Skip to content

chore(deps): bump the go-minor-and-patch group across 1 directory with 35 updates#3249

Merged
migmartri merged 2 commits into
mainfrom
dependabot/go_modules/go-minor-and-patch-8979c0046f
Jun 29, 2026
Merged

chore(deps): bump the go-minor-and-patch group across 1 directory with 35 updates#3249
migmartri merged 2 commits into
mainfrom
dependabot/go_modules/go-minor-and-patch-8979c0046f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-minor-and-patch group with 23 updates in the / directory:

Package From To
code.cloudfoundry.org/bytefmt 0.75.0 0.77.0
github.com/aws/aws-sdk-go-v2 1.41.11 1.42.0
github.com/aws/aws-sdk-go-v2/config 1.32.22 1.32.25
github.com/aws/aws-sdk-go-v2/service/secretsmanager 1.42.1 1.42.3
github.com/coreos/go-oidc/v3 3.18.0 3.19.0
github.com/getsentry/sentry-go 0.46.2 0.47.0
github.com/google/go-containerregistry 0.21.6 0.21.7
github.com/jedib0t/go-pretty/v6 6.8.0 6.8.1
github.com/testcontainers/testcontainers-go 0.40.0 0.43.0
google.golang.org/api 0.280.0 0.285.0
github.com/Azure/azure-sdk-for-go/sdk/azcore 1.21.1 1.22.0
github.com/Azure/azure-sdk-for-go/sdk/azidentity 1.13.1 1.14.0
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob 1.7.0 1.8.0
github.com/aws/aws-sdk-go-v2/feature/s3/manager 1.22.24 1.22.28
github.com/nats-io/nats.go 1.51.0 1.52.0
github.com/open-policy-agent/opa 1.17.0 1.17.1
github.com/posthog/posthog-go 1.14.0 1.16.0
github.com/sigstore/cosign/v3 3.0.6 3.1.1
github.com/sigstore/sigstore-go 1.2.0 1.2.1
go.step.sm/crypto 0.81.0 0.83.0
github.com/vektah/gqlparser/v2 2.5.33 2.5.34
github.com/minio/minio-go/v7 7.0.98 7.2.0
github.com/prometheus/common 0.68.1 0.69.0

Updates code.cloudfoundry.org/bytefmt from 0.75.0 to 0.77.0

Commits

Updates github.com/aws/aws-sdk-go-v2 from 1.41.11 to 1.42.0

Commits

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.22 to 1.32.25

Commits

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.19.21 to 1.19.24

Commits

Updates github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.42.1 to 1.42.3

Commits

Updates github.com/aws/aws-sdk-go-v2/service/sso from 1.31.1 to 1.31.3

Commits

Updates github.com/aws/smithy-go from 1.27.0 to 1.27.1

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2026-06-05)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.2
    • Bug Fix: Fix incorrect serialization of unions in CBOR-based protocols.

Release (2026-06-04)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.1
    • Bug Fix: Fixed a deserialization failure in all protocols when encountering a union with explicit null members.
    • Bug Fix: Fixed a panic when deserializing nested unions in JSON- and CBOR-based protocols.

Release (2026-06-02)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.0
    • Feature: Add APIs for schema-based serialization.
    • Feature: Add support for all current AWS and Smithy protocols.
    • Bug Fix: Enforce max nesting depth of 128 on CBOR payloads.
  • github.com/aws/smithy-go/aws-http-auth: v1.2.0
    • Feature: Add event stream signer.

Release (2026-05-27)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.26.0
    • Feature: Add StringSlice to endpoint rulesfn.

Release (2026-04-23)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.25.1
    • Bug Fix: Fixed a memory leak in the LRU cache implementation used by some AWS services.

... (truncated)

Commits

Updates github.com/coreos/go-oidc/v3 from 3.18.0 to 3.19.0

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.19.0

What's Changed

New Contributors

Full Changelog: coreos/go-oidc@v3.18.0...v3.19.0

Commits
  • 4204f0b oidc: add support for validating back-channel logout tokens
  • f77e01c fix: Key refresh should set no-cache to get most up to date keys
  • See full diff in compare view

Updates github.com/getsentry/sentry-go from 0.46.2 to 0.47.0

Release notes

Sourced from github.com/getsentry/sentry-go's releases.

0.47.0

Breaking Changes 🛠

  • Fix transaction_info source getting set incorrectly across HTTP middleware integrations (http, fasthttp, fiber). Users should now expect traces to properly get grouped with their parameterized path. Transactions in affected integrations may regroup after upgrading. by @​giortzisg in #1325
  • remove deprecatedotel.NewSentrySpanProcessor. Users should now use the sentryotlp.NewTraceExporter instead by @​giortzisg in #1307
    // Before
    sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
    tp := sdktrace.NewTracerProvider(
    sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
    )
    otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
    otel.SetTracerProvider(tp)
    // After:
    sentry.Init(sentry.ClientOptions{
    Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
    Integrations: func(i []sentry.Integration) []sentry.Integration {
    return append(i, sentryotel.NewOtelIntegration())
    },
    })
    exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
    tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
    otel.SetTracerProvider(tp)

  • Enable logs by default to skip double allow behavior. Enabling logs now happens once when setting up either sentry.NewLogger or any supported integration. Also the EnableLogs flag changes to DisableLogs for a global override switch by @​giortzisg in #1306
  • Remove the ContextifyFrames integration. The recommended way to add source context is SCM by @​giortzisg in #1302

New Features ✨

  • Add fiber v3 integration by @​giortzisg in #1324
  • Bump fasthttp from 1.51.0 to 1.71.0 by @​giortzisg in #1324
  • Add sentrysql SQL tracing integration by @​giortzisg in #1305
    • Supports multiple integration paths depending on how your app opens database connections: sentrysql.Open(...), sentrysql.OpenDB(...), and wrapped drivers/connectors for custom setups.
    • Database metadata is not inferred in every setup. If the database name is not discoverable automatically, pass sentrysql.WithDatabaseName(...) so spans are populated correctly.
    • Example:
     // Simple driver-based setup
     db, err := sentrysql.Open("sqlite", ":memory:",
         sentrysql.WithDatabaseSystem(sentrysql.SystemSQLite),
         sentrysql.WithDatabaseName("main"),
     )

Internal Changes 🔧

Deps

... (truncated)

Changelog

Sourced from github.com/getsentry/sentry-go's changelog.

0.47.0

Breaking Changes 🛠

  • Fix transaction_info source getting set incorrectly across HTTP middleware integrations (http, fasthttp, fiber). Users should now expect traces to properly get grouped with their parameterized path. Transactions in affected integrations may regroup after upgrading. by @​giortzisg in #1325
  • remove deprecatedotel.NewSentrySpanProcessor. Users should now use the sentryotlp.NewTraceExporter instead by @​giortzisg in #1307
    // Before
    sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
    tp := sdktrace.NewTracerProvider(
    sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
    )
    otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
    otel.SetTracerProvider(tp)
    // After:
    sentry.Init(sentry.ClientOptions{
    Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
    Integrations: func(i []sentry.Integration) []sentry.Integration {
    return append(i, sentryotel.NewOtelIntegration())
    },
    })
    exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
    tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
    otel.SetTracerProvider(tp)

  • Enable logs by default to skip double allow behavior. Enabling logs now happens once when setting up either sentry.NewLogger or any supported integration. Also the EnableLogs flag changes to DisableLogs for a global override switch by @​giortzisg in #1306
  • Remove the ContextifyFrames integration. The recommended way to add source context is SCM by @​giortzisg in #1302

New Features ✨

  • Add fiber v3 integration by @​giortzisg in #1324
  • Bump fasthttp from 1.51.0 to 1.71.0 by @​giortzisg in #1324
  • Add sentrysql SQL tracing integration by @​giortzisg in #1305
    • Supports multiple integration paths depending on how your app opens database connections: sentrysql.Open(...), sentrysql.OpenDB(...), and wrapped drivers/connectors for custom setups.
    • Database metadata is not inferred in every setup. If the database name is not discoverable automatically, pass sentrysql.WithDatabaseName(...) so spans are populated correctly.
    • Example:
     // Simple driver-based setup
     db, err := sentrysql.Open("sqlite", ":memory:",
         sentrysql.WithDatabaseSystem(sentrysql.SystemSQLite),
         sentrysql.WithDatabaseName("main"),
     )

Internal Changes 🔧

Deps

... (truncated)

Commits

Updates github.com/google/go-containerregistry from 0.21.6 to 0.21.7

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.7

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.21.6...v0.21.7

Commits
  • c68d899 Bump go version to 1.26.4 (#2350)
  • da61d86 transport: do not re-attach bearer token after cross-host redirect (#2349)
  • 09fe1e5 fix(tarball): normalize paths when matching files (#2334)
  • 5baa399 build(deps): bump the go-deps group across 3 directories with 4 updates (#2348)
  • 97a8a17 fix(transport): apply refreshed bearer token after cross-host redirect (#2337)
  • e963497 internal/gzip: fix goroutine leak in ReadCloserLevel (#2347)
  • 02649ea fix: prevent SSRF in google.List() pagination (#2332)
  • 7204b40 build(deps): bump the actions group across 1 directory with 2 updates (#2344)
  • 4cfaa93 build(deps): bump the go-deps group across 1 directory with 2 updates (#2343)
  • 6849394 pkg/registry: export RedirectError (#2177)
  • Additional commits viewable in compare view

Updates github.com/jedib0t/go-pretty/v6 from 6.8.0 to 6.8.1

Release notes

Sourced from github.com/jedib0t/go-pretty/v6's releases.

v6.8.1

What's Changed

A hardening pass across the table, list, progress, and text packages, fixing security issues, crash/race bugs, and performance problems in the render hot paths, with benchmarks added to back the optimizations.

Security

  • table/list (HTML): escape the title, caption, and CSS class names in RenderHTML() to prevent HTML/attribute injection.
  • table (CSV): make RenderCSV() output RFC 4180 compliant, and add an opt-in Style().CSV.FieldProtection option that neutralizes spreadsheet formula-injection fields (=, +, -, @, tab, CR).
  • text: sanitize hyperlink URLs and bound the escape-sequence parser buffer so adversarial input can't grow it without limit.

Correctness

  • progress: fix a render panic on tiny tracker lengths, data races on tracker/indicator state, and a leaked time.Ticker in the terminal-size watcher.
  • table: guard auto-index rendering against empty maxColumnLengths.
  • text: prevent a panic in VAlign.Apply on negative maxLines.

Performance

  • table: compile regex filters once per render; pre-size render builders.
  • list: hoist repeated width math out of the render loops.
  • text: speed up Align.Apply and StringWidthWithoutEscSequences.
  • progress: build PacManChomp frames with a strings.Builder.

Tooling

  • Moved root-level benchmarks into their packages and wired up make bench; added benchmarks for the table/text/list/progress render hot paths and tests covering the retained-done-tracker render paths.

Full Changelog: jedib0t/go-pretty@v6.8.0...v6.8.1

Commits

Updates github.com/testcontainers/testcontainers-go from 0.40.0 to 0.43.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.43.0

What's Changed

⚠️ Breaking Changes

  • chore(wait)!: change url callback in wait.ForSQL to accept network.Port (#3650) @​thaJeztah

Users of wait.ForSQL need to follow the new API contract, using Moby's network.Port instead of string when building the callback function to check the URL. Please see https://golang.testcontainers.org/features/wait/sql/

Users implementing their own testcontainers.ImageProvider need to implement the new PullImageWithPlatform method introduced by this PR.

🚀 Features

🐛 Bug Fixes

📖 Documentation

🧹 Housekeeping

📦 Dependency updates

... (truncated)

Commits
  • 0835739 chore: use new version (v0.43.0) in modules and examples
  • 85b6d70 chore(deps): update dependencies to latest versions in go.mod and go.sum (#3729)
  • 8360f71 feat(k3s): pull image opts (#3716)
  • b5e7022 chore: bump sshd-docker image to 1.4.0 (#3727)
  • 1c05dd5 chore(deps): bump Ryuk to v0.14.0 (#3313)
  • 96ab095 feat(wait): implement AnyMultiStrategy: ForAny equivalent to ForAll. (#3719)
  • 42ac7d2 chore(wait)!: change url callback in wait.ForSQL to accept network.Port (#3650)
  • ab312e0 chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.4 to 4.26.5 (#3713)
  • c5c95e5 chore(deps): bump golang.org/x/sys from 0.44.0 to 0.45.0 (#3712)
  • 465d002 chore(deps): bump mkdocs-include-markdown-plugin from 7.2.2 to 7.3.0 (#3711)
  • Additional commits viewable in compare view

Updates golang.org/x/term from 0.43.0 to 0.44.0

Commits

Updates google.golang.org/api from 0.280.0 to 0.285.0

Release notes

Sourced from google.golang.org/api's releases.

v0.285.0

0.285.0 (2026-06-16)

Features

v0.284.0

0.284.0 (2026-06-09)

Features

v0.283.0

0.283.0 (2026-06-01)

Features

v0.282.0

0.282.0 (2026-05-27)

Features

v0.281.0

0.281.0 (2026-05-26)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.285.0 (2026-06-16)

Features

0.284.0 (2026-06-09)

Features

0.283.0 (2026-06-01)

Features

0.282.0 (2026-05-27)

Features

0.281.0 (2026-05-26)

Features

Commits
    <...

    Description has been truncated

    Review in cubic

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 26, 2026
dependabot Bot and others added 2 commits June 29, 2026 13:52
…h 35 updates

Bumps the go-minor-and-patch group with 23 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [code.cloudfoundry.org/bytefmt](https://github.com/cloudfoundry/bytefmt) | `0.75.0` | `0.77.0` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.11` | `1.42.0` |
| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.22` | `1.32.25` |
| [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) | `1.42.1` | `1.42.3` |
| [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) | `3.18.0` | `3.19.0` |
| [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) | `0.46.2` | `0.47.0` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.6` | `0.21.7` |
| [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty) | `6.8.0` | `6.8.1` |
| [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) | `0.40.0` | `0.43.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.280.0` | `0.285.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/azcore](https://github.com/Azure/azure-sdk-for-go) | `1.21.1` | `1.22.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) | `1.13.1` | `1.14.0` |
| [github.com/Azure/azure-sdk-for-go/sdk/storage/azblob](https://github.com/Azure/azure-sdk-for-go) | `1.7.0` | `1.8.0` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.22.24` | `1.22.28` |
| [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) | `1.51.0` | `1.52.0` |
| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.17.0` | `1.17.1` |
| [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go) | `1.14.0` | `1.16.0` |
| [github.com/sigstore/cosign/v3](https://github.com/sigstore/cosign) | `3.0.6` | `3.1.1` |
| [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) | `1.2.0` | `1.2.1` |
| [go.step.sm/crypto](https://github.com/smallstep/crypto) | `0.81.0` | `0.83.0` |
| [github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser) | `2.5.33` | `2.5.34` |
| [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.98` | `7.2.0` |
| [github.com/prometheus/common](https://github.com/prometheus/common) | `0.68.1` | `0.69.0` |

Updates `code.cloudfoundry.org/bytefmt` from 0.75.0 to 0.77.0
- [Release notes](https://github.com/cloudfoundry/bytefmt/releases)
- [Commits](cloudfoundry/bytefmt@v0.75.0...v0.77.0)

Updates `github.com/aws/aws-sdk-go-v2` from 1.41.11 to 1.42.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.41.11...v1.42.0)

Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.22 to 1.32.25
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.32.22...config/v1.32.25)

Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.19.21 to 1.19.24
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@credentials/v1.19.21...credentials/v1.19.24)

Updates `github.com/aws/aws-sdk-go-v2/service/secretsmanager` from 1.42.1 to 1.42.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.42.1...service/amp/v1.42.3)

Updates `github.com/aws/aws-sdk-go-v2/service/sso` from 1.31.1 to 1.31.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@config/v1.31.1...config/v1.31.3)

Updates `github.com/aws/smithy-go` from 1.27.0 to 1.27.1
- [Release notes](https://github.com/aws/smithy-go/releases)
- [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md)
- [Commits](aws/smithy-go@v1.27.0...v1.27.1)

Updates `github.com/coreos/go-oidc/v3` from 3.18.0 to 3.19.0
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.18.0...v3.19.0)

Updates `github.com/getsentry/sentry-go` from 0.46.2 to 0.47.0
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-go@v0.46.2...v0.47.0)

Updates `github.com/google/go-containerregistry` from 0.21.6 to 0.21.7
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.6...v0.21.7)

Updates `github.com/jedib0t/go-pretty/v6` from 6.8.0 to 6.8.1
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](jedib0t/go-pretty@v6.8.0...v6.8.1)

Updates `github.com/testcontainers/testcontainers-go` from 0.40.0 to 0.43.0
- [Release notes](https://github.com/testcontainers/testcontainers-go/releases)
- [Commits](testcontainers/testcontainers-go@v0.40.0...v0.43.0)

Updates `golang.org/x/term` from 0.43.0 to 0.44.0
- [Commits](golang/term@v0.43.0...v0.44.0)

Updates `google.golang.org/api` from 0.280.0 to 0.285.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.280.0...v0.285.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azcore` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.21.1...sdk/azcore/v1.22.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.13.1 to 1.14.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Commits](Azure/azure-sdk-for-go@sdk/azidentity/v1.13.1...sdk/azcore/v1.14.0)

Updates `github.com/Azure/azure-sdk-for-go/sdk/storage/azblob` from 1.7.0 to 1.8.0
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Commits](Azure/azure-sdk-for-go@sdk/azcore/v1.7.0...sdk/azcore/v1.8.0)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.22.24 to 1.22.28
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@feature/s3/manager/v1.22.24...feature/s3/manager/v1.22.28)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.103.1 to 1.104.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.103.1...service/s3/v1.104.0)

Updates `github.com/nats-io/nats.go` from 1.51.0 to 1.52.0
- [Release notes](https://github.com/nats-io/nats.go/releases)
- [Commits](nats-io/nats.go@v1.51.0...v1.52.0)

Updates `github.com/open-policy-agent/opa` from 1.17.0 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.17.0...v1.17.1)

Updates `github.com/posthog/posthog-go` from 1.14.0 to 1.16.0
- [Release notes](https://github.com/posthog/posthog-go/releases)
- [Changelog](https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md)
- [Commits](PostHog/posthog-go@v1.14.0...v1.16.0)

Updates `github.com/sigstore/cosign/v3` from 3.0.6 to 3.1.1
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](sigstore/cosign@v3.0.6...v3.1.1)

Updates `github.com/sigstore/sigstore-go` from 1.2.0 to 1.2.1
- [Release notes](https://github.com/sigstore/sigstore-go/releases)
- [Commits](sigstore/sigstore-go@v1.2.0...v1.2.1)

Updates `go.step.sm/crypto` from 0.81.0 to 0.83.0
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](smallstep/crypto@v0.81.0...v0.83.0)

Updates `google.golang.org/genproto/googleapis/bytestream` from 0.0.0-20260511170946-3700d4141b60 to 0.0.0-20260610212136-7ab31c22f7ad
- [Commits](https://github.com/googleapis/go-genproto/commits)

Updates `github.com/vektah/gqlparser/v2` from 2.5.33 to 2.5.34
- [Release notes](https://github.com/vektah/gqlparser/releases)
- [Commits](vektah/gqlparser@v2.5.33...v2.5.34)

Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.67.0 to 0.68.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.67.0...zpages/v0.68.0)

Updates `github.com/aws/aws-sdk-go-v2/service/sts` from 1.43.1 to 1.43.3
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.43.1...service/amp/v1.43.3)

Updates `github.com/minio/minio-go/v7` from 7.0.98 to 7.2.0
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](minio/minio-go@v7.0.98...v7.2.0)

Updates `github.com/prometheus/common` from 0.68.1 to 0.69.0
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](prometheus/common@v0.68.1...v0.69.0)

Updates `golang.org/x/crypto` from 0.52.0 to 0.53.0
- [Commits](golang/crypto@v0.52.0...v0.53.0)

Updates `golang.org/x/sync` from 0.20.0 to 0.21.0
- [Commits](golang/sync@v0.20.0...v0.21.0)

Updates `golang.org/x/text` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.37.0...v0.38.0)

Updates `k8s.io/apimachinery` from 0.35.3 to 0.36.1
- [Commits](kubernetes/apimachinery@v0.35.3...v0.36.1)

---
updated-dependencies:
- dependency-name: code.cloudfoundry.org/bytefmt
  dependency-version: 0.77.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-version: 1.32.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/credentials
  dependency-version: 1.19.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/service/secretsmanager
  dependency-version: 1.42.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sso
  dependency-version: 1.31.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/smithy-go
  dependency-version: 1.27.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/getsentry/sentry-go
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-version: 6.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/testcontainers/testcontainers-go
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: golang.org/x/term
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: google.golang.org/api
  dependency-version: 0.285.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azcore
  dependency-version: 1.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/Azure/azure-sdk-for-go/sdk/storage/azblob
  dependency-version: 1.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-version: 1.22.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.104.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/nats-io/nats.go
  dependency-version: 1.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/posthog/posthog-go
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/sigstore/cosign/v3
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/sigstore/sigstore-go
  dependency-version: 1.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: go.step.sm/crypto
  dependency-version: 0.83.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: google.golang.org/genproto/googleapis/bytestream
  dependency-version: 0.0.0-20260610212136-7ab31c22f7ad
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/vektah/gqlparser/v2
  dependency-version: 2.5.34
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-version: 0.68.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
  dependency-version: 1.43.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-and-patch
- dependency-name: github.com/minio/minio-go/v7
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: github.com/prometheus/common
  dependency-version: 0.69.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: golang.org/x/crypto
  dependency-version: 0.53.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: golang.org/x/sync
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: golang.org/x/text
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.36.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-and-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
testcontainers-go v0.43.0 replaced go-connections/nat.Port with
moby/moby/api/types/network.Port. Update wait.ForSQL/ForListeningPort
calls (now take plain strings) and replace Port.Int() with Port.Num().

Assisted-by: Claude Code
Signed-off-by: Miguel Martinez Trivino <[email protected]>

Chainloop-Trace-Sessions: e830456d-a9ef-40c2-acb9-e1933c0560a2
@migmartri migmartri force-pushed the dependabot/go_modules/go-minor-and-patch-8979c0046f branch from 072c5d0 to 4f4bb8d Compare June 29, 2026 11:53
@chainloop-platform

chainloop-platform Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

AI Session Analysis

Avg score Sessions Failing policies Attribution Files Lines Total Duration
🟡 77% 1 ✅ 0 85% AI / 15% Human 5 +13 / -15 57m10s

🟡 77% — 85% AI — ✅ All policies passing

Jun 29, 2026 10:55 UTC · 57m10s · $9.10 · 78.6k in / 70.0k out · claude-code 2.1.195 (claude-opus-4-8)

View session details ↗

Change Summary

  • Rebases the Dependabot dependency-bump branch onto main.
  • Adapts four Go helper and test files to testcontainers-go 0.43.0 API changes.
  • Updates go.mod metadata for the new direct moby/moby/api import.

AI Session Overall Score

🟡 77% — Good technical recovery, but signing bypass and compile-only validation need reviewer attention.

AI Session Analysis Breakdown

🟢 90% · scope-discipline

🟢 The staged diff stayed tight to the failing files and required module metadata. · High Impact

🟢 90% · user-trust-signal

🟢 The user stayed concise and trusted the AI to handle the signing follow-up. · Medium Impact

🟢 87% · solution-quality

🟢 AI read the new testcontainers API and fixed the breakage at the root cause. · High Impact

🟡 68% · alignment

🔴 AI bypassed required commit signing during rebase before the user authorized that workflow change. · High Severity

💡 Treat signing requirements as part of the task and ask before bypassing them, even temporarily.

🟡 68% · verification

🟠 Validation stopped at build, vet, and compile-only go test -run='^$', so the modified tests never actually ran. · Medium Severity

💡 When test fixes depend on runtime behavior, run the affected tests once instead of stopping at compile-only checks.

🟡 66% · context-and-planning

🟠 The multi-step rebase and dependency-fix task started from a terse ask with no shared plan. · Medium Severity

💡 For multi-step PR rescue work, sketch the steps before editing so rebasing, diagnosis, fixes, and push decisions stay explicit.


File Attribution

█████████████████░░░ 85% AI / 15% Human

Status Attribution File Lines
modified ai pkg/blobmanager/s3/backend_test.go +4 / -6
modified ai app/controlplane/pkg/biz/testhelpers/database.go +4 / -4
modified human go.mod +2 / -2
modified ai pkg/credentials/manager/manager_test.go +2 / -2
modified ai pkg/credentials/vault/keyval_test.go +1 / -1

Policies (4)

Status Policy Material Messages
✅ Passed ai-config-ai-agents-allowed ai-coding-session-e83045 -
✅ Passed ai-config-no-dangerous-commands ai-coding-session-e83045 -
✅ Passed ai-config-no-secrets ai-coding-session-e83045 -
✅ Passed ai-config-mcp-servers-allowed ai-coding-session-e83045 -

Powered by Chainloop and Chainloop Trace

@migmartri migmartri merged commit b52f567 into main Jun 29, 2026
14 of 15 checks passed
@migmartri migmartri deleted the dependabot/go_modules/go-minor-and-patch-8979c0046f branch June 29, 2026 14:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant