build(deps): bump the e2e group across 1 directory with 16 updates by dependabot[bot] · Pull Request #448 · open-policy-agent/eopa

dependabot · 2026-05-28T16:30:48Z

Bumps the e2e group with 12 updates in the /e2e directory:

Package	From	To
github.com/docker/go-connections	`0.6.0`	`0.7.0`
github.com/fsouza/fake-gcs-server	`1.52.3`	`1.54.0`
github.com/go-git/go-git/v5	`5.16.4`	`5.19.1`
github.com/hashicorp/vault/api	`1.22.0`	`1.23.0`
github.com/minio/minio-go/v7	`7.0.98`	`7.2.0`
github.com/open-policy-agent/opa	`1.12.3`	`1.17.0`
github.com/redpanda-data/benthos/v4	`4.63.1`	`4.73.0`
github.com/redpanda-data/connect/v4	`4.78.0`	`4.93.0`
github.com/rogpeppe/go-internal	`1.14.1`	`1.15.0`
github.com/testcontainers/testcontainers-go/modules/kafka	`0.40.0`	`0.42.0`
github.com/testcontainers/testcontainers-go/modules/vault	`0.40.0`	`0.42.0`
github.com/twmb/franz-go/pkg/kadm	`1.17.2`	`1.18.0`

Updates github.com/docker/go-connections from 0.6.0 to 0.7.0

Commits

7997b0f Merge pull request #156 from thaJeztah/bump_go_winio
329724a chore(deps): bump github.com/Microsoft/go-winio v0.6.2
161dc9b Merge pull request #155 from thaJeztah/pin_actions
b115e42 Merge pull request #154 from thaJeztah/fix_non_linux_tests
4c35b2a ci: pin actions to sha
b4454a6 tlsconfig: make root pool tests deterministic across platforms
0819711 tlsconfig: certPool: pass options as argument
0329635 tlsconfig: rename some vars that shadowed
894d811 Merge pull request #150 from thaJeztah/deprecate_SystemCertPool
0a1293a Merge pull request #153 from thaJeztah/chachacha
Additional commits viewable in compare view

Updates github.com/fsouza/fake-gcs-server from 1.52.3 to 1.54.0

Release notes

Sourced from github.com/fsouza/fake-gcs-server's releases.

v1.54.0

What's Changed

Added support from gcloud cli resumable uploads by @danieldanieltata in fsouza/fake-gcs-server#1976

build(deps): bump google.golang.org/api from 0.264.0 to 0.265.0 by @dependabot[bot] in fsouza/fake-gcs-server#2134

build(deps): bump cloud.google.com/go/pubsub/v2 from 2.3.0 to 2.4.0 by @dependabot[bot] in fsouza/fake-gcs-server#2138

build(deps): bump @google-cloud/storage from 7.18.0 to 7.19.0 in /examples/node by @dependabot[bot] in fsouza/fake-gcs-server#2137

build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.35.0 by @dependabot[bot] in fsouza/fake-gcs-server#2139

build(deps): bump cloud.google.com/go/storage from 1.59.2 to 1.60.0 by @dependabot[bot] in fsouza/fake-gcs-server#2140

build(deps): bump docker/build-push-action from 6.18.0 to 6.19.1 by @dependabot[bot] in fsouza/fake-gcs-server#2141

build(deps): bump golang from 1.25 to 1.26 by @dependabot[bot] in fsouza/fake-gcs-server#2143

build(deps): bump google.golang.org/api from 0.265.0 to 0.266.0 by @dependabot[bot] in fsouza/fake-gcs-server#2142

build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.0 by @dependabot[bot] in fsouza/fake-gcs-server#2145

build(deps): bump docker/build-push-action from 6.19.1 to 6.19.2 by @dependabot[bot] in fsouza/fake-gcs-server#2144

Go 1.26 is out, drop 1.24 by @fsouza in fsouza/fake-gcs-server#2146

build(deps): bump google.golang.org/grpc from 1.79.0 to 1.79.1 by @dependabot[bot] in fsouza/fake-gcs-server#2147

Add environment variable support for all configuration options by @ota2000 in fsouza/fake-gcs-server#1925

Fix metadata headers not being preserved during upload and retrieval by @louisnow in fsouza/fake-gcs-server#2103

New Contributors

@danieldanieltata made their first contribution in fsouza/fake-gcs-server#1976

@ota2000 made their first contribution in fsouza/fake-gcs-server#1925

@louisnow made their first contribution in fsouza/fake-gcs-server#2103

Full Changelog: fsouza/fake-gcs-server@v1.53.1...v1.54.0

v1.53.1

What's Changed

build(deps): bump google-cloud-storage from 3.8.0 to 3.9.0 in /examples/python by @dependabot[bot] in fsouza/fake-gcs-server#2132

internal/urlhelper: fix getScheme on https by @fsouza in fsouza/fake-gcs-server#2133

Full Changelog: fsouza/fake-gcs-server@v1.53.0...v1.53.1

v1.53.0

What's Changed

Add SelfLink to bucketResponse by @mdedetrich in fsouza/fake-gcs-server#1944

build(deps): bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 by @dependabot[bot] in fsouza/fake-gcs-server#2007

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @dependabot[bot] in fsouza/fake-gcs-server#2008

build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.8 by @dependabot[bot] in fsouza/fake-gcs-server#2013

build(deps): bump github.com/fsouza/slognil from 0.4.2 to 0.4.3 by @dependabot[bot] in fsouza/fake-gcs-server#2014

build(deps): bump github.com/minio/minio-go/v7 from 7.0.92 to 7.0.95 by @dependabot[bot] in fsouza/fake-gcs-server#2012

build(deps): bump google.golang.org/grpc from 1.72.0 to 1.75.0 by @dependabot[bot] in fsouza/fake-gcs-server#2011

build(deps): bump github.com/pkg/xattr from 0.4.10 to 0.4.12 by @dependabot[bot] in fsouza/fake-gcs-server#2010

build(deps): bump cloud.google.com/go/storage from 1.53.0 to 1.56.1 by @dependabot[bot] in fsouza/fake-gcs-server#2009

... (truncated)

Commits

024d541 internal/config: remove usage of test := test
ec92f99 Fix metadata headers not being preserved during upload and retrieval (#2103)
0ec5cfa Add environment variable support for all configuration options (#1925)
eef285f build(deps): bump google.golang.org/grpc from 1.79.0 to 1.79.1 (#2147)
524ba69 Stop using the test := test hack
6a268d6 github/workflows/main: use Go 1.26 for linting
1d90985 examples/go: Go 1.26.0
6492478 Go 1.26 is out, drop 1.24
4f31450 build(deps): bump docker/build-push-action from 6.19.1 to 6.19.2 (#2144)
2a2a79f build(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.0 (#2145)
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.16.4 to 5.19.1

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.19.1

What's Changed

v5: plumbing: transport/ssh, Shell-quote path by @hiddeco in go-git/go-git#2068

v5: git: submodule, Fix relative URL resolution by @hiddeco in go-git/go-git#2070

v5: git: submodule, canonical remote for relative URLs by @hiddeco in go-git/go-git#2074

v5: git: submodule, error on remote without URLs by @hiddeco in go-git/go-git#2078

v5: plumbing: format/idxfile, Validate offset64 indices by @hiddeco in go-git/go-git#2084

v5: *: Reject malformed variable-length integers by @hiddeco in go-git/go-git#2092

v5: plumbing: format/packfile, Tighten delta validation by @hiddeco in go-git/go-git#2091

v5: Add worktreeFilesystem wrapper for worktree and hardening by @hiddeco in go-git/go-git#2100

v5: config: validate submodule names by @hiddeco in go-git/go-git#2082

build: Update module github.com/go-git/go-git/v5 to v5.19.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#2111

v5: git: Allow MkdirAll on worktree-root paths by @hiddeco in go-git/go-git#2117

v5: git: Stop validating symlink target paths by @pjbgf in go-git/go-git#2116

v5: plumbing: format decoder input bounds and contracts by @hiddeco in go-git/go-git#2125

plumbing: format/packfile, cap delta chain depth in parser by @pjbgf in go-git/go-git#2137

Full Changelog: go-git/go-git@v5.19.0...v5.19.1

v5.19.0

What's Changed

build: Update module github.com/go-git/go-git/v5 to v5.18.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#2010

v5: Bump sha1cd and go-billy by @pjbgf in go-git/go-git#2060

v5: Align object encoding with upstream by @pjbgf in go-git/go-git#2065

Full Changelog: go-git/go-git@v5.18.0...v5.19.0

v5.18.0

What's Changed

plumbing: transport/http, Add support for followRedirects policy by @pjbgf in go-git/go-git#2004

Full Changelog: go-git/go-git@v5.17.2...v5.18.0

v5.17.2

What's Changed

build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1941

dotgit: skip writing pack files that already exist on disk by @pjbgf in go-git/go-git#1944

⚠️ This release fixes a bug (go-git/go-git#1942) that blocked some users from upgrading to v5.17.1. Thanks @pskrbasu for reporting it. 🙇

Full Changelog: go-git/go-git@v5.17.1...v5.17.2

v5.17.1

What's Changed

build: Update module github.com/cloudflare/circl to v1.6.3 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1930

[v5] plumbing: format/index, Improve v4 entry name validation by @pjbgf in go-git/go-git#1935

[v5] plumbing: format/idxfile, Fix version and fanout checks by @pjbgf in go-git/go-git#1937

... (truncated)

Commits

3c3be60 Merge pull request #2137 from go-git/validate-v5
3fba897 plumbing: format/packfile, cap delta chain depth in parser
a97d660 Merge pull request #2125 from hiddeco/v5/format-input-bounds
aeaa125 plumbing: format/objfile, require Header before Read
1f38e17 plumbing: format/packfile, bound inflate size
f7545a0 plumbing: format/idxfile, bound nr by file size
170b881 Merge pull request #2116 from pjbgf/symlink-v5
7b6d994 Merge pull request #2117 from hiddeco/v5/worktree-fs-mkdirall-root-noop
f0709b3 git: Stop validating symlink target paths
776d00f git: Allow MkdirAll on worktree-root paths
Additional commits viewable in compare view

Updates github.com/hashicorp/vault/api from 1.22.0 to 1.23.0

Commits

d430306 Merge remote-tracking branch 'remotes/from/ce/main'
a3bc0a3 (enos): Add LDAP secrets engine blackbox tests to Plugin Scenario (#13072) (#...
f8df539 Merge remote-tracking branch 'remotes/from/ce/main'
2b0ec25 VAULT-43444 Addressed races in tests (#13278) (#13285)
a097d1f Merge remote-tracking branch 'remotes/from/ce/main'
7e587fd Update vault-plugin-auth-kubernetes to v0.24.1 (#13259) (#13287)
1331818 UI: Fix namespace search showing empty state when namespaces exist (#13257) (...
7b12feb Merge remote-tracking branch 'remotes/from/ce/main'
7d4395c Update vault-plugin-auth-jwt to v0.26.1 (#13242) (#13283)
6d4b615 adds flag to fix chrome in ci (#13279) (#13282)
Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.98 to 7.2.0

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

v7.2.0

What's Changed

Use go tool for ci-lint check by @klauspost in minio/minio-go#2229

Rename github.com/go-ini/ini to gopkg.in/ini.v1 by @ramondeklein in minio/minio-go#2232

Add RDMA / NVIDIA GPU Direct Storage support by @harshavardhana in minio/minio-go#2233

Full Changelog: minio/minio-go@v7.1.0...v7.2.0

Release v7.1.0

What's Changed

GetObjectAttributes: Add missing checksum & type by @klauspost in minio/minio-go#2217

support x-minio-source-time header for getobject / statObject by @jiuker in minio/minio-go#2219

Add new AWS checksums by @klauspost in minio/minio-go#2221

Full Changelog: minio/minio-go@v7.0.100...v7.1.0

Commits

33792ec Add RDMA / NVIDIA GPU Direct Storage support (#2233)
6bb13f7 Rename github.com/go-ini/ini to gopkg.in/ini.v1 (#2232)
d6341dc Use go tool for ci-lint check (#2229)
f29e568 Add new AWS checksums (#2221)
68e87b1 support x-minio-source-time header for getobject / statObject (#2219)
d457cd4 GetObjectAttributes: Add missing checksum & type (#2217)
570a610 Add ChecksumAlgorithm to list response (#2211)
9ab4afb Update signature of UpdateObjectEncryption (#2215)
30849ad fix: honor StartAfter when listing object versions (#2212)
2eacfe9 add SignV4WithServiceType function (#2214)
Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.12.3 to 1.17.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

A new future.keywords.not import that adds improved semantics to the not keyword.

Rule Labels in Decision Logs

Published json schema for IR and bundle manifest

Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:
__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)
If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:
not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }
Now, if any sub-expression is undefined or fails, the body is unsatisfiable and the not expression succeeds; matching the intuition that "the condition does not hold."

NOTE:

Users are recommended to import future.keywords.not whenever the not keyword is used in a policy.

Authored by @johanfylling

Rule Labels in Decision Logs (#2089)

Rule annotations now support a labels field. Labels from all successfully evaluated rules are collected and included in each decision log entry as a top-level rule_labels array. Each element is the merged label map for one successfully evaluated rule, with

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

A new future.keywords.not import that adds improved semantics to the not keyword.

Rule Labels in Decision Logs

Published json schema for IR and bundle manifest

Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:
__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)
If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:
not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }
Now, if any sub-expression is undefined or fails, the body is unsatisfiable and the not expression succeeds; matching the intuition that "the condition does not hold."

NOTE:

Users are recommended to import future.keywords.not whenever the not keyword is used in a policy.

Authored by @johanfylling

Rule Labels in Decision Logs (#2089)

Rule annotations now support a labels field. Labels from all successfully evaluated rules are collected and included in each decision log entry as a top-level rule_labels

... (truncated)

Commits

64a3625 Release v1.17.0 (#8710)
68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
7fe3066 server: remove dead code (s.partials) (#8708)
37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
1661f22 ast: add some schema $ref tests
3e22f56 benchmarks: only run for go changes
13aaeab benchmarks: move env vars, remove zizmor-ignore comment
93e1708 benchmarks: fix PR message, skip tests
4ce3991 benchmarks: use go tool machinery, add benchstat
41df8df benchmarks: use benchlab for per-PR feedback
Additional commits viewable in compare view

Updates github.com/redpanda-data/benthos/v4 from 4.63.1 to 4.73.0

Changelog

Sourced from github.com/redpanda-data/benthos/v4's changelog.

4.73.0 - 2026-05-07

Added

Schema: Added Date, TimeOfDay, UUID and timestamp/time-of-day params (@twmb)

4.72.0 - 2026-05-01

Added

Schema: Added a Decimal common type carrying precision and scale via a new LogicalParams struct, enabling lossless conversion between Avro, Parquet, and database NUMBER/NUMERIC decimals. Includes NewDecimal, FormatDecimal/ParseDecimal, and DecimalParams.Format/Parse/ValidateValue helpers, plus a Common.Validate entry point. ParseFromAny and InferFromAny now accept encoding/json.Number values, so schemas pipelined through json.Decoder.UseNumber() round-trip without precision loss. (@Jeffail)

Schema: Added a BigDecimal common type for arbitrary-precision decimals, alongside NewBigDecimal, FormatBigDecimal, and ParseBigDecimal helpers. Use it for sources that lack column-level precision (Postgres numeric without (p, s), Oracle NUMBER with no DATA_PRECISION, MongoDB Decimal128). Common.Validate enforces BigDecimal as a leaf type with no logical parameters. (@Jeffail)

4.70.0 - 2026-04-02

Added

docs: Add top-level descriptions to Bloblang methods (@jakescahill)

Changed

API: Switch plugins from Experimental to Stable by default (@prakhargarg105)

4.69.0 - 2026-03-19

Added

Bloblang: The hash method now supports sha3_256 and sha3_512 algorithms. (@prakhargarg105)

Bloblang: Added parse_logfmt method. (@twmb)

Bloblang: Added escape_url_path and unescape_url_path methods. (@twmb)

Processor/switch: Added continue option for conditional case chaining. (@twmb)

API: Added custom resource type registration. (@mmatczuk)

CLI: Added --verbose flag to list test case names. (@twmb)

Changed

Codec: Default to all-bytes reader for decompression codecs. (@twmb)

Fixed

Stdin: Fix watcher mode swallowing first message after reload. (@twmb)

Env: Handle Windows line terminators in dotenv parser. (@twmb)

Pipeline: Defer processor close in pool until all workers exit. (@twmb)

4.68.0 - 2026-03-13

Added

Go API: Add NewMessageWithContext to service package for constructing messages with an associated context. (@prakhargarg105)

... (truncated)

Commits

665a60a fix changelog (#431)
4846d30 Update Changelog (#430)
b13320b public/schema: add Date, TimeOfDay, UUID and timestamp/time-of-day params (#429)
d3ecb49 Update cl (#424)
76e9aa1 Update CL
ddb2b04 gh: increase max-turns for Claude code review from 30 to 50 (#422)
ef3a242 Update public/schema/bigdecimal_test.go
4b82977 public/schema: bound fractional digits in canonical decimal parser
9b6f8c4 public/schema: bump bigdecimal.go copyright to 2026
2ff41e6 public/schema: add BigDecimal common type
Additional commits viewable in compare view

Updates github.com/redpanda-data/connect/v4 from 4.78.0 to 4.93.0

Release notes

Sourced from github.com/redpanda-data/connect/v4's releases.

v4.93.0

For installation instructions check out the getting started guide.

Fixed

oracledb_cdc: Fixed LOB_TRIM handling to correctly finalize LOB values in SecureFile storage variant and improved LOB merge logic to prevent silent row collisions when multiple LOB-only updates occur in the same transaction. (@josephwoodward, #4430)

redpanda_migrator: Fixed a data race in groupsMigrator where admin client references were read without synchronization, preventing concurrent updates from being properly coordinated. (@mmatczuk, #4312)

oracledb_cdc: Exclude rare LogMiner meta events for unmonitored tables when LOB is enabled. (@josephwoodward, #4447)

The full change log can be found here.

v4.92.0

For installation instructions check out the getting started guide.

Added

kafka: Exposed Franz Kafka producer configuration options including acks, max_buffered_records, max_buffered_bytes, max_in_flight_requests, record_retries, and record_delivery_timeout for greater control over message delivery behavior. (@dyurchanka, #4028)

telemetry: Add deployment-type and tenant-id to call-home payload (@prakhargarg105, #4426)

Fixed

iceberg: Improved Iceberg commit performance by skipping the redundant duplicate-path check on AddDataFiles operations, which was causing multiplicative slowdowns on busy tables. (@Jeffail, #4421)

Changed

oracledb_cdc: Extend checkpoint cache to support multiple callers (@josephwoodward, #4417)

The full change log can be found here.

v4.91.0

For installation instructions check out the getting started guide.

Fixed

aws_s3: Fixed object_canned_acl field to properly accept empty string value in schema validation and runtime, allowing uploads to buckets with ACLs disabled. (@josephwoodward, #4413)

iceberg: Fixed Iceberg v2 manifest list writer to accept v1 manifest files from tables upgraded from v1 to v2, resolving commit failures on upgraded tables. (@Jeffail, #4404)

The full change log can be found here.

v4.90.3

For installation instructions check out the getting started guide.

Added

mysql_cdc: MySQL CDC connector now supports parallel snapshots to improve initial data capture performance when replicating large tables. (@josephwoodward, #4363)

bigquery: Added storage write API connector. (@squiidz, #4220)

Fixed

iceberg: Fix schema column ordering (@josephwoodward, #4373)

... (truncated)

Changelog

Sourced from github.com/redpanda-data/connect/v4's changelog.

4.93.0 - 2026-05-21

Fixed

oracledb_cdc: Fixed LOB_TRIM handling to correctly finalize LOB values in SecureFile storage variant and improved LOB merge logic to prevent silent row collisions when multiple LOB-only updates occur in the same transaction. (@josephwoodward, #4430)

redpanda_migrator: Fixed a data race in groupsMigrator where admin client references were read without synchronization, preventing concurrent updates from being properly coordinated. (@mmatczuk, #4312)

oracledb_cdc: Exclude rare LogMiner meta events for unmonitored tables when LOB is enabled. (@josephwoodward, #4447)

4.92.0 - 2026-05-14

Added

kafka: Exposed Franz Kafka producer configuration options including acks, max_buffered_records, max_buffered_bytes, max_in_flight_requests, record_retries, and record_delivery_timeout for greater control over message delivery behavior. (@dyurchanka, #4028)

telemetry: Add deployment-type and tenant-id to call-home payload (@prakhargarg105, #4426)

Fixed

iceberg: Improved Iceberg commit performance by skipping the redundant duplicate-path check on AddDataFiles operations, which was causing multiplicative slowdowns on busy tables. (@Jeffail, #4421)

Changed

oracledb_cdc: Extend checkpoint cache to support multiple callers (@josephwoodward, #4417)

4.91.0 - 2026-05-08

Fixed

aws_s3: Fixed object_canned_acl field to properly accept empty string value in schema validation and runtime, allowing uploads to buckets with ACLs disabled. (@josephwoodward, #4413)

iceberg: Fixed Iceberg v2 manifest list writer to accept v1 manifest files from tables upgraded from v1 to v2, resolving commit failures on upgraded tables. (@Jeffail, #4404)

4.90.0 - 2026-04-30

Added

mysql_cdc: MySQL CDC connector now supports parallel snapshots to improve initial data capture performance when replicating large tables. (@josephwoodward, #4363)

bigquery: Added storage write API connector. (@squiidz, #4220)

Fixed

iceberg: Fix schema column ordering (@josephwoodward, #4373)

4.89.3 - 2026-04-30

Fixed

iceberg: fix decimal min/max stats extraction for parquet files (@josephwoodward, #4368)

iceberg: Preserve schema-registry column order when auto-creating tables. Build-time ordering now follows schema_metadata when present and falls back to sorted record keys otherwise, replacing Go's randomised map iteration. In case-insensitive mode, top-level column names use the metadata's casing — record keys are matched by case-folding and the metadata's name lands in the table, mirroring how nested struct fields supplied via metadata are named. (@josephwoodward, #4373)

Added

... (truncated)

Commits

9908286 Update changelog for v4.93.0 (#4444)
f6e3cd1 deps: address golang.org/x/sys vulnerability (#4446)
ec48a0d oracledb_cdc: exclude LogMiner meta events for unmonitored tables when LOB is...
367e9f5 bigquery: add schema resolver, evolution, and table name sanitization (#4385)
6a606d2 oracledb_cdc: handle LOB_TRIM redo SQL separately from SELECT_LOB_LOCATOR (#4...
e491c80 docs: refresh README structure and tone (#4415)
29e27ad Bump github.com/go-git/go-git/v5 to v5.19.1 to address Snyk findings (#4440)
bcba9cb CI: ensure new integration test packages are registered in our test runner (#...
4183a2a chore: fix linting issue (#4435)
be3d575 redpanda_migrator: fix data race on groupsMigrator admin clients (#4312)
Additional commits viewable in compare view

Updates github.com/rogpeppe/go-internal from 1.14.1 to 1.15.0

Release notes

Sourced from github.com/rogpeppe/go-internal's releases.

v1.15.0

What's Changed

hash: do not salt with Go runtime version by @rogpeppe in rogpeppe/go-internal#292

testscript: reset verbose on new blocks by @myitcv in rogpeppe/go-internal#293

testscript: rewind last block if it was not in error by @myitcv in rogpeppe/go-internal#294

testscript: protect against no-op uses of cmp by @mvdan in rogpeppe/go-internal#295

goproxytest: add Setup by @rogpeppe in rogpeppe/go-internal#303

update Go, fix, add /@latest to goproxytest by @mvdan in rogpeppe/go-internal#302

internal/vcs: remove SYSTEMROOT workaround for Windows by @mvdan in rogpeppe/go-internal#299

goproxytest: add overlay capability by @rogpeppe in rogpeppe/go-internal#304

Full Changelog: rogpeppe/go-internal@v1.14.1...v1.15.0

Commits

8b1dcd4 goproxytest: make .mod and .info files optional
02e5dd4 goproxytest: add overlay capability (#304)
3030644 internal/vcs: remove SYSTEMROOT workaround for Windows
a4c00dc goproxytest: handle /@latest endpoint
19311e8 all: go fix ./...
74d1312 test on Go 1.25 and 1.26
aa1b1e2 goproxytest: add Setup (#303)
5223eff testscript: protect against no-op uses of cmp
ee70938 testscript: rewind last block if it was not in error
a4ecbfb testscript: add a non-failing block to the end of logging tests
Additional commits viewable in compare view

Updates github.com/testcontainers/testcontainers-go from 0.40.0 to 0.42.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.42.0

What's Changed

⚠️ Breaking Changes

chore!: migrate to moby modules (#3591) @thaJeztah

🔒 Security

chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @thaJeztah

🐛 Bug Fixes

fix: return an error when docker host cannot be retrieved (#3613) @ash2k

🧹 Housekeeping

chore: gitignore Gas Town agent artifacts (#3633) @mdelapenya

fix(usage-metrics): include last release in the legend pop over (#3630) @mdelapenya

chore: update usage metrics (2026-04) (#3621) @github-actions[bot]

fix(usage-metrics): order of actions matters (#3623) @mdelapenya

fix(usage-metrics): reduce rate-limit cascade errors (#3622) @mdelapenya

fix(usage-metrics): replace the per-version inline retry with a multi-pass approach (#3620) @mdelapenya

📦 Dependency updates

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.28.0 to 1.43.0 in /modules/grafana-lgtm (

Bumps the e2e group with 12 updates in the /e2e directory: | Package | From | To | | --- | --- | --- | | [github.com/docker/go-connections](https://github.com/docker/go-connections) | `0.6.0` | `0.7.0` | | [github.com/fsouza/fake-gcs-server](https://github.com/fsouza/fake-gcs-server) | `1.52.3` | `1.54.0` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.4` | `5.19.1` | | [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) | `1.22.0` | `1.23.0` | | [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) | `7.0.98` | `7.2.0` | | [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.12.3` | `1.17.0` | | [github.com/redpanda-data/benthos/v4](https://github.com/redpanda-data/benthos) | `4.63.1` | `4.73.0` | | [github.com/redpanda-data/connect/v4](https://github.com/redpanda-data/connect) | `4.78.0` | `4.93.0` | | [github.com/rogpeppe/go-internal](https://github.com/rogpeppe/go-internal) | `1.14.1` | `1.15.0` | | [github.com/testcontainers/testcontainers-go/modules/kafka](https://github.com/testcontainers/testcontainers-go) | `0.40.0` | `0.42.0` | | [github.com/testcontainers/testcontainers-go/modules/vault](https://github.com/testcontainers/testcontainers-go) | `0.40.0` | `0.42.0` | | [github.com/twmb/franz-go/pkg/kadm](https://github.com/twmb/franz-go) | `1.17.2` | `1.18.0` | Updates `github.com/docker/go-connections` from 0.6.0 to 0.7.0 - [Commits](docker/go-connections@v0.6.0...v0.7.0) Updates `github.com/fsouza/fake-gcs-server` from 1.52.3 to 1.54.0 - [Release notes](https://github.com/fsouza/fake-gcs-server/releases) - [Commits](fsouza/fake-gcs-server@v1.52.3...v1.54.0) Updates `github.com/go-git/go-git/v5` from 5.16.4 to 5.19.1 - [Release notes](https://github.com/go-git/go-git/releases) - [Changelog](https://github.com/go-git/go-git/blob/main/HISTORY.md) - [Commits](go-git/go-git@v5.16.4...v5.19.1) Updates `github.com/hashicorp/vault/api` from 1.22.0 to 1.23.0 - [Release notes](https://github.com/hashicorp/vault/releases) - [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md) - [Commits](hashicorp/vault@api/v1.22.0...api/v1.23.0) Updates `github.com/minio/minio-go/v7` from 7.0.98 to 7.2.0 - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](minio/minio-go@v7.0.98...v7.2.0) Updates `github.com/open-policy-agent/opa` from 1.12.3 to 1.17.0 - [Release notes](https://github.com/open-policy-agent/opa/releases) - [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md) - [Commits](open-policy-agent/opa@v1.12.3...v1.17.0) Updates `github.com/redpanda-data/benthos/v4` from 4.63.1 to 4.73.0 - [Changelog](https://github.com/redpanda-data/benthos/blob/main/CHANGELOG.md) - [Commits](redpanda-data/benthos@v4.63.1...v4.73.0) Updates `github.com/redpanda-data/connect/v4` from 4.78.0 to 4.93.0 - [Release notes](https://github.com/redpanda-data/connect/releases) - [Changelog](https://github.com/redpanda-data/connect/blob/main/CHANGELOG.md) - [Commits](redpanda-data/connect@v4.78.0...v4.93.0) Updates `github.com/rogpeppe/go-internal` from 1.14.1 to 1.15.0 - [Release notes](https://github.com/rogpeppe/go-internal/releases) - [Commits](rogpeppe/go-internal@v1.14.1...v1.15.0) Updates `github.com/testcontainers/testcontainers-go` from 0.40.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0) Updates `github.com/testcontainers/testcontainers-go/modules/kafka` from 0.40.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0) Updates `github.com/testcontainers/testcontainers-go/modules/redpanda` from 0.40.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0) Updates `github.com/testcontainers/testcontainers-go/modules/vault` from 0.40.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0) Updates `github.com/twmb/franz-go` from 1.20.6 to 1.20.7 - [Changelog](https://github.com/twmb/franz-go/blob/master/CHANGELOG.md) - [Commits](twmb/franz-go@v1.20.6...v1.20.7) Updates `github.com/twmb/franz-go/pkg/kadm` from 1.17.2 to 1.18.0 - [Changelog](https://github.com/twmb/franz-go/blob/master/CHANGELOG.md) - [Commits](twmb/franz-go@pkg/kadm/v1.17.2...v1.18.0) Updates `golang.org/x/exp` from 0.0.0-20251002181428-27f1f14c8bb9 to 0.0.0-20260410095643-746e56fc9e2f - [Commits](https://github.com/golang/exp/commits) --- updated-dependencies: - dependency-name: github.com/docker/go-connections dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/fsouza/fake-gcs-server dependency-version: 1.54.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/hashicorp/vault/api dependency-version: 1.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/minio/minio-go/v7 dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/open-policy-agent/opa dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/redpanda-data/benthos/v4 dependency-version: 4.73.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/redpanda-data/connect/v4 dependency-version: 4.93.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/rogpeppe/go-internal dependency-version: 1.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/testcontainers/testcontainers-go dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/testcontainers/testcontainers-go/modules/kafka dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/testcontainers/testcontainers-go/modules/redpanda dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/testcontainers/testcontainers-go/modules/vault dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: github.com/twmb/franz-go dependency-version: 1.20.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: e2e - dependency-name: github.com/twmb/franz-go/pkg/kadm dependency-version: 1.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: e2e - dependency-name: golang.org/x/exp dependency-version: 0.0.0-20260410095643-746e56fc9e2f dependency-type: direct:production update-type: version-update:semver-patch dependency-group: e2e ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 28, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the e2e group across 1 directory with 16 updates#448

build(deps): bump the e2e group across 1 directory with 16 updates#448
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/e2e/e2e-5920f8b270

dependabot Bot commented on behalf of github May 28, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 28, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.54.0

What's Changed

New Contributors

v1.53.1

What's Changed

v1.53.0

What's Changed

v5.19.1

What's Changed

v5.19.0

What's Changed

v5.18.0

What's Changed

v5.17.2

What's Changed

v5.17.1

What's Changed

v7.2.0

What's Changed

Release v7.1.0

What's Changed

v1.17.0

Improved Negation Semantics (#8387)

Rule Labels in Decision Logs (#2089)

1.17.0

Improved Negation Semantics (#8387)

Rule Labels in Decision Logs (#2089)

4.73.0 - 2026-05-07

Added

4.72.0 - 2026-05-01

Added

4.70.0 - 2026-04-02

Added

Changed

4.69.0 - 2026-03-19

Added

Changed

Fixed

4.68.0 - 2026-03-13

Added

v4.93.0

Fixed

v4.92.0

Added

Fixed

Changed

v4.91.0

Fixed

v4.90.3

Added

Fixed

4.93.0 - 2026-05-21

Fixed

4.92.0 - 2026-05-14

Added

Fixed

Changed

4.91.0 - 2026-05-08

Fixed

4.90.0 - 2026-04-30

Added

Fixed

4.89.3 - 2026-04-30

Fixed

Added

v1.15.0

What's Changed

v0.42.0

What's Changed

⚠️ Breaking Changes

🔒 Security

🐛 Bug Fixes

🧹 Housekeeping

📦 Dependency updates

Uh oh!

Reviewers

Assignees

dependabot Bot commented on behalf of github May 28, 2026 •

edited

Loading