Skip to content

🌱 Bump the dependencies group across 1 directory with 7 updates#6006

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/hack/tools/dependencies-5ef562e5b1
Closed

🌱 Bump the dependencies group across 1 directory with 7 updates#6006
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/hack/tools/dependencies-5ef562e5b1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 7 updates in the /hack/tools directory:

Package From To
github.com/itchyny/gojq 0.12.17 0.12.19
github.com/mikefarah/yq/v4 4.48.1 4.53.2
k8s.io/apimachinery 0.34.1 0.34.8
sigs.k8s.io/controller-runtime/tools/setup-envtest 0.0.0-20240923090159-236e448db12c 0.24.1
sigs.k8s.io/controller-tools 0.19.0 0.21.0
sigs.k8s.io/kind 0.30.0 0.32.0
sigs.k8s.io/kustomize/kustomize/v5 5.8.0 5.8.1

Updates github.com/itchyny/gojq from 0.12.17 to 0.12.19

Release notes

Sourced from github.com/itchyny/gojq's releases.

Release v0.12.19

  • fix gsub and sub when the replacement emits multiple values
  • fix fmax, fmin, modf functions against NaN and infinities
  • fix join/1 to use add/0 implementation and handle null separator
  • fix del and delpaths on null to emit null
  • fix arithmetic operations on the minimum integer
  • fix significand function against subnormal numbers
  • fix handling of -- in cli flag parsing for jq compatibility
  • fix flatten/1 to emit error when the depth is NaN
  • fix array slice update to validate index types
  • fix string repetition boundary check to match jq behavior
  • implement splits/2 using match/2 for better jq compatibility
  • implement to_entries and from_entries in jq for simplicity
  • improve performance of regexp functions by caching compiled regexps

Release v0.12.18

  • implement trimstr/1, toboolean/0 function
  • fix last/1 to be included in builtins/0
  • fix --indent 0 to preserve newlines
  • fix string repetition to emit error when the result is too large
  • increase the array index limit to 536870912 (2^29)
  • stop numeric normalization for concurrent execution (see 1ace748d08df)
  • support binding expressions with binary operators (1 + 2 as $x | -$x)
  • improve gojq.NewIter to be a generic function
  • improve logic for getting file contents on JSON parse error
  • improve JSON parsing to preserve the precision of floating-point numbers
  • improve YAML parsing performance and preserve the precision of large integers
  • improve performance and reduce memory allocation of long-running queries
Changelog

Sourced from github.com/itchyny/gojq's changelog.

v0.12.19 (2026-04-01)

  • fix gsub and sub when the replacement emits multiple values
  • fix fmax, fmin, modf functions against NaN and infinities
  • fix join/1 to use add/0 implementation and handle null separator
  • fix del and delpaths on null to emit null
  • fix arithmetic operations on the minimum integer
  • fix significand function against subnormal numbers
  • fix handling of -- in cli flag parsing for jq compatibility
  • fix flatten/1 to emit error when the depth is NaN
  • fix array slice update to validate index types
  • fix string repetition boundary check to match jq behavior
  • implement splits/2 using match/2 for better jq compatibility
  • implement to_entries and from_entries in jq for simplicity
  • improve performance of regexp functions by caching compiled regexps

v0.12.18 (2025-12-02)

  • implement trimstr/1, toboolean/0 function
  • fix last/1 to be included in builtins/0
  • fix --indent 0 to preserve newlines
  • fix string repetition to emit error when the result is too large
  • increase the array index limit to 536870912 (2^29)
  • stop numeric normalization for concurrent execution (see 1ace748d08df)
  • support binding expressions with binary operators (1 + 2 as $x | -$x)
  • improve gojq.NewIter to be a generic function
  • improve logic for getting file contents on JSON parse error
  • improve JSON parsing to preserve the precision of floating-point numbers
  • improve YAML parsing performance and preserve the precision of large integers
  • improve performance and reduce memory allocation of long-running queries
Commits
  • b7ebffb bump up version to 0.12.19
  • b02c97b update CHANGELOG.md for v0.12.19
  • d7ca9b5 implement to_entries and from_entries in jq for simplicity
  • bac8b0b update dependencies
  • 183cbec bump up Docker actions
  • 40707cf fix repeated argument type any
  • b5ece86 fix handling of -- in cli flag parsing for jq compatibility
  • cca2307 re-generate the parser.go file
  • ca5066d fix gsub and sub when the replacement emits multiple values
  • 0878958 improve performance of regexp functions by caching compiled regexps (fix #230)
  • Additional commits viewable in compare view

Updates github.com/mikefarah/yq/v4 from 4.48.1 to 4.53.2

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.53.2

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies

v4.52.5

v4.52.4

  • Dropping windows/arm - no longer supported in cross-compile
  • Fixing comments in TOML arrays (#2592)
  • Bumped dependencies

v4.52.2

  • Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
  • Fixed TOML table scope after comments (#2588) Thanks @​tomers
  • Multiply uses a readonly context (#2558)
  • Fixed merge globbing wildcards in keys (#2564)
  • Fixing TOML subarray parsing issue (#2581)

v4.52.1 - TOML roundtrip and more!

  • TOML encoder support - you can now roundtrip! #1364

  • Parent now supports negative indices, and added a 'root' command for referencing the top level document

  • Fixed scalar encoding for HCL

  • Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

  • Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

  • Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

  • Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

  • Added K8S KYAML output format support (#2560) Thanks @​robbat2

  • Bumped dependencies

  • Special shout out to @​ccoVeille for reviewing my PRs!

Thanks to everyone that contributed ❤️

v4.50.1 - HCL!

  • Added HCL Support - First cut - hopefully it works well! (#1844)
  • Fixing handling of CRLF #2352
  • Bumped dependencies

... (truncated)

Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.53.2:

  • Fixing release process

4.53.1:

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies

4.52.5:

4.52.4:

  • Dropping windows/arm - no longer supported in cross-compile

4.52.3:

  • Fixing comments in TOML arrays (#2592)
  • Bumped dependencies

4.52.2:

  • Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
  • Fixed TOML table scope after comments (#2588) Thanks @​tomers
  • Multiply uses a readonly context (#2558)
  • Fixed merge globbing wildcards in keys (#2564)
  • Fixing TOML subarray parsing issue (#2581)

4.52.1:

  • TOML encoder support - you can now roundtrip! #1364

  • Parent now supports negative indices, and added a 'root' command for referencing the top level document

  • Fixed scalar encoding for HCL

  • Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

  • Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

  • Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

  • Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

  • Added K8S KYAML output format support (#2560) Thanks @​robbat2

  • Bumped dependencies

  • Special shout out to @​ccoVeille for reviewing my PRs!

... (truncated)

Commits
  • 751d8ad Bumping version
  • 6dd681a Fixing release signing
  • fc7c337 Updating bump version script
  • e969dd7 Bumping version
  • dc4b4ea Preparing release notes
  • 602586d Create scorecard.yml
  • 9a0335a fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege...
  • 838c516 Trying to test release
  • c8f6c1a Updating release to sign checksums
  • 0e80383 chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF ...
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.34.1 to 0.34.8

Commits
  • 454f531 Merge pull request #138357 from dims/update-moby-spdystream-v0.5.1-1.34
  • e44e450 Merge pull request #138349 from dashpole/update_prop_34
  • e2c5a26 Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • 03b02ab update go.opentelemetry.io/otel to v1.41.0
  • See full diff in compare view

Updates sigs.k8s.io/controller-runtime/tools/setup-envtest from 0.0.0-20240923090159-236e448db12c to 0.24.1

Release notes

Sourced from sigs.k8s.io/controller-runtime/tools/setup-envtest's releases.

v0.24.1

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.24.0...v0.24.1

v0.24.0

⚠️ Breaking Changes

🐛 Bug Fixes

  • Cache: Fix IndexField blocking until informer is synced (#3445)
  • Cache: Wait for cache sync when ReaderFailOnMissingInformer is true (#3425)
  • Client: Update typed ApplyConfigurations with server response (#3475)
  • Fakeclient: Fix SSA status patch resource version check (#3443)
  • Fakeclient: Fix panic when using CRs with embedded pointer structs (#3431)
  • Fakeclient: Fix status apply if existing object has managedFields set (#3430)
  • Fakeclient: Retry GenerateName on AlreadyExists collisions (#3498)
  • HTTP servers: Wire up base context into http servers (#3452)

🌱 Others

  • Builder/Webhooks: Remove deprecated custom path function (#3465)
  • Cache: Test cache reader waits for cache sync (#3434)
  • Certwatcher: Deflake certwatcher tests (#3457)
  • Dependencies: Use forked version of btree (#3449)
  • Envtest: Ensure envtest stops the whole process group (#3447)
  • Logging: Add missing space in zap-log-level flag description (#3492)
  • Misc: Adopt new(x) over ptr.To(x) and re-enable newexpr lint (#3489)
  • Owners: Cleanup (#3453)
  • Recorder: Add logger into context for structured logging (#3454)
  • Recorder: Switch to StartLogging for event debug logs (#3451)
  • Scheme: Deprecate the scheme builder (#3461)
  • Source/Kind: Improve logging for dynamic type kind source (#3494)
  • Webhooks: Reduce memory usage of default webhooks (#3463 #3468)

🌱 CI & linters

  • Chore: Update golangci-lint version to v2.8.0 (#3448)
  • Chore: Update golangci-lint version to v2.10.1 (#3470)
  • Chore: Update golangci-lint version to v2.11.3 (#3482)
  • Migrate away from custom GitHub action approval workflow (#3491)
  • Release: Auto-create git tags for the tools/setup-envtest submodule (#3476)

📖 Additionally, there has been 1 contribution to our documentation. (#3477)

Dependencies

... (truncated)

Commits

Updates sigs.k8s.io/controller-tools from 0.19.0 to 0.21.0

Release notes

Sourced from sigs.k8s.io/controller-tools's releases.

v0.21.0

What's Changed

Misc

envtest

Dependency bumps

... (truncated)

Commits
  • 41fba85 Merge pull request #1407 from sbueringer/pr-k8s-v1.36
  • 319cce6 Upgrade k8s from 1.35 to 1.36
  • ec29474 Merge pull request #1354 from alvaroaleman/immutable
  • 27f2ee1 Merge pull request #1405 from kubernetes-sigs/dependabot/go_modules/all-go-mo...
  • f90ac1b 🌱 Bump github.com/onsi/gomega
  • 456a080 ✨ Add support for k8s:immutable
  • e17f046 Merge pull request #1402 from camilamacedo86/up-go
  • e0961cc Merge pull request #1383 from kubernetes-sigs/dependabot/github_actions/all-g...
  • ee76c90 Merge pull request #1377 from kubernetes-sigs/dependabot/go_modules/all-go-mo...
  • e70af51 Apply linter fixes for Go 1.26.0
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kind from 0.30.0 to 0.32.0

Release notes

Sourced from sigs.k8s.io/kind's releases.

v0.32.0

This release contains critical dependency updates, bug fixes, and defaults to Kubernetes 1.36.1.

Breaking Changes

  • The default node image is now kindest/node:v1.36.1@sha256:3489c7674813ba5d8b1a9977baea8a6e553784dab7b84759d1014dbd78f7ebd5
  • New node images requiring upgrading kind to kind load ...: Due to a containerd upgrade, you must upgrade kind to this release or newer to use kind load ... with the newly published node images. As always, we cannot gurantee full compatibility of node images between kind releases. You can use the digests from previous releases, upgrade kind, or build your own node-images.
  • kubeadm v1beta4 config format is now used for Kubernetes 1.36.0+ If you are using versioned config patches, you must update to target v1beta4. Unversioned patches kind will attempt to convert as needed (more below in New Features). This change is required for Kubernetes 1.37+ which drops kubeadm v1beta3 config.
  • Adoption of Envoy for Load Balancing in multi-control-plane node clusters: HAProxy has been replaced by Envoy (docker.io/envoyproxy/envoy:v1.36.2) as the load balancer in multi-control-plane (HA) clusters. If you rely on custom HAProxy loadbalancer configurations or images, please note that Envoy is now used.
  • cgroup v1 warning: A warning is now printed if cgroup v1 is detected on the host. Kubernetes has deprecated support for cgroup v1, and at some point in the future KIND releases / node-images will also drop support for cgroup v1.

New Features

  • kubeadm v1beta4 configuration support: KIND now uses the v1beta4 config format for Kubernetes v1.36.0+ while maintaining v1beta3 for v1.23.0 up to v1.35.x, and v1beta2 for older versions.
  • Custom Merging & Version-Awareness for Kubeadm Config Patches:
    • KIND now automatically translates old-style map-based extraArgs / kubeletExtraArgs patches to the list-based v1beta4 format when targeting v1beta4 configs.
    • Config patches now append to extraArgs / kubeletExtraArgs / certSANs reliably. To overwrite or make other more precise patching, use json6902 patches.
  • Support for containerd config v4 format: Enabled support for containerd's config v4 format in kind load and snapshotter parsing, which is required for newer containerd versions.
  • Building Node Images from CI Artifacts: Added support to build node images from Kubernetes CI artifacts (resolving endpoints like https://dl.k8s.io/ci/latest.txt or CI build prefixes).
  • Support for containerd version-aware containerd config patching: Like kubeadmConfigPatches, containerd config patching is now aware of version and if specified in patches will only apply patches that match the containerd config being used.
  • Assorted dependency updates.

Images pre-built for this release:

  • v1.36.1: kindest/node:v1.36.1@sha256:3489c7674813ba5d8b1a9977baea8a6e553784dab7b84759d1014dbd78f7ebd5
  • v1.35.5: kindest/node:v1.35.5@sha256:ce977ae6d65918d0b58a5f8b5e940429c2ce42fa3a5619ec2bbc60b949c0ac95
  • v1.34.8: kindest/node:v1.34.8@sha256:02722c2dedddcfc00febf5d27fbeb9b7b2c14294c82109ff4a85d89ac9ba3256
  • v1.33.12: kindest/node:v1.33.12@sha256:3f5c8443c620245e4d355cfe09e96a91ead32ceaa569d3f1ca9edf0cb2fe2ff4

NOTE: You must use the @sha256 digest to guarantee an image built for this release, until such a time as we switch to a different tagging scheme. Even then we will highly encourage digest pinning for security and reproducibility reasons.

Fixes

  • Fix permission error when creating pods with hostUsers: false (Kubernetes 1.36+).
  • Handle registry ports correctly in image normalization logic (e.g., registry running on ports like localhost:5000/...).
  • Handle empty port mapping listen addresses correctly (defaults to wildcard address).
  • Skip /dev/mapper mount on rootless Docker.
  • Assorted documentation fixes and improvements.

See also:

NOTE: These node images support amd64 and arm64, both of our supported platforms. You must use the same platform as your host, for more context see #2718

Contributors

Committers for this release:

... (truncated)

Changelog

Sourced from sigs.k8s.io/kind's changelog.

kind Release Process

This document describes the steps to cut a new kind release. It is intended for maintainers who have push access to the upstream repository and the staging image registry.

Prerequisites

  • GNU sed (macOS: brew install gnu-sed)
  • Docker with buildx support
  • crane installed (for image promotion to Docker Hub)
  • Push access to github.com/kubernetes-sigs/kind
  • Push access to gcr.io/k8s-staging-kind
  • Push access to kindest on Docker Hub

Phase 1 - Publish Node Images

Node images must be built, tested, and promoted to Docker Hub before the kind release so their digest hashes are known and can be embedded in the release binary.

1.1 Build and push to staging

Use hack/release/push-node.sh for Kubernetes v1.31 and later:

./hack/release/push-node.sh v1.35.0

This builds amd64 and arm64 node images and pushes them to gcr.io/k8s-staging-kind/node:v1.35.0, then creates a multi-arch manifest list.

You can override the registry or add architectures:

REGISTRY=gcr.io/k8s-staging-kind ARCHES="amd64 arm64" ./hack/release/push-node.sh v1.35.0

1.2 Test with the staging image

Update the default image in pkg/apis/config/defaults/image.go to point to the staging image with its digest, then run CI to validate:

const Image = "gcr.io/k8s-staging-kind/node:v1.35.0@sha256:<digest-from-push>"

... (truncated)

Commits
  • cda67ef version v0.32.0
  • a335a9e Merge pull request #4182 from stmcginnis/kindest/node-v1.36.1
  • 645b868 bump default image to kindest/node:v1.36.1
  • d1b84e8 Merge pull request #4181 from BenTheElder/base-fix
  • 25d94fa bump staging node image
  • 088013a update base image with permissions fix
  • 995e8fa Fix: Permission error when creating pod with hostUsers: false (#4179)
  • b029a2b Merge pull request #4149 from BenTheElder/bump-images-asdf
  • 140186f Merge pull request #4174 from BenTheElder/ci-builds
  • 811ea84 Merge pull request #4173 from BenTheElder/kubeadm-v1beta4-special-patch
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kustomize/v5 from 5.8.0 to 5.8.1

Release notes

Sourced from sigs.k8s.io/kustomize/kustomize/v5's releases.

kustomize/v5.8.1

Introduction

This release completes a fix for namespace propagation that occurred in v5.8.0. kubernetes-sigs/kustomize#6031 Also addressed the breaking changes introduced in helm v4. #6016

fix

#5990: fix: allow empty patches files #6016: fix: support helm v4 beside v3 #6038: Fix a failing test #6044: Fix namespace propagation problem at v5.8.0

Dependencies

#6057: Upgrade json-patch to v4.13.0 to remove pkg/errors dependency

chore

#6065: Update kyaml to v0.21.1 #6066: Update cmd/config to v0.21.1 #6067: Update api to v0.21.1

Commits
  • 9790a1c Merge pull request #6067 from koba1t/pinToApi
  • 4190d3d Update api to v0.21.1
  • 401be20 Merge pull request #6066 from koba1t/pinToCmdConfig
  • 8073ce8 Update cmd/config to v0.21.1
  • be024c9 Merge pull request #6065 from koba1t/pinToKyaml
  • bb26a70 Update kyaml to v0.21.1
  • 798d339 Merge pull request #6044 from koba1t/fix/namespace_propagation_problem_at_v5.8.0
  • 6c8c9cc Merge pull request #6016 from hmilkovi/fix/helm-4.0
  • 02d23d2 Merge pull request #6057 from dims/remove-pkg-errors-dep
  • c6ccb4f Merge branch 'kubernetes-sigs:master' into fix/helm-4.0
  • Additional commits viewable in compare view

@dependabot dependabot Bot added area/dependency Issues or PRs related to dependency changes kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. labels May 6, 2026
@k8s-ci-robot k8s-ci-robot requested review from damdo and fiunchinho May 6, 2026 09:53
@k8s-ci-robot

k8s-ci-robot commented May 6, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign neolit123 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot

k8s-ci-robot commented May 6, 2026

Copy link
Copy Markdown
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 6, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/hack/tools/dependencies-5ef562e5b1 branch from 504b9cf to bd9aa6b Compare May 13, 2026 09:59
@dependabot dependabot Bot force-pushed the dependabot/go_modules/hack/tools/dependencies-5ef562e5b1 branch 2 times, most recently from 6b3828f to 083827a Compare May 27, 2026 11:56
@dependabot
🌱 Bump the dependencies group across 1 directory with 7 updates
aced2c6 
Bumps the dependencies group with 7 updates in the /hack/tools directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/itchyny/gojq](https://github.com/itchyny/gojq) | `0.12.17` | `0.12.19` |
| [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) | `4.48.1` | `4.53.2` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.34.1` | `0.34.8` |
| [sigs.k8s.io/controller-runtime/tools/setup-envtest](https://github.com/kubernetes-sigs/controller-runtime) | `0.0.0-20240923090159-236e448db12c` | `0.24.1` |
| [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools) | `0.19.0` | `0.21.0` |
| [sigs.k8s.io/kind](https://github.com/kubernetes-sigs/kind) | `0.30.0` | `0.32.0` |
| [sigs.k8s.io/kustomize/kustomize/v5](https://github.com/kubernetes-sigs/kustomize) | `5.8.0` | `5.8.1` |



Updates `github.com/itchyny/gojq` from 0.12.17 to 0.12.19
- [Release notes](https://github.com/itchyny/gojq/releases)
- [Changelog](https://github.com/itchyny/gojq/blob/main/CHANGELOG.md)
- [Commits](itchyny/gojq@v0.12.17...v0.12.19)

Updates `github.com/mikefarah/yq/v4` from 4.48.1 to 4.53.2
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.48.1...v4.53.2)

Updates `k8s.io/apimachinery` from 0.34.1 to 0.34.8
- [Commits](kubernetes/apimachinery@v0.34.1...v0.34.8)

Updates `sigs.k8s.io/controller-runtime/tools/setup-envtest` from 0.0.0-20240923090159-236e448db12c to 0.24.1
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/commits/v0.24.1)

Updates `sigs.k8s.io/controller-tools` from 0.19.0 to 0.21.0
- [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-tools@v0.19.0...v0.21.0)

Updates `sigs.k8s.io/kind` from 0.30.0 to 0.32.0
- [Release notes](https://github.com/kubernetes-sigs/kind/releases)
- [Changelog](https://github.com/kubernetes-sigs/kind/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/kind@v0.30.0...v0.32.0)

Updates `sigs.k8s.io/kustomize/kustomize/v5` from 5.8.0 to 5.8.1
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@kustomize/v5.8.0...kustomize/v5.8.1)

---
updated-dependencies:
- dependency-name: github.com/itchyny/gojq
  dependency-version: 0.12.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/mikefarah/yq/v4
  dependency-version: 4.53.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/controller-runtime/tools/setup-envtest
  dependency-version: 0.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/controller-tools
  dependency-version: 0.20.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/kind
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: sigs.k8s.io/kustomize/kustomize/v5
  dependency-version: 5.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/hack/tools/dependencies-5ef562e5b1 branch from 083827a to aced2c6 Compare June 4, 2026 01:38
@k8s-ci-robot

k8s-ci-robot commented Jun 4, 2026

Copy link
Copy Markdown
Contributor

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-cluster-api-provider-aws-verify aced2c6 link true /test pull-cluster-api-provider-aws-verify

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@dependabot @github

dependabot Bot commented on behalf of github Jun 5, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #6042.

@dependabot dependabot Bot closed this Jun 5, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/hack/tools/dependencies-5ef562e5b1 branch June 5, 2026 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@damdo damdo Awaiting requested review from damdo

@fiunchinho fiunchinho Awaiting requested review from fiunchinho

Assignees

No one assigned

Labels

area/dependency Issues or PRs related to dependency changes cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. needs-priority ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@k8s-ci-robot