build(deps): Bump github.com/kubescape/storage from 0.0.185 to 0.2.0

[gaganhr94]

Description of the PR

Related to #2719

PR Checklist

• All commits have a Developer Certificate of Origin (DCO) -- they are generated using -s flag to git commit.
• All new changes are covered by tests
• If GraphQL schema is changed, make generate has been run
• If GraphQL schema is changed, GraphQL client updates/additions have been made
• If OpenAPI spec is changed, make generate has been run
• If ent schema is changed, make generate has been run
• If collectsub protobuf has been changed, make proto has been run
• All CI checks are passing (tests and formatting)
• All dependent PRs have already been merged

[kusari-inspector]

Kusari Analysis Results:

✅ No Flagged Issues Detected
All values appear to be within acceptable risk parameters.

Both dependency and code security analyses independently recommend proceeding with this PR. From a dependency perspective, this PR is a net security improvement: it removes three OpenTelemetry OTLP HTTP exporter packages carrying CVE-2026-39882 (HIGH - unbounded HTTP response body memory exhaustion) and upgrades github.com/opencontainers/selinux from v1.12.0 to v1.13.1, resolving the previously flagged CVE-2025-52881 (container escape). All newly introduced packages carry no active CVEs. Minor risk flags on ginkgo/v2 and go-sqlite3 are policy-related (absent mandatory upstream code review), not exploitable vulnerabilities, and both are indirect transitive dependencies only. From a code security perspective, govulncheck confirms zero vulnerabilities with zero affected execution paths across all scanned files, zero secrets exposed, and zero workflow issues. The selinux update is validated as effective by govulncheck's reachability analysis. Licenses are permissive or weak copyleft on transitive-only deps, which is acceptable. There are no conflicting findings between the two analyses.

Note

View full detailed analysis result for more information on the output and the checks that were run.

---

@kusari-inspector rerun - Trigger a re-analysis of this PR
@kusari-inspector feedback [your message] - Send feedback to our AI and team
See Kusari's documentation for setup and configuration.
Commit: cd2f05a, performed at: 2026-04-09T04:47:38Z

Found this helpful? Give it a 👍 or 👎 reaction!

[kusari-inspector]

Kusari PR Analysis rerun based on - cd2f05a performed at: 2026-04-09T04:48:14Z - link to updated analysis

[mihaimaruseac]

Needs a rebase and another review

[gaganhr94]

Rebased. Unit and Integration test failing due to update in the OSV data, so the test data needs to be updated. PR #2973 will have to be merged to unblock this

[gaganhr94]

Unit test workflow needs a rerun. Looks like an intermittent failure.

[gaganhr94]

@mlieberman85 please do review this PR when you get a chance. Thanks !