Skip to content

chore(deps): bump the go-dependencies group across 1 directory with 9 updates#669

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/tests/go-dependencies-39267cbf1c
Open

chore(deps): bump the go-dependencies group across 1 directory with 9 updates#669
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/tests/go-dependencies-39267cbf1c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026
edited
Loading

Bumps the go-dependencies group with 1 update in the /tests directory: github.com/cert-manager/cert-manager.

Updates github.com/cert-manager/cert-manager from 1.16.4 to 1.20.0

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.20.0

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

v1.20.0 adds alpha support for the new ListenerSet resource, adds support for Azure Private DNS; parentRefs are no longer required when using ACME with Gateway API, and OtherNames was promoted to Beta.

Changes by Kind

Feature

  • Added a set of flags to permit setting NetworkPolicy across all deployed containers. Remove redundant global IP ranges from example policies. (#8370, @​jcpunk)
  • Added selectable fields to custom resource definitions for .spec.issuerRef.{group, kind, name} (#8256, @​tareksha)
  • Added support for specifying imagePullSecrets in the startupapicheck-job Helm template to enable pulling images from private registries. (#8186, @​mathieu-clnk)
  • Added 'extraContainers' helm chart value, allowing the deployment of arbitrary sidecar containers within the cert-manager operator pod. This can be used to support, for e.g., AWS IAM Roles Anywhere for Route53 DNS01 verification. (#8355, @​dancmeyers)
  • Added parentRef override annotations on the Certificate resource. (#8518, @​hjoshi123)
  • Added support for azure private zones for dns01 issuer. (#8494, @​hjoshi123)
  • Added support for configuring PEM decoding size limits, allowing operators to handle larger certificates and keys. (#7642, @​robertlestak)
  • Added support for unhealthyPodEvictionPolicy in PodDisruptionBudget (#7728, @​jcpunk)
  • For Venafi provider, read venafi.cert-manager.io/custom-fields annotation on Issuer/ClusterIssuer and use it as base with override/append capabilities on Certificate level. (#8301, @​k0da)
  • Improve error message when CA issuers are misconfigured to use a clashing secret name (#8374, @​majiayu000)
  • Introduce a new Ingress annotation acme.cert-manager.io/http01-ingress-ingressclassname to override http01.ingress.ingressClassName field in HTTP-01 challenge solvers. (#8244, @​lunarwhite)
  • Update global.nodeSelector to helm chart to perform a merge and allow for a single nodeSelector to be set across all services. (#8195, @​StingRayZA)
  • Vault issuers will now include the Vault server address as one of the default audiences on generated service account tokens. (#8228, @​terinjokes)
  • Added experimental XListenerSets feature gate (#8394, @​hjoshi123)

Documentation

Bug or Regression

  • Adds logs for cases when acme server returns us a fatal error in the order controller (#8199, @​Peac36)
  • Fixed an issue where kind or group in the issuerRef of a Certificate was omitted, upgrading to 1.19.x incorrectly caused the certificate to be renewed (#8160, @​inteon)
  • Changes to the Duration and RenewBefore annotations on ingress and gateway-api resources will now trigger certificate updates. (#8232, @​eleanor-merry)
  • Fix an issue where ACME challenge TXT records are not cleaned up when there are many resource records in CloudDNS. (#8456, @​tkna)
  • Fix unregulated retries with the DigitalOcean DNS-01 solver Add full detailed DNS-01 errors to the events attached to the Challenge, for easier debugging (#8221, @​wallrj-cyberark)
  • Fixed an infinite re-issuance loop that could occur when an issuer returns a certificate with a public key that doesn't match the CSR. The issuing controller now validates the certificate before storing it and fails with backoff on mismatch. (#8403, @​calm329)
  • Fixed an issue where HTTP-01 challenges failed when the Host header contains an IPv6 address. This means that users can now issue IP address certificates for IPv6 address subjects. (#8424, @​SlashNephy)
  • Fixed the HTTP-01 Gateway solver creating invalid HTTPRoutes by not setting spec.hostnames when the challenge DNSName is an IP address. (#8443, @​alviss7)
  • Revert API defaults for issuer reference kind and group introduced in 0.19.0 (#8173, @​erikgb)
  • Security (MODERATE): Fix a potential panic in the cert-manager controller when a DNS response in an unexpected order was cached. If an attacker was able to modify DNS responses (or if they controlled the DNS server) it was possible to cause denial of service for the cert-manager controller. (#8469, @​SgtCoDFish)
  • Update Go to v1.25.5 to fix CVE-2025-61727 and CVE-2025-61729 (#8290, @​octo-sts[bot])
  • When Prometheus monitoring is enabled, the metrics label is now set to the intended value of cert-manager. Previously, it was set depending on various factors (namespace cert-manager is installed in and/or Helm release name). (#8162, @​LiquidPL)

Other (Cleanup or Flake)

... (truncated)

Commits
  • 0d2f215 Merge pull request #8599 from hjoshi123/fix/cherry-pick-1.26
  • 992544c cherry picking go 1.26.1 onto release-1.20
  • 0ef9dd0 Merge pull request #8598 from cert-manager-bot/cherry-pick-8581-to-release-1.20
  • 700e95a Merge pull request #8597 from cert-manager-bot/cherry-pick-8595-to-release-1.20
  • 0ee2440 Merge pull request #8596 from cert-manager-bot/cherry-pick-8590-to-release-1.20
  • fbf8b99 fix(deps): update module k8s.io/klog/v2 to v2.140.0
  • 58d6b5a disable metrics server for test webhook
  • 04762ea configure contextual test logger for controller-runtime webhook only
  • fb10af9 Merge pull request #8576 from maelvls/release-1.20
  • f27af7b [release-1.20] update trivy to fix scans
  • Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.2 to 2.28.0

