chore(deps): bump the go group with 11 updates

[dependabot]

Bumps the go group with 11 updates:

Package	From	To
github.com/docker/cli	27.3.1+incompatible	27.4.0+incompatible
github.com/docker/docker	27.3.1+incompatible	27.4.0+incompatible
github.com/fluxcd/pkg/ssa	0.41.1	0.43.0
github.com/mittwald/go-helm-client	0.12.14	0.12.15
github.com/onsi/gomega	1.36.0	1.36.1
github.com/sigstore/sigstore	1.8.10	1.8.11
k8s.io/api	0.31.3	0.32.0
k8s.io/apiextensions-apiserver	0.31.3	0.32.0
k8s.io/apimachinery	0.31.3	0.32.0
k8s.io/cli-runtime	0.31.3	0.32.0
k8s.io/client-go	0.31.3	0.32.0

Updates github.com/docker/cli from 27.3.1+incompatible to 27.4.0+incompatible

Commits

• bde2b89 Merge pull request #5669 from thaJeztah/27.x_update_go_1.22.10
• 3284a80 update to go1.22.10
• b7064a2 Merge pull request #5661 from thaJeztah/27.x_backport_remove_repoinfo_class
• 67b6fe0 Merge pull request #5649 from thaJeztah/27.x_update_engine
• 5a0508c cli/trust: GetNotaryRepository: remove uses of RepositoryInfo.Class
• 9348385 vendor: github.com/docker/docker v27.4.0-rc.3
• 9ea09fd Merge pull request #5652 from vvoland/5651-27.x
• 0c9e0b4 Merge pull request #5658 from thaJeztah/27.x_backport_docs-fix-screwy-dockerd...
• f4fec76 docs: fix janky rendering of toc on docs.docker.com
• 6fd4825 Merge pull request #5654 from Benehiko/fix-run-ctx-27.x
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.3.1+incompatible to 27.4.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.0

27.4.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.0 milestone
• moby/moby, 27.4.0 milestone

API

• GET /images/json with the manifests option enabled now preserves the original order in which manifests appeared in the manifest-index. moby/moby#48712

Bug fixes and enhancements

• When reading logs with the jsonfile or local log drivers, any errors while trying to read or parse underlying log files will cause the rest of the file to be skipped and move to the next log file (if one exists) rather than returning an error to the client and closing the stream. The errors are viewable in the Docker Daemon logs and exported to traces when tracing is configured. moby/moby#48842
• When reading log files, compressed log files are now only decompressed when needed rather than decompressing all files before starting the log stream. moby/moby#48842
• Fix an issue that meant published ports from one container on a bridge network were not accessible from another container on the same network with userland-proxy disabled, if the kernel's br_netfilter module was not loaded and enabled. The daemon will now attempt to load the module and enable bridge-nf-call-iptables or bridge-nf-call-ip6tables when creating a network with the userland proxy disabled. moby/moby#48685
• Fix loading of bridge and br_netfilter kernel modules. moby/moby#48966
• containerd image store: Fix Docker daemon failing to fully start with a "context deadline exceeded error" with containerd snapshotter and many builds/images. moby/moby#48954
• containerd image-store: Fix partially pulled images not being garbage-collected. moby#48910, moby/moby#48957
• containerd image store: Fix docker image inspect outputting duplicate references in RepoDigests. moby/moby#48785
• containerd image store: Fix not being able to connect to some insecure registries in cases where the HTTPS request failed due to a non-TLS related error. moby/moby#48758
• containerd image store: Remove a confusing warning log when tagging a non-dangling image. moby/moby#49010
• dockerd-rootless-setuptool.sh: let --force ignore smoke test errors moby/moby#48695
• Disable IPv6 Duplicate Address Detection (DAD) for addresses assigned to the bridges belonging to bridge networks. moby/moby#48684
• Remove BuildKit init timeout. moby/moby#48963
• Ignore "dataset does not exist" error when removing dataset on ZFS. moby/moby#48968
• Client: Prevent idle connections leaking FDs. moby/moby#48764
• Fix anonymous volumes being created through the --mount option not being marked as anonymous. moby/moby#48755
• After a daemon restart with live-restore, ensure an iptables jump to the DOCKER-USER chain is placed before other rules. moby/moby#48714
• Fix a possible memory leak caused by OTel meters. moby/moby#48693
• Create distinct build history db for each store. moby/moby#48688
• Fix an issue that caused excessive memory usage when DNS resolution was made in a tight loop. moby/moby#48840
• containerd image store: Do not underline names in docker image ls --tree. docker/cli#5519
• containerd image store: Change name of USED column in docker image ls --tree to IN USE. docker/cli#5518
• Fix a bug preventing image pulls from being cancelled during docker run. docker/cli#5654
• Port some completions from the bash completion to the new cobra based completion. docker/cli#5618
• The docker login and docker logout command no longer update the configuration file if the credentials didn't change. docker/cli#5569
• Optimise docker stats to reduce flickering issues. docker/cli#5588, docker/cli#5635
• Fix inaccessible plugins paths preventing plugins from being detected. docker/cli#5652
• Add support for events --filter in cobra generated shell completions. docker/cli#5614
• Fix bash completion for events --filter daemon=. docker/cli#5563
• Improve shell-completion of containers for docker rm. docker/cli#5540
• Add shell-completion for --platform flags. docker/cli#5540
• rootless: Make /etc/cdi and /var/run/cdi accessible by the Container Device Interface (CDI) integration. moby/moby#49027

Removed

• Deprecate Daemon.Exists() and Daemon.IsPaused(). These functions are no longer used and will be removed in the next release. moby/moby#48719
• Deprecate container.ErrNameReserved and container.ErrNameNotReserved. moby/moby#48697

... (truncated)

Commits

• 92a8393 Merge pull request #49027 from thaJeztah/27.x_backport_cdi-rootless
• 9163aa3 Merge pull request #49026 from thaJeztah/27.x_update_go_1.22.10
• 4775621 Dockerd rootless: make {/etc,/var/run}/cdi available
• 0176f4a Merge pull request #49024 from thaJeztah/27.x_vendor_buildkit_0.17.3
• 0e34b39 update to go1.22.10
• 7919b80 [27.x] vendor: github.com/moby/buildkit v0.17.3
• a92d4c5 Merge pull request #49013 from vvoland/49006-27.x
• 1cc1274 Merge pull request #49010 from vvoland/49009-27.x
• 525b929 registry: deprecate RepositoryInfo.Class
• d6d43b2 c8d/tag: Don't log a warning if the source image is not dangling
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/ssa from 0.41.1 to 0.43.0

Commits

• 42918b3 Merge pull request #843 from fluxcd/deps-int-k8s-1.32
• ad9c74a Update internal dependencies
• b9b6a10 Merge pull request #842 from fluxcd/k8s-1.32.0
• 7b6cd90 Update dependencies to Kubernetes 1.32.0 and Go 1.23.0
• b9c338a Merge pull request #841 from fluxcd/load-vars
• cf1915e Make the variables loading function public
• 84013d4 Merge pull request #839 from fluxcd/workflow-tf-setup
• b91dc11 workflows: Use setup-terraform install latest
• 5bf9095 Merge pull request #838 from fluxcd/meta-v1.8.0
• 05a2b81 Update apis/meta version in chartutil and runtime
• Additional commits viewable in compare view

Updates github.com/mittwald/go-helm-client from 0.12.14 to 0.12.15

Release notes

Sourced from github.com/mittwald/go-helm-client's releases.

v0.12.15

What's Changed

• bump helm and gomock deps to the latest releases by @​tariq1890 in mittwald/go-helm-client#220
• Update client.go by @​pberton in mittwald/go-helm-client#221
• Show in docs the ChartSpec.Timeout by @​fmontorsi-equinix in mittwald/go-helm-client#223

New Contributors

• @​pberton made their first contribution in mittwald/go-helm-client#221
• @​fmontorsi-equinix made their first contribution in mittwald/go-helm-client#223

Full Changelog: mittwald/go-helm-client@v0.12.14...v0.12.15

Commits

• 7b0ba54 Merge pull request #223 from fmontorsi-equinix/patch-1
• bf69d23 Merge branch 'master' into patch-1
• ff2969f Update client_test.go
• 08a142e Merge pull request #221 from pberton/patch-1
• 4b9c72c Merge branch 'master' into patch-1
• c71ccfd Merge pull request #220 from tariq1890/bump-helm-gomock
• 5e61ccb Show in docs the ChartSpec.Timeout
• 3cc53a9 Update client.go
• 1d8c4fc bump helm and gomock deps to the latest releases
• See full diff in compare view

Updates github.com/onsi/gomega from 1.36.0 to 1.36.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.1

1.36.1

Fixes

• Fix onsi/gomega#803 [1c6c112]
• resolves onsi/gomega#696: make HaveField great on pointer receivers given only a non-addressable value [4feb9d7]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.1

Fixes

• Fix onsi/gomega#803 [1c6c112]
• resolves onsi/gomega#696: make HaveField great on pointer receivers given only a non-addressable value [4feb9d7]

Commits

• 8bc0a2a v1.36.1
• 1c6c112 Fix onsi/gomega#803
• 4feb9d7 resolves onsi/gomega#696: make HaveField great on pointer receivers given onl...
• See full diff in compare view

Updates github.com/sigstore/sigstore from 1.8.10 to 1.8.11

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.11

What's Changed

• several dependabot updates
• Replace custom auth code with azidentity.NewDefaultCredential for Azure KMS client by @​malancas in sigstore/sigstore#1888
• fix: set go module directive to 1.22.0 by @​dnwe in sigstore/sigstore#1878

New Contributors

• @​dnwe made their first contribution in sigstore/sigstore#1878

Full Changelog: sigstore/sigstore@v1.8.10...v1.8.11

Commits

• 185deaa build(deps): Bump golang.org/x/crypto from 0.29.0 to 0.31.0 (#1903)
• 7df71a7 build(deps): Bump cloud.google.com/go/kms (#1902)
• f5270c4 build(deps): Bump golang.org/x/crypto in /pkg/signature/kms/azure (#1905)
• 9bd2049 build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1906)
• 4e58ea1 build(deps): Bump actions/cache from 4.1.2 to 4.2.0 in the all group (#1907)
• 7addd3b build(deps): Bump localstack/localstack in /test/e2e in the all group (#1899)
• cbdd139 build(deps): Bump the gomod group across 1 directory with 3 updates (#1900)
• 8041744 build(deps): Bump github.com/stretchr/testify in /pkg/signature/kms/aws (#1893)
• d66b91a build(deps): Bump google.golang.org/api in /pkg/signature/kms/gcp (#1894)
• fa4a76d build(deps): Bump github.com/stretchr/testify (#1895)
• Additional commits viewable in compare view

Updates k8s.io/api from 0.31.3 to 0.32.0

Commits

• e622342 Update dependencies to v0.32.0 tag
• b0543a3 Merge remote-tracking branch 'origin/master' into release-1.32
• f6bae9a Drop use of winreadlinkvolume godebug option
• ea815d5 Merge remote-tracking branch 'origin/master' into release-1.32
• c331a79 Revert to go1.22 windows filesystem stdlib behavior
• f8e5e36 Merge pull request #128407 from ndixita/pod-level-resources
• 84e0db8 Merge pull request #127857 from Jefftree/cle-v1alpha2
• cbaf5a0 Merge pull request #128686 from thockin/take_over_pr-125233
• a503a4f Merge pull request #128687 from tallclair/allocated-status
• 3f43b5a Merge pull request #128240 from LionelJouin/KEP-4817
• Additional commits viewable in compare view

Updates k8s.io/apiextensions-apiserver from 0.31.3 to 0.32.0

Commits

• 7215469 Update dependencies to v0.32.0 tag
• 887679f Merge remote-tracking branch 'origin/master' into release-1.32
• bd027a4 Drop use of winreadlinkvolume godebug option
• 919f42b Merge remote-tracking branch 'origin/master' into release-1.32
• a4e1034 Revert to go1.22 windows filesystem stdlib behavior
• 89d6021 Run codegen
• 2a91f8a Merge pull request #127513 from tkashem/delete-undecryptable
• 06dc95a api: run codegen
• 19f7123 Merge pull request #128639 from jpbetz/fix-cost-test
• 66631b6 Fix flake in CEL cost stability tests
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.31.3 to 0.32.0

Commits

• 59e9003 Merge remote-tracking branch 'origin/master' into release-1.32
• 639247c Drop use of winreadlinkvolume godebug option
• 220d7c3 Merge remote-tracking branch 'origin/master' into release-1.32
• c199d3b Revert to go1.22 windows filesystem stdlib behavior
• 16af2ff implement unsafe deletion, and wire it
• 6ff8305 api: run codegen
• ca9b8b2 api: add a new field to meta/v1 DeleteOptions
• d941d9f Merge pull request #128503 from benluddy/cbor-codecs-featuregate
• 3b4250f Wire serving codecs to CBOR feature gate.
• daaad09 Merge pull request #128501 from benluddy/watch-cbor-seq
• Additional commits viewable in compare view

Updates k8s.io/cli-runtime from 0.31.3 to 0.32.0

Commits

• 49dbc54 Update dependencies to v0.32.0 tag
• f8c45be Merge remote-tracking branch 'origin/master' into release-1.32
• f750fa0 Drop use of winreadlinkvolume godebug option
• 9da77ec Merge remote-tracking branch 'origin/master' into release-1.32
• 15e0912 Revert to go1.22 windows filesystem stdlib behavior
• 3a2a8b4 hack/pin-dependency.sh k8s.io/kube-openapi 32ad38e42d3faf1ce94eb29f4ea6d76333...
• 8ceafc0 Merge pull request #128396 from ritazh/deprecate-EnforceMountableSecretsAnnot...
• f78772d deprecate EnforceMountableSecretsAnnotation in 1.32
• 44c3029 Merge pull request #128507 from dims/use-k8s.io/utils/lru-instead-of-github.c...
• 16fbedb Use k8s.io/utils/lru instead of github.com/golang/groupcache/lru
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.31.3 to 0.32.0

Commits

• 0d55461 Update dependencies to v0.32.0 tag
• 4765ade Merge remote-tracking branch 'origin/master' into release-1.32
• 692a511 Drop use of winreadlinkvolume godebug option
• 9df5099 Merge remote-tracking branch 'origin/master' into release-1.32
• 120beb2 Revert to go1.22 windows filesystem stdlib behavior
• 55d23e2 Align fake client-go clients with the main interface
• 646e79b Run codegen
• c475fe0 Generify fake clientsets
• 955401c Merge pull request #128407 from ndixita/pod-level-resources
• eddb107 Merge pull request #127857 from Jefftree/cle-v1alpha2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	5
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	2
HIGH RISK LICENSES	9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI