🌱 Bump the dependencies group across 1 directory with 33 updates

[dependabot]

Bumps the dependencies group with 12 updates in the / directory:

Package	From	To
github.com/aws/amazon-vpc-cni-k8s	1.15.5	1.21.1
github.com/aws/aws-lambda-go	1.41.0	1.52.0
github.com/aws/aws-sdk-go	1.55.5	1.55.8
github.com/coreos/ignition/v2	2.16.2	2.25.1
github.com/gofrs/flock	0.8.1	0.13.0
github.com/openshift/rosa	1.2.48-rc1	1.2.48
github.com/sergi/go-diff	1.3.1	1.4.0
github.com/sirupsen/logrus	1.9.3	1.9.4
github.com/zgalor/weberr	0.8.2	0.9.0
sigs.k8s.io/aws-iam-authenticator	0.6.13	0.7.10
sigs.k8s.io/cluster-api	1.9.4	1.9.11
sigs.k8s.io/cluster-api/test	1.9.4	1.9.11

Updates github.com/aws/amazon-vpc-cni-k8s from 1.15.5 to 1.21.1

Release notes

Sourced from github.com/aws/amazon-vpc-cni-k8s's releases.

v1.21.1

Fixes bug in Network Policy agent where the map pointer gets overwritten which causes issues with existing network policies

What's Changed

• Release 1.21 by @​jaydeokar in aws/amazon-vpc-cni-k8s#3545
• Adding CNI v1.21.1 release by @​jaydeokar in aws/amazon-vpc-cni-k8s#3550

Full Changelog: aws/amazon-vpc-cni-k8s@v1.21.0...v1.21.1

To manually apply this release:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.21.1/config/master/aws-k8s-cni.yaml

Note that the following regions use different manifests:
us-gov-east-1:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.21.1/config/master/aws-k8s-cni-us-gov-east-1.yaml

us-gov-west-1:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.21.1/config/master/aws-k8s-cni-us-gov-west-1.yaml

cn:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/refs/heads/v1.21.1/config/master/aws-k8s-cni-cn.yaml

To apply this release using helm:
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.21.1/charts/aws-vpc-cni/README.md#installing-the-chart
Verify the update:

$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3

amazon-k8s-cni-init:v1.21.1 amazon-k8s-cni:v1.21.1 amazon/aws-network-policy-agent:v1.3.1

v1.21.0

🚨 🚨 🚨 v1.21.0 contains a defect in Network Policy Agent version (image tag v1.3.0) that may cause issues with existing network policies. For users using network policy feature, please upgrade to v1.21.1. 🚨 🚨 🚨

What's New

... (truncated)

Changelog

Sourced from github.com/aws/amazon-vpc-cni-k8s's changelog.

v1.21.1

• Bug fix for Network Policy Agent

v1.21.0

• chore: update VPC IP resource limits by @​github-actions[bot] in aws/amazon-vpc-cni-k8s#3521
• Bump peter-evans/create-pull-request from 7.0.5 to 7.0.9 by @​dependabot[bot] in aws/amazon-vpc-cni-k8s#3519
• Bump golang.org/x/crypto from 0.40.0 to 0.45.0 by @​dependabot[bot] in aws/amazon-vpc-cni-k8s#3515
• Merge into release branch by @​jaydeokar in aws/amazon-vpc-cni-k8s#3522
• updating changelog by @​yash97 in aws/amazon-vpc-cni-k8s#3525
• chore: update VPC IP resource limits by @​github-actions[bot] in aws/amazon-vpc-cni-k8s#3532
• updating setup go fo gh action by @​yash97 in aws/amazon-vpc-cni-k8s#3537
• update tags by @​yash97 in aws/amazon-vpc-cni-k8s#3535
• update golang version by @​yash97 in aws/amazon-vpc-cni-k8s#3536

v1.20.5

• enabling pod egress traffic test for under mac address policy variation by @​yash97 in aws/amazon-vpc-cni-k8s#3459
• Bump the aws-dependencies group with 9 updates by @​yash97 in aws/amazon-vpc-cni-k8s#3465
• chore: update VPC IP resource limits by @​jaydeokar in aws/amazon-vpc-cni-k8s#3476
• bumping kops tag to v1.34 by @​Supreeth095 in aws/amazon-vpc-cni-k8s#3477
• feat: add retry logic for netlink dump operations by @​dcoppa in aws/amazon-vpc-cni-k8s#3440
• chore: update VPC IP resource limits by @​yash97 in aws/amazon-vpc-cni-k8s#3481
• Updating network policy agent version by @​jaydeokar in aws/amazon-vpc-cni-k8s#3491
• Bump actions/dependency-review-action from 4.3.3 to 4.8.1 by @​jaydeokar in aws/amazon-vpc-cni-k8s#3485
• Bump actions/setup-go from 5.5.0 to 6.0.0 by @​jaydeokar in aws/amazon-vpc-cni-k8s#3486
• Gracefully handle v4 (unmanaged) ENIs on IPv6 node by @​jaydeokar in aws/amazon-vpc-cni-k8s#3489
• Go bump by @​Supreeth095 in aws/amazon-vpc-cni-k8s#3500
• chore: update VPC IP resource limits by @​jaydeokar in aws/amazon-vpc-cni-k8s#3502
• nit: Update README to separate ENI Tags from Subnet Tags by @​yash97 in aws/amazon-vpc-cni-k8s#3508
• Update NP agent version for release by @​jaydeokar in aws/amazon-vpc-cni-k8s#3492
• Updating CNI cn yaml file by @​jaydeokar in https://github.com/aws/amazon-vpc-cni-k8s/pull/
• Bumping up containerd version for CVE fix by @​jaydeokar in aws/amazon-vpc-cni-k8s#3512
• chore: update VPC IP resource limits by @​github-actions[bot] and @​jaydeokar in aws/amazon-vpc-cni-k8s#3514

v1.20.4

• Updating SNAT variable documentation by @​jaydeokar in aws/amazon-vpc-cni-k8s#3439
• Bump the k8s-dependencies group with 5 updates by @​dependabot[bot] in aws/amazon-vpc-cni-k8s#3426
• Bump the aws-dependencies group with 11 updates by @​dependabot[bot] in aws/amazon-vpc-cni-k8s#3424
• Optimize ENI slot reservation for non-supported instance type by @​phuhung273 in aws/amazon-vpc-cni-k8s#3250
• Include all plugins for Multus by @​jaydeokar in aws/amazon-vpc-cni-k8s#3470
• fix: format string bug in GetPodMTU error logging by @​dcoppa in aws/amazon-vpc-cni-k8s#3471

v1.20.3

• chore: update VPC IP resource limits by @​github-actions[bot] in aws/amazon-vpc-cni-k8s#3441
• chore: update VPC IP resource limits by @​github-actions[bot] in aws/amazon-vpc-cni-k8s#3453
• Optionally setting up Route table for non zero Network Cards if AMI is already configuring at bootup by @​jaydeokar in aws/amazon-vpc-cni-k8s#3452

... (truncated)

Commits

• e082bae Merge pull request #3552 from aws/master
• cdfc4c5 Merge branch 'release-1.21' into master
• 2379e32 Adding CNI v1.21.1 release (#3550)
• 457feb3 Release 1.21 (#3545)
• b58ebdb Merge branch 'master' into release-1.21
• f3a6226 Release notes for v1.21.0 (#3547)
• a1fa583 Merge pull request #3522 from aws/master (#3540)
• 06343ad Merge branch 'master' into release-1.21
• 32fbbc2 update golang version (#3536)
• 401cbc6 update tags in chart file(#3535)
• Additional commits viewable in compare view

Updates github.com/aws/aws-lambda-go from 1.41.0 to 1.52.0

Release notes

Sourced from github.com/aws/aws-lambda-go's releases.

v1.52.0

What's Changed

• lambdacontext feature: Adding structured logging helper by @​anzheyazzz in aws/aws-lambda-go#614

New Contributors

• @​anzheyazzz made their first contribution in aws/aws-lambda-go#614

Full Changelog: aws/aws-lambda-go@v1.51.2...v1.52.0

v1.51.2

What's Changed

• fix: always return PhysicalResourceID for CFn CustomResources by @​Youssef-Beltagy in aws/aws-lambda-go#613

New Contributors

• @​Youssef-Beltagy made their first contribution in aws/aws-lambda-go#613

Full Changelog: aws/aws-lambda-go@v1.51.1...v1.51.2

v1.51.1

What's Changed

• documentation rework by @​bmoffatt in aws/aws-lambda-go#608

Full Changelog: aws/aws-lambda-go@v1.51.0...v1.51.1

v1.51.0

What's Changed

• Add support for AWS_LAMBDA_MAX_CONCURRENCY for use with Lambda Managed Instances by @​bmoffatt in aws/aws-lambda-go#600
  • Remove _X_AMZN_TRACE_ID environment variable mutations when handling concurrent invokes by @​bmoffatt in aws/aws-lambda-go#602
• Add APIGatewayProxyStreamingResponse for use with API Gateway's STREAM Response Transfer Mode by @​bmoffatt in aws/aws-lambda-go#603
• Add TenantID to LambdaContext for use with Lambda's Tenant Isolation Mode by @​bmoffatt in aws/aws-lambda-go#604

Full Changelog: aws/aws-lambda-go@v1.50.0...v1.51.0

v1.50.0

What's Changed

• Add support for otfMetadata in Kinesis firehose response metadata for Iceberg routing by @​Smelton01 in aws/aws-lambda-go#595

New Contributors

• @​Smelton01 made their first contribution in aws/aws-lambda-go#595

Full Changelog: aws/aws-lambda-go@v1.49.0...v1.50.0

v1.49.0

What's Changed

• Add client certificate struct as field to APIGatewayRequestIdentity by @​Jon-Miao in aws/aws-lambda-go#573
• Add Cc to common headers by @​bbaayyy in aws/aws-lambda-go#578
• Update README_SecretsManager_SecretRotationEvent.md by @​evilensky in aws/aws-lambda-go#569
• Add Rotation Token for SecretsManager Rotation Event by @​hannah-nguyen-ca in aws/aws-lambda-go#583

... (truncated)

Commits

• 9dac8a5 Add structured logging helper (#614)
• 6252f73 fix: always return PhysicalResourceID for CFn CustomResources (#613)
• d4fbc0b Add CODECOV_TOKEN to tests.yml (#609)
• a28c6f0 Update lambda/sigterm_test to use RIE via public.ecr.aws/lambda/provided rath...
• 56a0f54 documentation rework (#608)
• bbde148 Bump GitHub actions (#605)
• e2b5656 fix flaky test TestRuntimeAPILoopWithConcurrency (#606)
• 1fe9d1b Add TenantID to LambdaContext (#604)
• 7dfe2bb Add APIGatewayProxyStreamingResponse
• 45c22d5 Remove _X_AMZN_TRACE_ID environment variable mutations when handling concurre...
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go from 1.55.5 to 1.55.8

Release notes

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.55.8 (2025-07-31)

SDK Features

• Mark the module and all packages as deprecated.
  • This SDK has entered end-of-support.

Release v1.55.7 (2025-04-22)

SDK Bugs

• service/s3/s3manager: Abort multipart download if object is modified during download
  • Fixes 4986

Release v1.55.6 (2025-01-15)

SDK Bugs

• Fix broken printf for go1.24

Commits

• 070853e release v1.55.8 (2025-07-31)
• bb0168e Add deprecation warnings everywhere and remove some README content
• 7ce44f3 aws
• 6d9a26d remove doc issue tmpl
• 239002f deprecate service packages and HLLs
• 70c4177 deprecate main runtime packages
• bbdd4e9 deprecate
• 163aada release v1.55.7 (2025-04-22) (#5346)
• 9eb2bfd Abort multi part download if the object is modified during download
• 8d203cc Update bug-report.yml
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sts from 1.28.6 to 1.38.6

Commits

• 67db690 Release 2025-09-26
• 32ee1b5 Regenerated Clients
• 0b43122 Update endpoints model
• 44786d9 Update API model
• c98edb7 update internal endpts comment that was wrong (#3194)
• 88da3c8 Release 2025-09-25
• 74a74fc Regenerated Clients
• 5e6f7ae Update endpoints model
• 0e722ab Update API model
• 41a7d00 Release 2025-09-24
• Additional commits viewable in compare view

Updates github.com/coreos/ignition/v2 from 2.16.2 to 2.25.1

Release notes

Sourced from github.com/coreos/ignition/v2's releases.

v2.25.1

Ignition 2.25.1 (2025-12-22)

Bug fixes

• Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

v2.24.0

Features

• Add support for nocloud config fetching in kubevirt

Bug fixes

• Fix occasional cex.key file removal
• Fix multipath partitioning: ignore DM holders when no partitions are mounted

v2.23.0

Features

• Support UpCloud

Changes

• Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

• Fix fetch-offline for Oracle Cloud Infrastructure

v2.22.0

Starting with this release, ignition-validate binaries are signed with the Fedora 42 key.

Features

• Support Oracle Cloud Infrastructure

Changes

• Rename ignition.cfg -> 05_ignition.cfg
• Support setting setuid/setgid/sticky mode bits (3.6.0-exp)
• Warn if setuid/setgid/sticky mode bits specified (3.4.0 - 3.5.0)
• Add initial TMT tests and a new workflow to execute tests on PRs

Bug fixes

v2.21.0

Starting with this release, ignition-validate binaries are signed with the Fedora 41 key.

Features

... (truncated)

Changelog

Sourced from github.com/coreos/ignition/v2's changelog.

Ignition 2.25.1 (2025-12-22)

Bug fixes

• Fix OpenStack provider returning empty JSON instead of empty bytes when metadata has no config

Ignition 2.25.0 (2025-12-11)

Starting with this release, ignition-validate binaries are signed with the Fedora 43 key.

Features

• The name for custom clevis pins is not validated by Ignition anymore, enabling the use of arbitrary custom pins (3.6.0-exp)
• Add NVIDIA BlueField provider

Bug fixes

• Fix EnsureGroup to be idempotent when group already exists (#2158)
• Fix invalid random source in FIPS 140-only mode in FIPS mode (#2159)
• Only load kernel modules when actually necessary so that they can be built-in (#2164)

Ignition 2.24.0 (2024-10-14)

This version was actually released 2025-10-14, but changing the title now would invalidate links to this entry here in the release notes.

Features

• Add support for nocloud config fetching in kubevirt

Bug fixes

• Fix occasional cex.key file removal
• Fix multipath partitioning: ignore DM holders when no partitions are mounted

Ignition 2.23.0 (2025-09-10)

Features

• Support UpCloud

Changes

• Switch to aws-sdk-go-v2 for S3 fetches and EC2 interactions

Bug fixes

... (truncated)

Commits

• ef86d61 Merge pull request #2181 from prestist/new-release-2.25.1
• 87e5dd1 docs/release-notes: update for 2.25.1
• b97b22c Merge pull request #2177 from yasminvalim/bugfix-openstack-support
• 4248e7b Merge pull request #2179 from coreosbot-releng/repo-templates
• 478adc4 Sync repo templates ⚙
• 67a4c91 Merge pull request #2174 from coreos/dependabot/go_modules/build-4a2c2cba6a
• e7e9ce1 Merge pull request #2176 from coreos/add-owners
• 34be53d release-notes: add release notes for the bugfix
• d0c5d54 openstack.go: fix fetchConfigFromMetadataService bug removing encoding/json
• 21f3aaa build(deps): bump the build group with 7 updates
• Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.2 to 1.4.3

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.3

Minor release.

What's Changed

• Fix slog tests for 1.25 by @​hoeppi-google in go-logr/logr#361
• Remove one exception from Slog testing by @​thockin in go-logr/logr#362

New Contributors

• @​hoeppi-google made their first contribution in go-logr/logr#361

Full Changelog: go-logr/logr@v1.4.2...v1.4.3

Commits

• 38a1c47 build(deps): bump github/codeql-action from 3.28.17 to 3.28.18
• f08bedd build(deps): bump actions/setup-go from 5.4.0 to 5.5.0
• 6295e99 build(deps): bump golangci/golangci-lint-action from 7.0.0 to 8.0.0
• 028840d build(deps): bump github/codeql-action from 3.28.15 to 3.28.17
• 511e5fa Merge pull request #367 from go-logr/dependabot/github_actions/github/codeql-...
• d806463 build(deps): bump github/codeql-action from 3.28.13 to 3.28.15
• 158c311 Merge pull request #366 from thockin/master
• c79ddb3 Update to support golangci-lint v2
• 20a64ba build(deps): bump github/codeql-action from 3.28.12 to 3.28.13
• 0385e14 Add comments around slog exceptions
• Additional commits viewable in compare view

Updates github.com/gofrs/flock from 0.8.1 to 0.13.0

Release notes

Sourced from github.com/gofrs/flock's releases.

v0.13.0

What's Changed

Minimum Go version 1.24

• feat: add Stat method by @​ferhatelmas in gofrs/flock#127
• chore(deps): bump golang.org/x/sys from 0.22.0 to 0.37.0

Full Changelog: gofrs/flock@v0.12.1...v0.13.0

v0.12.1

What's Changed

• tests: add tests about directory support by @​ldez in gofrs/flock#89
• chore(deps): bump golang.org/x/sys from 0.21.0 to 0.22.0 in the all group by @​dependabot in gofrs/flock#90
• fix: missing read-write flag in reopenFDOnError by @​crazy-max in gofrs/flock#95

New Contributors

• @​crazy-max made their first contribution in gofrs/flock#95

Full Changelog: gofrs/flock@v0.12.0...v0.12.1

v0.12.0

What's Changed

• feat: differentiation of Solaris and Illumos by @​ldez in gofrs/flock#80
• feat(windows): replace custom implementation with golang.org/x/sys/windows by @​ldez in gofrs/flock#81
• fix: update fnctl implementation by @​ldez in gofrs/flock#84
• feat: use runtime errors instead of compilation errors for unsupported platforms by @​ldez in gofrs/flock#85
• refactor: use x/sys/* instead of Syscall when possible by @​ldez in gofrs/flock#87

Full Changelog: gofrs/flock@v0.11.0...v0.12.0

v0.11.0

What's Changed

• feat: add options to define flag and permissions of the file by @​ldez in gofrs/flock#76
• tests: remove files generated during tests by @​ldez in gofrs/flock#77

Full Changelog: gofrs/flock@v0.10.0...v0.11.0

v0.10.0

What's Changed

• feat: add support for Illumos/Solaris by @​gaige in gofrs/flock#63
• chore: migrate from gopkg.in/check to stretchr/testify by @​ldez in gofrs/flock#70
• docs: remove reference to sync.Locker by @​ldez in gofrs/flock#66

New Contributors

• @​gaige made their first contribution in gofrs/flock#63

Full Changelog: gofrs/flock@v0.9.0...v0.10.0

... (truncated)

Commits

• bfec60b chore(deps): bump golang.org/x/sys from 0.36.0 to 0.37.0 in the gomod group (...
• 7094284 chore: update linter
• 8111aec feat: add Stat method (#127)
• 6f0f0ed chore(deps): bump the github-actions group with 4 updates (#126)
• fe44231 chore(deps): bump golang.org/x/sys from 0.35.0 to 0.36.0 in the gomod group (...
• f74f0fb chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in the go...
• c1f6d16 chore(deps): bump golang.org/x/sys from 0.34.0 to 0.35.0 in the gomod group (...
• c542c57 chore(deps): bump github/codeql-action from 3.29.2 to 3.29.5 in the github-ac...
• 425570b chore(deps): bump golang.org/x/sys from 0.33.0 to 0.34.0 in the gomod group (...
• 12753ea chore(deps): bump github/codeql-action from 3.28.18 to 3.29.2 in the github-a...
• Additional commits viewable in compare view

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

• (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

• (#370) Detect proto.Message types when failing to export a field

Commits

• 9b12f36 Detect proto.Message types when failing to export a field (#370)
• 4dd3d63 fix: type 'aribica' => 'arabica' (#368)
• 391980c Support compare functions with SortSlices and SortMaps (#367)
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.22.0 to 2.23.4

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.23.4

2.23.4

Prior to this release Ginkgo would compute the incorrect number of available CPUs when running with -p in a linux container. Thanks to @​emirot for the fix!

Features

• Add automaxprocs for using CPUQuota [2b9c428]

Fixes

• clarify gotchas about -vet flag [1f59d07]

Maintenance

• bump dependencies [2d134d5]

v2.23.3

2.23.3

Fixes

• allow - as a standalone argument [cfcc1a5]
• Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
• ignore exit code for symbol test on linux [88e2282]

v2.23.2

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

v2.23.1

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

• make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
• emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

... (truncated)

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.23.4

Prior to this release Ginkgo would compute the incorrect number of available CPUs when running with -p in a linux container. Thanks to @​emirot for the fix!

Features

• Add automaxprocs for using CPUQuota [2b9c428]

Fixes

• clarify gotchas about -vet flag [1f59d07]

Maintenance

• bump dependencies [2d134d5]

2.23.3

Fixes

• allow - as a standalone argument [cfcc1a5]
• Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
• ignore exit code for symbol test on linux [88e2282]

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

• make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
• emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

This might cause existing CI builds to fail. If so then it's likely that your CI build was misconfigured and should be corrected. Open an issue if you need help.

2.23.0

... (truncated)

Commits

• 229c981 v2.23.4
• 2d134d5 bump dependencies
• 2b9c428 Add automaxprocs for using CPUQuota
• 31137de Revert "Add automaxprocs to automatically match the linux container CPU Quota"
• 91b11b8 Add automaxprocs to automatically match the linux container CPU Quota
• cdfddb6 maybe escape quotes when you put them in a quoted string.
• 1f59d07 clarify gotchas about -vet flag
• 7ab7d10 bump all the things
• 04a9a74 v2.23.3
• cfcc1a5 allow - as a standalone argument
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.36.0 to 1.37.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.37.0

1.37.0

Features

• add To/ToNot/NotTo aliases for AsyncAssertion [5666f98]

v1.36.3

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

v1.36.2

Maintenance

• Bump nokogiri from 1.16.3 to 1.16.5 in /docs by @​dependabot in onsi/gomega#757
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 by @​dependabot in onsi/gomega#808
• Bump golang.org/x/net from 0.30.0 to 0.33.0 by @​dependabot in onsi/gomega#807
• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 by @​dependabot in onsi/gomega#810

v1.36.1

1.36.1

Fixes

• Fix onsi/gomega#803 [1c6c112]
• resolves onsi/gomega#696: make HaveField great on pointer receivers given only a non-addressable value [4feb9d7]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.37.0

Features

• add To/ToNot/NotTo aliases for AsyncAssertion [5666f98]

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

1.36.2

Maintenance

• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 (#810) [9a7609d]
• Bump golang.org/x/net from 0.30.0 to 0.33.0 (#807) [b6cb028]
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 (#808) [5756529]
• Bump nokogiri from 1.16.3 to 1.16.5 in /docs (#757) [dabc12e]

1.36.1

Fixes

• Fix onsi/gomega#803 [1c6c112]
• resolves onsi/gomega#696: make HaveField great on pointer receivers given only a non-addressable value [4feb9d7]

Commits

• 272fca3 v1.37.0
• 5666f98 add To/ToNot/NotTo aliases for AsyncAssertion
• 2251143 v1.36.3
• adb8b49 bump all the things
• 7613216 chore: replace interface{} with any
• 9fe5259 Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822)
• a0e85b9 remove spurious "toolchain" from go.mod (#819)
• 604a8b1 Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823)
• 36fbc84 Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772)
• ced70d7 Bump github-pages from 231 to 232 in /docs (#778)
• Additional commits viewable in compare view

Updates github.com/openshift/rosa from 1.2.48-rc1 to 1.2.48

Release notes

Sourced from github.com/openshift/rosa's releases.

v1.2.48

Changelog

Features

• 68db331d OCM-10017 | feat: Add EC2 container registry policy to worker role for zero egress
• b2978270 OCM-10677 | feat: Adding extra validation to verify user is logged in
• ce46d3ae OCM-10677 | feat: Adding extra validation to verify user is logged in
• f5455c39 OCM-11496 | feat: Adding validation of the roles manage policies as a step when an upgrade policy is being requested by a cluster.
• ec8fc8e6 OCM-11810 | feat: Improved help message for rosa create network
• f64797aa OCM-11868 | feat: Adding --template-dir flag & TEMPLATE_DIR env var
• 427d7513 OCM-12179 | feat: adding dmoskale to rosa cli approvers
• 1b9cbf1b OCM-12285 | feat: Update cluster autoscaler max value (180->249)
• ad76f153 OCM-12420 | feat: Adding default cf template for binary builds
• 8a41d7f1 OCM-5664 | feat: fixing manual mode operator deletion command

Bug fixes

• 9aa356e6 OCM-10017 | fix: re-enable adding EC2 policy to worker role
• 8f41ad7b OCM-10017 | fix: revert adding EC2 policy to worker role
• fb37f8c5 OCM-11480 | fix: not exit when user choosing N for registry config
• afac1e9a OCM-11578 | fix: skip validation of container registry policy for create cluster
• 219ac1d0 OCM-11969 | fix: Rearranging creation order to fix endpoint issue
• 5715e2d9 OCM-12083 | fix: adding Availability zone default count
• 40ae8767 OCM-12100 | fix: Exit with status 0
• 25e17a77 OCM-12100 | fix: Only attempt provider creation with auto mode
• 0b2b6825 OCM-12100 | fix: Only run oidcprovider command when mode=auto
• 74cd5ece OCM-12101 | fix: Adding log outputs for empty values
• 2a7d0543 OCM-12118 | fix: Pass config ID into create/provider
• 6124108b OCM-12119 | fix: Env var regression with create/network
• 676a62c1 OCM-12256 | fix: Fixing enable-delete-protection flag
• fa7e671c OCM-12257 | fix: Fixing tags and network not appearing in help
• f7c22876 OCM-12379 | fix: Duplicate commands when manual create/accountroles
• ff79ace7 OCM-12435 | fix: Updated info message for when no template is specified
• 41dfb701 OCM-12438 | fix: changing default template dir in help message
• 8bd559d6 OCM-12479 | fix: Fixed help message for binary builds
• 0445109d OCM-12479 | fix: Fixed help message for binary builds
• cb2cb653 OCM-12480 | fix: Fixed default name in info message
• 65ab7df2 OCM-12482 | fix: Fixed tempalte dir env var to work
• 6590cb11 OCM-12486 | fix: Fixed network command to be able to run custom templates

Others

• 8ddfdc26 OCM-10805 | test: automated ids:76394,76395
• e55f4417 OCM-11675 | ci: Expose some of the cluster configurations for profile override
• 54e3373a OCM-11943 | chore: Bump master to 1.2.48
• 2302782d OCM-12036 | test: automated ids:38827,38829,35894,55701
• 20617572 OCM-12117 | test: automated ids:70370,76396,77149,72602
• f877e859 OCM-12315 | chore: St release version to 1.2.48-RC1
• 3ee785c9 OCM-12316 | chore: Bump version to RC2
• cae7dfdd OCM-12316 | chore: Set release version to 1.2.48
• c4e2d6d0 OCM-12316 | chore: Set release version to 1.2.48-RC4
• d534f08a OCM-12316 | chore: Set release version to 1.2.48-RC5
• 4a72043d OCM-1988 | chore: update ROSA CLI with the latest ocm sdk to use addons_mgmt
• 10dc599a OCM-9183 | test: Get kubeconfig from env
• 09992fa1 OCM-9310 | test: automated ids:75921,75922

... (truncated)

Commits

• cae7dfd OCM-12316 | chore: Set release version to 1.2.48

[dependabot]

Labels

The following labels could not be found: area/dependency, kind/cleanup, ok-to-test, release-note-none. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[spectro-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
To complete the pull request process, please assign after the PR has been reviewed.
You can assign the PR to them by writing /assign in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[spectro-prow]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a spectrocloud member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[bulwark-spectrocloud]

⚠️ GoSec scan found code issues:

1. G401: Use of weak cryptographic primitive, Severity: MEDIUM
   • 1. File: /home/runner/work/bulwark/bulwark/target-repo/pkg/cloud/services/eks/iam/iam.go:499:13
2. G505: Blocklisted import crypto/sha1: weak cryptographic primitive, Severity: MEDIUM
   • 1. File: /home/runner/work/bulwark/bulwark/target-repo/pkg/cloud/services/eks/iam/iam.go:22:2

Please review these findings and fix the issues before merging.