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

v2.27.3

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Commits
  • 2b2305b v2.28.0
  • 71d2d89 feat: support component semantic version filtering
  • 8cbbcb4 Fix doclink for ginkgo run
  • a928307 v2.27.5
  • 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
  • 867ce95 v2.27.4
  • 59bc751 CurrentTreeConstructionNodeReport: fix for nested container nodes
  • f331739 v2.27.3
  • 1c9f356 ginkgo: report exit result in case of failure
  • ece19c8 ginkgo: fix data race
  • See full diff in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.39.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.1

1.39.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

Updates golang.org/x/exp from 0.0.0-20241217172543-b2144cdd0a67 to 0.0.0-20250718183923-645b1fa84792

Commits

Updates k8s.io/api from 0.33.0 to 0.35.2

Commits
  • 8a137cd Update dependencies to v0.35.2 tag
  • bbcbaa8 Merge remote-tracking branch 'origin/master' into release-1.35
  • 5bced61 Bump golang.org/x/crypto to v0.45.0
  • 39e2e26 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • c22b4a1 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • e3b1f3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 3da327c Update vendored dependencies
  • c764b44 Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
  • aced136 Generated files from API changes
  • 02d790d Adding Resources and AllocatedResoures fields to the list of expected fields ...
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.33.0 to 0.35.2

Commits
  • 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
  • e2a2dbc Bump golang.org/x/crypto to v0.45.0
  • 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 52154f7 Update vendored dependencies
  • 5a348c5 KEP-5471: Extend tolerations operators (#134665)
  • 6f89492 Merge pull request #133648 from richabanker/merged-discovery
  • c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
  • 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.33.0 to 0.35.2

Commits
  • a21b329 Update dependencies to v0.35.2 tag
  • 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
  • 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
  • 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
  • 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
  • 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
  • 97256a6 Bump golang.org/x/crypto to v0.45.0
  • 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • 171ef8c Use transformer in consistency checker
  • 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20241210054802-24370beab758 to 0.0.0-20260210185600-b8788abfbbc2

Commits

Updates sigs.k8s.io/controller-runtime from 0.21.0 to 0.23.1

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.23.1

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.0...v0.23.1

v0.23.0

🔆 Highlights

⚠️ Breaking changes

✨ Features

🐛 Bugfixes

... (truncated)

Commits
  • f52bbb8 Merge pull request #3437 from k8s-infra-cherrypick-robot/cherry-pick-3430-to-...
  • 4f41337 Merge pull request #3438 from k8s-infra-cherrypick-robot/cherry-pick-3434-to-...
  • e29a1b9 seedling: Test cache reader waits for cache sync
  • 83c8dc3 bug: Fakeclient: Fix status apply if existing object has managedFields set
  • bf6bcd5 Merge pull request #3436 from k8s-infra-cherrypick-robot/cherry-pick-3431-to-...
  • b6a3a46 bug: Fix panic when using CRs with embedded pointer structs
  • 7866fb0 Merge pull request #3433 from k8s-infra-cherrypick-robot/cherry-pick-3425-to-...
  • 90b26f7 check to see if informer is synced and started before returning cache
  • 129853d Merge pull request #3419 from alvaroaleman/limit-cardinality
  • 00b8b07 🐛 Limit depthWithPriorityMetric cardinality to 25
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 23, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 23, 2026

Labels

The following labels could not be found: tests. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 23, 2026
@github-actions github-actions bot added the chore Routine tasks or maintenance label Mar 23, 2026
@dependabot
chore(deps): bump the go-dependencies group across 1 directory with 9…
3b57ce1 
… updates

Bumps the go-dependencies group with 1 update in the /tests directory: [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager).


Updates `github.com/cert-manager/cert-manager` from 1.16.4 to 1.20.0
- [Release notes](https://github.com/cert-manager/cert-manager/releases)
- [Changelog](https://github.com/cert-manager/cert-manager/blob/master/RELEASE.md)
- [Commits](cert-manager/cert-manager@v1.16.4...v1.20.0)

Updates `github.com/onsi/ginkgo/v2` from 2.27.2 to 2.28.0
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.27.2...v2.28.0)

Updates `github.com/onsi/gomega` from 1.38.2 to 1.39.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.2...v1.39.1)

Updates `golang.org/x/exp` from 0.0.0-20241217172543-b2144cdd0a67 to 0.0.0-20250718183923-645b1fa84792
- [Commits](https://github.com/golang/exp/commits)

Updates `k8s.io/api` from 0.33.0 to 0.35.2
- [Commits](kubernetes/api@v0.33.0...v0.35.2)

Updates `k8s.io/apimachinery` from 0.33.0 to 0.35.2
- [Commits](kubernetes/apimachinery@v0.33.0...v0.35.2)

Updates `k8s.io/client-go` from 0.33.0 to 0.35.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.33.0...v0.35.2)

Updates `k8s.io/utils` from 0.0.0-20241210054802-24370beab758 to 0.0.0-20260210185600-b8788abfbbc2
- [Commits](https://github.com/kubernetes/utils/commits)

Updates `sigs.k8s.io/controller-runtime` from 0.21.0 to 0.23.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.21.0...v0.23.1)

---
updated-dependencies:
- dependency-name: github.com/cert-manager/cert-manager
  dependency-version: 1.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/exp
  dependency-version: 0.0.0-20250718183923-645b1fa84792
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: k8s.io/api
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: k8s.io/utils
  dependency-version: 0.0.0-20260210185600-b8788abfbbc2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.23.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/tests/go-dependencies-39267cbf1c branch from 4158580 to 3b57ce1 Compare March 30, 2026 17:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

chore Routine tasks or maintenance dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants