Skip to content

chore(deps): bump the go-minor group with 24 updates#6601

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-minor-8f6db16646
Open

chore(deps): bump the go-minor group with 24 updates#6601
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-minor-8f6db16646

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-minor group with 24 updates:

Package From To
code.gitea.io/sdk/gitea 0.22.1 0.25.1
connectrpc.com/grpchealth 1.4.0 1.5.0
github.com/Azure/azure-sdk-for-go/sdk/azcore 1.20.0 1.22.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity 1.13.1 1.14.0
github.com/Masterminds/semver/v3 3.4.0 3.5.0
github.com/aws/aws-sdk-go-v2/service/ecr 1.55.4 1.59.0
github.com/bmatcuk/doublestar/v4 4.9.2 4.10.0
github.com/coreos/go-oidc/v3 3.17.0 3.20.0
github.com/cyphar/filepath-securejoin 0.6.1 0.7.0
github.com/gin-gonic/gin 1.11.0 1.12.0
github.com/go-openapi/runtime 0.31.0 0.32.4
github.com/goccy/go-yaml 1.18.0 1.19.2
github.com/google/go-containerregistry 0.20.7 0.21.7
github.com/jferrl/go-githubauth 1.5.1 1.7.0
github.com/klauspost/compress 1.18.7 1.19.0
github.com/pelletier/go-toml/v2 2.2.4 2.4.3
gitlab.com/gitlab-org/api/client-go 1.13.0 1.46.0
go.uber.org/zap 1.27.1 1.28.0
golang.org/x/crypto 0.53.0 0.54.0
golang.org/x/oauth2 0.34.0 0.36.0
golang.org/x/sync 0.21.0 0.22.0
golang.org/x/text 0.38.0 0.40.0
google.golang.org/api 0.259.0 0.288.0
helm.sh/helm/v3 3.19.5 3.21.3

Updates code.gitea.io/sdk/gitea from 0.22.1 to 0.25.1

Updates connectrpc.com/grpchealth from 1.4.0 to 1.5.0

Release notes

Sourced from connectrpc.com/grpchealth's releases.

v1.5.0

What's Changed

Governance

Add @​timostamm as a maintainer in connectrpc/grpchealth-go#80 🎉

Enhancements

Other changes

Full Changelog: connectrpc/grpchealth-go@v1.4.0...v1.5.0

Commits

Updates github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.20.0 to 1.22.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.22.0

1.22.0 (2026-06-04)

Features Added

  • Added type datetime.RFC7231 for date/time values in RFC 1123 format with a fixed GMT timezone.

Other Changes

  • Upgraded dependencies.
Commits
  • a19f613 Prep azcore@v1.22.0 for release (#26926)
  • 5803c0e Increment package version after release of storage/azblob (#26935) (#26943)
  • 9a979ff [Automation] Regenerate SDK based on typespec-go branch main 【batch 6】 (#26939)
  • 711094d eng/tools/generator: release v0.4.14 (#26934)
  • 20bd677 Deprecate Change Analysis SDK (#26913)
  • 92a31ec [Automation] Regenerate SDK based on typespec-go branch main 【batch 5】 (#26932)
  • 768459d azcertificates: live recording for PlatformManaged + review fixes (follow-up ...
  • e845f72 Update codeowners (#26918)
  • 118bb35 eng/tools/internal/exports: handle untyped const with selector expr value (#2...
  • 2b3767b Configurations: 'specification/containerservice/resource-manager/Microsoft.C...
  • Additional commits viewable in compare view

Updates github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.13.1 to 1.14.0

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azidentity's releases.

sdk/azidentity/v1.14.0

1.14.0 (2026-06-15)

Breaking Changes

These changes affect only code written against a beta version such as v1.14.0-beta.3

  • Removed WorkloadIdentityCredentialOptions.EnableAzureProxy. It will return in v1.15.0-beta.1

Bugs Fixed

  • AzureDeveloperCLICredential improved reporting of error messages returned from azd

Other Changes

  • Returned azidentity errors include links to the troubleshooting guide when appropriate
  • This module now requires a minimum Go version of 1.25
  • Upgraded dependencies
Commits

Updates github.com/Masterminds/semver/v3 from 3.4.0 to 3.5.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.5.0

What's Changed

New Contributors

Full Changelog: Masterminds/semver@v3.4.0...v3.5.0

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

Changelog

Commits
  • 8b89c86 Merge pull request #287 from mattfarina/fix-da-issues
  • 29d51d0 Fixing some quality issues
  • 87f651d Merge pull request #286 from mattfarina/update-devcontainer
  • 158a685 Updating gitignore for devcontainers
  • 7e83c08 Merge pull request #284 from Masterminds/dependabot/github_actions/golangci/g...
  • 697e27f Merge pull request #283 from Masterminds/dependabot/github_actions/actions/ca...
  • 1591f8e Merge pull request #282 from Masterminds/dependabot/github_actions/github/cod...
  • 3f5ff17 Bump golangci/golangci-lint-action from 7.0.1 to 9.2.0
  • 04baa33 Bump actions/cache from 4.2.3 to 5.0.5
  • 45939fe Bump github/codeql-action from 4.35.1 to 4.35.2
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.55.4 to 1.59.0

Commits

Updates github.com/bmatcuk/doublestar/v4 from 4.9.2 to 4.10.0

Release notes

Sourced from github.com/bmatcuk/doublestar/v4's releases.

Added WithNoHidden option

Added support for a WithNoHidden option to ignore hidden files in patterns that might unintentionally match them. For example, a .config directory would not be matched by * or recursed into by **, but would be matched by .* or recursed by .config/**.

Thanks to @​lukasngl for the initial PR and idea!

What's Changed

New Contributors

Full Changelog: bmatcuk/doublestar@v4.9.2...v4.10.0

Commits
  • a9ad9e0 allow starting test manually
  • 9987c0c update docs
  • d3b2184 windows support for WithNoHidden; better tests
  • 5d6a6cd Merge branch 'lukasngl-feat/no-hidden'
  • e8319d2 run tests when a branch/tag is created
  • 614b331 run tests when a branch/tag is created
  • df2e03f feat: add WithNoHidden option to skip hidden files
  • See full diff in compare view

Updates github.com/coreos/go-oidc/v3 from 3.17.0 to 3.20.0

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.20.0

What's Changed

Full Changelog: coreos/go-oidc@v3.19.0...v3.20.0

v3.19.0

What's Changed

New Contributors

Full Changelog: coreos/go-oidc@v3.18.0...v3.19.0

v3.18.0

What's Changed

Full Changelog: coreos/go-oidc@v3.17.0...v3.18.0

Commits
  • 75dfa5c oidc: add constants for "email" and "profile" scopes
  • a89f046 oidc: add API for determining when issuer URLs mismatch
  • 6a69b6d readme: update README and docs
  • f9049c9 oidc: ignore JWKs with unknown signing algorithms rather than failing
  • 2f178e0 SECURITY.md: add a security policy and point to project-level reporting
  • b3bc7da oidc: improve documentation for APIs
  • 0db9053 oidc: modernize with new Go APIs
  • 4204f0b oidc: add support for validating back-channel logout tokens
  • f77e01c fix: Key refresh should set no-cache to get most up to date keys
  • da6b3bf build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
  • Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.6.1 to 0.7.0

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.7.0] - 2025-06-17

You talk of times of peace for all, and then prepare for war.

Changed

  • Update to cyphar.com/go-pathrs@0.2.5, which included a build-time API breakage that we needed to work around. The API of this library is unchanged by this, but users should make sure to update to v0.7.0 of filepath-securejoin if they use the libpathrs built tag and have update to libpathrs v0.2.5.
Commits
  • 8096a95 VERSION: release v0.7.0
  • 1324ccb merge #101 into cyphar/filepath-securejoin:main
  • dd8f0bb deps: bump to cyphar.com/go-pathrs@v0.2.5
  • c9a7725 gha: bump golangci-lint to v2.12
  • 2e968bd Merge pull request #91 from cyphar/dependabot/github_actions/actions/download...
  • 2879148 Merge pull request #90 from cyphar/dependabot/github_actions/actions/upload-a...
  • 07b805b build(deps): bump actions/download-artifact from 6 to 7
  • 8507844 build(deps): bump actions/upload-artifact from 5 to 6
  • daef0cf Merge pull request #89 from cyphar/dependabot/github_actions/actions/checkout-6
  • 95f8ea4 build(deps): bump actions/checkout from 5 to 6
  • Additional commits viewable in compare view

Updates github.com/gin-gonic/gin from 1.11.0 to 1.12.0

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.12.0

Changelog

Features

  • 192ac89eefc1c30f7c97ae48a9ffb1c6f1c8c8bc: feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203) (@​takanuva15)
  • 53410d2e07054369e0960fbe2eed97e1b9966f12: feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502) (@​raju-mechatronics)
  • acc55e049e33b401e810dbd8c0d6dcb6b3ba2b05: feat(context): add Protocol Buffers support to content negotiation (#4423) (@​1911860538)
  • 38e765119241d990705169bedb5002a29ae0cbd1: feat(context): implemented Delete method (@​Spyder01)
  • 771dcc6476d7bc6abb9ec0235ecefa4d38fe6fb0: feat(gin): add option to use escaped path (#4420) (@​ldesauw)
  • 4dec17afdff48e8018c83618fbbe69fceeb2b41d: feat(logger): color latency (#4146) (@​wsyqn6)
  • d7776de7d444935ea4385999711bd6331a98fecb: feat(render): add bson protocol (#4145) (@​laurentcau)

Bug fixes

  • b917b14ff9d189f16a7492be79d123a47806ee19: fix(binding): empty value error (#2169) (@​guonaihong)
  • c3d1092b3b48addf6f9cd00fe274ec3bd14650eb: fix(binding): improve empty slice/array handling in form binding (#4380) (@​1911860538)
  • 9914178584e42458ff7d23891463a880f58c9d86: fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472) (@​Nurysso)
  • 2a794cd0b0faa7d829291375b27a3467ea972b0d: fix(debug): version mismatch (#4403) (@​zeek0x)
  • c3d5a28ed6d3849da820195b6774d212bcc038a9: fix(gin): close os.File in RunFd to prevent resource leak (#4422) (@​1911860538)
  • 5fad976b372e381312f8de69f0969f1284d229d3: fix(gin): literal colon routes not working with engine.Handler() (#4415) (@​pawannn)
  • 63dd3e60cab89c27fb66bce1423bd268d52abad1: fix(recover): suppress http.ErrAbortHandler in recover (#4336) (@​MondayCha)
  • 5c00df8afadd06cc5be530dde00fe6d9fa4a2e4a: fix(render): write content length in Data.Render (#4206) (@​dengaleev)
  • 234a6d4c00cb77af9852aca0b8289745d5529b4b: fix(response): refine hijack behavior for response lifecycle (#4373) (@​appleboy)
  • 472d086af2acd924cb4b9d7be0525f7d790f69bc: fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535) (@​veeceey)
  • 8e07d37c63e5536eb25f4af4c91eabeee4011fba: fix: Correct typos, improve documentation clarity, and remove dead code (#4511) (@​mahanadh)

Enhancements

  • ba093d19477b896ac89a7fc3246af23d290b8e26: chore(binding): upgrade bson dependency to mongo-driver v2 (#4549) (@​BobDu)
  • b2b489dbf4826c2c630717a77fd5e42774625410: chore(context): always trust xff headers from unix socket (#3359) (@​WeidiDeng)
  • ecb3f7b5e2f3915bf1db240ed5eee572f8dbea36: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (#4449) (@​appleboy)
  • af6e8b70b8261bb0c99ad094fe552ab92991620a: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
  • db309081bc5c137b2aa15701ef53f7f19788da25: chore(logger): allow skipping query string output (#4547) (@​USA-RedDragon)
  • 26c3a628655cad2388380cb8102d6ce7d4875f3b: chore(response): prevent Flush() panic when http.Flusher (#4479) (@​Twacqwq)
  • 5dd833f1f26de0eb30eae47b17e05ced2482dc41: chore: bump minimum Go version to 1.24 and update workflows (#4388) (@​appleboy)

Refactor

  • 39858a0859c914bd26948fa950477e11bd8d3823: refactor(binding): use maps.Copy for cleaner map handling (#4352) (@​russcoss)
  • c0048f645ee945c4db30593afdea10123e2c30a6: refactor(context): omit the return value names (#4395) (@​wanghaolong613)
  • 915e4c90d28ec4cffc6eb146e208ab5a65eac772: refactor(context): replace hardcoded localhost IPs with constants (#4481) (@​pauloappbr)
  • 414de60574449457f3192a7a1d5528940db2836d: refactor(context): using maps.Clone (#4333) (@​cuiweixie)
  • 59e9d4a794f12c4f9a6c7bed441b9644e5f6d99b: refactor(ginS): use sync.OnceValue to simplify engine function (#4314) (@​1911860538)
  • 3ab698dc5110af1977d57226e4995c57dd34c233: refactor(recovery): smart error comparison (#4142) (@​zeek0x)
  • d1a15347b1e45a8ee816193d3578a93bfd73b70f: refactor(utils): move util functions to utils.go (#4467) (@​zeek0x)
  • e3118cc378d263454098924ebbde7e8d1dd2e904: refactor: for loop can be modernized using range over int (#4392) (@​wanghaolong613)
  • 488f8c3ffa579a8d19beb2bae95ff8ef36b3d53f: refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529) (@​veeceey)
  • 9968c4bf9d5a99edc3eee2c068a4c9160ece8915: refactor: use b.Loop() to simplify the code and improve performance (#4389) (@​reddaisyy)
  • a85ef5ce4d0cda8834c59c855068ed48b51192d1: refactor: use b.Loop() to simplify the code and improve performance (#4432) (@​efcking)

Build process updates

  • 61b67de522a189b568aced4c5c16917c558e3387: ci(bot): increase frequency and group updates for dependencies (#4367) (@​appleboy)
  • fb27ef26c2fdfe25344b4c039d8a53551f9e912c: ci(lint): refactor test assertions and linter configuration (#4436) (@​appleboy)
  • 93ff771e6dbf10e432864b30f3719ac5c84a4d4a: ci(sec): improve type safety and server organization in HTTP middleware (#4437) (@​appleboy)
  • e88fc8927a52b74f55bec0351604a56ac0aa1c51: ci(sec): schedule Trivy security scans to run daily at midnight UTC (#4439) (@​appleboy)
  • 5e5ff3ace496a31b138b0820136a146bfb5de0ef: ci: replace vulnerability scanning workflow with Trivy integration (#4421) (@​appleboy)
  • 00900fb3e1ea9dde33985a0e4f6afec793d5e786: ci: update CI workflows and standardize Trivy config quotes (#4531) (@​appleboy)
  • ae3f524974fc4f55d18c9e7fae4614503c015226: ci: update Go version support to 1.25+ across CI and docs (#4550) (@​appleboy)

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.12.0

Features

  • feat(render): add bson protocol (#4145)
  • feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502)
  • feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203)
  • feat(gin): add option to use escaped path (#4420)
  • feat(context): add Protocol Buffers support to content negotiation (#4423)
  • feat(context): implemented Delete method (#38e7651)
  • feat(logger): color latency (#4146)

Enhancements

  • perf(tree): reduce allocations in findCaseInsensitivePath (#4417)
  • perf(recovery): optimize line reading in stack function (#4466)
  • perf(path): replace regex with custom functions in redirectTrailingSlash (#4414)
  • perf(tree): optimize path parsing using strings.Count (#4246)
  • chore(logger): allow skipping query string output (#4547)
  • chore(context): always trust xff headers from unix socket (#3359)
  • chore(response): prevent Flush() panic when the underlying ResponseWriter does not implement http.Flusher (#4479)
  • refactor(recovery): smart error comparison (#4142)
  • refactor(context): replace hardcoded localhost IPs with constants (#4481)
  • refactor(utils): move util functions to utils.go (#4467)
  • refactor(binding): use maps.Copy for cleaner map handling (#4352)
  • refactor(context): using maps.Clone (#4333)
  • refactor(ginS): use sync.OnceValue to simplify engine function (#4314)
  • refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529)
  • refactor: for loop can be modernized using range over int (#4392)

Bug Fixes

  • fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
  • fix(render): write content length in Data.Render (#4206)
  • fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472)
  • fix(binding): empty value error (#2169)
  • fix(recover): suppress http.ErrAbortHandler in recover (#4336)
  • fix(gin): literal colon routes not working with engine.Handler() (#4415)
  • fix(gin): close os.File in RunFd to prevent resource leak (#4422)
  • fix(response): refine hijack behavior for response lifecycle (#4373)
  • fix(binding): improve empty slice/array handling in form binding (#4380)
  • fix(debug): version mismatch (#4403)
  • fix: correct typos, improve documentation clarity, and remove dead code (#4511)

Build process updates / CI

  • ci: update Go version support to 1.25+ across CI and docs (#4550)
  • chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
Commits
  • 73726dc docs: update documentation to reflect Go version changes (#4552)
  • e292e5c docs: document and finalize Gin v1.12.0 release (#4551)
  • ae3f524 ci: update Go version support to 1.25+ across CI and docs (#4550)
  • 38534e2 chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4548)
  • 472d086 fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
  • fb25834 test(context): use http.StatusContinue constant instead of magic number 100 (...
  • 6f1d5fe test(render): add comprehensive error handling tests (#4541)
  • 5c00df8 fix(render): write content length in Data.Render (#4206)
  • db30908 chore(logger): allow skipping query string output (#4547)
  • ba093d1 chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
  • Additional commits viewable in compare view

Updates github.com/go-openapi/runtime from 0.31.0 to 0.32.4

Release notes

Sourced from github.com/go-openapi/runtime's releases.

v0.32.4

0.32.4 - 2026-06-19

Full Changelog: go-openapi/runtime@v0.32.3...v0.32.4

10 commits in this release.


Fixed bugs

  • fix(middleware): nil-guard param.Schema in UntypedRequestBinder map path by @​Copilot in #488 ...

Documentation

Miscellaneous tasks

Updates


People who contributed to this release


runtime license terms

License

... (truncated)

Commits
  • 908a0ff chore: prepare release v0.32.4
  • 5a6fbee build(deps): bump github.com/go-openapi/spec
  • b63b221 build(deps): bump the development-dependencies group with 2 updates
  • d3cd4f6 fix(middleware): nil-guard param.Schema in UntypedRequestBinder map path (#488)
  • 760cc62 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • 6c5385e build(deps): bump golang.org/x/sync
  • 1045e1c build(deps): bump the development-dependencies group with 9 updates
  • 9b01ff4 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • deed159 doc: updated contributors file
  • 2dc38ae build(deps): bump the development-dependencies group with 10 updates
  • Additional commits viewable in compare view

Updates github.com/goccy/go-yaml from 1.18.0 to 1.19.2

Release notes

Sourced from github.com/goccy/go-yaml's releases.

1.19.2

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.19.1...v1.19.2

1.19.1

What's Changed

Full Changelog: goccy/go-yaml@v1.19.0...v1.19.1

1.19.0

What's Changed

New Contributors

Full Changelog: goccy/go-yaml@v1.18.0...v1.19.0

Commits
  • 92bc79c Fix anchor reference regression in nested structures (#839)
  • b0ab069 Support line comment for flow sequence or flow map (#834)
  • 9e98b0c Fix decoding of integer keys of map type (#829)
  • a7b4bfb Add support for RawMessage, similar to json.RawMessage (#790)
  • 07c09c0 Add indentation to flow values on new lines (#759)
  • 0040ab4 Skip directive in path operations (#758)
  • 7901e98 Support non string map keys (#756)
  • f4d1347 Normalize CR and CRLF in multi-line strings (#754)
  • 90e8525 Add decode option that allows specific field prefixes (#795)
  • 25e5d90 Revert "feat: Dont make copies of structs for validation (#737)" (#763)
  • See full diff in compare view

Updates github.com/google/go-containerregistry from 0.20.7 to 0.21.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.7

What's Changed

Bumps the go-minor group with 24 updates:

| Package | From | To |
| --- | --- | --- |
| code.gitea.io/sdk/gitea | `0.22.1` | `0.25.1` |
| [connectrpc.com/grpchealth](https://github.com/connectrpc/grpchealth-go) | `1.4.0` | `1.5.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) | `1.20.0` | `1.22.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.13.1` | `1.14.0` |
| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.4.0` | `3.5.0` |
| [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) | `1.55.4` | `1.59.0` |
| [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) | `4.9.2` | `4.10.0` |
| [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) | `3.17.0` | `3.20.0` |
| [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.6.1` | `0.7.0` |
| [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) | `1.11.0` | `1.12.0` |
| [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) | `0.31.0` | `0.32.4` |
| [github.com/goccy/go-yaml](https://github.com/goccy/go-yaml) | `1.18.0` | `1.19.2` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.20.7` | `0.21.7` |
| [github.com/jferrl/go-githubauth](https://github.com/jferrl/go-githubauth) | `1.5.1` | `1.7.0` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.7` | `1.19.0` |
| [github.com/pelletier/go-toml/v2](https://github.com/pelletier/go-toml) | `2.2.4` | `2.4.3` |
| [gitlab.com/gitlab-org/api/client-go](https://gitlab.com/gitlab-org/api/client-go) | `1.13.0` | `1.46.0` |
| [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.1` | `1.28.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.53.0` | `0.54.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.34.0` | `0.36.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.21.0` | `0.22.0` |
| [golang.org/x/text](https://github.com/golang/text) | `0.38.0` | `0.40.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.259.0` | `0.288.0` |
| [helm.sh/helm/v3](https://github.com/helm/helm) | `3.19.5` | `3.21.3` |


Updates `code.gitea.io/sdk/gitea` from 0.22.1 to 0.25.1

Updates `connectrpc.com/grpchealth` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/connectrpc/grpchealth-go/releases)
- [Commits](connectrpc/grpchealth-go@1.4.0...v1.5.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azcore` from 1.20.0 to 1.22.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.20.0...sdk/azcore/v1.22.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.13.1 to 1.14.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Commits](Azure/azure-sdk-for-go@sdk/azidentity/v1.13.1...sdk/azcore/v1.14.0)

Updates `github.com/Masterminds/semver/v3` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/Masterminds/semver/releases)
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md)
- [Commits](Masterminds/semver@v3.4.0...v3.5.0)

Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.55.4 to 1.59.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/ssm/v1.55.4...service/s3/v1.59.0)

Updates `github.com/bmatcuk/doublestar/v4` from 4.9.2 to 4.10.0
- [Release notes](https://github.com/bmatcuk/doublestar/releases)
- [Commits](bmatcuk/doublestar@v4.9.2...v4.10.0)

Updates `github.com/coreos/go-oidc/v3` from 3.17.0 to 3.20.0
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.17.0...v3.20.0)

Updates `github.com/cyphar/filepath-securejoin` from 0.6.1 to 0.7.0
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](cyphar/filepath-securejoin@v0.6.1...v0.7.0)

Updates `github.com/gin-gonic/gin` from 1.11.0 to 1.12.0
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](gin-gonic/gin@v1.11.0...v1.12.0)

Updates `github.com/go-openapi/runtime` from 0.31.0 to 0.32.4
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](go-openapi/runtime@v0.31.0...v0.32.4)

Updates `github.com/goccy/go-yaml` from 1.18.0 to 1.19.2
- [Release notes](https://github.com/goccy/go-yaml/releases)
- [Changelog](https://github.com/goccy/go-yaml/blob/master/CHANGELOG.md)
- [Commits](goccy/go-yaml@v1.18.0...v1.19.2)

Updates `github.com/google/go-containerregistry` from 0.20.7 to 0.21.7
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.20.7...v0.21.7)

