chore(deps): update go dependencies

[red-hat-konflux]

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
cloud.google.com/go	indirect	minor	v0.121.6 -> v0.123.0
cloud.google.com/go/auth	indirect	patch	v0.18.0 -> v0.18.2
cloud.google.com/go/longrunning	indirect	minor	v0.7.0 -> v0.8.0
cuelabs.dev/go/oci/ociregistry	indirect	digest	2c00c10 -> 3adeb86
cuelang.org/go	require	minor	v0.12.1 -> v0.16.0
filippo.io/edwards25519	indirect	minor	v1.1.0 -> v1.2.0
github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider	indirect	minor	v0.14.0 -> v0.20.0
github.com/Azure/azure-sdk-for-go/sdk/azcore	indirect	minor	v1.20.0 -> v1.21.0
github.com/Azure/go-autorest/autorest	indirect	patch	v0.11.29 -> v0.11.30
github.com/Azure/go-autorest/autorest/adal	indirect	patch	v0.9.23 -> v0.9.24
github.com/Azure/go-autorest/autorest/azure/auth	indirect	patch	v0.5.12 -> v0.5.13
github.com/Azure/go-autorest/autorest/azure/cli	indirect	patch	v0.4.6 -> v0.4.7
github.com/Azure/go-autorest/autorest/date	indirect	patch	v0.3.0 -> v0.3.1
github.com/Azure/go-autorest/logger	indirect	patch	v0.2.1 -> v0.2.2
github.com/Azure/go-autorest/tracing	indirect	patch	v0.6.0 -> v0.6.1
github.com/AzureAD/microsoft-authentication-library-for-go	indirect	minor	v1.6.0 -> v1.7.0
github.com/ThalesIgnite/crypto11	require	minor	v1.2.5 -> v1.6.0
github.com/alibabacloud-go/alibabacloud-gateway-spi	indirect	patch	v0.0.4 -> v0.0.5
github.com/alibabacloud-go/debug	indirect	patch	v1.0.0 -> v1.0.1
github.com/alibabacloud-go/openapi-util	indirect	patch	v0.1.0 -> v0.1.2
github.com/alibabacloud-go/tea	indirect	minor	v1.2.1 -> v1.4.0
github.com/aliyun/credentials-go	indirect	minor	v1.3.2 -> v1.4.11
github.com/aws/aws-sdk-go-v2/credentials	indirect	patch	v1.19.5 -> v1.19.11
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	indirect	patch	v1.18.16 -> v1.18.19
github.com/aws/aws-sdk-go-v2/internal/configsources	indirect	patch	v1.4.16 -> v1.4.19
github.com/aws/aws-sdk-go-v2/internal/ini	indirect	patch	v1.8.4 -> v1.8.5
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding	indirect	patch	v1.13.4 -> v1.13.6
github.com/aws/aws-sdk-go-v2/service/signin	indirect	patch	v1.0.4 -> v1.0.7
github.com/awslabs/amazon-ecr-credential-helper/ecr-login	require	minor	v0.9.1 -> v0.12.0
github.com/buildkite/go-pipeline	indirect	minor	v0.13.3 -> v0.16.0
github.com/buildkite/roko	indirect	minor	v1.3.1 -> v1.4.0
github.com/cloudflare/circl	indirect	minor	v1.3.7 -> v1.6.3
github.com/containerd/stargz-snapshotter/estargz	indirect	patch	v0.18.1 -> v0.18.2
github.com/digitorus/pkcs7	indirect	digest	3a137a8 -> ffadbf3
github.com/digitorus/timestamp	require	digest	220c5c2 -> c455327
github.com/docker/docker-credential-helpers	indirect	patch	v0.9.3 -> v0.9.5
github.com/emicklei/proto	indirect	minor	v1.13.4 -> v1.14.3
github.com/go-openapi/analysis	indirect	minor	v0.23.0 -> v0.24.2
github.com/go-openapi/errors	indirect	patch	v0.22.1 -> v0.22.7
github.com/go-openapi/jsonpointer	indirect	minor	v0.21.0 -> v0.22.5
github.com/go-openapi/jsonreference	indirect	patch	v0.21.0 -> v0.21.5
github.com/go-openapi/loads	indirect	minor	v0.22.0 -> v0.23.2
github.com/go-openapi/runtime	require	minor	v0.28.0 -> v0.29.2
github.com/go-openapi/spec	indirect	minor	v0.21.0 -> v0.22.4
github.com/go-openapi/strfmt	require	minor	v0.23.0 -> v0.25.0
github.com/go-openapi/swag	require	minor	v0.23.1 -> v0.25.5
github.com/google/certificate-transparency-go	require	patch	v1.3.2 -> v1.3.3
github.com/google/gnostic-models	indirect	minor	v0.6.9 -> v0.7.1
github.com/google/go-querystring	indirect	minor	v1.1.0 -> v1.2.0
github.com/googleapis/enterprise-certificate-proxy	indirect	patch	v0.3.7 -> v0.3.13
github.com/in-toto/attestation	indirect	patch	v1.1.1 -> v1.1.2
github.com/in-toto/in-toto-golang	require	minor	v0.9.0 -> v0.10.0
github.com/klauspost/compress	indirect	patch	v1.18.1 -> v1.18.4
github.com/letsencrypt/boulder	indirect	minor	v0.20251110.0 -> v0.20260303.0
github.com/mailru/easyjson	indirect	patch	v0.9.0 -> v0.9.1
github.com/miekg/pkcs11	require	patch	v1.1.1 -> v1.1.2
github.com/open-policy-agent/opa	require	minor	v1.1.0 -> v1.14.0
github.com/prometheus/procfs	indirect	minor	v0.16.1 -> v0.20.1
github.com/protocolbuffers/txtpbfmt	indirect	digest	a5fe556 -> a481f6a
github.com/sagikazarmark/locafero	indirect	minor	v0.7.0 -> v0.12.0
github.com/secure-systems-lab/go-securesystemslib	require	minor	v0.9.1 -> v0.10.0
github.com/sigstore/rekor	require	minor	v1.3.10 -> v1.5.0
github.com/sigstore/sigstore	require	patch	v1.10.3 -> v1.10.4
github.com/sigstore/sigstore-go	require	patch	v0.7.2 -> v0.7.3
github.com/sigstore/sigstore/pkg/signature/kms/aws	require	patch	v1.10.3 -> v1.10.4
github.com/sigstore/sigstore/pkg/signature/kms/azure	require	patch	v1.10.3 -> v1.10.4
github.com/sigstore/sigstore/pkg/signature/kms/gcp	require	patch	v1.10.3 -> v1.10.4
github.com/sigstore/sigstore/pkg/signature/kms/hashivault	require	patch	v1.10.3 -> v1.10.4
github.com/sigstore/timestamp-authority	require	patch	v1.2.7 -> v1.2.9
github.com/sirupsen/logrus	indirect	patch	v1.9.3 -> v1.9.4
github.com/spf13/afero	indirect	minor	v1.12.0 -> v1.15.0
github.com/spf13/cast	indirect	minor	v1.7.1 -> v1.10.0
github.com/spf13/viper	require	minor	v1.20.1 -> v1.21.0
gitlab.com/gitlab-org/api/client-go	require	minor	v0.128.0 -> v0.161.1
go.mongodb.org/mongo-driver	indirect	minor	v1.14.0 -> v1.17.9
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	indirect	minor	v0.63.0 -> v0.66.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	indirect	minor	v0.63.0 -> v0.66.0
go.step.sm/crypto	indirect	minor	v0.75.0 -> v0.76.2
golang.org/x/crypto	indirect	minor	v0.35.0 -> v0.48.0
golang.org/x/crypto	require	minor	v0.46.0 -> v0.48.0
golang.org/x/exp	indirect	digest	b7579e2 -> 3dfff04
golang.org/x/mod	indirect	minor	v0.30.0 -> v0.33.0
golang.org/x/net	indirect	minor	v0.48.0 -> v0.51.0
golang.org/x/oauth2	require	minor	v0.34.0 -> v0.35.0
golang.org/x/sys	indirect	minor	v0.39.0 -> v0.41.0
golang.org/x/term	require	minor	v0.38.0 -> v0.40.0
golang.org/x/text	indirect	minor	v0.32.0 -> v0.34.0
golang.org/x/tools	indirect	minor	v0.39.0 -> v0.42.0
google.golang.org/api	require	minor	v0.259.0 -> v0.269.0
google.golang.org/genproto	indirect	digest	ff82c1b -> a57be14
google.golang.org/genproto/googleapis/api	indirect	digest	0a764e5 -> a57be14
google.golang.org/genproto/googleapis/rpc	indirect	digest	0a764e5 -> a57be14
k8s.io/api	require	minor	v0.28.3 -> v0.35.2
k8s.io/apimachinery	require	minor	v0.28.3 -> v0.35.2
k8s.io/client-go	require	minor	v0.28.3 -> v0.35.2
k8s.io/kube-openapi	indirect	digest	c8a335a -> 5b3e3fd
k8s.io/utils	require	digest	0af2bda -> b8788ab
sigs.k8s.io/json	indirect	digest	cfa47c3 -> 2d32026
sigs.k8s.io/release-utils	require	patch	v0.12.2 -> v0.12.3
sigs.k8s.io/yaml	indirect	minor	v1.4.0 -> v1.6.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

googleapis/google-cloud-go (cloud.google.com/go)

v0.123.0

Compare Source

Features

• internal/stategen: Populate the latest googleapis commit (#​12880) (7b017a0)
• librariangen: Implement the build command (#​12817) (14734c8)

Bug Fixes

• internal/librariangen: Add link to source commit in release notes (#​12881) (1c06cc6)
• internal/librariangen: Fix CHANGES.md headers (#​12849) (baf515d)
• internal/librariangen: Remove go mod init/tidy from postprocessor (#​12832) (1fe506a)
• internal/librariangen: Test for error path with flags (#​12830) (f0da7b2)
• internal/postprocessor: Add dlp to skip-module-scan-paths (#​12857) (45a7d9b)
• librariangen: Honor original container contract (#​12846) (71c8fd3)
• librariangen: Improvements to release-init (#​12842) (0db677a)
• stategen: Specify an appropriate tag format for google-cloud-go (#​12835) (ffcff33)

v0.122.0

Compare Source

Features

• internal/librariangen: Add release-init command (#​12751) (52e84cc)

Bug Fixes

• internal/godocfx: Better support for v2 modules (#​12797) (4bc8785)
• internal/godocfx: Module detection when tidy errors (#​12801) (83d46cd)
• internal/librariangen: Fix goimports errors (#​12765) (83bdaa4)

cue-lang/cue (cuelang.org/go)

v0.16.0

Compare Source

Changes which may break some users are marked below with: ⚠️

Language

As a reminder, we have two ongoing language experiments since v0.15; a replacement for struct embedding and a rework of aliases. Please give these a try and report any issues or feedback!

⚠️ The cmdreferencepkg global experiment is now stable, meaning that CUE_EXPERIMENT=cmdreferencepkg is always enabled.

#"""# is now accepted as a string literal quoting a double quote, ".

Multiline string literals now require a trailing newline, matching the language spec.

The new try experiment

This release introduces the try experiment, which adds a try clause in comprehensions as well as the use of ? in field selectors. This addition to the language is intended to provide a more concise syntax for handling optional fields without the risk of unintentionally swallowing errors.

This experiment also introduces the else clause for if and try comprehensions, and the fallback clause for for comprehensions, which trigger when a comprehension produces zero values.

You can try this experiment by following our how-to guides on the try clause and the else clause. For more information, see the proposal on GitHub and the spec change patch.

Evaluator

Performance

Further improve the use of caching in the typochecker algorithm; this provides speed-ups of up to 80% on some large projects.

Very large structs (tested with 20,000 fields) are up to 80% faster now, as we were repeating some work unnecessarily.

A great deal of effort has gone into reducing the allocations and memory usage across a number of projects. For some of these, memory usage is down by as much as 60%.

These improvements were possible thanks to our Unity service, letting us analyze CUE's performance and test for regressions on third party projects. Contact @​mvdan on Discord, Slack, or via the Unity page to ensure that your project is included or you are running into slowness.

A number of changes were made to improve support for using cue.Values concurrently; see Issue #​2733 for more details and ongoing progress.

Other changes

Fix a regression introduced in v0.13 where the or built-in with literal arguments could stop behaving like a disjunction.

A number of panics and other bugs in the evaluator which were reported since v0.15.0 have been fixed; thank you to all who reported these.

cmd/cue

Add support for $DOCKER_AUTH_CONFIG to directly provide the contents of $DOCKER_CONFIG/config.json to authenticate with module registries, matching Docker's current behavior.

The --outfile flag now works when given non-regular files such as named pipes or sockets.

⚠️ cue mod publish no longer ignores sub-directories containing a go.mod file.

⚠️ Using cue inside the cue.mod directory now fails consistently with a clear error message to not place CUE code there. Previously, some commands worked while others failed with confusing errors.

⚠️ The global --verbose and --trace flags have been moved to the cue get go and cue trim commands respectively, as they were the only ones actually using those flags, and this could be confusing to users.

Fix a bug where loading ./...:pkgname could lead to loading directories without CUE files as instances, which could cause poor performance for CUE packages with multiple parent directories.

cue exp writefs gains an encoding optional field for regular files, to specify an encoding rather than infer it from the filename extension.

LSP server

Initial LSP support for editing embedded JSON and YAML files. This feature provides completions and hover-docs when editing JSON or YAML files which are embedded into CUE via the @embed attribute. A teaser video is available on YouTube.

Code Actions: two code actions are now provided, Add surrounding struct braces and Remove surrounding struct braces, which convert between

a: b: c

and

a: {
	b: c
}

with the cursor on b.

A complete overhaul of how the LSP server suggests code completions. This solves the previous naïve implementation which would only make suggestions after a field name or path had been started. Now completions are available from within whitespace.

Embedded paths with mutual dependencies: embedded paths with multiple components (e.g. a.b.c) can in some cases only be fully resolved after the resolution of other embedded paths. The LSP server can now correctly handle these dependencies.

The LSP server now implements LSP Document Symbols functionality. This is often used by editors to provide light-weight breadcrumb navigation within a file.

Some preliminary diagnostics are now sent from the LSP server back to the editor. Initially this mainly indicates syntax errors in CUE files, but this can be extended in the future.

Many bug fixes, including better behaviour for files and directories with spaces; improvements for value aliases (foo: L=x); LSP rename now provides placeholder text; improved jump-to-definition behaviour for package-level fields; fixed issues around imports; path resolution; formatting of standalone CUE files; and others.

See our Getting Started wiki page for instructions on how to set it up with your editor.

Please report any bugs or missing features you encounter via the Issue tracker or via the #lsp channels on Discord or Slack.

Encodings

Add support for encoding YAML tags like key: !Custom value by using CUE attributes like key: "value" @​yaml(,tag="!Custom").

cue get go now detects which Go packages use Kubernetes type semantics via // +k8s:openapi-gen=true and obeys the field annotations // +optional and // +nullable.

cue get go gains a --codec flag to configure the use and priority of Go struct field tags like json or yaml.

Fix a bug where cue get go could skip over fields whose type implements one of the supported marshaling interfaces.

Fix a few bugs where cue get go could result in invalid or failing CUE code.

JSON Schema's Config.OpenOnlyWhenExplicit option is now exposed for the CLI via the filetype tag jsonschema+openOnlyWhenExplicit.

JSON Schema now properly encodes hash references for better compatibility with other tools.

Standard library

The strconv package adds ParseNumber, like ParseInt or ParseFloat but allowing other CUE number strings such as 1Ki.

The net package adds InCIDR to test whether an IP is contained by a CIDR string.

The net package adds ParseCIDR to extract useful information from a CIDR string.

The net package adds CompareIP to compare two IP addresses, which can be useful for computing with IP ranges.

The net/http package adds Serve as an experimental API to listen on a port and serve HTTP requests.

The tool/file package adds Symlink to create symbolic links.

Go API

cue.Value.Decode now supports the new cue.Unmarshaler interface, allowing Go types to implement their own CUE value decoding logic via an UnmarshalCUE(cue.Value) error method.

The new cue.IsIncomplete function reports whether the given value is a CUE incomplete error.

cue/ast gains the NewPredeclared and Ident.IsPredeclared to mark and detect identifiers referencing predeclared names like error or int rather than fields which may shadow those names in the current scope.

⚠️ cue.Value.Decode now uses cue.IsIncomplete to not treat incomplete errors as fatal, allowing the decoding to continue.

Fix a bug where cue.Value.Decode could behave incorrectly when decoding a CUE null or incomplete value.

⚠️ cue/token.Compare now sorts absolute paths before relative ones, to ensure consistent behavior between Unix-like systems and Windows.

⚠️ The long-deprecated cue/ast.Node.Comments and cue/ast.Node.AddComment interface methods are now removed; use cue/ast.Comments and cue/ast.AddComment respectively.

⚠️ The long-deprecated and unused cue/parser.FromVersion and cue/parser.DeprecationError APIs are now removed.

⚠️ The long-deprecated and hidden cue.Instance.Eval method is now removed.

Full list of changes since v0.15.0

• internal/ci: use OIDC with the Central Registry for the e2e tests by @​mvdan in de47a5e
• re-enable staticcheck's SA4000 and SA4003 checks by @​mvdan in 771e253
• internal: bump staticcheck to v0.7.0 for Go 1.26 support by @​mvdan in e1de78e
• lsp/eval: correct resolution of package-level fields by @​cuematthew in e3306a9
• lsp/eval: add test showing bad behaviour by @​cuematthew in da5d43a
• lsp/server: make "Remove surrounding struct braces" preferred by @​cuematthew in 5f20a71
• doc/ref: clarify who maintains this document by @​mvdan in 3ee970f
• allow more commands in Claude by @​mvdan in 6d50284
• lspaux/protocol: initial implementation for protocol by @​cuematthew in 3ee106b
• cue/load: check some errors that were ignored by @​rogpeppe in 13fdcdb
• doc/ref: fix three mistakes in the matchIf examples by @​mvdan in 000506e
• cue/load: do not panic when load.Instances(args, nil) fails very early by @​mvdan in cd6a481
• cmd/cue: add a test case for issue 4286 by @​mvdan in edc89df
• lsp/eval: add support for comprehension else/fallback by @​cuematthew in e2d8f7b
• cmd/cue: support explicit encodings in exp writefs by @​mvdan in d0eca3f
• cmd/cue: rewrite exp writefs with internal/filetypes and internal/encoding by @​mvdan in 766668d
• cmd/cue: add first exp writefs testscript by @​mvdan in 00eddbf
• internal/core/adt: missed missing missing by @​mpvl in 8732213
• cue/parser: simplify else/fallback clause rules by @​mpvl in 0cbc9a1
• cue/parser: restrict else to single clause only by @​mpvl in 28f0246
• cue: add fallback keyword for for comprehensions by @​mpvl in fe9f503
• cue/testdata: rename out/eval to out/evalalpha when appropriate by @​rogpeppe in c76dc5a
• cue/build: fix stale identifier resolution across instances by @​mvdan in dd7361a
• cmd/cue: add regression test for issue 4275 by @​mvdan in 791e697
• encoding/yaml: improve ast.StructLit and ListLit positions by @​cuematthew in cde471e
• cmd/cue: be more helpful when publishing a module without source by @​mvdan in 3dfa50a
• encoding/jsonschema: remove net/url.Parse workaround for Go 1.26 by @​mvdan in 6cce9bc
• internal/core/export: fix self-referential lets for recursive definitions by @​mvdan in c257634
• internal/core/compile: avoid double error for invalid optional references by @​mpvl in c1be2bb
• update all dependencies by @​mvdan in 9fb0173
• internal/core/adt: add regression test for error() in pattern constraint keys by @​mvdan in 50a0a5e
• internal/core/adt: fix structural cycle hang with braced selectors by @​mvdan in 36702fd
• cmd/cue: add and unskip tests for invalid task type errors by @​mvdan in db4afc1
• internal/core/dep: fix stack overflow on recursive definitions in dep analysis by @​mvdan in 0b49a54
• internal/core/dep,internal/core/export: fix stack overflow on recursive definitions by @​mvdan in d0e2ab6
• tools/flow: skip phantom tasks from eliminated conditional branches by @​mvdan in 7fb912e
• encoding/gocode: fix test by @​rogpeppe in 98ca6e3
• internal/core: remove import path to instance mapping by @​rogpeppe in b3d9ffc
• doc/spec: use "custom errors" instead of "user errors" by @​myitcv in baf8302
• internal/ci: explicitly set contents permission by @​myitcv in 7cde504
• lsp/eval: Add support for try-clauses and optional path components by @​cuematthew in 62de631
• cue/testdata: update stats for comprehensions/try.txtar by @​mvdan in 20c1149
• internal/core/adt: implement try expressions by @​mpvl in f2e8299
• cue/build: integrate identifier resolution into Complete by @​mpvl in 1aeb33e
• lsp/fscache: ignore ASTs which have no absolute positions by @​cuematthew in 2585b3b
• cue/ast,cue/ast/astutil: add NewPredeclared and IsPredeclared for builtin references by @​mpvl in 8405422
• internal/core/adt: fix else clause duplication in comprehension field splitting by @​mvdan in 40356ab
• cue/load: improve error for major-only version packages outside a module by @​mvdan in 7675369
• cmd/cue/cmd: add test coverage for absolute packages with cue cmd by @​mvdan in f5e266a
• encoding/yaml: add support for YAML tags via @yaml(,tag) attribute by @​jonas-meyer in b1a58bd
• internal/astinternal: omit ILLEGAL tokens in debug print by @​mpvl in 23736eb
• cue: clarify that Schema is only useful for Value.Subsume by @​mvdan in bb18d7b
• lsp/cache: expand completion range of fields in json for double-quotes by @​cuematthew in b1c63da
• all: start using "else" in comprehensions by @​mvdan in 3f2f654
• tweak Claude's allow and deny settings further by @​mvdan in ef6bb80
• internal/ci: disable checkout persist-credentials by default by @​myitcv in 069eac9
• cue/load: do not load non-CUE directories as instances by @​rogpeppe in a4d2a6f
• cue/load: add test case for non-package directories by @​rogpeppe in 028411e
• cmd/cue: deflake cue_after test by @​rogpeppe in 4504db0
• all: use reflect.TypeAssert in three more places by @​mvdan in 58cbd0c
• cue/internal: Make ToFile optionally preserve StructLits by @​cuematthew in ec3e289
• all: re-apply go fix -any=false ./... after Go version bump by @​mvdan in 8579c46
• lsp/cache: completions must not return null items list by @​cuematthew in 75ee97a
• internal/core/export: fix panic in relPathLength for BinaryExpr by @​mvdan in 788eeed
• tools/fix: use ast.Predeclared to avoid shadowing in value alias conversion by @​mvdan in 08a7ec3
• cue/ast,cue/ast/astutil: add Predeclared sentinel for builtin references by @​mvdan in 42cc85f
• tools/fix: add tests for value alias conversion when "self" is in scope by @​mvdan in 3dacb0c
• cue/ast/astutil: fix false positive in label expression check for let clauses by @​mvdan in a93bcc1
• cmd/cue/cmd: add failing test for issue #​4202 by @​mvdan in 0a4a11a
• internal/core/export: avoid let name collisions with dependency fields by @​mvdan in f2b697a
• internal/core/export: add failing test for issue #​4221 by @​mvdan in b690442
• internal/core/adt: fix undefined field in comprehension with structural cycle by @​mvdan in 225a1c4
• cue/testdata: add regression test for issue #​4203 by @​mvdan in e3eb948
• internal/core/adt: fix panic in memory reclamation by @​mvdan in 355d6fd
• internal/core/adt: add else clause to comprehensions by @​mpvl in 9e2dec3
• _scripts: add OpenSpec support for AI-assisted development by @​mpvl in 6a78eff
• lsp/eval: fix field-value aliases by @​cuematthew in 29d8be4
• lsp/eval: add test to show bad behaviour of aliases by @​cuematthew in 3e6bee7
• internal/core/export: fix hidden identifier renaming in for clauses by @​mvdan in 2fea4bc
• internal/core/export: add failing test for issue #​4254 by @​mvdan in c53993e
• cue/errors: avoid duplicate path in error list formatting by @​mvdan in 487c072
• pkg/list/testdata: add regression test for issue #​4171 by @​mvdan in e977cfa
• internal/lsp: implement ConvertFromStruct code action by @​cuematthew in f68f686
• internal/ci: bump actions/checkout and cue.dev/x/githubactions by @​mvdan in f4d1d5a
• lsp/server: force-load all packages for completions within embedded files by @​cuematthew in 5eb5ed9
• pkg/tools/http: remove valueMu mutex from http.Serve by @​mpvl in 95ba1d2
• internal/core/runtime: add lock protection to loaded map by @​mpvl in 6451728
• internal/core/adt: fix race condition in Vertex.Default() by @​mpvl in 854a5b7
• internal/core/adt: use thread-safe WeakMap for regexp caching by @​mpvl in c7797c1
• pkg/tools/http: experimental implementation of http.Serve by @​mpvl in 0badd6d
• golps/protocol: introduce DocumentURI.Path method by @​cuematthew in f04e0fb
• gopls/protocol: rename DocumentURI.Path to DocumentURI.FilePath by @​cuematthew in d8eca4a
• lsp/eval: process field attributes and specialise queries for embeds by @​cuematthew in eb192c6
• internal/lsp: model embedded files as packages by @​cuematthew in fa8946f
• lsp/fscache: read json and yaml files as CUE by @​cuematthew in 6825394
• lsp/cache: rework package dirtying and reloading by @​cuematthew in 22fff24
• internal/lsp: FileEvaluatorForURI returns lsp/cache.File by @​cuematthew in dbf3293
• lsp/eval: change eval constructor to take Config struct by @​cuematthew in 3cd3244
• interpreter/embed: prepare embed for extension by @​cuematthew in a95414a
• encoding/json: extract PatchExpr to internal/encoding/json by @​cuematthew in e5bfcda
• all: apply the straightforward Go 1.25 or later cleanups by @​mvdan in e834a18
• cmd/cue: rewrite help fmt by @​mvdan in 0fa24af
• all: test and release on Go 1.26, require Go 1.25 or later by @​mvdan in 0dc0eac
• internal/core/compile: fix operator precedence in error() builtin by @​mvdan in 70b3f3e
• cue/testdata/builtins: add test for error() with erroring interpolation by @​mvdan in a6070c8
• internal/core/adt: fix value alias resolution in disjunctions by @​mvdan in b053ad5
• cue/testdata/disjunctions: add regression test for value alias in disjunction by @​mvdan in 0c9ed36
• internal/core/adt: handle EqualOp in SimplifyBounds by @​mvdan in 0813460
• pkg/net: add CompareIP by @​mvdan in 174a8b9
• pkg/encoding/openapi: support marshalSchema builtin for openAPI by @​mpvl in 66ea772
• lsp/fscache: correct path components by @​cuematthew in 44a543b
• integration/workspace: add test showing bad behaviour by @​cuematthew in c164d8f
• add go tool cue and xargs as allowed Claude commands by @​mvdan in 4b495fa
• all: go fix -any=false ./... by @​mvdan in 3d3f74b
• internal/lsp: implement ConvertToStruct code action by @​cuematthew in c45f72d
• internal/core/adt: refine cycle handling in LetReference.resolve by @​mvdan in 3e1e745
• cue/testdata/cycle: add regression test for issue 4244 by @​mvdan in eb2c57c
• lsp/cache: provide placeholder for PrepareRename by @​cuematthew in 049d6e1
• internal/ci: allow steps to influence job permissions by @​myitcv in 839f03d
• cmd/cue: alter flag behavior based on the command name by @​mvdan in bc5bd8f
• cmd/cue: drop --verbose and --trace as global flags by @​mvdan in 92afa2e
• cmd/cue: map constants by go/types.Type directly by @​mvdan in dac4e90
• pkg/tool/file: add Symlink by @​sprat in 6618a6f
• internal/ci: fix release workflow by @​myitcv in 9e34d67
• internal/ci: use new registry-login-action by @​myitcv in f595566
• cue/token: sort absolute positions before relative ones by @​mvdan in 46c1f9d
• cmd/cue: test that cue fmt also formats files with no package clause by @​mvdan in d65c829
• cue: remove Instance.Eval by @​mvdan in 60c0505
• pkg/path: remove osInfo.HasPrefix by @​mvdan in 516099a
• cmd/cue: rewrite help vet by @​mvdan in 9488f0c
• cue: point out cue/format exists in the godoc by @​mvdan in ba2ce99
• cue/load: error when loading packages from inside cue.mod by @​mvdan in 52e0dde
• cmd/cue: add a testscript running commands inside cue.mod by @​mvdan in 50aaf7e
• mod/modzip: check for cue.mod existence, not just directories by @​mvdan in 8034cc1
• mod/modzip: check for cue.mod directories instead of go.mod files by @​mvdan in 8957a36
• mod/modzip: add test for go.mod submodule detection by @​mvdan in 3be6c26
• cue/format: simplify label replacement without astutil.Apply by @​mvdan in fdc3f74
• cmd/cue: clarify the restrictions around @​embed file paths by @​mvdan in dc9a189
• .claude: allow more

[red-hat-konflux]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: github.com/ThalesIgnite/crypto11@v1.6.0: parsing go.mod:
	module declares its path as: github.com/ThalesGroup/crypto11
	        but was required as: github.com/ThalesIgnite/crypto11

[tommyd450]

/retest

[tommyd450]

/retest

[red-hat-konflux]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.