build(deps): bump the github-dependencies group across 1 directory with 35 updates

[dependabot]

Bumps the github-dependencies group with 24 updates in the / directory:

Package	From	To
github.com/miekg/dns	1.1.62	1.1.63
github.com/spf13/pflag	1.0.5	1.0.6
google.golang.org/grpc	1.69.2	1.70.0
google.golang.org/protobuf	1.36.2	1.36.5
github.com/google/go-cmp	0.6.0	0.7.0
cel.dev/expr	0.19.1	0.21.2
github.com/cyphar/filepath-securejoin	0.3.6	0.4.1
github.com/evanphx/json-patch/v5	5.9.0	5.9.11
github.com/grpc-ecosystem/grpc-gateway/v2	2.25.1	2.26.1
github.com/klauspost/compress	1.17.11	1.18.0
github.com/opencontainers/runc	1.2.4	1.2.5
github.com/spf13/cobra	1.8.1	1.9.1
go.etcd.io/etcd/api/v3	3.5.17	3.5.18
go.etcd.io/etcd/client/pkg/v3	3.5.17	3.5.18
go.etcd.io/etcd/client/v3	3.5.17	3.5.18
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	0.58.0	0.59.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	0.58.0	0.59.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace	1.33.0	1.34.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	1.33.0	1.34.0
golang.org/x/crypto	0.32.0	0.34.0
golang.org/x/mod	0.22.0	0.23.0
golang.org/x/net	0.34.0	0.35.0
golang.org/x/time	0.9.0	0.10.0
golang.org/x/tools	0.29.0	0.30.0

Updates github.com/miekg/dns from 1.1.62 to 1.1.63

Commits

• 97c29ff Release 1.1.63
• c705e5a Bump golang.org/x/sys from 0.23.0 to 0.27.0 (#1619)
• fb0c220 Bump golang.org/x/net from 0.28.0 to 0.31.0 (#1622)
• ca39c8b fix: input validation for RRSIG.Verify() (#1618)
• 8a00a2f add zdns as a user of miekg/dns (#1608)
• cbe4275 Allow SO_REUSEADDR and SO_REUSEPORT to be set simultaneously (#1623)
• b77d1ed Bump golang.org/x/net from 0.27.0 to 0.28.0 (#1600)
• 794abd7 edns0 cleanups (#1595)
• 6008929 add decorate reader warning (#1596)
• See full diff in compare view

Updates github.com/spf13/pflag from 1.0.5 to 1.0.6

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.6

What's Changed

• Add exported functions to preserve pkg/flag compatibility by @​mckern in spf13/pflag#220
• remove dead code for checking error nil by @​yashbhutwala in spf13/pflag#282
• Add IPNetSlice and unit tests by @​rpothier in spf13/pflag#170
• allow for blank ip addresses by @​duhruh in spf13/pflag#316
• add github actions by @​sagikazarmark in spf13/pflag#419

New Contributors

• @​mckern made their first contribution in spf13/pflag#220
• @​yashbhutwala made their first contribution in spf13/pflag#282
• @​rpothier made their first contribution in spf13/pflag#170
• @​duhruh made their first contribution in spf13/pflag#316
• @​sagikazarmark made their first contribution in spf13/pflag#419

Full Changelog: spf13/pflag@v1.0.5...v1.0.6

Commits

• 5ca8134 Merge pull request #419 from spf13/ci
• 100ab0e disable unsupported dependency graph for now
• a0f4ddd fix govet
• f48cbd1 add github actions
• d5e0c06 allow for blank ip addresses (#316)
• 85dd5c8 Add IPNetSlice and unit tests (#170)
• 6971c29 remove dead code for checking error nil (#282)
• 81378bb Add exported functions to preserve pkg/flag compatibility (#220)
• See full diff in compare view

Updates google.golang.org/grpc from 1.69.2 to 1.70.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.70.0

Behavior Changes

• client: reject service configs containing an invalid retryPolicy in accordance with gRFCs A21 and A6. (#7905)
  • Note that this is a potential breaking change for some users using an invalid configuration, but continuing to allow this behavior would violate our cross-language compatibility requirements.

New Features

• xdsclient: fallback to a secondary management server (if specified in the bootstrap configuration) when the primary is down is enabled by default. Can be disabled by setting the environment variable GRPC_EXPERIMENTAL_XDS_FALLBACK to false. (#7949)
• experimental/credentials: experimental transport credentials are added which don't enforce ALPN. (#7980)
  • These credentials will be removed in an upcoming grpc-go release. Users must not rely on these credentials directly. Instead, they should either vendor a specific version of gRPC or copy the relevant credentials into their own codebase if absolutely necessary.

Bug Fixes

• xds: fix a possible deadlock that happens when both the client application and the xDS management server (responsible for configuring the client) are using the xds:/// scheme in their target URIs. (#8011)

Performance

• server: for unary requests, free raw request message data as soon as parsing is finished instead of waiting until the method handler returns. (#7998)
  • Special Thanks: @​lqs

Documentation

• examples/features/gracefulstop: add example to demonstrate server graceful stop. (#7865)

Release 1.69.4

Bug Fixes

• rbac: fix support for :path header matchers, which would previously never successfully match (#7965).

Documentation

• examples/features/csm_observability: update example client and server to use the helloworld service instead of echo service (#7945).

Release 1.69.3 was accidentally tagged on the master branch and will be deleted. Please update to 1.69.4 instead.

Commits

• 98a0092 Change version to 1.70.0 (#7984)
• bf380de Cherrypick #7998, #8011, #8010 into 1.70.x (#8028)
• 54b3eb9 experimental/credentials: Add credentials that don't enforce ALPN (#7980) (#8...
• 62b9185 clustetresolver: Copy endpoints.Addresses slice from DNS updates to avoid dat...
• 724f450 examples/features/csm_observability: use helloworld client and server instead...
• e8d5feb rbac: add method name to :path in headers (#7965)
• e912015 cleanup: Fix usages of non-constant format strings (#7959)
• 681334a cleanup: replace dial with newclient (#7943)
• 063d352 internal/resolver: introduce a new resolver to handle target URI and proxy ad...
• 10c7e13 outlierdetection: Support health listener for ejection updates (#7908)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.2 to 1.36.5

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

• (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

• (#370) Detect proto.Message types when failing to export a field

Commits

• 9b12f36 Detect proto.Message types when failing to export a field (#370)
• 4dd3d63 fix: type 'aribica' => 'arabica' (#368)
• 391980c Support compare functions with SortSlices and SortMaps (#367)
• See full diff in compare view

Updates cel.dev/expr from 0.19.1 to 0.21.2

Release notes

Sourced from cel.dev/expr's releases.

v0.21.2

What's Changed

• Fix misspellings again by @​jcking in google/cel-spec#443

Full Changelog: google/cel-spec@v0.21.1...v0.21.2

v0.21.1

What's Changed

• Fix typeo in string_ext.textproto by @​jcking in google/cel-spec#442

Full Changelog: google/cel-spec@v0.21.0...v0.21.1

v0.21.0

What's Changed

• Fix and document string.format by @​jcking in google/cel-spec#436

Full Changelog: google/cel-spec@v0.20.0...v0.21.0

v0.20.0

What's Changed

• Indicate that CEL is an official Google product by @​TristonianJones in google/cel-spec#439
• Add conformance tests for quoted field selectors. by @​jnthntatum in google/cel-spec#431
• Add java_lite_proto_library targets to canonical CEL protos. Deprecate explain.proto. by @​l46kok in google/cel-spec#440

Full Changelog: google/cel-spec@v0.19.2...v0.20.0

v0.19.2

What's Changed

• Correct 'worst-cast' typos by @​hudlow in google/cel-spec#418
• Add additional type check tests by @​jnthntatum in google/cel-spec#419
• clarify error behavior for e.exists(x, p) by @​hudlow in google/cel-spec#427
• typo, formatting, and link fixes by @​hudlow in google/cel-spec#422
• tests to verify parsers ignore whitespace and comments by @​hudlow in google/cel-spec#430
• clarify Unicode handling by @​hudlow in google/cel-spec#423
• Fix strings.format tests by @​jcking in google/cel-spec#435

Full Changelog: google/cel-spec@v0.19.1...v0.19.2

Commits

• b2bd60e Fix misspellings again (#443)
• f8cfe20 Fix typeo in string_ext.textproto (#442)
• 261e335 Fix and document string.format (#436)
• bfe4f8b Add java_lite_proto_library targets to canonical CEL protos. Deprecate explai...
• 1435466 Indicate that CEL is an official Google product (#439)
• 23e240d Add conformance tests for quoted field selectors. (#431)
• 25227dd Fix strings.format tests (#435)
• 19866ce clarify Unicode handling (#423)
• 8fdb299 tests to verify parsers ignore whitespace and comments (#430)
• 2bf1deb typo, formatting, and link fixes (#422)
• Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.6 to 0.4.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.4.1

This release fixes a regression introduced in one of the hardening features added to filepath-securejoin 0.4.0.

• The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths. (#46)

Signed-off-by: Aleksa Sarai [email protected]

v0.4.0

This release primarily includes a few minor breaking changes to make the MkdirAll and SecureJoin interfaces more robust against accidental misuse.

• SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

  While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

  All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

  Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

• MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

  However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.4.1] - 2025-01-28

Fixed

• The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths.

[0.4.0] - 2025-01-13

Breaking

• SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

  While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

  All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

  Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

• MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

  However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

Commits

• 7abd870 VERSION: release v0.4.1
• 509a359 merge #47 into cyphar/filepath-securejoin:main
• fbaef26 join: loosen cleanliness requirements for SecureJoin root
• 54460df merge #45 into cyphar/filepath-securejoin:main
• 14e6cfe VERSION: back to development
• 9a17e6b VERSION: release v0.4.0
• e410d4a merge #44 into cyphar/filepath-securejoin:main
• ea4e5b6 gha: add GOARCH=386 build check
• 0c2fbe6 mkdirall: switch to os.FileMode argument
• f3a512c merge #43 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/evanphx/json-patch/v5 from 5.9.0 to 5.9.11

Release notes

Sourced from github.com/evanphx/json-patch/v5's releases.

v5.9.11

What's Changed

• Export errBadJSONDoc and errBadJSONPatch errors by @​skitt in evanphx/json-patch#209

Full Changelog: evanphx/json-patch@v5.9.10...v5.9.11

v5.9.10

What's Changed

• Drop the reference to gopkg.in for v5 by @​skitt in evanphx/json-patch#203
• remove unmaintained errors pkg(github.com/pkg/errors) by @​koba1t in evanphx/json-patch#206

New Contributors

• @​skitt made their first contribution in evanphx/json-patch#203
• @​koba1t made their first contribution in evanphx/json-patch#206

Full Changelog: evanphx/json-patch@v5.9.0...v5.9.10

Commits

• 84a4bb1 Merge pull request #209 from skitt/export-errs-v5
• 7a7a88a Export errBadJSONDoc and errBadJSONPatch errors
• bd18525 Upgrade go-flags
• 42f26cb Fix spacing
• 0a3482b Merge pull request #206 from koba1t/remove_unmaintained_error_pkg
• 106306d remove unmaintained errors pkg
• e7cfbbb Merge pull request #203 from skitt/drop-gopkgin-v5
• 61e1ad7 Drop the reference to gopkg.in for v5
• See full diff in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.25.1 to 2.26.1

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.26.1

What's Changed

• Prevent overwriting description of map fields by @​fredde-fisk in grpc-ecosystem/grpc-gateway#5158
• 5113. Validation of oneof nested objects by @​optician in grpc-ecosystem/grpc-gateway#5211

New Contributors

• @​fredde-fisk made their first contribution in grpc-ecosystem/grpc-gateway#5158
• @​optician made their first contribution in grpc-ecosystem/grpc-gateway#5211

Full Changelog: grpc-ecosystem/grpc-gateway@v2.26.0...v2.26.1

v2.26.0

What's Changed

• fix(deps): Relax the minimum required go version further by @​bobrik in grpc-ecosystem/grpc-gateway#5094
• protoc-gen-openapiv2: Do not add invisible enum values as default by @​navruzm in grpc-ecosystem/grpc-gateway#5129
• Only write Content-Length if the runtime.WithWriteContentLength() option is specified by @​joshgarnett in grpc-ecosystem/grpc-gateway#5151

New Contributors

• @​bobrik made their first contribution in grpc-ecosystem/grpc-gateway#5094
• @​navruzm made their first contribution in grpc-ecosystem/grpc-gateway#5129

Full Changelog: grpc-ecosystem/grpc-gateway@v2.25.1...v2.26.0

Commits

• 3b8ac9f 5113. Validation of oneof nested objects (#5211)
• 4f1457d chore(deps): update googleapis digest to 2431239 (#5214)
• fb17f6e chore(deps): update googleapis digest to 8e62267 (#5213)
• 2fd9128 chore(deps): update googleapis digest to ad99638 (#5212)
• 3d82775 fix(deps): update module google.golang.org/protobuf to v1.36.5 (#5210)
• 801f278 chore(deps): update googleapis digest to fed8c26 (#5209)
• 9cbbcaf chore(deps): update googleapis digest to 2f843e2 (#5208)
• 9adca76 fix(deps): update module golang.org/x/text to v0.22.0 (#5206)
• 72f360d chore(deps): update golang docker tag to v1.23.6 (#5205)
• ce46021 chore(deps): update googleapis digest to f426820 (#5204)
• Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.17.11 to 1.18.0

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.0

What's Changed

• Deprecate Go 1.21 and add 1.24 by @​klauspost in klauspost/compress#1055
• Add unsafe little endian loaders by @​klauspost in klauspost/compress#1036
• fix: check r.err != nil but return a nil value error err by @​alingse in klauspost/compress#1028
• refactor: use built-in min function by @​Juneezee in klauspost/compress#1038
• zstd: use slices.Max for max value in slice by @​Juneezee in klauspost/compress#1041
• flate: Simplify L4-6 loading by @​klauspost in klauspost/compress#1043
• flate: Simplify matchlen (remove asm) by @​klauspost in klauspost/compress#1045
• s2: Add block decode fuzzer by @​klauspost in klauspost/compress#1044
• s2: Improve small block compression speed w/o asm by @​klauspost in klauspost/compress#1048
• flate: Fix matchlen L5+L6 by @​klauspost in klauspost/compress#1049
• flate: Cleanup & reduce casts by @​klauspost in klauspost/compress#1050

New Contributors

• @​tcpdumppy made their first contribution in klauspost/compress#1021
• @​sam9291 made their first contribution in klauspost/compress#1022
• @​dezza made their first contribution in klauspost/compress#1023
• @​alingse made their first contribution in klauspost/compress#1028
• @​hyunsooda made their first contribution in klauspost/compress#1031
• @​Juneezee made their first contribution in klauspost/compress#1038
• @​Bbulatov made their first contribution in klauspost/compress#1052

Full Changelog: klauspost/compress@v1.17.11...v1.18.0

Commits

• 8e79dc4 Deprecate Go 1.21 and add 1.24 (#1055)
• df8e99c build(deps): bump the github-actions group with 2 updates (#1053)
• 7787431 zstd: fix unused debug code (#1052)
• 0bf3ecb flate: Cleanup & reduce casts (#1050)
• e0f89a9 flate: Fix matchlen L5+L6 (#1049)
• c8a8470 s2: Improve small block compression speed w/o asm (#1048)
• b05b993 s2: Add block decode fuzzer (#1044)
• aafbabd flate: Simplify matchlen (remove asm) (#1045)
• dbaa9c1 flate: Simplify l4-6 loading (#1043)
• 4fa2036 Add unsafe little endian loaders (#1036)
• Additional commits viewable in compare view

Updates github.com/opencontainers/runc from 1.2.4 to 1.2.5

Release notes

Sourced from github.com/opencontainers/runc's releases.

runc v1.2.5 -- "Мороз и солнце; день чудесный!"

This is the fifth patch release in the 1.2.z series of runc. It primarily fixes an issue caused by an upstream systemd bug.

• There was a regression in systemd v230 which made the way we define device rule restrictions require a systemctl daemon-reload for our transient units. This caused issues for workloads using NVIDIA GPUs. Workaround the upstream regression by re-arranging how the unit properties are defined. (#4568, #4612, #4615)
• Dependency github.com/cyphar/filepath-securejoin is updated to v0.4.1, to allow projects that vendor runc to bump it as well. (#4608)
• CI: fixed criu-dev compilation. (#4611)
• Dependency golang.org/x/net is updated to 0.33.0. (#4632)

Static Linking Notices

The runc binary distributed with this release are statically linked with the following GNU LGPL-2.1 licensed libraries, with runc acting as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions, but in order to comply with the LGPL-2.1 (§6(a)), we have attached the complete source code for those libraries which (when combined with the attached runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages or download them from the authoritative upstream sources, especially since these libraries are related to the security of your containers.

Thanks to the following contributors who made this release possible:

• Akihiro Suda [email protected]
• Aleksa Sarai [email protected]
• Brad Davidson [email protected]
• Jian Wen [email protected]
• Kir Kolyshkin [email protected]
• Rodrigo Campos [email protected]
• lifubang [email protected]

Signed-off-by: Aleksa Sarai [email protected]

Changelog

Sourced from github.com/opencontainers/runc's changelog.

[1.2.5] - 2025-02-13

Мороз и солнце; день чудесный!

Fixed

• There was a regression in systemd v230 which made the way we define device rule restrictions require a systemctl daemon-reload for our transient units. This caused issues for workloads using NVIDIA GPUs. Workaround the upstream regression by re-arranging how the unit properties are defined. (#4568, #4612, #4615)
• Dependency github.com/cyphar/filepath-securejoin is updated to v0.4.1, allowing projects that vendor runc to bump it as well. (#4608)
• CI: fixed criu-dev compilation. (#4611)

Changed

• Dependency golang.org/x/net is updated to 0.33.0. (#4632)

Commits

• 59923ef VERSION: release v1.2.5
• 165b103 release: explicitly set --keyserver in release signing scripts
• 66c6d08 Merge pull request #4632 from lifubang/1.2-bump-xnet-to-0.33.0
• 615240a build(deps): bump golang.org/x/net from 0.24.0 to 0.33.0
• d0ed7f7 Merge pull request #4619 from kolyshkin/1.2-4616
• 6635338 Merge pull request #4615 from kolyshkin/1.2-4612
• 04468c0 libc/int/userns: add build tag to C file
• 9742b6c libct/cg/sd: set the DeviceAllow property before DevicePolicy
• de92f4b Merge pull request #4608 from kolyshkin/1.2-4590
• 00f4a5c deps: update to github.com/cyphar/[email protected]
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.9.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.9.1

🐛 Fixes

• Fix CompletionFunc implementation by @​ccoVeille in spf13/cobra#2234
• Revert "Make detection for test-binary more universal (#2173)" by @​marckhouzam in spf13/cobra#2235

Full Changelog: spf13/cobra@v1.9.0...v1.9.1

v1.9.0

✨ Features

• Allow linker to perform deadcode elimination for program using Cobra by @​aarzilli in spf13/cobra#1956
• Add default completion command even if there are no other sub-commands by @​marckhouzam in spf13/cobra#1559
• Add CompletionWithDesc helper by @​ccoVeille in spf13/cobra#2231

🐛 Fixes

• Fix deprecation comment for Command.SetOutput by @​thaJeztah in spf13/cobra#2172
• Replace deprecated ioutil usage by @​nirs in spf13/cobra#2181
• Fix --version help and output for plugins by @​nirs in spf13/cobra#2180
• Allow to reset the templates to the default by @​marckhouzam in spf13/cobra#2229

🤖 Completions

• Make Powershell completion work in constrained mode by @​lstemplinger in spf13/cobra#2196
• Improve detection for flags that accept multiple values by @​thaJeztah in spf13/cobra#2210
• add CompletionFunc type to help with completions by @​ccoVeille in spf13/cobra#2220
• Add similar whitespace escape logic to bash v2 completions than in other completions by @​kangasta in spf13/cobra#1743
• Print ActiveHelp for bash along other completions by @​marckhouzam in spf13/cobra#2076
• fix(completions): Complete map flags multiple times by @​gabe565 in spf13/cobra#2174
• fix(bash): nounset unbound file filter variable on empty extension by @​scop in spf13/cobra#2228

🧪 Testing

• Test also with go 1.23 by @​nirs in spf13/cobra#2182
• Make detection for test-binary more universal by @​thaJeztah in spf13/cobra#2173

✍🏼 Documentation

• docs: update README.md by @​eltociear in spf13/cobra#2197
• Improve site formatting by @​nirs in spf13/cobra#2183
• doc: add Conduit by @​raulb in spf13/cobra#2230
• doc: azion project added to the list of CLIs that use cobra by @​maxwelbm in spf13/cobra#2198
• Fix broken links in active_help.md by @​vuil in spf13/cobra#2202
• chore: fix function name in comment by @​zhuhaicity in spf13/cobra#2216

🔧 Dependency upgrades

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​thaJeztah in spf13/cobra#2206
• Update to latest go-md2man by @​mikelolasagasti in spf13/cobra#2201

... (truncated)

Commits

• 40b5bc1 Revert "Make detection for test-binary more universal (#2173)" (#2235)
• a97f9fd fix CompletionFunc implementation (#2234)
• 5f9c408 chore: Upgrade dependencies for v1.9.0 (#2233)
• 24ada7f Remove the default "completion" cmd if it is alone (#1559)
• 680936a New logo
• 8cb30f9 feat: add CompletionWithDesc helper (#2231)
• 17b6dca doc: add Conduit (#2230)
• ab5cadc Allow to reset the templates to the default (#2229)
• 4ba5566 fix(bash): nounset unbound file filter variable on empty extension (#2228)
• 41b26ec Print ActiveHelp for bash along other completions (#2076)
• Additional commits viewable in compare view

Updates go.etcd.io/etcd/api/v3 from 3.5.17 to 3.5.18

Release notes

Sourced from go.etcd.io/etcd/api/v3's releases.

v3.5.18

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.5.18
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar ...
Description has been truncated

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign pohly for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-csi member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[k8s-ci-robot]

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-kubernetes-csi-external-provisioner-unit	6e11f31	link	true	/test pull-kubernetes-csi-external-provisioner-unit

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.