chore(deps): bump the gomodupdates group with 3 updates

[dependabot]

Bumps the gomodupdates group with 3 updates: github.com/cert-manager/cert-manager, go.mondoo.com/mql/v13 and github.com/google/go-containerregistry.

Updates github.com/cert-manager/cert-manager from 1.20.1 to 1.20.2

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.20.2 fixes invalid YAML generated in the Helm chart when both webhook.config and webhook.volumes are defined, and bumps Go to 1.26.2 along with dependencies to address reported vulnerabilities.

Changes by Kind

Bug or Regression

• Helm: Fix invalid YAML generated when both webhook.config and webhook.volumes are defined. (#8665, @​cert-manager-bot)

Other (Cleanup or Flake)

• Bump go dependencies with reported vulnerabilities (#8704, @​erikgb)
• Bump go to 1.26.2 (#8703, @​erikgb)

Commits

• e5b7b18 Merge pull request #8704 from erikgb/1-20-fix-vuln-go-deps
• e7ec855 Merge pull request #8703 from erikgb/1-20-bump-go-base-images
• cd96b95 [release-1.20] Bump go dependencies with reported vulnerabilities
• a1b6f11 [release-1.20] Bump go to 1.26.2 and bump base images
• 6dee676 Merge pull request #8665 from cert-manager-bot/cherry-pick-8664-to-release-1.20
• 9ccf555 Fix indentation in webhook-deployment when both webhook.volumes and webhook.c...
• See full diff in compare view

Updates go.mondoo.com/mql/v13 from 13.4.0 to 13.4.1

Release notes

Sourced from go.mondoo.com/mql/v13's releases.

v13.4.1

What's Changed

• ✨ Update AWS SDK deps and add new resource fields by @​tas50 in mondoohq/mql#7129
• ⭐ Add new AWS services, sub-resources, and security-relevant fields by @​tas50 in mondoohq/mql#7130
• 📄 Document spell check CI in CLAUDE.md by @​tas50 in mondoohq/mql#7131
• 🎉 aws-13.8.0 by @​tas50 in mondoohq/mql#7133
• 🧹 Update deps for mql and providers 20260408 by @​github-actions[bot] in mondoohq/mql#7132
• ⭐ Add new security-relevant fields from SDK bumps by @​tas50 in mondoohq/mql#7134
• 🐛 fix recording GetData returning wrong type for "id" field by @​syrull in mondoohq/mql#7138

Full Changelog: mondoohq/mql@v13.4.0...v13.4.1

Commits

• 330eb25 🐛 fix recording GetData returning wrong type for "id" field (#7138)
• 5aa88cd ⭐ Add new security-relevant fields from SDK bumps (#7134)
• eef853e 🧹 Update deps for mql and providers 20260408 (#7132)
• 84cf660 🎉 aws-13.8.0 (#7133)
• dd29bd1 📄 Document spell check CI in CLAUDE.md (#7131)
• 348b211 ⭐ Add new AWS services, sub-resources, and security-relevant fields (#7130)
• d8ed51f ✨ Update AWS SDK deps and add new resource fields (#7129)
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.21.4 to 0.21.5

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.5

What's Changed

• Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 by @​thaJeztah in google/go-containerregistry#2254
• update to Go 1.26.2 by @​thaJeztah in google/go-containerregistry#2255
• Bump aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0 in the actions group across 1 directory by @​dependabot[bot] in google/go-containerregistry#2257
• build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps group across 1 directory by @​dependabot[bot] in google/go-containerregistry#2260

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

Commits

• 5b80281 build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps gro...
• b99bca2 build(deps): bump aws-actions/configure-aws-credentials (#2257)
• f8be1d4 update to Go 1.26.2 (#2255)
• 87ad88b Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 (#2254)
• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/google/go-containerregistry	[>= 0.15.a, < 0.16]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Test Results

0 files   -   7  0 suites   - 44   0s ⏱️ - 1h 42m 34s
0 tests  - 445  0 ✅  - 445  0 💤 ±0  0 ❌ ±0 
0 runs   - 511  0 ✅  - 505  0 💤  - 6  0 ❌ ±0 

Results for commit a4232cc. ± Comparison against base commit e61ddc0.

♻️ This comment has been updated with latest results.