs/kubebuilder		minor	4.7.1 -> 4.9.0
rdkafka (source, changelog)		minor	'0.22.2' -> '0.23.1'
sigs.k8s.io/controller-runtime	require	minor	v0.21.0 -> v0.22.1
sigstore/cosign-installer	action	minor	v3.9.2 -> v3.10.0
vladopajic/go-test-coverage	action	minor	v2.16.0 -> v2.17.0

---

Release Notes

actions/cache (actions/cache)

v4.3.0

Compare Source

What's Changed

• Add note on runner versions by @​GhadimiR in #​1642
• Prepare v4.3.0 release by @​Link- in #​1655

New Contributors

• @​GhadimiR made their first contribution in #​1642

Full Changelog: actions/cache@v4...v4.3.0

aquasecurity/trivy-action (aquasecurity/trivy-action)

v0.33.1

Compare Source

What's Changed

• Update setup-trivy action to version v0.2.4 by @​martincostello in #​486

Full Changelog: aquasecurity/trivy-action@0.33.0...0.33.1

v0.33.0

Compare Source

What's Changed

• Update dependencies in README by @​ibakshay in #​378
• doc: correct sbom fs scan by @​yxtay in #​458
• Pin actions/cache by SHA by @​martincostello in #​480
• chore(ci): Add oras to correctly setup sync jobs by @​simar7 in #​482
• chore(deps): Update trivy to v0.65.0 by @​aqua-bot in #​481

New Contributors

• @​ibakshay made their first contribution in #​378
• @​yxtay made their first contribution in #​458
• @​martincostello made their first contribution in #​480

Full Changelog: aquasecurity/trivy-action@0.32.0...0.33.0

docker/login-action (docker/login-action)

v3.6.0

Compare Source

• Add registry-auth input for raw authentication to registries by @​crazy-max in #​887
• Bump @​aws-sdk/client-ecr to 3.890.0 in #​882 #​890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in #​882 #​890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in #​883
• Bump brace-expansion from 1.1.11 to 1.1.12 in #​880
• Bump undici from 5.28.4 to 5.29.0 in #​879
• Bump tmp from 0.2.3 to 0.2.4 in #​881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

onsi/gomega (github.com/onsi/gomega)

v1.38.2

Compare Source

1.38.2

• roll back to go 1.23.0 [c404969]

prometheus/client_golang (github.com/prometheus/client_golang)

v1.23.2: - 2025-09-05

Compare Source

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

All Changes

• [release-1.23] Upgrade to prometheus/common@​v0.66.1 by @​aknuds1 in #​1869
• [release-1.23] Cut v1.23.2 by @​aknuds1 in #​1870

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1: - 2025-09-04

Compare Source

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

All Changes

• [release-1.23] Upgrade to prometheus/common v0.66 by @​aknuds1 in #​1866
• [release-1.23] Cut v1.23.1 by @​aknuds1 in #​1867

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

spf13/cast (github.com/spf13/cast)

v1.10.0

Compare Source

What's Changed

• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​dependabot[bot] in #​275
• build(deps): bump github/codeql-action from 3.28.18 to 3.28.19 by @​dependabot[bot] in #​277
• build(deps): bump github/codeql-action from 3.28.19 to 3.29.5 by @​dependabot[bot] in #​289
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.10 by @​dependabot[bot] in #​296
• build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @​dependabot[bot] in #​295
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in #​293
• build(deps): bump github/codeql-action from 3.29.10 to 3.30.1 by @​dependabot[bot] in #​301
• build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in #​300
• build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 by @​dependabot[bot] in #​298
• Always return empty map instead of nil when conversion fails by @​andig in #​283

New Contributors

• @​andig made their first contribution in #​283

Full Changelog: spf13/cast@v1.9.2...v1.10.0

stern/stern (github.com/stern/stern)

v1.33.0

Compare Source

⚡ Notable Changes

New template variables Labels and Annotations

You can now use Labels and Annotations in your templates.

stern -n kube-system -l component --template '{{printf "%-25s %s" .Labels.component .Message}}{{"\n"}}'

Changes

• Update dependencies for Kubernetes 1.34 (#​349) d6a0679 (Takashi Kusumi)
• Fix asdf installation typo (#​348) 5946e7f (Guruprasad Bhat)
• 338: fix: move highlighting after formatting (#​339) 6d915a8 (Peter)
• Add support for labels & annotations in templates (#​344) 3cd85b4 (Nicholas Hurden)

stretchr/testify (github.com/stretchr/testify)

v1.11.1

Compare Source

This release fixes #​1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

• Backport #​1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @​brackendawson in #​1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

vladopajic/go-test-coverage (github.com/vladopajic/go-test-coverage/v2)

v2.17.0

Compare Source

What's Changed

• feat: force comment on coverage-ignore annotation by @​tino-alfaneti in #​222

New Contributors

• @​tino-alfaneti made their first contribution in #​222

Full Changelog: vladopajic/go-test-coverage@v2.16.1...v2.17.0

v2.16.1

Compare Source

What's Changed

• dependencies version bumps

New Contributors

• @​yshngg made their first contribution in #​209

Full Changelog: vladopajic/go-test-coverage@v2.16.0...v2.16.1

github/codeql-action (github/codeql-action)

v3.30.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #​3168

See the full CHANGELOG.md for more information.

v3.30.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #​3160

See the full CHANGELOG.md for more information.

v3.30.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #​3099 and #​3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #​3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #​3130
• Update default CodeQL bundle version to 2.23.1. #​3118

See the full CHANGELOG.md for more information.

v3.30.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.3 - 10 Sep 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.2 - 09 Sep 2025

• Fixed a bug which could cause language autodetection to fail. #​3084
• Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #​3064

See the full CHANGELOG.md for more information.

v3.30.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.1 - 05 Sep 2025

• Update default CodeQL bundle version to 2.23.0. #​3077

See the full CHANGELOG.md for more information.

v3.30.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.0 - 01 Sep 2025

• Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. #​3054

See the full CHANGELOG.md for more information.

golang/go (golang)

v1.25.1

Compare Source

golangci/golangci-lint (golangci/golangci-lint)

v2.5.0

Compare Source

1. New linters
   • Add godoclint linter https://github.com/godoc-lint/godoc-lint
   • Add unqueryvet linter https://github.com/MirrexOne/unqueryvet
   • Add iotamixing linter https://github.com/AdminBenni/iota-mixing
2. Linters new features or changes
   • embeddedstructfieldcheck: from 0.3.0 to 0.4.0 (new option: empty-line)
   • err113: from aea10b5 to 0.1.1 (skip internals of Is methods for error type)
   • ginkgolinter: from 0.20.0 to 0.21.0 (new option: force-tonot)
   • gofumpt: from 0.8.0 to 0.9.1 (new rule is to "clothe" naked returns for the sake of clarity)
   • ineffassign: from 0.1.0 to 0.2.0 (new option: check-escaping-errors)
   • musttag: from 0.13.1 to 0.14.0 (support interface methods)
   • revive: from 1.11.0 to 1.12.0 (new options: identical-ifelseif-branches, identical-ifelseif-conditions, identical-switch-branches, identical-switch-conditions, package-directory-mismatch, unsecure-url-scheme, use-waitgroup-go, useless-fallthrough)
   • thelper: from 0.6.3 to 0.7.1 (skip t.Helper in functions passed to synctest.Test)
   • wsl: from 5.1.1 to 5.2.0 (improvements related to subexpressions)
3. Linters bug fixes
   • asciicheck: from 0.4.1 to 0.5.0
   • errname: from 1.1.0 to 1.1.1
   • fatcontext: from 0.8.0 to 0.8.1
   • go-printf-func-name: from 0.1.0 to 0.1.1
   • godot: from 1.5.1 to 1.5.4
   • gosec: from 2.22.7 to 2.22.8
   • nilerr: from 0.1.1 to a temporary fork
   • nilnil: from 1.1.0 to 1.1.1
   • protogetter: from 0.3.15 to 0.3.16
   • tagliatelle: from 0.7.1 to 0.7.2
   • testifylint: from 1.6.1 to 1.6.4
4. Misc.
   • fix: "no export data" errors are now handled as a standard typecheck error
5. Documentation
   • Improve nolint section about syntax

helm/helm (helm.sh/helm/v3)

v3.19.0: Helm v3.19.0

Compare Source

Helm v3.19.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Fixed a helm pull regression from 3.18 - error pulling OCI charts with --password #​31230
• Fixed a helm lint regression from Helm 3.18 - rejected JSON Schema $ref URLs that worked in 3.17.x #​31166
• Fixed go mod tidy #​31154
• Fixed k8s version parsing not matching original #​31091
• Fixed charts failing when using a redirect registry #​31087
• Fixed missing debug logging for OCI transport
• Fixed broken legacy docker support for login #​30941
• Fixed bugs from the move to ORAS v2
• Fixed processing all hook deletions on failure #​30673
• Feature for helm create added httproute from gateway-api to create chart template #​30658

Installation and Upgrading

Download Helm v3.19.0. The common platform binaries are here:

• MacOS amd64 (checksum / 09a108c0abda42e45af172be65c49125354bf7cd178dbe10435e94540e49c7b9)
• MacOS arm64 (checksum / 31513e1193da4eb4ae042eb5f98ef9aca7890cfa136f4707c8d4f70e2115bef6)
• Linux amd64 (checksum / a7f81ce08007091b86d8bd696eb4d86b8d0f2e1b9f6c714be62f82f96a594496)
• Linux arm (checksum / 8708367b8e8bed9bdf8429bb57536e4223cdca96245dffc205cb0cb670b151f4)
• Linux arm64 (checksum / 440cf7add0aee27ebc93fada965523c1dc2e0ab340d4348da2215737fc0d76ad)
• Linux i386 (checksum / ca0329cd1b09267e7c63c563e32462265949c31512b537dd6615d0b5190040fc)
• Linux ppc64le (checksum / f57ea04d7fa62cc3e90a831eb67edb1400c810df6083875bee3a7c195a795ce4)
• Linux s390x (checksum / 0dff2f249f71690e3b420ebb5efc573eb26a51b4a614c4391c8c7fa3e47863f2)
• Linux riscv64 (checksum / 978af545a3d72a253ce1d4c03c9febb509a239a48b2581107e548883ab61a227)
• Windows amd64 (checksum / 6488630c2e5d5945ed990fa02fd9e99f9c6792cdbcd79eb264b6cfb90179d2d1)
• Windows arm64 (checksum / 488f7530a1776da1b46b14e988bf305c9d7419c78e7e73aeb92f198a41c9ef6b)

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.19.1 will contain only bug fixes.
• 3.20.0 is the next feature release.

Changelog

• bump version to v3.19.0 3d8990f (Scott Rigby)
• fix: use username and password if provided 9a54bf1 (Evans Mungai)
• chore(deps): bump the k8s-io group with 7 updates 5af0f68 (dependabot[bot])
• chore(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.1 e485606 (dependabot[bot])
• chore(deps): bump github.com/stretchr/testify from 1.11.0 to 1.11.1 6355c3d (dependabot[bot])
• chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 ec61f66 (dependabot[bot])
• fix(helm-lint): fmt b278020 (Isaiah Lewis)
• fix(helm-lint): Add TLSClientConfig d33ac5e (Isaiah Lewis)
• fix(helm-lint): Add HTTP/HTTPS URL support for json schema references 8543709 (Isaiah Lewis)
• chore(deps): bump the k8s-io group with 7 updates 89a3f90 (dependabot[bot])
• fix: go mod tidy for v3 da4c583 (Terry Howe)
• chore(deps): bump golang.org/x/crypto from 0.40.0 to 0.41.0 e40b1b3 (dependabot[bot])
• chore(deps): bump golang.org/x/term from 0.33.0 to 0.34.0 a27e9db (dependabot[bot])
• fix Chart.yaml handling f13afaa (Matt Farina)
• Handle messy index files 039b0b1 (Matt Farina)
• chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28 bec98a9 (dependabot[bot])
• json schema fix 6d9509a (Robert Sirchia)
• fix: k8s version parsing to match original 807225e (Borys Hulii)
• chore(deps): bump sigs.k8s.io/yaml from 1.5.0 to 1.6.0 cbbd569 (dependabot[bot])
• Do not explicitly set SNI in HTTPGetter 5e8ff72 (Terry Howe)
• chore(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 5b5fb5b (dependabot[bot])
• chore(deps): bump the k8s-io group with 7 updates d12538a (dependabot[bot])
• chore(deps): bump golang.org/x/crypto from 0.39.0 to 0.40.0 303f803 (dependabot[bot])
• chore(deps): bump golang.org/x/term from 0.32.0 to 0.33.0 abcc2ed (dependabot[bot])
• chore(deps): bump golang.org/x/text from 0.26.0 to 0.27.0 521c67b (dependabot[bot])
• Disabling linter due to unknown issue 227c9cb (Matt Farina)
• Updating link handling 4389fa6 (Matt Farina)
• Bump github.com/Masterminds/semver/v3 from 3.3.0 to 3.3.1 372e403 (dependabot[bot])
• build(deps): bump the k8s-io group with 7 updates 4fa5a64 (dependabot[bot])
• build(deps): bump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 6284ed8 (dependabot[bot])
• fix: user username password for login 2c55a4e (Terry Howe)
• Update pkg/registry/transport.go a16e986 (Terry Howe)
• Update pkg/registry/transport.go cea26d8 (Terry Howe)
• fix: add debug logging to oci transport b52bb41 (Terry Howe)
• build(deps): bump golang.org/x/crypto from 0.38.0 to 0.39.0 45075cf (dependabot[bot])
• build(deps): bump golang.org/x/text from 0.25.0 to 0.26.0 73a7826 (dependabot[bot])
• fix: legacy docker support broken for login 733f94c (Terry Howe)
• fix: plugin installer test with no Internet fc36041 (Terry Howe)
• Handle an empty registry config file. cfe8cef (Matt Farina)
• Prevent fetching newReference again as we have in calling method c33215d (Benoit Tigeot)
• Prevent failure when resolving version tags in oras memory store f552b67 (Benoit Tigeot)
• fix(client): skipnode utilization for PreCopy a18a52e (Brandt Keller)
• test: Skip instead of returning early. looks more intentional fedf502 (Jesse Simpson)
• test: tests repo stripping functionality fe512ba (Jesse Simpson)
• test: include tests for Login based on different protocol prefixes 099a9e1 (Jesse Simpson)
• fix(client): layers now returns manifest - remove duplicate from descriptors b07ab77 (Brandt Keller)
• fix(client): return nil on non-allowed media types c225c12 (Brandt Keller)
• Fix 3.18.0 regression: registry login with scheme c0f3ace (Scott Rigby)
• Update pkg/plugin/plugin.go dce60ad (Benoit Tigeot)
• Update pkg/plugin/plugin.go cda0865 (Benoit Tigeot)
• Wait for Helm v4 before raising when platformCommand and Command are set 5d9d9a0 (Benoit Tigeot)
• Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]" c5249c1 (Matt Farina)
• build(deps): bump the k8s-io group with 7 updates 5b0520d (dependabot[bot])
• chore: update generalization warning message afefca8 (Feng Cao)
• build(deps): bump oras.land/oras-go/v2 from 2.5.0 to 2.6.0 8d6d27c (dependabot[bot])
• build(deps): bump the k8s-io group with 7 updates 502c0d5 (dependabot[bot])
• build(deps): bump golang.org/x/crypto from 0.37.0 to 0.38.0 92be9ac (dependabot[bot])
• fix: move warning to top of block eb5b6d5 (Feng Cao)
• fix: govulncheck workflow 6b15f26 (Matthieu MOREL)
• fix: replace fmt warning with slog 6b5c944 (Feng Cao)
• fix: add warning when ignore repo flag 247bf7c (Feng Cao)
• bump version to v3.18.0 9404459 (Robert Sirchia)
• backport #​30673 to dev-v3 0a800e8 (Gerard Nguyen)
• feat: add httproute from gateway-api to create chart template bd1b67b (Henrik Gerdes)

Full Changelog: helm/helm@v3.18.6...v3.19.0

kubernetes/api (k8s.io/api)

v0.33.5

Compare Source

kubernetes/apiextensions-apiserver (k8s.io/apiextensions-apiserver)

v0.33.5

Compare Source

kubernetes/apimachinery (k8s.io/apimachinery)

v0.33.5

Compare Source

kubernetes/client-go (k8s.io/client-go)

v0.33.5

Compare Source

kubernetes-sigs/controller-tools (kubernetes-sigs/controller-tools)

v0.19.0

Compare Source

What's Changed

• ⚠️ Bump to k8s.io/* v0.34 by @​alvaroaleman @​dongjiang1989 @​sbueringer in #​1225 #​1236 #​1258 #​1266
• 🐛 Applyconfiguration: Use correct groupVersion by @​alvaroaleman in #​1218
• 🐛 Applyconfiguration: Register CRD markers by @​alexymantha in #​1221
• ✨ crd/marker: Add AtMostOneOf and ExactlyOneOf constraints by @​shashankram in #​1212 #​1224

Misc

• 🌱 Applyconfiguration: Fix AC generation so it builds and test all submodules by @​alvaroaleman in #​1226
• 🌱 Generate DeepCopy methods for testdata/cronjob by @​mjlshen in #​1261
• 🌱 Sync .golangci.yaml from controller-runtime by @​dongjiang1989 in #​1249
• 📖 Promote JoelSpeed to approver by @​JoelSpeed in #​1220
• 📖 Sync admins & maintainers with kubernetes/org by @​sbueringer in #​1235

envtest

• ✨ Release envtest v1.34.0-alpha.1 by @​dongjiang1989 in #​1215
• ✨ Release envtest v1.34.0-beta.0 by @​dongjiang1989 in #​1240
• ✨ Release envtest v1.34.0 by @​sbueringer in #​1267
• 🌱 Promotion of envtest release for Kubernetes v1.34.0-alpha.1 by @​sbueringer in #​1223
• 🌱 Promotion of envtest release for Kubernetes v1.34.0-beta.0 by @​sbueringer in #​1243
• 🌱 Promotion of envtest release for Kubernetes v1.34.0 by @​sbueringer in #​1268

Dependency bumps

• 🌱ci: Update golangci-lint to v2.1.6 and adjust configuration by @​dongjiang1989 in #​1206
• 🌱 Update golangci lint version to v2.3.0 by @​dongjiang1989 in #​1248
• 🌱 Bump golang.org/x/tools from 0.32.0 to 0.33.0 in the all-go-mod-patch-and-minor group by @​dependabot[bot] in #​1205
• 🌱 Bump the all-github-actions group across 1 directory with 3 updates by @​dependabot[bot] in #​1207
• 🌱 Bump the all-go-mod-patch-and-minor group with 4 updates by @​dependabot[bot] in #​1208
• 🌱 Bump golang.o

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) in timezone Etc/UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: e2e/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 17 additional dependencies were updated

Details:

Package	Change
github.com/containerd/containerd	v1.7.27 -> v1.7.28
github.com/fxamacker/cbor/v2	v2.8.0 -> v2.9.0
github.com/google/gnostic-models	v0.6.9 -> v0.7.0
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/prometheus/client_golang	v1.22.0 -> v1.23.0
github.com/prometheus/procfs	v0.16.1 -> v0.17.0
github.com/spf13/cobra	v1.9.1 -> v1.10.1
github.com/spf13/pflag	v1.0.7 -> v1.0.9
golang.org/x/time	v0.11.0 -> v0.12.0
google.golang.org/grpc	v1.73.0 -> v1.74.2
k8s.io/apiserver	v0.33.4 -> v0.34.0
k8s.io/cli-runtime	v0.33.3 -> v0.34.0
k8s.io/component-base	v0.33.4 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20250318190949-c8a335a9a2ff -> v0.0.0-20250710124328-f3f2b991d03b
k8s.io/kubectl	v0.33.3 -> v0.34.0
sigs.k8s.io/kustomize/api	v0.19.0 -> v0.20.1
sigs.k8s.io/kustomize/kyaml	v0.19.0 -> v0.20.1

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 39 additional dependencies were updated

Details:

Package	Change
github.com/fxamacker/cbor/v2	v2.8.0 -> v2.9.0
github.com/google/gnostic-models	v0.6.9 -> v0.7.0
github.com/grpc-ecosystem/grpc-gateway/v2	v2.27.1 -> v2.27.2
github.com/open-telemetry/opentelemetry-operator	v0.131.0 -> v0.136.0
github.com/prometheus/common	v0.65.0 -> v0.66.1
github.com/prometheus/otlptranslator	v0.0.0-20250717125610-8549f4ab4f8f -> v0.0.2
github.com/spf13/cobra	v1.9.1 -> v1.10.1
github.com/spf13/pflag	v1.0.6 -> v1.0.9
go.opentelemetry.io/collector/config/configcompression	v1.38.0 -> v1.42.0
go.opentelemetry.io/collector/config/configopaque	v1.38.0 -> v1.42.0
go.opentelemetry.io/collector/featuregate	v1.38.0 -> v1.42.0
go.opentelemetry.io/contrib/otelconf	v0.17.0 -> v0.18.0
go.opentelemetry.io/otel	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc	v0.13.0 -> v0.14.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp	v0.13.0 -> v0.14.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/prometheus	v0.59.1 -> v0.60.0
go.opentelemetry.io/otel/exporters/stdout/stdoutlog	v0.13.0 -> v0.14.0
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/log	v0.13.0 -> v0.14.0
go.opentelemetry.io/otel/metric	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/sdk	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/sdk/log	v0.13.0 -> v0.14.0
go.opentelemetry.io/otel/sdk/metric	v1.37.0 -> v1.38.0
go.opentelemetry.io/otel/trace	v1.37.0 -> v1.38.0
go.opentelemetry.io/proto/otlp	v1.7.0 -> v1.7.1
golang.org/x/sync	v0.16.0 -> v0.17.0
golang.org/x/sys	v0.35.0 -> v0.36.0
google.golang.org/genproto/googleapis/api	v0.0.0-20250603155806-513f23925822 -> v0.0.0-20250825161204-c5933d9347a5
google.golang.org/genproto/googleapis/rpc	v0.0.0-20250603155806-513f23925822 -> v0.0.0-20250825161204-c5933d9347a5
google.golang.org/grpc	v1.74.2 -> v1.75.1
google.golang.org/protobuf	v1.36.7 -> v1.36.9
k8s.io/component-base	v0.33.4 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20250318190949-c8a335a9a2ff -> v0.0.0-20250710124328-f3f2b991d03b

File name: images/config-reloader/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 3 additional dependencies were updated

Details:

Package	Change
github.com/prometheus/common	v0.65.0 -> v0.66.1
golang.org/x/sys	v0.33.0 -> v0.35.0
google.golang.org/protobuf	v1.36.6 -> v1.36.8

File name: pkg/sdk/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 11 additional dependencies were updated

Details:

Package	Change
github.com/fxamacker/cbor/v2	v2.8.0 -> v2.9.0
github.com/google/gnostic-models	v0.6.9 -> v0.7.0
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/prometheus/client_golang	v1.22.0 -> v1.23.0
github.com/prometheus/procfs	v0.16.1 -> v0.17.0
golang.org/x/sync	v0.16.0 -> v0.17.0
golang.org/x/sys	v0.35.0 -> v0.36.0
golang.org/x/term	v0.34.0 -> v0.35.0
golang.org/x/text	v0.28.0 -> v0.29.0
k8s.io/apiextensions-apiserver	v0.33.3 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20250318190949-c8a335a9a2ff -> v0.0.0-20250710124328-f3f2b991d03b

File name: pkg/sdk/logging/model/syslogng/config/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 15 additional dependencies were updated

Details:

Package	Change
github.com/fxamacker/cbor/v2	v2.8.0 -> v2.9.0
github.com/google/gnostic-models	v0.6.9 -> v0.7.0
github.com/kube-logging/logging-operator	v0.0.0-20250815063625-904ded1ca312 -> v0.0.0-20251003075715-0fad6c654b72
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/prometheus/client_golang	v1.22.0 -> v1.23.0
github.com/prometheus/procfs	v0.16.1 -> v0.17.0
github.com/spf13/cast	v1.9.2 -> v1.10.0
golang.org/x/net	v0.43.0 -> v0.44.0
golang.org/x/sync	v0.16.0 -> v0.17.0
golang.org/x/sys	v0.35.0 -> v0.36.0
golang.org/x/term	v0.34.0 -> v0.35.0
golang.org/x/text	v0.28.0 -> v0.29.0
k8s.io/apiextensions-apiserver	v0.33.3 -> v0.34.0
k8s.io/client-go	v0.33.4 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20250318190949-c8a335a9a2ff -> v0.0.0-20250710124328-f3f2b991d03b