Skip to content

chore(deps): bump the security group across 1 directory with 13 updates #1928

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

chore(deps): bump the security group across 1 directory with 13 updates #1928

wants to merge 2 commits into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2025
edited
Loading

Bumps the security group with 10 updates in the / directory:

Package From To
github.com/godbus/dbus/v5 5.1.0 5.2.0
github.com/microsoft/go-mssqldb 1.9.3 1.9.4
golang.org/x/mod 0.29.0 0.30.0
k8s.io/api 0.34.1 0.34.2
k8s.io/apiextensions-apiserver 0.34.1 0.34.2
k8s.io/cli-runtime 0.34.1 0.34.2
k8s.io/kubernetes 1.34.1 1.34.2
helm.sh/helm/v3 3.19.0 3.19.2
k8s.io/kubelet 0.34.1 0.34.2
k8s.io/metrics 0.34.1 0.34.2

Updates github.com/godbus/dbus/v5 from 5.1.0 to 5.2.0

Release notes

Sourced from github.com/godbus/dbus/v5's releases.

v5.2.0

What's Changed

New Contributors

... (truncated)

Commits
  • b363148 Merge pull request #418 from godbus/removing-sha1
  • f55ce2f Merge pull request #391 from godbus/fix/struct_variant
  • ec919d8 auth: move getHomeDir to only be included on Windows as well
  • efac43f variant: don't output unneeded space when formatting structs
  • 9364740 add support for struct entities in MakeVariant
  • 99fac80 auth: disable sha1 by default on non-windows
  • 2d48ce5 Merge pull request #417 from godbus/unix-conn
  • 572a6c0 transport_unix: remove unneeded error return
  • caee758 conn_unix: add DialUnix and ConnectUnix
  • ae878af transport_unix: add newUnixTransportFromConn
  • Additional commits viewable in compare view

Updates github.com/microsoft/go-mssqldb from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/microsoft/go-mssqldb's releases.

v1.9.4

What's Changed

New Contributors

Full Changelog: microsoft/go-mssqldb@v1.9.3...v1.9.4

Changelog

Sourced from github.com/microsoft/go-mssqldb's changelog.

Changelog

Commits

Updates golang.org/x/mod from 0.29.0 to 0.30.0

Commits
  • 7416265 go.mod: update golang.org/x dependencies
  • 5517a71 all: fix some comments
  • b6cdd1a modfile: use reflect.TypeFor instead of reflect.TypeOf
  • See full diff in compare view

Updates k8s.io/api from 0.34.1 to 0.34.2

Commits

Updates k8s.io/apiextensions-apiserver from 0.34.1 to 0.34.2

Commits

Updates k8s.io/apimachinery from 0.34.1 to 0.34.2

Commits

Updates k8s.io/apiserver from 0.34.1 to 0.34.2

Commits
  • 92c4c2c Update dependencies to v0.34.2 tag
  • d24fa2b Merge pull request #134500vikasbolla/automated-cherry-pick-of-#133310
  • 67ad9b5 authz tests: delay response in context cancelled scenario
  • See full diff in compare view

Updates k8s.io/cli-runtime from 0.34.1 to 0.34.2

Commits

Updates k8s.io/client-go from 0.34.1 to 0.34.2

Commits
  • 54601aa Update dependencies to v0.34.2 tag
  • 1bb1ad2 Merge pull request #134589liggitt/automated-cherry-pick-of-#134588
  • 2505205 Remove invalid SAN certificate construction
  • 7ffba0f Merge pull request #134004DerekFrank/automated-cherry-pick-of-#133573
  • 145cb8f gofmt and review feedback
  • ddcdc12 fix: Update unit test to catch actual nil Labels case and fix functionality t...
  • See full diff in compare view

Updates k8s.io/kubernetes from 1.34.1 to 1.34.2

Release notes

Sourced from k8s.io/kubernetes's releases.

Kubernetes v1.34.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Commits

Updates helm.sh/helm/v3 from 3.19.0 to 3.19.2

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.19.2 is a patch release. It is a rebuild of the v3.19.1 release with no code changes.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.19.2. The common platform binaries are here:

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

  • 3.19.3 and 4.0.1 are the next patch releases and will be on December 10, 2025
  • 3.20.0 and 4.1.0 is the next minor releases and will be on January 21, 2026

Changelog

  • [backport] fix: get-helm-3 script use helm3-latest-version 8766e718a0119851f10ddbe4577593a45fadf544 (George Jenkins)

Helm v3.19.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

  • Join the discussion in Kubernetes Slack:
    • for questions and just to hang out
    • for discussing PRs, code, and bugs
  • Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
  • Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.19.1. The common platform binaries are here:

... (truncated)

Commits
  • 8766e71 [backport] fix: get-helm-3 script use helm3-latest-version
  • 4f953c2 chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29
  • 6801f4d jsonschema: warn and ignore unresolved URN $ref to match v3.18.4
  • 2f619be Avoid "panic: interface conversion: interface {} is nil"
  • 8112d47 Fix helm pull untar dir check with repo urls
  • 5dff7ce Fix deprecation warning
  • 2dad4d2 chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
  • a833710 Add timeout flag to repo add and update flags
  • 3f5d2e2 Merge pull request #31407 from dirkmueller/release-3.19
  • 2e12c81 chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.43.0
  • See full diff in compare view

Updates k8s.io/kubelet from 0.34.1 to 0.34.2

Commits

Updates k8s.io/metrics from 0.34.1 to 0.34.2

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@xavpaice
Copy link
Member

xavpaice commented Nov 24, 2025

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/go_modules/security-2352ec8c16 branch from 441f65f to 6c1311f Compare November 24, 2025 03:16
@dependabot
chore(deps): bump the security group across 1 directory with 13 updates
287ee36 
Bumps the security group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) | `5.1.0` | `5.2.0` |
| [github.com/microsoft/go-mssqldb](https://github.com/microsoft/go-mssqldb) | `1.9.3` | `1.9.4` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.29.0` | `0.30.0` |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.34.1` | `0.34.2` |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.34.1` | `0.34.2` |
| [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.34.1` | `0.34.2` |
| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.34.1` | `1.34.2` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.19.0` | `3.19.2` |
| [k8s.io/kubelet](https://github.com/kubernetes/kubelet) | `0.34.1` | `0.34.2` |
| [k8s.io/metrics](https://github.com/kubernetes/metrics) | `0.34.1` | `0.34.2` |



Updates `github.com/godbus/dbus/v5` from 5.1.0 to 5.2.0
- [Release notes](https://github.com/godbus/dbus/releases)
- [Commits](godbus/dbus@v5.1.0...v5.2.0)

Updates `github.com/microsoft/go-mssqldb` from 1.9.3 to 1.9.4
- [Release notes](https://github.com/microsoft/go-mssqldb/releases)
- [Changelog](https://github.com/microsoft/go-mssqldb/blob/main/CHANGELOG.md)
- [Commits](microsoft/go-mssqldb@v1.9.3...v1.9.4)

Updates `golang.org/x/mod` from 0.29.0 to 0.30.0
- [Commits](golang/mod@v0.29.0...v0.30.0)

Updates `k8s.io/api` from 0.34.1 to 0.34.2
- [Commits](kubernetes/api@v0.34.1...v0.34.2)

Updates `k8s.io/apiextensions-apiserver` from 0.34.1 to 0.34.2
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.34.1...v0.34.2)

Updates `k8s.io/apimachinery` from 0.34.1 to 0.34.2
- [Commits](kubernetes/apimachinery@v0.34.1...v0.34.2)

Updates `k8s.io/apiserver` from 0.34.1 to 0.34.2
- [Commits](kubernetes/apiserver@v0.34.1...v0.34.2)

Updates `k8s.io/cli-runtime` from 0.34.1 to 0.34.2
- [Commits](kubernetes/cli-runtime@v0.34.1...v0.34.2)

Updates `k8s.io/client-go` from 0.34.1 to 0.34.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.34.1...v0.34.2)

Updates `k8s.io/kubernetes` from 1.34.1 to 1.34.2
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](kubernetes/kubernetes@v1.34.1...v1.34.2)

Updates `helm.sh/helm/v3` from 3.19.0 to 3.19.2
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.19.0...v3.19.2)

Updates `k8s.io/kubelet` from 0.34.1 to 0.34.2
- [Commits](kubernetes/kubelet@v0.34.1...v0.34.2)

Updates `k8s.io/metrics` from 0.34.1 to 0.34.2
- [Commits](kubernetes/metrics@v0.34.1...v0.34.2)

---
updated-dependencies:
- dependency-name: github.com/godbus/dbus/v5
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: github.com/microsoft/go-mssqldb
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: golang.org/x/mod
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: k8s.io/api
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/apiserver
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/cli-runtime
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/kubernetes
  dependency-version: 1.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/kubelet
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
- dependency-name: k8s.io/metrics
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/security-2352ec8c16 branch from 6c1311f to 287ee36 Compare November 24, 2025 22:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies go type::security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@xavpaice