fix(deps): update go module minor/patch updates

[red-hat-konflux-kflux-prd-rh02]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
filippo.io/edwards25519	v1.1.0 → v1.2.0
github.com/bxcodec/faker/v3	v3.2.0 → v3.8.1
github.com/docker/go-connections	v0.6.0 → v0.7.0
github.com/ebitengine/purego	v0.10.0 → v0.10.1
github.com/felixge/httpsnoop	v1.0.4 → v1.1.0
github.com/fsnotify/fsnotify	v1.9.0 → v1.10.1
github.com/getkin/kin-openapi	v0.133.0 → v0.140.0
github.com/go-ole/go-ole	v1.2.6 → v1.3.0
github.com/go-openapi/jsonpointer	v0.21.0 → v0.23.1
github.com/go-openapi/swag	v0.23.0 → v0.26.1
github.com/go-sql-driver/mysql	v1.8.1 → v1.10.0
github.com/go-viper/mapstructure/v2	v2.4.0 → v2.5.0
github.com/grpc-ecosystem/grpc-gateway/v2	v2.28.0 → v2.29.0
github.com/jackc/pgx/v5	v5.6.0 → v5.10.0
github.com/klauspost/compress	v1.18.5 → v1.18.6
github.com/mailru/easyjson	v0.7.7 → v0.9.2
github.com/moby/moby/api	v1.54.1 → v1.55.0
github.com/moby/moby/client	v0.4.0 → v0.5.0
github.com/moby/sys/sequential	v0.6.0 → v0.7.0
github.com/oasdiff/yaml	v0.0.0-20250309154309-f31be36b4037 → v0.1.0
github.com/oasdiff/yaml3	v0.0.0-20250309153720-d2182401db90 → v0.0.13
github.com/openshift-hyperfleet/hyperfleet-api-spec	v1.0.21 → v1.0.22
github.com/pelletier/go-toml/v2	v2.2.4 → v2.4.0
github.com/prometheus/client_golang	v1.16.0 → v1.23.2
github.com/prometheus/client_model	v0.3.0 → v0.6.2
github.com/prometheus/common	v0.42.0 → v0.69.0
github.com/prometheus/procfs	v0.10.1 → v0.20.1
github.com/sagikazarmark/locafero	v0.11.0 → v0.12.0
github.com/shirou/gopsutil/v4	v4.26.3 → v4.26.5
github.com/testcontainers/testcontainers-go	v0.42.0 → v0.43.0
github.com/testcontainers/testcontainers-go/modules/postgres	v0.42.0 → v0.43.0
github.com/tklauser/go-sysconf	v0.3.16 → v0.4.0
github.com/tklauser/numcpus	v0.11.0 → v0.12.0
github.com/woodsbury/decimal128	v1.3.0 → v1.4.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.62.0 → v0.69.0
go.opentelemetry.io/contrib/propagators/autoprop	v0.68.0 → v0.69.0
go.opentelemetry.io/contrib/propagators/aws	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/b3	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/jaeger	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/ot	v1.43.0 → v1.44.0
go.opentelemetry.io/otel	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/metric	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/sdk	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/trace	v1.43.0 → v1.44.0
golang.org/x/crypto	v0.52.0 → v0.53.0
golang.org/x/net	v0.54.0 → v0.56.0
golang.org/x/sync	v0.20.0 → v0.21.0
golang.org/x/sys	v0.45.0 → v0.46.0
golang.org/x/text	v0.37.0 → v0.38.0
golang.org/x/time	v0.14.0 → v0.15.0
google.golang.org/grpc	v1.80.0 → v1.81.1
gorm.io/driver/mysql	v1.5.6 → v1.6.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

FiloSottile/edwards25519 (filippo.io/edwards25519)

v1.2.0

Compare Source

v1.1.1

Compare Source

bxcodec/faker (github.com/bxcodec/faker/v3)

v3.8.1: Deprecating v3 module

Compare Source

Full Changelog: bxcodec/faker@v3.8.0...v3.8.1

v3.8.0

Compare Source

What's Changed

• feat: add min max size for random slice map And allowing one element for Oneof by @​autumn31 in #​130
• Support for Korean Hangul by @​geshtng in #​154
• fix slice tag bug AND add chinese name by @​qiangmzsx in #​141
• Support for Emoticons by @​geshtng in #​155
• Float boundaries by @​Xaspy in #​156

New Contributors

• @​autumn31 made their first contribution in #​130
• @​geshtng made their first contribution in #​154
• @​qiangmzsx made their first contribution in #​141
• @​Xaspy made their first contribution in #​156

Full Changelog: bxcodec/faker@v3.7.0...v3.8.0

v3.7.0

Compare Source

What's Changed

• feat: added random source customization by @​fredbi in #​137
• feat: Support for Japanese hiragana and katakana by @​tomtwinkle in #​145
• chore: check slice.Contains in for range block by @​eval-exec in #​151
• feat: randomInt support third argument by @​maco in #​150

New Contributors

• @​fredbi made their first contribution in #​137
• @​tomtwinkle made their first contribution in #​145 and thanks to @​geshtng for reviewing the PR
• @​eval-exec made their first contribution in #​151
• @​maco made their first contribution in #​150

Full Changelog: bxcodec/faker@v3.6.0...v3.7.0

v3.6.0

Compare Source

Features

• feat: added fake jwt-token support (#​113) by @​musinit
• feat: Add RemoveProvider public method (#​115) by @​pioz
• feat: Add ability to ignore interface{} population with SetIgnoreInterface() (#​123) by @​nashikb

Chores

• chore: removes Adolf from male names (#​128) by @​DavidLarsKetch

v3.5.0

Compare Source

Features

• feat: Implement oneof tag (#​103) by @​andrew-werdna
• feat: oneof float support (#​106) by @​andrew-werdna
• feat: Adds Slice length tag (#​109) by @​Icety

Fixes

• fix: excluded characters in random string generator (#​111) by @​musinit

v3.4.0

Compare Source

Features

• feat: added gender tag (#​104) by @​musinit
  • test: add gender unit test (#​105)by @​bxcodec
• feat: new lang tag, chinese + russian lang generators (#​97) by @​musinit
  • docs: added lang tag example in readme (#​100) by @​musinit
• feat: upgrade linter version to use the latest stable version (#​98) by @​bxcodec

Fixes

• fix: Allow AddProvider to still work with some custom types (#​102) by @​andrew-werdna
• bugfix(faker): don't panic on typed array (#​99) by @​xaionaro
• fix: 0 not valid for random size #​96 by @​mattquest

v3.3.1

Compare Source

Fixes

• fix: convert slice types (#​91) by @​rgaskill

Chores

• chore: update README.md adding badge for pkg.go.dev (#​90) by @​bxcodec

v3.3.0

Compare Source

Features

• feat(error): extend error messages for bad tag's name (#​80) by @​steveoc64

Chores

• chore(linters): resolve linter and typos (#​78)
• README.md: fix a typo & formatting (#​79) by @​ifnotak
• chore(go): update go version for testing in travis (#​85)
• chore: update examples (#​88) by @​momotaro98
• chores(docs): Move example from markdown to tests (#​89) by @​mrVanboy

docker/go-connections (github.com/docker/go-connections)

v0.7.0

Compare Source

ebitengine/purego (github.com/ebitengine/purego)

v0.10.1

Compare Source

• Fix a concurrency bug where simultaneous FFI calls could swap return values across goroutines (#​451)

felixge/httpsnoop (github.com/felixge/httpsnoop)

v1.1.0

Compare Source

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.10.1

Compare Source

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#​754)

• inotify, windows: don't rename sibling watches sharing a path prefix
  (#​755)

v1.10.0

Compare Source

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#​731)

• inotify: send Rename event if recursive watch is renamed (#​696)

• inotify: avoid copying event buffers when reading names (#​741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#​748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#​740)

• windows: fix nil pointer dereference in remWatch (#​736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#​709, #​749)

getkin/kin-openapi (github.com/getkin/kin-openapi)

v0.140.0

Compare Source

What's Changed

• openapi3: document that a custom ReadFromURIFunc bypasses IsExternalRefsAllowed by @​reuvenharrison in #​1191
• openapi3: remove deepcopy dependency by @​alexandear in #​1193
• openapi3: remove decimal128 dependency by @​alexandear in #​1194
• refactor: apply modernize fixes by @​alexandear in #​1195
• openapi2,openapi3: replace marshmallow with encoding/json by @​alexandear in #​1196
• docs: update GoDoc links to Go Reference by @​alexandear in #​1197
• chore: bump jsonpointer to v0.22.5 by @​alexandear in #​1198

Full Changelog: getkin/kin-openapi@v0.139.0...v0.140.0

v0.139.0

Compare Source

What's Changed

• feat(openapi3): batch-convert long-tail RequiredFieldError sites by @​reuvenharrison in #​1170
• feat(openapi3): typed validation error clusters (combined: #​1171-#​1179) by @​reuvenharrison in #​1180
• openapi3gen: skip component export for anonymous types by @​0-don in #​1163
• feat: migrate to oasdiff/yaml v0.1.0 single Unmarshal API + enable DisableTimestamps by @​reuvenharrison in #​1181
• openapi3: typed context errors for Validate() wrapper chain by @​reuvenharrison in #​1183
• openapi3: track Origin on the document root (T) by @​reuvenharrison in #​1184
• openapi3: tests flakiness corrected by @​fenollp in #​1159
• openapi3: aggregate independent validation errors via EnableMultiError by @​reuvenharrison in #​1185
• openapi3: fix validation of duplicated path templates by @​reuvenharrison in #​1189
• openapi3: type the remaining bare-error validation sites by @​reuvenharrison in #​1187

Full Changelog: getkin/kin-openapi@v0.138.0...v0.139.0

v0.138.0

Compare Source

What's Changed

• openapi3gen: clear nullable on exported component bodies by @​0-don in #​1164
• openapi3: add test for issue #​927 (nullable not respected on $ref schemas) by @​fenollp in #​1165
• test: move public-API tests to external _test packages by @​fenollp in #​1168
• feat(openapi3): add per-type validation errors with cluster wrappers by @​reuvenharrison in #​1166
• feat(openapi3conv): canonicalization pass for 3.0 -> 3.x by @​reuvenharrison in #​1162
• openapi3conv: test Upgrade on many documents by @​fenollp in #​1169

Full Changelog: getkin/kin-openapi@v0.137.0...v0.138.0

v0.137.0

Compare Source

What's Changed

• revert to go 1.25 and revert cc4f8d9 by @​fenollp in #​1161

Full Changelog: getkin/kin-openapi@v0.136.0...v0.137.0

v0.136.0

Compare Source

What's Changed

• openapi3: stop injecting contentless default in NewResponses() by @​0-don in #​1148
• openapi3: standardize Origin json tag to "-" across all types by @​reuvenharrison in #​1149
• Update usage message in cmd/validate by @​fenollp in #​1150
• openapi3: fix determinism when handling discriminator mappings by @​fenollp in #​1151
• feat: bump Go to 1.26 by @​fenollp in #​1152
• openapi3: use componentNames for deterministic visitings by @​fenollp in #​1153
• feat: add OpenAPI 3.1 support by @​reuvenharrison in #​1125
• openapi3: add JoinFunc for custom $ref path resolution by @​reuvenharrison in #​1154
• Add many many tests from ApisGuruOpenapiDirectory by @​fenollp in #​1155
• openapi3: remove map-iteration order leaks causing flaky tests by @​cloudnativeninja in #​1158
• openapi2conv: nil-guard components lookup in FromV3SchemaRef by @​SAY-5 in #​1156
• Address various lint errors by @​fenollp in #​1157

New Contributors

• @​0-don made their first contribution in #​1148
• @​cloudnativeninja made their first contribution in #​1158
• @​SAY-5 made their first contribution in #​1156

Full Changelog: getkin/kin-openapi@v0.135.0...v0.136.0

v0.135.0

Compare Source

What's Changed

• openapi3: strip origin from Encodings and ServerVariables maps by @​reuvenharrison in #​1132
• fix: update yaml3 to prevent panic on empty mapping node in sequence by @​reuvenharrison in #​1133
• openapi3: strip origin from extension values to prevent spurious diffs by @​reuvenharrison in #​1137
• openapi3: strip origin from slices in example values by @​reuvenharrison in #​1138
• fix: bump yaml and yaml3 to v0.0.4 by @​reuvenharrison in #​1136
• openapi3: OriginTree approach for origin tracking — separate pass, no inline stripping by @​reuvenharrison in #​1142
• README: drop go-openapi/spec3 by @​zonescape in #​1143
• fix: bump yaml3+yaml to v0.0.9 to fix -root schema origin by @​reuvenharrison in #​1144
• openapi3: call ReadFromURIFunc before checking IsExternalRefsAllowed by @​reuvenharrison in #​1146
• fix: use location.String() instead of location.Path for origin file tracking by @​reuvenharrison in #​1145
• refactor: Replace sort usage with slices package by @​jedevc in #​1147

New Contributors

• @​zonescape made their first contribution in #​1143
• @​jedevc made their first contribution in #​1147

Full Changelog: getkin/kin-openapi@v0.134.0...v0.135.0

v0.134.0

Compare Source

What's Changed

• openapi3filter: feat(multipart-ct-decoder): default body decoder on binary schema by @​mieltn in #​1097
• openapi3: ensure SchemaErrors get the correct path for allOf schemas by @​jamesfcarter in #​1098
• openapi3filter: Fix empty string handling in parameter validation by @​utah-KT in #​1096
• tidy(docs): Update references to oapi-codegen project URL (issue #​1094) by @​frenchi in #​1095
• openapi2conv: fix allOf inside additionalProperties by @​dani-maarouf in #​1103
• openapi3filter: Reject requests with body when non expected (issue 1100) by @​CynanX in #​1101
• openapi3: fix for RFC3339 validation: time-offset is a required component by @​mpreu in #​1104
• openapi3: add file path to origin location tracking by @​reuvenharrison in #​1128
• openapi3filter: fix bug where absent optional properties fail validation in form-urlencoded requests by @​thierry-f-78 in #​1110
• feat: add document-scoped format validators to prevent global state pollution by @​the-corp-mark in #​1126
• openapi3: process discriminator mapping values as refs by @​RaduPetreTarean in #​1108
• openapi3: serialize Extensions when using $ref by @​irees in #​1131

New Contributors

• @​mieltn made their first contribution in #​1097
• @​jamesfcarter made their first contribution in #​1098
• @​utah-KT made their first contribution in #​1096
• @​frenchi made their first contribution in #​1095
• @​dani-maarouf made their first contribution in #​1103
• @​CynanX made their first contribution in #​1101
• @​mpreu made their first contribution in #​1104
• @​thierry-f-78 made their first contribution in #​1110
• @​the-corp-mark made their first contribution in #​1126
• @​RaduPetreTarean made their first contribution in #​1108

Full Changelog: getkin/kin-openapi@v0.133.0...v0.134.0

go-ole/go-ole (github.com/go-ole/go-ole)

v1.3.0

Compare Source

What's Changed

• Fix VT_BOOL value conversion by @​mikelr in #​229
• fix: crash when using *int8 as param by @​Khaos66 in #​232
• Create a Security Policy by @​joycebrum in #​244
• Update appveyor.yml by @​jacobsantos in #​249
• Bump golang.org/x/sys from 0.0.0-20190916202348-b4ddaad3f8a3 to 0.1.0 by @​dependabot in #​240
• refs added code to com InitializeSecurity by @​patilsanty in #​248

New Contributors

• @​mikelr made their first contribution in #​229
• @​Khaos66 made their first contribution in #​232
• @​joycebrum made their first contribution in #​244
• @​dependabot made their first contribution in #​240
• @​patilsanty made their first contribution in #​248

Full Changelog: go-ole/go-ole@v1.2.6...v1.3.0

go-openapi/jsonpointer (github.com/go-openapi/jsonpointer)

v0.23.1

Compare Source

0.23.1 - 2026-04-18

Full Changelog: go-openapi/jsonpointer@v0.23.0...v0.23.1

5 commits in this release.

---

Fixed bugs

• fix(offset): in Offset method, fixed index of value of array element. by @​fredbi in #​128 ...

Documentation

• doc: project status update by @​fredbi in #​127 ...
• docs: point to organization-wide documentations, added missing godocs by @​fredbi in #​126 ...
• doc: updated contributors file by @​bot-go-openapi[bot] in #​125 ...

Updates

• chore(deps): bump the development-dependencies group with 7 updates by @​dependabot[bot] in #​124 ...

---

People who contributed to this release

• @​fredbi

---

jsonpointer license terms

v0.23.0

Compare Source

0.23.0 - 2026-04-15

Support for known limitations

Full Changelog: go-openapi/jsonpointer@v0.22.5...v0.23.0

16 commits in this release.

---

Implemented enhancements

• feat: added alternate json name provider by @​fredbi in #​123 ...
• feat: added optional support for non-default json name provider by @​fredbi in #​122 ...
• feat: the RFC 6901 "-" array suffix is now supported by @​fredbi in #​121 ...

Fixed bugs

• fix(errors): correct error message for invalid JSON pointer start by @​alexandear in #​118 [...](https://redirect.github.com/go-openapi/jsonpointer/commit/635e

---

Configuration

📅 Schedule: Branch creation - "on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[red-hat-konflux-kflux-prd-rh02]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: downloading github.com/spf13/cobra v1.10.2
go: downloading github.com/spf13/pflag v1.0.10
go: downloading github.com/onsi/gomega v1.42.0
go: downloading go.opentelemetry.io/otel/sdk v1.44.0
go: downloading go.opentelemetry.io/otel v1.44.0
go: downloading github.com/gorilla/handlers v1.5.2
go: downloading github.com/gorilla/mux v1.8.1
go: downloading github.com/prometheus/client_golang v1.23.2
go: downloading github.com/prometheus/client_model v0.6.2
go: downloading github.com/google/uuid v1.6.0
go: downloading gorm.io/datatypes v1.2.7
go: downloading gorm.io/gorm v1.31.1
go: downloading github.com/oapi-codegen/runtime v1.4.2
go: downloading github.com/MicahParks/jwkset v0.11.0
go: downloading github.com/MicahParks/keyfunc/v3 v3.8.0
go: downloading github.com/golang-jwt/jwt/v5 v5.3.1
go: downloading github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103
go: downloading github.com/go-playground/validator/v10 v10.30.3
go: downloading github.com/spf13/viper v1.21.0
go: downloading github.com/stretchr/testify v1.11.1
go: downloading github.com/jinzhu/inflection v1.0.0
go: downloading github.com/Masterminds/squirrel v1.5.4
go: downloading github.com/go-gormigrate/gormigrate/v2 v2.1.6
go: downloading github.com/yaacov/tree-search-language v0.0.0-20190923184055-1c2dad2e354b
go: downloading github.com/DATA-DOG/go-sqlmock v1.5.2
go: downloading gorm.io/driver/postgres v1.6.0
go: downloading github.com/lib/pq v1.12.3
go: downloading github.com/testcontainers/testcontainers-go v0.43.0
go: downloading github.com/testcontainers/testcontainers-go/modules/postgres v0.43.0
go: downloading go.uber.org/mock v0.6.0
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.69.0
go: downloading go.opentelemetry.io/otel/trace v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/autoprop v0.69.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.44.0
go: downloading github.com/getkin/kin-openapi v0.140.0
go: downloading github.com/bxcodec/faker/v3 v3.8.1
go: downloading gopkg.in/resty.v1 v1.12.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading github.com/google/go-cmp v0.7.0
go: downloading github.com/felixge/httpsnoop v1.1.0
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: downloading github.com/prometheus/common v0.69.0
go: downloading github.com/prometheus/procfs v0.20.1
go: downloading golang.org/x/sys v0.46.0
go: downloading google.golang.org/protobuf v1.36.11
go: downloading gorm.io/driver/mysql v1.6.0
go: downloading github.com/jinzhu/now v1.1.5
go: downloading golang.org/x/time v0.15.0
go: downloading github.com/fsnotify/fsnotify v1.10.1
go: downloading github.com/go-viper/mapstructure/v2 v2.5.0
go: downloading github.com/sagikazarmark/locafero v0.12.0
go: downloading github.com/spf13/afero v1.15.0
go: downloading github.com/spf13/cast v1.10.0
go: downloading github.com/gabriel-vasile/mimetype v1.4.13
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.4.0
go: downloading golang.org/x/crypto v0.53.0
go: downloading golang.org/x/text v0.38.0
go: downloading github.com/davecgh/go-spew v1.1.1
go: downloading github.com/pmezard/go-difflib v1.0.0
go: downloading github.com/lann/builder v0.0.0-20180802200727-47ae307949d0
go: downloading github.com/antlr/antlr4 v0.0.0-20190518164840-edae2a1c9b4b
go: downloading github.com/jackc/pgx/v5 v5.10.0
go: downloading dario.cat/mergo v1.0.2
go: downloading github.com/cenkalti/backoff/v4 v4.3.0
go: downloading github.com/containerd/errdefs v1.0.0
go: downloading github.com/containerd/platforms v0.2.1
go: downloading github.com/cpuguy83/dockercfg v0.3.2
go: downloading github.com/moby/go-archive v0.2.0
go: downloading github.com/moby/moby/api v1.55.0
go: downloading github.com/moby/moby/client v0.5.0
go: downloading github.com/moby/patternmatcher v0.6.1
go: downloading github.com/opencontainers/image-spec v1.1.1
go: downloading go.opentelemetry.io/otel/metric v1.44.0
go: downloading github.com/go-logr/logr v1.4.3
go: downloading go.opentelemetry.io/contrib/propagators/aws v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/b3 v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/jaeger v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/ot v1.44.0
go: downloading go.opentelemetry.io/proto/otlp v1.10.0
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa
go: downloading google.golang.org/grpc v1.81.1
go: downloading golang.org/x/net v0.56.0
go: downloading go.yaml.in/yaml/v3 v3.0.4
go: downloading github.com/go-openapi/jsonpointer v0.23.1
go: downloading github.com/oasdiff/yaml v0.1.0
go: downloading github.com/santhosh-tekuri/jsonschema/v6 v6.0.2
go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading go.opentelemetry.io/auto/sdk v1.2.1
go: downloading github.com/go-sql-driver/mysql v1.10.0
go: downloading github.com/subosito/gotenv v1.6.0
go: downloading github.com/pelletier/go-toml/v2 v2.4.0
go: downloading github.com/go-playground/locales v0.14.1
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0
go: downloading github.com/jackc/pgpassfile v1.0.0
go: downloading github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761
go: downloading github.com/containerd/log v0.1.0
go: downloading github.com/moby/sys/sequential v0.7.0
go: downloading github.com/moby/sys/user v0.4.0
go: downloading github.com/moby/sys/userns v0.1.0
go: downloading github.com/docker/go-units v0.5.0
go: downloading github.com/moby/docker-image-spec v1.3.1
go: downloading github.com/moby/term v0.5.2
go: downloading github.com/Microsoft/go-winio v0.6.2
go: downloading github.com/containerd/errdefs/pkg v0.3.0
go: downloading github.com/distribution/reference v0.6.0
go: downloading github.com/docker/go-connections v0.7.0
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading github.com/magiconair/properties v1.8.10
go: downloading github.com/shirou/gopsutil/v4 v4.26.5
go: downloading github.com/cenkalti/backoff/v5 v5.0.3
go: downloading go.uber.org/multierr v1.11.0
go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0
go: downloading github.com/oasdiff/yaml3 v0.0.13
go: downloading github.com/go-openapi/swag v0.26.1
go: downloading github.com/go-openapi/swag/jsonname v0.26.1
go: downloading filippo.io/edwards25519 v1.2.0
go: downloading github.com/jackc/puddle/v2 v2.2.2
go: downloading github.com/sirupsen/logrus v1.9.4
go: downloading github.com/klauspost/compress v1.18.6
go: downloading github.com/tklauser/go-sysconf v0.4.0
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa
go: downloading golang.org/x/sync v0.21.0
go: downloading github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c
go: downloading github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0
go: downloading github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55
go: downloading github.com/ebitengine/purego v0.10.1
go: downloading github.com/yusufpapurcu/wmi v1.2.4
go: downloading github.com/tklauser/numcpus v0.12.0
go: downloading github.com/go-ole/go-ole v1.3.0
go: github.com/openshift-hyperfleet/hyperfleet-api/pkg/api imports
	github.com/openshift-hyperfleet/hyperfleet-api/pkg/api/openapi: cannot find module providing package github.com/openshift-hyperfleet/hyperfleet-api/pkg/api/openapi
go: module github.com/bxcodec/faker/v3 is deprecated: use github.com/go-faker/faker/v4 instead.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sherine-k for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift-hyperfleet member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

📝 Walkthrough

Walkthrough

go.mod receives a sweep of version bumps with no module path or Go toolchain version changes. Direct upgrades include github.com/bxcodec/faker/v3, github.com/getkin/kin-openapi, Prometheus client libraries, and the entire go.opentelemetry.io suite moving from v0.62/v1.43 to v0.69/v1.44 (core SDK, OTLP gRPC/HTTP exporters, stdout exporter, otelhttp, trace). Indirect bumps cover OTel contrib propagators (aws, b3, jaeger, ot) to v1.44, google.golang.org/grpc, protobuf stack, jackc/pgx, klauspost/compress, docker/container platform modules, OpenAPI tooling, and golang.org/x/* packages.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Supply Chain Notes

CWE-1104 (Use of Unmaintained Third-Party Components) / CWE-829 (Inclusion of Functionality from Untrusted Control Sphere)

Every entry in this diff is an attack surface. Verify each bump:

• google.golang.org/grpc — check against CVE tracker; recent gRPC-Go releases patched HTTP/2 rapid-reset variants (CVE-2023-44487 mitigations).
• go.opentelemetry.io/otel* v1.44 — no published CVEs at this version line, but OTLP exporters transmit trace data over the network; confirm exporter endpoint config has not drifted in the Adapter or Broker.
• github.com/getkin/kin-openapi — used for request/response validation in the API; a regression here directly widens the API attack surface. Pin and test explicitly.
• klauspost/compress — decompression bugs historically cause DoS (CWE-400). Verify the bumped version does not introduce regressions against untrusted compressed input.
• jackc/pgx — database driver. Any bump touching SQL parsing or TLS handling requires scrutiny (CWE-89, CWE-295).
• filippo.io/edwards25519 — cryptographic primitive. Any version change here must be traced to a specific upstream commit; do not accept indirect transitive pulls without explicit verification.
• Docker/container platform modules — elevated supply chain risk on a K8s platform (CWE-732, CWE-284). Verify digests match expected upstream releases.

Confirm go.sum entries match expected upstream checksums via go mod verify in CI before merging.

🚥 Pre-merge checks | ✅ 10 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
No Pii Or Sensitive Data In Logs	⚠️ Warning	PR introduces raw SQL logging in pkg/logger/gorm_logger.go (lines 64-85) that logs unredacted SQL queries via slog. SQL queries can contain PII (email addresses, passwords, personally identifiable...	Redact SQL queries before logging: sanitize/parameterize query strings, or log only query templates/hashes without parameter values in gorm_logger.go Trace method.

✅ Passed checks (10 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: updating Go module dependencies to their latest minor and patch versions, matching the changeset content.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output	✅ Passed	PR contains only Go dependency updates (go.mod/go.sum). No log statements (slog, log, logr, zap, fmt.Print*) expose tokens, passwords, credentials, or secrets. Examined 129 source files; all secret...
No Hardcoded Secrets	✅ Passed	No hardcoded secrets found. Test fixtures (jwt_ca.pem, certs.json), test placeholder values (testpass, testdb), configuration flag definitions, and log masking field names are all acceptable per th...
No Weak Cryptography	✅ Passed	No weak cryptographic primitives (MD5, DES, RC4, SHA1 for security) detected in code or introduced by dependency updates. golang.org/x/crypto v0.53.0 is current and secure.
No Injection Vectors	✅ Passed	PR modifies only go.mod/go.sum and .bingo/ build config. No application code changes. Existing SQL patterns (pq.QuoteIdentifier, hardcoded table lists, GORM schemas) are safe. No CWE-89/78/79/502 i...
No Privileged Containers	✅ Passed	PR modifies only go.mod (dependency updates); no changes to Kubernetes manifests, Helm templates, or Dockerfiles. Check is not applicable. Existing configurations enforce non-root user (UID 65532),...
Description check	✅ Passed	PR description contains comprehensive Renovate-generated dependency update details with version changes, release notes, and configuration information directly related to the go.mod changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/main/go-module-minorpatch-updates

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch konflux/mintmaker/main/go-module-minorpatch-updates

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}