Update go module minor/patch updates

[red-hat-konflux-kflux-prd-rh02]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
filippo.io/edwards25519	v1.1.0 → v1.2.0
github.com/Masterminds/squirrel	v1.1.0 → v1.5.4
github.com/bxcodec/faker/v3	v3.2.0 → v3.8.1
github.com/docker/go-connections	v0.6.0 → v0.7.0
github.com/ebitengine/purego	v0.10.0 → v0.10.1
github.com/felixge/httpsnoop	v1.0.4 → v1.1.0
github.com/fsnotify/fsnotify	v1.9.0 → v1.10.1
github.com/gabriel-vasile/mimetype	v1.4.3 → v1.4.13
github.com/getkin/kin-openapi	v0.133.0 → v0.140.0
github.com/go-gormigrate/gormigrate/v2	v2.0.0 → v2.1.6
github.com/go-ole/go-ole	v1.2.6 → v1.3.0
github.com/go-openapi/jsonpointer	v0.21.0 → v0.23.1
github.com/go-openapi/swag	v0.23.0 → v0.26.1
github.com/go-playground/validator/v10	v10.20.0 → v10.30.3
github.com/go-sql-driver/mysql	v1.8.1 → v1.10.0
github.com/go-viper/mapstructure/v2	v2.4.0 → v2.5.0
github.com/gorilla/handlers	v1.4.2 → v1.5.2
github.com/gorilla/mux	v1.8.0 → v1.8.1
github.com/grpc-ecosystem/grpc-gateway/v2	v2.28.0 → v2.29.0
github.com/jackc/pgx/v5	v5.6.0 → v5.10.0
github.com/klauspost/compress	v1.18.5 → v1.18.6
github.com/lib/pq	v1.10.9 → v1.12.3
github.com/mailru/easyjson	v0.7.7 → v0.9.2
github.com/moby/moby/api	v1.54.1 → v1.54.2
github.com/moby/moby/client	v0.4.0 → v0.4.1
github.com/moby/sys/sequential	v0.6.0 → v0.7.0
github.com/oapi-codegen/runtime	v1.2.0 → v1.4.1
github.com/oasdiff/yaml	v0.0.0-20250309154309-f31be36b4037 → v0.1.0
github.com/oasdiff/yaml3	v0.0.0-20250309153720-d2182401db90 → v0.0.13
github.com/onsi/gomega	v1.27.1 → v1.41.0
github.com/pelletier/go-toml/v2	v2.2.4 → v2.3.1
github.com/prometheus/client_golang	v1.16.0 → v1.23.2
github.com/prometheus/client_model	v0.3.0 → v0.6.2
github.com/prometheus/common	v0.42.0 → v0.68.1
github.com/prometheus/procfs	v0.10.1 → v0.20.1
github.com/sagikazarmark/locafero	v0.11.0 → v0.12.0
github.com/shirou/gopsutil/v4	v4.26.3 → v4.26.5
github.com/spf13/cobra	v1.8.1 → v1.10.2
github.com/tklauser/go-sysconf	v0.3.16 → v0.4.0
github.com/tklauser/numcpus	v0.11.0 → v0.12.0
github.com/woodsbury/decimal128	v1.3.0 → v1.4.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	v0.62.0 → v0.69.0
go.opentelemetry.io/contrib/propagators/autoprop	v0.68.0 → v0.69.0
go.opentelemetry.io/contrib/propagators/aws	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/b3	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/jaeger	v1.43.0 → v1.44.0
go.opentelemetry.io/contrib/propagators/ot	v1.43.0 → v1.44.0
go.opentelemetry.io/otel	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/metric	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/sdk	v1.43.0 → v1.44.0
go.opentelemetry.io/otel/trace	v1.43.0 → v1.44.0
golang.org/x/crypto	v0.49.0 → v0.53.0
golang.org/x/net	v0.52.0 → v0.56.0
golang.org/x/sync	v0.20.0 → v0.21.0
golang.org/x/sys	v0.42.0 → v0.46.0
golang.org/x/text	v0.35.0 → v0.38.0
golang.org/x/time	v0.11.0 → v0.15.0
google.golang.org/grpc	v1.80.0 → v1.81.1
gorm.io/driver/mysql	v1.5.6 → v1.6.0
gorm.io/gorm	v1.30.0 → v1.31.1

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

FiloSottile/edwards25519 (filippo.io/edwards25519)

v1.2.0

Compare Source

v1.1.1

Compare Source

Masterminds/squirrel (github.com/Masterminds/squirrel)

v1.5.4

Compare Source

What's Changed

• feat: add remove select builder columns method by @​PatricPippi in #​331
• Change to get GitHub to recognize the license by @​mikeschinkel in #​339
• [#​82] Added FROM clause to update builder by @​mlaflamm in #​256

New Contributors

• @​PatricPippi made their first contribution in #​331
• @​mikeschinkel made their first contribution in #​339
• @​mlaflamm made their first contribution in #​256

Full Changelog: Masterminds/squirrel@v1.5.3...v1.5.4

v1.5.3

Compare Source

v1.5.2: Fix placeholder generation for And/Or

Compare Source

What's Changed

• #​301 Conjunction produces wrong dollar parameter placeholders by @​strider2038 in #​302

v1.5.1

Compare Source

What's Changed

• doc: fix deprecated usage of NewStmtCache by @​elvizlai in #​274
• Add missing MustSql methods by @​swithek in #​288
• Fix Select subquery with DollarPlaceholder by @​lann in #​298

New Contributors

• @​swithek made their first contribution in #​288

Full Changelog: Masterminds/squirrel@v1.5.0...v1.5.1

v1.5.0

Compare Source

• Add InnerJoin and CrossJoin methods
• Fix nested select statements in Update.Set values

v1.4.0

Compare Source

Test fix and StatementBuilder.Where

v1.3.0

Compare Source

v1.2.0

Compare Source

bxcodec/faker (github.com/bxcodec/faker/v3)

v3.8.1: Deprecating v3 module

Compare Source

Full Changelog: bxcodec/faker@v3.8.0...v3.8.1

v3.8.0

Compare Source

What's Changed

• feat: add min max size for random slice map And allowing one element for Oneof by @​autumn31 in #​130
• Support for Korean Hangul by @​geshtng in #​154
• fix slice tag bug AND add chinese name by @​qiangmzsx in #​141
• Support for Emoticons by @​geshtng in #​155
• Float boundaries by @​Xaspy in #​156

New Contributors

• @​autumn31 made their first contribution in #​130
• @​geshtng made their first contribution in #​154
• @​qiangmzsx made their first contribution in #​141
• @​Xaspy made their first contribution in #​156

Full Changelog: bxcodec/faker@v3.7.0...v3.8.0

v3.7.0

Compare Source

What's Changed

• feat: added random source customization by @​fredbi in #​137
• feat: Support for Japanese hiragana and katakana by @​tomtwinkle in #​145
• chore: check slice.Contains in for range block by @​eval-exec in #​151
• feat: randomInt support third argument by @​maco in #​150

New Contributors

• @​fredbi made their first contribution in #​137
• @​tomtwinkle made their first contribution in #​145 and thanks to @​geshtng for reviewing the PR
• @​eval-exec made their first contribution in #​151
• @​maco made their first contribution in #​150

Full Changelog: bxcodec/faker@v3.6.0...v3.7.0

v3.6.0

Compare Source

Features

• feat: added fake jwt-token support (#​113) by @​musinit
• feat: Add RemoveProvider public method (#​115) by @​pioz
• feat: Add ability to ignore interface{} population with SetIgnoreInterface() (#​123) by @​nashikb

Chores

• chore: removes Adolf from male names (#​128) by @​DavidLarsKetch

v3.5.0

Compare Source

Features

• feat: Implement oneof tag (#​103) by @​andrew-werdna
• feat: oneof float support (#​106) by @​andrew-werdna
• feat: Adds Slice length tag (#​109) by @​Icety

Fixes

• fix: excluded characters in random string generator (#​111) by @​musinit

v3.4.0

Compare Source

Features

• feat: added gender tag (#​104) by @​musinit
  • test: add gender unit test (#​105)by @​bxcodec
• feat: new lang tag, chinese + russian lang generators (#​97) by @​musinit
  • docs: added lang tag example in readme (#​100) by @​musinit
• feat: upgrade linter version to use the latest stable version (#​98) by @​bxcodec

Fixes

• fix: Allow AddProvider to still work with some custom types (#​102) by @​andrew-werdna
• bugfix(faker): don't panic on typed array (#​99) by @​xaionaro
• fix: 0 not valid for random size #​96 by @​mattquest

v3.3.1

Compare Source

Fixes

• fix: convert slice types (#​91) by @​rgaskill

Chores

• chore: update README.md adding badge for pkg.go.dev (#​90) by @​bxcodec

v3.3.0

Compare Source

Features

• feat(error): extend error messages for bad tag's name (#​80) by @​steveoc64

Chores

• chore(linters): resolve linter and typos (#​78)
• README.md: fix a typo & formatting (#​79) by @​ifnotak
• chore(go): update go version for testing in travis (#​85)
• chore: update examples (#​88) by @​momotaro98
• chores(docs): Move example from markdown to tests (#​89) by @​mrVanboy

docker/go-connections (github.com/docker/go-connections)

v0.7.0

Compare Source

ebitengine/purego (github.com/ebitengine/purego)

v0.10.1

Compare Source

• Fix a concurrency bug where simultaneous FFI calls could swap return values across goroutines (#​451)

felixge/httpsnoop (github.com/felixge/httpsnoop)

v1.1.0

Compare Source

fsnotify/fsnotify (github.com/fsnotify/fsnotify)

v1.10.1

Compare Source

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#​754)

• inotify, windows: don't rename sibling watches sharing a path prefix
  (#​755)

v1.10.0

Compare Source

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#​731)

• inotify: send Rename event if recursive watch is renamed (#​696)

• inotify: avoid copying event buffers when reading names (#​741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#​748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#​740)

• windows: fix nil pointer dereference in remWatch (#​736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#​709, #​749)

gabriel-vasile/mimetype (github.com/gabriel-vasile/mimetype)

v1.4.13: Support for .hlp, .inf, .fm, .bufr

Compare Source

What's Changed

• ndjson: fix inputs truncated on the second line; fix #​744 in #​745
• bmp: harden detection against false-positives in #​746
• os2: add support for .hlp and .inf in #​747
• ttf: harden detection in #​750
• ttf: use ints instead of string for better performance in #​751
• framemaker: add support in #​752
• bufr: add support in #​754
• Extend: ensure MIME string normalization by @​yzqzss in #​756
• m3u: add x-mpegurl alias by @​AltayAkkus in #​755

New Contributors

• @​yzqzss made their first contribution in #​756
• @​AltayAkkus made their first contribution in #​755

Full Changelog: gabriel-vasile/mimetype@v1.4.12...v1.4.13

v1.4.12: RFC822, GRIB, Zlib support

Compare Source

What's Changed

• zip+json: add benchmarks for better performance tracking of pathological inputs in #​730
• zip+json: performance improvements for pathological cases in #​732
• Fix integer overflow panic on 32bit architectures in #​733
• ci: add more linters and fix their warnings in #​734
• jar: manifest must be first in #​735
• rfc822: add support in #​740
• grib: add support in #​742
• zlib: add support in #​743

Full Changelog: gabriel-vasile/mimetype@v1.4.11...v1.4.12

v1.4.11: cpio, wordperfect support

Compare Source

What's Changed

• wordperfect: add support in #​707
• cpio: add support for binary version in #​709
• shebang: fix detection with args by @​scop in #​710
• shebang: support env -S by @​scop in #​712
• dxf: add support in #​720
• clone: stop cloning MIME when there is no charset in #​722
• aaf: remove individual node for aaf in #​724
• msoxml: match files and directories for first zip entry in #​729

Full Changelog: gabriel-vasile/mimetype@v1.4.10...v1.4.11

v1.4.10: perfomance inprovements, tests and new formats

Compare Source

This release adds support for XHTML, Lotus-1-2-3, KML, shell scripts, VSDX, OneNote, CHM and Netpbm file formats.
Changes were made to make mimetype behave more file linux $ file --mime utility.

https://github.com/gabriel-vasile/mimetype_tests repo is now used for running comparisons between mimetype and $ file --mime. It contains 50 000 samples and mimetype identifies the same format as $ file --mime for ~97% of them. Results are in the Actions tab.

What's Changed

• charset: remove dependency on x/net for parsing html in #​669
• CSV: replace stdlib reader with a parser that allocates less in #​672
• svg: make detection harder in #​674
• pdf: relax check to match file in #​677
• csv: stop mutating input byte slices; for #​680 in #​681
• charset: remove dependency on mime in #​684
• mso_office: increase limit of checked entries from 4 to 100 in #​685
• jar: replace application/jar with application/java-archive in #​686
• Zip container improvements in #​687
• Jar first entry inside a zip in #​688
• svg+html: better handling for comments in #​689
• xhtml: add support in #​690
• misc: behave more like file in #​691
• lotus-1-2-3: add support in #​695
• Add support for zipped KML files by @​dmlambea in #​693
• shell: add support by @​scop in #​694
• ruby: add support by @​scop in #​700
• python: associate with python2 and python3 shebangs by @​scop in #​699
• vsdx: add support in #​702
• oneNote: add support in #​703
• chm: add support for Microsoft Compiled HTML Help in #​704
• Netpbm: add support by @​kenshaw in #​705

New Contributors

• @​dmlambea made their first contribution in #​693
• @​scop made their first contribution in #​694
• @​kenshaw made their first contribution in #​705

Full Changelog: gabriel-vasile/mimetype@v1.4.9...v1.4.10

v1.4.9: GLTF support and performance improvements

Compare Source

What's Changed

• SRT detection: reduce allocs by @​gabriel-vasile in #​636
• json: more benchmarking by @​gabriel-vasile in #​640
• Bump golang.org/x/net from 0.33.0 to 0.39.0 in the gomod
• json: add parser with query capacity by @​gabriel-vasile in #​652
• feat: add support for GLTF by @​gabriel-vasile in #​655

Full Changelog: gabriel-vasile/mimetype@v1.4.8...v1.4.9

v1.4.8: Add support for APK

Compare Source

What's Changed

• Add support for APK; close #​345 in #​624
• (cve_fix)bump golang.org/x/net to v0.33.0 to fix CVE-2024-45338 by @​sonasingh46 in #​623
• zstd: check for skippable frames as well; fix #​619 in #​621

New Contributors

• @​sonasingh46 made their first contribution in #​623

Full Changelog: gabriel-vasile/mimetype@v1.4.7...v1.4.8

v1.4.7

Compare Source

What's Changed

• remove torrent testdata; closes #​398 by @​gabriel-vasile in #​597
• add support for CBOR files by @​gabriel-vasile in #​598
• Remove macho fixtures by @​gabriel-vasile in #​602
• remove most of the files from testdata by @​gabriel-vasile in #​603
• Bump golang.org/x/net from 0.30.0 to 0.31.0 in the gomod group by @​dependabot in #​605
• rename application/javascript to text/javascript by @​gabriel-vasile in #​604

Full Changelog: gabriel-vasile/mimetype@v1.4.6...v1.4.7

v1.4.6

Compare Source

What's Changed

• Improve ftyp detection in #​564
• CSV/TSV use a pool of buffered readers to avoid allocs by in #​573
• feat: Add parquet file detection by @​kwkelly in #​578
• add application/xml as alias of text/xml in #​581
• retract v1.4.4; closes #​575 in #​591
• action for benchmarking detectors in #​590
• Remove GPL file by @​canadacow in #​583

New Contributors

• @​kwkelly made their first contribution in #​578
• @​canadacow made their first contribution in #​583

Full Changelog: gabriel-vasile/mimetype@v1.4.5...v1.4.6

v1.4.5

Compare Source

What's Changed

• json: improve performance by using a pool of scanners in #​535
• tar: remove strconv dependency for tar checksum octal numbers in #​536
• zip: use []byte instead of string to prevent allocs in #​537
• remove tarbomb from testdata folder in #​540
• Updating RTF Magic number to match https://www.iana.org/assignments/media-types/application/rtf by @​zdiff in #​544
• alias text/rtf to application/rtf in #​547
• reduce project size by moving mimetype.gif to testdata in #​548
• Bump golang.org/x/net from 0.25.0 to 0.27.0 in the gomod group across 1 directory by @​dependabot in #​552
• remove exe from testdata in #​561

New Contributors

• @​zdiff made their first contribution in #​544

Full Changelog: gabriel-vasile/mimetype@v1.4.4...v1.4.5

v1.4.4

Compare Source

What's Changed

Security fixes:

Update golang.org/x/net to latest. Fixes: CVE-2023-45288

Performance improvements:

• Change tar detection to use checksum instead of legal ranges of values in #​466
• ftyp: exit asap to prevent mem allocs in [#&#8203

---

Configuration

📅 Schedule: Branch creation - "on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[red-hat-konflux-kflux-prd-rh02]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -t ./...
go: downloading github.com/spf13/pflag v1.0.10
go: downloading github.com/onsi/gomega v1.41.0
go: downloading github.com/spf13/cobra v1.10.2
go: downloading go.opentelemetry.io/otel/sdk v1.44.0
go: downloading github.com/gorilla/handlers v1.5.2
go: downloading github.com/gorilla/mux v1.8.1
go: downloading go.opentelemetry.io/otel v1.44.0
go: downloading github.com/prometheus/client_golang v1.23.2
go: downloading github.com/prometheus/client_model v0.6.2
go: downloading github.com/google/uuid v1.6.0
go: downloading gorm.io/datatypes v1.2.7
go: downloading gorm.io/gorm v1.31.1
go: downloading github.com/oapi-codegen/runtime v1.4.1
go: downloading github.com/MicahParks/jwkset v0.11.0
go: downloading github.com/MicahParks/keyfunc/v3 v3.8.0
go: downloading github.com/golang-jwt/jwt/v5 v5.3.1
go: downloading github.com/mendsley/gojwk v0.0.0-20141217222730-4d5ec6e58103
go: downloading github.com/go-playground/validator/v10 v10.30.3
go: downloading github.com/jinzhu/inflection v1.0.0
go: downloading github.com/spf13/viper v1.21.0
go: downloading github.com/stretchr/testify v1.11.1
go: downloading github.com/Masterminds/squirrel v1.5.4
go: downloading github.com/go-gormigrate/gormigrate/v2 v2.1.6
go: downloading github.com/yaacov/tree-search-language v0.0.0-20190923184055-1c2dad2e354b
go: downloading github.com/DATA-DOG/go-sqlmock v1.5.2
go: downloading gorm.io/driver/postgres v1.6.0
go: downloading github.com/lib/pq v1.12.3
go: downloading github.com/testcontainers/testcontainers-go v0.42.0
go: downloading github.com/testcontainers/testcontainers-go/modules/postgres v0.42.0
go: downloading go.uber.org/mock v0.6.0
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.69.0
go: downloading go.opentelemetry.io/otel/trace v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/autoprop v0.69.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.44.0
go: downloading github.com/getkin/kin-openapi v0.140.0
go: downloading github.com/bxcodec/faker/v3 v3.8.1
go: downloading gopkg.in/resty.v1 v1.12.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading github.com/google/go-cmp v0.7.0
go: downloading github.com/felixge/httpsnoop v1.1.0
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: downloading github.com/prometheus/common v0.68.1
go: downloading github.com/prometheus/procfs v0.20.1
go: downloading golang.org/x/sys v0.46.0
go: downloading google.golang.org/protobuf v1.36.11
go: downloading gorm.io/driver/mysql v1.6.0
go: downloading github.com/jinzhu/now v1.1.5
go: downloading golang.org/x/time v0.15.0
go: downloading github.com/fsnotify/fsnotify v1.10.1
go: downloading github.com/go-viper/mapstructure/v2 v2.5.0
go: downloading github.com/sagikazarmark/locafero v0.12.0
go: downloading github.com/spf13/afero v1.15.0
go: downloading github.com/spf13/cast v1.10.0
go: downloading github.com/gabriel-vasile/mimetype v1.4.13
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.4.0
go: downloading golang.org/x/crypto v0.53.0
go: downloading golang.org/x/text v0.38.0
go: downloading github.com/lann/builder v0.0.0-20180802200727-47ae307949d0
go: downloading github.com/davecgh/go-spew v1.1.1
go: downloading github.com/pmezard/go-difflib v1.0.0
go: downloading github.com/antlr/antlr4 v0.0.0-20190518164840-edae2a1c9b4b
go: downloading github.com/jackc/pgx/v5 v5.10.0
go: downloading dario.cat/mergo v1.0.2
go: downloading github.com/cenkalti/backoff/v4 v4.3.0
go: downloading github.com/containerd/errdefs v1.0.0
go: downloading github.com/containerd/platforms v0.2.1
go: downloading github.com/cpuguy83/dockercfg v0.3.2
go: downloading github.com/moby/go-archive v0.2.0
go: downloading github.com/moby/moby/api v1.54.2
go: downloading github.com/moby/moby/client v0.4.1
go: downloading github.com/moby/patternmatcher v0.6.1
go: downloading github.com/opencontainers/image-spec v1.1.1
go: downloading go.opentelemetry.io/otel/metric v1.44.0
go: downloading github.com/go-logr/logr v1.4.3
go: downloading go.opentelemetry.io/contrib/propagators/aws v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/b3 v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/jaeger v1.44.0
go: downloading go.opentelemetry.io/contrib/propagators/ot v1.44.0
go: downloading go.opentelemetry.io/proto/otlp v1.10.0
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa
go: downloading google.golang.org/grpc v1.81.1
go: downloading golang.org/x/net v0.56.0
go: downloading go.yaml.in/yaml/v3 v3.0.4
go: downloading github.com/go-openapi/jsonpointer v0.23.1
go: downloading github.com/oasdiff/yaml v0.1.0
go: downloading github.com/santhosh-tekuri/jsonschema/v6 v6.0.2
go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
go: downloading github.com/go-sql-driver/mysql v1.10.0
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading go.opentelemetry.io/auto/sdk v1.2.1
go: downloading github.com/subosito/gotenv v1.6.0
go: downloading github.com/pelletier/go-toml/v2 v2.3.1
go: downloading github.com/go-playground/locales v0.14.1
go: downloading github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/jackc/pgpassfile v1.0.0
go: downloading github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761
go: downloading github.com/containerd/log v0.1.0
go: downloading github.com/moby/sys/sequential v0.7.0
go: downloading github.com/moby/sys/user v0.4.0
go: downloading github.com/moby/sys/userns v0.1.0
go: downloading github.com/docker/go-units v0.5.0
go: downloading github.com/moby/docker-image-spec v1.3.1
go: downloading github.com/moby/term v0.5.2
go: downloading github.com/Microsoft/go-winio v0.6.2
go: downloading github.com/containerd/errdefs/pkg v0.3.0
go: downloading github.com/distribution/reference v0.6.0
go: downloading github.com/docker/go-connections v0.7.0
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading github.com/magiconair/properties v1.8.10
go: downloading github.com/shirou/gopsutil/v4 v4.26.5
go: downloading github.com/cenkalti/backoff/v5 v5.0.3
go: downloading go.uber.org/multierr v1.11.0
go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0
go: downloading github.com/go-openapi/swag v0.26.1
go: downloading github.com/go-openapi/swag/jsonname v0.26.1
go: downloading github.com/oasdiff/yaml3 v0.0.13
go: downloading filippo.io/edwards25519 v1.2.0
go: downloading github.com/jackc/puddle/v2 v2.2.2
go: downloading github.com/sirupsen/logrus v1.9.4
go: downloading github.com/klauspost/compress v1.18.6
go: downloading github.com/tklauser/go-sysconf v0.4.0
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa
go: downloading golang.org/x/sync v0.21.0
go: downloading github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c
go: downloading github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0
go: downloading github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55
go: downloading github.com/ebitengine/purego v0.10.1
go: downloading github.com/yusufpapurcu/wmi v1.2.4
go: downloading github.com/tklauser/numcpus v0.12.0
go: downloading github.com/go-ole/go-ole v1.3.0
go: github.com/openshift-hyperfleet/hyperfleet-api/pkg/api imports
	github.com/openshift-hyperfleet/hyperfleet-api/pkg/api/openapi: cannot find module providing package github.com/openshift-hyperfleet/hyperfleet-api/pkg/api/openapi
go: module github.com/bxcodec/faker/v3 is deprecated: use github.com/go-faker/faker/v4 instead.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign kuudori for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift-hyperfleet member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 0b02bdc7-47db-40b0-93b6-b50554d4f350

📥 Commits

Reviewing files that changed from the base of the PR and between b4bff38 and 15806af.

📒 Files selected for processing (1)

• go.mod

🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

• openshift-hyperfleet/architecture (manual)
• openshift-hyperfleet/hyperfleet-api (manual)
• openshift-hyperfleet/hyperfleet-sentinel (manual)
• openshift-hyperfleet/hyperfleet-adapter (manual)
• openshift-hyperfleet/hyperfleet-broker (manual)

---

📝 Walkthrough

Summary by CodeRabbit

Release Notes

• Chores
  • Updated multiple Go module dependencies to their latest versions for improved compatibility and stability.

Walkthrough

go.mod receives version-only bumps across all six require blocks. Direct dependencies updated include OpenTelemetry core and OTLP exporters, Prometheus client_golang/client_model, Cobra, Gorilla handlers/mux, lib/pq, oapi-codegen/runtime, Gomega, Gormigrate, Kin OpenAPI, and Validator. Indirect dependencies updated span pgx v5, gRPC gateway, gorm MySQL driver, golang.org/x/* libraries, filippo.io/edwards25519, Docker modules, spf13 helpers, and OpenContainers utilities. No new module paths or require block structures are introduced.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

---

Supply chain surface (CWE-1357, CWE-829): Every line here is a trust boundary. Validate each bumped module hash against go.sum and cross-reference against the Go vulnerability database. Pay specific attention to:

• github.com/getkin/kin-openapi — OpenAPI parsing is a known injection surface; confirm no CVEs in the new version range.
• go.opentelemetry.io/otel* — OTLP exporter chains touch network egress from Sentinel and Adapter; confirm gRPC transitive bumps do not introduce CVE-2023-44487 (HTTP/2 Rapid Reset) regressions.
• github.com/gorilla/handlers / mux — verify no request-smuggling regressions (CWE-444).
• gorm.io/driver/mysql indirect bump — SQL driver changes can affect injection escaping behavior (CWE-89).
• filippo.io/edwards25519 — cryptographic primitive; any version change demands explicit changelog review.

Run govulncheck ./... against the updated go.sum before merge.

🚥 Pre-merge checks | ✅ 10 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
No Pii Or Sensitive Data In Logs	⚠️ Warning	PR introduces raw SQL logging via gorm_logger.go (lines 68, 76, 83) that logs unredacted SQL queries containing potential PII/sensitive data. Production uses gormlogger.Warn level, causing slow que...	Redact sensitive values from SQL statements before logging (e.g., mask query parameters, cluster IDs). Implement SQL query sanitization or use parameterized query logging instead of full SQL strings. Consider using Silent log level for q...

✅ Passed checks (10 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Update go module minor/patch updates' accurately describes the changeset, which updates 60+ Go module dependencies to newer minor and patch versions.
Description check	✅ Passed	The description is related to the changeset. It lists specific dependency updates with version ranges, includes a structured table of packages, and references release notes and configuration details.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output	✅ Passed	PR modifies only go.mod/go.sum with dependency version bumps. No new Go source code added; therefore, no new log statements with secrets can be introduced.
No Hardcoded Secrets	✅ Passed	PR updates go.mod/go.sum with semantic versioned dependencies only. No hardcoded secrets, API keys, tokens, passwords, or credential patterns detected in any files.
No Weak Cryptography	✅ Passed	No weak cryptography detected: zero imports of crypto/md5, crypto/des, crypto/rc4, SHA1 for security; no custom crypto implementations; no unsafe token comparisons; golang.org/x/crypto updated to v...
No Injection Vectors	✅ Passed	This PR contains only go.mod/go.sum dependency updates. No new code introducing injection vectors was added. Pre-existing SQL injection in pkg/services/resource.go:283 (ownerID from URL unsafely co...
No Privileged Containers	✅ Passed	No privileged containers in production Dockerfile or Helm manifests. Runtime user is 65532 (non-root), privilegeEscalation disabled, all capabilities dropped, filesystem read-only. Privileged strin...

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/main/go-module-minorpatch-updates

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch konflux/mintmaker/main/go-module-minorpatch-updates

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}