Skip to content

gomod(deps): bump the kubernetes-e2e group in /tests/e2e with 5 updates#330

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/tests/e2e/kubernetes-e2e-9a640771ef
Open

gomod(deps): bump the kubernetes-e2e group in /tests/e2e with 5 updates#330
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/tests/e2e/kubernetes-e2e-9a640771ef

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Mar 1, 2026
edited by cursor bot
Loading

Bumps the kubernetes-e2e group in /tests/e2e with 5 updates:

Package From To
k8s.io/apimachinery 0.29.8 0.35.2
k8s.io/client-go 0.29.8 0.35.2
k8s.io/kubernetes 1.29.14 1.35.2
k8s.io/pod-security-admission 0.29.8 0.35.2
k8s.io/utils 0.0.0-20240711033017-18e509b52bc8 0.0.0-20251002143259-bc988d571ff4

Updates k8s.io/apimachinery from 0.29.8 to 0.35.2

Commits
  • 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
  • e2a2dbc Bump golang.org/x/crypto to v0.45.0
  • 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 52154f7 Update vendored dependencies
  • 5a348c5 KEP-5471: Extend tolerations operators (#134665)
  • 6f89492 Merge pull request #133648 from richabanker/merged-discovery
  • c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
  • 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.29.8 to 0.35.2

Commits
  • a21b329 Update dependencies to v0.35.2 tag
  • 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
  • 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
  • 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
  • 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
  • 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
  • 97256a6 Bump golang.org/x/crypto to v0.45.0
  • 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • 171ef8c Use transformer in consistency checker
  • 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • Additional commits viewable in compare view

Updates k8s.io/kubernetes from 1.29.14 to 1.35.2

Release notes

Sourced from k8s.io/kubernetes's releases.

v1.35.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

v1.35.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-rc.1

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-rc.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-beta.0

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-alpha.3

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-alpha.2

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.35.0-alpha.1

... (truncated)

Commits

Updates k8s.io/pod-security-admission from 0.29.8 to 0.35.2

Commits
  • 50c5bbd Update dependencies to v0.35.2 tag
  • 5fa7aaf Merge remote-tracking branch 'origin/master' into release-1.35
  • 4aaaf07 Bump golang.org/x/crypto to v0.45.0
  • c673328 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • 73bdfcc Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 4d82a4e Update vendored dependencies
  • 139af0e Merge pull request #132157 from haircommander/drop-userns-psa
  • 30dd564 Allow PSA controller tests to handle failure cases as errors
  • c405b04 Merge pull request #134881 from pohly/e2e-slow-priority
  • d9fe59c dependencies: ginkgo v2.27.2, gomega v1.38.2
  • Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20240711033017-18e509b52bc8 to 0.0.0-20251002143259-bc988d571ff4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note

Medium Risk
Large Kubernetes dependency jump for the e2e test module (v1.29 -> v1.35) may change API behavior and test harness expectations, potentially breaking CI even though production code is untouched.

Overview
Updates the tests/e2e Go module to target newer Kubernetes libraries, bumping k8s.io/* dependencies to the 0.35.2/v1.35.2 release line and refreshing related e2e/test deps (including ginkgo/gomega).

Regenerates go.sum to reflect the new dependency graph, pulling in a broad set of updated/transitive modules (e.g., etcd, opentelemetry, grpc, and container/runtime libs).

Written by Cursor Bugbot for commit ff0c68f. This will update automatically on new commits. Configure here.

@dependabot
gomod(deps): bump the kubernetes-e2e group in /tests/e2e with 5 updates
ff0c68f 
Bumps the kubernetes-e2e group in /tests/e2e with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.29.8` | `0.35.2` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.29.8` | `0.35.2` |
| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.29.14` | `1.35.2` |
| [k8s.io/pod-security-admission](https://github.com/kubernetes/pod-security-admission) | `0.29.8` | `0.35.2` |
| [k8s.io/utils](https://github.com/kubernetes/utils) | `0.0.0-20240711033017-18e509b52bc8` | `0.0.0-20251002143259-bc988d571ff4` |


Updates `k8s.io/apimachinery` from 0.29.8 to 0.35.2
- [Commits](kubernetes/apimachinery@v0.29.8...v0.35.2)

Updates `k8s.io/client-go` from 0.29.8 to 0.35.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.8...v0.35.2)

Updates `k8s.io/kubernetes` from 1.29.14 to 1.35.2
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](kubernetes/kubernetes@v1.29.14...v1.35.2)

Updates `k8s.io/pod-security-admission` from 0.29.8 to 0.35.2
- [Commits](kubernetes/pod-security-admission@v0.29.8...v0.35.2)

Updates `k8s.io/utils` from 0.0.0-20240711033017-18e509b52bc8 to 0.0.0-20251002143259-bc988d571ff4
- [Commits](https://github.com/kubernetes/utils/commits)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes-e2e
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes-e2e
- dependency-name: k8s.io/kubernetes
  dependency-version: 1.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes-e2e
- dependency-name: k8s.io/pod-security-admission
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: kubernetes-e2e
- dependency-name: k8s.io/utils
  dependency-version: 0.0.0-20251002143259-bc988d571ff4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: kubernetes-e2e
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file e2e gomod labels Mar 1, 2026
cursor[bot]
cursor bot reviewed Mar 1, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Free Tier Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

tests/e2e/go.mod
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
k8s.io/kubectl v0.29.8 // indirect
k8s.io/kubelet v0.29.8 // indirect
k8s.io/kubelet v0.35.2 // indirect
Copy link
Copy Markdown

@cursor cursor bot Mar 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Kubernetes indirect dependencies left at incompatible v0.29.8

High Severity

Six k8s.io/* indirect dependencies (apiextensions-apiserver, cloud-provider, controller-manager, csi-translation-lib, kubectl, mount-utils) remain pinned at v0.29.8 while direct dependencies and other indirect ones were bumped to v0.35.2. In the Kubernetes ecosystem, all k8s.io/* packages from a release must use matching versions. These v0.29.8 packages were compiled against v0.29.8 of k8s.io/apiserver, k8s.io/api, etc., but Go's MVS will resolve those to v0.35.2, likely causing compilation failures or type incompatibilities due to API changes across 6 minor versions.

Additional Locations (1)

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file e2e gomod

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants