Update go modules (release-v0.7) (patch)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cuelang.org/go	v0.11.1 -> v0.11.2
github.com/CycloneDX/cyclonedx-go	v0.9.2 -> v0.9.3
github.com/cucumber/godog	v0.15.0 -> v0.15.1
github.com/daixiang0/gci	v0.13.5 -> v0.13.7
github.com/enterprise-contract/enterprise-contract-controller/api	v0.1.112 -> v0.1.194
github.com/evanphx/json-patch	v5.9.0+incompatible -> v5.9.11+incompatible
github.com/evanphx/json-patch/v5	v5.9.0 -> v5.9.11
github.com/gkampitakis/go-snaps	v0.5.7 -> v0.5.15
github.com/go-git/go-billy/v5	v5.6.0 -> v5.6.2
github.com/go-git/go-git/v5	v5.13.0 -> v5.13.2
github.com/otiai10/copy	v1.14.0 -> v1.14.1
github.com/secure-systems-lab/go-securesystemslib	v0.9.0 -> v0.9.1
github.com/sigstore/cosign/v2	v2.4.1 -> v2.4.3
github.com/sigstore/rekor	v1.3.6 -> v1.3.10
github.com/sigstore/sigstore	v1.8.9 -> v1.8.15
github.com/spf13/pflag	v1.0.6 -> v1.0.10
github.com/tektoncd/chains	v0.22.2 -> v0.22.3
github.com/tektoncd/cli	v0.38.0 -> v0.38.2
github.com/testcontainers/testcontainers-go	v0.34.0 -> v0.34.1
gotest.tools/gotestsum	v1.12.1 -> v1.12.3
helm.sh/helm/v3	v3.18.5 -> v3.18.6
k8s.io/api	v0.32.3 -> v0.32.9
k8s.io/apiextensions-apiserver	v0.31.0 -> v0.31.13
k8s.io/apimachinery	v0.32.3 -> v0.32.9
k8s.io/client-go	v0.32.3 -> v0.32.9
k8s.io/kubernetes	v1.31.12 -> v1.31.13

---

Release Notes

cue-lang/cue (cuelang.org/go)

v0.11.2

Compare Source

This release includes fixes for bugs which were uncovered and resolved in the last few weeks.

Evaluator

CL 1206279 fixes a regression in the old evaluator which could lead to "conflicting value" errors.

cmd/cue

CL 1207330 fixes a regression where cue get go stopped copying some CUE files from Go package directories.

CL 1207402 fixes a regression where cue def --inline-imports could result in invalid CUE which failed to evaluate.

Full list of changes since v0.11.1

• internal/cueversion: bump LanguageVersion for the next release by @​mvdan in 079dc4a
• internal/ci: update pinned Go for the next release by @​mvdan in b1a57a5
• internal/core/dep: fix handling sharing in non-rooted nodes by @​mpvl in 8d97e7a
• cmd/cue: add test for 3646 by @​mpvl in 815cb30
• cmd/cue: fix a regression with cue get go dropping CUE files by @​mvdan in 5b0e411
• cmd/cue: add a test case to reproduce #​3644 by @​mvdan in 801f976
• internal/core/adt: fix let issue for eval v2 by @​mpvl in a1fbeaa
• internal/core/adt: add tests for 3590 and 3591 by @​mpvl in 0ae498f

CycloneDX/cyclonedx-go (github.com/CycloneDX/cyclonedx-go)

v0.9.3

Compare Source

Changelog

Fixes

• 6636ce3: fix: .component.data was not a slice as per CycloneDX schema #​242 (@​madpah)
• 3e0f245: fix: add missing properties (@​rdghe)

Building and Packaging

• 24c8c33: build(deps): bump actions/setup-go from 5.2.0 to 5.4.0 (@​dependabot[bot])
• 5fcf097: build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 (@​dependabot[bot])
• edea8ae: build(deps): bump apache/skywalking-eyes from 0.6.0 to 0.7.0 (@​dependabot[bot])
• f32eebc: build(deps): bump gitpod/workspace-go from 4702df2 to 8985eb7 (@​dependabot[bot])
• 7fdaa7f: build(deps): bump gitpod/workspace-go from 6932342 to 4702df2 (@​dependabot[bot])
• d62ea3c: build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (@​dependabot[bot])
• 4709461: build(deps): bump goreleaser/goreleaser-action from 6.1.0 to 6.3.0 (@​dependabot[bot])

cucumber/godog (github.com/cucumber/godog)

v0.15.1

Compare Source

Added

• Step text is added to "step is undefined" error - (669 - vearutop)
• Localisation support by @​MegaGrindStone in #​665
• feat: support uint types by @​chengxilo in #​695

Changed

• Replace deprecated ::set-output - (681 - nodeg)

Fixed

• fix(errors): fix(errors): Fix expected Step argument count for steps with context.Context (679 - tigh-latte)
• fix(formatter): On concurrent execution, execute formatter at end of Scenario - (645 - tigh-latte)
• Pretty printing results now prints the line where the step is declared instead of the line where the handler is declared. (668 - spencerc)
• Update honnef.co/go/tools/cmd/staticcheck version in Makefile by @​RezaZareiii in #​670
• fix: verify dogT exists in the context before using it by @​cakoolen in #​692
• fix: change bang to being in README by @​nahomEagleLion in #​687
• Mark junit test cases as skipped if no pickle step results available by @​mrsheepuk in #​597
• Print step declaration line instead of handler declaration line by @​SpencerC in #​668

daixiang0/gci (github.com/daixiang0/gci)

v0.13.7

Compare Source

What's Changed

• fix: scrape all goos/goarch pair for stdlib by @​Zxilly in #​208
• chore: get module info from pass by @​ldez in #​221
• chore: remove analyzer by @​ldez in #​222
• feat: update standard list to go1.25 by @​ldez in #​233
• bump up version by @​daixiang0 in #​234

New Contributors

• @​Zxilly made their first contribution in #​208

Full Changelog: daixiang0/gci@v0.13.6...v0.13.7

v0.13.6

Compare Source

What's Changed

• fix: update standard list to go1.24 by @​ldez in #​227
• bump up version by @​daixiang0 in #​229

Full Changelog: daixiang0/gci@v0.13.5...v0.13.6

evanphx/json-patch (github.com/evanphx/json-patch)

v5.9.11+incompatible

Compare Source

v5.9.10+incompatible

Compare Source

gkampitakis/go-snaps (github.com/gkampitakis/go-snaps)

v0.5.15

Compare Source

What's Changed

• test: explicitly return named variables by @​G-Rath in #​137
• ci: show diff after running linting by @​G-Rath in #​136
• fix: only update snapshots when actually allowed by @​G-Rath in #​135

Full Changelog: gkampitakis/go-snaps@v0.5.14...v0.5.15

v0.5.14

Compare Source

What's Changed

• feat: snaps.Clean now returns if snaps dirty and err by @​gkampitakis in #​131

Full Changelog: gkampitakis/go-snaps@v0.5.13...v0.5.14

v0.5.13

Compare Source

What's Changed

• feat: support MatchStandaloneYAML by @​gkampitakis in #​128
• chore: update go-yaml and gh-action deps by @​gkampitakis in #​129

Full Changelog: gkampitakis/go-snaps@v0.5.12...v0.5.13

v0.5.12

Compare Source

What's Changed

• feat: add UPDATE_SNAPS=always for updating and creating snaps on CI setup by @​gkampitakis in #​126

Full Changelog: gkampitakis/go-snaps@v0.5.11...v0.5.12

v0.5.11

Compare Source

What's Changed

• feat: add json format config by @​kitimark in #​121

New Contributors

• @​kitimark made their first contribution in #​121

Full Changelog: gkampitakis/go-snaps@v0.5.10...v0.5.11

v0.5.10

Compare Source

What's Changed

• fix: handle builds with trimpath enabled by @​gkampitakis in #​120

Full Changelog: gkampitakis/go-snaps@v0.5.9...v0.5.10

v0.5.9

Compare Source

What's Changed

• fix: snaps.Update should apply and on snapshot create by @​gkampitakis in #​119

Full Changelog: gkampitakis/go-snaps@v0.5.8...v0.5.9

Kudos to @​orloffv for this issue #​116

v0.5.8

Compare Source

What's Changed

• feat: implement matchYAML by @​gkampitakis in #​114
• feat: implement matchStandaloneJSON by @​gkampitakis in #​113

Full Changelog: gkampitakis/go-snaps@v0.5.7...v0.5.8

go-git/go-billy (github.com/go-git/go-billy/v5)

v5.6.2

Compare Source

What's Changed

• Enable the iofs adapter to also return other interfaces from io/fs by @​JAORMX in #​102
• build: Bump dependencies by @​pjbgf in #​103

New Contributors

• @​JAORMX made their first contribution in #​102

Full Changelog: go-git/go-billy@v5.6.1...v5.6.2

v5.6.1

Compare Source

What's Changed

• build: bump github/codeql-action from 3.26.11 to 3.27.0 by @​dependabot in #​88
• build: bump github/codeql-action from 3.27.0 to 3.27.1 by @​dependabot in #​89
• build: bump github/codeql-action from 3.27.1 to 3.27.4 by @​dependabot in #​90
• build: bump github/codeql-action from 3.27.4 to 3.27.5 by @​dependabot in #​91
• Bump dependencies and build housekeeping by @​pjbgf in #​95

Full Changelog: go-git/go-billy@v5.6.0...v5.6.1

go-git/go-git (github.com/go-git/go-git/v5)

v5.13.2

Compare Source

What's Changed

• plumbing: use the correct user agent string. Fixes #​883 by @​uragirii in #​1364
• build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @​dependabot in #​1365
• build: bump the golang-org group with 2 updates by @​dependabot in #​1367
• build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @​dependabot in #​1368
• build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @​dependabot in #​1378
• build: bump github/codeql-action from 3.28.0 to 3.28.1 by @​dependabot in #​1376
• build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @​dependabot in #​1377
• git: worktree, fix restoring dot slash files (backported to v5). Fixes #​1176 by @​BeChris in #​1361
• build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by @​dependabot in #​1392
• git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes #​1150 by @​BeChris in #​1359
• build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by @​dependabot in #​1383

Full Changelog: go-git/go-git@v5.13.1...v5.13.2

v5.13.1

Compare Source

What's Changed

• build: bump github.com/go-git/go-billy/v5 from 5.6.0 to 5.6.1 by @​dependabot in #​1327
• build: bump github.com/elazarl/goproxy from 1.2.1 to 1.2.2 by @​dependabot in #​1329
• build: bump github.com/elazarl/goproxy from 1.2.2 to 1.2.3 by @​dependabot in #​1340
• Revert "plumbing: transport/ssh, Add support for SSH @​cert-authority." by @​pjbgf in #​1346

Full Changelog: go-git/go-git@v5.13.0...v5.13.1

otiai10/copy (github.com/otiai10/copy)

v1.14.1

Compare Source

secure-systems-lab/go-securesystemslib (github.com/secure-systems-lab/go-securesystemslib)

v0.9.1

Compare Source

sigstore/cosign (github.com/sigstore/cosign/v2)

v2.4.3

Compare Source

Features

• Bump sigstore/sigstore to support KMS plugins (#​4073)
• Enable fetching signatures without remote get. (#​4047)
• Feat/file flag completion improvements (#​4028)
• Update builder to use go1.23.6 (#​4052)

Bug Fixes

• fix parsing error in --only for cosign copy (#​4049)

Cleanup

• Refactor verifyNewBundle into library function (#​4013)
• fix comment typo and imports order (#​4061)
• sync comment with parameter name in function signature (#​4063)
• sort properly Go imports (#​4071)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Dmitry Savintsev
• Hayden B
• Tomasz Janiszewski
• Ville Skyttä

v2.4.2

Compare Source

Features

• Updated open-policy-agent to 1.1.0 library (#​4036)
  • Note that only Rego v0 policies are supported at this time
• Add UseSignedTimestamps to CheckOpts, refactor TSA options (#​4006)
• Add support for verifying root checksum in cosign initialize (#​3953)
• Detect if user supplied a valid protobuf bundle (#​3931)
• Add a log message if user doesn't provide --trusted-root (#​3933)
• Support mTLS towards container registry (#​3922)
• Add bundle create helper command (#​3901)
• Add trusted-root create helper command (#​3876)

Bug Fixes

• fix: set tls config while retaining other fields from default http transport (#​4007)
• policy fuzzer: ignore known panics (#​3993)
• Fix for multiple WithRemote options (#​3982)
• Add nightly conformance test workflow (#​3979)
• Fix copy --only for signatures + update/align docs (#​3904)

Documentation

• Remove usage.md from spec, point to client spec (#​3918)
• move reference from gcr to ghcr (#​3897)

Contributors

• AdamKorcz
• Aditya Sirish
• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Colleen Murphy
• Hayden B
• Jussi Kukkonen
• Marco Franssen
• Nianyu Shen
• Slavek Kabrda
• Søren Juul
• Warren Hodgkinson
• Zach Steindler

sigstore/rekor (github.com/sigstore/rekor)

v1.3.10

Compare Source

Note that Rekor v1 is in maintenance mode as we are actively developing
its successor, Rekor v2, designed to be easy to maintain and cheaper to operate.. See the
README
for more information.

Features

• Added --client-signing-algorithms flag (#​1974)

Fixes / Misc

• emit unpopulated values when marshalling (#​2438)
• pkg/api: better logs when algorithm registry rejects a key (#​2429)
• chore: improve mysql readiness checks (#​2397)

Contributors

• Bob Callaway
• cangqiaoyuzhuo
• Carlos Tadeu Panato Junior
• cpanato
• Hayden B
• Praful Khanduri
• Ramon Petgrave
• Riccardo Schirone
• rubyisrust
• Sascha Grunert

v1.3.9

Compare Source

Features

• Cache checkpoint for inactive shards (#​2332)
• Support per-shard signing keys (#​2330)

Contributors

• Hayden B

v1.3.8

Compare Source

Bug Fixes

• fix zizmor issues (#​2298)
• remove unneeded value in log message (#​2282)

Quality Enhancements

• chore: relax go directive to permit 1.22.x
• fetch minisign from homebrew instead of custom ppa (#​2329)
• fix(ci): simplify GOVERSION extraction
• chore(deps): bump actions pins to latest
• Updates go and golangci-lint (#​2302)
• update builder to use go1.23.4 (#​2301)
• clean up spaces
• log request body on 500 error to aid debugging (#​2283)

Contributors

• Appu Goundan
• Bob Callaway
• Carlos Tadeu Panato Junior
• Dominic Evans
• sgpinkus

v1.3.7

Compare Source

New Features

• log request body on 500 error to aid debugging (#​2283)
• Add support for signing with Tink keyset (#​2228)
• Add public key hash check in Signed Note verification (#​2214)
• update Trillian TLS configuration (#​2202)
• Add TLS support for Trillian server (#​2164)
• Replace docker-compose with plugin if available (#​2153)
• Add flags to backfill script (#​2146)
• Unset DisableKeepalive for backfill HTTP client (#​2137)
• Add script to delete indexes from Redis (#​2120)
• Run CREATE statement in backfill script (#​2109)
• Add MySQL support to backfill script (#​2081)
• Run e2e tests on mysql and redis index backends (#​2079)

Bug Fixes

• remove unneeded value in log message (#​2282)
• Add error message when computing consistency proof (#​2278)
• fix validation error handling on API (#​2217)
• fix error in pretty-printed inclusion proof from verify subcommand (#​2210)
• Fix index scripts (#​2203)
• fix failing sharding test
• Better error handling in backfill script (#​2148)
• Batch entries in cleanup script (#​2158)
• Add missing workflow for index cleanup test (#​2121)
• hashedrekord: fix schema $id (#​2092)

Contributors

• Aditya Sirish
• Bob Callaway
• Colleen Murphy
• cpanato
• Firas Ghanmi
• Hayden B
• Hojoung (Brian) Jang
• William Woodruff

sigstore/sigstore (github.com/sigstore/sigstore)

v1.8.15

Compare Source

What's Changed

• pkg/signature: fix RSA PSS 3072 key size in algorithm registry in #​1981
• check concrete type for non-nil to stop fuzzing crash in #​1983
• fix: cliplugin: return ErrorProviderNotFound when calling Get with a path in #​1982

Full Changelog: sigstore/sigstore@v1.8.14...v1.8.15

v1.8.14

Compare Source

What's Changed

This is the same content as v1.8.13, with a CI/CD fix.

• add initial plugin support for KMSs in #​1901
• cliplugin: add mocks and serialization testing in #​1918
• kms plugin: add SignMessage in #​1919
• cliplugin: add VerifySignature in #​1944
• cliplugin: add windows ci testing in #​1951
• Create Algorithm Registry API in #​1601
• cliplugin: add SupportedAlgorithms(), PublicKey(), and CryptoSigner(). in #​1946
• cliplugin: use caller contexts in #​1947
• cliplugin: semver, add tests for hash func encoding in #​1948
• cliplugin: lint fixes in #​1958
• cliplugin: convert module to package only in #​1956

v1.8.13

Compare Source

What's Changed

• add initial plugin support for KMSs in #​1901
• cliplugin: add mocks and serialization testing in #​1918
• kms plugin: add SignMessage in #​1919
• cliplugin: add VerifySignature in #​1944
• cliplugin: add windows ci testing in #​1951
• Create Algorithm Registry API in #​1601
• cliplugin: add SupportedAlgorithms(), PublicKey(), and CryptoSigner(). in #​1946
• cliplugin: use caller contexts in #​1947
• cliplugin: semver, add tests for hash func encoding in #​1948
• cliplugin: lint fixes in #​1958
• cliplugin: convert module to package only in #​1956

Full Changelog: sigstore/sigstore@v1.8.12...v1.8.13

v1.8.12

Compare Source

What's Changed

• build(deps): Bump google.golang.org/api from 0.210.0 to 0.212.0 in /pkg/signature/kms/gcp by @​dependabot in #​1912
• build(deps): Bump google.golang.org/protobuf from 1.35.2 to 1.36.0 in /pkg/signature/kms/gcp by @​dependabot in #​1911
• build(deps): Bump actions/setup-go from 5.1.0 to 5.2.0 in the all group by @​dependabot in #​1909
• build(deps): Bump google.golang.org/api from 0.212.0 to 0.214.0 in /pkg/signature/kms/gcp by @​dependabot in #​1917
• build(deps): Bump hashicorp/vault from 1.18.2 to 1.18.3 in /test/e2e in the all group by @​dependabot in [

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: acceptance/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 26 additional dependencies were updated

Details:

Package	Change
cloud.google.com/go/kms	v1.20.1 -> v1.21.1
cloud.google.com/go/longrunning	v0.6.2 -> v0.6.5
github.com/Azure/go-ansiterm	v0.0.0-20230124172434-306776ec8161 -> v0.0.0-20250102033503-faa5f7b0171c
github.com/ProtonMail/go-crypto	v1.1.3 -> v1.1.5
github.com/cyphar/filepath-securejoin	v0.3.1 -> v0.3.6
github.com/gkampitakis/ciinfo	v0.3.0 -> v0.3.2
github.com/go-openapi/errors	v0.22.0 -> v0.22.1
github.com/go-openapi/swag	v0.23.0 -> v0.23.1
github.com/google/certificate-transparency-go	v1.2.1 -> v1.3.1
github.com/magiconair/properties	v1.8.7 -> v1.8.9
github.com/mailru/easyjson	v0.7.7 -> v0.9.0
github.com/mitchellh/mapstructure	v1.5.0 -> v1.5.1-0.20231216201459-8508981c8b6c
github.com/moby/term	v0.5.0 -> v0.5.2
github.com/pjbgf/sha1cd	v0.3.0 -> v0.3.2
github.com/rogpeppe/go-internal	v1.13.1 -> v1.13.2-0.20241226121412-a5dc8ff20d0a
github.com/sigstore/protobuf-specs	v0.3.2 -> v0.4.1
github.com/sigstore/timestamp-authority	v1.2.2 -> v1.2.4
github.com/spf13/pflag	v1.0.6 -> v1.0.7
github.com/tidwall/gjson	v1.17.3 -> v1.18.0
golang.org/x/crypto	v0.38.0 -> v0.40.0
golang.org/x/net	v0.40.0 -> v0.41.0
golang.org/x/sync	v0.15.0 -> v0.16.0
golang.org/x/sys	v0.33.0 -> v0.34.0
golang.org/x/term	v0.32.0 -> v0.33.0
golang.org/x/text	v0.25.0 -> v0.27.0
google.golang.org/api	v0.215.0 -> v0.228.0

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 51 additional dependencies were updated

Details:

Package	Change
golang.org/x/sync	v0.15.0 -> v0.16.0
cloud.google.com/go	v0.116.0 -> v0.118.3
cloud.google.com/go/auth	v0.13.0 -> v0.15.0
cloud.google.com/go/auth/oauth2adapt	v0.2.6 -> v0.2.8
cloud.google.com/go/iam	v1.2.2 -> v1.4.1
cloud.google.com/go/monitoring	v1.21.2 -> v1.24.0
cloud.google.com/go/storage	v1.49.0 -> v1.50.0
github.com/Azure/go-ansiterm	v0.0.0-20230124172434-306776ec8161 -> v0.0.0-20250102033503-faa5f7b0171c
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric	v0.48.1 -> v0.49.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping	v0.48.1 -> v0.49.0
github.com/aws/aws-sdk-go	v1.55.5 -> v1.55.6
github.com/aws/aws-sdk-go-v2	v1.30.5 -> v1.36.3
github.com/aws/aws-sdk-go-v2/config	v1.27.33 -> v1.29.10
github.com/aws/aws-sdk-go-v2/credentials	v1.17.32 -> v1.17.63
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.16.13 -> v1.16.30
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.3.17 -> v1.3.34
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.6.17 -> v2.6.34
github.com/aws/aws-sdk-go-v2/internal/ini	v1.8.1 -> v1.8.3
github.com/aws/aws-sdk-go-v2/service/ecr	v1.32.2 -> v1.40.3
github.com/aws/aws-sdk-go-v2/service/ecrpublic	v1.25.4 -> v1.31.2
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding	v1.11.4 -> v1.12.3
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.11.19 -> v1.12.15
github.com/aws/aws-sdk-go-v2/service/sso	v1.22.7 -> v1.25.1
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.26.7 -> v1.29.2
github.com/aws/aws-sdk-go-v2/service/sts	v1.30.7 -> v1.33.17
github.com/aws/smithy-go	v1.20.4 -> v1.22.2
github.com/awslabs/amazon-ecr-credential-helper/ecr-login	v0.0.0-20240826150212-5dc58b6e29f8 -> v0.9.1
github.com/coreos/go-oidc/v3	v3.11.0 -> v3.12.0
github.com/gkampitakis/ciinfo	v0.3.0 -> v0.3.2
github.com/go-openapi/errors	v0.22.0 -> v0.22.1
github.com/go-openapi/swag	v0.23.0 -> v0.23.1
github.com/google/certificate-transparency-go	v1.2.1 -> v1.3.1
github.com/google/s2a-go	v0.1.8 -> v0.1.9
github.com/googleapis/enterprise-certificate-proxy	v0.3.4 -> v0.3.6
github.com/jmespath/go-jmespath	v0.4.0 -> v0.4.1-0.20220621161143-b0104c826a24
github.com/mailru/easyjson	v0.7.7 -> v0.9.0
github.com/mitchellh/mapstructure	v1.5.0 -> v1.5.1-0.20231216201459-8508981c8b6c
github.com/moby/term	v0.5.0 -> v0.5.2
github.com/sigstore/fulcio	v1.6.3 -> v1.6.6
github.com/sigstore/protobuf-specs	v0.3.2 -> v0.4.1
github.com/sigstore/timestamp-authority	v1.2.2 -> v1.2.4
github.com/tidwall/gjson	v1.17.0 -> v1.18.0
go.step.sm/crypto	v0.51.2 -> v0.60.0
golang.org/x/crypto	v0.39.0 -> v0.40.0
golang.org/x/sys	v0.33.0 -> v0.34.0
golang.org/x/term	v0.32.0 -> v0.33.0
golang.org/x/text	v0.26.0 -> v0.27.0
google.golang.org/api	v0.215.0 -> v0.228.0
google.golang.org/genproto	v0.0.0-20241118233622-e639e219e697 -> v0.0.0-20250303144028-a0af3efb3deb
k8s.io/api	v0.32.3 -> v0.32.9
sigs.k8s.io/release-utils	v0.8.4 -> v0.11.0

File name: tools/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated

Details:

Package	Change
github.com/tektoncd/triggers	v0.29.0 -> v0.29.1