Skip to content

build(deps): bump the gomod group across 1 directory with 9 updates #7462

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Nov 17, 2025
Merged

build(deps): bump the gomod group across 1 directory with 9 updates #7462

merged 5 commits into from
Nov 17, 2025
+58 −54

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2025

Bumps the gomod group with 9 updates in the / directory:

Package From To
github.com/docker/cli 28.5.1+incompatible 28.5.2+incompatible
github.com/go-openapi/spec 0.22.0 0.22.1
github.com/go-openapi/strfmt 0.24.0 0.25.0
github.com/go-openapi/validate 0.25.0 0.25.1
github.com/ohler55/ojg 1.26.10 1.26.11
github.com/prometheus/common 0.67.1 0.67.2
github.com/quic-go/quic-go 0.55.0 0.56.0
github.com/replicatedhq/troubleshoot 0.123.11 0.123.12
go.opentelemetry.io/proto/otlp 1.8.0 1.9.0

Updates github.com/docker/cli from 28.5.1+incompatible to 28.5.2+incompatible

Commits
  • ecc6942 Merge pull request #6621 from thaJeztah/28.x_plugin_hide
  • c475c69 Plugin may set itself as hidden
  • 7494d2c cli: allManagementSubCommands: improve handling of plugin stubs
  • 5306df3 Merge pull request #6610 from thaJeztah/28.x_backport_deprecate_builder_utils
  • 5dbaa52 cli/command/image/build: deprecate ResolveAndValidateContextPath util
  • dd832b6 cli/command/image/build: deprecate WriteTempDockerfile util
  • a99e91c cli/command/image/build: deprecate DetectArchiveReader util
  • 579b72a cli/command/image/build: deprecate DefaultDockerfileName const
  • 6fc5891 Merge pull request #6560 from thaJeztah/28.x_backport_deprecations
  • 9af6cbc Merge pull request #6613 from thaJeztah/28.x_bump_go
  • Additional commits viewable in compare view

Updates github.com/go-openapi/spec from 0.22.0 to 0.22.1

Commits
  • f06cfff tests: replaced stretchr/testify by go-openapi/testify
  • 9da6d8d chore: updated license marks in source files
  • 3c1111c chore(linting): removed nolint directives when the linter has fixed false pos...
  • See full diff in compare view

Updates github.com/go-openapi/strfmt from 0.24.0 to 0.25.0

Commits
  • a235dd3 tests: replaced stretchr/testify by go-openapi/testify
  • b93d88e chore: updated license marks in source files
  • 398a468 build(deps): bump go.mongodb.org/mongo-driver
  • 68b6683 feat(format): add uuid7 string format support
  • ad12a81 build(deps): bump golang.org/x/net in the golang-org-dependencies group
  • 5c9b6bd chore(refact): assembled bson-dependent methods and tests
  • 5e4146b chore(deps): removed dependency to govalidator
  • See full diff in compare view

Updates github.com/go-openapi/validate from 0.25.0 to 0.25.1

Commits

Updates github.com/ohler55/ojg from 1.26.10 to 1.26.11

Release notes

Sourced from github.com/ohler55/ojg's releases.

v1.26.11

What's Changed

Full Changelog: ohler55/ojg@v1.26.10...v1.26.11

Changelog

Sourced from github.com/ohler55/ojg's changelog.

[1.26.11] - 2025-11-03

Fixed

  • Fixed recomposing nested anonymous structs.
Commits

Updates github.com/prometheus/common from 0.67.1 to 0.67.2

Release notes

Sourced from github.com/prometheus/common's releases.

v0.67.2 / 2025-10-28

What's Changed

New Contributors

Full Changelog: prometheus/common@v0.67.1...v0.67.2

Changelog

Sourced from github.com/prometheus/common's changelog.

v0.67.2 / 2025-10-28

What's Changed

New Contributors

Full Changelog: prometheus/common@v0.67.1...v0.67.2

Commits

Updates github.com/quic-go/quic-go from 0.55.0 to 0.56.0

Release notes

Sourced from github.com/quic-go/quic-go's releases.

v0.56.0

This release introduces qlog support for HTTP/3 (#5367, #5372, #5374, #5375, #5376, #5381, #5383).

For this, we completely changed how connection tracing works. Instead of a general-purpose logging.ConnectionTracer (which we removed entirely), we now have a qlog-specific tracer (#5356, #5417). quic-go users can now implement their own qlog events.

It also removes the Prometheus-based metrics collection. Please comment on the tracking issue (#5294) if you rely on metrics and are interested in seeing metrics brought back in a future release.

Notable Changes

  • replaced the unmaintained gojay with a custom, performance-optimized JSON encoder (#5353, #5371)
  • quicvarint: improved panic message for numbers larger than 2^62 (#5410)

Behind the Scenes

Go 1.25 introduced support for testing concurrent code using testing/synctest. We've been working on transitioning tests to use synctest (#5357, #5391, #5393, #5397, #5398, #5403, #5414, #5415), using @​MarcoPolo's simnet package to simulate a network in memory.

Using synctest makes test execution more reliable (reducing flakiness). The use of a synthetic clock leads to a massive speedup; the execution time of some integration tests was reduced from 20s to less than 1ms. The work will continue for the next release (see tracking issue: #5386).

Changelog

... (truncated)

Commits

Updates github.com/replicatedhq/troubleshoot from 0.123.11 to 0.123.12

Release notes

Sourced from github.com/replicatedhq/troubleshoot's releases.

v0.123.12

Changelog

  • cf2db49f86363fa6d91678c197f557aa2c2d080b applied native sidecar fix (#1914)
  • 05a7a2092eef861d1b84d5e4570e62e3c138abdc chore(deps): bump actions/download-artifact from 4 to 6 (#1908)
  • e28dc8e0803e8895e9f14541516ab434f5cd02e0 chore(deps): bump the security group across 1 directory with 7 updates (#1912)
  • b9da850d65a614c53ab9ea7c6850b710c3117673 chore(deps): bump actions/setup-go from 5 to 6 (#1899)
  • 0ecc72e86fb481fede2b3cb83897a35dd739aebc chore(deps): bump actions/checkout from 4 to 5 (#1900)
  • 6d3a1a004ef186984c750f59a4e3240f4782907a chore(deps): bump actions/setup-python from 5 to 6 (#1901)
  • e90a18fe0fbb75eddf81233a449eef379e84e809 chore(deps): bump actions/upload-artifact from 4 to 5 (#1909)
  • de1e3f4936cfb4a1892a6ce325066d97e958d97f chore(ci): skip regression-test workflow if dependabot (#1911)
Commits
  • cf2db49 applied native sidecar fix (#1914)
  • 05a7a20 chore(deps): bump actions/download-artifact from 4 to 6 (#1908)
  • e28dc8e chore(deps): bump the security group across 1 directory with 7 updates (#1912)
  • b9da850 chore(deps): bump actions/setup-go from 5 to 6 (#1899)
  • 0ecc72e chore(deps): bump actions/checkout from 4 to 5 (#1900)
  • 6d3a1a0 chore(deps): bump actions/setup-python from 5 to 6 (#1901)
  • e90a18f chore(deps): bump actions/upload-artifact from 4 to 5 (#1909)
  • de1e3f4 chore(ci): skip regression-test workflow if dependabot (#1911)
  • See full diff in compare view

Updates go.opentelemetry.io/proto/otlp from 1.8.0 to 1.9.0

Commits
  • 88af9ba Release v1.9.0 (#462)
  • 80a8eec chore(deps): update module github.com/cyphar/filepath-securejoin to v0.6.0 (#...
  • b727281 chore(deps): update module github.com/cyphar/filepath-securejoin to v0.5.1 (#...
  • 8faf5f6 chore(deps): update github/codeql-action action to v4.31.2 (#461)
  • f634804 chore(deps): update actions/upload-artifact action to v5 (#459)
  • 9e2ba7e chore(deps): update github/codeql-action action to v4.31.0 (#458)
  • 6568f81 chore(deps): update github/codeql-action action to v4.30.9 (#455)
  • 848d585 chore(deps): update github/codeql-action action to v4.30.8 (#453)
  • dbaa58d chore(deps): update github/codeql-action action to v4 (#452)
  • cbb6ab2 chore(deps): update module github.com/go-git/go-git/v5 to v5.16.3 (#444)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 10, 2025
@dependabot dependabot bot requested a review from a team as a code owner November 10, 2025 04:17
@dependabot dependabot bot added go Pull requests that update Go code dependencies Pull requests that update a dependency file labels Nov 10, 2025
@codecov
Copy link

codecov bot commented Nov 10, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.26%. Comparing base (f609278) to head (c214298).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7462      +/-   ##
==========================================
+ Coverage   71.57%   72.26%   +0.69%     
==========================================
  Files         231      231              
  Lines       42625    34084    -8541     
==========================================
- Hits        30507    24631    -5876     
+ Misses      10344     7676    -2668     
- Partials     1774     1777       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

dependabot bot and others added 2 commits November 14, 2025 07:35
@dependabot @zirain
build(deps): bump the gomod group across 1 directory with 9 updates
704d0d6 
Bumps the gomod group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/cli](https://github.com/docker/cli) | `28.5.1+incompatible` | `28.5.2+incompatible` |
| [github.com/go-openapi/spec](https://github.com/go-openapi/spec) | `0.22.0` | `0.22.1` |
| [github.com/go-openapi/strfmt](https://github.com/go-openapi/strfmt) | `0.24.0` | `0.25.0` |
| [github.com/go-openapi/validate](https://github.com/go-openapi/validate) | `0.25.0` | `0.25.1` |
| [github.com/ohler55/ojg](https://github.com/ohler55/ojg) | `1.26.10` | `1.26.11` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.67.1` | `0.67.2` |
| [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) | `0.55.0` | `0.56.0` |
| [github.com/replicatedhq/troubleshoot](https://github.com/replicatedhq/troubleshoot) | `0.123.11` | `0.123.12` |
| [go.opentelemetry.io/proto/otlp](https://github.com/open-telemetry/opentelemetry-proto-go) | `1.8.0` | `1.9.0` |



Updates `github.com/docker/cli` from 28.5.1+incompatible to 28.5.2+incompatible
- [Commits](docker/cli@v28.5.1...v28.5.2)

Updates `github.com/go-openapi/spec` from 0.22.0 to 0.22.1
- [Commits](go-openapi/spec@v0.22.0...v0.22.1)

Updates `github.com/go-openapi/strfmt` from 0.24.0 to 0.25.0
- [Commits](go-openapi/strfmt@v0.24.0...v0.25.0)

Updates `github.com/go-openapi/validate` from 0.25.0 to 0.25.1
- [Commits](go-openapi/validate@v0.25.0...v0.25.1)

Updates `github.com/ohler55/ojg` from 1.26.10 to 1.26.11
- [Release notes](https://github.com/ohler55/ojg/releases)
- [Changelog](https://github.com/ohler55/ojg/blob/develop/CHANGELOG.md)
- [Commits](ohler55/ojg@v1.26.10...v1.26.11)

Updates `github.com/prometheus/common` from 0.67.1 to 0.67.2
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](prometheus/common@v0.67.1...v0.67.2)

Updates `github.com/quic-go/quic-go` from 0.55.0 to 0.56.0
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Commits](quic-go/quic-go@v0.55.0...v0.56.0)

Updates `github.com/replicatedhq/troubleshoot` from 0.123.11 to 0.123.12
- [Release notes](https://github.com/replicatedhq/troubleshoot/releases)
- [Commits](replicatedhq/troubleshoot@v0.123.11...v0.123.12)

Updates `go.opentelemetry.io/proto/otlp` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-proto-go/releases)
- [Commits](open-telemetry/opentelemetry-proto-go@v1.8.0...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-version: 28.5.2+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/go-openapi/spec
  dependency-version: 0.22.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/go-openapi/strfmt
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/go-openapi/validate
  dependency-version: 0.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/ohler55/ojg
  dependency-version: 1.26.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/prometheus/common
  dependency-version: 0.67.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/quic-go/quic-go
  dependency-version: 0.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/replicatedhq/troubleshoot
  dependency-version: 0.123.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: go.opentelemetry.io/proto/otlp
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <[email protected]>
@zirain
fix gen
6d60081 
Signed-off-by: zirain <[email protected]>
@zirain zirain force-pushed the dependabot/go_modules/gomod-f4028b40dd branch from 439b199 to 6d60081 Compare November 13, 2025 23:35
@zirain zirain enabled auto-merge (squash) November 14, 2025 06:55
@zirain
Copy link
Member

zirain commented Nov 16, 2025

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 16, 2025

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@zirain
Copy link
Member

zirain commented Nov 16, 2025

/retest

@zirain zirain merged commit c29a629 into main Nov 17, 2025
93 of 101 checks passed
@zirain zirain deleted the dependabot/go_modules/gomod-f4028b40dd branch November 17, 2025 02:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rudrakhp rudrakhp rudrakhp approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@zirain @rudrakhp