Bump the security group with 12 updates

[dependabot]

Bumps the security group with 12 updates:

Package	From	To
github.com/onsi/ginkgo/v2	2.13.1	2.17.1
github.com/onsi/gomega	1.30.0	1.32.0
github.com/spf13/cobra	1.7.0	1.8.0
github.com/spf13/viper	1.16.0	1.18.2
golang.org/x/term	0.16.0	0.19.0
k8s.io/api	0.29.2	0.29.4
k8s.io/apiextensions-apiserver	0.29.2	0.29.4
k8s.io/apimachinery	0.29.2	0.29.4
k8s.io/apiserver	0.29.2	0.29.4
k8s.io/client-go	0.29.2	0.29.4
k8s.io/kubectl	0.29.2	0.29.4
k8s.io/kubernetes	1.29.2	1.29.4

Updates github.com/onsi/ginkgo/v2 from 2.13.1 to 2.17.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.17.1

2.17.1

Fixes

• If the user sets --seed=0, make sure all parallel nodes get the same seed [af0330d]

v2.17.0

2.17.0

Features

• add --github-output for nicer output in github actions [e8a2056]

Maintenance

• fix typo in core_dsl.go [977bc6f]
• Fix typo in docs [e297e7b]

v2.16.0

2.16.0

Features

• add SpecContext to reporting nodes

Fixes

• merge coverages instead of combining them (#1329) (#1340) [23f0cc5]
• core_dsl: disable Getwd() with environment variable (#1357) [cd418b7]

Maintenance

• docs/index.md: Typo [2cebe8d]
• fix docs [06de431]
• chore: test with Go 1.22 (#1352) [898cba9]
• Bump golang.org/x/tools from 0.16.1 to 0.17.0 (#1336) [17ae120]
• Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#1327) [5a179ed]
• Bump github.com/go-logr/logr from 1.3.0 to 1.4.1 (#1321) [a1e6b69]
• Bump github-pages and jekyll-feed in /docs (#1351) [d52951d]
• Fix docs for handling failures in goroutines (#1339) [4471b2e]

v2.15.0

2.15.0

Features

• JUnit reports now interpret Label(owner:X) and set owner to X. [8f3bd70]
• include cancellation reason when cancelling spec context [96e915c]

Fixes

• emit output of failed go tool cover invocation so users can try to debug things for themselves [c245d09]
• fix outline when using nodot in ginkgo v2 [dca77c8]

... (truncated)

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.17.1

Fixes

• If the user sets --seed=0, make sure all parallel nodes get the same seed [af0330d]

2.17.0

Features

• add --github-output for nicer output in github actions [e8a2056]

Maintenance

• fix typo in core_dsl.go [977bc6f]
• Fix typo in docs [e297e7b]

2.16.0

Features

• add SpecContext to reporting nodes

Fixes

• merge coverages instead of combining them (#1329) (#1340) [23f0cc5]
• core_dsl: disable Getwd() with environment variable (#1357) [cd418b7]

Maintenance

• docs/index.md: Typo [2cebe8d]
• fix docs [06de431]
• chore: test with Go 1.22 (#1352) [898cba9]
• Bump golang.org/x/tools from 0.16.1 to 0.17.0 (#1336) [17ae120]
• Bump golang.org/x/sys from 0.15.0 to 0.16.0 (#1327) [5a179ed]
• Bump github.com/go-logr/logr from 1.3.0 to 1.4.1 (#1321) [a1e6b69]
• Bump github-pages and jekyll-feed in /docs (#1351) [d52951d]
• Fix docs for handling failures in goroutines (#1339) [4471b2e]

2.15.0

Features

• JUnit reports now interpret Label(owner:X) and set owner to X. [8f3bd70]
• include cancellation reason when cancelling spec context [96e915c]

Fixes

• emit output of failed go tool cover invocation so users can try to debug things for themselves [c245d09]
• fix outline when using nodot in ginkgo v2 [dca77c8]
• Document areas where GinkgoT() behaves differently from testing.T [dbaf18f]
• bugfix(docs): use Unsetenv instead of Clearenv (#1337) [6f67a14]

Maintenance

... (truncated)

Commits

• 9242338 v2.17.1
• af0330d If the user sets --seed=0, make sure all parallel nodes get the same seed
• 75ad73b v2.17.0
• 3a6097a add test
• 6e80d3f use github formwat in CI
• e8a2056 add --github-output for nicer output in github actions
• 977bc6f fix typo in core_dsl.go
• e297e7b Fix typo in docs
• a181ee2 v2.16.0
• 2cebe8d docs/index.md: Typo
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.30.0 to 1.32.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.32.0

1.32.0

Maintenance

• Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

  This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @​jbduncan !). Please open an issue if you run into one.

• chore: test with Go 1.22 (#733) [32ef35e]

• Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

• Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

• docs: fix typo and broken anchor link to gstruct [f460154]

• docs: fix HaveEach matcher signature [a2862e4]

v1.31.1

1.31.1

Fixes

• Inverted arguments order of FailureMessage of BeComparableToMatcher [e0dd999]
• Update test in case keeping msg is desired [ad1a367]

Maintenance

• Show how to import the format sub package [24e958d]
• tidy up go.sum [26661b8]
• bump dependencies [bde8f7a]

v1.31.0

1.31.0

Features

• Async assertions include context cancellation cause if present [121c37f]

Maintenance

• Bump minimum go version [dee1e3c]
• docs: fix typo in example usage "occured" -> "occurred" [49005fe]
• Bump actions/setup-go from 4 to 5 (#714) [f1c8757]
• Bump github/codeql-action from 2 to 3 (#715) [9836e76]
• Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.2 (#713) [54726f0]
• Bump golang.org/x/net from 0.17.0 to 0.19.0 (#711) [df97ecc]
• docs: fix HaveExactElement typo (#712) [a672c86]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.32.0

Maintenance

• Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]

  This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @​jbduncan !). Please open an issue if you run into one.

• chore: test with Go 1.22 (#733) [32ef35e]

• Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717) [a0d0387]

• Bump github-pages and jekyll-feed in /docs (#732) [b71e477]

• docs: fix typo and broken anchor link to gstruct [f460154]

• docs: fix HaveEach matcher signature [a2862e4]

1.31.1

Fixes

• Inverted arguments order of FailureMessage of BeComparableToMatcher [e0dd999]
• Update test in case keeping msg is desired [ad1a367]

Maintenance

• Show how to import the format sub package [24e958d]
• tidy up go.sum [26661b8]
• bump dependencies [bde8f7a]

1.31.0

Features

• Async assertions include context cancellation cause if present [121c37f]

Maintenance

• Bump minimum go version [dee1e3c]
• docs: fix typo in example usage "occured" -> "occurred" [49005fe]
• Bump actions/setup-go from 4 to 5 (#714) [f1c8757]
• Bump github/codeql-action from 2 to 3 (#715) [9836e76]
• Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.2 (#713) [54726f0]
• Bump golang.org/x/net from 0.17.0 to 0.19.0 (#711) [df97ecc]
• docs: fix HaveExactElement typo (#712) [a672c86]

Commits

• 4379951 v1.32.0
• a350b95 Maintain source backwards compatibility
• a6c8875 Fix failing test
• 436a197 Migrate github.com/golang/protobuf to google.golang.org/protobuf
• 32ef35e chore: test with Go 1.22 (#733)
• a0d0387 Bump golang.org/x/net from 0.19.0 to 0.20.0 (#717)
• b71e477 Bump github-pages and jekyll-feed in /docs (#732)
• f460154 docs: fix typo and broken anchor link to gstruct
• a2862e4 docs: fix HaveEach matcher signature
• 762b171 v1.31.1
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.7.0 to 1.8.0

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.0

✨ Features

• Support usage as plugin for tools like kubectl by @​nirs in spf13/cobra#2018 - this means that programs that utilize a "plugin-like" structure have much better support and usage (like for completions, command paths, etc.)
• Move documentation sources to site/content by @​umarcor in spf13/cobra#1428
• Add 'one required flag' group by @​marevers in spf13/cobra#1952 - this includes a new MarkFlagsOneRequired API for flags which can be used to mark a flag group as required and cause command failure if at least one is not used when invoked.
• Customizable error message prefix by @​5ouma in spf13/cobra#2023 - This adds the SetErrPrefix and ErrPrefix APIs on the Command struct to allow for setting a custom prefix for errors
• feat: add getters for flag completions by @​avirtopeanu-ionos in spf13/cobra#1943
• Feature: allow running persistent run hooks of all parents by @​vkhoroz in spf13/cobra#2044
• Improve API to get flag completion function by @​marckhouzam in spf13/cobra#2063

🐛 Bug fixes

• Fix typo in fish completions by @​twpayne in spf13/cobra#1945
• Fix grammar: 'allows to' by @​supertassu in spf13/cobra#1978
• powershell: escape variable with curly brackets by @​Luap99 in spf13/cobra#1960
• Don't complete --help flag when flag parsing disabled by @​marckhouzam in spf13/cobra#2061
• Replace all non-alphanumerics in active help env var program prefix by @​scop in spf13/cobra#1940

🔧 Maintenance

• build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 by @​dependabot in spf13/cobra#1971
• build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 by @​dependabot in spf13/cobra#1976
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot in spf13/cobra#2021
• build(deps): bump actions/setup-go from 3 to 4 by @​dependabot in spf13/cobra#1934
• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 by @​dependabot in spf13/cobra#2047
• build(deps): bump actions/checkout from 3 to 4 by @​dependabot in spf13/cobra#2028
• command: temporarily disable G602 due to securego/gosec#1005 by @​umarcor in spf13/cobra#2022

🧪 Testing & CI/CD

• test: make fish_completions_test more robust by @​branchvincent in spf13/cobra#1980
• golangci: enable 'unused' and disable deprecated replaced by it by @​umarcor in spf13/cobra#1983
• cleanup: minor corrections to unit tests by @​JunNishimura in spf13/cobra#2003
• ci: test golang 1.21 by @​nunoadrego in spf13/cobra#2024
• Fix linter errors by @​marckhouzam in spf13/cobra#2052
• Add tests for flag completion registration by @​marckhouzam in spf13/cobra#2053

✏️ Documentation

• doc: fix typo, Deperecated -> Deprecated by @​callthingsoff in spf13/cobra#2000
• Add notes to doc about the execution condition of *PreRun and *PostRun functions by @​haoming29 in spf13/cobra#2041

---

Thank you everyone who contributed to this release and all your hard work! Cobra and this community would never be possible without all of you!!!! 🐍

Full Changelog: spf13/cobra@v1.7.0...v1.8.0

Commits

• a0a6ae0 Improve API to get flag completion function (#2063)
• 890302a Support usage as plugin for tools like kubectl (#2018)
• 48cea5c build(deps): bump actions/checkout from 3 to 4 (#2028)
• 22953d8 Replace all non-alphanumerics in active help env var program prefix (#1940)
• 00b68a1 Add tests for flag completion registration (#2053)
• b711e87 Don't complete --help flag when flag parsing disabled (#2061)
• 8b1eba4 Fix linter errors (#2052)
• 4cafa37 Allow running persistent run hooks of all parents (#2044)
• 5c962a2 build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to 2.0.3 (#2047)
• efe8fa3 build(deps): bump actions/setup-go from 3 to 4 (#1934)
• Additional commits viewable in compare view

Updates github.com/spf13/viper from 1.16.0 to 1.18.2

Release notes

Sourced from github.com/spf13/viper's releases.

v1.18.2

tl;dr Skip 1.18.0 and 1.18.1 and upgrade to this version instead.

This release fixes a regression that appears in rare circumstances when using Unmarshal or UnmarshalExact to decode values onto pointers with multiple indirection (eg. pointer to a pointer, etc). The change was introduced in 1.18.0 as a means to resolve a long-standing bug when decoding environment variables to structs.

The feature is now disabled by default and can be enabled using the viper_bind_struct build tag. It's also considered experimental at this point, so breaking changes may be introduced in the future.

What's Changed

Bug Fixes 🐛

• feat!: hide struct binding behind a feature flag by @​sagikazarmark in spf13/viper#1715

Full Changelog: spf13/viper@v1.18.1...v1.18.2

v1.18.1

What's Changed

Bug Fixes 🐛

• Merge missing struct keys inside UnmarshalExact by @​krakowski in spf13/viper#1704

Full Changelog: spf13/viper@v1.18.0...v1.18.1

v1.18.0

Major changes

Highlighting some of the changes for better visibility.

Please share your feedback in the Discussion forum. Thanks! ❤️

AutomaticEnv works with Unmarshal

Previously, environment variables that weren't bound manually or had no defaults could not be mapped by Unmarshal. (The problem is explained in details in this issue: #761)

#1429 introduced a solution that solves that issue.

What's Changed

Enhancements 🚀

• chore: rename files according to enabled build tags by @​alexandear in spf13/viper#1642
• test: replace ifs with asserts to simplify tests by @​alexandear in spf13/viper#1656
• ci: enable test shuffle and fix tests by @​alexandear in spf13/viper#1643
• fix: gocritic lint issues by @​alexandear in spf13/viper#1696

Bug Fixes 🐛

• Implement viper.BindStruct for automatic unmarshalling from environment variables by @​krakowski in spf13/viper#1429
• fix isPathShadowedInFlatMap type cast bug by @​linuxsong in spf13/viper#1585

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 2.21.9 to 2.22.3 by @​dependabot in spf13/viper#1661
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in spf13/viper#1659

... (truncated)

Commits

• ab3a50c fix!: hide struct binding behind a feature flag
• 9154b90 build(deps): bump actions/setup-go from 4.1.0 to 5.0.0
• 08e4a00 build(deps): bump github/codeql-action from 2.22.8 to 2.22.9
• fb6eb1e fix: merge missing struct keys inside UnmarshalExact
• f5fcb4a chore: update crypt
• f736363 fix isPathShadowedInFlatMap type cast bug (#1585)
• 36a3868 Review changes
• f0c4ccd fix: gocritic lint issues
• 3a23b80 ci: enable test shuffle; fix tests
• 73dfb94 feat: make Unmarshal work with AutomaticEnv
• Additional commits viewable in compare view

Updates golang.org/x/term from 0.16.0 to 0.19.0

Commits

• 5b15d26 go.mod: update golang.org/x dependencies
• c5eaf76 go.mod: update golang.org/x dependencies
• 353276a go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates k8s.io/api from 0.29.2 to 0.29.4

Commits

• 379f6cd Update dependencies to v0.29.4 tag
• 448db12 Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• 8240278 [CVE-2023-45288] .*: bump x/net to v0.23.0
• b31b2fd sync: update go.mod
• f98a503 Merge pull request #123763 from liggitt/proto-1.29
• 1e39277 [CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...
• See full diff in compare view

Updates k8s.io/apiextensions-apiserver from 0.29.2 to 0.29.4

Commits

• 28317e8 Update dependencies to v0.29.4 tag
• ce4a37c Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• 15b1282 [CVE-2023-45288] .*: bump x/net to v0.23.0
• 400935e sync: update go.mod
• 4b0ba87 Merge pull request #123763 from liggitt/proto-1.29
• d499055 [CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...
• See full diff in compare view

Updates k8s.io/apimachinery from 0.29.2 to 0.29.4

Commits

• 2bbf530 Merge pull request #124172liggitt/automated-cherry-pick-of-#123598
• 3e7c65a Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• 06deedf [CVE-2023-45288] .*: bump x/net to v0.23.0
• d794766 Merge pull request #123763 from liggitt/proto-1.29
• 9b124b1 [CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...
• 801d824 Avoid logging binary junk for frame write failure
• See full diff in compare view

Updates k8s.io/apiserver from 0.29.2 to 0.29.4

Commits

• 245242e Update dependencies to v0.29.4 tag
• a4273cc Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• 661759c [CVE-2023-45288] .*: bump x/net to v0.23.0
• 8eca52c Merge pull request #123973 from serathius/consistent-watch-from-etcd-1.29
• d432100 Undo double run of the TestWatchSemantics test to avoid hitting timeout
• 0946a03 apiserver/storage/cacher: decrease the running time of tests in the cacher pa...
• 582da82 Serve watch without resourceVersion from cache and introduce a WatchFromStora...
• 21e0f5b Ensure that initial events are sorted for WatchList
• d49097b Merge pull request #123763 from liggitt/proto-1.29
• 1b4c9af Merge pull request #123693mengqiy/automated-cherry-pick-of-#123532
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.29.2 to 0.29.4

Commits

• 9f00f2c Update dependencies to v0.29.4 tag
• 1e7adee Merge pull request #124172liggitt/automated-cherry-pick-of-#123598
• 0058eee Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• f0be73d [CVE-2023-45288] .*: bump x/net to v0.23.0
• ca07432 sync: update go.mod
• 403b37f Merge pull request #123763 from liggitt/proto-1.29
• 92199ae [CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...
• cc21122 Keep streams from being set up after closeAllStreamReaders is called
• 8636987 Make websocket heartbeat test timing less flaky
• See full diff in compare view

Updates k8s.io/kubectl from 0.29.2 to 0.29.4

Commits

• 3cd8dff Update dependencies to v0.29.4 tag
• a30d557 Merge pull request #124180 from MadhavJivrajani/bump-x-net-2023-45288-129
• e49c5f9 [CVE-2023-45288] .*: bump x/net to v0.23.0
• 64b2531 sync: update go.mod
• e9d3b7c Merge pull request #123763 from liggitt/proto-1.29
• 1ca158d [CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...
• See full diff in compare view

Updates k8s.io/kubernetes from 1.29.2 to 1.29.4

Release notes

Sourced from k8s.io/kubernetes's releases.

Kubernetes v1.29.4

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.29.3

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Commits

• 55019c8 Release commit for Kubernetes v1.29.4
• a619ca3 Merge pull request #124327ritazh/automated-cherry-pick-of-#124322
• 34546f4 Add envFrom to serviceaccount admission plugin
• 3df26e3 Merge pull request #122682bmwiedemann/automated-cherry-pick-of-#121894
• b666aec Merge pull request #124197 from cpanato/update-go-1.29
• b635fd6 update debian-base to bookworm-v1.0.2
• 1fded9c [go] Bump images, dependencies and versions to go 1.21.9 and distroless iptab...
• 15d121d Merge pull request #124172liggitt/automated-cherry-pick-of-#123598
• bddce43 Merge pull request #124110benluddy/automated-cherry-pick-of-#123873
• c3e84fd Merge pull request #123624Jefftree/automated-cherry-pick-of-#123570
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependencies, go.

[dependabot]

Superseded by #141.