Bump the go-modules group across 1 directory with 20 updates

[dependabot]

Bumps the go-modules group with 10 updates in the / directory:

Package	From	To
github.com/paketo-buildpacks/occam	0.30.1	0.30.2
github.com/anchore/syft	1.34.2	1.36.0
github.com/aws/aws-sdk-go-v2	1.39.3	1.39.4
github.com/aws/aws-sdk-go-v2/config	1.31.13	1.31.15
github.com/aws/aws-sdk-go-v2/internal/v4a	1.4.10	1.4.11
github.com/aws/aws-sdk-go-v2/service/internal/checksum	1.9.1	1.9.2
github.com/aws/aws-sdk-go-v2/service/internal/s3shared	1.19.10	1.19.11
github.com/aws/aws-sdk-go-v2/service/s3	1.88.5	1.88.7
github.com/klauspost/compress	1.18.0	1.18.1
google.golang.org/api	0.252.0	0.253.0

Updates github.com/paketo-buildpacks/occam from 0.30.1 to 0.30.2

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.30.2

What's Changed

• Updates github-config by @​paketo-bot in paketo-buildpacks/occam#436
• Using pack CLI --cache flag to always specify the volumes by @​pacostas in paketo-buildpacks/occam#437
• chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25.0 to v2.25.2 by @​paketo-bot in paketo-buildpacks/occam#434
• chore(deps): updated module github.com/docker/docker from v28.4.0+incompatible to v28.5.1+incompatible by @​paketo-bot in paketo-buildpacks/occam#435

Full Changelog: paketo-buildpacks/occam@v0.30.1...v0.30.2

Commits

• 4325ba8 chore(deps): updated module github.com/docker/docker from v28.4.0+incompatibl...
• ca18701 chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25...
• 9cb6d44 fix: always setting the cache volumes (#437)
• 8a84072 Updating github-config
• See full diff in compare view

Updates github.com/anchore/syft from 1.34.2 to 1.36.0

Release notes

Sourced from github.com/anchore/syft's releases.

v1.36.0

Added Features

• Add the ability to fetch remote licenses for pnpm-lock.yaml files [#4286 @​timols]
• support universal (fat) mach-o binary files [#4278 @​JoeyShapiro]
• pdm support [#2709 #4234 @​paulslaby]

Bug Fixes

• Remove duplicate image source providers [#4289 @​Rupikz]
• syft can't extract go module information from executables on Windows [#4271 #4285 @​JoeyShapiro]

(Full Changelog)

Commits

• 8be4639 chore(deps): update tools to latest versions (#4302)
• 44b7b09 chore(deps): bump github.com/github/go-spdx/v2 from 2.3.3 to 2.3.4 (#4301)
• 675075e chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (#4299)
• 31b2c4c support universal (fat) mach-o binary files (#4278)
• 07029ea chore(deps): bump sigstore/cosign-installer from 3.10.0 to 4.0.0 (#4296)
• f4de1e8 chore(deps): bump anchore/sbom-action from 0.20.7 to 0.20.8 (#4297)
• 538b4a2 convert posix path back to windows (#4285)
• fc74b07 Remove duplicate image source providers (#4289)
• 6627c52 chore(deps): bump anchore/sbom-action from 0.20.6 to 0.20.7 (#4293)
• c0f32e1 feat: add option to fetch remote licenses for pnpm-lock.yaml files (#4286)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.39.3 to 1.39.4

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.31.13 to 1.31.15

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.18.17 to 1.18.19

Commits

• 390cf19 Release 2023-03-21
• c37c72a Regenerated Clients
• d1e5193 Update endpoints model
• 2506101 Update API model
• c93b5cc Merge pull request #2051 from aws/add100ContinueCustomization
• c01aac6 Keep one changelog for PR
• 3780faa Keep one changelog for PR
• b94b5b7 Merge remote-tracking branch 'origin/add100ContinueCustomization' into add100...
• 6174ff2 Change some variable name and use operation shape id to represent operation s...
• 83491fc add changelog to last commit
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/ec2/imds from 1.18.10 to 1.18.11

Commits

• cc15dc1 Release 2023-02-01
• e629b28 Regenerated Clients
• b51a14c Update endpoints model
• f8f9a02 Update API model
• af819a3 Fix command output in README.md (#1851)
• 82a71a0 Updated "getting help" section (#1989)
• 6d9d336 Correct a typological error in credentials/ec2rolecreds/doc.go (#2004)
• c85b5f9 Address misused before nouns and spelling mistake (#1975)
• 51207f8 Release 2023-01-31
• c588861 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/internal/configsources from 1.4.10 to 1.4.11

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 from 2.7.10 to 2.7.11

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/internal/v4a from 1.4.10 to 1.4.11

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/internal/checksum from 1.9.1 to 1.9.2

Commits

• 26a9df8 Release 2021-10-11
• 29c9052 update api models (#1455)
• 0d3bd7a feature/ec2/imds: Fix Client's response handling and operation timeout race (...
• f1baf2d Update stale_issue.yml (#1447)
• 74bf5cf Update SDK to use shared tooling for changelog and release handling (#1431)
• f7e09fb Fix a typo in the Retryer docs (#1441)
• 6544404 Release 2021-09-30
• 54c5dd7 update endpoint for cloud control (#1444)
• f70d329 update models (#1443)
• cc13261 Release 2021-09-24
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/internal/presigned-url from 1.13.10 to 1.13.11

Commits

• 289bbd8 Release 2022-09-02
• 4169b1a Regenerated Clients
• e02802d Update SDK's smithy-go dependency to v1.13.2
• 9f98fe2 Update endpoints model
• 824a8eb Update API model
• 05a6aab Release 2022-09-01
• 5a4fbfe Regenerated Clients
• b9fde2d Update endpoints model
• 1808140 Update API model
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/service/internal/s3shared from 1.19.10 to 1.19.11

Commits

• 7655449 Release 2022-10-21
• dcae829 Regenerated Clients
• b82766b Update API model
• 1c05fb6 Implements IsCredentialsProvider for checking if a provider matches a target ...
• 0fab39a Merge pull request #1888 from aws/isvita/issues-1787
• 56eb993 added changelog file
• cde8cbc Release 2022-10-20
• d7765f9 Regenerated Clients
• b9dab7e Update endpoints model
• 93ed3ee Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.88.5 to 1.88.7

Commits

• 4bd7f54 Release 2025-10-23
• 55fb47c Regenerated Clients
• bf727c0 Update partitions file
• 0ca943f Update endpoints model
• 3908bc4 Update API model
• a0c74d2 Release 2025-10-22
• eb61154 Regenerated Clients
• e20d3e4 Update endpoints model
• 9acd5fa Update API model
• a91cc6c Speed up unit tests by removing duplicate work (#3216)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sso from 1.29.7 to 1.29.8

Commits

• c33f3e8 Release 2025-02-27
• 3e30151 Regenerated Clients
• 7d47f9d Update endpoints model
• c8c63a0 Update API model
• c50ebd4 Reapply "Track credential providers via User-Agent Feature ids" (#3017)
• ef40d0c Release 2025-02-26
• 2d21bb4 Regenerated Clients
• 8d810fd Update endpoints model
• a0538c5 Update API model
• 21ec8a2 Release 2025-02-25
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ssooidc from 1.35.2 to 1.35.3

Commits

• 70e9f3d Release 2025-09-10
• e620ecb Regenerated Clients
• b412203 Update endpoints model
• 89f42ef Update API model
• d71b109 Bump smithy go version to allow unused required parameter in endpoint rule se...
• f68827f Release 2025-09-09
• d1748bf Regenerated Clients
• 00307c0 Update endpoints model
• 424be93 Update API model
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sts from 1.38.7 to 1.38.9

Commits

• c7c6865 Release 2025-01-30
• 70f736c Regenerated Clients
• 28731c2 Update endpoints model
• 3505e4b Update API model
• 0b4f636 don't sign transfer-encoding header (#2991)
• b820c57 Release 2025-01-29
• 40ddb76 Regenerated Clients
• 2b4adae Update API model
• 78c2be4 Revert "beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)"
• 5c9d67c beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)
• Additional commits viewable in compare view

Updates github.com/github/go-spdx/v2 from 2.3.3 to 2.3.4

Release notes

Sourced from github.com/github/go-spdx/v2's releases.

Release v2.3.4

What's Changed

• update licenses
• bump dependencies

Full Changelog: github/go-spdx@v2.3.3...v2.3.4

Commits

• 3ea60cf Merge pull request #109 from github/auto-update-licenses
• 108cb58 Add updated license files
• 9e5ecc4 Merge pull request #116 from github/dependabot/github_actions/actions/setup-go-6
• ff1cc1c Merge branch 'main' into dependabot/github_actions/actions/setup-go-6
• b3240be Merge pull request #114 from github/dependabot/github_actions/actions/checkout-5
• d4dc9f2 Bump actions/setup-go from 5 to 6
• f63665b Bump actions/checkout from 4 to 5
• 7a705d1 Merge pull request #110 from github/elr/update-gomod
• a9ed7b0 minor dependency update trigger autosubmission
• 936b224 Merge pull request #107 from github/elr/limit-pr-autogen
• Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.18.0 to 1.18.1

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.1

What's Changed

• zstd: Fix incorrect buffer size in dictionary encodes by @​klauspost in klauspost/compress#1059
• s2: check for cap, not len of buffer in EncodeBetter/Best by @​vdarulis in klauspost/compress#1080
• zstd: Add simple zstd EncodeTo/DecodeTo functions by @​klauspost in klauspost/compress#1079
• zlib: Avoiding extra allocation in zlib.reader.Reset by @​travelpolicy in klauspost/compress#1086
• gzhttp: remove redundant err check in zstdReader by @​ryanfowler in klauspost/compress#1090
• Run modernize. Deprecate Go 1.22 by @​klauspost in klauspost/compress#1095
• flate: Simplify matchlen by @​klauspost in klauspost/compress#1101
• flate: Add examples by @​klauspost in klauspost/compress#1102
• flate: Use exact sizes for huffman tables by @​klauspost in klauspost/compress#1103
• flate: Faster load+store by @​klauspost in klauspost/compress#1104
• Add notice to S2 about MinLZ by @​klauspost in klauspost/compress#1065

New Contributors

• @​wooffie made their first contribution in klauspost/compress#1069
• @​vdarulis made their first contribution in klauspost/compress#1080
• @​travelpolicy made their first contribution in klauspost/compress#1086
• @​ryanfowler made their first contribution in klauspost/compress#1090

Full Changelog: klauspost/compress@v1.18.0...v1.18.1

Commits

• d10b525 build(deps): bump the github-actions group with 2 updates (#1105)
• 3c0d308 flate: Faster load+st0re (#1104)
• 6e2f5d5 flate: Use exact sizes for huffman tables (#1103)
• bda824b flate: Add examples (#1102)
• f44517c flate: Simplify matchlen (#1101)
• 54cb7a5 build(deps): bump the github-actions group with 3 updates (#1096)
• c43fcbb Run modernize. Deprecate Go 1.22 (#1095)
• 86a9489 gzhttp: remove redundant err check in zstdReader (#1090)
• ad4a030 build(deps): bump github/codeql-action in the github-actions group (#1087)
• 1a8c0e4 Avoiding extra allocation in Reset (#1086)
• Additional commits viewable in compare view

Updates google.golang.org/api from 0.252.0 to 0.253.0

Release notes

Sourced from google.golang.org/api's releases.

v0.253.0

0.253.0 (2025-10-22)

Features

• all: Auto-regenerate discovery clients (#3337) (40f2752)
• all: Auto-regenerate discovery clients (#3339) (d1ef976)
• all: Auto-regenerate discovery clients (#3340) (580c65f)
• all: Auto-regenerate discovery clients (#3341) (9d031c4)
• all: Auto-regenerate discovery clients (#3342) (ca2b9ad)
• all: Auto-regenerate discovery clients (#3344) (844753e)
• all: Auto-regenerate discovery clients (#3345) (3de8a5b)
• all: Auto-regenerate discovery clients (#3346) (a590b9a)
• all: Auto-regenerate discovery clients (#3347) (40ca8fe)

Changelog

Sourced from google.golang.org/api's changelog.

0.253.0 (2025-10-22)

Features

• all: Auto-regenerate discovery clients (#3337) (40f2752)
• all: Auto-regenerate discovery clients (#3339) (d1ef976)
• all: Auto-regenerate discovery clients (#3340) (580c65f)
• all: Auto-regenerate discovery clients (#3341) (9d031c4)
• all: Auto-regenerate discovery clients (#3342) (ca2b9ad)
• all: Auto-regenerate discovery clients (#3344) (844753e)
• all: Auto-regenerate discovery clients (#3345) (3de8a5b)
• all: Auto-regenerate discovery clients (#3346) (a590b9a)
• all: Auto-regenerate discovery clients (#3347) (40ca8fe)

Commits

• bf0e302 chore(main): release 0.253.0 (#3338)
• 40ca8fe feat(all): auto-regenerate discovery clients (#3347)
• a590b9a feat(all): auto-regenerate discovery clients (#3346)
• 3de8a5b feat(all): auto-regenerate discovery clients (#3345)
• 8012a7b chore(all): update all (#3343)
• 844753e feat(all): auto-regenerate discovery clients (#3344)
• ca2b9ad feat(all): auto-regenerate discovery clients (#3342)
• 9d031c4 feat(all): auto-regenerate discovery clients (#3341)
• 580c65f feat(all): auto-regenerate discovery clients (#3340)
• d1ef976 feat(all): auto-regenerate discovery clients (#3339)
• Additional commits viewable in compare view

Updates google.golang.org/genproto/googleapis/rpc from 0.0.0-20251002232023-7c0ddcbb5797 to 0.0.0-20251014184007-4626949a642f

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions