fix(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF	Age	Confidence
delve		minor	1.24.1 → 1.26.0
github.com/aquasecurity/trivy	require	minor	v0.61.1 → v0.69.1
github.com/containerd/containerd	require	patch	v1.7.27 → v1.7.30
github.com/docker/go-connections	require	minor	v0.5.0 → v0.6.0
github.com/google/go-containerregistry	require	minor	v0.20.3 → v0.21.1
github.com/samber/lo	require	minor	v1.49.1 → v1.52.0
github.com/sirupsen/logrus	require	patch	v1.9.3 → v1.9.4
github.com/stretchr/testify	require	minor	v1.10.0 → v1.11.1
go (source)	toolchain	minor	1.24.2 → 1.26.0
go		minor	1.24.0 → 1.26.0
golang.org/x/sync	require	minor	v0.13.0 → v0.19.0
gopls (source)		minor	0.18.1 → 0.21.1

---

Release Notes

go-delve/delve (delve)

v1.26.0

Added

• Go 1.26 support (#​4211, #​4205, #​4212, #​4217, @​aarzilli)
• Savestate command for terminal (#​4045, @​alexsaezm)
• DAP: Target command and follow-exec support (#​4078, @​Lslightly)
• DAP: Read memory request handler (#​4083, @​MistaTwista)
• DAP: Input/output redirection (#​4178, @​aarzilli)
• DAP: Suspended breakpoints support (#​4075, @​firelizzard18)
• DAP: Use exception breakpoints for predefined breakpoints (#​4169, @​aarzilli)
• Custom starlark commands can be used with on prefix (#​4170, @​derekparker)
• Shortcut syntax to access target variables in starlark (#​4134, @​aarzilli)
• Support for tracing defer function calls with follow option (#​3978, @​archanaravindar)
• Flag to retain trace directory after detach (#​4091, @​archanaravindar)
• Ability to cancel debuginfod downloads (#​4123, @​aarzilli)
• Process spawned event (#​4171, @​firelizzard18)
• Materialized breakpoint event for follow-exec mode (#​4161, @​aarzilli)
• Way to disable stop-on-error for breakpoint conditions (#​4191, @​aarzilli)
• Function call support on loong64 (#​4114, @​yelvens)
• Build argument logging (#​4185, @​pedia)
• Capslock check (#​4106, @​derekparker)

Fixed

• DAP: Restart handling when compilation fails (#​4215, @​aarzilli)
• DAP: Disable string() field for address-less variables (#​4214, @​aarzilli)
• DAP: Race condition in tests (#​4121, @​derekparker)
• Gdbserial: Do not set detached if we kill the process (#​4216, @​aarzilli)
• Prevent trace killing attached process (#​4164, @​alex-emery)
• Trace /regexp/ should set ret breakpoints correctly (#​4130, @​aarzilli)
• Replay subcommand must keep trace directory (#​4184, @​lwintermelon)
• Nil pointer dereference when calling extra on a nil func (#​4174, @​aarzilli)
• Check that breakpoint exists in ClearBreakpoint (#​4141, @​aarzilli)
• Use address in ClearBreakpoint only when ID is 0 (#​4168, @​aarzilli)
• Return error when calling a non-ptr receiver method on a nil ptr (#​4139, @​aarzilli)
• Additional checks parsing g structs (#​4140, @​aarzilli)
• Remember that we attached in WaitFor attach mode (#​4120, @​aarzilli)
• Guard register logging from nil pointer dereferences (#​4188, @​aarzilli)
• Do not insist stmt is same line as entry in DWARF (#​4186, @​derekparker)
• Fix wait reason string table (#​4182, @​aarzilli)
• Workaround for non-unicode strings in Variables (#​4082, @​aarzilli)
• Fix ppc64le clause in support_sentinel_linux.go (#​4129, @​tshah14)
• Improve frame unwind context handling on loong64 (#​4133, @​yelvens)

Changed

• Replace hashicorp/golang-lru with custom lru cache (#​4196, @​qmuntal)
• Update riscv64 support and add to test matrix (#​4190, @​lrzlin)
• Update riscv64 capslock file (#​4210, @​derekparker)
• Move things that use x/tools/go/packages to new repo (#​3990, @​aarzilli)
• Remove experimental build tags for Windows ARM64 (#​4176, @​gdams)
• Add Windows ARM64 workflow to CI (#​4175, @​gdams)
• Add linux/loong64 to TeamCity configuration (#​4154, @​yelvens)
• Set CI=true on a project level (#​4156, @​vietage)
• Hierarchical search for structMember or method (#​4118, @​wenxuan70)
• Update trie to v3.2.0 (#​4131, @​derekparker)
• Parallelize tests where possible (#​4115, @​derekparker)
• Modernize codebase with newer syntax and helpers (#​4110, @​derekparker)
• Miscellaneous improvements to tests and build configuration (#​4096, #​4135, #​4145, #​4157, #​4163, #​4198, #​4202, #​4111, #​4122, #​4124, #​4209, @​derekparker, @​aarzilli)
• Miscellaneous code refactoring (#​4159, #​4173, #​4201, @​aarzilli)

v1.25.2

Added

• Added notifications for debuginfod downloads (#​3980, @​aarzilli)

Fixed

• Fixed restart behavior of DAP server (#​4068, @​derekparker)
• Various fixes for loong64 backend (#​4095, #​4100, @​yelvens)
• Miscellaneous minor bug fixes (#​4067, #​4090, #​4089, @​aarzilli)

Changed

• Miscellaneous code quality improvements (#​4088, @​cui)

v1.25.1

Added

• Implement restart request for DAP (#​4057, @​derekparker)

Fixed

• Fixed panic when trying to stacktrace an unreadable goroutine in DAP (#​4056, @​aarzilli)
• Fixed panic when trying to access value of unreadable string variables in DAP (#​4055, @​aarzilli)
• Fixed type cast between slices with the same element type (#​4048, @​aarzilli)
• Fixed closure captured variables visibility on closure's first line (#​4049, @​aarzilli)
• Fixed unknown DWARF opcodes causing panics (#​4037, @​aarzilli)
• Added missing response body close in DAP test (#​4039, @​alexandear)
• Fix panic in switchToGoroutineStacktrace (#​4043, @​derekparker)

Changed

• Handle moving of direct interface flag in Go 1.26 (#​4032, @​randall77)
• Simplified tests using slices.Contains (#​4040, @​alexandear)
• Updated Go max support minor version and update golang.org/x/tools (#​4046, @​derekparker)

v1.25.0

Added

• Go 1.25 support (#​4014, @​aarzilli) (more work went into the 1.24.2 and earlier releases)

Fixed

• Fixed several panics found via telemetry (#​4026, #​4018, #​4017, #​4015 @​aarzilli)
• Fixed git hash in version output (#​3987, @​codeaucafe)
• Fix development version parsing (#​3999, @​aarzilli)
• Fix call injection in newer macOS versions (#​3988, @​aarzilli)
• Fix typo in goroutines help output (#​4024, @​jersey1dev)

Changed

• Internal breakpoints (panic, throw) are excluded from DAP response (#​4027, @​ConradIrwin)

v1.24.2

Added

• Support for struct literals in expression evaluator (#​3935, #​3953, @​aarzilli)
• Check to reject DWARFv5 executables if delve itself isn't built with 1.25 or later due to bugs in Go's standard library prior to 1.25 (#​3943, #​3961, @​aarzilli)

Fixed

• Support for macOS Sequoia 15.4 (#​3966, @​aarzilli)
• Race conditions with rr backend (#​3971, #​3973, #​3963, @​BronzeDeer, @​aarzilli)
• Goroutine load with corrupted label maps (#​3968, #​3962, @​hongyuh-hh)
• Breakpoint conditions on suspended breakpoints (#​3938, @​Lslightly)

Changed

• Miscellaneous test and documentation fixes (#​3979, #​3952, #​3954, #​3955, #​3951, @​alexandear, @​codesoap, @​derekparker)

aquasecurity/trivy (github.com/aquasecurity/trivy)

v0.69.1

Compare Source

Changelog

• 123888b release: v0.69.1 [release/v0.69] (#​10145)
• 29d3b06 ci: add composite action for Go setup [backport: release/v0.69] (#​10150)
• 3b30cc7 fix(misconf): apply check aliases when filtering results via .trivyignore [backport: release/v0.69] (#​10143)
• a8e279b chore(deps): bump to alpine:3.23.3 and go-1.25.6 to fix CVEs [backport: release/v0.69] (#​10135)

v0.69.0

Compare Source

👉 Trivy v0.69.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

🐳 New Docker Install option

• docker pull get.trivy.dev/image/trivy:0.69.0

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0690-2026-01-30

v0.68.2

Compare Source

Changelog

• 0c40a8d release: v0.68.2 [release/v0.68] (#​9950)
• db28945 fix(deps): bump alpine from 3.22.1 to 3.23.0 [backport: release/v0.68] (#​9949)

v0.68.1

Compare Source

👉 Trivy v0.68.1 release notes (click here)

[!NOTE]
v0.68.0 was skipped due to issues with the release.

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

🐳 Docker Install

• docker pull get.trivy.dev/image/trivy:0.68.1

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0680-2025-12-02

v0.68.0

Compare Source

v0.67.2

Compare Source

Changelog

• 60c57ad release: v0.67.2 [release/v0.67] (#​9639)
• f3ee80c fix: Use fetch-level: 1 to check out trivy-repo in the release workflow [backport: release/v0.67] (#​9638)

v0.67.1

Compare Source

Changelog

• cbed239 release: v0.67.1 [release/v0.67] (#​9614)
• 1a84093 fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (#​9631)
• 3bc1490 fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (#​9629)
• 542eee7 fix: add buildInfo for BlobInfo in rpc package [backport: release/v0.67] (#​9615)
• f65dd05 fix(vex): don't use reused BOM [backport: release/v0.67] (#​9612)

v0.67.0

Compare Source

👉 Trivy v0.67.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

🐳 New Docker Install option

• docker pull get.trivy.dev/image/trivy:0.67.0

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0670-2025-09-30

v0.66.0

Compare Source

👉 Trivy v.66.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

Full changelog

v0.65.0

Compare Source

👉 Trivy v.65.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

Full changelog

v0.64.1

Compare Source

Changelog

• 86ee3c1 release: v0.64.1 [release/v0.64] (#​9122)
• 4e12722 fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (#​9127)
• 9a7d384 fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (#​9124)
• 53adfba fix(rootio): check full version to detect root.io packages [backport: release/v0.64] (#​9120)
• 8cf1bf9 fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (#​9119)

v0.64.0

Compare Source

👉 Trivy v.64.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

Full changelog

v0.63.0

Compare Source

👉 Trivy v.63.0 release notes (click here)

⬇️ Download Trivy

• MacOS Apple Silicon
• MacOS Intel
• Linux Intel
• Linux ARM
• Windows Intel

Full changelog

v0.62.1

Compare Source

Changelog

• c75ed21 release: v0.62.1 [release/v0.62] (#​8825)
• aafebeb chore(deps): bump the common group across 1 directory with 10 updates [backport: release/v0.62] (#​8831)
• 99485cf fix(misconf): check if for-each is known when expanding dyn block [backport: release/v0.62] (#​8826)
• b4fc9e8 fix(redhat): trim invalid suffix from content_sets in manifest parsing [backport: release/v0.62] (#​8824)

v0.62.0

Compare Source

⚡Release highlights and summary⚡

👉 https://redirect.github.com/aquasecurity/trivy/discussions/8801

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0620-2025-04-30

containerd/containerd (github.com/containerd/containerd)

v1.7.30: containerd 1.7.30

Compare Source

Welcome to the v1.7.30 release of containerd!

The thirtieth patch release for containerd 1.7 contains various fixes
and updates.

Highlights

Container Runtime Interface (CRI)

• Fix NRI dropping requested CDI devices silently (#​12650)
• Redact all query parameters in CRI error logs (#​12551)

Runtime

• Update runc binary to v1.3.4 (#​12619)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Akihiro Suda
• Austin Vazquez
• Mike Brown
• Wei Fu
• Andrey Noskov
• CrazyMax
• Davanum Srinivas
• Jin Dong
• Krisztian Litkey
• Maksym Pavlenko
• Paweł Gronowski
• Phil Estes
• Samuel Karp

Changes

26 commits

• Prepare release notes for v1.7.30 (#​12652)
  • 3d0ca6d2e Prepare release notes for v1.7.30
• Fix NRI dropping requested CDI devices silently (#​12650)
  • 0bc74f47e cri,nri: don't drop requested CDI devices silently.
• script/setup/install-cni: install CNI plugins v1.9.0 (#​12660)
  • 7db16b562 script/setup/install-cni: install CNI plugins v1.9.0
• go.mod: golang.org/x/crypto v0.45.0 (drop support for Go 1.23) (#​12640)
  • bca897b47 go.mod: golang.org/x/crypto v0.45.0
  • 37cbd2224 CI: drop Go 1.23
  • ee49d1747 Update Go requirements in BUILDING
• ci: bump Go 1.24.11, 1.25.5 (#​12627)
  • 145978224 ci: bump Go 1.24.11, 1.25.5
  • 3dbadfaa1 ci: bump Go 1.24.10, 1.25.4
  • 2bac971f0 ci(release): set GO_VERSION in Dockerfile
• Update runc binary to v1.3.4 (#​12619)
  • 34b89a574 runc: Update runc binary to v1.3.4
• ci: update CIFuzz actions to support Ubuntu 24.04 (#​12635)
  • 6e0dd8956 ci: update CIFuzz actions to support Ubuntu 24.04
• build(deps): bump github.com/opencontainers/selinux (#​12591)
  • 3eea2a4af build(deps): bump github.com/opencontainers/selinux
• remove sha256-simd (#​12576)
  • 1194f5128 remove sha256-simd
• .github: skip 5 critest cases for window-2022 (#​12586)
  • ce2d3a67f .github: skip 5 critest cases in window CI pipeline
• Redact all query parameters in CRI error logs (#​12551)
  • 65271ea89 fix: redact all query parameters in CRI error logs

Dependency Changes

• github.com/cyphar/filepath-securejoin v0.5.1 new
• github.com/opencontainers/selinux v1.11.0 -> v1.13.1
• golang.org/x/crypto v0.40.0 -> v0.45.0
• golang.org/x/mod v0.26.0 -> v0.29.0
• golang.org/x/net v0.42.0 -> v0.47.0
• golang.org/x/sync v0.16.0 -> v0.18.0
• golang.org/x/sys v0.34.0 -> v0.38.0
• golang.org/x/term v0.33.0 -> v0.37.0
• golang.org/x/text v0.27.0 -> v0.31.0

Previous release can be found at v1.7.29

v1.7.29: containerd 1.7.29

Compare Source

Welcome to the v1.7.29 release of containerd!

The twenty-ninth patch release for containerd 1.7 contains various fixes
and updates including security patches.

Security Updates

• containerd

  • GHSA-pwhc-rpq9-4c8w
  • GHSA-m6hq-p25p-ffr2

• runc

  • GHSA-qw9x-cqr3-wc7r
  • GHSA-cgrx-mc8f-2prm
  • GHSA-9493-h29p-rfm2

Highlights

Image Distribution

• Update differ to handle zstd media types (#​12018)

Runtime

• Update runc binary to v1.3.3 (#​12480)
• Fix lost container logs from quickly closing io (#​12375)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Akihiro Suda
• Phil Estes
• Austin Vazquez
• Sebastiaan van Stijn
• ningmingxiao
• Maksym Pavlenko
• StepSecurity Bot
• wheat2018

Changes

38 commits

• 442cb34bd Merge commit from fork
• 0450f046e Fix directory permissions
• e5cb6ddb7 Merge commit from fork
• c575d1b5f fix goroutine leak of container Attach
• Prepare release notes for v1.7.29 (#​12486)
  • 1fc2daaf3 Prepare release notes for v1.7.29
• Update runc binary to v1.3.3 (#​12480)
  • 3f5f9f872 runc: Update runc binary to v1.3.3
• Update GHA images and bump Go 1.24.9; 1.25.3 (#​12471)
  • 667409fb6 ci: bump Go 1.24.9, 1.25.3
  • 294f8c027 Update GHA runners to use latest images for basic binaries build
  • cf66b4141 Update GHA runners to use latest image for most jobs
  • fa3e6fa18 pkg/epoch: extract parsing SOURCE_DATE_EPOCH to a function
  • ac334bffc pkg/epoch: fix tests on macOS
  • d04b8721f pkg/epoch: replace some fmt.Sprintfs with strconv
• CI: update Fedora to 43 (#​12450)
  • 5cfedbf52 CI: update Fedora to 43
• CI: skip ubuntu-24.04-arm on private repos (#​12429)
  • cf99a012d CI: skip ubuntu-24.04-arm on private repos
• runc:Update runc binary to v1.3.1 (#​12276)
  • 4c77b8d07 runc:Update runc binary to v1.3.1
• Fix lost container logs from quickly closing io (#​12375)
  • d30024db2 bugfix:fix container logs lost because io close too quickly
• ci: bump Go 1.24.8 (#​12362)
  • f4b3d96f3 ci: bump Go 1.24.8
  • 334fd8e4b update golangci-lint to v1.64.2
  • 8a67abc4c Drop inactivated linter exportloopref
  • e4dbf08f0 build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.5.0
  • d7db2ba06 build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.2
  • d7182888f build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0
  • 4be6c7e3b build(deps): bump actions/cache from 4.1.2 to 4.2.0
  • a2e097e86 build(deps): bump actions/checkout from 4.2.1 to 4.2.2
  • 6de404d11 build(deps): bump actions/cache from 4.1.1 to 4.1.2
  • 038a25584 [StepSecurity] ci: Harden GitHub Actions
• Update differ to handle zstd media types (#​12018)
  • eaeb4b6ac Update differ to handle zstd media types
• ci: bump Go 1.23.12, 1.24.6 (#​12188)
  • 83c535339 ci: bump Go 1.23.12, 1.24.6

Dependency Changes

This release has no dependency changes

Previous release can be found at v1.7.28

v1.7.28: containerd 1.7.28

Compare Source

Welcome to the v1.7.28 release of containerd!

The twenty-eighth patch release for containerd 1.7 contains various fixes
and updates.

Highlights

Image Distribution

• Refresh OAuth tokens when they expire during registry operations (#​11721)
• Set default differ for the default unpack config of transfer service (#​11689)

Runtime

• Update runc binary to v1.3.0 (#​11800)
• Remove invalid error log when stopping container after containerd restart (#​11620)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Akhil Mohan
• Akihiro Suda
• Austin Vazquez
• Maksym Pavlenko
• Phil Estes
• Derek McGowan
• Kirtana Ashok
• Henry Wang
• Iain Macdonald
• Jin Dong
• Swagat Bora
• Wei Fu
• Yang Yang
• madraceee

Changes

57 commits

• Prepare release notes for v1.7.28 (#​12134)
  • b01b809f8 Prepare release notes for v1.7.28
• ci: bump Go 1.23.11, 1.24.5 (#​12117)
  • ce2373176 ci: bump Go 1.23.11, 1.24.5
• Backport windows test fixes (#​12121)
  • 3c06bcc4d Fix intermittent test failures on Windows CIs
  • c6c0c6854 Remove WS2025 from CIs due to regression
• ci: use fedora 39 archive (#​12123)
  • 6d7e021cf ci: use fedora/39-cloud-base image from archive
• update runners to ubuntu 24.04 (#​11802)
  • c362e18cc CI: install OVMF for Vagrant
  • 1d99bec21 CI: fix "Unable to find a source package for vagrant" error
  • dafa3c48d add debian sources for ubuntu-24
  • b03301d85 partial: enable ubuntu 24 runners
  • 13fbc5f97 update release runners to ubuntu 24.04
• go.mod: golang.org/x/* latest (#​12096)
  • da5d1a371 go.mod: golang.org/x/* latest
• Remove additional fuzzers from instrumentation repo (#​12099)
  • 5fef123ba Remove additional fuzzers from CI
• backport windows runner and golang toolchain updates (#​11972)
  • a35978f5a ci: bump golang [1.23.10, 1.24.4] in build and release
  • df035aa3e ci: bump golang [1.23.9, 1.24.3] in build and release
  • 2a6d9fc71 use go1.23.8 as the default go version
  • 15d4d6eba update to go 1.24.2, 1.23.8
  • 1613a3b1a Enable CIs to run on WS2022 and WS2025
• test: added runc v1 tests using vagrant (#​11896)
  • 60e73122c test: added runc v1 tests using vagrant
• Revert "disable portmap test in ubuntu-22 to make CI happy" (#​11803)
  • 10e1b515e Revert "Disable port mapping tests in CRI-in-UserNS"
  • [7a680e884](ht

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 128 additional dependencies were updated

Details:

Package	Change
github.com/docker/docker	v27.5.1+incompatible -> v28.5.2+incompatible
github.com/sirupsen/logrus	v1.9.3 -> v1.9.4-0.20230606125235-dd1b4c2e81af
cel.dev/expr	v0.19.0 -> v0.24.0
cloud.google.com/go	v0.116.0 -> v0.121.6
cloud.google.com/go/auth	v0.14.0 -> v0.17.0
cloud.google.com/go/auth/oauth2adapt	v0.2.7 -> v0.2.8
cloud.google.com/go/compute/metadata	v0.6.0 -> v0.9.0
cloud.google.com/go/iam	v1.2.2 -> v1.5.3
cloud.google.com/go/monitoring	v1.21.2 -> v1.24.2
cloud.google.com/go/storage	v1.49.0 -> v1.56.0
dario.cat/mergo	v1.0.1 -> v1.0.2
github.com/Azure/azure-sdk-for-go/sdk/azcore	v1.17.0 -> v1.20.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity	v1.8.2 -> v1.13.1
github.com/Azure/azure-sdk-for-go/sdk/internal	v1.10.0 -> v1.11.2
github.com/Azure/go-ansiterm	v0.0.0-20230124172434-306776ec8161 -> v0.0.0-20250102033503-faa5f7b0171c
github.com/AzureAD/microsoft-authentication-library-for-go	v1.3.3 -> v1.6.0
github.com/BurntSushi/toml	v1.4.0 -> v1.5.0
github.com/CycloneDX/cyclonedx-go	v0.9.2 -> v0.9.3
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp	v1.25.0 -> v1.29.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric	v0.48.1 -> v0.53.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping	v0.48.1 -> v0.53.0
github.com/Masterminds/semver/v3	v3.3.0 -> v3.4.0
github.com/Microsoft/hcsshim	v0.12.9 -> v0.14.0-rc.1
github.com/ProtonMail/go-crypto	v1.1.5 -> v1.3.0
github.com/aquasecurity/go-npm-version	v0.0.1 -> v0.0.2
github.com/aquasecurity/trivy-checks	v1.8.1 -> v1.11.3-0.20250604022615-9a7efa7c9169
github.com/aquasecurity/trivy-db	v0.0.0-20250227071930-8bd8a9b89e2d -> v0.0.0-20250929072116-eba1ced2340a
github.com/aws/aws-sdk-go-v2	v1.36.3 -> v1.40.0
github.com/aws/aws-sdk-go-v2/config	v1.29.9 -> v1.32.0
github.com/aws/aws-sdk-go-v2/credentials	v1.17.62 -> v1.19.0
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.16.30 -> v1.18.14
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.3.34 -> v1.4.14
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.6.34 -> v2.7.14
github.com/aws/aws-sdk-go-v2/internal/ini	v1.8.3 -> v1.8.4
github.com/aws/aws-sdk-go-v2/service/ecr	v1.42.1 -> v1.53.1
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding	v1.12.3 -> v1.13.3
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.12.15 -> v1.13.14
github.com/aws/aws-sdk-go-v2/service/s3	v1.78.1 -> v1.92.0
github.com/bmatcuk/doublestar/v4	v4.8.1 -> v4.9.1
github.com/cloudflare/circl	v1.6.0 -> v1.6.1
github.com/cncf/xds/go	v0.0.0-20240905190251-b4127c9b8d78 -> v0.0.0-20250501225837-2ac532fd4443
github.com/containerd/cgroups/v3	v3.0.3 -> v3.1.0
github.com/containerd/containerd/api	v1.8.0 -> v1.10.0
github.com/containerd/containerd/v2	v2.0.4 -> v2.2.0
github.com/containerd/platforms	v1.0.0-rc.1 -> v1.0.0-rc.2
github.com/containerd/stargz-snapshotter/estargz	v0.16.3 -> v0.18.1
github.com/cyphar/filepath-securejoin	v0.4.1 -> v0.6.0
github.com/dlclark/regexp2	v1.4.0 -> v1.11.0
github.com/docker/cli	v27.5.0+incompatible -> v29.0.3+incompatible
github.com/docker/docker-credential-helpers	v0.8.2 -> v0.9.3
github.com/emicklei/go-restful/v3	v3.11.0 -> v3.13.0
github.com/envoyproxy/go-control-plane	v0.13.1 -> v0.13.4
github.com/envoyproxy/protoc-gen-validate	v1.1.0 -> v1.2.1
github.com/evanphx/json-patch	v5.9.0+incompatible -> v5.9.11+incompatible
github.com/fxamacker/cbor/v2	v2.7.0 -> v2.9.0
github.com/go-git/go-git/v5	v5.14.0 -> v5.16.3
github.com/go-logr/logr	v1.4.2 -> v1.4.3
github.com/go-openapi/jsonpointer	v0.21.0 -> v0.22.1
github.com/go-openapi/jsonreference	v0.21.0 -> v0.21.3
github.com/go-openapi/swag	v0.23.0 -> v0.25.1
github.com/golang-jwt/jwt/v5	v5.2.2 -> v5.3.0
github.com/google/btree	v1.1.2 -> v1.1.3
github.com/google/gnostic-models	v0.6.9-0.20230804172637-c7be7c783f49 -> v0.7.0
github.com/googleapis/enterprise-certificate-proxy	v0.3.4 -> v0.3.6
github.com/googleapis/gax-go/v2	v2.14.1 -> v2.15.0
github.com/gorilla/websocket	v1.5.0 -> v1.5.4-0.20250319132907-e064f32e3674
github.com/hashicorp/go-getter	v1.7.8 -> v1.8.3
github.com/hashicorp/hcl/v2	v2.23.0 -> v2.24.0
github.com/klauspost/compress	v1.17.11 -> v1.18.1
github.com/moby/buildkit	v0.18.2 -> v0.26.2
github.com/moby/sys/user	v0.3.0 -> v0.4.0
github.com/moby/term	v0.5.0 -> v0.5.2
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/oklog/ulid/v2	v2.1.0 -> v2.1.1
github.com/open-policy-agent/opa	v1.2.0 -> v1.10.1
github.com/opencontainers/runtime-spec	v1.2.0 -> v1.2.1
github.com/opencontainers/selinux	v1.11.1 -> v1.13.0
github.com/prometheus/client_golang	v1.21.0 -> v1.23.2
github.com/prometheus/client_model	v0.6.1 -> v0.6.2
github.com/prometheus/common	v0.62.0 -> v0.66.1
github.com/prometheus/procfs	v0.15.1 -> v0.17.0
github.com/rcrowley/go-metrics	v0.0.0-20201227073835-cf1acfcdf475 -> v0.0.0-20250401214520-65e299d6c5c9
github.com/rubenv/sql-migrate	v1.7.1 -> v1.8.0
github.com/samber/oops	v1.15.0 -> v1.18.1
github.com/secure-systems-lab/go-securesystemslib	v0.9.0 -> v0.9.1
github.com/sergi/go-diff	v1.3.2-0.20230802210424-5b0b94c5c0d3 -> v1.4.0
github.com/spf13/cast	v1.7.1 -> v1.10.0
github.com/spf13/cobra	v1.9.1 -> v1.10.1
github.com/spf13/pflag	v1.0.6 -> v1.0.10
github.com/tchap/go-patricia/v2	v2.3.2 -> v2.3.3
github.com/tonistiigi/go-csvvalue	v0.0.0-20240710180619-ddb21b71c0b4 -> v0.0.0-20240814133006-030d3b2625d0
github.com/ulikunitz/xz	v0.5.12 -> v0.5.15
github.com/zclconf/go-cty	v1.16.2 -> v1.17.0
go.etcd.io/bbolt	v1.4.0 -> v1.4.3
go.opentelemetry.io/auto/sdk	v1.1.0 -> v1.2.1
go.opentelemetry.io/contrib/detectors/gcp	v1.32.0 -> v1.36.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	v0.56.0 -> v0.61.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.59.0 -> v0.63.0
go.opentelemetry.io/otel	v1.34.0 -> v1.38.0
go.opentelemetry.io/otel/metric	v1.34.0 -> v1.38.0
golang.org/x/crypto	v0.36.0 -> v0.45.0
golang.org/x/mod	v0.24.0 -> v0.30.0
golang.org/x/net	v0.37.0 -> v0.47.0
golang.org/x/oauth2	v0.26.0 -> v0.33.0
golang.org/x/sys	v0.31.0 -> v0.38.0
golang.org/x/term	v0.30.0 -> v0.37.0
golang.org/x/text	v0.23.0 -> v0.31.0
google.golang.org/api	v0.218.0 -> v0.254.0
google.golang.org/genproto	v0.0.0-20241118233622-e639e219e697 -> v0.0.0-20250603155806-513f23925822
google.golang.org/genproto/googleapis/api	v0.0.0-20250115164207-1a7da9e5054f -> v0.0.0-20250825161204-c5933d9347a5
google.golang.org/genproto/googleapis/rpc	v0.0.0-20250115164207-1a7da9e5054f -> v0.0.0-20251022142026-3a174f9686a8
google.golang.org/grpc	v1.70.0 -> v1.76.0
google.golang.org/protobuf	v1.36.5 -> v1.36.10
gotest.tools/v3	v3.5.0 -> v3.5.2
helm.sh/helm/v3	v3.17.2 -> v3.19.2
k8s.io/api	v0.32.3 -> v0.34.2
k8s.io/apiextensions-apiserver	v0.32.2 -> v0.34.0
k8s.io/apimachinery	v0.32.3 -> v0.34.2
k8s.io/apiserver	v0.32.2 -> v0.34.0
k8s.io/cli-runtime	v0.32.3 -> v0.34.0
k8s.io/client-go	v0.32.3 -> v0.34.1
k8s.io/component-base	v0.32.3 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20241105132330-32ad38e42d3f -> v0.0.0-20250710124328-f3f2b991d03b
k8s.io/kubectl	v0.32.3 -> v0.34.0
k8s.io/utils	v0.0.0-20241104100929-3ea5e8cea738 -> v0.0.0-20250604170112-4c0f3b243397
sigs.k8s.io/json	v0.0.0-20241010143419-9aa6b5e7a4b3 -> v0.0.0-20241014173422-cfa47c3a1cc8
sigs.k8s.io/kustomize/api	v0.18.0 -> v0.20.1
sigs.k8s.io/yaml	v1.4.0 -> v1.6.0

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 132 additional dependencies were updated

Details:

Package	Change
github.com/docker/docker	v27.5.1+incompatible -> v28.5.2+incompatible
cel.dev/expr	v0.19.0 -> v0.24.0
cloud.google.com/go	v0.116.0 -> v0.121.6
cloud.google.com/go/auth	v0.14.0 -> v0.18.0
cloud.google.com/go/auth/oauth2adapt	v0.2.7 -> v0.2.8
cloud.google.com/go/compute/metadata	v0.6.0 -> v0.9.0
cloud.google.com/go/iam	v1.2.2 -> v1.5.3
cloud.google.com/go/monitoring	v1.21.2 -> v1.24.3
cloud.google.com/go/storage	v1.49.0 -> v1.57.1
dario.cat/mergo	v1.0.1 -> v1.0.2
github.com/Azure/azure-sdk-for-go/sdk/azcore	v1.17.0 -> v1.20.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity	v1.8.2 -> v1.13.1
github.com/Azure/azure-sdk-for-go/sdk/internal	v1.10.0 -> v1.11.2
github.com/Azure/go-ansiterm	v0.0.0-20230124172434-306776ec8161 -> v0.0.0-20250102033503-faa5f7b0171c
github.com/AzureAD/microsoft-authentication-library-for-go	v1.3.3 -> v1.6.0
github.com/BurntSushi/toml	v1.4.0 -> v1.5.0
github.com/CycloneDX/cyclonedx-go	v0.9.2 -> v0.9.3
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp	v1.25.0 -> v1.30.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric	v0.48.1 -> v0.54.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping	v0.48.1 -> v0.54.0
github.com/Masterminds/semver/v3	v3.3.0 -> v3.4.0
github.com/Microsoft/hcsshim	v0.12.9 -> v0.14.0-rc.1
github.com/ProtonMail/go-crypto	v1.1.5 -> v1.3.0
github.com/aquasecurity/go-npm-version	v0.0.1 -> v0.0.2
github.com/aquasecurity/trivy-checks	v1.8.1 -> v1.12.2-0.20251219190323-79d27547baf5
github.com/aquasecurity/trivy-db	v0.0.0-20250227071930-8bd8a9b89e2d -> v0.0.0-20251222105351-a833f47f8f0d
github.com/aws/aws-sdk-go-v2	v1.36.3 -> v1.41.0
github.com/aws/aws-sdk-go-v2/config	v1.29.9 -> v1.32.5
github.com/aws/aws-sdk-go-v2/credentials	v1.17.62 -> v1.19.5
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.16.30 -> v1.18.16
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.3.34 -> v1.4.16
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.6.34 -> v2.7.16
github.com/aws/aws-sdk-go-v2/internal/ini	v1.8.3 -> v1.8.4
github.com/aws/aws-sdk-go-v2/service/ecr	v1.42.1 -> v1.53.1
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding	v1.12.3 -> v1.13.4
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.12.15 -> v1.13.16
github.com/aws/aws-sdk-go-v2/service/s3	v1.78.1 -> v1.92.0
github.com/bmatcuk/doublestar/v4	v4.8.1 -> v4.9.1
github.com/cloudflare/circl	v1.6.0 -> v1.6.1
github.com/cncf/xds/go	v0.0.0-20240905190251-b4127c9b8d78 -> v0.0.0-20251022180443-0feb69152e9f
github.com/containerd/cgroups/v3	v3.0.3 -> v3.1.0
github.com/containerd/containerd/api	v1.8.0 -> v1.10.0
github.com/containerd/containerd/v2	v2.0.4 -> v2.2.0
github.com/containerd/platforms	v1.0.0-rc.1 -> v1.0.0-rc.2
github.com/containerd/stargz-snapshotter/estargz	v0.16.3 -> v0.18.2
github.com/cyphar/filepath-securejoin	v0.4.1 -> v0.6.0
github.com/dlclark/regexp2	v1.4.0 -> v1.11.0
github.com/docker/cli	v27.5.0+incompatible -> v29.2.1+incompatible
github.com/docker/docker-credential-helpers	v0.8.2 -> v0.9.3
github.com/emicklei/go-restful/v3	v3.11.0 -> v3.13.0
github.com/envoyproxy/go-control-plane	v0.13.1 -> v0.13.5-0.20251024222203-75eaa193e329
github.com/envoyproxy/protoc-gen-validate	v1.1.0 -> v1.2.1
github.com/evanphx/json-patch	v5.9.0+incompatible -> v5.9.11+incompatible
github.com/fxamacker/cbor/v2	v2.7.0 -> v2.9.0
github.com/go-git/go-git/v5	v5.14.0 -> v5.16.4
github.com/go-logr/logr	v1.4.2 -> v1.4.3
github.com/go-openapi/jsonpointer	v0.21.0 -> v0.22.4
github.com/go-openapi/jsonreference	v0.21.0 -> v0.21.4
github.com/go-openapi/swag	v0.23.0 -> v0.25.4
github.com/golang-jwt/jwt/v5	v5.2.2 -> v5.3.0
github.com/google/btree	v1.1.2 -> v1.1.3
github.com/google/gnostic-models	v0.6.9-0.20230804172637-c7be7c783f49 -> v0.7.0
github.com/googleapis/enterprise-certificate-proxy	v0.3.4 -> v0.3.9
github.com/googleapis/gax-go/v2	v2.14.1 -> v2.16.0
github.com/gorilla/websocket	v1.5.0 -> v1.5.4-0.20250319132907-e064f32e3674
github.com/hashicorp/go-getter	v1.7.8 -> v1.8.3
github.com/hashicorp/go-version	v1.7.0 -> v1.8.0
github.com/hashicorp/hcl/v2	v2.23.0 -> v2.24.0
github.com/klauspost/compress	v1.17.11 -> v1.18.4
github.com/mailru/easyjson	v0.7.7 -> v0.9.0
github.com/mitchellh/mapstructure	v1.5.0 -> v1.5.1-0.20231216201459-8508981c8b6c
github.com/moby/buildkit	v0.18.2 -> v0.26.2
github.com/moby/sys/user	v0.3.0 -> v0.4.0
github.com/moby/term	v0.5.0 -> v0.5.2
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/oklog/ulid/v2	v2.1.0 -> v2.1.1
github.com/open-policy-agent/opa	v1.2.0 -> v1.11.0
github.com/opencontainers/runtime-spec	v1.2.0 -> v1.2.1
github.com/opencontainers/selinux	v1.11.1 -> v1.13.1
github.com/owenrumney/squealer	v1.2.11 -> v1.2.12
github.com/prometheus/client_golang	v1.21.0 -> v1.23.2
github.com/prometheus/client_model	v0.6.1 -> v0.6.2
github.com/prometheus/common	v0.62.0 -> v0.67.4
github.com/prometheus/procfs	v0.15.1 -> v0.17.0
github.com/rcrowley/go-metrics	v0.0.0-20201227073835-cf1acfcdf475 -> v0.0.0-20250401214520-65e299d6c5c9
github.com/rubenv/sql-migrate	v1.7.1 -> v1.8.0
github.com/samber/oops	v1.15.0 -> v1.18.1
github.com/secure-systems-lab/go-securesystemslib	v0.9.0 -> v0.10.0
github.com/sergi/go-diff	v1.3.2-0.20230802210424-5b0b94c5c0d3 -> v1.4.0
github.com/spf13/cast	v1.7.1 -> v1.10.0
github.com/spf13/cobra	v1.9.1 -> v1.10.2
github.com/spf13/pflag	v1.0.6 -> v1.0.10
github.com/tchap/go-patricia/v2	v2.3.2 -> v2.3.3
github.com/tonistiigi/go-csvvalue	v0.0.0-20240710180619-ddb21b71c0b4 -> v0.0.0-20240814133006-030d3b2625d0
github.com/ulikunitz/xz	v0.5.12 -> v0.5.15
github.com/zclconf/go-cty	v1.16.2 -> v1.17.0
go.etcd.io/bbolt	v1.4.0 -> v1.4.3
go.opentelemetry.io/auto/sdk	v1.1.0 -> v1.2.1
go.opentelemetry.io/contrib/detectors/gcp	v1.32.0 -> v1.38.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	v0.56.0 -> v0.63.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.59.0 -> v0.63.0
go.opentelemetry.io/otel	v1.34.0 -> v1.38.0
go.opentelemetry.io/otel/metric	v1.34.0 -> v1.38.0
go.uber.org/zap	v1.27.0 -> v1.27.1
golang.org/x/crypto	v0.36.0 -> v0.48.0
golang.org/x/mod	v0.24.0 -> v0.33.0
golang.org/x/net	v0.37.0 -> v0.50.0
golang.org/x/oauth2	v0.26.0 -> v0.35.0
golang.org/x/sys	v0.31.0 -> v0.41.0
golang.org/x/term	v0.30.0 -> v0.40.0
google.golang.org/api	v0.218.0 -> v0.260.0
google.golang.org/genproto	v0.0.0-20241118233622-e639e219e697 -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/api	v0.0.0-20250115164207-1a7da9e5054f -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/rpc	v0.0.0-20250115164207-1a7da9e5054f -> v0.0.0-20251222181119-0a764e51fe1b
google.golang.org/grpc	v1.70.0 -> v1.78.0
google.golang.org/protobuf	v1.36.5 -> v1.36.11
gotest.tools/v3	v3.5.0 -> v3.5.2
helm.sh/helm/v3	v3.17.2 -> v3.19.2
k8s.io/api	v0.32.3 -> v0.34.2
k8s.io/apiextensions-apiserver	v0.32.2 -> v0.34.0
k8s.io/apimachinery	v0.32.3 -> v0.34.2
k8s.io/apiserver	v0.32.2 -> v0.34.0
k8s.io/cli-runtime	v0.32.3 -> v0.34.0
k8s.io/client-go	v0.32.3 -> v0.34.1
k8s.io/component-base	v0.32.3 -> v0.34.0
k8s.io/kube-openapi	v0.0.0-20241105132330-32ad38e42d3f -> v0.0.0-20250710124328-f3f2b991d03b
k8s.io/kubectl	v0.32.3 -> v0.34.0
k8s.io/utils	v0.0.0-20241104100929-3ea5e8cea738 -> v0.0.0-20250820121507-0af2bda4dd1d
mvdan.cc/sh/v3	v3.11.0 -> v3.12.0
sigs.k8s.io/json	v0.0.0-20241010143419-9aa6b5e7a4b3 -> v0.0.0-20241014173422-cfa47c3a1cc8
sigs.k8s.io/kustomize/api	v0.18.0 -> v0.20.1
sigs.k8s.io/yaml	v1.4.0 -> v1.6.0