chore(deps): bump the gomod group across 1 directory with 14 updates by dependabot[bot] · Pull Request #717 · controlplaneio/kubesec

dependabot · 2026-01-26T06:14:42Z

Bumps the gomod group with 6 updates in the / directory:

Package	From	To
github.com/in-toto/in-toto-golang	`0.9.0`	`0.11.0`
github.com/prometheus/client_golang	`1.22.0`	`1.23.2`
go.uber.org/zap	`1.27.0`	`1.28.0`
github.com/prometheus/procfs	`0.17.0`	`0.20.1`
go.yaml.in/yaml/v2	`2.4.2`	`2.4.4`
sigs.k8s.io/yaml	`1.5.0`	`1.6.0`

Updates github.com/in-toto/in-toto-golang from 0.9.0 to 0.11.0

Release notes

Sourced from github.com/in-toto/in-toto-golang's releases.

v0.11.0

What's Changed

chore(deps): bump the all group with 2 updates by @dependabot[bot] in in-toto/in-toto-golang#453

chore(deps): bump the all group across 1 directory with 2 updates by @dependabot[bot] in in-toto/in-toto-golang#452

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 by @dependabot[bot] in in-toto/in-toto-golang#457

chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by @dependabot[bot] in in-toto/in-toto-golang#459

match: Replace ^ with ! for negation in character classes by @adityasaky in in-toto/in-toto-golang#462

Full Changelog: in-toto/in-toto-golang@v0.10.0...v0.11.0

v0.10.0

What's Changed

chore(deps): bump google.golang.org/grpc from 1.54.0 to 1.55.0 by @dependabot[bot] in in-toto/in-toto-golang#232

Update maintainers and governance by @adityasaky in in-toto/in-toto-golang#233

chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot[bot] in in-toto/in-toto-golang#234

chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.3 to 2.1.5 by @dependabot[bot] in in-toto/in-toto-golang#235

chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot[bot] in in-toto/in-toto-golang#236

Fix expired signature in test by @adityasaky in in-toto/in-toto-golang#241

chore(deps): bump golang.org/x/sys from 0.8.0 to 0.9.0 by @dependabot[bot] in in-toto/in-toto-golang#240

chore(deps): bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.6 by @dependabot[bot] in in-toto/in-toto-golang#239

chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot[bot] in in-toto/in-toto-golang#242

chore(deps): bump google.golang.org/grpc from 1.56.0 to 1.56.1 by @dependabot[bot] in in-toto/in-toto-golang#243

Update GitHub Actions workflows by @adityasaky in in-toto/in-toto-golang#246

chore(deps): bump golang.org/x/sys from 0.9.0 to 0.10.0 by @dependabot[bot] in in-toto/in-toto-golang#245

remove linters that are no longer supported and add to make file by @pxp928 in in-toto/in-toto-golang#249

Add match products feature by @adityasaky in in-toto/in-toto-golang#237

Remove unfinished link on record stop by @PradyumnaKrishna in in-toto/in-toto-golang#248

chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.56.2 by @dependabot[bot] in in-toto/in-toto-golang#250

chore(deps): bump github.com/secure-systems-lab/go-securesystemslib from 0.6.0 to 0.7.0 by @dependabot[bot] in in-toto/in-toto-golang#251

chore(deps): bump google.golang.org/grpc from 1.56.2 to 1.57.0 by @dependabot[bot] in in-toto/in-toto-golang#255

Add tests for coverage in envelope.go by @adityasaky in in-toto/in-toto-golang#256

chore(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 by @dependabot[bot] in in-toto/in-toto-golang#257

chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot[bot] in in-toto/in-toto-golang#258

chore(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot[bot] in in-toto/in-toto-golang#259

Fixes filepath pattern matching in windows by @PradyumnaKrishna in in-toto/in-toto-golang#254

chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot[bot] in in-toto/in-toto-golang#261

chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot[bot] in in-toto/in-toto-golang#262

chore(deps): bump golang.org/x/sys from 0.11.0 to 0.12.0 by @dependabot[bot] in in-toto/in-toto-golang#263

chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by @dependabot[bot] in in-toto/in-toto-golang#264

chore(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by @dependabot[bot] in in-toto/in-toto-golang#266

Deprecate Provenance v1 struct in favor of /attestation protobufs by @marcelamelara in in-toto/in-toto-golang#267

chore(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2 by @dependabot[bot] in in-toto/in-toto-golang#269

chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot[bot] in in-toto/in-toto-golang#270

Drop use of any for hash objects by @adityasaky in in-toto/in-toto-golang#238

chore(deps): bump golang.org/x/sys from 0.12.0 to 0.13.0 by @dependabot[bot] in in-toto/in-toto-golang#271

chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot[bot] in in-toto/in-toto-golang#273

chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot[bot] in in-toto/in-toto-golang#272

chore(deps): bump golang.org/x/net from 0.12.0 to 0.17.0 by @dependabot[bot] in in-toto/in-toto-golang#274

chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot[bot] in in-toto/in-toto-golang#275

... (truncated)

Commits

36d782f Merge pull request #462 from in-toto/fix-negation-character
4a09e3b match: Replace ^ with ! for negation in character classes
c3302e8 Merge pull request #459 from in-toto/dependabot/go_modules/github.com/go-jose...
016e87e chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
5b9df76 Merge pull request #457 from in-toto/dependabot/go_modules/google.golang.org/...
595b3fe chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3
e396d24 Merge pull request #452 from in-toto/dependabot/github_actions/all-502588e1ca
142b779 Merge pull request #453 from in-toto/dependabot/go_modules/all-d8ef5820aa
f741bcc chore(deps): bump the all group with 2 updates
c374dc9 chore(deps): bump the all group across 1 directory with 2 updates
Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.22.0 to 1.23.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.2 - 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

[release-1.23] Upgrade to prometheus/common@v0.66.1 by @aknuds1 in prometheus/client_golang#1869

[release-1.23] Cut v1.23.2 by @aknuds1 in prometheus/client_golang#1870

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

[release-1.23] Upgrade to prometheus/common v0.66 by @aknuds1 in prometheus/client_golang#1866

[release-1.23] Cut v1.23.1 by @aknuds1 in prometheus/client_golang#1867

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

v1.23.0 - 2025-07-30

[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812

[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766

[FEATURE] Add exemplars for native histograms #1686

[ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823

[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833

[BUGFIX] exp/api: client prompt return on context cancellation #1729

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.2 / 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

1.23.0 / 2025-07-30

[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. #1812

[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix #1766

[FEATURE] Add exemplars for native histograms #1686

[ENHANCEMENT] exp/api: Bubble up status code from writeResponse #1823

[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 #1833

[BUGFIX] exp/api: client prompt return on context cancellation #1729

Commits

8179a56 Cut v1.23.2 (#1870)
4142b59 Merge pull request #1869 from prometheus/arve/upgrade-common
4ff40f0 Cut v1.23.1 (#1867)
989b029 Upgrade to prometheus/common v0.66 (#1866)
e4b2208 Cut v1.23.0 (#1848)
d9492af cut v1.23.0-rc.1 (#1842)
aeae8a0 Cut v1.23.0-rc.0 (#1837)
b157309 Update common Prometheus files (#1832)
a704e28 build(deps): bump the github-actions group with 3 updates (#1826)
c774311 Fix errNotImplemented reference (#1835)
Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.9.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

Fix linter and allow CI to pass by @marckhouzam in spf13/cobra#2327

fix: actions/setup-go v6 by @jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

Add documentation for repeated flags functionality by @rvergis in spf13/cobra#2316

🍂 Refactors

refactor: replace several vars with consts by @htoyoda18 in spf13/cobra#2328

refactor: change minUsagePadding from var to const by @ssam18 in spf13/cobra#2325

🤗 New Contributors

@rvergis made their first contribution in spf13/cobra#2316

@htoyoda18 made their first contribution in spf13/cobra#2328

@ssam18 made their first contribution in spf13/cobra#2325

@dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

v1.10.1

🐛 Fix

chore: upgrade pflags v1.0.9 by @jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

Bump pflag to 1.0.8 by @tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`

or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

... (truncated)

Commits

88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
346d408 fix: actions/setup-go v6 (#2337)
fc81d20 refactor: change minUsagePadding from var to const (#2325)
117698a refactor: replace several vars with consts (#2328)
e2dd29d Add documentation for repeated flags functionality (#2316)
0629892 Fix linter (#2327)
7da941c chore: Bump pflag to v1.0.9 (#2305)
51d6751 Bump pflag to 1.0.8 (#2303)
3f3b818 Update README.md with new logo
dcaf42e Add Periscope to the list of projects using Cobra (#2299)
Additional commits viewable in compare view

Updates go.uber.org/zap from 1.27.0 to 1.28.0

Release notes

Sourced from go.uber.org/zap's releases.

v1.28.0

Enhancements:

#1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.

#1534: uber-go/zap#1534

v1.27.1

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Changelog

Sourced from go.uber.org/zap's changelog.

1.28.0 (27 Apr 2026)

Enhancements:

#1534[]: Add zapcore.CheckPreWriteHook and CheckedEntry.Before method for transforming entries before they are written to any Cores.

1.27.1 (19 Nov 2025)

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Commits

5b81b37 release v1.28.0 (#1547)
0ab0d5a zapcore: Add PreWriteHook for transforming entries before write (#1534)
d278c59 [chore] CI: test on Go 1.26 (#1535)
16fb16b chore(dep): replace archived gopkg.in/yaml.v3 with officially maintained go.y...
7b755a3 release 1.27.1 (#1521)
d6b395b Update lazy logger not to materialize unless it's being written to (#1519)
4b9cea0 ci: Test with Go 1.24, Go 1.25 (#1508)
7c80d7b Fix race condition in WithLazy implementation (#1426) (#1511)
07077a6 Prevent zap.Object from panicing on nils (#1501)
a6afd05 Fix lint check name (#1502)
Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.65.0 to 0.66.1

Release notes

Sourced from github.com/prometheus/common's releases.

v0.66.1

This release has no functional changes, it just drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement).

What's Changed

Revert "Use github.com/grafana/regexp instead of regexp" by @aknuds1 in prometheus/common#835

Move to supported version of yaml parser by @dims in prometheus/common#834

Revert "Use go.uber.org/atomic instead of sync/atomic (#825)" by @aknuds1 in prometheus/common#838

Full Changelog: prometheus/common@v1.20.99...v0.66.1

v0.66.0

⚠️ Breaking Changes ⚠️

A default-constructed TextParser will be invalid. It must have a valid scheme set, so users should use the NewTextParser function to create a valid TextParser. Otherwise parsing will panic with "Invalid name validation scheme requested: unset".

What's Changed

model: add constants for type and unit labels. by @bwplotka in prometheus/common#801

model.ValidationScheme: Support encoding as YAML by @aknuds1 in prometheus/common#799

fix(promslog): always print time.Duration values as go duration strings by @tjhop in prometheus/common#798

Add ValidationScheme methods IsValidMetricName and IsValidLabelName by @aknuds1 in prometheus/common#806

Fix delimited proto not escaped correctly by @thampiotr in prometheus/common#809

Decoder: Remove use of global name validation and add validation by @ywwg in prometheus/common#808

ValidationScheme implements pflag.Value and json.Marshaler/Unmarshaler interfaces by @juliusmh in prometheus/common#807

expfmt: Add NewTextParser function by @aknuds1 in prometheus/common#816

Enable the godot linter by @aknuds1 in prometheus/common#821

Enable usestdlibvars linter by @aknuds1 in prometheus/common#820

Enable unconvert linter by @aknuds1 in prometheus/common#819

Enable the fatcontext linter by @aknuds1 in prometheus/common#822

Enable gocritic linter by @aknuds1 in prometheus/common#818

Use go.uber.org/atomic instead of sync/atomic by @aknuds1 in prometheus/common#825

Enable revive rule unused-parameter by @aknuds1 in prometheus/common#824

Enable revive rules by @aknuds1 in prometheus/common#823

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#802

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#803

Sync .golangci.yml with prometheus/prometheus by @aknuds1 in prometheus/common#817

ci: update upload-actions by @ywwg in prometheus/common#814

docs: fix typo in expfmt.Negotiate by @wmcram in prometheus/common#813

build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot[bot] in prometheus/common#800

build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in prometheus/common#810

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in /assets by @dependabot[bot] in prometheus/common#826

build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.8 by @dependabot[bot] in prometheus/common#830

build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in prometheus/common#829

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in prometheus/common#827

New Contributors

@aknuds1 made their first contribution in prometheus/common#799

@thampiotr made their first contribution in prometheus/common#809

@wmcram made their first contribution in prometheus/common#813

... (truncated)

Changelog

Sourced from github.com/prometheus/common's changelog.

v0.66.1 / 2025-09-05

This release has no functional changes, it just drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement).

What's Changed

Revert "Use github.com/grafana/regexp instead of regexp" by @aknuds1 in prometheus/common#835

Move to supported version of yaml parser by @dims in prometheus/common#834

Revert "Use go.uber.org/atomic instead of sync/atomic (#825)" by @aknuds1 in prometheus/common#838

Full Changelog: prometheus/common@v1.20.99...v0.66.1

v0.66.0 / 2025-09-02

⚠️ Breaking Changes ⚠️

A default-constructed TextParser will be invalid. It must have a valid scheme set, so users should use the NewTextParser function to create a valid TextParser. Otherwise parsing will panic with "Invalid name validation scheme requested: unset".

What's Changed

model: add constants for type and unit labels. by @bwplotka in prometheus/common#801

model.ValidationScheme: Support encoding as YAML by @aknuds1 in prometheus/common#799

fix(promslog): always print time.Duration values as go duration strings by @tjhop in prometheus/common#798

Add ValidationScheme methods IsValidMetricName and IsValidLabelName by @aknuds1 in prometheus/common#806

Fix delimited proto not escaped correctly by @thampiotr in prometheus/common#809

Decoder: Remove use of global name validation and add validation by @ywwg in prometheus/common#808

ValidationScheme implements pflag.Value and json.Marshaler/Unmarshaler interfaces by @juliusmh in prometheus/common#807

expfmt: Add NewTextParser function by @aknuds1 in prometheus/common#816

Enable the godot linter by @aknuds1 in prometheus/common#821

Enable usestdlibvars linter by @aknuds1 in prometheus/common#820

Enable unconvert linter by @aknuds1 in prometheus/common#819

Enable the fatcontext linter by @aknuds1 in prometheus/common#822

Enable gocritic linter by @aknuds1 in prometheus/common#818

Use go.uber.org/atomic instead of sync/atomic by @aknuds1 in prometheus/common#825

Enable revive rule unused-parameter by @aknuds1 in prometheus/common#824

Enable revive rules by @aknuds1 in prometheus/common#823

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#802

Synchronize common files from prometheus/prometheus by @prombot in prometheus/common#803

Sync .golangci.yml with prometheus/prometheus by @aknuds1 in prometheus/common#817

ci: update upload-actions by @ywwg in prometheus/common#814

docs: fix typo in expfmt.Negotiate by @wmcram in prometheus/common#813

build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0 by @dependabot[bot] in prometheus/common#800

build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 by @dependabot[bot] in prometheus/common#810

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 in /assets by @dependabot[bot] in prometheus/common#826

build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.8 by @dependabot[bot] in prometheus/common#830

build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0 by @dependabot[bot] in prometheus/common#829

build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in prometheus/common#827

New Contributors

@aknuds1 made their first contribution in prometheus/common#799

@thampiotr made their first contribution in prometheus/common#809

... (truncated)

Commits

8975dde Revert "Use go.uber.org/atomic instead of sync/atomic (#825)" (#838)
08d7f66 Move to supported version of yaml parser (#834)
80e275e Revert "Use github.com/grafana/regexp instead of regexp" (#835)
4c2f9e7 Merge pull request #832 from roidelapluie/retract
e120453 Retract v1.20.3
2b1487c Merge pull request #827 from prometheus/dependabot/go_modules/github.com/stre...
db38951 Merge pull request #829 from prometheus/dependabot/go_modules/golang.org/x/ne...
9e19a90 build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1
a1ba2a7 build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0
c7a031c Merge pull request #830 from prometheus/dependabot/go_modules/google.golang.o...
Additional commits viewable in compare view

Updates github.com/prometheus/procfs from 0.17.0 to 0.20.1

Release notes

Sourced from github.com/prometheus/procfs's releases.

v0.20.1

What's Changed

nvme: Parse NVMe namespace details by @ShashwatHiregoudar in prometheus/procfs#765

Fix bcachefs parsing by @ananthb in prometheus/procfs#789

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#788

Update sysfs/class_thermal: continue on EINVAL in parseClassThermalZone to ignore only invalid thermal zones which raise "invalid argument" by @ccastiglione-reply in prometheus/procfs#763

New Contributors

@ccastiglione-reply made their first contribution in prometheus/procfs#763

Full Changelog: prometheus/procfs@v0.20.0...v0.20.1

v0.20.0

What's Changed

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#747

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#766

build(deps): bump golang.org/x/sync from 0.17.0 to 0.19.0 by @dependabot[bot] in prometheus/procfs#773

build(deps): bump golang.org/x/sys from 0.37.0 to 0.39.0 by @dependabot[bot] in prometheus/procfs#772

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#774

Fix /proc/interrupts by @ffyuanda in prometheus/procfs#775

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#778

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#779

Migrate to GitHub actions by @SuperQ in prometheus/procfs#780

build(deps): bump golang.org/x/sys from 0.40.0 to 0.41.0 by @dependabot[bot] in prometheus/procfs#782

Synchronize common files from prometheus/prometheus by @prombot in prometheus/procfs#785

bcachefs support by @ananthb in prometheus/procfs#750

build(deps): bump actions/checkout from 6.0.1 to 6.0.2 by @dependabot[bot] in prometheus/procfs#781

feat: parse capabilities in /proc/pid/status by @biscout42 in prometheus/procfs#784

class_cooling_device: ignore EINVAL (etc) when reading files. by @malcolmr in prometheus/procfs#783

Add type and name to the DRM parser class by @Deezzir in prometheus/procfs#672

New Contributors

@ffyuanda made their first contribution in prometheus/procfs#775

@ananthb made their first contribution in prometheus/procfs#750

@biscout42 made their first contribution in prometheus/procfs#784

@malcolmr made their first contribution in prometheus/procfs#783

@Deezzir made their first contribution in prometheus/procfs#672

Full Changelog: prometheus/procfs@v0.19.2...v0.20.0

v0.19.2

What's Changed

chore: Migrate tests to cmp package by @SuperQ in prometheus/procfs#760

Fix: Use base16 to convert pci sriov_vf_device by @jj-asama in prometheus/procfs#762

Full Changelog: prometheus/procfs@v0.19.1...v0.19.2

v0.19.1

What's Changed

... (truncated)

Commits

b380dd4 fix: thermal_zone, handle EINVAL errors from sysfs reads. (#763)
6128805 Update common Prometheus files (#788)
e72bf7a Fix bcachefs parsing (#789)
56add94 nvme: Parse NVMe namespace details (#765)
8fce2bd Add type and name to the DRM parser class (#672)
091f46c class_cooling_device: ignore EINVAL (etc) when reading files. (#783)
5efaf0a feat: parse capabilities in /proc/pid/status (#784)
31bc6b6 build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#781)
51a5dd2 init bcachefs support (#750)
c33362d Update common Prometheus files (#785)
Additional commits viewable in compare view

Updates github.com/secure-systems-lab/go-securesystemslib from 0.9.0 to 0.10.0

Commits

93d7e1c Merge pull request #139 from secure-systems-lab/dependabot/github_actions/gol...
b2fe7df Merge pull request #138 from secure-systems-lab/dependabot/github_actions/act...
7e9f79e chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.2.0
1552d12 chore(deps): bump actions/setup-go from 5.5.0 to 6.1.0

kusari-inspector · 2026-01-26T06:14:45Z

⚠️ Workspace Mapping Required

Hello! We noticed that your GitHub organization is not yet mapped to a Kusari workspace. Kusari Inspector now requires installations to be associated with a Kusari workspace.

⚠️ NOTE: Only the admin who installed the Kusari GitHub App can complete these steps. If the admin is unable to complete these steps, please contact support@kusari.dev

To complete the setup:

Visit https://console.us.kusari.cloud/auth/github and log in via github
If you have only one workspace, it will be automatically selected for you
Once the mapping is complete, return here and create a new comment with: @kusari-inspector re-run

This will trigger the analysis to run again.

For more information, or if you need help, visit https://github.com/kusaridev/community/discussions

06kellyjac · 2026-04-20T11:02:31Z

@dependabot rebase

06kellyjac · 2026-05-05T10:17:38Z

https://github.com/dependabot rebase

Bumps the gomod group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/in-toto/in-toto-golang](https://github.com/in-toto/in-toto-golang) | `0.9.0` | `0.11.0` | | [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.22.0` | `1.23.2` | | [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.0` | `1.28.0` | | [github.com/prometheus/procfs](https://github.com/prometheus/procfs) | `0.17.0` | `0.20.1` | | [go.yaml.in/yaml/v2](https://github.com/yaml/go-yaml) | `2.4.2` | `2.4.4` | | [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) | `1.5.0` | `1.6.0` | Updates `github.com/in-toto/in-toto-golang` from 0.9.0 to 0.11.0 - [Release notes](https://github.com/in-toto/in-toto-golang/releases) - [Changelog](https://github.com/in-toto/in-toto-golang/blob/master/CHANGELOG.md) - [Commits](in-toto/in-toto-golang@v0.9.0...v0.11.0) Updates `github.com/prometheus/client_golang` from 1.22.0 to 1.23.2 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.22.0...v1.23.2) Updates `github.com/spf13/cobra` from 1.9.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.9.1...v1.10.2) Updates `go.uber.org/zap` from 1.27.0 to 1.28.0 - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.27.0...v1.28.0) Updates `github.com/prometheus/common` from 0.65.0 to 0.66.1 - [Release notes](https://github.com/prometheus/common/releases) - [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md) - [Commits](prometheus/common@v0.65.0...v0.66.1) Updates `github.com/prometheus/procfs` from 0.17.0 to 0.20.1 - [Release notes](https://github.com/prometheus/procfs/releases) - [Commits](prometheus/procfs@v0.17.0...v0.20.1) Updates `github.com/secure-systems-lab/go-securesystemslib` from 0.9.0 to 0.10.0 - [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases) - [Commits](secure-systems-lab/go-securesystemslib@v0.9.0...v0.10.0) Updates `github.com/spf13/pflag` from 1.0.7 to 1.0.10 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.7...v1.0.10) Updates `go.yaml.in/yaml/v2` from 2.4.2 to 2.4.4 - [Commits](yaml/go-yaml@v2.4.2...v2.4.4) Updates `golang.org/x/crypto` from 0.40.0 to 0.46.0 - [Commits](golang/crypto@v0.40.0...v0.46.0) Updates `golang.org/x/sys` from 0.34.0 to 0.41.0 - [Commits](golang/sys@v0.34.0...v0.41.0) Updates `golang.org/x/text` from 0.27.0 to 0.32.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.27.0...v0.32.0) Updates `google.golang.org/protobuf` from 1.36.6 to 1.36.11 Updates `sigs.k8s.io/yaml` from 1.5.0 to 1.6.0 - [Release notes](https://github.com/kubernetes-sigs/yaml/releases) - [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md) - [Commits](kubernetes-sigs/yaml@v1.5.0...v1.6.0) --- updated-dependencies: - dependency-name: github.com/in-toto/in-toto-golang dependency-version: 0.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/prometheus/client_golang dependency-version: 1.23.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/prometheus/common dependency-version: 0.66.1 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/prometheus/procfs dependency-version: 0.19.2 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/secure-systems-lab/go-securesystemslib dependency-version: 0.10.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/spf13/pflag dependency-version: 1.0.10 dependency-type: indirect update-type: version-update:semver-patch dependency-group: gomod - dependency-name: go.uber.org/zap dependency-version: 1.27.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: go.yaml.in/yaml/v2 dependency-version: 2.4.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: gomod - dependency-name: golang.org/x/crypto dependency-version: 0.46.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/sys dependency-version: 0.40.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/text dependency-version: 0.32.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: indirect update-type: version-update:semver-patch dependency-group: gomod - dependency-name: sigs.k8s.io/yaml dependency-version: 1.6.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jan 26, 2026

dependabot Bot force-pushed the dependabot/go_modules/gomod-281d57c534 branch from bf889e8 to cb56cb6 Compare April 20, 2026 06:08

dependabot Bot force-pushed the dependabot/go_modules/gomod-281d57c534 branch from cb56cb6 to 5fc6281 Compare April 20, 2026 11:03

dependabot Bot force-pushed the dependabot/go_modules/gomod-281d57c534 branch from 5fc6281 to bd74804 Compare May 4, 2026 06:25

dependabot Bot force-pushed the dependabot/go_modules/gomod-281d57c534 branch from bd74804 to aa5a7e9 Compare May 5, 2026 10:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the gomod group across 1 directory with 14 updates#717

chore(deps): bump the gomod group across 1 directory with 14 updates#717
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/gomod-281d57c534

dependabot Bot commented on behalf of github Jan 26, 2026 •

edited

Loading

Uh oh!

kusari-inspector Bot commented Jan 26, 2026

Uh oh!

06kellyjac commented Apr 20, 2026

Uh oh!

06kellyjac commented May 5, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v0.11.0

What's Changed

v0.10.0

What's Changed

v1.23.2 - 2025-09-05

v1.23.1 - 2025-09-04

v1.23.0 - 2025-07-30

1.23.2 / 2025-09-05

1.23.1 / 2025-09-04

1.23.0 / 2025-07-30

v1.10.2

🔧 Dependencies

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

v1.10.1

🐛 Fix

v1.10.0

What's Changed

🚨 Attention!

v1.28.0

v1.27.1

1.28.0 (27 Apr 2026)

1.27.1 (19 Nov 2025)

v0.66.1

What's Changed

v0.66.0

⚠️ Breaking Changes ⚠️

What's Changed

New Contributors

v0.66.1 / 2025-09-05

What's Changed

v0.66.0 / 2025-09-02

⚠️ Breaking Changes ⚠️

What's Changed

New Contributors

v0.20.1

What's Changed

New Contributors

v0.20.0

What's Changed

New Contributors

v0.19.2

What's Changed

v0.19.1

What's Changed

Uh oh!

kusari-inspector Bot commented Jan 26, 2026

⚠️ Workspace Mapping Required

Uh oh!

06kellyjac commented Apr 20, 2026

Uh oh!

06kellyjac commented May 5, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jan 26, 2026 •

edited

Loading