Skip to content

build(deps): Bump the go group with 9 updates#2178

Merged
felixfontein merged 1 commit into
mainfrom
dependabot/go_modules/go-6e67ccaab7
May 11, 2026
Merged

build(deps): Bump the go group with 9 updates#2178
felixfontein merged 1 commit into
mainfrom
dependabot/go_modules/go-6e67ccaab7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Bumps the go group with 9 updates:

Package From To
cloud.google.com/go/kms 1.30.0 1.31.0
github.com/aws/aws-sdk-go-v2/feature/s3/manager 1.22.17 1.22.18
github.com/aws/aws-sdk-go-v2/service/s3 1.100.1 1.101.0
github.com/huaweicloud/huaweicloud-sdk-go-v3 0.1.194 0.1.195
golang.org/x/crypto 0.50.0 0.51.0
golang.org/x/net 0.53.0 0.54.0
golang.org/x/sys 0.43.0 0.44.0
golang.org/x/term 0.42.0 0.43.0
google.golang.org/api 0.277.0 0.278.0

Updates cloud.google.com/go/kms from 1.30.0 to 1.31.0

Release notes

Sourced from cloud.google.com/go/kms's releases.

kms: v1.31.0

v1.31.0 (2026-05-07)

retail: v1.31.0

v1.31.0 (2026-05-07)

Changelog

Sourced from cloud.google.com/go/kms's changelog.

1.31.0 (2024-08-01)

Features

  • documentai: A new field imageless_mode is added to message .google.cloud.documentai.v1.ProcessRequest (#10615) (97fa560)

Documentation

  • documentai: Keep the API doc up-to-date with recent changes (97fa560)

1.30.5 (2024-07-24)

Bug Fixes

  • documentai: Update dependencies (257c40b)

1.30.4 (2024-07-10)

Bug Fixes

  • documentai: Bump google.golang.org/grpc@v1.64.1 (8ecc4e9)

1.30.3 (2024-07-01)

Bug Fixes

  • documentai: Bump google.golang.org/api@v0.187.0 (8fa9e39)

1.30.2 (2024-06-26)

Bug Fixes

  • documentai: Enable new auth lib (b95805f)

1.30.1 (2024-06-20)

Documentation

  • documentai: Update the comment to add a note about documentai.processors.create permission (4fa4308)
Commits
  • 9a44b31 chore: librarian release pull request: 20260409T070606Z (#14406)
  • 18a3318 feat: Make AgentEngine APIs public
  • db45f2d feat(bigtable): enable bigtable conn pool by default (#14319)
  • 124ffd3 feat(vertexai): Add AgentEngine Memories Revisions module
  • e247d48 chore: onboard new library appoptimize (#14393)
  • ece84ab chore: update librarian to v0.10.1-0.20260408193841-095ea7e727aa (#14392)
  • ecf9783 chore: librarian release pull request: 20260408T191440Z (#14390)
  • 70b47d2 chore: librarian release pull request: 20260408T190447Z (#14389)
  • 95c53a6 chore(bigquery): bump api to v0.275.0 and unskip bq tracing tests (#14333)
  • df22e9e fix(storage): add retry logic for "http2: client connection lost" (#14385)
  • Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.22.17 to 1.22.18

Commits

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.100.1 to 1.101.0

Commits

Updates github.com/huaweicloud/huaweicloud-sdk-go-v3 from 0.1.194 to 0.1.195

Release notes

Sourced from github.com/huaweicloud/huaweicloud-sdk-go-v3's releases.

v0.1.195

Release 0.1.195

Changelog

Sourced from github.com/huaweicloud/huaweicloud-sdk-go-v3's changelog.

0.1.195 2026-05-07

HuaweiCloud SDK CodeArtsPipeline

  • API Version
    • V2
  • Features
    • None
  • Bug Fix
    • None
  • Change
    • ShowPipelineRunDetail
      • changes of response param
        • + sources.params.build_params.virtual_merge_commit_id
        • - sources.params.build_params.virtual_merge_commitId

HuaweiCloud SDK GaussDBforopenGauss

  • API Version
    • V3
  • Features
    • Support the API ListUpgradePaths
  • Bug Fix
    • None
  • Change
    • None

HuaweiCloud SDK HSS

  • API Version
    • V5
  • Features
    • Support the following APIs:
      • ListAiComponentDetail
      • ListAiComponentStatistics
      • ListCommonHost
      • BatchUpdateClusterResource
      • ListCustomRuleConfigDetail
      • ResumePauseCustomRuleConfig
      • ListCustomRuleConfigs
      • UpdateCustomRuleConfig
      • CreateCustomRuleConfig
      • DeleteCustomRuleConfig
      • ListRelatedEvents
      • ListAgentStatus
      • BatchUpdateHostResource
      • ListSecurityReport
  • Bug Fix
    • None
  • Change

... (truncated)

Commits

Updates golang.org/x/crypto from 0.50.0 to 0.51.0

Commits
  • b8a14a8 go.mod: update golang.org/x dependencies
  • 9d9d507 x509roots/fallback/bundle: fix bundle test with Go 1.27+
  • fd0b90d acme: include Problem in OrderError.Error
  • b9e5359 pbkdf2: turn into a wrapper for crypto/pbkdf2
  • cc0e4fc hkdf: forward Extract to the standard library
  • a8e9237 x509roots/fallback: update bundle
  • See full diff in compare view

Updates golang.org/x/net from 0.53.0 to 0.54.0

Commits
  • b138e06 go.mod: update golang.org/x dependencies
  • 689f70a quic: fix wrong final size being used for RESET_STREAM frame
  • 208f306 http3: increase handshake timeout
  • 49810da http2: enable net/http wrapping when go >= 1.27
  • 5e11a5a quic: fix data race in streamForFrame
  • 8c63081 http2: use empty Transport rather than DefaultTransport in http2wrap
  • fc7b466 http2: add http2wrap test
  • 15c2cb1 http2: avoid overflowing 32-bit int when http2wrap enabled
  • 6465188 http2: add wrapped Server
  • 72f419a http2: add wrapped ClientConn
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.43.0 to 0.44.0

Commits
  • fb1facd windows: avoid uint16 overflow in NewNTUnicodeString
  • 94ad893 windows: add GetIfTable2Ex, GetIpInterface{Entry,Table}, GetUnicastIpAddressT...
  • 54fe89f cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
  • df7d5d7 unix: automatically remove container created by mkall.sh
  • 68a4a8e unix: avoid nil pointer dereference in Utime
  • 690c91f unix: add CPUSetDynamic for systems with more than 1024 CPUs
  • See full diff in compare view

Updates golang.org/x/term from 0.42.0 to 0.43.0

Commits

Updates google.golang.org/api from 0.277.0 to 0.278.0

Release notes

Sourced from google.golang.org/api's releases.

v0.278.0

0.278.0 (2026-05-05)

Features

Changelog

Sourced from google.golang.org/api's changelog.

0.278.0 (2026-05-05)

Features

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): Bump the go group with 9 updates
f2e9c41 
Bumps the go group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/kms](https://github.com/googleapis/google-cloud-go) | `1.30.0` | `1.31.0` |
| [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) | `1.22.17` | `1.22.18` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.100.1` | `1.101.0` |
| [github.com/huaweicloud/huaweicloud-sdk-go-v3](https://github.com/huaweicloud/huaweicloud-sdk-go-v3) | `0.1.194` | `0.1.195` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.50.0` | `0.51.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.53.0` | `0.54.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.43.0` | `0.44.0` |
| [golang.org/x/term](https://github.com/golang/term) | `0.42.0` | `0.43.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.277.0` | `0.278.0` |


Updates `cloud.google.com/go/kms` from 1.30.0 to 1.31.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md)
- [Commits](googleapis/google-cloud-go@kms/v1.30.0...dlp/v1.31.0)

Updates `github.com/aws/aws-sdk-go-v2/feature/s3/manager` from 1.22.17 to 1.22.18
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@feature/s3/manager/v1.22.17...feature/s3/manager/v1.22.18)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.100.1 to 1.101.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.100.1...service/s3/v1.101.0)

Updates `github.com/huaweicloud/huaweicloud-sdk-go-v3` from 0.1.194 to 0.1.195
- [Release notes](https://github.com/huaweicloud/huaweicloud-sdk-go-v3/releases)
- [Changelog](https://github.com/huaweicloud/huaweicloud-sdk-go-v3/blob/master/CHANGELOG.md)
- [Commits](huaweicloud/huaweicloud-sdk-go-v3@v0.1.194...v0.1.195)

Updates `golang.org/x/crypto` from 0.50.0 to 0.51.0
- [Commits](golang/crypto@v0.50.0...v0.51.0)

Updates `golang.org/x/net` from 0.53.0 to 0.54.0
- [Commits](golang/net@v0.53.0...v0.54.0)

Updates `golang.org/x/sys` from 0.43.0 to 0.44.0
- [Commits](golang/sys@v0.43.0...v0.44.0)

Updates `golang.org/x/term` from 0.42.0 to 0.43.0
- [Commits](golang/term@v0.42.0...v0.43.0)

Updates `google.golang.org/api` from 0.277.0 to 0.278.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.277.0...v0.278.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/kms
  dependency-version: 1.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
  dependency-version: 1.22.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.101.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: github.com/huaweicloud/huaweicloud-sdk-go-v3
  dependency-version: 0.1.195
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go
- dependency-name: golang.org/x/crypto
  dependency-version: 0.51.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/net
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/sys
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: golang.org/x/term
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
- dependency-name: google.golang.org/api
  dependency-version: 0.278.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 11, 2026
@felixfontein felixfontein merged commit 03ca1c1 into main May 11, 2026
15 checks passed
@felixfontein felixfontein deleted the dependabot/go_modules/go-6e67ccaab7 branch May 11, 2026 14:57
@BrewTestBot BrewTestBot mentioned this pull request May 16, 2026
Merged
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request May 18, 2026
build(deps): update getsops/sops to v3.13.1
2657061 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [getsops/sops](https://github.com/getsops/sops) | patch | `v3.13.0` → `v3.13.1` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>getsops/sops (getsops/sops)</summary>

### [`v3.13.1`](https://github.com/getsops/sops/releases/tag/v3.13.1)

[Compare Source](getsops/sops@v3.13.0...v3.13.1)

#### Installation

To install `sops`, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.

For instance, if you are using Linux on an AMD64 architecture:

```shell

# Download the binary
curl -LO https://github.com/getsops/sops/releases/download/v3.13.1/sops-v3.13.1.linux.amd64

# Move the binary in to your PATH
mv sops-v3.13.1.linux.amd64 /usr/local/bin/sops

# Make the binary executable
chmod +x /usr/local/bin/sops
```

##### Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using [Cosign](https://docs.sigstore.dev/cosign/overview/) with GitHub OIDC. To validate the signature of this file, run the following commands:

```shell

# Download the checksums file, certificate and signature
curl -LO https://github.com/getsops/sops/releases/download/v3.13.1/sops-v3.13.1.checksums.txt
curl -LO https://github.com/getsops/sops/releases/download/v3.13.1/sops-v3.13.1.checksums.sigstore.json

# Verify the checksums file
cosign verify-blob sops-v3.13.1.checksums.txt \
  --bundle sops-v3.13.1.checksums.sigstore.json \
  --certificate-identity-regexp=https://github.com/getsops \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com
```

##### Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature:

```shell

# Verify the binary using the checksums file
sha256sum -c sops-v3.13.1.checksums.txt --ignore-missing
```

##### Verify artifact provenance

The [SLSA provenance](https://slsa.dev/provenance/v0.2) of the binaries, packages, and SBOMs can be found within the artifacts associated with this release. It is presented through an [in-toto](https://in-toto.io/) link metadata file named `sops-v3.13.1.intoto.jsonl`. To verify the provenance of an artifact, you can utilize the [`slsa-verifier`](https://github.com/slsa-framework/slsa-verifier#artifacts) tool:

```shell

# Download the metadata file
curl -LO  https://github.com/getsops/sops/releases/download/v3.13.1/sops-v3.13.1.intoto.jsonl

# Verify the provenance of the artifact
slsa-verifier verify-artifact <artifact> \
  --provenance-path sops-v3.13.1.intoto.jsonl \
  --source-uri github.com/getsops/sops \
  --source-tag v3.13.1
```

#### Container Images

The `sops` binaries are also available as container images, based on Debian (slim) and Alpine Linux. The Debian-based container images include any dependencies which may be required to make use of certain key services, such as GnuPG, AWS KMS, Azure Key Vault, and Google Cloud KMS. The Alpine-based container images are smaller in size, but do not include these dependencies.

These container images are available for the following architectures: `linux/amd64` and `linux/arm64`.

##### GitHub Container Registry

- `ghcr.io/getsops/sops:v3.13.1`
- `ghcr.io/getsops/sops:v3.13.1-alpine`

##### Quay.io

- `quay.io/getsops/sops:v3.13.1`
- `quay.io/getsops/sops:v3.13.1-alpine`

##### Verify container image signature

The container images are signed using [Cosign](https://docs.sigstore.dev/cosign/overview/) with GitHub OIDC. To validate the signature of an image, run the following command:

```shell
cosign verify ghcr.io/getsops/sops:v3.13.1 \
  --certificate-identity-regexp=https://github.com/getsops \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com \
  -o text
```

##### Verify container image provenance

The container images include [SLSA provenance](https://slsa.dev/provenance/v0.2) attestations. For more information around the verification of this, please refer to the [`slsa-verifier` documentation](https://github.com/slsa-framework/slsa-verifier#containers).

#### Software Bill of Materials

The Software Bill of Materials (SBOM) for each binary is accessible within the artifacts enclosed with this release. It is presented as an [SPDX](https://spdx.dev/) JSON file, formatted as `<binary>.spdx.sbom.json`.

#### What's Changed

- build(deps): Bump the go group with 9 updates by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2178](getsops/sops#2178)
- build(deps): Bump the ci group with 2 updates by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2177](getsops/sops#2177)
- Apply 'gofmt -w -s' to all .go files by [@&#8203;felixfontein](https://github.com/felixfontein) in [#&#8203;2181](getsops/sops#2181)
- GPG agent for age key passwords: avoid percent-encoding of cache key to blow up size > 50 characters by [@&#8203;felixfontein](https://github.com/felixfontein) in [#&#8203;2180](getsops/sops#2180)
- Redirect documentation to github.com/getsops/docs/ by [@&#8203;felixfontein](https://github.com/felixfontein) in [#&#8203;2083](getsops/sops#2083)
- Release 3.13.1 by [@&#8203;felixfontein](https://github.com/felixfontein) in [#&#8203;2183](getsops/sops#2183)

**Full Changelog**: <getsops/sops@v3.13.0...v3.13.1>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiLCJhdXRvbWF0aW9uOmJvdC1hdXRob3JlZCIsImRlcGVuZGVuY3ktdHlwZTo6cGF0Y2giXX0=-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@felixfontein felixfontein felixfontein approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@felixfontein