chore(deps): update go dependencies

[red-hat-konflux]

This PR contains the following updates:

Package	Type	Update	Change
github.com/google/certificate-transparency-go	require	patch	v1.3.1 -> v1.3.2
github.com/google/pprof	indirect	digest	c008609 -> 033d6d7
github.com/openshift/api	require	digest	ff66e60 -> f9cb766
github.com/operator-framework/api	require	minor	v0.31.0 -> v0.32.0
github.com/operator-framework/operator-lib	require	minor	v0.18.0 -> v0.19.0
github.com/prometheus/common	indirect	minor	v0.64.0 -> v0.65.0
golang.org/x/net	require	minor	v0.40.0 -> v0.41.0
golang.org/x/sync	indirect	minor	v0.14.0 -> v0.15.0
golang.org/x/text	indirect	minor	v0.25.0 -> v0.26.0
golang.org/x/time	indirect	minor	v0.11.0 -> v0.12.0
golang.org/x/tools	indirect	minor	v0.33.0 -> v0.34.0
k8s.io/api	require	patch	v0.32.5 -> v0.32.6
k8s.io/apiextensions-apiserver	require	patch	v0.32.5 -> v0.32.6
k8s.io/apimachinery	require	patch	v0.32.5 -> v0.32.6
k8s.io/client-go	require	patch	v0.32.5 -> v0.32.6
k8s.io/kube-openapi	indirect	digest	c8a335a -> 8b98d1e
k8s.io/utils	require	digest	0f33e8f -> 4c0f3b2
sigs.k8s.io/yaml	require	minor	v1.4.0 -> v1.5.0

---

Release Notes

google/certificate-transparency-go (github.com/google/certificate-transparency-go)

v1.3.2

Compare Source

Misc

• [migrillian] remove etcd support in #​1699
• Bump golangci-lint from 1.55.1 to 1.61.0 (developers should update to this version).
• Update ctclient tool to support SCT extensions field by @​liweitianux in https://github.com/google/certificate-transparency-go/pull/1645
• Bump go to 1.23
• [ct_hammer] support HTTPS and Bearer token for Authentication.
• [preloader] support Bearer token Authentication for non temporal logs.
• [preloader] support end indexes
• [CTFE] Short cache max-age when get-entries returns fewer entries than requested by @​robstradling in https://github.com/google/certificate-transparency-go/pull/1707
• [CTFE] Disalllow mismatching signature algorithm identifiers in #​702.
• [jsonclient] surface HTTP Do and Read errors #​1695 by @​FiloSottile

CTFE Storage Saving: Extra Data Issuance Chain Deduplication

• Suppress unnecessary duplicate key errors in the IssuanceChainStorage PostgreSQL implementation by @​robstradling in https://github.com/google/certificate-transparency-go/pull/1678
• Only store IssuanceChain if not cached by @​robstradling in https://github.com/google/certificate-transparency-go/pull/1679

CTFE Rate Limiting Of Non-Fresh Submissions

To protect a log from being flooded with requests for "old" certificates, optional rate limiting for "non-fresh submissions" can be configured by providing the following flags:

• non_fresh_submission_age
• non_fresh_submission_burst
• non_fresh_submission_limit

This can help to ensure that the log maintains its ability to (1) accept "fresh" submissions and (2) distribute all log entries to monitors.

• [CTFE] Configurable mechanism to rate-limit non-fresh submissions by @​robstradling in https://github.com/google/certificate-transparency-go/pull/1698

Dependency updates

• Bump the docker-deps group across 5 directories with 3 updates (#​1705)
• Bump google.golang.org/grpc from 1.72.1 to 1.72.2 in the all-deps group (#​1704)
• Bump github.com/go-jose/go-jose/v4 in the go_modules group (#​1700)
• Bump the all-deps group with 7 updates (#​1701)
• Bump the all-deps group with 7 updates (#​1693)
• Bump the docker-deps group across 4 directories with 1 update (#​1694)
• Bump github/codeql-action from 3.28.13 to 3.28.16 in the all-deps group (#​1692)
• Bump the all-deps group across 1 directory with 7 updates (#​1688)
• Bump distroless/base-debian12 (#​1686)
• Bump golangci/golangci-lint-action from 6.5.1 to 7.0.0 in the all-deps group (#​1685)
• Bump the all-deps group with 4 updates (#​1681)
• Bump the all-deps group with 6 updates (#​1683)
• Bump the docker-deps group across 4 directories with 2 updates (#​1682)
• Bump github.com/golang-jwt/jwt/v4 in the go_modules group (#​1680)
• Bump golangci/golangci-lint-action in the all-deps group (#​1676)
• Bump the all-deps group with 2 updates (#​1677)
• Bump github/codeql-action from 3.28.10 to 3.28.11 in the all-deps group (#​1670)
• Bump the all-deps group with 8 updates (#​1672)
• Bump the docker-deps group across 4 directories with 1 update (#​1671)
• Bump the docker-deps group across 4 directories with 1 update (#​1668)
• Bump the all-deps group with 4 updates (#​1666)
• Bump golangci-lint from 1.55.1 to 1.61.0 (#​1667)
• Bump the all-deps group with 3 updates (#​1665)
• Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 in the all-deps group (#​1660)
• Bump the docker-deps group across 5 directories with 2 updates (#​1661)
• Bump golangci/golangci-lint-action in the all-deps group (#​1662)
• Bump the docker-deps group across 4 directories with 1 update (#​1656)
• Bump the all-deps group with 2 updates (#​1654)
• Bump the all-deps group with 4 updates (#​1657)
• Bump github/codeql-action from 3.28.5 to 3.28.8 in the all-deps group (#​1652)
• Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 in the all-deps group (#​1651)
• Bump the all-deps group with 2 updates (#​1649)
• Bump the all-deps group with 5 updates (#​1650)
• Bump the docker-deps group across 5 directories with 3 updates (#​1648)
• Bump google.golang.org/protobuf in the all-deps group (#​1647)
• Bump golangci/golangci-lint-action in the all-deps group (#​1646)

operator-framework/api (github.com/operator-framework/api)

v0.32.0

Compare Source

What's Changed

• 🌱 add go version check to protect us from accidentally upgraded by @​camilamacedo86 in https://github.com/operator-framework/api/pull/423
• 🌱 fixup go-verdiff job by @​perdasilva in https://github.com/operator-framework/api/pull/426
• 🌱 (cleanup): Update Owner Alias - remove inactive maintainers by @​camilamacedo86 in https://github.com/operator-framework/api/pull/427
• 🌱 Owner: Add camilamacedo86 and tmshort as approver by @​camilamacedo86 in https://github.com/operator-framework/api/pull/428
• 🌱 (ci) - Add stale config to close PRs and issues which are inactivity by @​camilamacedo86 in https://github.com/operator-framework/api/pull/431
• 🌱 Allow override of go-verdiff result via label by @​tmshort in https://github.com/operator-framework/api/pull/433
• ✨ Update k8s 1 33 by @​acornett21 in https://github.com/operator-framework/api/pull/432
• ✨ Upgrade controller-gen from v0.17.2 to v0.18.0 and re-generate CRDs by @​camilamacedo86 in https://github.com/operator-framework/api/pull/434
• ✨ Upgrade google.golang.org/genproto/googleapis/api and indirect dependencies by @​camilamacedo86 in https://github.com/operator-framework/api/pull/435

Full Changelog: operator-framework/api@v0.31.0...v0.32.0

operator-framework/operator-lib (github.com/operator-framework/operator-lib)

v0.19.0

Compare Source

What's Changed

• 🌱 Bump github.com/operator-framework/api from 0.30.0 to 0.31.0 by @​dependabot in https://github.com/operator-framework/operator-lib/pull/238
• 🌱 Bump github.com/go-logr/logr from 1.4.2 to 1.4.3 by @​dependabot in https://github.com/operator-framework/operator-lib/pull/240
• updating dependencies to support k8s 1.33 by @​acornett21 in https://github.com/operator-framework/operator-lib/pull/241

Full Changelog: operator-framework/operator-lib@v0.18.0...v0.19.0

prometheus/common (github.com/prometheus/common)

v0.65.0

Compare Source

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in https://github.com/prometheus/common/pull/789
• Remove otlptranslator package by @​ArthurSens in https://github.com/prometheus/common/pull/791
• feat(promslog): add Level() method to get slog.Level by @​tjhop in https://github.com/prometheus/common/pull/795
• feat: Support negative duration in new function ParseDurationAllowNegative by @​iamhalje in https://github.com/prometheus/common/pull/793

New Contributors

• @​iamhalje made their first contribution in https://github.com/prometheus/common/pull/793

Full Changelog: prometheus/common@v0.64.0...v0.65.0

kubernetes/api (k8s.io/api)

v0.32.6

Compare Source

kubernetes/apiextensions-apiserver (k8s.io/apiextensions-apiserver)

v0.32.6

Compare Source

kubernetes/apimachinery (k8s.io/apimachinery)

v0.32.6

Compare Source

kubernetes/client-go (k8s.io/client-go)

v0.32.6

Compare Source

kubernetes-sigs/yaml (sigs.k8s.io/yaml)

v1.5.0

Compare Source

• Bugfix: Handle unhashable keys during merge (https://github.com/kubernetes-sigs/yaml/pull/122)
• Improvement: wrap errors returned by JSON unmarshal (https://github.com/kubernetes-sigs/yaml/pull/106)
• Deprecation: Deprecate code in goyaml.v2 and goyaml.v3 directories, and redirect to equivalents in go.yaml.in/yaml/v2 and go.yaml.in/yaml/v3 (https://github.com/kubernetes-sigs/yaml/pull/133)

Full Changelog: kubernetes-sigs/yaml@v1.4.0...v1.5.0

---

Configuration

📅 Schedule: Branch creation - "after 5am on sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

[sourcery-ai]

Reviewer's Guide

Bumps the github.com/openshift/api module digest in go.mod to the latest revision.

File-Level Changes

Change	Details	Files
Update openshift/api dependency digest	Changed digest from ff66e60214fc to e041b5efb8e4	go.mod

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[red-hat-konflux]

Caution

There are some errors in your PipelineRun template.

PipelineRun	Error
operator	no kind "Project" is registered for version "projctl.konflux.dev/v1beta1" in scheme "k8s.io/client-go/kubernetes/scheme/register.go:83"
operator-template	no kind "ProjectDevelopmentStreamTemplate" is registered for version "projctl.konflux.dev/v1beta1" in scheme "k8s.io/client-go/kubernetes/scheme/register.go:83"
operator-v1-0	no kind "ProjectDevelopmentStream" is registered for version "projctl.konflux.dev/v1beta1" in scheme "k8s.io/client-go/kubernetes/scheme/register.go:83"

[red-hat-konflux]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 2 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.23.6 -> 1.24.3
sigs.k8s.io/controller-runtime	v0.20.4 -> v0.21.0
github.com/gorilla/websocket	v1.5.3 -> v1.5.4-0.20250319132907-e064f32e3674