Bump the go-modules group with 4 updates

[dependabot]

Bumps the go-modules group with 4 updates: cloud.google.com/go/compute/metadata, github.com/hashicorp/go-getter, github.com/mholt/archives and modernc.org/libc.

Updates cloud.google.com/go/compute/metadata from 0.8.0 to 0.8.1

Release notes

Sourced from cloud.google.com/go/compute/metadata's releases.

compute/metadata: v0.8.1

0.8.1 (2025-09-16)

Bug Fixes

• compute/metadata: Use separate client for subscribe methods (#12885) (76b80f8)

Changelog

Sourced from cloud.google.com/go/compute/metadata's changelog.

Changes

0.122.0 (2025-09-04)

Features

• internal/librariangen: Add release-init command (#12751) (52e84cc)

Bug Fixes

• internal/godocfx: Better support for v2 modules (#12797) (4bc8785)
• internal/godocfx: Module detection when tidy errors (#12801) (83d46cd)
• internal/librariangen: Fix goimports errors (#12765) (83bdaa4)

0.121.6 (2025-08-14)

Bug Fixes

• internal/librariangen: Fix Dockerfile permissions for go mod tidy (#12704) (0e70a0b)

0.121.5 (2025-08-12)

Bug Fixes

• internal/librariangen: Get README title from service config yaml (#12676) (b3b8f70)
• internal/librariangen: Update source_paths to source_roots in generate-request.json (#12691) (2adb6f9)

0.121.4 (2025-07-17)

Bug Fixes

• geminidataanalytics: Correct resource reference type for parent field in data_chat_service.proto (98ba6f0)
• internal/postprocessor: Add git (#12524) (82030ee)

0.121.3 (2025-06-25)

Documentation

• impersonate: Address TODO in impersonate/example_test.go (#12401) (dd096ec)

0.121.2 (2025-05-21)

... (truncated)

Commits

• 6525341 chore(main): release ai 0.8.1 (#10467)
• 33a4ad3 test(storage/transfermanager): add CRC to test (#10568)
• 245d2ea feat(storage): add full object checksum to reader.Attrs (#10538)
• 29b52dc feat(spanner): Add RESOURCE_EXHAUSTED to retryable transaction codes (#10412)
• a880fb8 chore(internal/detect): export project sentinel value (#10560)
• 037e9ef fix(bigquery): reduce default backoffs (#10558)
• 4e180f4 fix(spanner): fix negative values for max_in_use_sessions metrics #10449 (#10...
• 25c5cbe docs(bigquery): update description of query preview feature (#10554)
• d9046fd fix(auth): use default client for universe metadata lookup (#10551)
• 8cf89a3 docs(logging): Documentation for automatic trace/span ID extraction (#10536)
• Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.8.1

What's Changed

• chore(deps): bump ulikunitz/xz to v0.5.15 by @​thevilledev in hashicorp/go-getter#550
• Improve CI/CD, fix tests by @​YakDriver in hashicorp/go-getter#554
• [fix] Windows junction handling by @​YakDriver in hashicorp/go-getter#557

New Contributors

• @​thevilledev made their first contribution in hashicorp/go-getter#550

Full Changelog: hashicorp/go-getter@v1.8.0...v1.8.1

Commits

• d2e581e [fix] Windows junction handling (#557)
• 928ae39 [chore] : Bump actions/setup-go from 5.5.0 to 6.0.0 in the actions group (#558)
• 4bddabb Improve CI/CD, fix tests (#554)
• c188239 chore(deps): bump ulikunitz/xz to v0.5.15 (#550)
• 344b308 Merge pull request #551 from hashicorp/dependabot/github_actions/actions-bf0a...
• aa02a21 [chore] : Bump the go-security group with 2 updates (#535)
• a7c1f46 [chore] : Bump the actions group with 2 updates
• See full diff in compare view

Updates github.com/mholt/archives from 0.1.3 to 0.1.4

Release notes

Sourced from github.com/mholt/archives's releases.

v0.1.4

This release contains an important bug fix if you walk (fs.WalkDir()) archives multiple times using archives.ArchiveFS; it would omit directory trees with implicit structure (i.e. if the archive doesn't have an explicit entry for each directory in the tree) after the first walk, on subsequent walks.

Upgraded dependencies, and improved brotli stream matching. Thanks to those who contributed!

What's Changed

• Make brotli stream matcher more robust to uncompressed binary and ASCII data files by @​dpgarrick in mholt/archives#45
• Update dependencies to avoid CVE-2025-58058 by @​dirkmueller in mholt/archives#48
• Test go 1.24 and 1.25 by @​dirkmueller in mholt/archives#49

New Contributors

• @​dpgarrick made their first contribution in mholt/archives#45
• @​dirkmueller made their first contribution in mholt/archives#48

Full Changelog: mholt/archives@v0.1.3...v0.1.4

Commits

• a6166fa Amortize implicit dirs too; fix skipped entries in subsequent walks
• 9132adf Test go 1.24 and 1.25 (#49)
• 814d03a Update dependencies to avoid CVE-2025-58058 (#48)
• f07cd8e Make brotli stream matcher more robust to uncompressed binary and ASCII data ...
• See full diff in compare view

Updates modernc.org/libc from 1.66.8 to 1.66.9

Commits

• a20aea1 regenerate abi0_linux_amd64.{go,s}
• 39da09e abi0_linux_amd64.go: adjust/verify the POC
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions