chore(deps): Bump the gomod group with 5 updates

[dependabot]

Bumps the gomod group with 5 updates:

Package	From	To
github.com/docker/cli	28.0.1+incompatible	28.0.2+incompatible
github.com/onsi/ginkgo/v2	2.23.0	2.23.3
github.com/onsi/gomega	1.36.2	1.36.3
github.com/sigstore/cosign/v2	2.4.1	2.4.3
golang.org/x/exp	0.0.0-20240719175910-8a7402abbf56	0.0.0-20241108190413-2d47ceb2692f

Updates github.com/docker/cli from 28.0.1+incompatible to 28.0.2+incompatible

Commits

• 0442a73 Merge pull request #5929 from vvoland/vendor-docker
• bb0e9ad remove redundant error-handling for registry.ParseRepositoryInfo
• e0979b3 cli/command: remove ValidateMountWithAPIVersion
• cab5164 vendor: github.com/docker/docker v28.0.2-dev (bea4de25004d)
• 888716a Merge pull request #5932 from vvoland/TestConnectAndWait-flaky
• 667fa7b cli: remove uses of deprecated registry.SetCertsDir
• 63f5930 Merge pull request #5784 from thaJeztah/docs_gen_no_pkg_errors
• 0f75059 Merge pull request #5938 from thaJeztah/man_cleans
• 0ce8989 test/cli-plugins: Try to make TestConnectAndWait less flaky
• 2f79598 docs/generate: remove uses of pkg/errors
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.23.0 to 2.23.3

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.23.3

2.23.3

Fixes

• allow - as a standalone argument [cfcc1a5]
• Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
• ignore exit code for symbol test on linux [88e2282]

v2.23.2

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

v2.23.1

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

• make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
• emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

This might cause existing CI builds to fail. If so then it's likely that your CI build was misconfigured and should be corrected. Open an issue if you need help.

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.23.3

Fixes

• allow - as a standalone argument [cfcc1a5]
• Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context() [feaf292]
• ignore exit code for symbol test on linux [88e2282]

2.23.2

🎉🎉🎉

At long last, some long-standing performance gaps between ginkgo and go test have been resolved!

Ginkgo operates by running go test -c to generate test binaries, and then running those binaries. It turns out that the compilation step of go test -c is slower than go test's compilation step because go test strips out debug symbols (ldflags=-w) whereas go test -c does not.

Ginkgo now passes the appropriate ldflags to go test -c when running specs to strip out symbols. This is only done when it is safe to do so and symbols are preferred when profiling is enabled and when ginkgo build is called explicitly.

This, coupled, with the instructions for disabling XProtect on MacOS yields a much better performance experience with Ginkgo.

2.23.1

🚨 For users on MacOS 🚨

A long-standing Ginkgo performance issue on MacOS seems to be due to mac's antimalware XProtect. You can follow the instructions here to disable it in your terminal. Doing so sped up Ginkgo's own test suite from 1m8s to 47s.

Fixes

Ginkgo's CLI is now a bit clearer if you pass flags in incorrectly:

• make it clearer that you need to pass a filename to the various profile flags, not an absolute directory [a0e52ff]
• emit an error and exit if the ginkgo invocation includes flags after positional arguments [b799d8d]

This might cause existing CI builds to fail. If so then it's likely that your CI build was misconfigured and should be corrected. Open an issue if you need help.

Commits

• 04a9a74 v2.23.3
• cfcc1a5 allow - as a standalone argument
• feaf292 Bug Fix: Add GinkoTBWrapper.Chdir() and GinkoTBWrapper.Context()
• 88e2282 ignore exit code for symbol test on linux
• 979c969 v2.23.2
• 976a5c0 strip out symbols when running ginkgo
• 99e2fe2 v2.23.1
• a0e52ff make it clearer that you need to pass a filename to the various profile flags...
• b799d8d emit an error and exit if the ginkgo invocation includes flags after position...
• a565d1f Fix typo in documentation: DescribeHandleSubtree -> DescribeTableSubtree
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.36.2 to 1.36.3

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.36.3

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.36.3

Maintenance

• bump all the things [adb8b49]
• chore: replace interface{} with any [7613216]
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822) [9fe5259]
• remove spurious "toolchain" from go.mod (#819) [a0e85b9]
• Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823) [604a8b1]
• Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772) [36fbc84]
• Bump github-pages from 231 to 232 in /docs (#778) [ced70d7]
• Bump rexml from 3.2.6 to 3.3.9 in /docs (#788) [c8b4a07]
• Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812) [06431b9]
• Bump webrick from 1.8.1 to 1.9.1 in /docs (#800) [b55a92d]
• Fix typos (#813) [a1d518b]

Commits

• 2251143 v1.36.3
• adb8b49 bump all the things
• 7613216 chore: replace interface{} with any
• 9fe5259 Bump google.golang.org/protobuf from 1.36.1 to 1.36.5 (#822)
• a0e85b9 remove spurious "toolchain" from go.mod (#819)
• 604a8b1 Bump golang.org/x/net from 0.33.0 to 0.35.0 (#823)
• 36fbc84 Bump activesupport from 6.0.6.1 to 6.1.7.5 in /docs (#772)
• ced70d7 Bump github-pages from 231 to 232 in /docs (#778)
• c8b4a07 Bump rexml from 3.2.6 to 3.3.9 in /docs (#788)
• 06431b9 Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#812)
• Additional commits viewable in compare view

Updates github.com/sigstore/cosign/v2 from 2.4.1 to 2.4.3

Release notes

Sourced from github.com/sigstore/cosign/v2's releases.

v2.4.3

Features

• Bump sigstore/sigstore to support KMS plugins (#4073)
• Enable fetching signatures without remote get. (#4047)
• Feat/file flag completion improvements (#4028)
• Update builder to use go1.23.6 (#4052)

Bug Fixes

• fix parsing error in --only for cosign copy (#4049)

Cleanup

• Refactor verifyNewBundle into library function (#4013)
• fix comment typo and imports order (#4061)
• sync comment with parameter name in function signature (#4063)
• sort properly Go imports (#4071)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Dmitry Savintsev
• Hayden B
• Tomasz Janiszewski
• Ville Skyttä

v2.4.2

Features

• Updated open-policy-agent to 1.1.0 library (#4036)
  • Note that only Rego v0 policies are supported at this time
• Add UseSignedTimestamps to CheckOpts, refactor TSA options (#4006)
• Add support for verifying root checksum in cosign initialize (#3953)
• Detect if user supplied a valid protobuf bundle (#3931)
• Add a log message if user doesn't provide --trusted-root (#3933)
• Support mTLS towards container registry (#3922)
• Add bundle create helper command (#3901)
• Add trusted-root create helper command (#3876)

Bug Fixes

• fix: set tls config while retaining other fields from default http transport (#4007)
• policy fuzzer: ignore known panics (#3993)
• Fix for multiple WithRemote options (#3982)
• Add nightly conformance test workflow (#3979)
• Fix copy --only for signatures + update/align docs (#3904)

... (truncated)

Changelog

Sourced from github.com/sigstore/cosign/v2's changelog.

v2.4.3

Features

• Bump sigstore/sigstore to support KMS plugins (#4073)
• Enable fetching signatures without remote get. (#4047)
• Feat/file flag completion improvements (#4028)
• Update builder to use go1.23.6 (#4052)

Bug Fixes

• fix parsing error in --only for cosign copy (#4049)

Cleanup

• Refactor verifyNewBundle into library function (#4013)
• fix comment typo and imports order (#4061)
• sync comment with parameter name in function signature (#4063)
• sort properly Go imports (#4071)

Contributors

• Bob Callaway
• Carlos Tadeu Panato Junior
• Cody Soyland
• Dmitry Savintsev
• Hayden B
• Tomasz Janiszewski
• Ville Skyttä

v2.4.2

Features

• Updated open-policy-agent to 1.1.0 library (#4036)
  • Note that only Rego v0 policies are supported at this time
• Add UseSignedTimestamps to CheckOpts, refactor TSA options (#4006)
• Add support for verifying root checksum in cosign initialize (#3953)
• Detect if user supplied a valid protobuf bundle (#3931)
• Add a log message if user doesn't provide --trusted-root (#3933)
• Support mTLS towards container registry (#3922)
• Add bundle create helper command (#3901)
• Add trusted-root create helper command (#3876)

Bug Fixes

• fix: set tls config while retaining other fields from default http transport (#4007)
• policy fuzzer: ignore known panics (#3993)
• Fix for multiple WithRemote options (#3982)
• Add nightly conformance test workflow (#3979)

... (truncated)

Commits

• 6a7abbf chore(deps): bump the gomod group across 1 directory with 4 updates (#4074)
• 0b69cc5 chore(deps): bump github.com/buildkite/agent/v3 from 3.91.0 to 3.92.1 (#4066)
• 3564b3e chore(deps): bump gitlab.com/gitlab-org/api/client-go (#4065)
• d6aeeb2 Enable fetching signatures without remote get. (#4047)
• 26d0ee5 Bump sigstore/sigstore to support KMS plugins (#4073)
• 5181623 chore(deps): bump golangci/golangci-lint-action in the actions group (#4070)
• c1b1a78 chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#4067)
• a0b20b7 sort properly Go imports (#4071)
• b4be5f7 chore(deps): bump google.golang.org/api from 0.220.0 to 0.221.0 (#4068)
• 01fde81 sync comment with parameter name in function signature (#4063)
• Additional commits viewable in compare view

Updates golang.org/x/exp from 0.0.0-20240719175910-8a7402abbf56 to 0.0.0-20241108190413-2d47ceb2692f

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[poiana]

LGTM label has been added.

Git tree hash: 81521a64f5fbac8fd34660f30e93215bd1fef17b

[poiana]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cpanato, dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [cpanato]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment