Skip to content

NO-ISSUE: Bump the go-dependencies group across 1 directory with 12 updates#1502

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/go-dependencies-04a37523a5
Open

NO-ISSUE: Bump the go-dependencies group across 1 directory with 12 updates#1502
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/go-dependencies-04a37523a5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 18, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-dependencies group with 9 updates in the / directory:

Package From To
github.com/coreos/ignition/v2 2.19.0 2.26.0
github.com/go-openapi/runtime 0.28.0 0.32.4
github.com/go-openapi/swag 0.23.0 0.27.0
github.com/hashicorp/go-version 1.7.0 1.9.0
github.com/jaypipes/ghw 0.23.0 0.24.0
github.com/sirupsen/logrus 1.9.3 1.9.4
github.com/spf13/afero 1.11.0 1.15.0
github.com/vishvananda/netlink 1.2.1-beta.2 1.3.1
github.com/itchyny/gojq 0.12.16 0.12.19

Updates github.com/coreos/ignition/v2 from 2.19.0 to 2.26.0

Release notes

Sourced from github.com/coreos/ignition/v2's releases.

v2.26.0

Features

  • Mark the 3.6.0 config spec as stable
  • No longer accept configs with version 3.6.0-experimental
  • Create new 3.7.0-experimental config spec from 3.6.0

Bug fixes

  • Include groupmod binary in initramfs (#2190)

v2.25.1

Ignition 2.25.1 (2025-12-22)

Bug fixes

  • Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

v2.24.0

Features

  • Add support for nocloud config fetching in kubevirt

Bug fixes

  • Fix occasional cex.key file removal
  • Fix multipath partitioning: ignore DM holders when no partitions are mounted

v2.23.0

Features

  • Support UpCloud

Changes

  • Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

  • Fix fetch-offline for Oracle Cloud Infrastructure

v2.22.0

Starting with this release, ignition-validate binaries are signed with the Fedora 42 key.

Features

  • Support Oracle Cloud Infrastructure

... (truncated)

Changelog

Sourced from github.com/coreos/ignition/v2's changelog.

Ignition 2.26.0 (2026-02-17)

Features

  • Mark the 3.6.0 config spec as stable
  • No longer accept configs with version 3.6.0-experimental
  • Create new 3.7.0-experimental config spec from 3.6.0

Bug fixes

  • Include groupmod binary in initramfs (#2190)

Ignition 2.25.1 (2025-12-22)

Bug fixes

  • Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

Ignition 2.25.0 (2025-12-11)

Starting with this release, ignition-validate binaries are signed with the Fedora 43 key.

Features

  • The name for custom clevis pins is not validated by Ignition anymore, enabling the use of arbitrary custom pins (3.6.0-exp)
  • Add NVIDIA BlueField provider

Bug fixes

  • Fix EnsureGroup to be idempotent when group already exists (#2158)
  • Fix invalid random source in FIPS 140-only mode in FIPS mode (#2159)
  • Only load kernel modules when actually necessary so that they can be built-in (#2164)

Ignition 2.24.0 (2024-10-14)

This version was actually released 2025-10-14, but changing the title now would invalidate links to this entry here in the release notes.

Features

  • Add support for nocloud config fetching in kubevirt

Bug fixes

  • Fix occasional cex.key file removal
  • Fix multipath partitioning: ignore DM holders when no partitions are mounted

... (truncated)

Commits
  • 7e288ed Merge pull request #2205 from prestist/new-release-2.26.0
  • 506d91d docs/release-notes: update for 2.26.0
  • af7bcce Merge pull request #2202 from prestist/3.6-stable
  • 8ab8a64 docs: update for spec stabilization
  • c7031fb docs: shuffle for spec stabilization
  • 41d23b1 tests: update for new experimental spec
  • 3252aa5 *: update to v3_7_experimental spec
  • 0e5a329 config/v3_7_experimental: adapt for new experimental spec
  • 21d5140 config: copy v3_6 to v3_7_experimental
  • 57d4d86 config/v3_6: stabilize
  • Additional commits viewable in compare view

Updates github.com/go-openapi/runtime from 0.28.0 to 0.32.4

Release notes

Sourced from github.com/go-openapi/runtime's releases.

v0.32.4

0.32.4 - 2026-06-19

Full Changelog: go-openapi/runtime@v0.32.3...v0.32.4

10 commits in this release.


Fixed bugs

  • fix(middleware): nil-guard param.Schema in UntypedRequestBinder map path by @​Copilot in #488 ...

Documentation

Miscellaneous tasks

Updates


People who contributed to this release


runtime license terms

License

... (truncated)

Commits
  • 908a0ff chore: prepare release v0.32.4
  • 5a6fbee build(deps): bump github.com/go-openapi/spec
  • b63b221 build(deps): bump the development-dependencies group with 2 updates
  • d3cd4f6 fix(middleware): nil-guard param.Schema in UntypedRequestBinder map path (#488)
  • 760cc62 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • 6c5385e build(deps): bump golang.org/x/sync
  • 1045e1c build(deps): bump the development-dependencies group with 9 updates
  • 9b01ff4 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • deed159 doc: updated contributors file
  • 2dc38ae build(deps): bump the development-dependencies group with 10 updates
  • Additional commits viewable in compare view

Updates github.com/go-openapi/strfmt from 0.23.0 to 0.26.3

Release notes

Sourced from github.com/go-openapi/strfmt's releases.

v0.26.3

0.26.3 - 2026-05-31

Full Changelog: go-openapi/strfmt@v0.26.2...v0.26.3

15 commits in this release.


Documentation

Miscellaneous tasks

Updates


People who contributed to this release


strfmt license terms

[License][license-url]

... (truncated)

Commits
  • d93543f chore: prepare release v0.26.3
  • 7841767 build(deps): bump the other-dependencies group across 3 directories with 2 up...
  • f041a88 build(deps): bump golang.org/x/net
  • 6ac9968 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • 1d31844 fix(ci): monitor - work around dependabot identity requirements
  • 1531efc fix(ci): typo in sha
  • cb7dd25 fix(ci): updated shared ci worflows (fix monitor-bot identity)
  • 62db01a fix(ci): updated shared ci worflows (fix monitor-bot permissions)
  • c7cf6fb fix(ci): updated shared ci worflows (fix monitor-bot filter) (#259)
  • c2e3626 doc: updated contributors file
  • Additional commits viewable in compare view

Updates github.com/go-openapi/swag from 0.23.0 to 0.27.0

Release notes

Sourced from github.com/go-openapi/swag's releases.

v0.27.0

0.27.0 - 2026-06-29

Pools utility module

Full Changelog: go-openapi/swag@v0.26.1...v0.27.0

9 commits in this release.


Implemented enhancements

  • feat: factory for generic sync.Pool usage, with safety test mode by @​fredbi in #215 ...

Documentation

Miscellaneous tasks

Updates

  • build(deps): bump the go-openapi-dependencies group across 15 directories with 2 updates by @​dependabot[bot] in #214 ...
  • build(deps): bump go-openapi/ci-workflows/.github/workflows/monitor-bot-pr.yml from 93b16765c4045dbd4dac2372803294298aa7592a to 2e57e83146e049b5dfb8116ba16a09b2da27b3c5 in the development-dependencies group by @​dependabot[bot] in #211 ...
  • build(deps): bump the development-dependencies group with 8 updates by @​dependabot[bot] in #209 ...

People who contributed to this release


swag license terms

[License][license-url]

... (truncated)

Commits
  • 4f9e718 chore: prepare release v0.27.0
  • 014eae7 chore: deprecated the jsonname module (moved to jsonpointer) (#216)
  • d4bd1af feat: factory for generic sync.Pool usage, with safety test mode. (#215)
  • 23df065 build(deps): bump the go-openapi-dependencies group across 15 directories wit...
  • ce8f066 ci: post README announcements to discord + bump ci-workflows to v0.4.0 (#213)
  • ea59449 chore(ci): run contributors workflow monthly instead of weekly (#212)
  • b623b89 build(deps): bump go-openapi/ci-workflows/.github/workflows/monitor-bot-pr.yml
  • 3eac5b8 doc: updated contributors file
  • 95a4653 build(deps): bump the development-dependencies group with 8 updates
  • 85923a5 chore: prepare release v0.26.1
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-version from 1.7.0 to 1.9.0

Release notes

Sourced from github.com/hashicorp/go-version's releases.

v1.9.0

What's Changed

Enhancements

Internal

New Contributors

Full Changelog: hashicorp/go-version@v1.8.0...v1.9.0

v1.8.0

What's Changed

New Contributors

Full Changelog: hashicorp/go-version@v1.7.0...v1.8.0

Changelog

Sourced from github.com/hashicorp/go-version's changelog.

1.9.0 (Mar 30, 2026)

ENHANCEMENTS:

Support parsing versions with custom prefixes via opt-in option in hashicorp/go-version#79

INTERNAL:

1.8.0 (Nov 28, 2025)

ENHANCEMENTS:

INTERNAL:

Commits
  • b80b1e6 Update CHANGELOG for version 1.9.0 (#187)
  • e93736f Bump the github-actions-backward-compatible group across 1 directory with 2 u...
  • c009de0 Bump actions/upload-artifact from 6.0.0 to 7.0.0 in the github-actions-breaki...
  • 0474357 Update GitHub Actions to trigger on pull requests and update go version (#185)
  • b4ab5fc Support parsing versions with custom prefixes via opt-in option (#79)
  • 25c683b Merge pull request #182 from hashicorp/dependabot/github_actions/github-actio...
  • 4f2bcd8 Bump the github-actions-backward-compatible group with 3 updates
  • acb8b18 Merge pull request #180 from hashicorp/dependabot/github_actions/github-actio...
  • 0394c4f Merge pull request #179 from hashicorp/dependabot/github_actions/github-actio...
  • b2fbaa7 Bump the github-actions-backward-compatible group across 1 directory with 2 u...
  • Additional commits viewable in compare view

Updates github.com/jaypipes/ghw from 0.23.0 to 0.24.0

Release notes

Sourced from github.com/jaypipes/ghw's releases.

v0.24.0

What's Changed

New Contributors

Full Changelog: jaypipes/ghw@v0.23.0...v0.24.0

Commits
  • b026dd2 Merge pull request #460 from jaypipes/context-from-env
  • 4e7ac7a use ContextFromEnv() when no args passed to Info()
  • 651a76e Merge pull request #454 from sewnie/main
  • 53d5f8f codeorg: decouple cmd dependencies using go work
  • 1600827 codeorg: remove dependency on testify
  • 31ad85d Merge pull request #455 from jaypipes/update-gh-workflows
  • d6efcd5 update Github Actions workflows for more modern Go
  • 168d775 Merge pull request #450 from jaypipes/use-builtin-errors
  • 022b1eb codeorg: remove dependency on github.com/pkg/errors
  • See full diff in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.9.4

Fixes:

  • Remove uses of deprecated ioutil package

Features:

  • Add GNU/Hurd support
  • Add WASI wasip1 support

Code quality:

  • Update minimum supported Go version to 1.17
  • Documentation updates
Commits
  • b61f268 Merge pull request #1472 from goldlinker/master
  • 15c29db refactor: replace the deprecated function in the ioutil package
  • cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
  • 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
  • d916819 Merge pull request #1427 from dolmen/fix-testify-usage
  • 135e482 README: small touch-ups
  • 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
  • 877ecec README: remove travis badge
  • 55cf256 Merge pull request #1393 from jsoref/grammar
  • 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
  • Additional commits viewable in compare view

Updates github.com/spf13/afero from 1.11.0 to 1.15.0

Release notes

Sourced from github.com/spf13/afero's releases.

v1.15.0

What's Changed

New Contributors

Full Changelog: spf13/afero@v1.14.0...v1.15.0

v1.14.0

What's Changed

Full Changelog: spf13/afero@v1.13.0...v1.14.0

v1.13.0

What's Changed

... (truncated)

Commits
  • 399bb34 Merge pull request #523 from MarkRosemaker/fix-spelling
  • 9b67716 Merge pull request #538 from spf13/deps
  • f5f4f7b chore: update deps
  • c245c4f ci: update ci
  • 85c4956 Merge pull request #527 from spf13/dependabot/github_actions/actions/checkout...
  • 41206fd build(deps): bump actions/checkout from 4.2.2 to 5.0.0
  • a583fad Merge pull request #533 from spf13/dependabot/github_actions/actions/dependen...
  • 673c03e Merge pull request #536 from spf13/dependabot/github_actions/actions/setup-go...
  • ac849f6 Merge pull request #537 from spf13/dependabot/github_actions/github/codeql-ac...
  • 9596fe8 build(deps): bump github/codeql-action from 3.29.7 to 3.30.1
  • Additional commits viewable in compare view

Updates github.com/vishvananda/netlink from 1.2.1-beta.2 to 1.3.1

Release notes

Sourced from github.com/vishvananda/netlink's releases.

v1.3.1

What's Changed

@dependabot dependabot Bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. dependabot go Pull requests that update Go code lgtm Indicates that a PR is ready to be merged. labels Jun 18, 2026
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jun 18, 2026
@openshift-ci-robot

Copy link
Copy Markdown

@dependabot[bot]: This pull request explicitly references no jira issue.

Details

In response to this:

Bumps the go-dependencies group with 9 updates in the / directory:

Package From To
github.com/coreos/ignition/v2 2.19.0 2.26.0
github.com/go-openapi/runtime 0.28.0 0.32.3
github.com/go-openapi/swag 0.23.0 0.26.1
github.com/hashicorp/go-version 1.7.0 1.9.0
github.com/jaypipes/ghw 0.23.0 0.24.0
github.com/sirupsen/logrus 1.9.3 1.9.4
github.com/spf13/afero 1.11.0 1.15.0
github.com/vishvananda/netlink 1.2.1-beta.2 1.3.1
github.com/itchyny/gojq 0.12.16 0.12.19

Updates github.com/coreos/ignition/v2 from 2.19.0 to 2.26.0

Release notes

Sourced from github.com/coreos/ignition/v2's releases.

v2.26.0

Features

  • Mark the 3.6.0 config spec as stable
  • No longer accept configs with version 3.6.0-experimental
  • Create new 3.7.0-experimental config spec from 3.6.0

Bug fixes

  • Include groupmod binary in initramfs (#2190)

v2.25.1

Ignition 2.25.1 (2025-12-22)

Bug fixes

  • Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

v2.24.0

Features

  • Add support for nocloud config fetching in kubevirt

Bug fixes

  • Fix occasional cex.key file removal
  • Fix multipath partitioning: ignore DM holders when no partitions are mounted

v2.23.0

Features

  • Support UpCloud

Changes

  • Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

  • Fix fetch-offline for Oracle Cloud Infrastructure

v2.22.0

Starting with this release, ignition-validate binaries are signed with the Fedora 42 key.

Features

  • Support Oracle Cloud Infrastructure

... (truncated)

Changelog

Sourced from github.com/coreos/ignition/v2's changelog.

Ignition 2.26.0 (2026-02-17)

Features

  • Mark the 3.6.0 config spec as stable
  • No longer accept configs with version 3.6.0-experimental
  • Create new 3.7.0-experimental config spec from 3.6.0

Bug fixes

  • Include groupmod binary in initramfs (#2190)

Ignition 2.25.1 (2025-12-22)

Bug fixes

  • Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

Ignition 2.25.0 (2025-12-11)

Starting with this release, ignition-validate binaries are signed with the Fedora 43 key.

Features

  • The name for custom clevis pins is not validated by Ignition anymore, enabling the use of arbitrary custom pins (3.6.0-exp)
  • Add NVIDIA BlueField provider

Bug fixes

  • Fix EnsureGroup to be idempotent when group already exists (#2158)
  • Fix invalid random source in FIPS 140-only mode in FIPS mode (#2159)
  • Only load kernel modules when actually necessary so that they can be built-in (#2164)

Ignition 2.24.0 (2024-10-14)

This version was actually released 2025-10-14, but changing the title now would invalidate links to this entry here in the release notes.

Features

  • Add support for nocloud config fetching in kubevirt

Bug fixes

  • Fix occasional cex.key file removal
  • Fix multipath partitioning: ignore DM holders when no partitions are mounted

... (truncated)

Commits
  • 7e288ed Merge pull request #2205 from prestist/new-release-2.26.0
  • 506d91d docs/release-notes: update for 2.26.0
  • af7bcce Merge pull request #2202 from prestist/3.6-stable
  • 8ab8a64 docs: update for spec stabilization
  • c7031fb docs: shuffle for spec stabilization
  • 41d23b1 tests: update for new experimental spec
  • 3252aa5 *: update to v3_7_experimental spec
  • 0e5a329 config/v3_7_experimental: adapt for new experimental spec
  • 21d5140 config: copy v3_6 to v3_7_experimental
  • 57d4d86 config/v3_6: stabilize
  • Additional commits viewable in compare view

Updates github.com/go-openapi/runtime from 0.28.0 to 0.32.3

Release notes

Sourced from github.com/go-openapi/runtime's releases.

v0.32.3

0.32.3 - 2026-06-02

Full Changelog: go-openapi/runtime@v0.32.2...v0.32.3

6 commits in this release.


Implemented enhancements

  • feat(ci): added shared workflow for bot-pr monitoring by @​fredbi ...

Documentation

Miscellaneous tasks

Updates


People who contributed to this release


runtime license terms

License

Per-module changes


... (truncated)

Commits
  • 6c3a7fd chore: prepare release v0.32.3
  • 1733ca7 chore: updated dependencies (#479)
  • 7a7ea03 feat(ci): added shared workflow for bot-pr monitoring
  • d4d7f7d doc: updated contributors file
  • 6937b17 build(deps): bump the other-dependencies group across 2 directories with 3 up...
  • 4361051 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • a357ecf chore: prepare release v0.32.2
  • 10b4d12 fix(client): added a guard to avoid the client to panic (#474)
  • ea80e5a chore: prepare release v0.32.1
  • 01f5c55 doc: documented SkipAuth feature with build tag (#472)
  • Additional commits viewable in compare view

Updates github.com/go-openapi/strfmt from 0.23.0 to 0.26.3

Release notes

Sourced from github.com/go-openapi/strfmt's releases.

v0.26.3

0.26.3 - 2026-05-31

Full Changelog: go-openapi/strfmt@v0.26.2...v0.26.3

15 commits in this release.


Documentation

Miscellaneous tasks

Updates


People who contributed to this release


strfmt license terms

[License][license-url]

... (truncated)

Commits
  • d93543f chore: prepare release v0.26.3
  • 7841767 build(deps): bump the other-dependencies group across 3 directories with 2 up...
  • f041a88 build(deps): bump golang.org/x/net
  • 6ac9968 build(deps): bump the go-openapi-dependencies group across 2 directories with...
  • 1d31844 fix(ci): monitor - work around dependabot identity requirements
  • 1531efc fix(ci): typo in sha
  • cb7dd25 fix(ci): updated shared ci worflows (fix monitor-bot identity)
  • 62db01a fix(ci): updated shared ci worflows (fix monitor-bot permissions)
  • c7cf6fb fix(ci): updated shared ci worflows (fix monitor-bot filter) (#259)
  • c2e3626 doc: updated contributors file
  • Additional commits viewable in compare view

Updates github.com/go-openapi/swag from 0.23.0 to 0.26.1

Release notes

Sourced from github.com/go-openapi/swag's releases.

v0.26.1

0.26.1 - 2026-06-07

Full Changelog: go-openapi/swag@v0.26.0...v0.26.1

12 commits in this release.


Implemented enhancements

  • feat(loading): sandbox local loading with WithRoot (GHSA-v2xp-g8xf-22pf) by @​fredbi in #203 ...
  • feat(ci): added shared workflow for bot-pr monitoring by @​fredbi ...

Documentation

Miscellaneous tasks

Security

  • doc(loading): document security implications of using the loader by @​fredbi in #207 ...

Updates


People who contributed to this release


swag license terms

... (truncated)

Commits
  • 85923a5 chore: prepare release v0.26.1
  • 336c586 doc(loading): document security implications of using the loader (#207)
  • 92ec622 doc: updated contributors file
  • 3f77c79 doc: aligned with org docs (#205)
  • 40578b5 build(deps): bump the development-dependencies group with 8 updates
  • eefaba1 feat(loading): sandbox local loading with WithRoot (GHSA-v2xp-g8xf-22pf) (#203)
  • 2e99502 feat(ci): added shared workflow for bot-pr monitoring
  • cafd10f build(deps): bump the go-openapi-dependencies group across 15 directories wit...
  • 660dd54 build(deps): bump the development-dependencies group with 7 updates
  • e089511 build(deps): bump the go-openapi-dependencies group across 15 directories wit...
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-version from 1.7.0 to 1.9.0

Release notes

Sourced from github.com/hashicorp/go-version's releases.

v1.9.0

What's Changed

Enhancements

Internal

New Contributors

Full Changelog: hashicorp/go-version@v1.8.0...v1.9.0

v1.8.0

What's Changed

New Contributors

Full Changelog: hashicorp/go-version@v1.7.0...v1.8.0

Changelog

Sourced from github.com/hashicorp/go-version's changelog.

1.9.0 (Mar 30, 2026)

ENHANCEMENTS:

Support parsing versions with custom prefixes via opt-in option in hashicorp/go-version#79

INTERNAL:

1.8.0 (Nov 28, 2025)

ENHANCEMENTS:

INTERNAL:

Commits
  • b80b1e6 Update CHANGELOG for version 1.9.0 (#187)
  • e93736f Bump the github-actions-backward-compatible group across 1 directory with 2 u...
  • c009de0 Bump actions/upload-artifact from 6.0.0 to 7.0.0 in the github-actions-breaki...
  • 0474357 Update GitHub Actions to trigger on pull requests and update go version (#185)
  • b4ab5fc Support parsing versions with custom prefixes via opt-in option (#79)
  • 25c683b Merge pull request #182 from hashicorp/dependabot/github_actions/github-actio...
  • 4f2bcd8 Bump the github-actions-backward-compatible group with 3 updates
  • acb8b18 Merge pull request #180 from hashicorp/dependabot/github_actions/github-actio...
  • 0394c4f Merge pull request #179 from hashicorp/dependabot/github_actions/github-actio...
  • b2fbaa7 Bump the github-actions-backward-compatible group across 1 directory with 2 u...
  • Additional commits viewable in compare view

Updates github.com/jaypipes/ghw from 0.23.0 to 0.24.0

Release notes

Sourced from github.com/jaypipes/ghw's releases.

v0.24.0

What's Changed

New Contributors

Full Changelog: jaypipes/ghw@v0.23.0...v0.24.0

Commits
  • b026dd2 Merge pull request #460 from jaypipes/context-from-env
  • 4e7ac7a use ContextFromEnv() when no args passed to Info()
  • 651a76e Merge pull request #454 from sewnie/main
  • 53d5f8f codeorg: decouple cmd dependencies using go work
  • 1600827 codeorg: remove dependency on testify
  • 31ad85d Merge pull request #455 from jaypipes/update-gh-workflows
  • d6efcd5 update Github Actions workflows for more modern Go
  • 168d775 Merge pull request #450 from jaypipes/use-builtin-errors
  • 022b1eb codeorg: remove dependency on github.com/pkg/errors
  • See full diff in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.9.4

Fixes:

  • Remove uses of deprecated ioutil package

Features:

  • Add GNU/Hurd support
  • Add WASI wasip1 support

Code quality:

  • Update minimum supported Go version to 1.17
  • Documentation updates
Commits
  • b61f268 Merge pull request #1472 from goldlinker/master
  • 15c29db refactor: replace the deprecated function in the ioutil package
  • cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
  • 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
  • d916819 Merge pull request #1427 from dolmen/fix-testify-usage
  • 135e482 README: small touch-ups
  • 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
  • 877ecec README: remove travis badge
  • 55cf256 Merge pull request #1393 from jsoref/grammar
  • 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
  • Additional commits viewable in compare view

Updates github.com/spf13/afero from 1.11.0 to 1.15.0

Release notes

Sourced from github.com/spf13/afero's releases.

v1.15.0

What's Changed

New Contributors

Full Changelog: spf13/afero@v1.14.0...v1.15.0

v1.14.0

What's Changed

Full Changelog: spf13/afero@v1.13.0...v1.14.0

v1.13.0

What's Changed

... (truncated)

Commits
  • 399bb34 Merge pull request #523 from MarkRosemaker/fix-spelling
  • 9b67716 Merge pull request #538 from spf13/deps
  • f5f4f7b chore: update deps
  • c245c4f ci: update ci
  • 85c4956 Merge pull request #527 from spf13/dependabot/github_actions/actions/checkout...
  • 41206fd build(deps): bump actions/checkout from 4.2.2 to 5.0.0
  • a583fad Merge pull request #533 from spf13/dependabot/github_actions/actions/dependen...
  • 673c03e Merge pull request #536 from spf13/dependabot/github_actions/actions/setup-go...
  • ac849f6 Merge pull request #537 from spf13/dependabot/github_actions/github/codeql-ac...
  • 9596fe8 build(deps): bump github/codeql-action from 3.29.7 to 3.30.1
  • Additional commits viewable in compare view

Updates github.com/vishvananda/netlink from 1.2.1-beta.2 to 1.3.1

Release notes

Sourced from github.com/vishvananda/netlink's releases.

v1.3.1

What's Changed

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@coderabbitai

coderabbitai Bot commented Jun 18, 2026

Copy link
Copy Markdown

Walkthrough

Updates go.mod by bumping direct and indirect dependency versions, adding OpenAPI-related indirect modules, upgrading OpenTelemetry and system packages, and removing go.mongodb.org/mongo-driver from the indirect list.

Changes

Dependency Version Updates

Layer / File(s) Summary
Direct dependency bumps
go.mod
Bumps direct require entries for core, platform, and utility modules, including github.com/coreos/ignition/v2, github.com/go-openapi/*, github.com/hashicorp/go-version, github.com/jaypipes/ghw, github.com/sirupsen/logrus, github.com/spf13/afero, github.com/vishvananda/netlink, golang.org/x/sync, golang.org/x/sys, github.com/itchyny/gojq, github.com/vishvananda/netns, and golang.org/x/text.
Indirect OpenAPI additions
go.mod
Adds or updates indirect OpenAPI support modules, including github.com/go-openapi/runtime/server-middleware, several github.com/go-openapi/swag/* submodules, github.com/go-viper/mapstructure/v2, and github.com/oklog/ulid/v2.
Observability and system upgrades
go.mod
Upgrades indirect OpenTelemetry dependencies (go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp, go.opentelemetry.io/otel, metric, and trace) and bumps github.com/coreos/go-systemd/v22.
Indirect refresh and cleanup
go.mod
Refreshes a larger indirect block with newer github.com/go-openapi/* and golang.org/x/* versions, updates google.golang.org/protobuf, and removes go.mongodb.org/mongo-driver from the indirect list.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related PRs

  • openshift/assisted-installer-agent#1311: Overlaps on several of the same go.mod dependency bumps, including github.com/jaypipes/ghw, golang.org/x/sync, golang.org/x/sys, and go-openapi indirects.
  • openshift/assisted-installer-agent#1417: Updates the same dependency family, including golang.org/x/sync, golang.org/x/sys, google.golang.org/protobuf, golang.org/x/text, and go.opentelemetry.io/otel.

Suggested labels: lgtm

Suggested reviewers: pastequo, yoavsc0302


Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error)

Check name Status Explanation Resolution
No-Sensitive-Data-In-Logs ❌ Error Runtime.Trace logs req.URL.String() and TLS/server details with no redaction, which can expose tokens, internal hostnames, or customer data. Redact URL userinfo/query and sensitive TLS fields before logging, or gate these details behind an explicit masked-debug mode.
✅ Passed checks (14 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed No *_test.go files were changed; the diff is dependency/vendor updates only, so no Ginkgo titles were introduced.
Test Structure And Quality ✅ Passed No Ginkgo test files were changed; the PR is a dependency/vendor update, so the test-quality check is not applicable.
Microshift Test Compatibility ✅ Passed No new or modified test/e2e files in the diff; changes are dependency/vendor updates only.
Single Node Openshift (Sno) Test Compatibility ✅ Passed PR only updates go.mod/go.sum and vendored dependencies; no _test.go/e2e files or new Ginkgo specs were added, so no SNO-specific multi-node risk.
Topology-Aware Scheduling Compatibility ✅ Passed Only go.mod/go.sum and vendored dependency snapshots changed; no deployment manifests, controllers, or scheduling code were modified.
Ote Binary Stdout Contract ✅ Passed Vendor/go.mod-only PR; no non-vendor process-level code changed, and stdout references in vendored files were unchanged or comment-only.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed Diff is dependency/vendor-only (go.mod, go.sum, vendor); no new Ginkgo e2e tests or network-using test code were added.
No-Weak-Crypto ✅ Passed No weak-crypto constructors, algorithms, or secret comparisons were introduced; the MD5/SHA1 matches are telemetry attribute names/comments only.
Container-Privileges ✅ Passed Only go.mod/go.sum changed outside vendor; no container/K8s manifests or privilege flags appear in the diff.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the root go.mod dependency bump.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/go_modules/go-dependencies-04a37523a5

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Jun 18, 2026
@codecov

codecov Bot commented Jun 18, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.50%. Comparing base (f84fd71) to head (cc509dc).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #1502      +/-   ##
==========================================
- Coverage   56.54%   56.50%   -0.05%     
==========================================
  Files          90       90              
  Lines        4653     4653              
==========================================
- Hits         2631     2629       -2     
- Misses       1816     1817       +1     
- Partials      206      207       +1     

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

/retest-required

Remaining retests: 0 against base HEAD 23e48fc and 2 for PR HEAD 2272752 in total

@openshift-merge-bot

Copy link
Copy Markdown
Contributor

/retest-required

Remaining retests: 0 against base HEAD 9b81f45 and 1 for PR HEAD 2272752 in total

@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-04a37523a5 branch from 2272752 to 91cf2fc Compare June 22, 2026 16:34
@openshift-ci openshift-ci Bot removed the lgtm Indicates that a PR is ready to be merged. label Jun 22, 2026
@openshift-ci

openshift-ci Bot commented Jun 22, 2026

Copy link
Copy Markdown

New changes are detected. LGTM label has been removed.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-04a37523a5 branch 2 times, most recently from d92f78a to cebd162 Compare June 26, 2026 16:34
@openshift-ci

openshift-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

…pdates

Bumps the go-dependencies group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/coreos/ignition/v2](https://github.com/coreos/ignition) | `2.19.0` | `2.26.0` |
| [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) | `0.28.0` | `0.32.4` |
| [github.com/go-openapi/swag](https://github.com/go-openapi/swag) | `0.23.0` | `0.27.0` |
| [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) | `1.7.0` | `1.9.0` |
| [github.com/jaypipes/ghw](https://github.com/jaypipes/ghw) | `0.23.0` | `0.24.0` |
| [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.3` | `1.9.4` |
| [github.com/spf13/afero](https://github.com/spf13/afero) | `1.11.0` | `1.15.0` |
| [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) | `1.2.1-beta.2` | `1.3.1` |
| [github.com/itchyny/gojq](https://github.com/itchyny/gojq) | `0.12.16` | `0.12.19` |



Updates `github.com/coreos/ignition/v2` from 2.19.0 to 2.26.0
- [Release notes](https://github.com/coreos/ignition/releases)
- [Changelog](https://github.com/coreos/ignition/blob/main/docs/release-notes.md)
- [Commits](coreos/ignition@v2.19.0...v2.26.0)

Updates `github.com/go-openapi/runtime` from 0.28.0 to 0.32.4
- [Release notes](https://github.com/go-openapi/runtime/releases)
- [Commits](go-openapi/runtime@v0.28.0...v0.32.4)

Updates `github.com/go-openapi/strfmt` from 0.23.0 to 0.26.3
- [Release notes](https://github.com/go-openapi/strfmt/releases)
- [Commits](go-openapi/strfmt@v0.23.0...v0.26.3)

Updates `github.com/go-openapi/swag` from 0.23.0 to 0.27.0
- [Release notes](https://github.com/go-openapi/swag/releases)
- [Commits](go-openapi/swag@v0.23.0...v0.27.0)

Updates `github.com/hashicorp/go-version` from 1.7.0 to 1.9.0
- [Release notes](https://github.com/hashicorp/go-version/releases)
- [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md)
- [Commits](hashicorp/go-version@v1.7.0...v1.9.0)

Updates `github.com/jaypipes/ghw` from 0.23.0 to 0.24.0
- [Release notes](https://github.com/jaypipes/ghw/releases)
- [Commits](jaypipes/ghw@v0.23.0...v0.24.0)

Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](sirupsen/logrus@v1.9.3...v1.9.4)

Updates `github.com/spf13/afero` from 1.11.0 to 1.15.0
- [Release notes](https://github.com/spf13/afero/releases)
- [Commits](spf13/afero@v1.11.0...v1.15.0)

Updates `github.com/vishvananda/netlink` from 1.2.1-beta.2 to 1.3.1
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](vishvananda/netlink@v1.2.1-beta.2...v1.3.1)

Updates `golang.org/x/sync` from 0.19.0 to 0.21.0
- [Commits](golang/sync@v0.19.0...v0.21.0)

Updates `golang.org/x/sys` from 0.42.0 to 0.45.0
- [Commits](golang/sys@v0.42.0...v0.45.0)

Updates `github.com/itchyny/gojq` from 0.12.16 to 0.12.19
- [Release notes](https://github.com/itchyny/gojq/releases)
- [Changelog](https://github.com/itchyny/gojq/blob/main/CHANGELOG.md)
- [Commits](itchyny/gojq@v0.12.16...v0.12.19)

---
updated-dependencies:
- dependency-name: github.com/coreos/ignition/v2
  dependency-version: 2.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/go-openapi/runtime
  dependency-version: 0.32.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/go-openapi/strfmt
  dependency-version: 0.26.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/go-openapi/swag
  dependency-version: 0.26.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/hashicorp/go-version
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/itchyny/gojq
  dependency-version: 0.12.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/jaypipes/ghw
  dependency-version: 0.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/spf13/afero
  dependency-version: 1.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/vishvananda/netlink
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sync
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-04a37523a5 branch from cebd162 to cc509dc Compare July 3, 2026 16:34
@openshift-ci

openshift-ci Bot commented Jul 3, 2026

Copy link
Copy Markdown

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/edge-subsystem-test cc509dc link true /test edge-subsystem-test
ci/prow/edge-e2e-metal-assisted-4-20 cc509dc link true /test edge-e2e-metal-assisted-4-20
ci/prow/edge-images cc509dc link true /test edge-images
ci/prow/edge-e2e-ai-operator-ztp cc509dc link true /test edge-e2e-ai-operator-ztp
ci/prow/edge-lint cc509dc link true /test edge-lint

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependabot go Pull requests that update Go code jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant