chore(deps): bump the k8s-go-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the k8s-go-dependencies group with 6 updates in the /k8s-service directory:

Package	From	To
github.com/getkin/kin-openapi	0.133.0	0.134.0
github.com/labstack/echo/v4	4.15.0	4.15.1
github.com/minio/minio-go/v7	7.0.98	7.0.99
github.com/onsi/ginkgo/v2	2.27.2	2.28.1
k8s.io/api	0.35.1	0.35.2
k8s.io/client-go	0.35.1	0.35.2

Updates github.com/getkin/kin-openapi from 0.133.0 to 0.134.0

Release notes

Sourced from github.com/getkin/kin-openapi's releases.

v0.134.0

What's Changed

• openapi3filter: feat(multipart-ct-decoder): default body decoder on binary schema by @​mieltn in getkin/kin-openapi#1097
• openapi3: ensure SchemaErrors get the correct path for allOf schemas by @​jamesfcarter in getkin/kin-openapi#1098
• openapi3filter: Fix empty string handling in parameter validation by @​utah-KT in getkin/kin-openapi#1096
• tidy(docs): Update references to oapi-codegen project URL (issue getkin#1094) by @​frenchi in getkin/kin-openapi#1095
• openapi2conv: fix allOf inside additionalProperties by @​dani-maarouf in getkin/kin-openapi#1103
• openapi3filter: Reject requests with body when non expected (issue 1100) by @​CynanX in getkin/kin-openapi#1101
• openapi3: fix for RFC3339 validation: time-offset is a required component by @​mpreu in getkin/kin-openapi#1104
• openapi3: add file path to origin location tracking by @​reuvenharrison in getkin/kin-openapi#1128
• openapi3filter: fix bug where absent optional properties fail validation in form-urlencoded requests by @​thierry-f-78 in getkin/kin-openapi#1110
• feat: add document-scoped format validators to prevent global state pollution by @​the-corp-mark in getkin/kin-openapi#1126
• openapi3: process discriminator mapping values as refs by @​RaduPetreTarean in getkin/kin-openapi#1108
• openapi3: serialize Extensions when using $ref by @​irees in getkin/kin-openapi#1131

New Contributors

• @​mieltn made their first contribution in getkin/kin-openapi#1097
• @​jamesfcarter made their first contribution in getkin/kin-openapi#1098
• @​utah-KT made their first contribution in getkin/kin-openapi#1096
• @​frenchi made their first contribution in getkin/kin-openapi#1095
• @​dani-maarouf made their first contribution in getkin/kin-openapi#1103
• @​CynanX made their first contribution in getkin/kin-openapi#1101
• @​mpreu made their first contribution in getkin/kin-openapi#1104
• @​thierry-f-78 made their first contribution in getkin/kin-openapi#1110
• @​the-corp-mark made their first contribution in getkin/kin-openapi#1126
• @​RaduPetreTarean made their first contribution in getkin/kin-openapi#1108

Full Changelog: getkin/kin-openapi@v0.133.0...v0.134.0

Commits

• 713eff1 openapi3: serialize Extensions when using $ref (#1131)
• 88234d0 openapi3: process discriminator mapping values as refs (#1108)
• b4a86ce feat: add document-scoped format validators to prevent global state pollution...
• fd00a26 openapi3filter: fix bug where absent optional properties fail validation in f...
• ede8b1f openapi3: add file path to origin location tracking (#1128)
• 45db2ad Fix RFC3339 validation (#1104)
• 2ac6346 feat: support rejecting when request body present but not required by specifi...
• 6321ee8 openapi2conv: fix allOf inside additionalProperties (#1103)
• f53e403 tidy(docs): Update references to oapi-codegen project URL (issue getkin#1094)...
• 6a04fdf openapi3: Allow usage of empty string (#1096)
• Additional commits viewable in compare view

Updates github.com/labstack/echo/v4 from 4.15.0 to 4.15.1

Changelog

Sourced from github.com/labstack/echo/v4's changelog.

Changelog

v5.0.4 - 2026-02-15

Enhancements

• Remove unused import 'errors' from README example by @​kumapower17 in labstack/echo#2889
• Fix Graceful shutdown: after http.Server.Serve returns we need to wait for graceful shutdown goroutine to finish by @​aldas in labstack/echo#2898
• Update location of oapi-codegen in README by @​mromaszewicz in labstack/echo#2896
• Add Go 1.26 to CI flow by @​aldas in labstack/echo#2899
• Add new function echo.StatusCode by @​suwakei in labstack/echo#2892
• CSRF: support older token-based CSRF protection handler that want to render token into template by @​aldas in labstack/echo#2894
• Add echo.ResolveResponseStatus function to help middleware/handlers determine HTTP status code and echo.Response by @​aldas in labstack/echo#2900

v5.0.3 - 2026-02-06

Security

• Fix directory traversal vulnerability under Windows in Static middleware when default Echo filesystem is used. Reported by @​shblue21.

This applies to cases when:

• Windows is used as OS
• middleware.StaticConfig.Filesystem is nil (default)
• echo.Filesystem is has not been set explicitly (default)

Exposure is restricted to the active process working directory and its subfolders.

v5.0.2 - 2026-02-02

Security

• Fix Static middleware with config.Browse=true lists all files/subfolders from config.Filesystem root and not starting from config.Root in labstack/echo#2887

v5.0.1 - 2026-01-28

• Panic MW: will now return a custom PanicStackError with stack trace by @​aldas in labstack/echo#2871
• Docs: add missing err parameter to DenyHandler example by @​cgalibern in labstack/echo#2878
• improve: improve websocket checks in IsWebSocket() [per RFC 6455] by @​raju-mechatronics in labstack/echo#2875
• fix: Context.Json() should not send status code before serialization is complete by @​aldas in labstack/echo#2877

v5.0.0 - 2026-01-18

Echo v5 is maintenance release with major breaking changes

• Context is now struct instead of interface and we can add method to it in the future in minor versions.
• Adds new Router interface for possible new routing implementations.
• Drops old logging interface and uses moderm log/slog instead.

... (truncated)

Commits

• 6f3a84a Merge pull request #2905 from aldas/v4_crsf_token_fallback
• 24fa4d0 CSRF: support older token-based CSRF protection handler that want to render t...
• See full diff in compare view

Updates github.com/minio/minio-go/v7 from 7.0.98 to 7.0.99

Commits

• c44cb2a Fix PutObject and ConcurrentStreamParts error handling for empty stream (#2207)
• 1451162 Fix object ReadAt performs seek (#2197)
• ffb7ec0 Implement support for new UpdateObjectEncryption API & bump Go to 1.25 (#2204)
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.2 to 2.28.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.1

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

• CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

v2.27.3

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

• CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Commits

• 5d1d628 v2.28.1
• 676f985 update test mu language
• 8032100 appease go vet
• 41ca807 bump dependencies
• 2b2305b v2.28.0
• 71d2d89 feat: support component semantic version filtering
• 8cbbcb4 Fix doclink for ginkgo run
• a928307 v2.27.5
• 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
• 867ce95 v2.27.4
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

• 49561ad v1.39.0
• 8f7f425 document MatchErrorStrictly
• bae643d add matcher relecting errors.Is behavior
• a3ca2ca v1.38.3
• 4dada36 fix failing have http tests
• d40c691 make string formatitng more consistent for users who use format.Object directly
• 2a37b46 doc: fix typos
• ee26170 docs: fix HaveValue example
• cc85c05 Bump actions/setup-go from 5 to 6 (#866)
• 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
• Additional commits viewable in compare view

Updates k8s.io/api from 0.35.1 to 0.35.2

Commits

• 8a137cd Update dependencies to v0.35.2 tag
• See full diff in compare view

Updates k8s.io/apimachinery from 0.35.1 to 0.35.2

Commits

• See full diff in compare view

Updates k8s.io/client-go from 0.35.1 to 0.35.2

Commits

• a21b329 Update dependencies to v0.35.2 tag
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions