Bump the go-modules group across 1 directory with 15 updates by dependabot[bot] · Pull Request #561 · paketo-buildpacks/conda-env-update

dependabot · 2026-03-24T18:57:40Z

Bumps the go-modules group with 12 updates in the / directory:

Package	From	To
github.com/paketo-buildpacks/occam	`0.31.1`	`0.31.3`
cloud.google.com/go/auth	`0.18.3-0.20260310051336-87cdcc9f7568`	`0.19.0`
github.com/ProtonMail/go-crypto	`1.4.0`	`1.4.1`
github.com/anchore/stereoscope	`0.1.21`	`0.1.22`
github.com/anchore/syft	`1.42.2`	`1.42.3`
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream	`1.7.7`	`1.7.8`
github.com/aws/aws-sdk-go-v2/service/s3	`1.97.1`	`1.97.2`
github.com/diskfs/go-diskfs	`1.7.0`	`1.8.0`
github.com/fatih/color	`1.18.0`	`1.19.0`
github.com/klauspost/compress	`1.18.4`	`1.18.5`
github.com/olekukonko/ll	`0.1.7`	`0.1.8`
github.com/pelletier/go-toml/v2	`2.2.4`	`2.3.0`

Updates github.com/paketo-buildpacks/occam from 0.31.1 to 0.31.3

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.31.3

What's Changed

chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25.2 to v2.25.5 by @paketo-bot in paketo-buildpacks/occam#445

chore(deps): updated module github.com/google/go-containerregistry from v0.21.1 to v0.21.3 by @paketo-bot in paketo-buildpacks/occam#457

Full Changelog: paketo-buildpacks/occam@v0.31.2...v0.31.3

v0.31.2

What's Changed

chore(deps): updated module github.com/testcontainers/testcontainers-go from v0.39.0 to v0.40.0 by @paketo-bot in paketo-buildpacks/occam#441

chore(deps): updated module github.com/docker/docker from v28.5.1+incompatible to v28.5.2+incompatible by @paketo-bot in paketo-buildpacks/occam#440

chore(deps): updated module github.com/onsi/gomega from v1.38.3 to v1.39.1 by @paketo-bot in paketo-buildpacks/occam#452

Updates github-config by @paketo-bot in paketo-buildpacks/occam#446

Updates go mod version to 1.26.1 by @paketo-bot in paketo-buildpacks/occam#455

Full Changelog: paketo-buildpacks/occam@v0.31.1...v0.31.2

Commits

0a7c1ac chore(deps): updated module github.com/google/go-containerregistry from v0.21...
e3a5bde chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25...
6914d4b Updates go mod version to 1.26.1
a2ee454 Fix linter issues (#456)
99c82d2 Updating github-config
0277272 Updating github-config
cdd83bd Updating github-config
f46bf41 chore(deps): updated module github.com/onsi/gomega from v1.38.3 to v1.39.1 (#...
1c6c42d chore(deps): updated module github.com/docker/docker from v28.5.1+incompatibl...
7162009 chore(deps): updated module github.com/testcontainers/testcontainers-go from ...
See full diff in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.25.4 to 2.25.5

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.25.5

What's Changed

Bump github.com/anchore/syft from 1.40.0 to 1.40.1 by @dependabot[bot] in paketo-buildpacks/packit#729

Bump modernc.org/sqlite from 1.44.0 to 1.44.1 by @dependabot[bot] in paketo-buildpacks/packit#730

Bump modernc.org/sqlite from 1.44.1 to 1.44.2 by @dependabot[bot] in paketo-buildpacks/packit#732

Updates go mod version to 1.25.6 by @paketo-bot in paketo-buildpacks/packit#731

Bump modernc.org/sqlite from 1.44.2 to 1.44.3 by @dependabot[bot] in paketo-buildpacks/packit#733

Bump github.com/anchore/syft from 1.40.1 to 1.41.0 by @dependabot[bot] in paketo-buildpacks/packit#734

Bump github.com/onsi/gomega from 1.39.0 to 1.39.1 by @dependabot[bot] in paketo-buildpacks/packit#735

Bump github.com/anchore/syft from 1.41.0 to 1.41.1 by @dependabot[bot] in paketo-buildpacks/packit#736

Bump github.com/gabriel-vasile/mimetype from 1.4.12 to 1.4.13 by @dependabot[bot] in paketo-buildpacks/packit#737

Updates go mod version to 1.25.7 by @paketo-bot in paketo-buildpacks/packit#739

Bump github.com/anchore/syft from 1.41.1 to 1.41.2 by @dependabot[bot] in paketo-buildpacks/packit#738

Bump modernc.org/sqlite from 1.44.3 to 1.45.0 by @dependabot[bot] in paketo-buildpacks/packit#741

Bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 by @dependabot[bot] in paketo-buildpacks/packit#740

Bump github.com/anchore/syft from 1.41.2 to 1.42.0 by @dependabot[bot] in paketo-buildpacks/packit#742

Updates go mod version to 1.26.0 by @paketo-bot in paketo-buildpacks/packit#743

Bump modernc.org/sqlite from 1.45.0 to 1.46.0 by @dependabot[bot] in paketo-buildpacks/packit#744

Bump modernc.org/sqlite from 1.46.0 to 1.46.1 by @dependabot[bot] in paketo-buildpacks/packit#745

Bump github.com/anchore/syft from 1.42.0 to 1.42.1 by @dependabot[bot] in paketo-buildpacks/packit#746

Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 by @dependabot[bot] in paketo-buildpacks/packit#747

Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 by @dependabot[bot] in paketo-buildpacks/packit#748

Bump github.com/anchore/syft from 1.42.1 to 1.42.2 by @dependabot[bot] in paketo-buildpacks/packit#751

Bump modernc.org/sqlite from 1.46.1 to 1.46.2 by @dependabot[bot] in paketo-buildpacks/packit#752

Bump modernc.org/sqlite from 1.46.2 to 1.47.0 by @dependabot[bot] in paketo-buildpacks/packit#753

Structure re-usability for the extension by @pacostas in paketo-buildpacks/packit#754

Updates github-config by @paketo-bot in paketo-buildpacks/packit#749

Updates go mod version to 1.26.1 by @paketo-bot in paketo-buildpacks/packit#750

Full Changelog: paketo-buildpacks/packit@v2.25.4...v2.25.5

Commits

388f655 Updates go mod version to 1.26.1
ec5163e Updating github-config
1ed4352 Structure re-usability for the extension (#754)
1178810 Bump modernc.org/sqlite from 1.46.2 to 1.47.0
dc41ad0 Bump modernc.org/sqlite from 1.46.1 to 1.46.2
66b11fa Bump github.com/anchore/syft from 1.42.1 to 1.42.2
0172ef8 Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0
f3c1964 Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
82aea99 Bump github.com/anchore/syft from 1.42.0 to 1.42.1
e16f8b8 Bump modernc.org/sqlite from 1.46.0 to 1.46.1
Additional commits viewable in compare view

Updates cloud.google.com/go/auth from 0.18.3-0.20260310051336-87cdcc9f7568 to 0.19.0

Release notes

Sourced from cloud.google.com/go/auth's releases.

auth: v0.19.0

v0.19.0 (2026-03-23)

Features

add OpenTelemetry gRPC and HTTP wrappers for T4 tracing (#14133) (d38abf98)

Changelog

Sourced from cloud.google.com/go/auth's changelog.

v0.19.0

bigquery:

Support customer-managed encryption keys.

bigtable:

Improved emulator support.

Support GetCluster.

datastore:

Add general mutations.

Support pointer struct fields.

Support transaction options.

firestore:

Add Transaction.GetAll.

Support document cursors.

logging:

Support concurrent RPCs to the service.

Support per-entry resources.

profiler:

Add config options to disable heap and thread profiling.

Read the project ID from $GOOGLE_CLOUD_PROJECT when it's set.

pubsub:

BEHAVIOR CHANGE: Release flow control after ack/nack (instead of after the callback returns).

Add SubscriptionInProject.

Add OpenCensus instrumentation for streaming pull.

storage:

Support CORS.

v0.18.0

bigquery:

Marked stable.

Schema inference of nullable fields supported.

Added TimePartitioning to QueryConfig.

firestore: Data provided to DocumentRef.Set with a Merge option can contain Delete sentinels.

logging: Clients can accept parent resources other than projects.

pubsub:

pubsub/pstest: A lighweight fake for pubsub. Experimental; feedback welcome.

Support updating more subscription metadata: AckDeadline,

... (truncated)

Commits

See full diff in compare view

Updates github.com/ProtonMail/go-crypto from 1.4.0 to 1.4.1

Release notes

Sourced from github.com/ProtonMail/go-crypto's releases.

Release v1.4.1

What's Changed

Properly handle ECC keys with invalid points in ProtonMail/go-crypto#304

Full Changelog: ProtonMail/go-crypto@v1.4.0...v1.4.1

Release v1.4.1-proton

This release is v1.4.1 with support for the following non-standardized features:

Presistent symmetric keys experimental + latest draft draft-ietf-openpgp-persistent-symmetric-keys-00

Automatic forwarding draft-wussler-openpgp-forwarding-00

Post-quantum algorithms draft-ietf-openpgp-pqc (Updated to draft-ietf-openpgp-pqc-09)

Commits

2e73b11 Properly handle ECC keys with invalid points (#304)
See full diff in compare view

Updates github.com/anchore/stereoscope from 0.1.21 to 0.1.22

Release notes

Sourced from github.com/anchore/stereoscope's releases.

v0.1.22

Dependency Updates

update tools to latest versions [#540 @anchore-actions-token-generator]

bump github.com/moby/moby/client from 0.2.2 to 0.3.0 [#542 @dependabot]

bump google.golang.org/grpc from 1.76.0 to 1.79.3 [#547 @dependabot]

bump github.com/google/go-containerregistry from 0.21.1 to 0.21.2 [#541 @dependabot]

bump github.com/docker/cli from 29.2.1+incompatible to 29.3.0+incompatible [#543 @dependabot]

bump github.com/sylabs/sif/v2 from 2.23.0 to 2.24.0 [#544 @dependabot]

(Full Changelog)

Commits

86e8285 chore(deps): update tools to latest versions (#540)
b0173ff chore(deps): bump github.com/moby/moby/client from 0.2.2 to 0.3.0 (#542)
5e50dd0 chore(deps): bump google.golang.org/grpc from 1.76.0 to 1.79.3 (#547)
7977ec6 chore(deps): bump github.com/google/go-containerregistry (#541)
19e4473 chore(deps): bump github.com/docker/cli (#543)
a8dc17e chore(deps): bump github.com/sylabs/sif/v2 from 2.23.0 to 2.24.0 (#544)
See full diff in compare view

Updates github.com/anchore/syft from 1.42.2 to 1.42.3

Release notes

Sourced from github.com/anchore/syft's releases.

v1.42.3

Bug Fixes

Missing secondary evidence for .NET dependency in ghcr.io/open-telemetry/demo:2.0.0-accounting image [#4652]

Additional Changes

bump github.com/buger/jsonsparser to v1.1.2 [#4680 @willmurphyscode]

centralize temp files and prefer streaming IO [#4668 @willmurphyscode]

(Full Changelog)

Commits

860126c chore(deps): update anchore dependencies (#4681)
36639f1 chore(deps): bump github.com/buger/jsonsparser to v1.1.2 (#4680)
f32238c chore(deps): bump the go-minor-patch group with 2 updates (#4678)
0c8eef6 chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 (#4675)
4d42f8a chore(deps): bump the go-minor-patch group with 2 updates (#4674)
e388511 chore: centralize temp files and prefer streaming IO (#4668)
a3dacf5 chore(deps): update tools to latest versions (#4663)
cccc9bf chore(deps): bump the go-minor-patch group with 3 updates (#4669)
59f7725 chore(deps): bump github/codeql-action (#4670)
7a6b157 chore(deps): bump docker/login-action from 3.7.0 to 4.0.0 (#4671)
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream from 1.7.7 to 1.7.8

Commits

e3b97d2 Release 2023-10-12
863010d Regenerated Clients
6946ef8 Update endpoints model
6d93ded Update API model
bebc232 fix: fail to load config if configured profile doesn't exist (#2309)
5de4674 fix DNS timeout error not retried (#2300)
See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.97.1 to 1.97.2

Commits

ef3322b Release 2026-03-23
057f27e Regenerated Clients
38116ba Update API model
d7776a8 Don't panic decoding unknown header types on eventstream (#3355)
5754024 Release 2026-03-20
b83deb3 Regenerated Clients
9c2d943 Update endpoints model
c9d0eb1 Update API model
e21959c Release 2026-03-19
8fbfa15 Regenerated Clients
Additional commits viewable in compare view

Updates github.com/diskfs/go-diskfs from 1.7.0 to 1.8.0

Commits

fb221b6 squashfs: properly handle filecopy and blocksize (#348)
fc97b5a squashfs: properly count written bytes (#347)
5b7a68a Add support for custom publisher identifier in ISO9660 (#346)
6cfdf34 More ext4 tests (#343)
81b5f21 add copy test for ext4 (#342)
e32c127 add copy utilities (#341)
fdace5a Test ext4 create (#340)
65db366 update link for ext4 kernel docs (#338)
c593020 Add inital suport for chmod and chown on ext4 as well as the abllity to r...
8556bfd properly handle partition index with get and create (#336)
Additional commits viewable in compare view

Updates github.com/fatih/color from 1.18.0 to 1.19.0

Release notes

Sourced from github.com/fatih/color's releases.

v1.19.0

What's Changed

Bump golang.org/x/sys from 0.25.0 to 0.28.0 by @dependabot[bot] in fatih/color#246

Fix for issue #230 set/unsetwriter symmetric wrt color support detection by @ataypamart in fatih/color#243

chore: go mod cleanup by @sashamelentyev in fatih/color#244

Bump golang.org/x/sys from 0.28.0 to 0.30.0 by @dependabot[bot] in fatih/color#249

Bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 by @dependabot[bot] in fatih/color#248

Update CI and go deps by @fatih in fatih/color#254

Bump golang.org/x/sys from 0.31.0 to 0.37.0 by @dependabot[bot] in fatih/color#268

fix: include escape codes in byte counts from Fprint, Fprintf by @qualidafial in fatih/color#282

Bump golang.org/x/sys from 0.37.0 to 0.40.0 by @dependabot[bot] in fatih/color#277

fix: add nil check for os.Stdout to prevent panic on Windows services by @majiayu000 in fatih/color#275

Bump dominikh/staticcheck-action from 1.3.1 to 1.4.0 by @dependabot[bot] in fatih/color#259

Bump actions/checkout from 4 to 6 by @dependabot[bot] in fatih/color#273

Optimize Color.Equals performance (O(n²) → O(n)) by @UnSubble in fatih/color#269

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in fatih/color#266

New Contributors

@ataypamart made their first contribution in fatih/color#243

@sashamelentyev made their first contribution in fatih/color#244

@qualidafial made their first contribution in fatih/color#282

@majiayu000 made their first contribution in fatih/color#275

@UnSubble made their first contribution in fatih/color#269

Full Changelog: fatih/color@v1.18.0...v1.19.0

Commits

ca25f6e Merge pull request #266 from fatih/dependabot/github_actions/actions/setup-go-6
1205984 Bump actions/setup-go from 5 to 6
5715c20 Merge pull request #269 from UnSubble/main
2f6e200 Merge branch 'main' into main
f72ec94 Merge pull request #273 from fatih/dependabot/github_actions/actions/checkout-6
848e633 Merge branch 'main' into main
4c2cd34 Add tests
7f812f0 Bump actions/checkout from 4 to 6
b7fc9f9 Merge pull request #259 from fatih/dependabot/github_actions/dominikh/staticc...
239a88f Bump dominikh/staticcheck-action from 1.3.1 to 1.4.0
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.2 to 0.21.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.3

What's Changed

Adds local file support to the crane index subcommand by @edwardthiele in google/go-containerregistry#2223

migrate to github.com/moby/moby modules by @thaJeztah in google/go-containerregistry#2228

Bump the go-deps group across 4 directories with 7 updates by @dependabot[bot] in google/go-containerregistry#2233

Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 in the actions group by @dependabot[bot] in google/go-containerregistry#2220

mutate: reject path traversal and symlink escape in Extract by @KevinZhao in google/go-containerregistry#2227

tarball: detect symlink cycles in extractFileFromTar by @vnykmshr in google/go-containerregistry#2232

bump golang to 1.25.7 by @Subserial in google/go-containerregistry#2236

New Contributors

@edwardthiele made their first contribution in google/go-containerregistry#2223

@thaJeztah made their first contribution in google/go-containerregistry#2228

@KevinZhao made their first contribution in google/go-containerregistry#2227

@vnykmshr made their first contribution in google/go-containerregistry#2232

Full Changelog: google/go-containerregistry@v0.21.2...v0.21.3

Commits

3888fb8 bump golang to 1.25.7 (#2236)
f439624 tarball: detect symlink cycles in extractFileFromTar (#2232)
400c263 mutate: reject path traversal and symlink escape in Extract (#2227)
47eedc9 Bump goreleaser/goreleaser-action in the actions group (#2220)
be0a845 Bump the go-deps group across 4 directories with 7 updates (#2233)
e916301 migrate to github.com/moby/moby modules (#2228)
8b2478e Adds local file support to the crane index subcommand (#2223)
See full diff in compare view

Updates github.com/klauspost/compress from 1.18.4 to 1.18.5

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.5

What's Changed

zstd: Fix crash when changing encoder dictionary with same ID by @klauspost in klauspost/compress#1135

zstd: Default to full zero frames by @klauspost in klauspost/compress#1134

flate: Clean up histogram order by @klauspost in klauspost/compress#1133

Full Changelog: klauspost/compress@v1.18.4...v1.18.5

Commits

c5e0077 zstd: Fix encoder changing dictionary with same ID (#1135)
fd3f23e zstd: Default to full zero frames (#1134)
8233c58 flate: Clean up histogram order (#1133)
bcf0d12 build(deps): bump the github-actions group with 3 updates (#1132)
cf758fe ci: Upgrade Go versions, clean up (#1130)
77cc520 Add v1.18.4
See full diff in compare view

Updates github.com/olekukonko/ll from 0.1.7 to 0.1.8

Commits

0e85fb5 add stub file for Windows
01a1ebe test for windows and linux
3401561 better windows support
fdbfdbd add writer support
293b1cd more improvement
a35061d add FieldSet
fb099d6 remove possible buffered race issue
See full diff in compare view

Updates github.com/pelletier/go-toml/v2 from 2.2.4 to 2.3.0

Release notes

Sourced from github.com/pelletier/go-toml/v2's releases.

v2.3.0

This is the first release built largely with the help of AI coding agents. Highlights include the complete removal of the unsafe package. go-toml is now fully safe Go code, with a geomean overhead of only ~1.4% vs v2.2.4 and zero additional allocations on benchmarks. This release also adds omitzero struct tag support, improves UnmarshalText/Unmarshaler handling for tables and array tables, and fixes several bugs including nil pointer marshaling, leap second handling, and datetime unmarshaling panics.

What's Changed

What's new

marshal: don't escape quotes unnecessarily by @virtuald in pelletier/go-toml#991

Add omitzero tag support by @NathanBaulch in pelletier/go-toml#998

Support custom IsZero() methods with omitzero tag by @pelletier in pelletier/go-toml#1020

UnmarshalText fallbacks to struct unmarshaling for tables and arrays by @pelletier in pelletier/go-toml#1026

[unstable] Support Unmarshaler interface for tables and array tables by @pelletier in pelletier/go-toml#1027

Fixed bugs

Add missing UnmarshalTOML call by @pelletier in pelletier/go-toml#996

Handle array table into an empty slice by @pelletier in pelletier/go-toml#997

Unwrap strict errors by @bersace in pelletier/go-toml#1012

Fix leap second handling found by fuzz by @pelletier in pelletier/go-toml#1019

Fix nil pointer map values not being marshaled by @pelletier in pelletier/go-toml#1025

Fix panic when unmarshaling datetime values to incompatible types (#1028) by @pelletier in pelletier/go-toml#1029

Fix parser error pointing to wrong line at EOF without trailing newline by @pelletier in pelletier/go-toml#1041

Documentation

Improve Unmarshaling README by @heckelson in pelletier/go-toml#1016

Create AGENTS.md guidelines file by @pelletier in pelletier/go-toml#1017

Other changes

Unsafe package removal by @pelletier in pelletier/go-toml#1021

Bump CI and test scripts to Go 1.26 by @pelletier in pelletier/go-toml#1030

New Contributors

@virtuald made their first contribution in pelletier/go-toml#991

@NathanBaulch made their first contribution in pelletier/go-toml#999

@bersace made their first contribution in pelletier/go-toml#1012

@flyn-org made their first contribution in pelletier/go-toml#1013

@heckelson made their first contribution in pelletier/go-toml#1016

Full Changelog: pelletier/go-toml@v2.2.4...v2.3.0

Commits

f36a3ec Reduce marshal and unmarshal overhead (#1044)
77f3862 Fix benchmark script replacing internal package imports (#1042)
16b1ef5 Fix parser error pointing to wrong line when last line has no trailing newlin...
e14bde7 build(deps): bump docker/login-action from 3 to 4 (#1039)
4b1ff01 build(deps): bump docker/setup-buildx-action from 3 to 4 (#1040)
048a25f Go 1.26 (#1030)
b357558 build(deps): bump goreleaser/goreleaser-action from 6 to 7 (#1035)
a0be52f build(deps): bump actions/upload-artifact from 6 to 7 (#1036)
316bfc6 Support Unmarshaler interface for tables and array tables (#1027)
2edc61f Fix panic when unmarshaling datetime values to incompatible types (#1028) (#1...
Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.79.2 to 1.79.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)

Commits

dda86db Change version to 1.79.3 (#8983)
72186f1 grpc: enforce strict path checking for incoming requests on the server (#8981)
97ca352 Changing version to 1.79.3-dev (#8954)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-modules group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/paketo-buildpacks/occam](https://github.com/paketo-buildpacks/occam) | `0.31.1` | `0.31.3` | | [cloud.google.com/go/auth](https://github.com/googleapis/google-cloud-go) | `0.18.3-0.20260310051336-87cdcc9f7568` | `0.19.0` | | [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) | `1.4.0` | `1.4.1` | | [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) | `0.1.21` | `0.1.22` | | [github.com/anchore/syft](https://github.com/anchore/syft) | `1.42.2` | `1.42.3` | | [github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream](https://github.com/aws/aws-sdk-go-v2) | `1.7.7` | `1.7.8` | | [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.97.1` | `1.97.2` | | [github.com/diskfs/go-diskfs](https://github.com/diskfs/go-diskfs) | `1.7.0` | `1.8.0` | | [github.com/fatih/color](https://github.com/fatih/color) | `1.18.0` | `1.19.0` | | [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.4` | `1.18.5` | | [github.com/olekukonko/ll](https://github.com/olekukonko/ll) | `0.1.7` | `0.1.8` | | [github.com/pelletier/go-toml/v2](https://github.com/pelletier/go-toml) | `2.2.4` | `2.3.0` | Updates `github.com/paketo-buildpacks/occam` from 0.31.1 to 0.31.3 - [Release notes](https://github.com/paketo-buildpacks/occam/releases) - [Commits](paketo-buildpacks/occam@v0.31.1...v0.31.3) Updates `github.com/paketo-buildpacks/packit/v2` from 2.25.4 to 2.25.5 - [Release notes](https://github.com/paketo-buildpacks/packit/releases) - [Commits](paketo-buildpacks/packit@v2.25.4...v2.25.5) Updates `cloud.google.com/go/auth` from 0.18.3-0.20260310051336-87cdcc9f7568 to 0.19.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](https://github.com/googleapis/google-cloud-go/commits/v0.19.0) Updates `github.com/ProtonMail/go-crypto` from 1.4.0 to 1.4.1 - [Release notes](https://github.com/ProtonMail/go-crypto/releases) - [Commits](ProtonMail/go-crypto@v1.4.0...v1.4.1) Updates `github.com/anchore/stereoscope` from 0.1.21 to 0.1.22 - [Release notes](https://github.com/anchore/stereoscope/releases) - [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md) - [Commits](anchore/stereoscope@v0.1.21...v0.1.22) Updates `github.com/anchore/syft` from 1.42.2 to 1.42.3 - [Release notes](https://github.com/anchore/syft/releases) - [Changelog](https://github.com/anchore/syft/blob/main/RELEASE.md) - [Commits](anchore/syft@v1.42.2...v1.42.3) Updates `github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream` from 1.7.7 to 1.7.8 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/m2/v1.7.7...service/m2/v1.7.8) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.97.1 to 1.97.2 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.97.1...service/s3/v1.97.2) Updates `github.com/diskfs/go-diskfs` from 1.7.0 to 1.8.0 - [Commits](diskfs/go-diskfs@v1.7.0...v1.8.0) Updates `github.com/fatih/color` from 1.18.0 to 1.19.0 - [Release notes](https://github.com/fatih/color/releases) - [Commits](fatih/color@v1.18.0...v1.19.0) Updates `github.com/google/go-containerregistry` from 0.21.2 to 0.21.3 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.21.2...v0.21.3) Updates `github.com/klauspost/compress` from 1.18.4 to 1.18.5 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.4...v1.18.5) Updates `github.com/olekukonko/ll` from 0.1.7 to 0.1.8 - [Release notes](https://github.com/olekukonko/ll/releases) - [Commits](olekukonko/ll@v0.1.7...v0.1.8) Updates `github.com/pelletier/go-toml/v2` from 2.2.4 to 2.3.0 - [Release notes](https://github.com/pelletier/go-toml/releases) - [Commits](pelletier/go-toml@v2.2.4...v2.3.0) Updates `google.golang.org/grpc` from 1.79.2 to 1.79.3 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.79.2...v1.79.3) --- updated-dependencies: - dependency-name: github.com/paketo-buildpacks/occam dependency-version: 0.31.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/paketo-buildpacks/packit/v2 dependency-version: 2.25.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: cloud.google.com/go/auth dependency-version: 0.19.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/ProtonMail/go-crypto dependency-version: 1.4.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/anchore/stereoscope dependency-version: 0.1.22 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/anchore/syft dependency-version: 1.42.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream dependency-version: 1.7.8 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-version: 1.97.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/diskfs/go-diskfs dependency-version: 1.8.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/fatih/color dependency-version: 1.19.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: github.com/google/go-containerregistry dependency-version: 0.21.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/klauspost/compress dependency-version: 1.18.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/olekukonko/ll dependency-version: 0.1.8 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/pelletier/go-toml/v2 dependency-version: 2.3.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: go-modules - dependency-name: google.golang.org/grpc dependency-version: 1.79.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 24, 2026

dependabot bot requested review from a team as code owners March 24, 2026 18:57

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 24, 2026

paketo-bot added the semver:patch A change requiring a patch version bump label Mar 24, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-modules group across 1 directory with 15 updates#561

Bump the go-modules group across 1 directory with 15 updates#561
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-modules-0df1392e96

dependabot bot commented on behalf of github Mar 24, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 24, 2026

v0.31.3

What's Changed

v0.31.2

What's Changed

v2.25.5

What's Changed

auth: v0.19.0

v0.19.0 (2026-03-23)

Features

v0.19.0

v0.18.0

Release v1.4.1

What's Changed

Release v1.4.1-proton

v0.1.22

Dependency Updates

v1.42.3

Bug Fixes

Additional Changes

v1.19.0

What's Changed

New Contributors

v0.21.3

What's Changed

New Contributors

v1.18.5

What's Changed

v2.3.0

What's Changed

What's new

Fixed bugs

Documentation

Other changes

New Contributors

Release 1.79.3

Security

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant