chore(deps): bump the gomodupdates group across 1 directory with 4 updates

[dependabot]

Bumps the gomodupdates group with 4 updates in the / directory: github.com/cert-manager/cert-manager, github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring, github.com/rs/zerolog and go.mondoo.com/mql/v13.

Updates github.com/cert-manager/cert-manager from 1.20.0 to 1.20.1

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.20.1 fixes an issue for OpenShift users that has to do with the finalizer RBAC, bumps gRPC to address a reported non-affecting vulnerability, and fixes a duplicate parentRef bug when both issuer config and annotations are present (Gateway API).

Bug or Regression

• Fixed duplicate parentRef bug when both issuer config and annotations are present. (#8658, @​hjoshi123)
• Add missing issuer finalizer RBAC to the order controller to support owner references. This was preventing OpenShift users from being able to upgrade to v1.20.0. (#8655, @​erikgb)
• Bump google.golang.org/grpc to fix vulnerability reported by scanners. This isn't a vulnerability that affects cert-manager, but we are bumping it because it is reported by scanners. (#8657, @​erikgb)

Commits

• dc96863 Merge pull request #8658 from cert-manager-bot/cherry-pick-8619-to-release-1.20
• 7e66079 removing duplicate parentRefs
• 75f90e4 Merge pull request #8657 from erikgb/fix-grpc-vuln
• f27364c Update module google.golang.org/grpc to v1.79.3 [security] (release-1.20)
• 5c1ce14 Merge pull request #8655 from cert-manager-bot/cherry-pick-8654-to-release-1.20
• 038260f Fix RBAC to support clusters with OwnerReferencesPermissionEnforcement enabled
• See full diff in compare view

Updates github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.90.0 to 0.90.1

Release notes

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's releases.

0.90.1 / 2026-03-25

• [BUGFIX] Fix Probe ignoring HTTP client settings in scrape configuration. #8461

Changelog

Sourced from github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring's changelog.

0.90.1 / 2026-03-25

• [BUGFIX] Fix Probe ignoring HTTP client settings in scrape configuration. #8461

Commits

• 32d1b3d Merge pull request #8462 from slashpai/cut-0.90.1
• 7d87388 chore: cut v0.90.1
• 3d9d543 Merge pull request #8461 from multani/probe-http-config
• b2d239d feat: allows Probes to configure HTTP settings
• See full diff in compare view

Updates github.com/rs/zerolog from 1.34.0 to 1.35.0

Commits

• 1396655 Bump CI Go matrix minimum from 1.21 to 1.23
• 4b65a2f Bump actions/cache from 4 to 5 (#741)
• b835796 Bump actions/setup-go from 5 to 6 (#742)
• 134caf8 Added sanitization of journald keys (#751)
• e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
• 82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
• 2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
• d64c9a7 Add slog.Handler implementation for zerolog (#755)
• a0d61dc fix: return dict to Event pool (#749)
• f6fbd33 Test coverage improvements (#748)
• Additional commits viewable in compare view

Updates go.mondoo.com/mql/v13 from 13.2.0 to 13.3.0

Release notes

Sourced from go.mondoo.com/mql/v13's releases.

v13.3.0

What's Changed

• 🐛 Implement EKS authentication flow and token retrieval by @​slntopp in mondoohq/mql#7028
• ⭐ Add security fields to AWS provider resources by @​tas50 in mondoohq/mql#7024
• ⭐ Add disk usage fields to mount.point resource by @​tas50 in mondoohq/mql#6948
• 🎉 ansible-13.0.2, arista-13.1.4, atlassian-13.0.2, aws-13.2.7, cloudflare-13.0.2, cloudformation-13.0.2, depsdev-13.0.3, equinix-13.0.2, gcp-13.2.2, github-13.0.3, gitlab-13.0.2, google-workspace-13.0.3, ipinfo-13.0.2, ipmi-13.0.2, k8s-13.0.5, mondoo-13.0.2, ms365-13.0.2, nmap-13.0.2, oci-13.0.2, okta-13.1.1, opcua-13.0.2, shodan-13.0.2, slack-13.0.2, snowflake-13.0.2, tailscale-13.0.2, terraform-13.0.2, vcd-13.0.2, vsphere-13.0.2 by @​github-actions[bot] in mondoohq/mql#7027
• feat(os): add FORWARD chain and default policy to iptables/ip6tables resources by @​syrull in mondoohq/mql#7031
• 🐛 fix provider stack overflow panics with empty hcl files by @​slntopp in mondoohq/mql#7032
• ⭐ Add security fields to ES, EMR, DAX, and SQS resources by @​tas50 in mondoohq/mql#7033
• 🐛 Report provider connection errors and crashes to Sentry by @​vjeffrey in mondoohq/mql#7034
• ⭐ Add typed kmsKey reference to aws.kinesis.stream by @​tas50 in mondoohq/mql#7035
• fix: return false instead of error for null comparison operands by @​syrull in mondoohq/mql#7036
• feat(gitlab): add gitlab.settings resource for instance-level application settings by @​syrull in mondoohq/mql#7037
• 🧹 Represent auto discovery as accounts + resources. by @​preslavgerchev in mondoohq/mql#7038
• 🐛 Fix panic in initAwsAccount during EBS volume scanning by @​czunker in mondoohq/mql#7039
• ✨ Add Wolfi OS detection and package support by @​tas50 in mondoohq/mql#7041
• ⭐ Support Bottlerocket OS detection in EBS volume scanning by @​czunker in mondoohq/mql#7040
• 🎉 os-13.3.0 by @​tas50 in mondoohq/mql#7042
• ✨ Add macos.firewall resource with typed sub-resources by @​tas50 in mondoohq/mql#7043
• 🎉 os-13.4.0 by @​tas50 in mondoohq/mql#7044
• ✨ Add storageEncryptionType to RDS resources by @​tas50 in mondoohq/mql#7045
• ✨ Add security-relevant fields to AWS resources by @​tas50 in mondoohq/mql#7046
• ✨ Add security-relevant fields to GCP resources by @​tas50 in mondoohq/mql#7047
• 🧹 Update GCP provider dependencies by @​tas50 in mondoohq/mql#7049
• ⭐ Add security-relevant fields to Azure resources by @​tas50 in mondoohq/mql#7048
• ✨ Add RPM modularity support for RHEL, CentOS, and Rocky Linux by @​czunker in mondoohq/mql#7051
• ✨ Add config aggregators, ECR repo policy, and EC2 launch templates by @​tas50 in mondoohq/mql#7052
• 🐛 Fix GitHub Actions workflow bugs and typos by @​tas50 in mondoohq/mql#6865
• 🐛 Add timeout to OCSP request to prevent hangs by @​jaym in mondoohq/mql#7053
• ✨ Add BIOS UUID detection for platform identification by @​philipbalinov in mondoohq/mql#6556
• 🎉 os-13.4.1 by @​slntopp in mondoohq/mql#7054
• ✨ Upgrade Azure SDK deps and add security-relevant fields by @​tas50 in mondoohq/mql#7055
• Bump github.com/moby/buildkit from 0.16.0 to 0.28.1 by @​dependabot[bot] in mondoohq/mql#7056
• ⭐ Expand nftables resource with sets, version, and top-level accessors by @​tas50 in mondoohq/mql#7030
• ⭐ Add firewalld resource for Linux firewall management by @​tas50 in mondoohq/mql#7029
• 🎉 Add sysrc resource for FreeBSD rc.conf configuration by @​tas50 in mondoohq/mql#6984
• 🎉 os-13.5.0 by @​tas50 in mondoohq/mql#7057
• ✨ Add macOS FileVault, Gatekeeper, and SIP resources by @​tas50 in mondoohq/mql#7059
• ⭐ expose initProcessEnabled on ECS container definition by @​tas50 in mondoohq/mql#7060
• ⭐ Add EC2 launch configuration resource and CloudFront logging by @​tas50 in mondoohq/mql#7061
• ⭐ Add Azure Data Factory and Synapse Analytics resources by @​tas50 in mondoohq/mql#7062
• 🧹 Fix default display name for microsoft.application. by @​preslavgerchev in mondoohq/mql#7066
• 🐛 reuse smbios manager by @​slntopp in mondoohq/mql#7067
• 🎉 os-13.5.1 by @​slntopp in mondoohq/mql#7068
• 🐛 Silence noisy log for missing python package dirs by @​tas50 in mondoohq/mql#7069
• 🧹 Update deps for mql and providers 20260330 by @​github-actions[bot] in mondoohq/mql#7065
• Bump dawidd6/action-download-artifact from 16 to 19 by @​dependabot[bot] in mondoohq/mql#7064
• Bump azure/login from 2.3.0 to 3.0.0 by @​dependabot[bot] in mondoohq/mql#7063
• ⚡ Refactor Azure discovery to generic ARM resource listing by @​tas50 in mondoohq/mql#7017
• ⚡ Lazy-load Azure network, AKS, IAM, and Redis sub-resources by @​tas50 in mondoohq/mql#7014

... (truncated)

Commits

• 8b6941c 🎉 os-13.5.2 (#7070)
• a76891e 🐛 Reject non-KMS ARNs in initAwsKmsKey to prevent misleading warnings (#7072)
• 61255f6 🧹 Drop all debug logs for missing resource id logs. (#7074)
• dc89acd 🧹 Skip permissions.json write when only timestamp changed (#7071)
• b0bccb5 ⚡ Lazy-load Azure network, AKS, IAM, and Redis sub-resources (#7014)
• 11986b1 🧹 Refactor Azure discovery to generic ARM listing and add API trace policy (#...
• 9dff60f Bump azure/login from 2.3.0 to 3.0.0 (#7063)
• 7b4042f Bump dawidd6/action-download-artifact from 16 to 19 (#7064)
• 24e4293 🧹 Update deps for mql and providers 20260330 (#7065)
• 978ba0d 🐛 Silence noisy log for missing python package dirs (#7069)
• Additional commits viewable in compare view

[github-actions]

Test Results

0 tests   0 ✅  0s ⏱️
0 suites  0 💤
0 files    0 ❌

Results for commit 94eb711.

♻️ This comment has been updated with latest results.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.