Skip to content

chore: bump the k8s-dependencies group with 8 updates #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore: bump the k8s-dependencies group with 8 updates #184

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 13, 2025
edited
Loading

Bumps the k8s-dependencies group with 8 updates:

Package From To
k8s.io/apiextensions-apiserver 0.29.0 0.34.2
k8s.io/apimachinery 0.29.2 0.34.2
k8s.io/client-go 0.29.2 0.34.2
k8s.io/utils 0.0.0-20250502105355-0f33e8f1c979 0.0.0-20250604170112-4c0f3b243397
sigs.k8s.io/controller-runtime 0.17.2 0.22.4
sigs.k8s.io/kustomize/api 0.18.0 0.21.0
sigs.k8s.io/kustomize/kyaml 0.18.1 0.21.0
sigs.k8s.io/yaml 1.4.0 1.6.0

Updates k8s.io/apiextensions-apiserver from 0.29.0 to 0.34.2

Commits
  • 9fd4b8c Update dependencies to v0.34.2 tag
  • 4a9fea1 Merge pull request #133901yongruilin/automated-cherry-pick-of-#133896
  • 3896d9f fix: Only warn for unrecognized formats on type=string
  • aada5e8 Merge remote-tracking branch 'origin/master' into release-1.34
  • bad5b2a clarify that staging repos are automatically published
  • f498996 add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
  • f782221 link to what a staging repository is
  • 3625d64 docs: clarify that this is a staging repository and not for direct contributions
  • 71e26b6 Bump etcd sdk to v3.6.4
  • 056a425 Merge pull request #133180 from ylink-lfs/chore/ptr_cast_replace
  • Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.29.2 to 0.34.2

Commits
  • b72d93d Merge remote-tracking branch 'origin/master' into release-1.34
  • cd8b91c clarify that staging repos are automatically published
  • 8c59599 add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
  • ec3cea5 link to what a staging repository is
  • e4db694 docs: clarify that this is a staging repository and not for direct contributions
  • 04507a3 Merge pull request #132942 from thockin/kyaml
  • 50e39b1 Merge pull request #132935 from benluddy/cbor-bump-custom-marshalers
  • 7d108e8 Re-vendor sigs.k8s.io/yaml @ v1.6.0
  • 58c4eb0 Merge pull request #133130 from ylink-lfs/chore/residual_boolptr_removal
  • 38a24e6 chore: residual boolptr and intptr removal
  • Additional commits viewable in compare view

Updates k8s.io/client-go from 0.29.2 to 0.34.2

Commits
  • 54601aa Update dependencies to v0.34.2 tag
  • 1bb1ad2 Merge pull request #134589liggitt/automated-cherry-pick-of-#134588
  • 2505205 Remove invalid SAN certificate construction
  • 7ffba0f Merge pull request #134004DerekFrank/automated-cherry-pick-of-#133573
  • 145cb8f gofmt and review feedback
  • ddcdc12 fix: Update unit test to catch actual nil Labels case and fix functionality t...
  • 97396af Merge remote-tracking branch 'origin/master' into release-1.34
  • 5f737f3 clarify that staging repos are automatically published
  • 0b8655b add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
  • c00384c link to what a staging repository is
  • Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20250502105355-0f33e8f1c979 to 0.0.0-20250604170112-4c0f3b243397

Commits

Updates sigs.k8s.io/controller-runtime from 0.17.2 to 0.22.4

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.22.4

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4

v0.22.3

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.2...v0.22.3

v0.22.2

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.1...v0.22.2

v0.22.1

What's Changed

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.0...v0.22.1

v0.22.0

🔆 Highlights

⚠️ Breaking changes

... (truncated)

Commits
  • 7a1b16d Merge pull request #3378 from k8s-infra-cherrypick-robot/cherry-pick-3376-to-...
  • 539c94f cache: Allow fine-granular configuration of SyncPeriod
  • 8be8410 Merge pull request #3377 from k8s-infra-cherrypick-robot/cherry-pick-3372-to-...
  • 3f86a10 envtest: respect pre-configured binary paths in ControlPlane
  • 64152a0 Merge pull request #3371 from alvaroaleman/cp-fix
  • b3eff6d priority queue: properly sync the waiter manipulation
  • 88269f3 Merge pull request #3357 from k8s-infra-cherrypick-robot/cherry-pick-3353-to-...
  • c7df7c9 add namespace for test with namespace_client
  • 04b5a29 Merge pull request #3352 from k8s-infra-cherrypick-robot/cherry-pick-3351-to-...
  • f5a9781 update List in namespaced client
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/api from 0.18.0 to 0.21.0

Release notes

Sourced from sigs.k8s.io/kustomize/api's releases.

api/v0.21.0

#5679: implements to replacements value in the structured data #5863: Add regex support for Replacement selectors #5930: feat: add PatchArgs API type to populate patch options #5940: fix: Propagate Namespace correctly to Helm #5942: fix fnplugin storagemounts validation #5958: fix: make AbsorbAll conflict error more verbose #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5967: Fix infinite loop in HTTP client by validating URLs before requests #5971: fix: performance recession when propagating namespace to helm #6007: Update kyaml to v0.21.0

cmd/config/v0.21.0

#5959: update go 1.24.6 #5962: chore: update dependencies from security alert #6007: Update kyaml to v0.21.0

kyaml/v0.21.0

#5679: implements to replacements value in the structured data #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5985: fix(kyaml/yaml): minor nil safety fix for RNode.Content etc

api/v0.20.1

#5943: drop shlex dependency #5948: Update kyaml to v0.20.1

cmd/config/v0.20.1

#5948: Update kyaml to v0.20.1

kyaml/v0.20.1

No release notes provided.

api/v0.20.0

#5630: Add static value source for replacement #5771: fix: Allow patches with empty files with multiple newlines or comments #5846: fix: Get version from the BuildInfo.Main.Version if not found in deps and build flag #5847: replace deplecated package github.com/google/shlex with github.com/carapace-sh/carapace-shlex #5859: fix: Don't panic on multiple $patch: delete strategic merge patches in a single patch file #5865: feat(helm): allow the use of devel alias for helmcharts #5873: Bump to github.com/spf13/viper v1.20.0 #5877: fix: make private one field in replacements transformer struct that had a missing JSON tag #5882: Set Git messages to English for TestRemoteLoad_LocalProtocol #5921: feat: Add suport for Image Volumes #5931: Drop usage of forked copies of goyaml.v2 and goyaml.v3 #5934: Update kyaml to v0.20.0

... (truncated)

Commits
  • 6661fef Merge pull request #6008 from koba1t/pinToCmdConfig
  • 3c59244 Update cmd/config to v0.21.0
  • ade7bd6 Merge pull request #6007 from koba1t/pinToKyaml
  • 0fc7554 Update kyaml to v0.21.0
  • 8761791 fix(kyaml/yaml): minor nil safety fix for RNode.Content etc (#5985)
  • 153a372 Merge pull request #5679 from koba1t/implements_to_replacements_value_in_the_...
  • de01137 Merge pull request #5991 from isarns/fix/labels-without-selector-duplicate-ke...
  • 4d37afe style(cmd-edit-add-label): lint multiple labels without selector test
  • f71e4d7 style(cmd-edit-add-label): lint multiple labels without selector test
  • d427f61 test(cmd-edit-add-label): add multiple labels without selector test
  • Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kyaml from 0.18.1 to 0.21.0

Release notes

Sourced from sigs.k8s.io/kustomize/kyaml's releases.

api/v0.21.0

#5679: implements to replacements value in the structured data #5863: Add regex support for Replacement selectors #5930: feat: add PatchArgs API type to populate patch options #5940: fix: Propagate Namespace correctly to Helm #5942: fix fnplugin storagemounts validation #5958: fix: make AbsorbAll conflict error more verbose #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5967: Fix infinite loop in HTTP client by validating URLs before requests #5971: fix: performance recession when propagating namespace to helm #6007: Update kyaml to v0.21.0

cmd/config/v0.21.0

#5959: update go 1.24.6 #5962: chore: update dependencies from security alert #6007: Update kyaml to v0.21.0

kyaml/v0.21.0

#5679: implements to replacements value in the structured data #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5985: fix(kyaml/yaml): minor nil safety fix for RNode.Content etc

api/v0.20.1

#5943: drop shlex dependency #5948: Update kyaml to v0.20.1

cmd/config/v0.20.1

#5948: Update kyaml to v0.20.1

kyaml/v0.20.1

No release notes provided.

api/v0.20.0

#5630: Add static value source for replacement #5771: fix: Allow patches with empty files with multiple newlines or comments #5846: fix: Get version from the BuildInfo.Main.Version if not found in deps and build flag #5847: replace deplecated package github.com/google/shlex with github.com/carapace-sh/carapace-shlex #5859: fix: Don't panic on multiple $patch: delete strategic merge patches in a single patch file #5865: feat(helm): allow the use of devel alias for helmcharts #5873: Bump to github.com/spf13/viper v1.20.0 #5877: fix: make private one field in replacements transformer struct that had a missing JSON tag #5882: Set Git messages to English for TestRemoteLoad_LocalProtocol #5921: feat: Add suport for Image Volumes #5931: Drop usage of forked copies of goyaml.v2 and goyaml.v3 #5934: Update kyaml to v0.20.0

... (truncated)

Commits
  • 6661fef Merge pull request #6008 from koba1t/pinToCmdConfig
  • 3c59244 Update cmd/config to v0.21.0
  • ade7bd6 Merge pull request #6007 from koba1t/pinToKyaml
  • 0fc7554 Update kyaml to v0.21.0
  • 8761791 fix(kyaml/yaml): minor nil safety fix for RNode.Content etc (#5985)
  • 153a372 Merge pull request #5679 from koba1t/implements_to_replacements_value_in_the_...
  • de01137 Merge pull request #5991 from isarns/fix/labels-without-selector-duplicate-ke...
  • 4d37afe style(cmd-edit-add-label): lint multiple labels without selector test
  • f71e4d7 style(cmd-edit-add-label): lint multiple labels without selector test
  • d427f61 test(cmd-edit-add-label): add multiple labels without selector test
  • Additional commits viewable in compare view

Updates sigs.k8s.io/yaml from 1.4.0 to 1.6.0

Release notes

Sourced from sigs.k8s.io/yaml's releases.

v1.6.0

What's Changed

v1.5.0

Full Changelog: kubernetes-sigs/yaml@v1.4.0...v1.5.0

Commits
  • 048d724 Merge pull request #132 from thockin/master
  • 23c836c Bolster tests, mostly in error-handling
  • 2e3340b Add compact output tests
  • 4a4f539 Add test case for tabs in multi-line strings
  • 13509ad Change which methods get a newline and fix tests
  • 59c2c43 Add compact mode so KYAML can be used in more places
  • abc1add kyaml: Implement escaping closer to YAML spec
  • 7749171 Add a yamlfmt cmd
  • a932007 Add KYAML support
  • 0f318dc Merge pull request #134 from kubernetes-sigs/forgot-to-add-redirects-for-cons...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Nov 13, 2025
@dependabot dependabot bot requested a review from cdoern as a code owner November 13, 2025 16:58
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 13, 2025
@dependabot dependabot bot added the go Pull requests that update go code label Nov 13, 2025
@anik120 anik120 mentioned this pull request Nov 13, 2025
Merged
anik120
anik120 reviewed Nov 13, 2025
View reviewed changes
Copy link
Contributor

@anik120 anik120 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@VaishnaviHire @nathan-weinberg this dependabot PR is what I was mainly hoping would execute smoothly, and looks like it did..almost.

The manifests needed to be regenerated after the bumps. I've created a PR to supersede this one: #189

so this will have to be

/close

-ed

go.mod
sigs.k8s.io/kustomize/api v0.18.0
sigs.k8s.io/kustomize/kyaml v0.18.1
sigs.k8s.io/yaml v1.4.0
k8s.io/api v0.34.2
Copy link
Contributor

@anik120 anik120 Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice. k8s dependencies going from v0.29.2 to v0.34.2 (which is the latest)

@dependabot
chore: bump the k8s-dependencies group with 8 updates
1595f53 
Bumps the k8s-dependencies group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.29.0` | `0.34.2` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.29.2` | `0.34.2` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.29.2` | `0.34.2` |
| [k8s.io/utils](https://github.com/kubernetes/utils) | `0.0.0-20250502105355-0f33e8f1c979` | `0.0.0-20250604170112-4c0f3b243397` |
| [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) | `0.17.2` | `0.22.4` |
| [sigs.k8s.io/kustomize/api](https://github.com/kubernetes-sigs/kustomize) | `0.18.0` | `0.21.0` |
| [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize) | `0.18.1` | `0.21.0` |
| [sigs.k8s.io/yaml](https://github.com/kubernetes-sigs/yaml) | `1.4.0` | `1.6.0` |


Updates `k8s.io/apiextensions-apiserver` from 0.29.0 to 0.34.2
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.29.0...v0.34.2)

Updates `k8s.io/apimachinery` from 0.29.2 to 0.34.2
- [Commits](kubernetes/apimachinery@v0.29.2...v0.34.2)

Updates `k8s.io/client-go` from 0.29.2 to 0.34.2
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.29.2...v0.34.2)

Updates `k8s.io/utils` from 0.0.0-20250502105355-0f33e8f1c979 to 0.0.0-20250604170112-4c0f3b243397
- [Commits](https://github.com/kubernetes/utils/commits)

Updates `sigs.k8s.io/controller-runtime` from 0.17.2 to 0.22.4
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md)
- [Commits](kubernetes-sigs/controller-runtime@v0.17.2...v0.22.4)

Updates `sigs.k8s.io/kustomize/api` from 0.18.0 to 0.21.0
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@api/v0.18.0...api/v0.21.0)

Updates `sigs.k8s.io/kustomize/kyaml` from 0.18.1 to 0.21.0
- [Release notes](https://github.com/kubernetes-sigs/kustomize/releases)
- [Commits](kubernetes-sigs/kustomize@kyaml/v0.18.1...api/v0.21.0)

Updates `sigs.k8s.io/yaml` from 1.4.0 to 1.6.0
- [Release notes](https://github.com/kubernetes-sigs/yaml/releases)
- [Changelog](https://github.com/kubernetes-sigs/yaml/blob/master/RELEASE.md)
- [Commits](kubernetes-sigs/yaml@v1.4.0...v1.6.0)

---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: k8s.io/client-go
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: k8s.io/utils
  dependency-version: 0.0.0-20250604170112-4c0f3b243397
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-version: 0.22.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/kustomize/api
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/kustomize/kyaml
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
- dependency-name: sigs.k8s.io/yaml
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/k8s-dependencies-5112c886fd branch from 1b60fbf to 1595f53 Compare November 14, 2025 13:31
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 17, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@VaishnaviHire
Copy link
Collaborator

VaishnaviHire commented Nov 17, 2025

Closing this for #189

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 17, 2025

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot bot deleted the dependabot/go_modules/k8s-dependencies-5112c886fd branch November 17, 2025 15:12
VaishnaviHire pushed a commit that referenced this pull request Nov 20, 2025
@anik120 @dependabot
Bump k8s dependencies (#189)
916fe00 
#184 is
failing the pre-commit check because the manifests needed to be
re-generated after the k8s bumps. This PR adds:
- A commit on top of 184 with the new re-generated manifest. 
- Another commit with the regenerated installer script
- Another commit that replaces a deprecated API with the new version.

Signed-off-by: Anik Bhattacharjee <anbhatta@redhat.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Anik Bhattacharjee <anbhatta@redhat.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cdoern cdoern Awaiting requested review from cdoern cdoern is a code owner

@derekhiggins derekhiggins Awaiting requested review from derekhiggins derekhiggins is a code owner

@leseb leseb Awaiting requested review from leseb leseb is a code owner

@mfleader mfleader Awaiting requested review from mfleader mfleader is a code owner

@nathan-weinberg nathan-weinberg Awaiting requested review from nathan-weinberg nathan-weinberg is a code owner

@rhdedgar rhdedgar Awaiting requested review from rhdedgar rhdedgar is a code owner

@rhuss rhuss Awaiting requested review from rhuss rhuss is a code owner

@VaishnaviHire VaishnaviHire Awaiting requested review from VaishnaviHire VaishnaviHire is a code owner

1 more reviewer

@anik120 anik120 anik120 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@VaishnaviHire @anik120