[chore] Consolidate dependabot dependency updates - Batch 2

[levan-m]

Summary

Consolidates 9 dependabot PRs for efficient review and merging. All changes have been cherry-picked (preserving dependabot authorship), validated with make build, and only include dependency and workflow file updates.

Included PRs

GitHub Actions Updates

• Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 #2639: Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0
• Bump actions/stale from 10.1.1 to 10.2.0 #2640: Bump actions/stale from 10.1.1 to 10.2.0
• Bump rajatjindal/krew-release-bot from 0.0.47 to 0.0.50 #2641: Bump rajatjindal/krew-release-bot from 0.0.47 to 0.0.50
• Bump github/codeql-action from 4.32.0 to 4.32.4 #2642: Bump github/codeql-action from 4.32.0 to 4.32.4
• Bump actions/upload-artifact from 5.0.0 to 6.0.0 #2643: Bump actions/upload-artifact from 5.0.0 to 6.0.0

Go Dependencies

• Bump github.com/mholt/archiver/v3 from 3.5.0 to 3.5.1 #2637: Bump github.com/mholt/archiver/v3 from 3.5.0 to 3.5.1

Test/E2E Dependencies

• Bump github.com/aws/aws-sdk-go-v2/config from 1.32.7 to 1.32.10 in /test/e2e #2644: Bump github.com/aws/aws-sdk-go-v2/config from 1.32.7 to 1.32.10
• Bump github.com/DataDog/datadog-agent/test/fakeintake from 0.77.0-devel to 0.78.0-devel in /test/e2e #2646: Bump github.com/DataDog/datadog-agent/test/fakeintake from 0.77.0-devel to 0.78.0-devel
• Bump k8s.io/client-go from 0.36.0-alpha.0 to 0.36.0-alpha.1 in /test/e2e #2648: Bump k8s.io/client-go from 0.36.0-alpha.0 to 0.36.0-alpha.1

Excluded PRs

The following PRs were excluded due to merge conflicts or CI failures:

• Bump github.com/aws/karpenter-provider-aws from 1.3.6 to 1.9.0 #2638: Bump github.com/aws/karpenter-provider-aws from 1.3.6 to 1.9.0 (merge conflict)
• Bump github.com/DataDog/datadog-agent/test/e2e-framework from 0.77.0-devel.0.20260128103425-05ec94f73895 to 0.78.0-devel in /test/e2e #2647: Bump github.com/DataDog/datadog-agent/test/e2e-framework (merge conflicts)
• Bump k8s.io/api from 0.36.0-alpha.0 to 0.36.0-alpha.1 in /test/e2e #2645: Bump k8s.io/api from 0.36.0-alpha.0 to 0.36.0-alpha.1 (build failures)
• Bump github.com/DataDog/datadog-api-client-go/v2 from 2.34.0 to 2.55.0 #2636: Bump github.com/DataDog/datadog-api-client-go/v2 from 2.34.0 to 2.55.0 (GitLab build failure)

Validation

• ✅ All included PRs passed local make build (compile, lint, test)
• ✅ Only dependency files (go.mod/go.sum) and workflow files modified
• ✅ Dependabot authorship preserved via cherry-pick
• ✅ All PRs had passing CI checks before inclusion

Notes

Once this PR is merged, the individual included PRs above can be closed. The excluded PRs will need to be addressed separately.

🤖 Generated with Claude Code

[levan-m]

/merge

[gh-worker-devflow-routing-ef8351]

View all feedbacks in Devflow UI.

2026-02-25 12:00:35 UTC ℹ️ Start processing command /merge

---

2026-02-25 12:00:41 UTC ℹ️ MergeQueue: waiting for PR to be ready

This pull request is not mergeable according to GitHub. Common reasons include pending required checks, missing approvals, or merge conflicts — but it could also be blocked by other repository rules or settings.
It will be added to the queue as soon as checks pass and/or get approvals. View in MergeQueue UI.
Note: if you pushed new commits since the last approval, you may need additional approval.
You can remove it from the waiting list with /remove command.

---

2026-02-25 12:57:17 UTC ℹ️ MergeQueue: merge request added to the queue

The expected merge time in main is approximately 2h (p90).

---

2026-02-25 14:32:40 UTC ℹ️ MergeQueue: This merge request was already merged

This pull request was merged directly.