chore(deps): Bump the go-dependencies group with 6 updates #104

dependabot · 2025-12-07T18:07:28Z

Bumps the go-dependencies group with 6 updates:

Package	From	To
get.porter.sh/porter	`1.3.0`	`1.4.0`
github.com/aws/aws-sdk-go-v2	`1.40.0`	`1.40.1`
github.com/aws/aws-sdk-go-v2/config	`1.32.2`	`1.32.3`
github.com/aws/aws-sdk-go-v2/service/secretsmanager	`1.40.2`	`1.40.3`
github.com/aws/smithy-go	`1.23.2`	`1.24.0`
github.com/spf13/cobra	`1.10.1`	`1.10.2`

Updates get.porter.sh/porter from 1.3.0 to 1.4.0

Release notes

Sourced from get.porter.sh/porter's releases.

v1.4.0

What's Changed

Chore(deps): Bump github.com/prometheus/client_golang from 1.22.0 to 1.23.0 by @dependabot[bot] in getporter/porter#3425

Chore(deps): Bump github.com/docker/cli from 28.3.2+incompatible to 28.3.3+incompatible by @dependabot[bot] in getporter/porter#3426

feat: add run option to installation outputs list/show by @lbergnehr in getporter/porter#3428

Chore(deps): Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in getporter/porter#3429

Expose more buildkit build options by @erikced in getporter/porter#3371

Chore(deps): Bump github.com/docker/buildx from 0.25.0 to 0.26.1 by @dependabot[bot] in getporter/porter#3421

feat: create state file parent directory if it doesn't exist by @kichristensen in getporter/porter#3431

Chore(deps): Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in the go_modules group by @dependabot[bot] in getporter/porter#3434

Chore(deps): Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @dependabot[bot] in getporter/porter#3437

Chore(deps): Bump google.golang.org/grpc from 1.74.2 to 1.75.0 by @dependabot[bot] in getporter/porter#3439

Setup permission in workflows by @kichristensen in getporter/porter#3433

Fix pipeline permissions by @kichristensen in getporter/porter#3440

Add package write permission to canary Github Action by @kichristensen in getporter/porter#3441

Chore(deps): Bump github.com/docker/buildx from 0.26.1 to 0.27.0 by @dependabot[bot] in getporter/porter#3438

Add missing permission to Porter release integration test Github Action by @kichristensen in getporter/porter#3442

Chore(deps): Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @dependabot[bot] in getporter/porter#3444

Chore(deps): Bump go.opentelemetry.io/otel from 1.37.0 to 1.38.0 by @dependabot[bot] in getporter/porter#3443

Chore(deps): Bump go.opentelemetry.io/otel/sdk from 1.37.0 to 1.38.0 by @dependabot[bot] in getporter/porter#3445

Chore(deps): Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 by @dependabot[bot] in getporter/porter#3446

Chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.37.0 to 1.38.0 by @dependabot[bot] in getporter/porter#3447

Chore(deps): Bump github.com/docker/cli from 28.3.3+incompatible to 28.4.0+incompatible by @dependabot[bot] in getporter/porter#3448

Chore(deps): Bump github.com/moby/buildkit from 0.23.0-rc1.0.20250806140246-955c2b2f7d01 to 0.24.0 by @dependabot[bot] in getporter/porter#3449

Chore(deps): Bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @dependabot[bot] in getporter/porter#3453

Chore(deps): Bump github.com/spf13/pflag from 1.0.9 to 1.0.10 by @dependabot[bot] in getporter/porter#3450

Chore(deps): Bump github.com/olekukonko/tablewriter from 0.0.5 to 1.0.9 by @dependabot[bot] in getporter/porter#3435

Chore(deps): Bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.62.0 to 0.63.0 by @dependabot[bot] in getporter/porter#3451

Chore(deps): Bump github.com/spf13/afero from 1.14.0 to 1.15.0 by @dependabot[bot] in getporter/porter#3452

Chore(deps): Bump github.com/spf13/viper from 1.20.1 to 1.21.0 by @dependabot[bot] in getporter/porter#3458

Chore(deps): Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @dependabot[bot] in getporter/porter#3456

Chore(deps): Bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.37.0 to 1.38.0 by @dependabot[bot] in getporter/porter#3455

Chore(deps): Bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.37.0 to 1.38.0 by @dependabot[bot] in getporter/porter#3457

Chore(deps): Bump github.com/docker/docker from 28.3.3+incompatible to 28.4.0+incompatible by @dependabot[bot] in getporter/porter#3454

Grouped minor and patch updates by @dgannon991 in getporter/porter#3460

Update dependabot.yml to fix indentation error by @dgannon991 in getporter/porter#3461

Chore(deps): Bump the go-dependencies group with 4 updates by @dependabot[bot] in getporter/porter#3467

Chore(deps): Bump actions/cache from 3 to 4 by @dependabot[bot] in getporter/porter#3462

Chore(deps): Bump actions/upload-artifact from 4.4.0 to 4.6.2 by @dependabot[bot] in getporter/porter#3464

Chore(deps): Bump actions/download-artifact from 4.1.8 to 5.0.0 by @dependabot[bot] in getporter/porter#3466

Chore(deps): Bump actions/setup-go from 4 to 6 by @dependabot[bot] in getporter/porter#3465

Chore(deps): Bump actions/checkout from 3 to 5 by @dependabot[bot] in getporter/porter#3463

Update ParameterSet documentation by @erikced in getporter/porter#3468

Chore(deps): Bump the go-dependencies group with 5 updates by @dependabot[bot] in getporter/porter#3470

Chore(deps): Bump docker/login-action from 3.0.0 to 3.6.0 by @dependabot[bot] in getporter/porter#3472

Chore(deps): Bump github/codeql-action from 2 to 3 by @dependabot[bot] in getporter/porter#3471

Fix image tag resolution from version by @erikced in getporter/porter#3473

Chore(deps): Bump the go-dependencies group with 4 updates by @dependabot[bot] in getporter/porter#3475

Chore(deps): Bump github/codeql-action from 3 to 4 by @dependabot[bot] in getporter/porter#3476

Chore(deps): Bump the go-dependencies group with 3 updates by @dependabot[bot] in getporter/porter#3477

... (truncated)

Commits

9beb11e ci: Update permissions needed by release workflow
0e91560 ci: Delete unused dependencies before running smoke test in release action
f86401c Do not start test cluster for integration tests (#3507)
e46caa5 docs: remove Twitter account references (#3511)
32024ec fix: grant required permissions to release workflow (#3510)
86145eb Merge pull request #3494 from getporter/dependabot/go_modules/go-dependencies...
35f274d Downgraded back to docker v28.5.2+incompatible
e4ceb0f Chore(deps): Bump the go-dependencies group with 6 updates
014f9c8 Bumped to 1.24.10 (#3505)
4a39e06 Auto build detection (#3502)
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.40.0 to 1.40.1

Commits

09a5817 Release 2025-12-02
58d1759 Regenerated Clients
16ba34e Update endpoints model
7873bf4 Update API model
9b55b02 bump smithy-go to v1.24.0 (#3242)
d8b0179 Release 2025-12-01
e4405f0 Regenerated Clients
65d08b0 Update API model
f6cc036 Release 2025-11-26
deb353f Regenerated Clients
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.2 to 1.32.3

Commits

6b53348 Release 2024-10-28
784d2d3 Regenerated Clients
7258bd2 Update endpoints model
f322198 Update API model
b65b80a Merge pull request #2852 from RanVaknin/signature-header-parsing-fix
803614d Fixing changelog description and implementation to use TrimSpace
b12c8cf adding changelog
f0caa97 patching GetSignedRequestSignature to cover edge cases with the signature
e058903 drop service/nimble (#2851)
896793a Release 2024-10-25
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.40.2 to 1.40.3

Commits

640b808 Release 2025-08-29
657a6e8 Regenerated Clients
34a91bb Update partitions file
09f5a9c Update endpoints model
fff96ca Update API model
d46f566 deprecate service/sms (#3176)
de16d4d Release 2025-08-28
d6b83a8 Regenerated Clients
b0f9cb7 Update API model
8225491 Release 2025-08-27
Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.23.2 to 1.24.0

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2025-12-01)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.24.0

Feature: Improve allocation footprint of the middleware stack. This should convey a ~10% reduction in allocations per SDK request.

Release (2025-11-03)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.23.2

Bug Fix: Adjust the initial sizes of each middleware phase to avoid some unnecessary reallocation.

Bug Fix: Avoid unnecessary allocation overhead from the metrics system when not in use.

Release (2025-10-15)

General Highlights

Dependency Update: Bump minimum go version to 1.23.

Dependency Update: Updated to the latest SDK module versions

Release (2025-09-18)

Module Highlights

github.com/aws/smithy-go/aws-http-auth: v1.1.0

Feature: Added support for SIG4/SIGV4A querystring authentication.

Release (2025-08-27)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.23.0

Feature: Sort map keys in JSON Document types.

Release (2025-07-24)

General Highlights

Dependency Update: Updated to the latest SDK module versions

Module Highlights

github.com/aws/smithy-go: v1.22.5

Feature: Add HTTP interceptors.

Release (2025-06-16)

... (truncated)

Commits

71f5bff Release 2025-12-01
c94c177 changelog
0cc0b1c convert middleware steps to linked lists (#617)
ed49224 Add param binding error check in auth scheme resolution to avoid panic (#619)
0e0b20c add discrete tests for initialize step (#618)
ddbac1c only add interceptors if configured (#616)
798bf4f remove pointless trace spans (#615)
dc545a7 don't create op metrics context if not in use (#613)
6f12c09 add host label validation for region before ep resolution (#612)
See full diff in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

Fix linter and allow CI to pass by @marckhouzam in spf13/cobra#2327

fix: actions/setup-go v6 by @jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

Add documentation for repeated flags functionality by @rvergis in spf13/cobra#2316

🍂 Refactors

refactor: replace several vars with consts by @htoyoda18 in spf13/cobra#2328

refactor: change minUsagePadding from var to const by @ssam18 in spf13/cobra#2325

🤗 New Contributors

@rvergis made their first contribution in spf13/cobra#2316

@htoyoda18 made their first contribution in spf13/cobra#2328

@ssam18 made their first contribution in spf13/cobra#2325

@dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
346d408 fix: actions/setup-go v6 (#2337)
fc81d20 refactor: change minUsagePadding from var to const (#2325)
117698a refactor: replace several vars with consts (#2328)
e2dd29d Add documentation for repeated flags functionality (#2316)
0629892 Fix linter (#2327)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [get.porter.sh/porter](https://github.com/getporter/porter) | `1.3.0` | `1.4.0` | | [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.40.0` | `1.40.1` | | [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.32.2` | `1.32.3` | | [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) | `1.40.2` | `1.40.3` | | [github.com/aws/smithy-go](https://github.com/aws/smithy-go) | `1.23.2` | `1.24.0` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.10.1` | `1.10.2` | Updates `get.porter.sh/porter` from 1.3.0 to 1.4.0 - [Release notes](https://github.com/getporter/porter/releases) - [Commits](getporter/porter@v1.3.0...v1.4.0) Updates `github.com/aws/aws-sdk-go-v2` from 1.40.0 to 1.40.1 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@v1.40.0...v1.40.1) Updates `github.com/aws/aws-sdk-go-v2/config` from 1.32.2 to 1.32.3 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@v1.32.2...v1.32.3) Updates `github.com/aws/aws-sdk-go-v2/service/secretsmanager` from 1.40.2 to 1.40.3 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.40.2...service/efs/v1.40.3) Updates `github.com/aws/smithy-go` from 1.23.2 to 1.24.0 - [Release notes](https://github.com/aws/smithy-go/releases) - [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md) - [Commits](aws/smithy-go@v1.23.2...v1.24.0) Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.10.1...v1.10.2) --- updated-dependencies: - dependency-name: get.porter.sh/porter dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-version: 1.40.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-version: 1.32.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/aws/aws-sdk-go-v2/service/secretsmanager dependency-version: 1.40.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/aws/smithy-go dependency-version: 1.24.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependabot 🤖 label Dec 7, 2025

dependabot bot requested a review from a team as a code owner December 7, 2025 18:07

dependabot bot added the dependabot 🤖 label Dec 7, 2025

dgannon991 approved these changes Dec 7, 2025

View reviewed changes

dgannon991 merged commit 976c1c9 into main Dec 7, 2025
3 checks passed

dependabot bot deleted the dependabot/go_modules/go-dependencies-f4805c0ff8 branch December 7, 2025 20:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): Bump the go-dependencies group with 6 updates #104

chore(deps): Bump the go-dependencies group with 6 updates #104

Uh oh!

dependabot bot commented on behalf of github Dec 7, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

chore(deps): Bump the go-dependencies group with 6 updates #104

chore(deps): Bump the go-dependencies group with 6 updates #104

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 7, 2025

v1.4.0

What's Changed

Release (2025-12-01)

General Highlights

Module Highlights

Release (2025-11-03)

General Highlights

Module Highlights

Release (2025-10-15)

General Highlights

Release (2025-09-18)

Module Highlights

Release (2025-08-27)

General Highlights

Module Highlights

Release (2025-07-24)

General Highlights

Module Highlights

Release (2025-06-16)

v1.10.2

🔧 Dependencies

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants