chore(deps): bump the go group across 1 directory with 13 updates

[dependabot]

Bumps the go group with 9 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.32.6	1.32.7
github.com/aws/aws-sdk-go-v2/config	1.28.6	1.28.7
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.17.43	1.17.44
github.com/aws/aws-sdk-go-v2/service/ecr	1.36.7	1.38.0
github.com/docker/cli	27.4.0+incompatible	27.4.1+incompatible
github.com/docker/docker	27.4.0+incompatible	27.4.1+incompatible
github.com/mittwald/go-helm-client	0.12.15	0.12.16
github.com/onsi/ginkgo/v2	2.22.0	2.22.1
github.com/onsi/gomega	1.36.1	1.36.2

Updates github.com/aws/aws-sdk-go-v2 from 1.32.6 to 1.32.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.6 to 1.28.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.47 to 1.17.48

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.43 to 1.17.44

Commits

• 2f70834 Release 2024-11-07
• ef9a3c3 Regenerated Clients
• c054fe7 Update endpoints model
• b68675c Update API model
• 1d989f3 send opt-in query-compatible header where applicable (#2891)
• 5d0eb23 Merge pull request #2889 from aws/customize-identity-store-exception-message
• a39caf3 adding new line and inline comments
• 2ae3246 refactor logic to use switch case
• 7c4bde0 add changelog
• f01c284 regenerating clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.36.7 to 1.38.0

Changelog

Sourced from github.com/aws/aws-sdk-go-v2/service/ecr's changelog.

Release (2023-07-31)

General Highlights

• Feature: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide.
• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/amplifyuibuilder: v1.12.0
  • Feature: Amplify Studio releases GraphQL support for codegen job action.
• github.com/aws/aws-sdk-go-v2/service/autoscaling: v1.30.0
  • Feature: You can now configure an instance refresh to set its status to 'failed' when it detects that a specified CloudWatch alarm has gone into the ALARM state. You can also choose to roll back the instance refresh automatically when the alarm threshold is met.
• github.com/aws/aws-sdk-go-v2/service/cleanrooms: v1.3.0
  • Feature: This release introduces custom SQL queries - an expanded set of SQL you can run. This release adds analysis templates, a new resource for storing pre-defined custom SQL queries ahead of time. This release also adds the Custom analysis rule, which lets you approve analysis templates for querying.
• github.com/aws/aws-sdk-go-v2/service/codestarconnections: v1.15.0
  • Feature: New integration with the Gitlab provider type.
• github.com/aws/aws-sdk-go-v2/service/drs: v1.15.0
  • Feature: Add support for in-aws right sizing
• github.com/aws/aws-sdk-go-v2/service/inspector2: v1.16.0
  • Feature: This release adds 1 new API: BatchGetFindingDetails to retrieve enhanced vulnerability intelligence details for findings.
• github.com/aws/aws-sdk-go-v2/service/lookoutequipment: v1.18.0
  • Feature: This release includes new import resource, model versioning and resource policy features.
• github.com/aws/aws-sdk-go-v2/service/omics: v1.6.0
  • Feature: Add CreationType filter for ListReadSets
• github.com/aws/aws-sdk-go-v2/service/rds: v1.49.0
  • Feature: This release adds support for Aurora MySQL local write forwarding, which allows for forwarding of write operations from reader DB instances to the writer DB instance.
• github.com/aws/aws-sdk-go-v2/service/route53: v1.29.0
  • Feature: Amazon Route 53 now supports the Israel (Tel Aviv) Region (il-central-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.
• github.com/aws/aws-sdk-go-v2/service/scheduler: v1.2.0
  • Feature: This release introduces automatic deletion of schedules in EventBridge Scheduler. If configured, EventBridge Scheduler automatically deletes a schedule after the schedule has completed its last invocation.

Release (2023-07-28.2)

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/applicationinsights: v1.18.0
  • Feature: This release enable customer to add/remove/update more than one workload for a component
• github.com/aws/aws-sdk-go-v2/service/cloudformation: v1.33.0
  • Feature: This SDK release is for the feature launch of AWS CloudFormation RetainExceptOnCreate. It adds a new parameter retainExceptOnCreate in the following APIs: CreateStack, UpdateStack, RollbackStack, ExecuteChangeSet.
• github.com/aws/aws-sdk-go-v2/service/cloudfront: v1.27.0
  • Feature: Add a new JavaScript runtime version for CloudFront Functions.
• github.com/aws/aws-sdk-go-v2/service/connect: v1.62.0
  • Feature: This release adds support for new number types.
• github.com/aws/aws-sdk-go-v2/service/kafka: v1.21.0
  • Feature: Amazon MSK has introduced new versions of ListClusterOperations and DescribeClusterOperation APIs. These v2 APIs provide information and insights into the ongoing operations of both MSK Provisioned and MSK Serverless clusters.
• github.com/aws/aws-sdk-go-v2/service/pinpoint: v1.21.0
  • Feature: Added support for sending push notifications using the FCM v1 API with json credentials. Amazon Pinpoint customers can now deliver messages to Android devices using both FCM v1 API and the legacy FCM/GCM API

Release (2023-07-28)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

... (truncated)

Commits

• 787a818 Release 2023-07-31
• 953c852 Regenerated Clients
• 9ad4f50 Update SDK's smithy-go dependency to v1.14.0
• bd77e8d Update partitions file
• 7a0433f Update endpoints model
• cdfb4c4 Update API model
• 5cff0c4 fix ep20 refs in GH workflows (#2218)
• 26bf48f Add a new smithy-modeled rules based endpoint resolution. (#2214)
• 28c87cc Release 2023-07-28.2
• 4f4efd2 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.71.1

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.4.0+incompatible to 27.4.1+incompatible

Commits

• b9d17ea Merge pull request #5700 from thaJeztah/27.x_backport_remove_use_of_netfilter...
• a08a120 cli/command/system: remove BridgeNfIptables, BridgeNfIp6tables in tests
• 4870b3d Merge pull request #5699 from thaJeztah/27.x_backport_remove_system_isabs
• d3b59fb cli/command/container: use local copy of pkg/system.IsAbs
• ac40240 Merge pull request #5685 from thaJeztah/27.x_backport_bump_xx
• 3fa9480 Merge pull request #5690 from thaJeztah/27.x_backport_bump_gomd2man
• fce7c04 Merge pull request #5692 from thaJeztah/27.x_backport_remove_netfilter_warnings
• 70815c1 cli/command/system: remove netfilter warnings from tests
• 12d98b0 update go-md2man to v2.0.5
• f9783ec update xx to v1.6.1 for compatibility with alpine 3.21
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.0+incompatible to 27.4.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.1

27.4.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.1 milestone
• moby/moby, 27.4.1 milestone

Bug fixes and enhancements

• Fix excessive memory allocations when OTel is not configured. moby/moby#49079
• The docker info command and the corresponding GET /info API endpoint no longer include warnings when bridge-nf-call-iptables or bridge-nf-call-ip6tables are disabled at the daemon is started. The br_netfilter kernel module is now attempted to be loaded when needed, which made those warnings inaccurate. moby/moby#49090
• Attempt to load kernel modules, including ip6_tables and br_netfilter when required, using a method that is likely to succeed inside a Docker-in-Docker container. moby/moby#49043
• Fix a bug that could result in an iptables DOCKER FILTER chain not being cleaned up on failure. moby/moby#49110

Deprecations

• pkg/system: Deprecate Lstat(), Mkdev(), Mknod(), FromStatT() and Stat() functions, and related StatT types. These were only used internally, and will be removed in the next release. moby/moby#49100
• libnetwork/iptables: Deprecate IPV, Iptables and IP6Tables types in favor of IPVersion, IPv4, and IPv6. This type and consts will be removed in the next release. moby/moby#49093
• libnetwork/iptables: Deprecate Passthrough. This function was only used internally, and will be removed in the next release. moby/moby#49119

Packaging updates

• Update Compose to v2.32.1. docker/docker-ce-packaging#1130
• Update Buildx to v0.19.3. docker/docker-ce-packaging#1132
• Update runc to v1.2.3 (static packages only). moby/moby#49085

Commits

• c710b88 Merge pull request #49119 from thaJeztah/27.x_backport_libnetwork_deprecate_P...
• eda0a20 libnetwork/iptables: deprecate Passthrough
• b51622d libnet/iptables: deprecate type IPV
• 829ac83 Merge pull request #49104 from thaJeztah/27.x_backport_update_swagger_headers
• bd7da11 Merge pull request #49110 from thaJeztah/27.x_backport_fix_setupIPChains_defer
• 135b144 Merge pull request #49105 from thaJeztah/27.x_backport_testing-suse-apparmor
• 08de719 libnetwork/drivers/bridge: setupIPChains: fix defer checking wrong err
• 2a62319 Merge pull request #49100 from thaJeztah/27.x_backport_deprecate_pkg_system
• 6855ca1 integration-cli: don't skip AppArmor tests on SLES
• 224b305 docs/api: document correct case for Api-Version header
• Additional commits viewable in compare view

Updates github.com/mittwald/go-helm-client from 0.12.15 to 0.12.16

Release notes

Sourced from github.com/mittwald/go-helm-client's releases.

v0.12.16

What's Changed

• bump helm and k8s deps to latest stable releases by @​tariq1890 in mittwald/go-helm-client#224

Full Changelog: mittwald/go-helm-client@v0.12.15...v0.12.16

Commits

• 534c33c Merge pull request #224 from tariq1890/bump-helm-k8s
• def3674 bump helm and k8s deps to latest stable releases
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.22.0 to 2.22.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.22.1

2.22.1

Fixes

Fix CSV encoding

• Update tests [aab3da6]
• Properly encode CSV rows [c09df39]
• Add test case for proper csv escaping [96a80fc]
• Add meta-test [43dad69]

Maintenance

• ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
• remove golang.org/x/net/context in favour of stdlib context [4df44bf]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.22.1

Fixes

Fix CSV encoding

• Update tests [aab3da6]
• Properly encode CSV rows [c09df39]
• Add test case for proper csv escaping [96a80fc]
• Add meta-test [43dad69]

Maintenance

• ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
• remove golang.org/x/net/context in favour of stdlib context [4df44bf]

Commits

• a0190b7 v2.22.1
• 4df44bf remove golang.org/x/net/context in favour of stdlib context
• c88c634 ensure *.test files are gitignored so we don't accidentally commit compiled t...
• aab3da6 Update tests
• c09df39 Properly encode CSV rows
• 96a80fc Add test case for proper csv escaping
• 43dad69 Add meta-test
• See full diff in compare view

Updates github.com/onsi/gomega from 1.36.1 to 1.36.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.2

Maintenance

• Bump nokogiri from 1.16.3 to 1.16.5 in /docs by @​dependabot in onsi/gomega#757
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 by @​dependabot in onsi/gomega#808
• Bump golang.org/x/net from 0.30.0 to 0.33.0 by @​dependabot in onsi/gomega#807
• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 by @​dependabot in onsi/gomega#810

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.2

Maintenance

• Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 (#810) [9a7609d]
• Bump golang.org/x/net from 0.30.0 to 0.33.0 (#807) [b6cb028]
• Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 (#808) [5756529]
• Bump nokogiri from 1.16.3 to 1.16.5 in /docs (#757) [dabc12e]

Commits

• bb0e550 v1.36.2
• 9a7609d Bump google.golang.org/protobuf from 1.35.1 to 1.36.1 (#810)
• b6cb028 Bump golang.org/x/net from 0.30.0 to 0.33.0 (#807)
• 5756529 Bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.22.1 (#808)
• dabc12e Bump nokogiri from 1.16.3 to 1.16.5 in /docs (#757)
• See full diff in compare view

Updates golang.org/x/net from 0.32.0 to 0.33.0

Commits

• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• 552d8ac Revert "route: change from syscall to x/sys/unix"
• 13a7c01 Revert "route: remove unused sizeof* consts on freebsd"
• See full diff in compare view

Updates helm.sh/helm/v3 from 3.16.3 to 3.16.4

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.4 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.4. The common platform binaries are here:

• MacOS amd64 (checksum / 8dc25671120a4af197afe7ad9041fb8e1dd71bc01e5ef73dba1139cbc9e9f44b)
• MacOS arm64 (checksum / e2442d8f05d53d84c39b869bc5fe5affad247ee2f4c706a040919c146edb1f94)
• Linux amd64 (checksum / fc307327959aa38ed8f9f7e66d45492bb022a66c3e5da6063958254b9767d179)
• Linux arm (checksum / 432e774d1087d3773737888d384c62477b399227662b42cbf0c32e95e6e72556)
• Linux arm64 (checksum / d3f8f15b3d9ec8c8678fbf3280c3e5902efabe5912e2f9fcf29107efbc8ead69)
• Linux i386 (checksum / 6022b34e165a5196827043c77bcd1fa28ef48109b3a4af46e8660ddb0a6c44e0)
• Linux ppc64le (checksum / 0ba4375a6dcf6117a8e7729fbed36d9220f8ad98dbc7aabc16186f22917caead)
• Linux s390x (checksum / 10b88dc2afd97267feba8283d58dcb1c937defb7df8de152c86b60aaece47d59)
• Linux riscv64 (checksum / e733c727de7644cfeb25b094e1f0a56c53a7cb437c93c992aa92e6c7b9f6af93)
• Windows amd64 (checksum / 9bb114c12e530a7129fd3d78fc1784e813dd7a6e29e5f9b5af8bc83fd1066d36)
• Windows arm64 (checksum / a4afeee93031920ec08b7e880c859a159bcd222837a81196cadaeb42408ad0b3)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

• Bump golang.org/x/crypto from 0.30.0 to 0.31.0 7877b45b63f95635153b29a42c0c2f4273ec45ca (dependabot[bot])
• Bump the k8s-io group with 7 updates 848e586c27f05d84bc19d082f395098aba0b7619 (dependabot[bot])

Commits

• 7877b45 Bump golang.org/x/crypto from 0.30.0 to 0.31.0
• 848e586 Bump the k8s-io group with 7 updates
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	5
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	3
HIGH RISK LICENSES	9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI