Update go modules (main) (patch)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cuelang.org/go	v0.15.3 → v0.15.4
github.com/cucumber/godog	v0.15.0 → v0.15.1
github.com/daixiang0/gci	v0.13.5 → v0.13.7
github.com/evanphx/json-patch	v5.9.0+incompatible → v5.9.11+incompatible
github.com/evanphx/json-patch/v5	v5.9.0 → v5.9.11
github.com/gkampitakis/go-snaps	v0.5.7 → v0.5.19
github.com/google/go-containerregistry	v0.20.7 → v0.20.8
github.com/open-policy-agent/opa	v1.12.1 → v1.12.3
github.com/otiai10/copy	v1.14.0 → v1.14.1
github.com/package-url/packageurl-go	v0.1.3 → v0.1.4
github.com/sigstore/cosign/v3	v3.0.4 → v3.0.5
github.com/spdx/tools-golang	v0.5.5 → v0.5.7
github.com/tektoncd/chains	v0.22.2 → v0.22.3
github.com/tektoncd/cli	v0.38.0 → v0.38.2
github.com/tektoncd/cli	v0.37.1 → v0.37.3
github.com/testcontainers/testcontainers-go	v0.34.0 → v0.34.1
gotest.tools/gotestsum	v1.12.1 → v1.12.3
helm.sh/helm/v3	v3.18.5 → v3.18.6
k8s.io/api	v0.35.0 → v0.35.1
k8s.io/apiextensions-apiserver	v0.34.2 → v0.34.4
k8s.io/apimachinery	v0.35.0 → v0.35.1
k8s.io/client-go	v0.35.0 → v0.35.1
k8s.io/kubernetes	v1.34.2 → v1.34.5

---

Release Notes

cue-lang/cue (cuelang.org/go)

v0.15.4

Compare Source

Evaluator

Fix a panic which could occur when using the error built-in with cyclic references.

Fix a panic which could occur when loading @experiment(aliasv2) syntax with an invalid alias name.

cmd/cue

Relax the cue login --token validation to allow future Central Registry token types.

Encodings

Fix a bug in the TOML decoder where nested arrays were causing incorrect "duplicate key" errors.

Full list of changes since v0.15.3

• internal/cueversion: bump LanguageVersion for v0.15.4 by @​mvdan in 50c137c
• internal/ci: bump Go and goreleaser for v0.15.4 by @​mvdan in 8e3eaa9
• cmd/cue: relax login --token prefix validation by @​rustyx in d0bd478
• cue/ast/astutil: fix nil pointer dereference in postfix alias error by @​mvdan in c5df0af
• internal/core/debug: fix stack overflow in error formatting by @​mvdan in bf7a40d
• encoding/toml: correctly check for duplicate keys with arrays by @​mvdan in 4a5fd52

cucumber/godog (github.com/cucumber/godog)

v0.15.1

Compare Source

Added

• Step text is added to "step is undefined" error - (669 - vearutop)
• Localisation support by @​MegaGrindStone in #​665
• feat: support uint types by @​chengxilo in #​695

Changed

• Replace deprecated ::set-output - (681 - nodeg)

Fixed

• fix(errors): fix(errors): Fix expected Step argument count for steps with context.Context (679 - tigh-latte)
• fix(formatter): On concurrent execution, execute formatter at end of Scenario - (645 - tigh-latte)
• Pretty printing results now prints the line where the step is declared instead of the line where the handler is declared. (668 - spencerc)
• Update honnef.co/go/tools/cmd/staticcheck version in Makefile by @​RezaZareiii in #​670
• fix: verify dogT exists in the context before using it by @​cakoolen in #​692
• fix: change bang to being in README by @​nahomEagleLion in #​687
• Mark junit test cases as skipped if no pickle step results available by @​mrsheepuk in #​597
• Print step declaration line instead of handler declaration line by @​SpencerC in #​668

daixiang0/gci (github.com/daixiang0/gci)

v0.13.7

Compare Source

What's Changed

• fix: scrape all goos/goarch pair for stdlib by @​Zxilly in #​208
• chore: get module info from pass by @​ldez in #​221
• chore: remove analyzer by @​ldez in #​222
• feat: update standard list to go1.25 by @​ldez in #​233
• bump up version by @​daixiang0 in #​234

New Contributors

• @​Zxilly made their first contribution in #​208

Full Changelog: daixiang0/gci@v0.13.6...v0.13.7

v0.13.6

Compare Source

What's Changed

• fix: update standard list to go1.24 by @​ldez in #​227
• bump up version by @​daixiang0 in #​229

Full Changelog: daixiang0/gci@v0.13.5...v0.13.6

evanphx/json-patch (github.com/evanphx/json-patch)

v5.9.11+incompatible

Compare Source

v5.9.10+incompatible

Compare Source

gkampitakis/go-snaps (github.com/gkampitakis/go-snaps)

v0.5.19

Compare Source

What's Changed

• fix: use backticks for inline snaps when appropriate by @​gkampitakis in #​149

Full Changelog: gkampitakis/go-snaps@0.5.18...v0.5.19

v0.5.18

Compare Source

v0.5.17

Compare Source

v0.5.16

Compare Source

What's Changed

• fix: don't drop /r character when scanning by @​gkampitakis in #​139
• chore: replace vendored go-diff with upstream by @​gkampitakis in #​143
• chore: update golangci-lint to v2 by @​G-Rath in #​141
• fix: detect no_color support by @​gkampitakis in #​123
• experimenting with inline snapshot support by @​gkampitakis in #​70

Full Changelog: gkampitakis/go-snaps@v0.5.15...v0.5.16

v0.5.15

Compare Source

What's Changed

• test: explicitly return named variables by @​G-Rath in #​137
• ci: show diff after running linting by @​G-Rath in #​136
• fix: only update snapshots when actually allowed by @​G-Rath in #​135

Full Changelog: gkampitakis/go-snaps@v0.5.14...v0.5.15

v0.5.14

Compare Source

What's Changed

• feat: snaps.Clean now returns if snaps dirty and err by @​gkampitakis in #​131

Full Changelog: gkampitakis/go-snaps@v0.5.13...v0.5.14

v0.5.13

Compare Source

What's Changed

• feat: support MatchStandaloneYAML by @​gkampitakis in #​128
• chore: update go-yaml and gh-action deps by @​gkampitakis in #​129

Full Changelog: gkampitakis/go-snaps@v0.5.12...v0.5.13

v0.5.12

Compare Source

What's Changed

• feat: add UPDATE_SNAPS=always for updating and creating snaps on CI setup by @​gkampitakis in #​126

Full Changelog: gkampitakis/go-snaps@v0.5.11...v0.5.12

v0.5.11

Compare Source

What's Changed

• feat: add json format config by @​kitimark in #​121

New Contributors

• @​kitimark made their first contribution in #​121

Full Changelog: gkampitakis/go-snaps@v0.5.10...v0.5.11

v0.5.10

Compare Source

What's Changed

• fix: handle builds with trimpath enabled by @​gkampitakis in #​120

Full Changelog: gkampitakis/go-snaps@v0.5.9...v0.5.10

v0.5.9

Compare Source

What's Changed

• fix: snaps.Update should apply and on snapshot create by @​gkampitakis in #​119

Full Changelog: gkampitakis/go-snaps@v0.5.8...v0.5.9

Kudos to @​orloffv for this issue #​116

v0.5.8

Compare Source

What's Changed

• feat: implement matchYAML by @​gkampitakis in #​114
• feat: implement matchStandaloneJSON by @​gkampitakis in #​113

Full Changelog: gkampitakis/go-snaps@v0.5.7...v0.5.8

google/go-containerregistry (github.com/google/go-containerregistry)

v0.20.8

Compare Source

open-policy-agent/opa (github.com/open-policy-agent/opa)

v1.12.3

Compare Source

v1.12.3

This is a bug fix release addressing two issues:

Bundle polling is being misconfigured when discovery bundle is updated (#​8215)

This is an issue where the polling interval for discovery (discovery.polling.min_delay_seconds and discovery.polling.max_delay_seconds) were misinterpreted on reconfiguration, causing extremely long update intervals.

Reported by @​loganmiller-chime, authored by @​sspaink

Decision log size buffer buffer_size_limit_bytes misconfigured during reconfiguration (#​8213)

This is a regression in the decision log, where the decision_logs.reporting.buffer_size_limit_bytes was mistakenly assigned the value of decision_logs.reporting.upload_size_limit_bytes during reconfiguration.
This issue is only present when decision_logs.reporting.buffer_type is set to size, which is the default value.

Authored by @​sspaink

v1.12.2

Compare Source

This bug fix release address issues found in the new string interpolation feature

• Add (*TemplateString).Copy() method (#​8159) authored by @​anderseknert
• Fix template string not serialized with escaped { (#​8161)
  authored by @​anderseknert
• fix(ast): skip template string vars in ref safety (#​8174)
  authored by @​thevilledev
• fix(ast): use original var names in template error (#​8180)
  authored by @​thevilledev

otiai10/copy (github.com/otiai10/copy)

v1.14.1

Compare Source

package-url/packageurl-go (github.com/package-url/packageurl-go)

v0.1.4

Compare Source

What's Changed

• Fix golangci and update versions by @​shibumi in #​76
• Allow npm names to be case sensitive by @​PFCM in #​73
• add custom validation for pkg:cpan by @​petergardfjall in #​79
• move cpan to known types by @​nikpivkin in #​71
• Run tests using reference data from purl-spec by @​keshav-space in #​80
• update code to honor the canonical purl encoding by @​petergardfjall in #​83

New Contributors

• @​PFCM made their first contribution in #​73
• @​nikpivkin made their first contribution in #​71
• @​keshav-space made their first contribution in #​80

Full Changelog: package-url/packageurl-go@v0.1.3...v0.1.4

sigstore/cosign (github.com/sigstore/cosign/v3)

v3.0.5

Compare Source

Deprecations

• Deprecate rekor-entry-type flag (#​4691)
• Deprecate cosign triangulate (#​4676)
• Deprecate cosign copy (#​4681)

Features

• Automatically require signed timestamp with Rekor v2 entries (#​4666)
• Allow --local-image with --new-bundle-format for v2 and v3 signatures (#​4626)
• Add mTLS support for TSA client connections when signing with a signing config (#​4620)
• Enforce TSA requirement for Rekor v2, Fuclio signing (#​4683)

Bug Fixes

• Add empty predicate to cosign sign when payload type is application/vnd.in-toto+json (#​4635)
• fix: avoid panic on malformed attestation payload (#​4651)
• fix: avoid panic on malformed tlog entries (#​4649)
• fix: avoid panic on malformed replace payload (#​4653)
• Gracefully fail if bundle payload body is not a string (#​4648)
• Verify validity of chain rather than just certificate (#​4663)
• fix: avoid panic on malformed tlog entry body (#​4652)

Documentation

• docs(cosign): clarify RFC3161 revocation semantics (#​4642)
• Fix typo in CLI help (#​4701)

spdx/tools-golang (github.com/spdx/tools-golang)

v0.5.7

Compare Source

What's Changed

• Fail parsing if the required prefix isn't present for IDs by @​awyeth in #​275

New Contributors

• @​awyeth made their first contribution in #​275

Full Changelog: spdx/tools-golang@v0.5.6...v0.5.7

v0.5.6

Compare Source

What's Changed

• Change the colon and space separator to just a colon by @​warpkwd in #​254
• build(deps): Bump sigs.k8s.io/yaml to 1.6.0 by @​dependabot[bot] in #​259
• Resolve two issues related to ExternalDocumentRef by @​KAWAHARA-souta in #​269
• fix: Fix prefixDocumentId() to use correct prefix by @​KAWAHARA-souta in #​272

New Contributors

• @​warpkwd made their first contribution in #​254
• @​KAWAHARA-souta made their first contribution in #​269

Full Changelog: spdx/tools-golang@v0.5.5...v0.5.6

tektoncd/chains (github.com/tektoncd/chains)

v0.22.3: Tekton Chains release v0.22.3 "v0.22.3"

Compare Source

-Docs @​ v0.22.3
-Examples @​ v0.22.3

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.3/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82

Obtain the attestation:

REKOR_UUID=108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/chains/previous/v0.22.3/release.yaml
REKOR_UUID=108e9186e8c5677abc5f8010a0a21be4daa53325a217f4df92955848f73f226c6ed054c429fb9f82

### Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.22.3@​sha256:" + .digest.sha256')

### Download the release file
curl "$RELEASE_FILE" > release.yaml

### For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
  printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Fixes

• 🐛 Fix nil-pointer references (#​1286 and #​1246)

Misc

• 🔨 Upgrade golang.org/x/crypto to 0.31.0 (#​1269)

Thanks

Thanks to these contributors who contributed to v0.22.3!

• ❤️ @​jkhelil
• ❤️ @​lcarva
• ❤️ @​savitaashture
• ❤️ @​tekton-robot

Extra shout-out for awesome release notes:

• 😍 @​jkhelil
• 😍 @​lcarva
• 😍 @​savitaashture
• 😍 @​tekton-robot

tektoncd/cli (github.com/tektoncd/cli)

v0.38.2

Compare Source

v0.38.2 Release 🎉

This is a bug fix release for CVEs GHSA-w32m-9786-jp63 on golang.org/x/net and GHSA-v778-237x-gjrc on golang.org/x/crypto.

ChangeLog 📋

Misc 🔨

• Bump golang.org/x/net from 0.30.0 to 0.33.0 #​2473
• Bump golang.org/x/crypto from 0.28.0 to 0.31.0 #​2447

v0.38.1

Compare Source

v0.38.1 Release 🎉

This is a bug fix release as tkn start was failing with tkn version v0.38.0 release and old(er) pipeline version. This release comes with Pipelines v0.62.3 and Triggers version v0.29.1

ChangeLog 📋

Misc 🔨

• Bump tektoncd/pipeline to v0.62.3 #​2392
• Bump github.com/tektoncd/triggers from 0.29.0 to 0.29.1 #​2394

testcontainers/testcontainers-go (github.com/testcontainers/testcontainers-go)

v0.34.1

Compare Source

gotestyourself/gotestsum (gotest.tools/gotestsum)

v1.12.3

Compare Source

What's Changed

• Bump golang.org/x/tools from 0.24.0 to 0.33.0 by @​dependabot in #​496
• Bump golang.org/x/term from 0.29.0 to 0.32.0 by @​dependabot in #​494
• feat: add the --rerun-fails-abort-on-data-race flag by @​hugodutka in #​497
• Bump golang.org/x/tools from 0.33.0 to 0.34.0 by @​dependabot in #​501

New Contributors

• @​hugodutka made their first contribution in #​497

Full Changelog: gotestyourself/gotestsum@v1.12.2...v1.12.3

v1.12.2

Compare Source

What's Changed

• Bump gotest.tools/v3 from 3.5.1 to 3.5.2 by @​dependabot in #​463
• Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @​dependabot in #​468
• Bump github.com/fatih/color from 1.17.0 to 1.18.0 by @​dependabot in #​446
• Use event times for elapsed by @​dnephin in #​482
• feat: support for hidding skipped tests in the junit report by @​v1v in #​478

New Contributors

• @​v1v made their first contribution in #​478

Full Changelog: gotestyourself/gotestsum@v1.12.1...v1.12.2

helm/helm (helm.sh/helm/v3)

v3.18.6: Helm v3.18.6

Compare Source

Helm v3.18.6 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.18.6. The common platform binaries are here:

• MacOS amd64 (checksum / 80cad0470e38cf25731cdead7c32dfbeb887bc177bd6fa01e31b065722f8f06b)
• MacOS arm64 (checksum / 48e30d236a1f334c6acb78501be5a851eaa2a267fefeb1131b6484eb2f9f30d7)
• Linux amd64 (checksum / 3f43c0aa57243852dd542493a0f54f1396c0bc8ec7296bbb2c01e802010819ce)
• Linux arm (checksum / 13156fbe87a9db201b7d8fd0b42dee2a2e76a77388ea3bd59e3074cfa49d3619)
• Linux arm64 (checksum / 5b8e00b6709caab466cbbb0bc29ee09059b8dc9417991dd04b497530e49b1737)
• Linux i386 (checksum / d245db7c80edaf47bc42d3fab0b79d2e75d63fa49d06bc0ca599686ebdbd1422)
• Linux ppc64le (checksum / 61eac730dac2029d7acf1c53bd0b1056f78ca2c3f915da7fa3995e74c021eae8)
• Linux s390x (checksum / c6435c220b2577abea11ee9281fda8a5164583fb1f502702f6ef5c2b4347e38f)
• Linux riscv64 (checksum / cea696b01b66fad76b24d9ef28a86802b0931cbc25cec687e8469589438995eb)
• Windows amd64 (checksum / 4263320a8d70df0bb1e245534fba1b541f9889005cdb68dec9798b197c3f66b0)
• Windows arm64 (checksum / fdff469f270d8a155d9289843b92f7b00b2ca353b8ec61532e920eeb3fc2b480)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.19.0 is the next minor release and will be on September 11, 2025

Changelog

• fix(helm-lint): fmt b76a950 (Isaiah Lewis)
• fix(helm-lint): Add TLSClientConfig b79a421 (Isaiah Lewis)
• fix(helm-lint): Add HTTP/HTTPS URL support for json schema references b9180e6 (Isaiah Lewis)

kubernetes/api (k8s.io/api)

v0.35.1

Compare Source

kubernetes/apiextensions-apiserver (k8s.io/apiextensions-apiserver)

v0.34.4

Compare Source

v0.34.3

Compare Source

kubernetes/apimachinery (k8s.io/apimachinery)

v0.35.1

Compare Source

kubernetes/client-go (k8s.io/client-go)

v0.35.1

Compare Source

kubernetes/kubernetes (k8s.io/kubernetes)

v1.34.5

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.34.4

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.34.3: Kubernetes v1.34.3

Compare Source

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: acceptance/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 27 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.25.3 -> 1.25.5
github.com/in-toto/in-toto-golang	v0.9.0 -> v0.9.1-0.20240317085821-8e2966059a09
github.com/secure-systems-lab/go-securesystemslib	v0.9.1 -> v0.10.0
golang.org/x/exp	v0.0.0-20250620022241-b7579e27df2b -> v0.0.0-20251023183803-a4bb9ffd2546
github.com/docker/docker	v28.3.3+incompatible -> v28.5.2+incompatible
github.com/gkampitakis/ciinfo	v0.3.0 -> v0.3.2
github.com/golang/snappy	v0.0.4 -> v1.0.0
github.com/google/cel-go	v0.26.0 -> v0.26.1
github.com/grpc-ecosystem/grpc-gateway/v2	v2.27.3 -> v2.27.5
github.com/prometheus/common	v0.67.4 -> v0.67.5
github.com/prometheus/procfs	v0.17.0 -> v0.19.2
github.com/sigstore/rekor-tiles/v2	v2.0.1 -> v2.2.0
github.com/sirupsen/logrus	v1.9.4-0.20230606125235-dd1b4c2e81af -> v1.9.4
github.com/stoewer/go-strcase	v1.3.0 -> v1.3.1
github.com/theupdateframework/go-tuf/v2	v2.3.0 -> v2.4.1
github.com/tidwall/gjson	v1.17.3 -> v1.18.0
golang.org/x/crypto	v0.46.0 -> v0.47.0
golang.org/x/mod	v0.31.0 -> v0.32.0
golang.org/x/net	v0.48.0 -> v0.49.0
golang.org/x/oauth2	v0.34.0 -> v0.35.0
golang.org/x/sys	v0.39.0 -> v0.40.0
golang.org/x/term	v0.38.0 -> v0.39.0
golang.org/x/text	v0.32.0 -> v0.33.0
gomodules.xyz/jsonpatch/v2	v2.4.0 -> v2.5.0
google.golang.org/api	v0.260.0 -> v0.267.0
google.golang.org/genproto/googleapis/api	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409
google.golang.org/genproto/googleapis/rpc	v0.0.0-20251222181119-0a764e51fe1b -> v0.0.0-20260203192932-546029d2fa20
knative.dev/pkg	v0.0.0-20250117084104-c43477f0052b -> v0.0.0-20250415155312-ed3e2158b883

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 39 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.25.3 -> 1.25.5
golang.org/x/exp	v0.0.0-20250911091902-df9299821621 -> v0.0.0-20251023183803-a4bb9ffd2546
cloud.google.com/go	v0.121.6 -> v0.123.0
cloud.google.com/go/auth	v0.18.0 -> v0.18.1
cloud.google.com/go/storage	v1.57.1 -> v1.59.1
github.com/anchore/go-struct-converter	v0.0.0-20230627203149-c72ef8859ca9 -> v0.1.0
github.com/aws/aws-sdk-go-v2	v1.41.0 -> v1.41.1
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	v1.7.1 -> v1.7.4
github.com/aws/aws-sdk-go-v2/config	v1.32.5 -> v1.32.7
github.com/aws/aws-sdk-go-v2/credentials	v1.19.5 -> v1.19.7
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.18.16 -> v1.18.17
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.4.16 -> v1.4.17
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.7.16 -> v2.7.17
github.com/aws/aws-sdk-go-v2/internal/v4a	v1.4.9 -> v1.4.16
github.com/aws/aws-sdk-go-v2/service/internal/checksum	v1.8.9 -> v1.9.7
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.13.16 -> v1.13.17
github.com/aws/aws-sdk-go-v2/service/internal/s3shared	v1.19.9 -> v1.19.16
github.com/aws/aws-sdk-go-v2/service/s3	v1.88.3 -> v1.93.1
github.com/aws/aws-sdk-go-v2/service/signin	v1.0.4 -> v1.0.5
github.com/aws/aws-sdk-go-v2/service/sso	v1.30.7 -> v1.30.9
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.35.12 -> v1.35.13
github.com/aws/aws-sdk-go-v2/service/sts	v1.41.5 -> v1.41.6
github.com/gkampitakis/ciinfo	v0.3.0 -> v0.3.2
github.com/google/cel-go	v0.26.1 -> v0.27.0
github.com/googleapis/enterprise-certificate-proxy	v0.3.9 -> v0.3.11
github.com/googleapis/gax-go/v2	v2.16.0 -> v2.17.0
github.com/grpc-ecosystem/grpc-gateway/v2	v2.27.3 -> v2.27.5
github.com/miekg/pkcs11	v1.1.1 -> v1.1.2
github.com/prometheus/common	v0.67.4 -> v0.67.5
github.com/prometheus/procfs	v0.17.0 -> v0.19.2
github.com/sigstore/fulcio	v1.8.4 -> v1.8.5
github.com/sigstore/rekor-tiles/v2	v2.0.1 -> v2.2.0
github.com/theupdateframework/go-tuf/v2	v2.3.0 -> v2.4.1
github.com/tidwall/gjson	v1.17.0 -> v1.18.0
gitlab.com/gitlab-org/api/client-go	v1.11.0 -> v1.25.0
golang.org/x/mod	v0.31.0 -> v0.32.0
golang.org/x/oauth2	v0.34.0 -> v0.35.0
google.golang.org/api	v0.260.0 -> v0.267.0
google.golang.org/genproto	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409
google.golang.org/genproto/googleapis/api	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409

File name: tools/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated

Details:

Package	Change
github.com/tektoncd/triggers	v0.29.0 -> v0.29.1