Skip to content

Bump the gomod group in /tools with 2 updates #3779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: devel
Choose a base branch
from
Open

Bump the gomod group in /tools with 2 updates #3779

dependabot wants to merge 1 commit into from
+105 −135

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 22, 2025
edited
Loading

Bumps the gomod group in /tools with 2 updates: k8s.io/code-generator and sigs.k8s.io/controller-tools.

Updates k8s.io/code-generator from 0.34.3 to 0.35.0

Commits
  • 73ac2dd Update dependencies to v0.35.0 tag
  • 840eca3 Merge remote-tracking branch 'origin/master' into release-1.35
  • f82ba68 Bump golang.org/x/crypto to v0.45.0
  • 6c03715 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
  • ca37a69 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
  • fda29a2 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
  • 8740cd1 Update vendored dependencies
  • 1bd8803 Merge pull request #135123 from yongruilin/fix-ratcheting
  • 6affd9b run update-codegen.sh
  • 539cfc4 fix(validation-gen): Correct ratcheting for uncorrelated old values
  • Additional commits viewable in compare view

Updates sigs.k8s.io/controller-tools from 0.19.0 to 0.20.0

Release notes

Sourced from sigs.k8s.io/controller-tools's releases.

v0.20.0

What's Changed

Misc

envtest

Dependency bumps

New Contributors

... (truncated)

Commits
  • 60c448e Merge pull request #1319 from sbueringer/pr-promo-envtest-1.35
  • b7d3668 Promotion of envtest release for Kubernetes v1.35.0
  • b5f217f Merge pull request #1317 from dongjiang1989/envtest-v1.35.0-rc.1
  • 3cbb76e Merge pull request #1318 from sbueringer/pr-bump-1.35
  • 52f5e83 add envtest version
  • 10c819c Adjust to changes in validation error messages
  • 9f6a8ba Adjust generated ApplyConfigurations to v0.35
  • 1c6de27 Bump to k8s.io/* v0.35.0
  • ed0bc4f Merge pull request #1316 from kubernetes-sigs/dependabot/github_actions/all-g...
  • 17ef504 Merge pull request #1315 from kubernetes-sigs/dependabot/go_modules/all-go-mo...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

Release Notes

  • Chores
    • Updated Go toolchain to version 1.25.0 for improved compatibility and security.
    • Upgraded development and code generation dependencies to latest versions, including Kubernetes-related modules and standard libraries, for enhanced stability and maintenance.

✏️ Tip: You can customize this high-level summary in your review settings.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 22, 2025
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 22, 2025
@dependabot dependabot bot added the go Pull requests that update Go code label Dec 22, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Dec 22, 2025

@coderabbitai review

@github-actions github-actions bot enabled auto-merge (rebase) December 22, 2025 15:11
@coderabbitai
Copy link

coderabbitai bot commented Dec 22, 2025

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai
Copy link

coderabbitai bot commented Dec 22, 2025
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Go toolchain updated from 1.24.0 to 1.25.0. Multiple dependencies bumped across Kubernetes modules (k8s.io/api, k8s.io/apimachinery, k8s.io/code-generator, sigs.k8s.io/controller-tools), standard library modules (golang.org/x/*), and CLI libraries (github.com/spf13/cobra, github.com/spf13/pflag). One indirect dependency (gogo/protobuf) removed.

Changes

Cohort / File(s) Summary
Toolchain and dependency updates
tools/go.mod		 Go version bumped to 1.25.0; k8s.io Kubernetes modules updated to v0.35.0; sigs.k8s.io/controller-tools upgraded to v0.20.0; golang.org/x/* standard library modules updated; github.com/spf13/cobra and pflag CLI libraries bumped; google.golang.org/protobuf patched; gogo/protobuf indirect removed; several k8s.io indirect dependencies updated to newer pseudo-versions

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

  • Single file affected with deterministic, repetitive changes (version bumps)
  • No functional code logic or control flow modifications
  • Verification of dependency compatibility and absence of breaking changes would be the primary review focus

Possibly related PRs

Suggested labels

ready-to-test

Suggested reviewers

  • dfarrell07
  • skitt
  • vthapar
  • tpantelis
  • aswinsuryan
  • maayanf24

Pre-merge checks

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 inconclusive)
Check name Status Explanation Resolution
Actionable Comments Resolved ❓ Inconclusive Only one automated CodeRabbit bot notification comment is mentioned; no human review comments with actionable feedback are documented in the provided context. Review the full pull request comments section on GitHub to verify whether additional human review comments requesting changes or actions exist and remain unresolved.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: bumping Go module dependencies in the /tools directory, with a focus on the two primary updates (k8s.io/code-generator and sigs.k8s.io/controller-tools).

Comment @coderabbitai help to get the list of available commands and usage tips.

@dependabot dependabot bot force-pushed the dependabot/go_modules/tools/gomod-30614da37c branch from 6727564 to bcb6c63 Compare December 29, 2025 15:08
@dependabot
Bump the gomod group in /tools with 2 updates
1ed2f62 
Bumps the gomod group in /tools with 2 updates: [k8s.io/code-generator](https://github.com/kubernetes/code-generator) and [sigs.k8s.io/controller-tools](https://github.com/kubernetes-sigs/controller-tools).


Updates `k8s.io/code-generator` from 0.34.3 to 0.35.0
- [Commits](kubernetes/code-generator@v0.34.3...v0.35.0)

Updates `sigs.k8s.io/controller-tools` from 0.19.0 to 0.20.0
- [Release notes](https://github.com/kubernetes-sigs/controller-tools/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-tools/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-tools@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: k8s.io/code-generator
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: sigs.k8s.io/controller-tools
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/tools/gomod-30614da37c branch from bcb6c63 to 1ed2f62 Compare January 5, 2026 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

@aswinsuryan aswinsuryan Awaiting requested review from aswinsuryan aswinsuryan is a code owner

@dfarrell07 dfarrell07 Awaiting requested review from dfarrell07 dfarrell07 is a code owner

@maayanf24 maayanf24 Awaiting requested review from maayanf24 maayanf24 is a code owner

@Oats87 Oats87 Awaiting requested review from Oats87 Oats87 is a code owner

@skitt skitt Awaiting requested review from skitt skitt is a code owner

@sridhargaddam sridhargaddam Awaiting requested review from sridhargaddam sridhargaddam is a code owner

@tpantelis tpantelis Awaiting requested review from tpantelis tpantelis is a code owner

@vthapar vthapar Awaiting requested review from vthapar vthapar is a code owner

@yboaron yboaron Awaiting requested review from yboaron yboaron is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant