🌱 Bump the gomod group across 2 directories with 7 updates

[dependabot]

Bumps the gomod group with 5 updates in the / directory:

Package	From	To
github.com/moby/buildkit	0.26.3	0.27.0
golang.org/x/text	0.32.0	0.33.0
github.com/onsi/ginkgo/v2	2.27.4	2.27.5
gitlab.com/gitlab-org/api/client-go	1.11.0	1.18.0
cloud.google.com/go/storage	1.58.0	1.59.1

Bumps the gomod group with 2 updates in the /tools directory: github.com/onsi/ginkgo/v2 and github.com/goreleaser/goreleaser/v2.

Updates github.com/moby/buildkit from 0.26.3 to 0.27.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.27.0

buildkit 0.27.0

Welcome to the v0.27.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Akihiro Suda
• Sebastiaan van Stijn
• Justin Chadwell
• Jonathan A. Sternberg
• David Karlsson
• Dawei Wei
• Natnael Gebremariam
• Aleksandr Karpinskii
• Amr Mahdi
• Brian Goff
• Joyal George K J
• Matt Coster
• Roberto Villarreal
• Rodolfo Carvalho
• Silvin Lubecki
• Tiger Kaovilai

Notable Changes

• Built-in Dockerfile frontend has been updated to v1.21.0
• This is a first version of BuildKit with signed release images and artifacts built using Docker Github Builder
• Allow convert decisions from Session Source Policy implementations #6427
• Github Cache backend now support optional signed cache that is cryptographically verified on import #6397
• Provide a gateway interface for reading container filesystems during builds #6262
• Push registry remote cache blobs in parallel for faster uploads #6455
• Cache attestation chain pull-through responses for better performance #6435
• Allow custom AuthConfig providers in client #6408
• Surface policy deny messages in build errors #6458
• Fix Git 2.52 support for matching some error conditions #6452
• Expose the build reference in exporter buildinfo #6424
• Improve expired keys handling in Git signature verification #6412
• Cache gateway forwarder mounts and deduplicate snapshot responses #6387
• Remove development gateway frontend options in favor of build-contexts #6350
• Prevent status stream from closing too early by using an inactivity timeout #6396
• Recover from history.db corruption #6371
• Fix xattr copy failures on SELinux systems #6015

... (truncated)

Commits

• 2bcd66d Merge pull request #6482 from tonistiigi/v0.27-picks-2
• 6c53e9e forwarder: fix concurrent map write panic in the gateway forwarder
• 64bc21a Merge pull request #6479 from tonistiigi/v0.27-picks
• 6f380e6 vendor: align google.golang.org/genproto/xxx versions
• a9c91f7 vendor: update go-actions-cache to 54bc28c2
• b2fc80e Merge pull request #6473 from tonistiigi/attestation-index-error
• a50e8a1 source: avoid error when attestation asked from non-index
• faed462 Merge pull request #6464 from tonistiigi/image-attestation-lease-fix
• 870da9c Merge pull request #6465 from thaJeztah/bump_logrus
• 98291f1 vendor: github.com/sirupsen/logrus v1.9.4
• Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.4-0.20230606125235-dd1b4c2e81af to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

• go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460
• go.mod: bump up dependencies sirupsen/logrus#1460
• Touch-up godoc and add "doc" links.
• README: fix links, grammar, and update examples.
• Add GNU/Hurd support sirupsen/logrus#1364
• Add WASI wasip1 support sirupsen/logrus#1388
• Remove uses of deprecated ioutil package sirupsen/logrus#1472
• CI: update actions and golangci-lint sirupsen/logrus#1459
• CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits

• See full diff in compare view

Updates golang.org/x/text from 0.32.0 to 0.33.0

Commits

• 536231a go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.4 to 2.27.5

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Commits

• a928307 v2.27.5
• 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
• See full diff in compare view

Updates gitlab.com/gitlab-org/api/client-go from 1.11.0 to 1.18.0

Release notes

Sourced from gitlab.com/gitlab-org/api/client-go's releases.

v1.18.0

1.18.0

🚀 Features

• feat(settings): Added support for inactive_resource_access_tokens_delete_after_days to the... (!2686) by Preethi Atchudan

🔄 Other Changes

• Add missing tests for refactored functions (!2676) by Patrick Rice

1.18.0 (2026-01-25)

Features

• settings: Added support for inactive_resource_access_tokens_delete_after_days to the... (52b60c3)

v1.17.0

1.17.0

🚀 Features

• Add support for Group Mattermost integrations (!2675) by Hamza Hassanain

1.17.0 (2026-01-23)

v1.16.0

1.16.0

🚀 Features

• Add environment, deployed_after, and deployed_before params to merge requests options struct (!2672) by Filip Aleksic

🔄 Other Changes

• chore(deps): update module golang.org/x/oauth2 to v0.34.0 (!2640) by GitLab Dependency Bot

1.16.0 (2026-01-20)

v1.15.0

1.15.0

🚀 Features

... (truncated)

Changelog

Sourced from gitlab.com/gitlab-org/api/client-go's changelog.

1.18.0

🚀 Features

• feat(settings): Added support for inactive_resource_access_tokens_delete_after_days to the... (!2686) by Preethi Atchudan

🔄 Other Changes

• Add missing tests for refactored functions (!2676) by Patrick Rice

1.18.0 (2026-01-25)

Features

• settings: Added support for inactive_resource_access_tokens_delete_after_days to the... (52b60c3)

1.17.0

🚀 Features

• Add support for Group Mattermost integrations (!2675) by Hamza Hassanain

1.17.0 (2026-01-23)

1.16.0

🚀 Features

• Add environment, deployed_after, and deployed_before params to merge requests options struct (!2672) by Filip Aleksic

🔄 Other Changes

• chore(deps): update module golang.org/x/oauth2 to v0.34.0 (!2640) by GitLab Dependency Bot

1.16.0 (2026-01-20)

1.15.0

🚀 Features

• Add ExpiresAt field to ProjectSharedWithGroup struct (!2671) by cindy

🔄 Other Changes

... (truncated)

Commits

• e8b1d73 chore(release): 1.18.0 [skip ci]
• 01f88f5 Merge branch 'inactive_resource_access_tokens_delete_after_days' into 'main'
• 52b60c3 feat(settings): Added support for inactive_resource_access_tokens_delete_aft...
• 66b47a6 Merge branch 'add-missing-tests' into 'main'
• 4279683 Add missing tests for refactored functions
• bf4fa2a chore(release): 1.17.0 [skip ci]
• a1f5e47 Merge branch 'feat/group-mattermost-integration' into 'main'
• 4082528 Add support for Group Mattermost integrations
• 1c527be chore(release): 1.16.0 [skip ci]
• f997fdc Merge branch 'faleksic-merge-requests-params' into 'main'
• Additional commits viewable in compare view

Updates cloud.google.com/go/storage from 1.58.0 to 1.59.1

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage 1.59.1

1.59.1 (2026-01-14)

Bug Fixes

• remove mandatory attrs response in MRD (#13585) (6752a496)

• close attrsReady channel when metadata is missing (#13574) (712f5627)

• don't update global object's readhandle in MRD (#13575) (bc925001)

storage 1.59.0

1.59.0 (2026-01-09)

Features

• add default checksums for appendable writer (excludes appendable takeover writer) (#13379) (647baf32)

Bug Fixes

• refactor MultiRangeDownloader to resolve deadlock and race conditions (#13524) (1cfd100

Commits

• 5cd8007 chore: librarian release pull request: 20260114T061057Z (#13597)
• 585cd82 feat(firestore): [PQ] add pipeline queries
• 6752a49 fix: remove mandatory attrs response in MRD (#13585)
• 1347004 chore: skip failing TestIntegration_WriterAppendEdgeCases (#13586)
• e7723a0 test(storage): add test for MRD with read handle (#13591)
• 7e730f1 test(datastore): fix flaky tests (#13587)
• d23326b chore(spanner): add gorm data type names for PG types (#13584)
• bc92500 fix: don't update global object's readhandle in MRD (#13575)
• 712f562 fix: close attrsReady channel when metadata is missing (#13574)
• 2b52937 chore: tidy generated snippets (#13571)
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.4 to 2.27.5

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Commits

• a928307 v2.27.5
• 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.4 to 2.27.5

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Commits

• a928307 v2.27.5
• 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
• See full diff in compare view

Updates github.com/goreleaser/goreleaser/v2 from 2.12.2 to 2.13.3

Release notes

Sourced from github.com/goreleaser/goreleaser/v2's releases.

v2.13.3

Announcement

Read the official announcement: Announcing GoReleaser v2.13.

Changelog

Bug fixes

• 4e6cd46aef81a0e4d34104bc8af8ef19a2cedc60: fix(deps): update ko and docker/cli (#6323) (@​caarlos0)
• 11f2d528adad31d0cad3441ee9848840bcf5eeb2: fix: move log to debug (@​caarlos0)
• 2f44fb43f240500f9df21b9ec48f50de411dba0b: refactor: fix deprecated method usage in tests (#6325) (@​caarlos0)

Documentation updates

• 444acaa88543f7c17c721a68acfc06b97f079dce: docs(deps): bump the docs group in /www with 2 updates (#6336) (@​dependabot[bot])
• 7ebc59a0a430459901aedafdf56a5fd5a1395c28: docs: Revert sponsor list removal and enforce error handling in update-sponsors.py (#6331) (@​Copilot)
• 97bea15bd09f284a0330bde8bd2a42bd21ef70ad: docs: better sponsors (#6330) (@​caarlos0)
• 2e1159b94c7810846a16daa28b0644b55ee64d15: docs: fix auto-rebuild local (@​caarlos0)
• 8b8a4d03ddc0571d58f58697abcc83642517478f: docs: small updates (@​caarlos0)
• 089605efc774959a915c35274ddac90408db8b43: docs: update license year (@​caarlos0)

Other work

• 1945d74973a347a135b8d0d2b80e28ef9b70b75c: ci(deps): bump cargo-bins/cargo-binstall from 1.16.5 to 1.16.6 in the actions group (#6329) (@​dependabot[bot])
• 091eb958c802617836b1ee75580317e9c5fcfddd: ci(deps): bump the actions group with 3 updates (#6320) (@​dependabot[bot])
• 2eae0db1d8616bf583321cedc3701a729932311f: ci(deps): bump the actions group with 4 updates (#6335) (@​dependabot[bot])

Full Changelog: goreleaser/goreleaser@v2.13.2...v2.13.3

Helping out

This release is only possible thanks to all the support of some awesome people!

Want to be one of them? You can sponsor, get a Pro License or contribute with code.

Where to go next?

• Find examples and commented usage of all options in our website.
• Reach out on Discord and Twitter!

v2.13.2

Announcement

Read the official announcement: Announcing GoReleaser v2.13.

Changelog

Bug fixes

• 60acec88cc82c56fcab8bb2c16a2fd4588051a22: fix(mcp): always use current schema url (#6300) (@​tjhop)
• 5b21af93b21288a443dbf07a31aa0f9ab9a99525: fix(deps): move to go.yaml.in/yaml (#6298) (@​caarlos0)
• 83e39243fa09663a7405ec6dcab66bec5af36ca4: fix(deps): update fang, log, lipgloss (#6312) (@​caarlos0)
• e91e18452d00ffc8ffb578df005f3274d340f660: fix(deps): update go-github, add one more test (#6294) (@​caarlos0)

... (truncated)

Commits

• 0b78544 chore: auto-update generated files
• 444acaa docs(deps): bump the docs group in /www with 2 updates (#6336)
• 2eae0db ci(deps): bump the actions group with 4 updates (#6335)
• 95da179 chore(deps): bump gitlab.com/gitlab-org/api/client-go from 1.10.0 to 1.11.0 i...
• 8b8a4d0 docs: small updates
• 089605e docs: update license year
• 688f4af chore: typo
• 2b0bb52 ci: contents: read for generate job
• 1945d74 ci(deps): bump cargo-bins/cargo-binstall from 1.16.5 to 1.16.6 in the actions...
• f66f5c6 chore: auto-update generated files
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.4 to 2.27.5

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

Commits

• a928307 v2.27.5
• 0d0e96d don't make a new formatter for each GinkgoT(); that's just silly and uses pre...
• See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
gitlab.com/gitlab-org/api/client-go	[>= 0.118.a, < 0.119]
gitlab.com/gitlab-org/api/client-go	[>= 0.117.a, < 0.118]

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions