Bump k8s.io/component-helpers from 0.34.1 to 0.35.0 in the gomod group

[dependabot]

Bumps the gomod group with 1 update: k8s.io/component-helpers.

Updates k8s.io/component-helpers from 0.34.1 to 0.35.0

Commits

• 71c97d7 Update dependencies to v0.35.0 tag
• 8313d23 Merge remote-tracking branch 'origin/master' into release-1.35
• 8aa03b8 Bump golang.org/x/crypto to v0.45.0
• 165c29d Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• b6e62f7 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• be0fff2 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 0907aec Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
• d433219 Update vendored dependencies
• 723ce89 Add InPlacePodLevelResourcesVerticalScaling declared feature.
• 8ee2417 Scheduler changes to support pod level resources in place resize
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
k8s.io/component-helpers	[>= 0.34.a, < 0.35]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: Dependabot was ignoring updates to this dependency, but since you've updated it yourself we've started tracking it for you again. 🤖

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated Go toolchain to version 1.25.0.
  • Updated Kubernetes API dependencies and testing frameworks to latest versions.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

@coderabbitai review

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Updated Go toolchain from 1.24.0 to 1.25.0, bumped Ginkgo from v2.26.0 to v2.27.2, and upgraded Kubernetes API modules from v0.34.1 to v0.35.0. Multiple transitive dependencies were adjusted, removed, or updated to align with the new module graph.

Changes

Cohort / File(s)	Summary
Go toolchain and direct dependencies go.mod	Upgraded Go toolchain to 1.25.0; bumped ginkgo/v2 to v2.27.2; updated Kubernetes API modules (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go, k8s.io/component-helpers, k8s.io/utils) from v0.34.1 to v0.35.0
Indirect dependency updates go.mod	Removed gogo/protobuf (indirect); updated spf13/pflag to v1.0.9, gopkg.in/yaml/v2 to v2.4.3, json-patch to v4.13.0; adjusted Kubernetes-related indirect modules to align with v0.35.0 API versions

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Verify compatibility of Kubernetes API v0.35.0 updates across the codebase
• Confirm that removal of gogo/protobuf doesn't break serialization or existing imports
• Check for any breaking changes in updated transitive dependencies

Suggested reviewers

• dfarrell07
• skitt
• vthapar
• tpantelis
• aswinsuryan
• maayanf24

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: bumping k8s.io/component-helpers from 0.34.1 to 0.35.0, which is the primary focus of this dependency update PR.
Actionable Comments Resolved	✅ Passed	Pull request #3778 has no comments on the PR itself; GitHub API returned an empty comments array, confirming no unresolved comments exist.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[dependabot]

Looks like k8s.io/component-helpers is updatable in another way, so this is no longer needed.