Bump the go-modules group with 4 updates

[dependabot]

Bumps the go-modules group with 4 updates: cloud.google.com/go/compute/metadata, github.com/hashicorp/go-getter, github.com/mholt/archives and modernc.org/libc.

Updates cloud.google.com/go/compute/metadata from 0.8.0 to 0.8.3

Release notes

Sourced from cloud.google.com/go/compute/metadata's releases.

compute/metadata: v0.8.3

0.8.3 (2025-09-17)

Bug Fixes

• compute/metadata: Disable Client timeouts for subscription client (#12910) (187a58a)

compute/metadata: v0.8.2

0.8.2 (2025-09-17)

Bug Fixes

• compute/metadata: Racy test and uninitialized subClient (#12892) (4943ca2), refs #12888

compute/metadata: v0.8.1

0.8.1 (2025-09-16)

Bug Fixes

• compute/metadata: Use separate client for subscribe methods (#12885) (76b80f8)

Changelog

Sourced from cloud.google.com/go/compute/metadata's changelog.

Changes

0.122.0 (2025-09-04)

Features

• internal/librariangen: Add release-init command (#12751) (52e84cc)

Bug Fixes

• internal/godocfx: Better support for v2 modules (#12797) (4bc8785)
• internal/godocfx: Module detection when tidy errors (#12801) (83d46cd)
• internal/librariangen: Fix goimports errors (#12765) (83bdaa4)

0.121.6 (2025-08-14)

Bug Fixes

• internal/librariangen: Fix Dockerfile permissions for go mod tidy (#12704) (0e70a0b)

0.121.5 (2025-08-12)

Bug Fixes

• internal/librariangen: Get README title from service config yaml (#12676) (b3b8f70)
• internal/librariangen: Update source_paths to source_roots in generate-request.json (#12691) (2adb6f9)

0.121.4 (2025-07-17)

Bug Fixes

• geminidataanalytics: Correct resource reference type for parent field in data_chat_service.proto (98ba6f0)
• internal/postprocessor: Add git (#12524) (82030ee)

0.121.3 (2025-06-25)

Documentation

• impersonate: Address TODO in impersonate/example_test.go (#12401) (dd096ec)

0.121.2 (2025-05-21)

... (truncated)

Commits

• aa41de6 chore: release main (#8917)
• 81a97b0 fix(all): update grpc-go to v1.59.0 (#8922)
• 343cea8 fix(all): update grpc-go to v1.56.3 (#8916)
• 7bb630b test(bigtable): Add retries while getting app profile (#8751)
• b1409e3 chore(cloudquotas): Revert "add config to generate apiv1 (#8766)" (#8770)
• b3cc26b chore(cloudquotas): add config to generate apiv1 (#8766)
• dfa8e22 feat(bigquery/storage/managedwriter): support default value controls (#8686)
• 3e5ba24 chore(internal/godocfx): test a specific golden package version (#8759)
• 1e6534f chore(internal/kokoro): upload docs to subdirectory (#8763)
• 74fa783 chore(internal/kokoro): fix doc upload (#8762)
• Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.8.1

What's Changed

• chore(deps): bump ulikunitz/xz to v0.5.15 by @​thevilledev in hashicorp/go-getter#550
• Improve CI/CD, fix tests by @​YakDriver in hashicorp/go-getter#554
• [fix] Windows junction handling by @​YakDriver in hashicorp/go-getter#557

New Contributors

• @​thevilledev made their first contribution in hashicorp/go-getter#550

Full Changelog: hashicorp/go-getter@v1.8.0...v1.8.1

Commits

• d2e581e [fix] Windows junction handling (#557)
• 928ae39 [chore] : Bump actions/setup-go from 5.5.0 to 6.0.0 in the actions group (#558)
• 4bddabb Improve CI/CD, fix tests (#554)
• c188239 chore(deps): bump ulikunitz/xz to v0.5.15 (#550)
• 344b308 Merge pull request #551 from hashicorp/dependabot/github_actions/actions-bf0a...
• aa02a21 [chore] : Bump the go-security group with 2 updates (#535)
• a7c1f46 [chore] : Bump the actions group with 2 updates
• See full diff in compare view

Updates github.com/mholt/archives from 0.1.3 to 0.1.4

Release notes

Sourced from github.com/mholt/archives's releases.

v0.1.4

This release contains an important bug fix if you walk (fs.WalkDir()) archives multiple times using archives.ArchiveFS; it would omit directory trees with implicit structure (i.e. if the archive doesn't have an explicit entry for each directory in the tree) after the first walk, on subsequent walks.

Upgraded dependencies, and improved brotli stream matching. Thanks to those who contributed!

What's Changed

• Make brotli stream matcher more robust to uncompressed binary and ASCII data files by @​dpgarrick in mholt/archives#45
• Update dependencies to avoid CVE-2025-58058 by @​dirkmueller in mholt/archives#48
• Test go 1.24 and 1.25 by @​dirkmueller in mholt/archives#49

New Contributors

• @​dpgarrick made their first contribution in mholt/archives#45
• @​dirkmueller made their first contribution in mholt/archives#48

Full Changelog: mholt/archives@v0.1.3...v0.1.4

Commits

• a6166fa Amortize implicit dirs too; fix skipped entries in subsequent walks
• 9132adf Test go 1.24 and 1.25 (#49)
• 814d03a Update dependencies to avoid CVE-2025-58058 (#48)
• f07cd8e Make brotli stream matcher more robust to uncompressed binary and ASCII data ...
• See full diff in compare view

Updates modernc.org/libc from 1.66.8 to 1.66.9

Commits

• a20aea1 regenerate abi0_linux_amd64.{go,s}
• 39da09e abi0_linux_amd64.go: adjust/verify the POC
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions