upgrade to latest dependencies

bumping github.com/prometheus/common 0c7b585...280b0e7:
  > 280b0e7 http_config: Allow customizing TLS config and settings. (# 748)
  > aea8919 Update common Prometheus files (# 747)
  > 8d916fa Bump golang.org/x/net from 0.32.0 to 0.33.0 (# 743)
  > fe88605 Bump google.golang.org/protobuf from 1.35.2 to 1.36.1 (# 744)
  > 5d9961d Update common Prometheus files (# 742)
  > 0a89b98 Merge pull request # 740 from dashpole/update_om_links
  > d88ee1f Remove deprecated sigv4 module (# 737)
  > e3926e2 update links to openmetrics to reference the v1.0.0 release
  > c3fdb17 Remove deprecated promlog package (# 738)
  > cf5f48f Change default validation scheme to UTF8Validation (# 724)
  > 7b484e9 Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 (# 732)
  > 05e3c40 Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (# 731)
  > a0ef737 Bump golang.org/x/net from 0.30.0 to 0.32.0 (# 736)
  > f99f029 Update common Prometheus files (# 726)
  > b88f24c promslog: always lowercase log level from CLI (# 728)
  > 2c3c048 Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (# 730)
  > ec7291f Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /assets (# 729)
  > 145b50a fix(promslog): always use UTC for time (# 735)
  > 39a62f7 fix: values escaping bugs (# 727)
  > 7ed4523 Allow custom user-agent definition (# 725)
  > e25286d Update common Prometheus files (# 722)
  > b83ece4 Mark promlog deprecated (# 720)
  > 8675cd9 Update common Prometheus files (# 721)
  > c971f56 setup dependabot for `github.com/prometheus/common/assets` (# 719)
  > 34874f2 Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (# 711)
  > ab95209 chore: use testify instead of testing.Fatal (# 718)
  > 937c5b5 chore: enable perfsprint linter (# 717)
  > 28e4459 Bump golang.org/x/net from 0.29.0 to 0.30.0 (# 712)
  > b424bae Update common Prometheus files (# 714)
  > ee5cc87 Provide a way to get UserAgent (# 716)
  > 6ad2990 Mark sigv4 deprecated (# 715)
  > 653e0fa Update common Prometheus files (# 701)
  > 0d2e2e5 Reload certificates even when no CA is used (# 707)
  > a9d2e3f Merge pull request # 705 from roidelapluie/sourcefile
  > dae848d Update supported Go versions (# 700)
  > fdc50c7 promslog: Only log basename, not full path
  > 63ff77e Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (# 698)
  > b7aa68c Bump golang.org/x/net from 0.28.0 to 0.29.0 (# 699)
  > 4e3a6fd feat: add `promslog.NewNopLogger()` convenience func (# 697)
  > d66e745 promslog: use UTC timestamps for go-kit log style (# 696)
  > 14bac55 Merge pull request # 695 from prometheus/repo_sync
  > 40d6251 Merge pull request # 694 from jkroepke/slog/writer
  > 8bc4cd5 Update common Prometheus files
  > fa21dfd Update common Prometheus files (# 692)
  > 5f9af24 slog: expose io.Writer
  > be8a747 fix(utf8): Fix multiple metric name inside braces validation (# 691)
  > bf4843e Merge pull request # 690 from ywwg/owilliams/default-escaping
  > 4f8e8f4 expfmt: Add WithEscapingScheme to help construct Formats (# 688)
  > 01da226 Change the default escape method to UnderscoreEscaping
  > b1880d0 Merge pull request # 687 from roidelapluie/checkheader
  > 06c2425 Bump golang.org/x/net from 0.27.0 to 0.28.0 (# 685)
  > 334963d Change the logic for SetDirectory
  > 4606c0a Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (# 684)
  > d64a747 Remove secret file existence check in Validate for headers
  > d98411b Merge pull request # 683 from tjhop/docs/promslog-README
  > 9bbc9cb Merge pull request # 677 from tjhop/feat/add-promslog-pkg
  > 76549db docs: mention new promslog package in package list in README
  > 6623230 Provide a method for explicitly checking label names for legacy validity. (# 682)
  > 6ea2584 feat: new promslog and promslog/flag packages to wrap log/slog
  > 19d0796 Merge pull request # 681 from prometheus/repo_sync
  > 8968b6c expfmt: Add UTF-8 syntax support in text_parse.go (# 670)
  > 29a2d2c Update common Prometheus files
  > cd4bcc0 Update golangci lint (# 679)
  > 2cac84e Update client_golang (# 676)
  > 79c0459 Merge pull request # 675 from dswarbrick/fix-32bit-overflows
  > 1dade5b sigv4: support nil body (# 673)
  > 008d7b8 Fix overflows of untyped int constants on 32-bit
  > 430dbfe Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.5 in /sigv4 (# 671)
  > d235298 Update common Prometheus files (# 674)
  > 3f9e4f8 Merge pull request # 672 from prometheus/repo_sync
  > a3eaa75 Merge pull request # 668 from ywwg/owilliams/param
  > 6eac2f4 Update common Prometheus files
  > 0b924af Bump golang.org/x/net from 0.26.0 to 0.27.0 (# 667)
  > a9acdc7 use basic string in IsValidLegacyMetricName
  > 4cf22c5 Merge pull request # 665 from prometheus/superq/revert_unexport
  > 1d53a04 Update common Prometheus files (# 664)
  > c3e8247 Deprecate format strings
  > 8e3075b Bump github.com/aws/aws-sdk-go from 1.54.7 to 1.54.11 in /sigv4 (# 661)
  > 279f076 Revert "Unexport Format strings"
  > 3e6afe2 remove dependency to github.com/prometheus/client_golang in sigv4
  > 8742f09 Merge pull request # 647 from multani/fix-oauth2-secret-file-refresh
  > 249682f Don't always fetch a OAuth2 token, if the secret from a file didn't change
bumping golang.org/x/time 5d9ef58...2c6c5a2:
  > 2c6c5a2 rate: prevent overflows when calculating durationFromTokens
  > 1ce61fe rate: make function comment match function name
  > 3846194 README: don't recommend go get
  > 772484e x/time/rate: correctly handle 0 limits
bumping github.com/mailru/easyjson c120ca7...5e854fb:
  > 5e854fb Merge pull request # 388 from testwill/string
  > 78171e8 Merge pull request # 396 from SolidShake/fix-null-map-key
  > 37cdbe9 chore: use ret.String() instead of string(ret.Bytes())
  > 907f46a up go version to 1.20
  > 3229627 Fix null key in map
  > a209843 Fix bytesToStr (# 358)
  > 0e683d5 only default tests
  > 141f9c7 Merge pull request # 393 from iamtakingiteasy/master
  > 11c9d7f fix Readme
  > 8ef38d7 upd test version
  > 3bd36b7 Make current token kind public and accessible via Lexer.CurrentToken
  > 605adae Merge pull request # 352 from bulletmys/upd_ci
  > c2f6bad Merge pull request # 405 from IakovLeven/patch-1
  > eecedd1 add simple example to README and upd install cmd
  > 42b87bf upd readme and delete .travis.yml
  > d48874a Merge pull request # 381 from niallnsec/master
  > 46715aa Fix Unmarshaler interface description
  > e57b4c6 Merge pull request # 338 from MQasimSarfraz/patch-1
  > 738f356 fix run-on-arch-action actions
  > 34d2f3a Only add tags to run command if set
  > 7653026 Merge pull request # 342 from denis96z/master
  > 0c17714 Fix type in README.md
  > 309f1b6 add non amd64 actions
  > 573107b Copy byte array when unmarshalling RawMessage
  > e33cca9 fix too many arguments in call to MarshalJSON
  > 5fd7585 upd github actions
  > 3c100a7 upd github actions
  > 7c1e3c1 upd github actions
  > 4f5f962 add github actions
  > 52ae641 fix allocs expectations in tests
bumping k8s.io/client-go 4b5b7fa...86ff7a1:
  > 86ff7a1 Update dependencies to v0.32.2 tag
  > 4765ade Merge remote-tracking branch 'origin/master' into release-1.32
  > 692a511 Drop use of winreadlinkvolume godebug option
  > 9df5099 Merge remote-tracking branch 'origin/master' into release-1.32
  > 120beb2 Revert to go1.22 windows filesystem stdlib behavior
  > 55d23e2 Align fake client-go clients with the main interface
  > 646e79b Run codegen
  > c475fe0 Generify fake clientsets
  > 955401c Merge pull request # 128407 from ndixita/pod-level-resources
  > eddb107 Merge pull request # 127857 from Jefftree/cle-v1alpha2
  > 77d9809 Generated files and compatability data from API changes
  > ef8b7aa generated
  > bf1a6ee v1alpha2 LeaseCandidate API
  > ec12655 Merge pull request # 128240 from LionelJouin/KEP-4817
  > fcfb2ba Merge pull request # 127513 from tkashem/delete-undecryptable
  > fba42f0 [KEP-4817] make update
  > fe3db7f Merge pull request # 128681 from soltysh/client-go_port_forward_reset
  > e132ac2 handle watch for unsafe delete
  > bfbe175 [KEP-4817] make update
  > 2d3b1e2 Merge pull request # 128356 from lauralorenz/crashloopbackoff-maintain10minuterecoverythreshold
  > bf41455 Clean error handling in port-forward
  > 95fc3d7 api: run codegen
  > c57e0a8 Merge pull request # 128641 from benluddy/e2e-cbor-client-compat
  > ab2cdce Maintain 10 minute recovery threshold for container backoff
  > d6404c8 fix: draining remote stream after port-forward connection broken
  > 4953761 Fix content type fallback when a client defaults to CBOR.
  > c57dbd8 Merge pull request # 128503 from benluddy/cbor-codecs-featuregate
  > 334e307 Wire serving codecs to CBOR feature gate.
  > 2d5ed6f Merge pull request # 128501 from benluddy/watch-cbor-seq
  > 10c2fdb Use application/cbor-seq media type in streaming CBOR responses.
  > ae04abd Merge pull request # 127511 from pohly/dra-1.32-api
  > 4e05c62 DRA API: rename DeviceCapacity.Quantity to DeviceCapacity.Value
  > f65974c DRA API: use DeviceCapacity struct instead of plain Quantity
  > 98e4506 DRA API: generated files
  > e6df85f Merge pull request # 128266 from AnishShah/resize-subresource
  > db23975 client-go: rename Resize to UpdateResize
  > 951bba3 update codegen
  > fc589c2 api: generate client code for resize subresource
  > 9d76eb1 Merge pull request # 128539 from benluddy/cbor-feature-gates
  > c1010ff Merge pull request # 128580 from jpbetz/bump-kube-openapi
  > 8cb2167 Add CBOR feature gates.
  > 6d45801 Merge pull request # 127134 from jpbetz/mutating-admission
  > 48c6947 hack/pin-dependency.sh k8s.io/kube-openapi 32ad38e42d3faf1ce94eb29f4ea6d763339b258e
  > 3fc0d17 Merge pull request # 128396 from ritazh/deprecate-EnforceMountableSecretsAnnotation
  > b5002f1 Update OpenAPI and fix openAPI tests to handle unexported jsonreferences
  > f6b6807 Merge pull request # 128552 from aojea/package_kubernete_test
  > f77b399 deprecate EnforceMountableSecretsAnnotation in 1.32
  > 5295d25 generate code
  > 1f96e45 fix package name
  > 3a26884 Merge pull request # 128547 from aojea/rest_watch
  > be38ea1 Merge pull request # 127981 from jsafrane/selinux-changepolicy
  > d69191c rest client watch: use same name for package as folder
  > 2ff8874 Merge pull request # 128507 from dims/use-k8s.io/utils/lru-instead-of-github.com/golang/groupcache/lru
  > f0b2234 Regenerated API
  > 6c84382 Use k8s.io/utils/lru instead of github.com/golang/groupcache/lru
  > 6755414 Merge pull request # 128497 from benluddy/cbor-request-contenttype-circuit-breaker
  > b3f6ede Merge pull request # 127743 from googs1025/cleanup/leaderelection
  > 15af21a Fall back to JSON request encoding after CBOR 415.
  > d680385 Merge pull request # 128481 from carlory/dependencies-ginkgo-gomega
  > 1b8aded chore(leader-election): modify leader-election comment to OnStoppedLeading callback is always called when the LeaderElector exits, even if it did not start leading.
  > d99919f dependencies: ginkgo v2.21.0, gomega v1.35.1
  > c5d71b2 Merge pull request # 128416 from jpbetz/reset-filter
  > 10f4596 hack/pin-dependency.sh sigs.k8s.io/structured-merge-diff/v4 v4.4.2
  > 6ba2fc7 Merge pull request # 128273 from benluddy/cbor-apply
  > d7104c6 Merge pull request # 127266 from pohly/dra-admin-access-in-status
  > b0bd1f5 Regenerate clients to support application/apply-patch+cbor.
  > d86bbae DRA: treat AdminAccess as a new feature gated field
  > cff5621 Support application/apply-patch+cbor in patch requests.
  > d321931 DRA API: AdminAccess in DeviceRequestAllocationResult
  > a887e57 Merge pull request # 128323 from benluddy/cbor-client-gen
  > 886262a Update vendor (client now calls ParseAccept from goautoneg).
  > c957b59 Wire client feature gates affecting RESTClient content config.
  > 9d19c65 Update generated clients.
  > d8fc5bb Make generated client codecs support CBOR based on feature gate.
  > 3dc7fd5 Merge pull request # 128243 from benluddy/cbor-dynamic-integration
  > abe0e99 Merge pull request # 125314 from enj/enj/i/proto_for_core
  > 1cca19d Add test-only client feature gates for CBOR.
  > 86e81b0 Generated
  > 6f44458 Use protobuf for core clients
  > 1647efd client-go/rest: move content type wiring from client to request
  > c5146a9 Merge pull request # 126697 from fedebongio/patch-1
  > f05f3ca Merge pull request # 125516 from ComingCL/master
  > 65ed08a Update OWNERS
  > 23900f4 Merge pull request # 128165 from liggitt/prune-self-require
  > de60f3c fix typo errors in client-go rest package
  > 29ce700 Update staging/src/k8s.io/client-go/tools/leaderelection/OWNERS
  > 6a276b2 Merge pull request # 128003 from pohly/dra-classic-dra-removal
  > 607869c Drop self-referencing replace directives
  > 3c2f081 Update OWNERS
  > d366fa7 DRA: remove "classic DRA"
  > 2359365 Merge pull request # 128064 from dims/update-to-last-versions-of-some-very-infrequently-updated-repos
  > 43e9ea4 Merge pull request # 124059 from benluddy/dynamic-client-negotiation
  > e4db112 Update to last versions of some very infrequently updated repos
  > ee51eaf Use content negotiation in the dynamic client.
  > c38ce11 Merge pull request # 127812 from p0lyn0mial/upstream-decode-list-blueprint
  > 9cff3e4 Merge pull request # 128035 from alexanderstephan/export-reflector
  > d274c7b client-go/rest/request: decodes initialEventsListBlueprint for watchlist requests
  > ce42c29 Make getter names for reflector fields idiomatic
  > 64f5574 Merge pull request # 127998 from skitt/golang-x-oct-2024
  > 2717ef6 Merge pull request # 127985 from dims/update-moby-runc-dependencies-oct-10
  > 9f84a0d October 2024 golang.org/x bump
  > 6b8f524 Update moby/runc dependencies
  > d13452a Merge pull request # 127485 from seans3/websocket-upgrade-error-info
  > 3cd3050 Upgrade websocket failure add extra error info
  > cd6681f Merge pull request # 127942 from liggitt/json123
  > bbcb9ac Update sigs.k8s.io/json to go1.23
  > cae7305 Merge pull request # 127944 from antoninbas/use-generics-for-delaying-queue-waitFor
  > ba20fca Merge pull request # 127663 from alexanderstephan/export-reflector
  > 3c28f81 Use generics for waitFor (delaying workqueue) in client-go
  > 0dfea60 Merge pull request # 127710 from alvaroaleman/document
  > 146d03f Export name and typeDescription members of reflector struct
  > 5fceb99 Merge pull request # 127635 from antoninbas/use-generics-for-queue-metrics
  > 7416b2e RestCfg: Add godocs on how to disable ratelimiting
  > 5b31113 Use generics for workqueue metrics
  > ca4a13f Merge pull request # 127827 from skitt/client-go-obsolete-plugins
  > 105983d client-go: remove obsolete auth plugins from examples
  > 3ecd72c Merge pull request # 127099 from jpbetz/object-selectors-ga
  > 415a0d6 Merge pull request # 127765 from alvaroaleman/fix
  > 1d3f0e5 Add dynamic informers tests for field and label selectors
  > 71640ef Fix accidental breaking change in TypedNewDelayingQueue
  > 4609339 Merge pull request # 127689 from mmorel-35/testifylint/[email protected]/client-go
  > ea4f3d0 Merge pull request # 127682 from mmorel-35/testifylint/[email protected]/client-go
  > 9d7f486 fix: enable expected-actual rule from testifylint in module `k8s.io/client-go`
  > 2d7a47c Merge pull request # 126764 from liggitt/mergo
  > 84137c2 fix: enable error-nil and nil-compare rules from testifylint in module `k8s.io/client-go`
  > e2b5fa7 Merge pull request # 127535 from mmorel-35/testifylint/[email protected]/client-go
  > 1b9b709 Update vendor
  > 374753a Merge pull request # 127539 from mmorel-35/testifylint/[email protected]/client-go
  > c2ecdf4 fix: enable contains rule from testifylint in module `k8s.io/client-go`
  > a398951 Implement limited merge function
  > dfbc1c7 Merge pull request # 125917 from skitt/drop-auth-path-kubernetes-auth
  > baf58c3 fix: enable error-is-as rule from testifylint in module `k8s.io/client-go`
  > 56b7eaf Narrow merge interface to merging the same types
  > d79bc28 Merge pull request # 127466 from guozheng-shen/fix-return
  > e996fa7 Drop references to auth-path and kubernetes_auth
  > b3dca7e Isolate mergo use, add test coverage and error checking
  > 5395fd1 adds watchListEndpointRestrictions for watchlist requests (# 126996)
  > 4d28b83 endpointsLeasesResourceLock and configMapsLeasesResourceLock are removed too
  > def003b Merge pull request # 127573 from benluddy/dynamic-golden-response-test
  > 08c6c31 Add test for unintended changes to dynamic client response handling.
  > fcb1b60 Merge pull request # 127527 from mmorel-35/testifylint/[email protected]/client-go
  > 290f054 fix: enable compares rule from testifylint in module
  > 8887e59 Merge pull request # 126760 from ncdc/ncdc/emeritus
  > 40a93af Merge pull request # 127422 from srivastav-abhishek/go-vet-fix
  > da3ab4e Move ncdc to emeritus
  > 4f57ad3 Merge pull request # 127388 from p0lyn0mial/upstream-watchlist-meta-client
  > 7141d01 Fix Go vet errors for master golang
  > b42d55b client-go/metadata: use watchlist
  > 892e9b8 client-go/metadata: add watchlist method
  > 68a23b8 client-go/metadata: refactor List method
  > fb6ca04 Merge pull request # 125186 from liyuerich/newserializer
  > 53c7e93 Merge pull request # 126999 from pohly/log-client-go-rest-body
  > 68d318f drop deprecated json/yaml newSerializers, use json.NewSerializerWithOptions instead
  > c5e16f8 Merge pull request # 127271 from liggitt/go1.23
  > 3d02d42 client-go/rest: contextual logging of request/response
  > 1431fe0 Pin godebug default to go1.23
  > 9daa93c Update go.mod to go 1.23
  > 8d0bbdf Merge pull request # 126809 from ryantxu/fix-client-get-list
  > 51f5488 Merge pull request # 115834 from stlaz/remote-uid
  > fae3dcd avoid panic when subresource is a list
  > 9dd4d6e client-go: add the UID to the auth-proxy roundtripper
  > 4fca708 Merge pull request # 127011 from jpbetz/format-only-imports
  > 2b73540 generate
  > bc8a8ba Merge pull request # 127035 from alvaroaleman/rename-TypedNewDelayingQueue
  > c311da2 Rename TypedNewDelayingQueue to NewTypedDelayingQueue
  > 388eba6 Merge pull request # 127023 from aimuz/fix-lead
  > 6c241d5 Merge pull request # 127001 from skitt/applyconfiguration-gen-ambiguous
  > 4379fad leaderelection: replace deprecated wait.PollImmediateUntil with wait.PollUntilContextTimeout
  > d50e2a9 Merge pull request # 126265 from tnqn/fix-watch-error
  > d7a6826 Run codegen
  > 9db830e Merge pull request # 126727 from jpbetz/fix-fake-apply-name
  > 009514e Enrich the error returned from Request.Watch method
  > c795125 Merge pull request # 126954 from deads2k/retry-http2
  > 86c9611 Use Fatalf for non-recoverable errors in test
  > 0b9a7d2 Merge pull request # 124747 from l-technicore/update_event_spam_key
  > d69e298 automatically retry GET requests when http2 connection lost
  > 908d899 Stamp fake client apply reuqests with name from action
  > dec9eaa Merge pull request # 126787 from Jefftree/update-kube-openapi
  > aa6ed1b Updating event spam key to allow recording of more unique events
  > 4696521 Merge pull request # 126716 from stlaz/tlscachekey_comparable
  > aa547ee re-vendor k8s.io/kube-openapi
  > 79827ce Merge pull request # 126038 from mprahl/retry-watcher-forbidden
  > d63a65f ensure tlsCacheKey is strictly comparable to avoid runtime panics
  > 78c1586 Merge pull request # 126655 from tklauser/log-spelling-fix
  > 2176e80 Stop the RetryWatcher when failing due to permissions issue
  > 690fd52 Merge pull request # 126545 from yangjunmyfm192085/updatepersistentVolumeClaimRetentionPolicy
  > ae43527 client-go: fix typo in leaderelection error log message
  > 1a951c2 Updated incorrect description of persistentVolumeClaimRetentionPolicy
  > 71959c5 Merge pull request # 126405 from sttts/sttts-sync-informerfactory-start
  > b6f7bdf informers: add comment that Start does not block
bumping knative.dev/eventing 9cec50f...9a7c6d5:
  > 9a7c6d5 [main] Upgrade to latest dependencies (# 8468)
  > cee6e8c EventTransform: Support transforming response from Sink (# 8469)
  > 75195a5 EventTransform: Reconcile address and service (# 8458)
  > d9498eb Scheduler: log expected vreplicas by vpod (# 8449)
  > 36d681e chore: Adding missing sinks and sources to schema file (# 8460)
  > 779992f Add EventTransform Jsonata reconciler and CRD (# 8456)
  > 8f990b9 [main] Upgrade to latest dependencies (# 8455)
  > a228d2b Scheduler: Resync reserved periodically to keep state consistent (# 8451)
  > 2c1c7b8 Add EventTransform API types (# 8447)
  > 162575c Not just render oidc env-vars when cfg is on, we need also a present audience to ensure the camel containers work correct (# 8448)
  > 4a6e7d2 [main] Upgrade to latest dependencies (# 8444)
  > 5fb693f [main] Upgrade to latest dependencies (# 8431)
  > 73357a6 Add `sinks.knative.dev` to namespaced ClusterRole (# 8432)
  > d243b91 JobSink with Istio config for Job spec (# 8430)
  > c636346 [main] Update community files (# 8429)
  > cdc6144 Rename `apiextentions` to `apiextensions` (# 8428)
  > 1b3287e [main] Update community files (# 8424)
  > 28c489e Reduce mt-broker-controller memory usage with namespaced endpoint informer (# 8418)
bumping knative.dev/eventing-kafka-broker 9794044...469081e:
  > 469081e Allow configuring dispatchers min replicas (# 4281)
  > e64756d Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 (# 4291)
  > 820efae Fix golangci exclude config (# 4286)
  > e41da83 Run `./hack/update-codegen.sh` on dependabot PRs (# 4290)
  > 490b894 [data-plane]: Bump io.quarkus:quarkus-bom in /data-plane (# 4289)
  > eeff5a4 [data-plane]: Bump io.quarkus:quarkus-bom in /data-plane (# 4279)
  > d7042ae Format go code (# 4268)
  > 902f7c0 Bump logging bundle in one batch, to latest (# 4278)
  > 06de84b 💫 Bump latest Quarkus and relevant dependencies (# 4270)
  > 7edc377 client: Allow configurable sarama conf.Version (# 4266)
  > 46550f1 Update community files (# 4267)
  > aed6672 Align w/ commons codec from Quarkus BOM (# 4261)
  > 9c127e9 upgrade to latest dependencies (# 4255)
  > 1d45de8 [data-plane]: Bump org.assertj:assertj-core in /data-plane (# 4248)
  > f549947 Update eventing nightly (# 4260)
  > cf6648d 💫 Bump latest Quarkus and relevant dependencies (# 4259)
  > 1c199a3 Update eventing nightly (# 4204)
  > 0deddb3 [data-plane]: Bump org.apache.maven.plugins:maven-shade-plugin (# 4249)
  > fc7bc5f 💫 Bump to Strimzi 0.45.0 operator and Kafka operand to 3.9 (# 4252)
  > a975d75 Broker conformance tests using reconciler-test (# 4200)
  > 8b1a6dd Bump to Quarkus 3.18.2 release (# 4251)
  > 8bea89d Bump maven to latest version 3.9.9 (# 4096)
  > 1e8bfde 💫 Bump to Strimzi 0.44.0 operator (# 4246)
  > e536ec0 [data-plane]: Bump org.apache.maven.plugins:maven-surefire-plugin (# 4250)
  > 6d8d812 [data-plane]: Bump org.apache.maven.plugins:maven-dependency-plugin (# 4223)
  > 3232420 Align w/ Quarkus 3.15 and friends (# 4245)
  > 8bf8b30 Upgrade Kafka clients to 3.9.0 (# 4203)
  > dc6ed9a upgrade to latest dependencies (# 4238)
  > 93b8dde Quarkys 3.13 (# 4243)
  > 1dfb429 Update community files (# 4239)
  > 574618f Update community files (# 4237)
  > 331f951 Bump CE Java SDK to 4.0.1 (# 4235)
  > 6effb48 Remove broken symlinks (# 4231)
  > ae8a755 Add KafkaChannel v1 API  (# 4222)
  > 3f9f40c Fix test image upload (# 4228)
bumping golang.org/x/text d42948e...566b44f:
  > 566b44f go.mod: update golang.org/x dependencies
  > d5156da collate/build: do not use println in tests
  > 221d88c x/text: fix scientific notation by removing extraneous spaces
  > b18c107 internal/export/unicode: change C comment to mention unassigned code points
  > 835f8ac language: use a more straightforward return value
  > ae68efb internal/export/unicode: add CategoryAliases, Cn, and LC
  > 518d9c0 all: upgrade go directive to at least 1.23.0 [generated]
  > 3b64043 go.mod: update golang.org/x dependencies
  > 1e59086 message/pipeline: add two Unalias calls
bumping github.com/google/go-containerregistry 1e09daa...c4dd792:
  > c4dd792 bump deps using hack/bump-deps.sh (# 2042)
  > 6bce25e Detect zstd in crane append (# 2023)
  > 06dcd85 mutate: Create a defensive annotations copy (# 2030)
  > a9a53a8 check for 406 status code when handling referrers endpoint response (# 2026)
  > 4630c40 don't pin chainguard-dev/actions  (# 2025)
  > 808e354 bump actions to latest (# 2011)
  > a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (# 1947)
  > 00f182b Expose compare package (# 2001)
  > b8e87ed remote/transport: Make bearer transport go-routine-safe (# 1806)
  > c195f15 deps: bump docker dep (# 1991)
  > c3d1dcc Create `remote.Push` (# 1978)
  > d36047a Restore blind-write to remote.Put (# 1970)
  > 9915a85 Referrer API must return correct Content-Type (# 1968)
  > 1b4e407 Add -O shorthand for --omit-digest-tags to crane. (# 1958)
  > 3764db2 Fix windows race condition when writing image with duplicate layers (# 1921)
  > 39d1148 Add Context support to auth methods (# 1949)
  > ff385a9 feat: mutate platform (# 1919)
  > 98dd3e9 Support podman auth file REGISTRY_AUTH_FILE. (# 1914)
  > 051d642 registry: Implement Range requests for blobs (# 1917)
  > 0309184 Add JSON marshalling funcs for Digest. (# 1915)
  > 8b3c303 Bump golang.org/x/ packages (# 1892)
  > afec664 Bump golang.org/x/net from 0.10.0 to 0.17.0 in /pkg/authn/k8schain (# 1815)
  > 8dadbe7 Work around docker v25 tarballs (# 1872)
  > a0658aa Always print pushed digest in crane push (# 1860)
  > 55ffb00 fix: goreleaser config (# 1764)
  > 4fdaa32 feat: allow port and disk path to be overriden (# 1848)
  > ceb0580 feat: implement gc command (# 1811)
  > 5a53a12 tag: add command explanation to the long help (# 1843)
  > c722ce9 fix: mimic oci-layout (# 1810)
  > b2485cb Build releases with Go 1.21 (# 1840)
  > dbcd01c Don't wrap DefaultKeychain with refreshes (# 1791)
  > a748190 Set Content-Length for blob uploads (# 1781)
  > 190ad0e Validate index architectures match children (# 1776)
  > a54d642 fix: pin to goreleaser v1.18 to unblock release (# 1763)
  > ea19b57 Return OCI Index content-type for referrers response (# 1762)
  > b850480 Drop localhost to support crane registry serve in a container (# 1746)
  > fe268b7 Don't try cross-origin mounting against dockerhub (# 1743)
  > 2472cbb Let the filesystem handle atomicity (# 1735)
  > db818dc Use RWLock, limit scope of locking, write digest first (# 1734)
  > 44a6e2e Allow concurrent blob Sets, use RWMutex (# 1733)
  > 9010ce1 Correct crane registry help text (# 1732)
  > 03ad2ac add --blobs-to-disk to 'crane registry serve' (# 1731)
  > 4e4b03a Don't load into daemon if the image already exists (# 1724)
  > 6de8d1d Change ErrSchema1 error to dynamic strings. (# 1721)
  > 0a9bb12 crane: Respect cmd.OutOrStdout (# 1728)
  > 145eebe Add missing name option in crane index commands (# 1723)
  > 037ab31 Surface better error messages in crane index (# 1722)
  > 03b8657 fix: add bounds checking to addendum layer mutations to prevent panic (# 1715)
  > c3f8a49 Pass scopes through crane auth token (# 1713)
  > 53fbcf9 Bump codecov/codecov-action from 3.1.3 to 3.1.4 (# 1710)
  > 1d535e2 Add crane auth token (# 1709)
  > 5fe7f2e Limit size of manifest (# 1711)
  > e61c519 retry HTTP 522 errors by default (# 1707)
  > 2015ceb fixed a goroutine leak (# 1705)
  > 0ec36ad Allow crane to export schema 1 images (# 1704)
  > b7ad3f1 bump deps using ./hack/bump-deps.sh (# 1702)
  > dbecb1d Do not reuse pushers for pullers (# 1701)
  > a927d7c Make 403 non-fatal for manifest existence checks (# 1691)
  > 0b12f56 Add ppc64le to all binaries (# 1688)
  > 69d1a19 Add `mutate` `--ports` option to set the exposed ports (# 1677)
  > 691004b bump deps using ./hack/bump-deps.sh (# 1685)
  > 370e8a5 Fix a few lint issues (# 1684)
  > 3120ba5 Keep order of env in crane mutate (# 1683)
  > afd15f1 Add --all-tags flag to crane cp (# 1682)
  > 5438948 add registry.Repo("foo") (# 1671)
  > 43710a9 Retry without mount if auth fails (# 1681)
  > 3228a60 Add ppc64le to .goreleaser.yml (# 1680)
  > d64f9e0 remove time from random.Image history (# 1678)
  > 3706061 allow pkg/v1/random to accept a RNG source (# 1675)
  > b7c6e9d Fall back to puller if reusing pusher fails (# 1676)
  > 005bb71 Add remote.Reuse for Pusher/Puller (# 1672)
  > 58bd35b Bump codecov/codecov-action from 3.1.2 to 3.1.3 (# 1668)
  > ad695c0 Replace deprecated command with environment file (# 1667)
  > 07c767c Add remote.Puller (# 1644)
  > 9f68710 feat(daemon): generate config file from Docker Engine API (# 1130)
  > d1c4e9f verify provenance (# 1611)
  > df518f9 add crane auth logout (# 1589)
  > 52d59d1 feat(remote): make retryStatusCodes configurable (# 1635)
  > df72a9a crane push: print pushed ref@digest to stdout (# 1663)
  > 27a6ad6 Revert "authn: Add NewConfigKeychain to load a config from explicit path (# 1603)" (# 1664)
  > 217318c deprecate estargz (# 1660)
  > 1cb7e13 authn: Add NewConfigKeychain to load a config from explicit path (# 1603)
  > 348cd86 bump deps using ./hack/bump-deps.sh (# 1659)
  > e055961 Bump peter-evans/create-pull-request from 4 to 5 (# 1642)
  > 6f96bba gcrane: Use page size of 10,000 for googley things (# 1645)
  > 375fb61 Bump slsa-framework/slsa-verifier from 2.1.0 to 2.2.0 (# 1649)
  > 07eb440 Bump codecov/codecov-action from 3.1.1 to 3.1.2 (# 1650)
  > 9aa45a1 Change return type of remote.Referrers (# 1652)
  > bc990d6 Fix fetching referrers error handling (# 1648)
  > ed5c185 Retry net.ErrClosed (# 1637)
  > 2435320 Revert "Cleanup: Switch the debug image to `cgr.dev/chainguard/busybox` (# 1638)" (# 1641)
  > 2ccd41c Cleanup: Switch the debug image to `cgr.dev/chainguard/busybox` (# 1638)
  > 6743ec9 Implement remote.Pusher (# 1633)
  > 0962e29 Allow remote config layers to be lazy fetched (# 1634)
  > 4a79e94 Fix race in stream (# 1632)
  > 65e78dc Add partial.Manifests for lazy index access (# 1631)
  > 0577676 crane: ignore buildx attestations in flatten (# 1630)
  > 93be9c4 Don't export whiteouts for single layers (# 1629)
  > d958444 Add remote.Descriptor.Schema1() (# 1626)
  > aee00b1 Fix race in mutate (# 1627)
  > 6ac92e8 Refactor fetcher, writer, and progress (# 1625)
  > 249d7e1 Refresh authn.DefaultKeychain creds every 5 min (# 1624)
  > b8d1c0a Bump slsa-framework/slsa-verifier from 2.0.1 to 2.1.0 (# 1621)
  > ace7be7 update GCR quotas (# 1619)
  > e2620e5 Actually retry retryable status codes (# 1618)
  > 21ac1b2 Adding `mutate` `--workdir` option to set the working directory (# 1615)
  > 54e3f49 Bump actions/stale from 7 to 8 (# 1616)
  > a34235c Support `Warning` header aggregation and reporting in `crane` (# 1604)
  > 46488f7 retry HTTP 499 errors by default (# 1612)
  > 0f2db49 release: use ko 0.13.0 to build images (# 1607)
  > 53189d3 Bump actions/setup-go from 3 to 4 (# 1602)
  > 01bbd53 Update release.yml (# 1601)
  > 4b081f8 Avoid v1.Manifest in crane edit config (# 1583)
  > 1cfe1fc Bump aws-actions/configure-aws-credentials from 1.7.0 to 2.0.0 (# 1593)
  > e94d408 bump deps using ./hack/bump-deps.sh (# 1592)
  > ff810c1 crane: add serve subcommand (# 1586)
  > 57f010d replace manual slsa-verifier installation with action (# 1585)
  > 6770304 Update descriptor "data" field (when valid) during "crane edit config" (# 1584)
  > 1b8dc2b Bump slsa-framework/slsa-github-generator from 1.2.2 to 1.5.0 (# 1580)
  > 8ea5e0e crane: support --omit-digest-tags in crane ls (# 1528)
  > 4e95ae2 crane: add --flatten for index append (# 1566)
  > 4a0e0af docs: Update crane installation and verification instructions (# 1567)
  > 3624968 tarball: pass imageToTags (# 1563)
  > 9f42e02 Set mediaType for empty.ImageIndex in RawManifest (# 1562)
  > 2ceebaa Implement crane index subcommand (# 1561)
  > 9cd098e skip tls verification if default transport is used with insecure option (# 1559)
  > eb7d746 authn: also read mount secrets (# 1560)
  > 62f183e Bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 (# 1556)
  > b3c23b4 Support for OCI 1.1+ referrers via API (# 1546)
  > de35f0f Allow setting Content-Type in crane edit manifest (# 1551)
  > e04520b fix: Fix the crane release url and add more steps (# 1532)
  > 824efc7 fix(mutate): also set timestamps only present in some formats (# 1550)
  > 061ee6b Support for OCI 1.1+ referrers via fallback tag (# 1543)
  > da1008f Bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (# 1548)
  > 86be45f Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 (# 1547)
  > 9306eba Allow crane edit to generate non-image artifacts (# 1545)
  > 759b19f Support artifactType, for images whose config.mediaType is not a config (# 1541)
  > 11843ba Enforce proper sha256 usage (# 1544)
  > 76bac93 Update release.yml (# 1540)
  > d872232 hash: use generic instantiation (# 1538)
bumping google.golang.org/genproto/googleapis/rpc 796eee8...e9438ea:
  > e9438ea chore(all): auto-regenerate .pb.go files (# 1187)
  > 7023788 chore(all): auto-regenerate .pb.go files (# 1186)
  > 29210b9 chore(all): update all (# 1185)
  > 65684f5 chore(all): auto-regenerate .pb.go files (# 1184)
  > 138b5a5 chore(all): update all (# 1183)
  > 1a7da9e chore(all): update all (# 1182)
  > 5f5ef82 chore(all): update all (# 1181)
  > 6982302 chore: bump to min Go to 1.22 (# 1180)
  > 26aa7a2 chore(all): update all (# 1178)
  > 3abc09e chore(all): update all (# 1177)
  > 6b3ec00 fix: update golang.org/x/net to v0.33.0 (# 1176)
  > bd15449 chore(all): auto-regenerate .pb.go files (# 1175)
  > 9240e9c chore(all): update all (# 1174)
  > e6fa225 chore(all): update all (# 1173)
  > a4fef06 chore(all): auto-regenerate .pb.go files (# 1172)
  > 19429a9 chore(all): update all (# 1171)
  > e639e21 chore(all): update all (# 1170)
  > 65e8d21 Fix: GitHub workflow script injection (# 1169)
  > e0fbfb7 chore(all): update all (# 1168)
  > dd2ea8e chore(all): update all (# 1166)
  > 324edc3 chore(all): update all (# 1165)
bumping github.com/spf13/pflag 2e9d26c...5ca8134:
  > 5ca8134 Merge pull request # 419 from spf13/ci
  > d5e0c06 allow for blank ip addresses (# 316)
  > 100ab0e disable unsupported dependency graph for now
  > 85dd5c8 Add IPNetSlice and unit tests (# 170)
  > a0f4ddd fix govet
  > 6971c29 remove dead code for checking error nil (# 282)
  > f48cbd1 add github actions
  > 81378bb Add exported functions to preserve `pkg/flag` compatibility (# 220)
bumping google.golang.org/genproto/googleapis/api 796eee8...e9438ea:
  > e9438ea chore(all): auto-regenerate .pb.go files (# 1187)
  > 7023788 chore(all): auto-regenerate .pb.go files (# 1186)
  > 29210b9 chore(all): update all (# 1185)
  > 65684f5 chore(all): auto-regenerate .pb.go files (# 1184)
  > 138b5a5 chore(all): update all (# 1183)
  > 1a7da9e chore(all): update all (# 1182)
  > 5f5ef82 chore(all): update all (# 1181)
  > 6982302 chore: bump to min Go to 1.22 (# 1180)
  > 26aa7a2 chore(all): update all (# 1178)
  > 3abc09e chore(all): update all (# 1177)
  > 6b3ec00 fix: update golang.org/x/net to v0.33.0 (# 1176)
  > bd15449 chore(all): auto-regenerate .pb.go files (# 1175)
  > 9240e9c chore(all): update all (# 1174)
  > e6fa225 chore(all): update all (# 1173)
  > a4fef06 chore(all): auto-regenerate .pb.go files (# 1172)
  > 19429a9 chore(all): update all (# 1171)
  > e639e21 chore(all): update all (# 1170)
  > 65e8d21 Fix: GitHub workflow script injection (# 1169)
  > e0fbfb7 chore(all): update all (# 1168)
  > dd2ea8e chore(all): update all (# 1166)
  > 324edc3 chore(all): update all (# 1165)
bumping sigs.k8s.io/structured-merge-diff/v4 cf09e71...7bf59b3:
  > 7bf59b3 Merge pull request # 274 from yongruilin/bool-comparison
  > 40c8ef9 Merge pull request # 275 from yongruilin/extend-extractitems
  > c5a1d56 chore: omit comparison to bool constant
  > 9e64d18 Merge pull request # 272 from Jefftree/drop-vendor
  > a88b919 feat: Adds ExtractItems option to include key fields
  > dc61957 Merge pull request # 270 from jpbetz/json-iter-bump
  > b1dac80 Remove vendor directory
  > e96ad23 chore: Removes unused test schema
  > db46cc3 Merge pull request # 269 from jpbetz/fix-ignore-fields-break
  > bfb8f51 Run go mod vendor
  > ccf7a06 Merge pull request # 265 from jpbetz/reset-filter
  > adaddb2 Add back IgnoredFields
  > b499124 Merge pull request # 266 from jpbetz/add-owners
  > bda634e Apply feedback
  > f034ec0 Merge pull request # 264 from aojea/yaml
  > 39c90b6 Add volunteer reviewers
  > a8ac1f5 Optimize merge, make wildcards always take precedence
  > 15fac42 Merge pull request # 260 from benluddy/json-marshaler-trailing-data
  > 83ecba2 use our own fork of go-yaml
  > f395ded Apply feedback
  > 948bcfc Merge pull request # 261 from kubernetes-sigs/jpbetz-patch-1
  > f07895d Error on conversion to unstructured for invalid json.Marshalers.
  > 1311e4d Add support for more field path pattern types, clarify comments
  > 92c1d38 Merge pull request # 258 from com6056/jrodgers-nil-ptr-check
  > ee5baba Add jpbetz to SMD approvers
  > 1206de6 Clean up comments
  > f0cbe01 fix panic when calling ToUnstructured on nil metav1.Time
  > 083ce27 Add field path pattern matching
  > c68c9ee Accept filter instead of exclude mask for ignored fields
bumping knative.dev/pkg c43477f...b7bbf4b:
  > b7bbf4b Bump google.golang.org/grpc from 1.70.0 to 1.71.0 (# 3157)
  > 097c752 Bump golang.org/x/tools from 0.30.0 to 0.31.0 (# 3155)
  > 0372c08 Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (# 3152)
  > 9e26561 Update community files (# 3151)
  > c925de2 upgrade to latest dependencies (# 3150)
  > ae2c6bc Bump K8s min version to v1.31 (# 3149)
  > c8bea7c Bump golang.org/x/sync from 0.10.0 to 0.11.0 (# 3147)
  > 99d475b Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 (# 3148)
  > 36226ee Update Knative injection-gen to use gengov2 (# 3146)
  > f62a97f Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 (# 3145)
  > 5be4868 Bump github.com/evanphx/json-patch/v5 from 5.9.0 to 5.9.11 (# 3144)
  > efddeac Update community files (# 3143)
  > e5aa25f Bump google.golang.org/grpc from 1.69.4 to 1.70.0 (# 3142)
  > 7fca699 Bump google.golang.org/protobuf from 1.36.3 to 1.36.4 (# 3141)
  > dcf1593 Update community files (# 3140)
  > 3386f37 Bump google.golang.org/protobuf from 1.36.2 to 1.36.3 (# 3139)
  > 1ca59d1 Bump google.golang.org/grpc from 1.69.2 to 1.69.4 (# 3138)
  > a37a847 drop use of code-generator/generate-groups.sh (# 3136)
bumping github.com/google/go-cmp c3ad843...9b12f36:
  > 9b12f36 Detect proto.Message types when failing to export a field (# 370)
  > 4dd3d63 fix: type 'aribica' => 'arabica' (# 368)
  > 391980c Support compare functions with SortSlices and SortMaps (# 367)
bumping golang.org/x/sync 913fb63...b637f27:
  > b637f27 errgroup: drop support for Go versions before 1.20
  > 960bf1f all: upgrade go directive to at least 1.23.0 [generated]
  > fe3591b sync/errgroup: improve documentation for semaphore limit behavior
bumping k8s.io/apiextensions-apiserver 5714b0b...ab6ba90:
  > ab6ba90 Update dependencies to v0.32.1 tag
  > 887679f Merge remote-tracking branch 'origin/master' into release-1.32
  > bd027a4 Drop use of winreadlinkvolume godebug option
  > 919f42b Merge remote-tracking branch 'origin/master' into release-1.32
  > a4e1034 Revert to go1.22 windows filesystem stdlib behavior
  > 89d6021 Run codegen
  > 2a91f8a Merge pull request # 127513 from tkashem/delete-undecryptable
  > 06dc95a api: run codegen
  > 19f7123 Merge pull request # 128639 from jpbetz/fix-cost-test
  > 66631b6 Fix flake in CEL cost stability tests
  > afcbee2 Merge pull request # 128593 from jpbetz/bump-cel-123
  > 85dee2f Merge pull request # 128503 from benluddy/cbor-codecs-featuregate
  > 05da8f8 Add cost testing for two variable comprehensions
  > fdcfd1b Wire serving codecs to CBOR feature gate.
  > 43ca5ec hack/pin-dependency.sh github.com/google/cel-go v0.22.0
  > 4091a87 Merge pull request # 128553 from thockin/master
  > 206224f Merge pull request # 128539 from benluddy/cbor-feature-gates
  > 38d0f6f Call-site comments: the "" arg to TooLong is unused
  > 7afd9dd Merge pull request # 128580 from jpbetz/bump-kube-openapi
  > 8e6d805 Add CBOR feature gates.
  > d333ca3 Clarify that value arg to field.TooLong is unused
  > 96ea25f Merge pull request # 126862 from carlory/HPAContainerMetrics
  > 019a7ae hack/pin-dependency.sh k8s.io/kube-openapi 32ad38e42d3faf1ce94eb29f4ea6d763339b258e
  > 95a7a46 Kill TooLongMaxLength() in favor of TooLong()
  > cb213f0 Merge pull request # 128507 from dims/use-k8s.io/utils/lru-instead-of-github.com/golang/groupcache/lru
  > 70dab86 Remove generally available feature gate HPAContainerMetrics
  > 0468fc3 Use k8s.io/utils/lru instead of github.com/golang/groupcache/lru
  > 6716b47 Merge pull request # 128481 from carlory/dependencies-ginkgo-gomega
  > 11ae631 dependencies: ginkgo v2.21.0, gomega v1.35.1
  > 96f97a3 Merge pull request # 128416 from jpbetz/reset-filter
  > 4a38239 Add ResetFieldsFilterStrategy
  > b991c85 hack/pin-dependency.sh sigs.k8s.io/structured-merge-diff/v4 v4.4.2
  > e696686 Merge pull request # 128273 from benluddy/cbor-apply
  > 63e7d19 Support application/apply-patch+cbor in patch requests.
  > ba82146 Merge pull request # 128323 from benluddy/cbor-client-gen
  > d3fda6e Update generated clients.
  > 4060365 Merge pull request # 128196 from richabanker/move-version
  > 726b6d5 Merge pull request # 128322 from benluddy/cbor-storage-wiring
  > 56cc90c Wire CBOR CR storage behind test-only feature gate.
  > e0a4254 Merge pull request # 128243 from benluddy/cbor-dynamic-integration
  > eafd3ea Merge pull request # 125314 from enj/enj/i/proto_for_core
  > d53dcd5 Wire test-only feature gate for CBOR serving.
  > 22481dc Generated
  > d9fccdc Use protobuf for core clients
  > 4e18b1d Merge pull request # 127341 from mjudeikis/mjudeikis/deprecate.ch.fully
  > a1e0ff9 Merge pull request # 128165 from liggitt/prune-self-require
  > c315d55 fully remove StopCh
  > 72478b1 Merge pull request # 128144 from cheftako/updateANP
  > 31c7cd2 Drop self-referencing replace directives
  > f2a0633 Bump konnectivity-client to v0.30.0
  > 819892b Merge pull request # 128076 from AmarNathChary/Removed_Alpha_Beta_Ga
  > 953f7fe Merge pull request # 128064 from dims/update-to-last-versions-of-some-very-infrequently-updated-repos
  > 880b246 removed_comments_from_kube_feature_of_alpha_beta_ga
  > f3d49ac Update to last versions of some very infrequently updated repos
  > 2439863 Merge pull request # 125570 from sanchezl/test-additional-types
  > 62960d5 Merge pull request # 127998 from skitt/golang-x-oct-2024
  > f846e06 cover additional types in unstructured roundtrip test
  > d7179b5 Merge pull request # 127985 from dims/update-moby-runc-dependencies-oct-10
  > 5a07aa8 October 2024 golang.org/x bump
  > 18f50bf Update moby/runc dependencies
  > e9295cf Merge pull request # 127942 from liggitt/json123
  > 285dc9c Update sigs.k8s.io/json to go1.23
  > 1e2a86f Merge pull request # 127901 from skitt/k8s-sigs-yaml
  > b26a15d Use sigs.k8s.io/yaml instead of gopkg.in/yaml
  > cd7fbc1 Merge pull request # 127816 from cici37/updateCEL
  > 453f474 Update cel-go to v0.21.0
  > a1f61fb Merge pull request # 127673 from jpbetz/crd-field-selector-ga
  > ecdc027 Merge pull request # 127671 from mmorel-35/testify/error-contains
  > af6e42b Fix testing.StartTestServer to respect emulation version
  > 2c65ed6 Merge pull request # 126764 from liggitt/mergo
  > c961174 fix: use `ErrorContains(t, err` instead of `Contains(t, err.Error()`
  > 32b6669 Promote CustomResourceFieldSelectors to GA
  > c374273 Merge pull request # 127472 from skitt/fix-client-go-extensions-broken
  > 0bc988c Update vendor
  > 5f1b418 Merge pull request # 127672 from jpbetz/apiextensions-versioned-feature-gates
  > ac79f36 Fix the path to code-generator in example update-codegen.sh
  > 3cb4e4b Migrate apiextensions-apiserver to versioned feature gates
  > aea69da Merge pull request # 127570 from soltysh/do_not_return_err
  > 73b4857 Do not return error where it's not needed
  > c865fef Merge pull request # 126799 from kiashok/update-cadvisor-hcsshim
  > da2671f Update cadvisor and hcsshim versions
  > d08e558 Merge pull request # 127422 from srivastav-abhishek/go-vet-fix
  > 09216e8 Merge pull request # 126977 from aaron-prindle/compat-version-132
  > ee43524 Fix Go vet errors for master golang
  > eee550e Merge pull request # 127279 from serathius/etcd-v3.5.16
  > e900ec6 chore: bump DefaultKubeBinaryVersion to 1.32, make 1.32 CEL changes, fix int tests to handle 1 version off API deprecation, and fix prerelease-lifecycle-gen for # of APIs
  > 03cd909 Merge pull request # 125186 from liyuerich/newserializer
  > 7b9daad Upgrade etcd client to v3.5.16
  > 1d5bfe9 Merge pull request # 127303 from omerap12/issue_127287
  > b24d250 drop deprecated json/yaml newSerializers, use json.NewSerializerWithOptions instead
  > 4d236f4 Merge pull request # 127271 from liggitt/go1.23
  > 08ef780 Improve message prefer a domain-qualified finalizer
  > 6b8cdc3 Update k8s.io/gengo/v2
  > 06746be Pin godebug default to go1.23
  > 91ce470 Update go.mod to go 1.23
  > 31f06c9 Merge pull request # 125825 from p0lyn0mial/upstream-apiextensions-deflake-integration-defaulting-test
  > 20c674a Merge pull request # 125960 from pohly/dep-logging
  > a3cda24 apiextensions-apiserver/test/integration: deflake TestCustomResourceDefaultingWithoutWatchCache
  > 944814d Merge pull request # 126500 from liangyuanpeng/bump_etcd_3515
  > 73dd9d2 dependencies: logr v1.4.2, zap v1.27.0
  > f9a5e91 Merge pull request # 127011 from jpbetz/format-only-imports
  > 983eb73 Bump dependency: etcd to 3.5.15.
  > a92e062 generate
  > 9032673 Bump gengo/v2 to pick up FormatOnly setting for imports
  > 6fe6ff8 Merge pull request # 127001 from skitt/applyconfiguration-gen-ambiguous
  > b348460 Run codegen
  > 7869c86 Merge pull request # 126787 from Jefftree/update-kube-openapi
  > 452cc79 Merge pull request # 126359 from jpbetz/quantity-estimated-cost
  > db4bb04 Update codegen for OpenAPI escape fix
  > 0b1328b Merge pull request # 126405 from sttts/sttts-sync-informerfactory-start
  > 973bb94 Update cost stability tests to match fixed costs
  > 956a4af re-vendor k8s.io/kube-openapi
  > 283fb4e informers: add comment that Start does not block
  > c1320e9 re-vendor k8s.io/gengo/v2

Signed-off-by: Knative Automation <[email protected]>

Author: knative-automation

go.mod

@@ -1,20 +1,20 @@
 module knative.dev/kn-plugin-source-kafka
 
-go 1.22.7
+go 1.23.0
 
 require (
 	github.com/hashicorp/golang-lru v1.0.2
 	github.com/hashicorp/hcl v1.0.1-vault-5
 	github.com/spf13/cobra v1.8.1
-	github.com/spf13/pflag v1.0.5
+	github.com/spf13/pflag v1.0.6
 	gotest.tools/v3 v3.3.0
-	k8s.io/apimachinery v0.31.4
-	k8s.io/client-go v0.31.4
-	knative.dev/client-pkg v0.0.0-20250123181933-2a69ed741513
-	knative.dev/client/pkg v0.0.0-20250122145611-f73472454667
-	knative.dev/eventing-kafka-broker v0.44.0
-	knative.dev/hack v0.0.0-20250116150306-c142b4835bc5
-	knative.dev/pkg v0.0.0-20250117084104-c43477f0052b
+	k8s.io/apimachinery v0.32.2
+	k8s.io/client-go v0.32.2
+	knative.dev/client-pkg v0.0.0-20250219014434-98dd4c09798c
+	knative.dev/client/pkg v0.0.0-20250219014457-a051025a49ee
+	knative.dev/eventing-kafka-broker v0.43.1-0.20250312113937-469081eb7e64
+	knative.dev/hack v0.0.0-20250219013704-306ce745e077
+	knative.dev/pkg v0.0.0-20250312035536-b7bbf4be5dbd
 )
 
 require (
@@ -28,11 +28,11 @@ require (
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/cloudevents/sdk-go/sql/v2 v2.15.2 // indirect
 	github.com/cloudevents/sdk-go/v2 v2.15.2 // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/emicklei/go-restful/v3 v3.12.1 // indirect
 	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
+	github.com/evanphx/json-patch/v5 v5.9.11 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/go-errors/errors v1.4.2 // indirect
@@ -46,23 +46,23 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/btree v1.1.2 // indirect
-	github.com/google/gnostic-models v0.6.8 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
-	github.com/google/go-containerregistry v0.13.0 // indirect
+	github.com/google/gnostic-models v0.6.9 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/go-containerregistry v0.20.3 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/kelseyhightower/envconfig v1.4.0 // indirect
-	github.com/klauspost/compress v1.17.9 // indirect
+	github.com/klauspost/compress v1.17.11 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
-	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/moby/term v0.5.0 // indirect
@@ -75,9 +75,9 @@ require (
 	github.com/pelletier/go-toml/v2 v2.0.9 // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.20.4 // indirect
+	github.com/prometheus/client_golang v1.20.5 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.55.0 // indirect
+	github.com/prometheus/common v0.62.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/prometheus/statsd_exporter v0.22.8 // indirect
 	github.com/rickb777/date v1.20.0 // indirect
@@ -95,37 +95,37 @@ require (
 	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/oauth2 v0.23.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/sys v0.29.0 // indirect
-	golang.org/x/term v0.28.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/time v0.6.0 // indirect
+	golang.org/x/net v0.37.0 // indirect
+	golang.org/x/oauth2 v0.26.0 // indirect
+	golang.org/x/sync v0.12.0 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/term v0.30.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
+	golang.org/x/time v0.10.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/api v0.198.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
-	google.golang.org/grpc v1.69.4 // indirect
-	google.golang.org/protobuf v1.36.3 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20250207221924-e9438ea467c6 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6 // indirect
+	google.golang.org/grpc v1.71.0 // indirect
+	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.31.4 // indirect
-	k8s.io/apiextensions-apiserver v0.31.4 // indirect
-	k8s.io/apiserver v0.31.4 // indirect
+	k8s.io/api v0.32.2 // indirect
+	k8s.io/apiextensions-apiserver v0.32.1 // indirect
+	k8s.io/apiserver v0.32.1 // indirect
 	k8s.io/cli-runtime v0.29.2 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20240903163716-9e1beecbcb38 // indirect
-	k8s.io/utils v0.0.0-20240921022957-49e7df575cb6 // indirect
-	knative.dev/eventing v0.44.0 // indirect
-	knative.dev/networking v0.0.0-20250117155906-67d1c274ba6a // indirect
-	knative.dev/serving v0.44.0 // indirect
-	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
+	k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect
+	k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
+	knative.dev/eventing v0.44.1-0.20250218063550-9a7c6d5633c5 // indirect
+	knative.dev/networking v0.0.0-20250217154350-2cde4327c6c8 // indirect
+	knative.dev/serving v0.44.1-0.20250218114651-582f4539db64 // indirect
+	sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
 	sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )