[release-1.18][gomod]: Bump the minor group across 1 directory with 4 updates

[dependabot]

Bumps the minor group with 4 updates in the / directory: github.com/cloudevents/sdk-go/v2, github.com/fatih/color, github.com/spf13/cobra and github.com/spf13/viper.

Updates github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.0

Release notes

Sourced from github.com/cloudevents/sdk-go/v2's releases.

Release v2.16.0

✨ Features & Enhancements

• Confluent Kafka binding #988 by @​yanmxa
  Added a new Confluent Kafka protocol binding for CloudEvents, supporting modern Kafka client features.

• Producer report channel for Confluent Kafka #1031 by @​yanmxa
  Exposed a producer report channel via Events() to allow users to track delivery status of Kafka messages.

• Support structured content type suffixes #1007 by @​dan-j
  Improved content type handling by recognizing structured syntax suffixes like +json, increasing compatibility with various encodings.

• Default timeout via context #992 by @​nkreiger
  Introduced support for configuring protocol default timeouts using context.Context.

• Benchmarks for CESQL #1050 by @​Cali0707
  Added benchmark tests to measure CESQL query performance.

• Optimized CESQL LIKE matching #1049 by @​Cali0707
  Improved the performance of CESQL's LIKE pattern matching logic.

• Expose AddFunction API for CESQL Parser [🤖 Synchronize branch release-next to upstream/main #1047 / #1051] by @​dgeorgievski
  Enabled users to register custom functions in CESQL via the newly exposed AddFunction API.

• Flexible subject matching for NATS JetStream #1084 by @​evankanderson
  Added support for flexible subject pattern matching in NATS JetStream subscriptions.

• Add v3 version of NATS JetStream protocol #1095 by @​stephen-totty-hpe
  Introduced a new version of the NATS JetStream protocol (v3) with enhanced features and forward compatibility.

• Expose WithHost option #1070 by @​jaxtonw
  Added a configurable WithHost option for improved protocol initialization flexibility.

• Support dataref cloud event extension [[Dataref Extension #1018](https://redirect.github.com/Adding a simple dataref extension cloudevents/sdk-go#1018)] by @​matzew Implements the Dataref (Claim Check Pattern) as specified by the CloudEvent Extension Attributes spec.

---

🛠 Fixes

• Handle multiple AMQP data fields correctly #1034 by @​embano1
  Fixed parsing of AMQP messages containing multiple data fields to conform with spec expectations.

• Fix invalid ce- prefix in Confluent binding #1059 by @​embano1
  Corrected an issue where CloudEvents extensions were incorrectly prefixed in the Confluent Kafka binding.

• Fix LIKE expression error handling #1046 by @​Cali0707
  Prevented panics on malformed LIKE expressions in CESQL; now returns a parse error instead.

• Fix MQTT content-type issue #1063 by @​yanmxa

... (truncated)

Commits

• 6de37de Merge pull request #1139 from duglin/upgradeLint
• 25cdf94 upgrade-lint
• 240eb02 Merge pull request #1137 from duglin/fix-automerge
• 7b6701c fix automerge by giving better names
• d3e82a7 Merge pull request #1136 from cloudevents/dependabot/github_actions/golangci/...
• 00e3d7c chore(deps): Bump golangci/golangci-lint-action from 6.5.2 to 7.0.0
• 69cfc2d Merge pull request #1018 from matzew/add_dataref_extension
• 535da92 Adding a simple dataref extension, similar to the java sdk
• 74ac76d Merge pull request #1134 from cloudevents/dependabot/go_modules/observability...
• 6da042f chore: run go mod tidy
• Additional commits viewable in compare view

Updates github.com/fatih/color from 1.16.0 to 1.18.0

Release notes

Sourced from github.com/fatih/color's releases.

v1.18.0

What's Changed

• Add RGB API support by @​fatih in fatih/color#225
• Bump GitHub workflow actions by @​deining in fatih/color#235
• Bump golang.org/x/sys from 0.18.0 to 0.24.0 by @​dependabot in fatih/color#236
• Bump golang.org/x/sys from 0.24.0 to 0.25.0 by @​dependabot in fatih/color#237

New Contributors

• @​deining made their first contribution in fatih/color#235

Full Changelog: fatih/color@v1.17.0...v1.18.0

v1.17.0

What's Changed

• Fix multi-parameter println spacing by @​klauspost in fatih/color#228
• ci: update Go and Staticcheck versions by @​fatih in fatih/color#222
• Bump golang.org/x/sys from 0.14.0 to 0.17.0 by @​dependabot in fatih/color#221
• Bump actions/setup-go from 4 to 5 by @​dependabot in fatih/color#217
• Bump golang.org/x/sys from 0.17.0 to 0.18.0 by @​dependabot in fatih/color#224

New Contributors

• @​klauspost made their first contribution in fatih/color#228

Full Changelog: fatih/color@v1.16.0...v1.17.0

Commits

• 1c8d870 Update README.md
• 546c2d0 Merge pull request #225 from fatih/add-rgb-api
• 1ff0f97 Apply suggestions from code review
• 5723903 Add RGB API support
• f203fbc Merge pull request #237 from fatih/dependabot/go_modules/golang.org/x/sys-0.25.0
• 60aa7fb Bump golang.org/x/sys from 0.24.0 to 0.25.0
• 741c2f4 Merge pull request #236 from fatih/dependabot/go_modules/golang.org/x/sys-0.24.0
• 0d24b42 Bump golang.org/x/sys from 0.18.0 to 0.24.0
• cb154c0 Merge pull request #235 from deining/fix-typo
• 9b9653e Bump GitHub workflow actions
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.9.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.9.1

🐛 Fixes

• Fix CompletionFunc implementation by @​ccoVeille in spf13/cobra#2234
• Revert "Make detection for test-binary more universal (#2173)" by @​marckhouzam in spf13/cobra#2235

Full Changelog: spf13/cobra@v1.9.0...v1.9.1

v1.9.0

✨ Features

• Allow linker to perform deadcode elimination for program using Cobra by @​aarzilli in spf13/cobra#1956
• Add default completion command even if there are no other sub-commands by @​marckhouzam in spf13/cobra#1559
• Add CompletionWithDesc helper by @​ccoVeille in spf13/cobra#2231

🐛 Fixes

• Fix deprecation comment for Command.SetOutput by @​thaJeztah in spf13/cobra#2172
• Replace deprecated ioutil usage by @​nirs in spf13/cobra#2181
• Fix --version help and output for plugins by @​nirs in spf13/cobra#2180
• Allow to reset the templates to the default by @​marckhouzam in spf13/cobra#2229

🤖 Completions

• Make Powershell completion work in constrained mode by @​lstemplinger in spf13/cobra#2196
• Improve detection for flags that accept multiple values by @​thaJeztah in spf13/cobra#2210
• add CompletionFunc type to help with completions by @​ccoVeille in spf13/cobra#2220
• Add similar whitespace escape logic to bash v2 completions than in other completions by @​kangasta in spf13/cobra#1743
• Print ActiveHelp for bash along other completions by @​marckhouzam in spf13/cobra#2076
• fix(completions): Complete map flags multiple times by @​gabe565 in spf13/cobra#2174
• fix(bash): nounset unbound file filter variable on empty extension by @​scop in spf13/cobra#2228

🧪 Testing

• Test also with go 1.23 by @​nirs in spf13/cobra#2182
• Make detection for test-binary more universal by @​thaJeztah in spf13/cobra#2173

✍🏼 Documentation

• docs: update README.md by @​eltociear in spf13/cobra#2197
• Improve site formatting by @​nirs in spf13/cobra#2183
• doc: add Conduit by @​raulb in spf13/cobra#2230
• doc: azion project added to the list of CLIs that use cobra by @​maxwelbm in spf13/cobra#2198
• Fix broken links in active_help.md by @​vuil in spf13/cobra#2202
• chore: fix function name in comment by @​zhuhaicity in spf13/cobra#2216

🔧 Dependency upgrades

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​thaJeztah in spf13/cobra#2206
• Update to latest go-md2man by @​mikelolasagasti in spf13/cobra#2201

... (truncated)

Commits

• 40b5bc1 Revert "Make detection for test-binary more universal (#2173)" (#2235)
• a97f9fd fix CompletionFunc implementation (#2234)
• 5f9c408 chore: Upgrade dependencies for v1.9.0 (#2233)
• 24ada7f Remove the default "completion" cmd if it is alone (#1559)
• 680936a New logo
• 8cb30f9 feat: add CompletionWithDesc helper (#2231)
• 17b6dca doc: add Conduit (#2230)
• ab5cadc Allow to reset the templates to the default (#2229)
• 4ba5566 fix(bash): nounset unbound file filter variable on empty extension (#2228)
• 41b26ec Print ActiveHelp for bash along other completions (#2076)
• Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.18.2 to 1.20.1

Release notes

Sourced from github.com/spf13/viper's releases.

v1.20.1

What's Changed

Bug Fixes 🐛

• Backport config type fixes to 1.20.x by @​sagikazarmark in spf13/viper#2005

Full Changelog: spf13/viper@v1.20.0...v1.20.1

v1.20.0

[!WARNING] This release includes a few minor breaking changes. Read the upgrade guide for details.

What's Changed

Exciting New Features 🎉

• New encoding layer by @​sagikazarmark in spf13/viper#1869

Enhancements 🚀

• Drop Go 1.20 support by @​sagikazarmark in spf13/viper#1846
• Drop slog shim by @​sagikazarmark in spf13/viper#1848
• Replace file searching API with a finder by @​sagikazarmark in spf13/viper#1849
• Finder feature flag by @​sagikazarmark in spf13/viper#1852
• Allow setting options on the global Viper instance by @​sagikazarmark in spf13/viper#1856
• Add experimental flag for bind struct by @​sagikazarmark in spf13/viper#1854
• Make the remote package a separate module by @​sagikazarmark in spf13/viper#1860
• Add decoder hook option by @​sagikazarmark in spf13/viper#1872
• Encoder improvements by @​sagikazarmark in spf13/viper#1885
• Get uint8 by @​martinconic in spf13/viper#1894

Bug Fixes 🐛

• Fix missing config type when reading from a buffer by @​sagikazarmark in spf13/viper#1857
• fix: do not allow setting dependencies to nil values by @​sagikazarmark in spf13/viper#1871
• feat: copy keydelim from parent chart in viper.Sub() by @​obs-gh-alexlew in spf13/viper#1887

Breaking Changes 🛠

• Drop encoding formats: HCL, Java properties, INI by @​sagikazarmark in spf13/viper#1870

Dependency Updates ⬆️

• chore: update mapstructure by @​sagikazarmark in spf13/viper#1723
• chore: update crypt by @​sagikazarmark in spf13/viper#1834
• build(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @​dependabot in spf13/viper#1853
• Revert to go-difflib and go-spew releases by @​skitt in spf13/viper#1861
• build(deps): bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @​dependabot in spf13/viper#1862
• build(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @​dependabot in spf13/viper#1865
• build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @​dependabot in spf13/viper#1864
• chore: update crypt by @​sagikazarmark in spf13/viper#1866
• build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @​dependabot in spf13/viper#1876
• build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /remote by @​dependabot in spf13/viper#1878
• build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @​dependabot in spf13/viper#1879
• build(deps): bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @​dependabot in spf13/viper#1881

... (truncated)

Commits

• 9568cfc fix: config type check when loading any config
• fd05140 fix(config): get config type from v.configType or config file ext
• c038295 docs: add update instructions for 1.20
• 9c07e0f build: disable unused linters
• 48112d6 ci: add Go 1.24 to the test matrix
• 66e3e28 build(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6
• 17b96ac New Logo
• 8b223a4 build(deps): bump github.com/spf13/cast from 1.7.0 to 1.7.1
• 91fd363 chore: update afero
• e75c48f Fix issues reported by testifylint
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign openshift-cherrypick-robot for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.