Updates `github.com/jferrl/go-githubauth` from 1.5.1 to 1.7.0
- [Release notes](https://github.com/jferrl/go-githubauth/releases)
- [Changelog](https://github.com/jferrl/go-githubauth/blob/main/CHANGELOG.md)
- [Commits](jferrl/go-githubauth@v1.5.1...v1.7.0)

Updates `github.com/klauspost/compress` from 1.18.7 to 1.19.0
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](klauspost/compress@v1.18.7...v1.19.0)

Updates `github.com/pelletier/go-toml/v2` from 2.2.4 to 2.4.3
- [Release notes](https://github.com/pelletier/go-toml/releases)
- [Commits](pelletier/go-toml@v2.2.4...v2.4.3)

Updates `gitlab.com/gitlab-org/api/client-go` from 1.13.0 to 1.46.0
- [Release notes](https://gitlab.com/gitlab-org/api/client-go/tags)
- [Changelog](https://gitlab.com/gitlab-org/api/client-go/blob/main/CHANGELOG.md)
- [Commits](https://gitlab.com/gitlab-org/api/client-go/compare/v1.13.0...v1.46.0)

Updates `go.uber.org/zap` from 1.27.1 to 1.28.0
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](uber-go/zap@v1.27.1...v1.28.0)

Updates `golang.org/x/crypto` from 0.53.0 to 0.54.0
- [Commits](golang/crypto@v0.53.0...v0.54.0)

Updates `golang.org/x/oauth2` from 0.34.0 to 0.36.0
- [Commits](golang/oauth2@v0.34.0...v0.36.0)

Updates `golang.org/x/sync` from 0.21.0 to 0.22.0
- [Commits](golang/sync@v0.21.0...v0.22.0)

Updates `golang.org/x/text` from 0.38.0 to 0.40.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.38.0...v0.40.0)

Updates `google.golang.org/api` from 0.259.0 to 0.288.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.259.0...v0.288.0)

Updates `helm.sh/helm/v3` from 3.19.5 to 3.21.3
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.19.5...v3.21.3)

---
updated-dependencies:
- dependency-name: code.gitea.io/sdk/gitea
  dependency-version: 0.25.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: connectrpc.com/grpchealth
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/Masterminds/semver/v3
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr
  dependency-version: 1.59.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/bmatcuk/doublestar/v4
  dependency-version: 4.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/gin-gonic/gin
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/go-openapi/runtime
  dependency-version: 0.32.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/goccy/go-yaml
  dependency-version: 1.19.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/jferrl/go-githubauth
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/pelletier/go-toml/v2
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: gitlab.com/gitlab-org/api/client-go
  dependency-version: 1.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: go.uber.org/zap
  dependency-version: 1.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/crypto
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/sync
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/text
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: google.golang.org/api
  dependency-version: 0.288.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: helm.sh/helm/v3
  dependency-version: 3.21.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file; mainly used by Dependabot go Pull requests that update Go code labels Jul 12, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 12, 2026 05:31
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file; mainly used by Dependabot go Pull requests that update Go code labels Jul 12, 2026
@kargo-governance-bot kargo-governance-bot Bot added the needs/area Issue or PR needs to be labeled to indicate what parts of the code base are affected label Jul 12, 2026
@netlify

netlify Bot commented Jul 12, 2026

Copy link
Copy Markdown

Deploy Preview for docs-kargo-io ready!

Name Link
🔨 Latest commit 8891594
🔍 Latest deploy log https://app.netlify.com/projects/docs-kargo-io/deploys/6a5326af69a150000821e0b5
😎 Deploy Preview https://deploy-preview-6601.docs.kargo.io
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@kargo-governance-bot kargo-governance-bot Bot added needs/kind Issue or PR needs to be labeled to clarify its nature needs/priority Priority has not yet been determined; a good signal that maintainers aren't fully committed labels Jul 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file; mainly used by Dependabot go Pull requests that update Go code needs/area Issue or PR needs to be labeled to indicate what parts of the code base are affected needs/kind Issue or PR needs to be labeled to clarify its nature needs/priority Priority has not yet been determined; a good signal that maintainers aren't fully committed

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants