Skip to content

chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /webhook/hack#1129

Merged
rashedkvm merged 1 commit into
mainfrom
dependabot/go_modules/webhook/hack/carvel.dev/ytt-0.54.0
May 14, 2026
Merged

chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /webhook/hack#1129
rashedkvm merged 1 commit into
mainfrom
dependabot/go_modules/webhook/hack/carvel.dev/ytt-0.54.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps carvel.dev/ytt from 0.54.0 to 0.55.0.

Release notes

Sourced from carvel.dev/ytt's releases.

v0.55.0

Installation

By downloading binary from the release

For instance, if you are using Linux on an AMD64 architecture:

# Download the binary
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.55.0/ytt-linux-amd64
Move the binary in to your PATH
mv kapp-linux-amd64 /usr/local/bin/ytt
Make the binary executable
chmod +x /usr/local/bin/ytt

Via Homebrew (macOS or Linux)

$ brew tap carvel-dev/carvel
$ brew install ytt
$ ytt version

Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC(Refer this page for cosign installation). To validate the signature of this file, run the following commands:

# Download the checksums file, certificate and signature
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.55.0/checksums.txt
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.55.0/checksums.txt.pem
curl -LO https://github.com/carvel-dev/ytt/releases/download/v0.55.0/checksums.txt.sig
Verify the checksums file
cosign verify-blob checksums.txt 
--certificate checksums.txt.pem 
--signature checksums.txt.sig 
--certificate-identity-regexp=https://github.com/carvel-dev 
--certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.

</tr></table>

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 27, 2026
@dependabot dependabot Bot changed the title chore(deps): Bump carvel.dev/ytt from 0.53.2 to 0.54.0 in /webhook/hack chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /webhook/hack May 14, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/webhook/hack/carvel.dev/ytt-0.54.0 branch from 818d37d to cf79632 Compare May 14, 2026 15:05
@rashedkvm rashedkvm enabled auto-merge (squash) May 14, 2026 15:25
@rashedkvm

rashedkvm commented May 14, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot
chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /webhook/hack
5a69a42 
Bumps [carvel.dev/ytt](https://github.com/carvel-dev/ytt) from 0.54.0 to 0.55.0.
- [Release notes](https://github.com/carvel-dev/ytt/releases)
- [Commits](carvel-dev/ytt@v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: carvel.dev/ytt
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/webhook/hack/carvel.dev/ytt-0.54.0 branch from cf79632 to 5a69a42 Compare May 14, 2026 15:34
@rashedkvm rashedkvm merged commit 44bca62 into main May 14, 2026
11 checks passed
@rashedkvm rashedkvm deleted the dependabot/go_modules/webhook/hack/carvel.dev/ytt-0.54.0 branch May 14, 2026 15:40
rashedkvm added a commit that referenced this pull request May 14, 2026
@rashedkvm @dependabot
Merge from main v0.11.x (#1145)
497e854 
* chore(deps): Bump codecov/codecov-action from 5 to 6 (#1115)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5 to 6.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5...v6)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 (#1116)

Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.43.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.40.0...v1.43.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.43.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump github.com/google/go-containerregistry in /webhook (#1117)

Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.21.3 to 0.21.5.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.3...v0.21.5)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump reconciler.io/runtime from 0.25.1 to 0.26.1 (#1136)

* chore(deps): Bump reconciler.io/runtime from 0.25.1 to 0.26.1

Bumps [reconciler.io/runtime](https://github.com/reconcilerio/runtime) from 0.25.1 to 0.26.1.
- [Release notes](https://github.com/reconcilerio/runtime/releases)
- [Commits](reconcilerio/runtime@v0.25.1...v0.26.1)

---
updated-dependencies:
- dependency-name: reconciler.io/runtime
  dependency-version: 0.26.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump k8s/controller-runtime deps to v0.36.0/v0.24.0 and fix MarkFalse call

- Update k8s.io/api, k8s.io/apimachinery to v0.36.0 and
  sigs.k8s.io/controller-runtime to v0.24.0 across webhook,
  convention-server, dumper-server, and spring-convention-server modules
- Bump transitive deps: k8s.io/klog/v2 v2.140.0, k8s.io/kube-openapi,
  k8s.io/utils, golang.org/x/net v0.53.0, golang.org/x/text v0.36.0,
  google/go-containerregistry v0.21.3, and related sigs.k8s.io packages
- Fix podintent_reconciler.go: pass MarkFalse format args directly
  instead of wrapping with fmt.Sprintf

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rashed Kamal <rashed.kamal@broadcom.com>

* chore(deps): Bump dependencies across all modules (#1143)

- go.uber.org/zap v1.27.1 → v1.28.0
- k8s.io/api and k8s.io/apimachinery v0.36.0 → v0.36.1
- sigs.k8s.io/controller-runtime v0.24.0 → v0.24.1
- carvel.dev/ytt v0.53.2 → v0.54.0 (hack/)
- golang.org/x/tools v0.43.0 → v0.45.0 (hack/)
- sigs.k8s.io/controller-tools v0.20.1 → v0.21.0 (hack/)
- Various transitive dependency updates across go.sum files

* chore(deps): Bump reconciler.io/dies/diegen in /hack (#1125)

Bumps [reconciler.io/dies/diegen](https://github.com/reconcilerio/dies) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/reconcilerio/dies/releases)
- [Commits](reconcilerio/dies@v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: reconciler.io/dies/diegen
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /hack (#1127)

Bumps [carvel.dev/ytt](https://github.com/carvel-dev/ytt) from 0.54.0 to 0.55.0.
- [Release notes](https://github.com/carvel-dev/ytt/releases)
- [Commits](carvel-dev/ytt@v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: carvel.dev/ytt
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump carvel.dev/ytt from 0.54.0 to 0.55.0 in /webhook/hack (#1129)

Bumps [carvel.dev/ytt](https://github.com/carvel-dev/ytt) from 0.54.0 to 0.55.0.
- [Release notes](https://github.com/carvel-dev/ytt/releases)
- [Commits](carvel-dev/ytt@v0.54.0...v0.55.0)

---
updated-dependencies:
- dependency-name: carvel.dev/ytt
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump reconciler.io/dies/diegen in /webhook/hack (#1130)

Bumps [reconciler.io/dies/diegen](https://github.com/reconcilerio/dies) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/reconcilerio/dies/releases)
- [Commits](reconcilerio/dies@v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: reconciler.io/dies/diegen
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): Bump the k8s-dependencies group across 1 directory with 2 updates (#1144)

Bumps the k8s-dependencies group with 1 update in the / directory: [k8s.io/apiserver](https://github.com/kubernetes/apiserver).


Updates `k8s.io/apiserver` from 0.36.0 to 0.36.1
- [Commits](kubernetes/apiserver@v0.36.0...v0.36.1)

Updates `k8s.io/client-go` from 0.36.0 to 0.36.1
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.36.0...v0.36.1)

---
updated-dependencies:
- dependency-name: k8s.io/apiserver
  dependency-version: 0.36.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
- dependency-name: k8s.io/client-go
  dependency-version: 0.36.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rashedkvm rashedkvm rashedkvm approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rashedkvm