Skip to content

Bump the all group across 1 directory with 7 updates#1985

Merged
tekton-robot merged 2 commits intomainfrom
dependabot/go_modules/all-95e10c14c6
Apr 1, 2026
Merged

Bump the all group across 1 directory with 7 updates#1985
tekton-robot merged 2 commits intomainfrom
dependabot/go_modules/all-95e10c14c6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 31, 2026
edited
Loading

Bumps the all group with 4 updates in the / directory: golang.org/x/oauth2, google.golang.org/grpc, k8s.io/api and k8s.io/apiextensions-apiserver.

Updates golang.org/x/oauth2 from 0.35.0 to 0.36.0

Commits
  • 4d954e6 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates google.golang.org/grpc from 1.79.2 to 1.79.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)
Commits

Updates k8s.io/api from 0.35.2 to 0.35.3

Commits

Updates k8s.io/apiextensions-apiserver from 0.35.2 to 0.35.3

Commits
  • 073f527 Update dependencies to v0.35.3 tag
  • 791831a Merge pull request #136903pohly/automated-cherry-pick-of-#136455
  • 85fbdc0 Merge pull request #136387vikasbolla/automated-cherry-pick-of-#135567
  • 0e52304 fake client-go: un-deprecate NewSimpleClientset
  • f4ff589 Fix flaky TestApplyCRDuringCRDFinalization test
  • See full diff in compare view

Updates k8s.io/apimachinery from 0.35.2 to 0.35.3

Commits

Updates k8s.io/client-go from 0.35.2 to 0.35.3

Commits
  • 4f1f0a2 Update dependencies to v0.35.3 tag
  • f80003c Merge pull request #136903pohly/automated-cherry-pick-of-#136455
  • 8b41556 fake client-go: un-deprecate NewSimpleClientset
  • See full diff in compare view

Updates k8s.io/code-generator from 0.35.2 to 0.35.3

Commits
  • d656d0d Update dependencies to v0.35.3 tag
  • 397b82d Merge pull request #136903pohly/automated-cherry-pick-of-#136455
  • 5799bbf fake client-go: un-deprecate NewSimpleClientset
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Mar 31, 2026
@dependabot dependabot Bot added release-note-none Denotes a PR that doesnt merit a release note. kind/misc Categorizes issue or PR as a miscellaneuous one. dependencies Used by dependabot - identifies all PRs created by dependabot labels Mar 31, 2026
@tekton-robot tekton-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Mar 31, 2026
khrm
khrm reviewed Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@khrm khrm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Apr 1, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: khrm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 1, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 1, 2026

@dependabot recreate

@dependabot dependabot Bot force-pushed the dependabot/go_modules/all-95e10c14c6 branch from 1779b41 to 979d307 Compare April 1, 2026 06:09
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 1, 2026

/lgtm

@tekton-robot tekton-robot added lgtm Indicates that a PR is ready to be merged. and removed lgtm Indicates that a PR is ready to be merged. labels Apr 1, 2026
khrm added 2 commits April 1, 2026 13:26
@khrm
Bump the all group across 1 directory with 7 updates
cf7a3b9 
Bumps the all group with 4 updates in the / directory: [golang.org/x/oauth2](https://github.com/golang/oauth2), [google.golang.org/grpc](https://github.com/grpc/grpc-go), [k8s.io/api](https://github.com/kubernetes/api) and [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver).

Updates `golang.org/x/oauth2` from 0.35.0 to 0.36.0
- [Commits](golang/oauth2@v0.35.0...v0.36.0)

Updates `google.golang.org/grpc` from 1.79.2 to 1.79.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.2...v1.79.3)

Updates `k8s.io/api` from 0.35.2 to 0.35.3
- [Commits](kubernetes/api@v0.35.2...v0.35.3)

Updates `k8s.io/apiextensions-apiserver` from 0.35.2 to 0.35.3
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.35.2...v0.35.3)

Updates `k8s.io/apimachinery` from 0.35.2 to 0.35.3
- [Commits](kubernetes/apimachinery@v0.35.2...v0.35.3)

Updates `k8s.io/client-go` from 0.35.2 to 0.35.3
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.35.2...v0.35.3)

Updates `k8s.io/code-generator` from 0.35.2 to 0.35.3
- [Commits](kubernetes/code-generator@v0.35.2...v0.35.3)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/api
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/code-generator
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@khrm
Updated generated files for newer k8s version
aa7f063
@khrm khrm force-pushed the dependabot/go_modules/all-95e10c14c6 branch from 6d29398 to aa7f063 Compare April 1, 2026 07:56
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 1, 2026

Merging this branch will not change overall coverage

Impacted Packages Coverage Δ 🤖
github.com/tektoncd/triggers/pkg/client/clientset/versioned/fake 0.00% (ø)
Coverage by file

Changed files (no unit tests)

Changed File Coverage Δ Total Covered Missed 🤖
github.com/tektoncd/triggers/pkg/client/clientset/versioned/fake/clientset_generated.go 0.00% (ø) 23 0 23

Please note that the "Total", "Covered", and "Missed" counts above refer to code statements instead of lines of code. The value in brackets refers to the test coverage of that file in the old version of the code.

khrm
khrm reviewed Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@khrm khrm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 1, 2026
@tekton-robot tekton-robot merged commit f00609d into main Apr 1, 2026
13 checks passed
@khrm khrm deleted the dependabot/go_modules/all-95e10c14c6 branch April 1, 2026 08:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khrm khrm khrm left review comments

@savitaashture savitaashture Awaiting requested review from savitaashture

Assignees

@khrm khrm

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tekton-robot @khrm