[gomod] Bump the dependencies group across 2 directories with 7 updates

[dependabot]

Bumps the dependencies group with 3 updates in the /dkam directory: github.com/magefile/mage, google.golang.org/grpc and github.com/spf13/viper.
Bumps the dependencies group with 5 updates in the /onboarding-manager directory:

Package	From	To
google.golang.org/grpc	1.80.0-dev	1.81.0-dev
github.com/envoyproxy/protoc-gen-validate	1.3.0	1.3.3
k8s.io/apimachinery	0.33.3	0.35.2
k8s.io/client-go	0.33.3	0.35.2
sigs.k8s.io/controller-runtime	0.21.0	0.23.3

Updates github.com/magefile/mage from 1.15.0 to 1.16.0

Release notes

Sourced from github.com/magefile/mage's releases.

v1.16.0 Optional Arguments!

What's Changed

• feat: support trailing line comment for mage:import by @​anuraaga in magefile/mage#480
• Update documentation to include Windows Magefile Cache by @​WilliamRoyNelson in magefile/mage#484
• Comment typo: parse.go by @​szTheory in magefile/mage#485
• ci: Extend go-version with 1.21.x by @​michalbiesek in magefile/mage#479
• Correct test input code to support older go versions by @​perrito666 in magefile/mage#490
• getFunction() ignoring receiver on imports by @​na4ma4 in magefile/mage#509
• This adds a test to bug 508 by @​perrito666 in magefile/mage#516
• chore(docs): updated README and site to include installation using go install command by @​egor-denysenko in magefile/mage#499
• add the ability to call targets with float64 args by @​natefinch in magefile/mage#525
• Add support for optional arguments by @​natefinch in magefile/mage#538

New Contributors

• @​anuraaga made their first contribution in magefile/mage#480
• @​WilliamRoyNelson made their first contribution in magefile/mage#484
• @​szTheory made their first contribution in magefile/mage#485
• @​michalbiesek made their first contribution in magefile/mage#479
• @​na4ma4 made their first contribution in magefile/mage#509
• @​egor-denysenko made their first contribution in magefile/mage#499

Full Changelog: magefile/mage@v1.15.0...v1.16.0

Commits

• 69e6f82 Add support for optional arguments (#538)
• 78acbaf add the ability to call targets with float64 args (#525)
• bdc92f6 chore(docs): updated README and site to include installation using go install...
• 32e0107 This adds a test to bug 508 (#516)
• 0800736 fix default selector ignoring Receiver and returning first matching function ...
• 2385abb Correct test input code to support older go versions (#490)
• 0fddccb ci: Extend go-version with 1.21.x (#479)
• 2edffd1 Comment typo: parse.go (#485)
• c97c205 Update documentation to include Windows Magefile Cache (#484)
• 9f54e0f feat: support trailing line comment for mage:import (#480)
• See full diff in compare view

Updates google.golang.org/grpc from 1.79.1 to 1.79.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.2

Bug Fixes

• stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Commits

• 8902ab6 Change the version to release 1.79.2 (#8947)
• a928670 Cherry-pick #8874 to v1.79.x (#8904)
• 06df363 Change version to 1.79.2-dev (#8903)
• See full diff in compare view

Updates github.com/spf13/viper from 1.20.1 to 1.21.0

Release notes

Sourced from github.com/spf13/viper's releases.

v1.21.0

What's Changed

Enhancements 🚀

• Add support for flags pflag.BoolSlice, pflag.UintSlice and pflag.Float64Slice by @​nmvalera in spf13/viper#2015
• feat: use maintained yaml library by @​sagikazarmark in spf13/viper#2040

Bug Fixes 🐛

• fix(config): get config type from v.configType or config file ext by @​GuillaumeBAECHLER in spf13/viper#2003
• fix: config type check when loading any config by @​sagikazarmark in spf13/viper#2007

Dependency Updates ⬆️

• Update dependencies by @​sagikazarmark in spf13/viper#1993
• build(deps): bump github.com/spf13/cast from 1.7.1 to 1.8.0 by @​dependabot[bot] in spf13/viper#2017
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.3 to 2.2.4 by @​dependabot[bot] in spf13/viper#2013
• build(deps): bump github.com/sagikazarmark/locafero from 0.8.0 to 0.9.0 by @​dependabot[bot] in spf13/viper#2008
• build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in /remote by @​dependabot[bot] in spf13/viper#2016
• build(deps): bump github.com/spf13/cast from 1.8.0 to 1.9.2 by @​dependabot[bot] in spf13/viper#2020
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @​dependabot[bot] in spf13/viper#2028
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 by @​dependabot[bot] in spf13/viper#2035
• build(deps): bump github.com/spf13/pflag from 1.0.6 to 1.0.7 by @​dependabot[bot] in spf13/viper#2036
• build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0 by @​dependabot[bot] in spf13/viper#2012
• build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @​dependabot[bot] in spf13/viper#2052
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /remote by @​dependabot[bot] in spf13/viper#2048
• build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 by @​dependabot[bot] in spf13/viper#2056
• chore: update dependencies by @​sagikazarmark in spf13/viper#2057

Other Changes

• Update update guide with mapstructure package replacement. by @​aldas in spf13/viper#2004
• refactor: use the built-in max/min to simplify the code by @​yingshanghuangqiao in spf13/viper#2029

New Contributors

• @​GuillaumeBAECHLER made their first contribution in spf13/viper#2003
• @​aldas made their first contribution in spf13/viper#2004
• @​nmvalera made their first contribution in spf13/viper#2015
• @​yingshanghuangqiao made their first contribution in spf13/viper#2029
• @​ccoVeille made their first contribution in spf13/viper#2046
• @​spacez320 made their first contribution in spf13/viper#2050

Full Changelog: spf13/viper@v1.20.0...v1.21.0

Commits

• 394040c ci: build on go 1.25
• 812f548 chore: update dependencies
• d5271ef ci: update stale workflow
• dff303b feat: add a stale issue scheduled action
• 1287976 build(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10
• 38932cd build(deps): bump github.com/go-viper/mapstructure/v2 in /remote
• 6d014be build(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1
• b74c7ee build(deps): bump github.com/fsnotify/fsnotify from 1.8.0 to 1.9.0
• acd05e1 fix: linting issues
• ae5a8e2 ci: upgrade golangci-lint
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.79.1 to 1.79.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.2

Bug Fixes

• stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Commits

• 8902ab6 Change the version to release 1.79.2 (#8947)
• a928670 Cherry-pick #8874 to v1.79.x (#8904)
• 06df363 Change version to 1.79.2-dev (#8903)
• See full diff in compare view

Updates google.golang.org/grpc from 1.80.0-dev to 1.81.0-dev

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.2

Bug Fixes

• stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Commits

• 8902ab6 Change the version to release 1.79.2 (#8947)
• a928670 Cherry-pick #8874 to v1.79.x (#8904)
• 06df363 Change version to 1.79.2-dev (#8903)
• See full diff in compare view

Updates github.com/envoyproxy/protoc-gen-validate from 1.3.0 to 1.3.3

Release notes

Sourced from github.com/envoyproxy/protoc-gen-validate's releases.

v1.3.3

One more release attempt to get Python published on PyPI. 😄

What's Changed

• Update Python 3.9 references to 3.10 by @​stefanvanburen in bufbuild/protoc-gen-validate#1370

Full Changelog: bufbuild/protoc-gen-validate@v1.3.2...v1.3.3

v1.3.2

Fixing the v1.3.1 release, which was fixing the v1.3.0 release 😄.

What's Changed

• Attempt to fix release by @​stefanvanburen in bufbuild/protoc-gen-validate#1368

Full Changelog: bufbuild/protoc-gen-validate@v1.3.1...v1.3.2

v1.3.1

This is a release to get out Python support for 3.13, which failed to publish to PyPI in v1.3.0.

What's Changed

• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1332
• Bump actions/checkout from 5 to 6 in the github-actions group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1330
• Fix Java deployment by @​pkwarren in bufbuild/protoc-gen-validate#1335
• Update settings.xml to use SONATYPE_USERNAME env var by @​pkwarren in bufbuild/protoc-gen-validate#1336
• Run deployment with release profile by @​pkwarren in bufbuild/protoc-gen-validate#1337
• Remove maven settings.xml file by @​pkwarren in bufbuild/protoc-gen-validate#1338
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1334
• Bump the github-actions group with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1341
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1340
• Bump the go-tests group in /tests with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1339
• Bump the java group across 1 directory with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1343
• Support for latest setuptools by @​matejsp in bufbuild/protoc-gen-validate#1345
• Replace deprecated java_proto_library from rules_java by @​mmorel-35 in bufbuild/protoc-gen-validate#1349
• Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1350
• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1351
• Bump wheel from 0.45.1 to 0.46.2 by @​dependabot[bot] in bufbuild/protoc-gen-validate#1352
• Update go and deps by @​rodaine in bufbuild/protoc-gen-validate#1355
• Update python and deps by @​rodaine in bufbuild/protoc-gen-validate#1354
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1356
• Bump the python-root group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1357

Full Changelog: bufbuild/protoc-gen-validate@v1.3.0...v1.3.1

Commits

• 92b9a7d Update Python 3.9 references to 3.10 (#1370)
• e72f3dc Attempt to fix release (#1368)
• 39d950b Bump the python-root group across 1 directory with 4 updates (#1357)
• c4c1414 Bump the java group in /java with 2 updates (#1356)
• 05cc215 Update python and deps (#1354)
• 1a76a21 Update go and deps (#1355)
• 3212c98 Bump wheel from 0.45.1 to 0.46.2 (#1352)
• 4231822 Bump the java group across 1 directory with 4 updates (#1351)
• 187ff66 Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group (...
• ae40bad Replace deprecated java_proto_library from rules_java (#1349)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.80.0-dev to 1.81.0-dev

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.2

Bug Fixes

• stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Commits

• 8902ab6 Change the version to release 1.79.2 (#8947)
• a928670 Cherry-pick #8874 to v1.79.x (#8904)
• 06df363 Change version to 1.79.2-dev (#8903)
• See full diff in compare view

Updates k8s.io/apimachinery from 0.33.3 to 0.35.2

Commits

• 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
• e2a2dbc Bump golang.org/x/crypto to v0.45.0
• 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 52154f7 Update vendored dependencies
• 5a348c5 KEP-5471: Extend tolerations operators (#134665)
• 6f89492 Merge pull request #133648 from richabanker/merged-discovery
• c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
• 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.33.3 to 0.35.2

Commits

• a21b329 Update dependencies to v0.35.2 tag
• 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
• 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
• 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
• 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
• 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
• 97256a6 Bump golang.org/x/crypto to v0.45.0
• 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 171ef8c Use transformer in consistency checker
• 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.21.0 to 0.23.3

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.23.3

What's Changed

• 🐛 Ensure DefaulterRemoveUnknownOrOmitableFields is still working even if objects are equal by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3469

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.2...v0.23.3

v0.23.2

What's Changed

• 🐛 Fix fake client's SSA status patch resource version check by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3446
• ✨ Reduce memory usage of default webhooks by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3467

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.1...v0.23.2

v0.23.1

What's Changed

• 🐛 Cache reader: Wait for cache sync when ReaderFailOnMissingInformer is true by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3433
• 🐛 Fix panic when using CRs with embedded pointer structs by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3436
• 🌱 Test cache reader waits for cache sync by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3438
• 🐛 Fakeclient: Fix status apply if existing object has managedFields set by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3437

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.0...v0.23.1

v0.23.0

🔆 Highlights

• Client: Add subresource Apply support by @​alvaroaleman in kubernetes-sigs/controller-runtime#3321
• Conversion: Enable implementation of conversion outside of API packages by @​sbueringer in kubernetes-sigs/controller-runtime#3335
• Priorityqueue: Various improvements, bug fixes and now enabled per default
• Webhooks: Generic Validator and Defaulter by @​alvaroaleman in kubernetes-sigs/controller-runtime#3360

⚠️ Breaking changes

• Dependencies: Update to k8s.io/* v1.35 by @​alvaroaleman @​dongjiang1989 @​kannon92 (#3316, #3349, #3386, #3391, #3401)
• Client: Add subresource Apply support by @​alvaroaleman in kubernetes-sigs/controller-runtime#3321
• Events: Migration to the new events API by @​clebs in kubernetes-sigs/controller-runtime#3262
  • Using the new GetEventRecorderFor requires updating your rbac for events to use the events.k8s.io apiGroup rather than the `` (core) apiGroup
• Fakeclient: Set ResourceVersion for SSA Create by @​alvaroaleman in kubernetes-sigs/controller-runtime#3311
• Webhooks: Generic Validator and Defaulter by @​alvaroaleman in kubernetes-sigs/controller-runtime#3360
  • Existing code of the form builder.WebhookManagedBy(mgr).For(&corev1.Deployment{}) has to be changed to builder.WebhookManagedBy(mgr, &appsv1.Deployment{})
  • Existing webhook implementations have to be changed to take the concrete object rather than runtime.Object, for example from ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) to ValidateCreate(ctx context.Context, obj *appsv1.Deployment) (admission.Warnings, error)

✨ Features

• Cache: Allow fine-granular SyncPeriod configuration by @​sbueringer in kubernetes-sigs/controller-runtime#3376
• Client: Add FieldOwner option to client.Options by @​aerfio in kubernetes-sigs/controller-runtime#3389
• Client: Add FieldValidation option to client.Options by @​aerfio in kubernetes-sigs/controller-runtime#3393

... (truncated)

Commits

• f9589b9 Merge pull request #3469 from k8s-infra-cherrypick-robot/cherry-pick-3468-to-...
• 25615ad Ensure DefaulterRemoveUnknownOrOmitableFields is still working even if object...
• 8122a62 Merge pull request #3467 from k8s-infra-cherrypick-robot/cherry-pick-3463-to-...
• 35093c6 Reduce memory usage of default webhooks
• 4dbfa5c [release-0.23] 🐛 Fix fake client's SSA status patch resource version check (#...
• f52bbb8 Merge pull request #3437 from k8s-infra-cherrypick-robot/cherry-pick-3430-to-...
• 4f41337 Merge pull request #3438 from k8s-infra-cherrypick-robot/cherry-pick-3434-to-...
• e29a1b9 seedling: Test cache reader waits for cache sync
• 83c8dc3 bug: Fakeclient: Fix status apply if existing object has managedFields set
• bf6bcd5 Merge pull request #3436 from k8s-infra-cherrypick-robot/cherry-pick-3431-to-...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions