build(deps): Bump the all-go-mod-patch-and-minor group across 1 directory with 12 updates

[dependabot]

Bumps the all-go-mod-patch-and-minor group with 12 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.32.7	1.33.0
github.com/aws/aws-sdk-go-v2/config	1.28.7	1.29.1
github.com/aws/aws-sdk-go-v2/service/ecr	1.38.1	1.38.6
github.com/containers/image/v5	5.33.0	5.33.1
github.com/docker/cli	27.4.1+incompatible	27.5.0+incompatible
github.com/docker/docker	27.4.1+incompatible	27.5.0+incompatible
github.com/elazarl/goproxy	1.4.0-beta.3	1.5.0
github.com/google/go-containerregistry	0.20.2	0.20.3
github.com/hashicorp/go-getter	1.7.6	1.7.8
helm.sh/helm/v3	3.16.4	3.17.0
k8s.io/apimachinery	0.32.0	0.32.1
sigs.k8s.io/controller-runtime	0.19.4	0.20.0

Updates github.com/aws/aws-sdk-go-v2 from 1.32.7 to 1.33.0

Commits

• 8fac7d4 Release 2025-01-15
• 9eff8ac Regenerated Clients
• f47aa72 Update endpoints model
• 5934dd3 Update API model
• 6636822 feat: flexible checksum updates (#2808)
• 4ffbb7c Release 2025-01-14
• 2f70ff4 Regenerated Clients
• 434159f Update endpoints model
• a80fac9 Update API model
• 44e779a fix several waiter issues (#2953)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.7 to 1.29.1

Commits

• fa8a15e Release 2025-01-17
• e08f26d Regenerated Clients
• 177bcda Update endpoints model
• a5b6a2f Update API model
• 74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
• 7ea97e5 Add integration test case for flex checksum (#2967)
• c578cdd Release 2025-01-16
• 45afab3 Regenerated Clients
• 30703fe Update partitions file
• de0c8ef Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.38.1 to 1.38.6

Commits

• fa8a15e Release 2025-01-17
• e08f26d Regenerated Clients
• 177bcda Update endpoints model
• a5b6a2f Update API model
• 74b33ba pull retry loop forward to cover everything from resolving auth scheme onward...
• 7ea97e5 Add integration test case for flex checksum (#2967)
• c578cdd Release 2025-01-16
• 45afab3 Regenerated Clients
• 30703fe Update partitions file
• de0c8ef Update endpoints model
• Additional commits viewable in compare view

Updates github.com/containers/image/v5 from 5.33.0 to 5.33.1

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.33.1

[release-5.33] Bump c/storage to v1.56.1, c/image to v5.33.1 by @​TomSweeneyRedHat in containers/image#2683

Full Changelog: containers/image@v5.33.0...v5.33.1

Commits

• 44ce03e [release-5.33] Bump c/image to v5.33.1
• 3d4c26e [release-5.33] Bump c/storage to v1.56.1
• See full diff in compare view

Updates github.com/docker/cli from 27.4.1+incompatible to 27.5.0+incompatible

Commits

• a187fa5 Merge pull request #5736 from thaJeztah/27.x_vendor_docker_27.5.0
• e32d69e vendor: github.com/docker/docker 38b84dce32c4 (v27.5.0)
• 2767e9e Merge pull request #5732 from thaJeztah/27.x_vendor_docker_27.5.0-rc.2
• a999a40 Merge pull request #5735 from vvoland/5734-27.x
• b277537 gha/build: Publish bin image for release branches
• 919350d vendor: github.com/docker/docker v27.5.0-rc.2
• 80f7848 Merge pull request #5726 from thaJeztah/27.x_update_engine
• 0d27375 Merge pull request #5723 from thaJeztah/27.x_backport_rm_oom_score_adj
• 0ced103 vendor: github.com/docker/docker 43fc912ef59a (v27.5.0-rc.2)
• f068c14 contrib/completion: remove --oom-score-adj daemon flag
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.1+incompatible to 27.5.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.0 milestone
• moby/moby, 27.5.0 milestone

Bugfixes and enhancements

• containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194
• Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137
• Preserve network labels during daemon startup. moby/moby#49200
• Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

• pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247
• pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209
• pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255
• pkg/reexec: This package is deprecated and moved to a separate module. Use github.com/moby/sys/reexec instead. moby/moby#49135

Packaging updates

• Update containerd to v1.7.25 moby/moby#49253
• Update runc to v1.2.4 moby/moby#49243
• Update BuildKit to v0.18.2 moby/moby#48949
• Update Compose to v2.32.2 docker/docker-ce-packaging#1140

v27.5.0-rc.2

27.5.0-rc.2

This is a pre-release of the upcoming 27.5.0 release.

Pre-releases are intended for testing new releases: only install in a test environment!

curl -fsSL https://get.docker.com -o get-docker.sh
sudo CHANNEL=test sh get-docker.sh

Known issues:

• There is no changelog yet; an overview of pull requests included in this release can be found on GitHub:
  • docker cli: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0
  • docker engine: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0
• There are no packages available yet for the s390x and ppc64le architectures

Bugs and regressions can be reported in these issue trackers:

... (truncated)

Commits

• 38b84dc Merge pull request #49255 from thaJeztah/27.x_backport_ioutils_more_deprecations
• ae82113 Merge pull request #49253 from thaJeztah/27.x_backport_bump_containerd_binary...
• 8a2fd51 pkg/ioutils: deprecate NopWriteCloser
• cf37b66 pkg/ioutils: deprecate NopWriter
• c83f658 Dockerfile: update containerd to v1.7.25
• 931be8e Merge pull request #49246 from thaJeztah/27.x_backport_ioutils_deprecations
• 2e1aee3 Merge pull request #49249 from robmry/backport-27.x/fix_unit_tests_for_nftabl...
• f53d72e Fix unit tests for an nftables host
• 55f7055 Merge pull request #49243 from thaJeztah/27.x_backport_bump_runc_binary_1.2.4
• 36ad318 Merge pull request #49247 from thaJeztah/27.x_backport_deprecate_runtime_numcpu
• Additional commits viewable in compare view

Updates github.com/elazarl/goproxy from 1.4.0-beta.3 to 1.5.0

Release notes

Sourced from github.com/elazarl/goproxy's releases.

Avoid breaking changes in v1

What's Changed

• Revert "Use same Subject of CA as the MITM certificate Subject" by @​ErikPelli in elazarl/goproxy#628

Full Changelog: elazarl/goproxy@v1.4.0...v1.5.0

Enhance websocket configuration

What's Changed

• Improve Websocket implementation by @​ErikPelli in elazarl/goproxy#622
• Websocket fix by @​ErikPelli in elazarl/goproxy#623
• Websocket fix errors by @​ErikPelli in elazarl/goproxy#624
• Remove unused WebSocket TLS option by @​ErikPelli in elazarl/goproxy#625

Full Changelog: elazarl/goproxy@v1.3.0...v1.4.0

Commits

• c55bc48 Revert "Use same Subject of CA as the MITM certificate Subject"
• 3e6a85f Remove unused TLS option (#625)
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/hashicorp/go-getter from 1.7.6 to 1.7.8

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.8

What's Changed

• sec: fix s3 and gcs host checks by @​dduzgun-security in hashicorp/go-getter#512

Full Changelog: hashicorp/go-getter@v1.7.7...v1.7.8

v1.7.7

What's Changed

• Clean up git repo on disk when the ref checkout fails by @​james-warren0 in hashicorp/go-getter#504
• [COMPLIANCE] Add Copyright and License Headers by @​hashicorp-copywrite in hashicorp/go-getter#409
• Add CODEOWNERS file in .github/CODEOWNERS by @​mukeshjc in hashicorp/go-getter#505
• IND-1804 Bump up dependencies to remediate vulnerabiities by @​mohanmanikanta2299 in hashicorp/go-getter#513
• Updating arguments in github release CI by @​mohanmanikanta2299 in hashicorp/go-getter#514
• Updating .goreleaser.yml file with valid version by @​mohanmanikanta2299 in hashicorp/go-getter#515

New Contributors

• @​james-warren0 made their first contribution in hashicorp/go-getter#504
• @​mukeshjc made their first contribution in hashicorp/go-getter#505
• @​mohanmanikanta2299 made their first contribution in hashicorp/go-getter#513

Full Changelog: hashicorp/go-getter@v1.7.6...v1.7.7

Commits

• f7836fb sec: fix s3 and gcs host checks (#512)
• 7dddd13 Merge pull request #515 from hashicorp/Vulnerability_Fix_v1
• 0f05341 IND-1804 Updating .goreleaser.yml file with valid version
• 81c6950 Merge pull request #514 from hashicorp/Vulnerability_Fix_v1
• d315d97 IND-1804 Updating arguments in github release CI
• 6552f72 Merge pull request #513 from hashicorp/Vulnerability_Fix_v1
• 2e56c18 IND-1804 Bump up dependencies to remediate vulnerabiities
• 842d6c3 Merge pull request #505 from mukeshjc/main
• 7edd4e0 Add CODEOWNERS file in .github/CODEOWNERS
• 6077ad5 Merge pull request #409 from hashicorp/compliance/add-headers
• Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.16.4 to 3.17.0

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.17.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Allow pulling and installation by OCI digest
• Annotations and dependencies are now in chart metadata output
• New --take-ownership flag for install and upgrade commands
• SDK: Authorizer and registry authorizer are now configurable
• Removed the Kubernetes configuration file permissions check
• Added username/password to helm push and dependency build/update subcommands
• Added toYamlPretty template function

Installation and Upgrading

Download Helm v3.17.0. The common platform binaries are here:

• MacOS amd64 (checksum / 0d5fd51cf51eb4b9712d52ecd8f2a3cd865680595cca57db38ee01802bd466ea)
• MacOS arm64 (checksum / 5db292c69ba756ddbf139abb623b02860feef15c7f1a4ea69b77715b9165a261)
• Linux amd64 (checksum / fb5d12662fde6eeff36ac4ccacbf3abed96b0ee2de07afdde4edb14e613aee24)
• Linux arm (checksum / a388478049bf4ad440fa394f28421aa43cec3631ba197a8203c485edbec3e3fe)
• Linux arm64 (checksum / c4d4be8e80082b7eaa411e3e231d62cf05d01cddfef59b0d01006a7901e11ee4)
• Linux i386 (checksum / af89be03bb15175cd27573b48f4b9621e08982ab7788dd36e073baac988d6b2e)
• Linux ppc64le (checksum / 32833acf72b240e9ca78a3eac630a0ba420e073b02df3030c369a287b8bdc769)
• Linux s390x (checksum / 4b002d673ef35d78843c45cc169faf1040eec75937f19fccce41d2074f459653)
• Linux riscv64 (checksum / 38297aca2046fd13f2e0415ecc9cdb006f4008b286467f5f217187647dbbab5b)
• Windows amd64 (checksum / 0625e51437107991922f76adbec4a4f12a4438942182677399ab758a3ec8bdc5)
• Windows arm64 (checksum / 5fd16dde353aa5909562f127befea8db3879ecf63050fea3fb106ff8bfdd1a9c)

This release was signed with 208D D36E D5BB 3745 A167 43A4 C7C6 FBB5 B91C 1155 and can be found at @​r6by keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.17.1 is the next patch release and will be on February 12, 2025
• 3.18.0 is the next minor release and will be on May 14, 2025

Changelog

• bump version to v3.17.0 301108edc7ac2a8ba79e4ebf5701b0b6ce6a31e4 (Matt Farina)
• fix: make ORAS reference private 949b2e604067a43797c640db4d6ed69af7aa3e5b (Terry Howe)
• fix: issue with helm template and oci chart aba95b9cb4827fe932e5eebabd55513333543d7c (Terry Howe)

... (truncated)

Commits

• 301108e bump version to v3.17.0
• 0ac5d28 Merge pull request #13588 from mattfarina/v3-backport-oci-digest
• 949b2e6 fix: make ORAS reference private
• aba95b9 fix: issue with helm template and oci chart
• c3e5217 feat: allow installation by OCI digest
• fbfbf1a Merge pull request #13555 from helm/dependabot/go_modules/dev-v3/k8s-io-b0222...
• 33a0ee7 Bump the k8s-io group with 7 updates
• c6b8d2b Merge pull request #13585 from mattfarina/backport-xnet-33-fix
• 79993d2 Upgrade golang.org/x/net to v0.33.0 to address CVE-2024-45338
• 9ade3b5 Merge pull request #13574 from gjenkins8/v3_13343
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.32.0 to 0.32.1

Commits

• See full diff in compare view

Updates sigs.k8s.io/controller-runtime from 0.19.4 to 0.20.0

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.20.0

Highlights

• Based on k8s.io/* v1.32 libraries and minimum Go version is now v1.23
• New experimental priority queue feature
  • More details in #3013 and #2374
  • Can be enabled via manager.Options.Controller.UsePriorityQueue
  • Please give it a try and provide feedback in #2374
• AggregatedDiscovery is automatically used when available (#2901)
• As usual, many improvements to the fake client

Changes since v0.19.0

⚠️ Breaking Changes

• Bump to k8s.io/* v1.32 libraries (#2971 #2990 #3001 #3007 #3029 #3043)
• logging: Stop deduplicating API warnings by default (#2953)
• webhook: Stop deleting unknown fields in CustomDefaulter (#2982 #3056)
• webhook: Remove deprecated Defaulter and Validator (#2877 #2945)
• cluster: Remove deprecated SyncPeriod option (#2970)

✨ New Features

• cache: Add EnableWatchBookmarks option (defaults to true) (#3017)
• cache: Export NewInformer option (#3061)
• cert-watcher: Add polling (#3020 #3050)
• controller: Add experimental priority queue (off per default) (#3013 #3014 #3060 #3066)
• fake client: Allow adding indexes at runtime (#3021)
• fake client: Add support for ServiceAccountToken subresource (#2969)
• restmapper: Use AggregatedDiscovery if available (#2901)
• util: Add HasOwnerReference func (#2882)
• webhook: Add custom path option (#2998)

🐛 Bug Fixes

• controller: Error when source.Start() never returns (#2997 #3006 #3008)
• fake client: Don't return items on invalid selector (#3022)
• fake client: Fix TOCTOU races (#2980)
• fake client: Preserve TypeMeta during Get call with PartialObjectMeta (#2949)
• fake client: Preserve TypeMeta during List call with UnstructuredList (#3074)
• manager: Fix RenewDeadline typo in leader election (#3032)
• manager: Use leader elector with client timeout (#3028 #3034)

🌱 Others

• cache: Switch to Go 1.23+ stdlib maps/slices packages (#3012)
• controller: Log the syncing source when WaitForSync fails (#3016)
• setup-envtest: drop support for GCS (#2915)
• Some fixes for typos (#3011 #3033 #2993)

... (truncated)

Commits

• 8f7e114 Merge pull request #3074 from sbueringer/pr-fix-fake-list
• 3b23354 fake client: preserve TypeMeta during List call with UnstructuredList
• 1ec7c1b Merge pull request #3069 from kubernetes-sigs/dependabot/github_actions/all-g...
• 189b6d8 🌱 Bump the all-github-actions group across 1 directory with 3 updates
• d19d76c Merge pull request #3066 from alvaroaleman/fix-wow
• e667a8f 🐛 Fix a bug in the priorityqueue metrics
• 1de5a3e Merge pull request #3062 from ranakan19/cache_options
• 2484715 Merge pull request #3064 from alvaroaleman/remove-gosec
• 3b0b995 🌱 Remove gosec linter
• c80ea33 Merge pull request #3060 from alvaroaleman/pq-2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

e2e test results

35 tests   32 ✅  1m 46s ⏱️
 2 suites   3 💤
 1 files     0 ❌

Results for commit 6431195.

♻️ This comment has been updated with latest results.

[github-actions]

Unit test results

100 tests   100 ✅  0s ⏱️
 25 suites    0 💤
  1 files      0 ❌

Results for commit 6431195.

♻️ This comment has been updated with latest results.