chore: bump the k8s-dependencies group with 8 updates

[dependabot]

Bumps the k8s-dependencies group with 8 updates:

Package	From	To
k8s.io/apiextensions-apiserver	0.29.0	0.34.2
k8s.io/apimachinery	0.29.2	0.34.2
k8s.io/client-go	0.29.2	0.34.2
k8s.io/utils	0.0.0-20250502105355-0f33e8f1c979	0.0.0-20250604170112-4c0f3b243397
sigs.k8s.io/controller-runtime	0.17.2	0.22.4
sigs.k8s.io/kustomize/api	0.18.0	0.21.0
sigs.k8s.io/kustomize/kyaml	0.18.1	0.21.0
sigs.k8s.io/yaml	1.4.0	1.6.0

Updates k8s.io/apiextensions-apiserver from 0.29.0 to 0.34.2

Commits

• 9fd4b8c Update dependencies to v0.34.2 tag
• 4a9fea1 Merge pull request #133901yongruilin/automated-cherry-pick-of-#133896
• 3896d9f fix: Only warn for unrecognized formats on type=string
• aada5e8 Merge remote-tracking branch 'origin/master' into release-1.34
• bad5b2a clarify that staging repos are automatically published
• f498996 add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
• f782221 link to what a staging repository is
• 3625d64 docs: clarify that this is a staging repository and not for direct contributions
• 71e26b6 Bump etcd sdk to v3.6.4
• 056a425 Merge pull request #133180 from ylink-lfs/chore/ptr_cast_replace
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.29.2 to 0.34.2

Commits

• b72d93d Merge remote-tracking branch 'origin/master' into release-1.34
• cd8b91c clarify that staging repos are automatically published
• 8c59599 add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
• ec3cea5 link to what a staging repository is
• e4db694 docs: clarify that this is a staging repository and not for direct contributions
• 04507a3 Merge pull request #132942 from thockin/kyaml
• 50e39b1 Merge pull request #132935 from benluddy/cbor-bump-custom-marshalers
• 7d108e8 Re-vendor sigs.k8s.io/yaml @ v1.6.0
• 58c4eb0 Merge pull request #133130 from ylink-lfs/chore/residual_boolptr_removal
• 38a24e6 chore: residual boolptr and intptr removal
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.29.2 to 0.34.2

Commits

• 54601aa Update dependencies to v0.34.2 tag
• 1bb1ad2 Merge pull request #134589liggitt/automated-cherry-pick-of-#134588
• 2505205 Remove invalid SAN certificate construction
• 7ffba0f Merge pull request #134004DerekFrank/automated-cherry-pick-of-#133573
• 145cb8f gofmt and review feedback
• ddcdc12 fix: Update unit test to catch actual nil Labels case and fix functionality t...
• 97396af Merge remote-tracking branch 'origin/master' into release-1.34
• 5f737f3 clarify that staging repos are automatically published
• 0b8655b add pointer to CONTRIBUTING.md for more details on contributing, clarify read...
• c00384c link to what a staging repository is
• Additional commits viewable in compare view

Updates k8s.io/utils from 0.0.0-20250502105355-0f33e8f1c979 to 0.0.0-20250604170112-4c0f3b243397

Commits

• See full diff in compare view

Updates sigs.k8s.io/controller-runtime from 0.17.2 to 0.22.4

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.22.4

What's Changed

• ✨ cache: Allow fine-granular SyncPeriod configuration by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3378
• 🐛 Update List in namespaced client to list objects that are cluster scoped by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3352 kubernetes-sigs/controller-runtime#3357
• 🐛 priority queue: properly sync the waiter manipulation by @​alvaroaleman in kubernetes-sigs/controller-runtime#3371
• 🐛 envtest: respect pre-configured binary paths in ControlPlane by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3377

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.3...v0.22.4

v0.22.3

What's Changed

• [release-0.22] 🐛 Allow SSA after normal resource creation by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3348

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.2...v0.22.3

v0.22.2

What's Changed

• 🐛 Panic when trying to build more than one instance of fake.ClientBuilder by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3315
• 🌱 Bump to k8s.io/* v0.34.1 by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3317
• 🐛 Don't block on Get when queue is shutdown (2nd try) by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3338
• 🐛 Fix a bug where the priorityqueue would sometimes not return high-priority items first by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3340

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.1...v0.22.2

v0.22.1

What's Changed

• 🌱 Revert deprecation of client.Apply by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3308

Full Changelog: kubernetes-sigs/controller-runtime@v0.22.0...v0.22.1

v0.22.0

🔆 Highlights

• Client: Native support for Server-Side Apply (SSA) (#3253, #2981)
• Update to k8s.io/* v1.34 dependencies (#3231, #3236, #3246, #3259, #3270, #3300)
• Controller: Implement warmup support for controllers (#3192)
• Priorityqueue: various improvements (#3289, #3290, #3243, #3250)

⚠️ Breaking changes

• Update to k8s.io/* v1.34 dependencies by @​alvaroaleman @​troy0820 #3231, #3236, #3246, #3259, #3270, #3300
• Client: Add native SSA support by @​alvaroaleman in kubernetes-sigs/controller-runtime#3253
• Client: Default selector to Nothing if it is nil for MatchingLabelsSelector and MatchingFieldsSelector by @​acumino in kubernetes-sigs/controller-runtime#3279

... (truncated)

Commits

• 7a1b16d Merge pull request #3378 from k8s-infra-cherrypick-robot/cherry-pick-3376-to-...
• 539c94f cache: Allow fine-granular configuration of SyncPeriod
• 8be8410 Merge pull request #3377 from k8s-infra-cherrypick-robot/cherry-pick-3372-to-...
• 3f86a10 envtest: respect pre-configured binary paths in ControlPlane
• 64152a0 Merge pull request #3371 from alvaroaleman/cp-fix
• b3eff6d priority queue: properly sync the waiter manipulation
• 88269f3 Merge pull request #3357 from k8s-infra-cherrypick-robot/cherry-pick-3353-to-...
• c7df7c9 add namespace for test with namespace_client
• 04b5a29 Merge pull request #3352 from k8s-infra-cherrypick-robot/cherry-pick-3351-to-...
• f5a9781 update List in namespaced client
• Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/api from 0.18.0 to 0.21.0

Release notes

Sourced from sigs.k8s.io/kustomize/api's releases.

api/v0.21.0

#5679: implements to replacements value in the structured data #5863: Add regex support for Replacement selectors #5930: feat: add PatchArgs API type to populate patch options #5940: fix: Propagate Namespace correctly to Helm #5942: fix fnplugin storagemounts validation #5958: fix: make AbsorbAll conflict error more verbose #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5967: Fix infinite loop in HTTP client by validating URLs before requests #5971: fix: performance recession when propagating namespace to helm #6007: Update kyaml to v0.21.0

cmd/config/v0.21.0

#5959: update go 1.24.6 #5962: chore: update dependencies from security alert #6007: Update kyaml to v0.21.0

kyaml/v0.21.0

#5679: implements to replacements value in the structured data #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5985: fix(kyaml/yaml): minor nil safety fix for RNode.Content etc

api/v0.20.1

#5943: drop shlex dependency #5948: Update kyaml to v0.20.1

cmd/config/v0.20.1

#5948: Update kyaml to v0.20.1

kyaml/v0.20.1

No release notes provided.

api/v0.20.0

#5630: Add static value source for replacement #5771: fix: Allow patches with empty files with multiple newlines or comments #5846: fix: Get version from the BuildInfo.Main.Version if not found in deps and build flag #5847: replace deplecated package github.com/google/shlex with github.com/carapace-sh/carapace-shlex #5859: fix: Don't panic on multiple $patch: delete strategic merge patches in a single patch file #5865: feat(helm): allow the use of devel alias for helmcharts #5873: Bump to github.com/spf13/viper v1.20.0 #5877: fix: make private one field in replacements transformer struct that had a missing JSON tag #5882: Set Git messages to English for TestRemoteLoad_LocalProtocol #5921: feat: Add suport for Image Volumes #5931: Drop usage of forked copies of goyaml.v2 and goyaml.v3 #5934: Update kyaml to v0.20.0

... (truncated)

Commits

• 6661fef Merge pull request #6008 from koba1t/pinToCmdConfig
• 3c59244 Update cmd/config to v0.21.0
• ade7bd6 Merge pull request #6007 from koba1t/pinToKyaml
• 0fc7554 Update kyaml to v0.21.0
• 8761791 fix(kyaml/yaml): minor nil safety fix for RNode.Content etc (#5985)
• 153a372 Merge pull request #5679 from koba1t/implements_to_replacements_value_in_the_...
• de01137 Merge pull request #5991 from isarns/fix/labels-without-selector-duplicate-ke...
• 4d37afe style(cmd-edit-add-label): lint multiple labels without selector test
• f71e4d7 style(cmd-edit-add-label): lint multiple labels without selector test
• d427f61 test(cmd-edit-add-label): add multiple labels without selector test
• Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kyaml from 0.18.1 to 0.21.0

Release notes

Sourced from sigs.k8s.io/kustomize/kyaml's releases.

api/v0.21.0

#5679: implements to replacements value in the structured data #5863: Add regex support for Replacement selectors #5930: feat: add PatchArgs API type to populate patch options #5940: fix: Propagate Namespace correctly to Helm #5942: fix fnplugin storagemounts validation #5958: fix: make AbsorbAll conflict error more verbose #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5967: Fix infinite loop in HTTP client by validating URLs before requests #5971: fix: performance recession when propagating namespace to helm #6007: Update kyaml to v0.21.0

cmd/config/v0.21.0

#5959: update go 1.24.6 #5962: chore: update dependencies from security alert #6007: Update kyaml to v0.21.0

kyaml/v0.21.0

#5679: implements to replacements value in the structured data #5959: update go 1.24.6 #5961: refactor: nested format string #5962: chore: update dependencies from security alert #5985: fix(kyaml/yaml): minor nil safety fix for RNode.Content etc

api/v0.20.1

#5943: drop shlex dependency #5948: Update kyaml to v0.20.1

cmd/config/v0.20.1

#5948: Update kyaml to v0.20.1

kyaml/v0.20.1

No release notes provided.

api/v0.20.0

#5630: Add static value source for replacement #5771: fix: Allow patches with empty files with multiple newlines or comments #5846: fix: Get version from the BuildInfo.Main.Version if not found in deps and build flag #5847: replace deplecated package github.com/google/shlex with github.com/carapace-sh/carapace-shlex #5859: fix: Don't panic on multiple $patch: delete strategic merge patches in a single patch file #5865: feat(helm): allow the use of devel alias for helmcharts #5873: Bump to github.com/spf13/viper v1.20.0 #5877: fix: make private one field in replacements transformer struct that had a missing JSON tag #5882: Set Git messages to English for TestRemoteLoad_LocalProtocol #5921: feat: Add suport for Image Volumes #5931: Drop usage of forked copies of goyaml.v2 and goyaml.v3 #5934: Update kyaml to v0.20.0

... (truncated)

Commits

• 6661fef Merge pull request #6008 from koba1t/pinToCmdConfig
• 3c59244 Update cmd/config to v0.21.0
• ade7bd6 Merge pull request #6007 from koba1t/pinToKyaml
• 0fc7554 Update kyaml to v0.21.0
• 8761791 fix(kyaml/yaml): minor nil safety fix for RNode.Content etc (#5985)
• 153a372 Merge pull request #5679 from koba1t/implements_to_replacements_value_in_the_...
• de01137 Merge pull request #5991 from isarns/fix/labels-without-selector-duplicate-ke...
• 4d37afe style(cmd-edit-add-label): lint multiple labels without selector test
• f71e4d7 style(cmd-edit-add-label): lint multiple labels without selector test
• d427f61 test(cmd-edit-add-label): add multiple labels without selector test
• Additional commits viewable in compare view

Updates sigs.k8s.io/yaml from 1.4.0 to 1.6.0

Release notes

Sourced from sigs.k8s.io/yaml's releases.

v1.6.0

What's Changed

• Add "kyaml" support and yamlfmt by @​thockin in kubernetes-sigs/yaml#132

v1.5.0

• Bugfix: Handle unhashable keys during merge (kubernetes-sigs/yaml#122)
• Improvement: wrap errors returned by JSON unmarshal (kubernetes-sigs/yaml#106)
• Deprecation: Deprecate code in goyaml.v2 and goyaml.v3 directories, and redirect to equivalents in go.yaml.in/yaml/v2 and go.yaml.in/yaml/v3 (kubernetes-sigs/yaml#133)

Full Changelog: kubernetes-sigs/yaml@v1.4.0...v1.5.0

Commits

• 048d724 Merge pull request #132 from thockin/master
• 23c836c Bolster tests, mostly in error-handling
• 2e3340b Add compact output tests
• 4a4f539 Add test case for tabs in multi-line strings
• 13509ad Change which methods get a newline and fix tests
• 59c2c43 Add compact mode so KYAML can be used in more places
• abc1add kyaml: Implement escaping closer to YAML spec
• 7749171 Add a yamlfmt cmd
• a932007 Add KYAML support
• 0f318dc Merge pull request #134 from kubernetes-sigs/forgot-to-add-redirects-for-cons...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[mergify]

This pull request has merge conflicts that must be resolved before it can be merged. @dependabot[bot] please rebase it. https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/syncing-a-fork

[dependabot]

Sorry, only users with push access can use that command.

[nathan-weinberg]

@anik120 could you PTAL?

[mergify]

This pull request has merge conflicts that must be resolved before it can be merged. @dependabot[bot] please rebase it. https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/syncing-a-fork

[dependabot]

Sorry, only users with push access can use that command.

[mergify]

This pull request has merge conflicts that must be resolved before it can be merged. @dependabot[bot] please rebase it. https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/syncing-a-fork

[dependabot]

Sorry, only users with push access can use that command.

[mergify]

This pull request has merge conflicts that must be resolved before it can be merged. @dependabot[bot] please rebase it. https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/syncing-a-fork

[dependabot]

Sorry, only users with push access can use that command.

[VaishnaviHire]

Most of these dependencies are handled by #189

[nathan-weinberg]

Ack, will close this in favor of that then

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml