🌱 Bump the all-go-mod-patch-and-minor group across 1 directory with 6 updates

[dependabot]

Bumps the all-go-mod-patch-and-minor group with 5 updates in the / directory:

Package	From	To
github.com/jarcoal/httpmock	1.4.0	1.4.1
github.com/onsi/ginkgo/v2	2.23.4	2.25.1
github.com/onsi/gomega	1.38.0	1.38.1
sigs.k8s.io/cluster-api	1.8.12	1.11.0
sigs.k8s.io/cluster-api/test	1.8.12	1.11.0

Updates github.com/jarcoal/httpmock from 1.4.0 to 1.4.1

Release notes

Sourced from github.com/jarcoal/httpmock's releases.

v1.4.1

What's Changed

• test: also test with go v1.25 and use golangci-lint v2.4.0 by @​maxatome in jarcoal/httpmock#164
• Avoid data race when closing body by @​DavyJohnes in jarcoal/httpmock#165

New Contributors

• @​DavyJohnes made his first contribution in jarcoal/httpmock#165

Full Changelog: jarcoal/httpmock@v1.4.0...v1.4.1

Commits

• 314d58a fix: protect all body-related methods with mutext
• e482896 fix: avoid data race when closing body
• c977145 test: also test with go v1.25 and use golangci-lint v2.4.0
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.23.4 to 2.25.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.25.1

2.25.1

Fixes

• fix(types): ignore nameless nodes on FullText() [10866d3]
• chore: fix some CodeQL warnings [2e42cff]

v2.25.0

2.25.0

AroundNode

This release introduces a new decorator to support more complex spec setup usecases.

AroundNode registers a function that runs before each individual node. This is considered a more advanced decorator.

Please read the docs for more information and some examples.

Allowed signatures:

• AroundNode(func()) - func will be called before the node is run.
• AroundNode(func(ctx context.Context) context.Context) - func can wrap the passed in context and return a new one which will be passed on to the node.
• AroundNode(func(ctx context.Context, body func(ctx context.Context))) - ctx is the context for the node and body is a function that must be called to run the node. This gives you complete control over what runs before and after the node.

Multiple AroundNode decorators can be applied to a single node and they will run in the order they are applied.

Unlike setup nodes like BeforeEach and DeferCleanup, AroundNode is guaranteed to run in the same goroutine as the decorated node. This is necessary when working with lower-level libraries that must run on a single thread (you can call runtime.LockOSThread() in the AroundNode to ensure that the node runs on a single thread).

Since AroundNode allows you to modify the context you can also use AroundNode to implement shared setup that attaches values to the context.

If applied to a container, AroundNode will run before every node in the container. Including setup nodes like BeforeEach and DeferCleanup.

AroundNode can also be applied to RunSpecs to run before every node in the suite. This opens up new mechanisms for instrumenting individual nodes across an entire suite.

v2.24.0

2.24.0

Features

Specs can now be decorated with (e.g.) SemVerConstraint("2.1.0") and ginkgo --sem-ver-filter="2.1.1" will only run constrained specs that match the requested version. Learn more in the docs here! Thanks to @​Icarus9913 for the PR.

Fixes

• remove -o from run command [3f5d379]. fixes #1582

Maintenance

Numerous dependency bumps and documentation fixes

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.25.1

Fixes

• fix(types): ignore nameless nodes on FullText() [10866d3]
• chore: fix some CodeQL warnings [2e42cff]

2.25.0

AroundNode

This release introduces a new decorator to support more complex spec setup usecases.

AroundNode registers a function that runs before each individual node. This is considered a more advanced decorator.

Please read the docs for more information and some examples.

Allowed signatures:

• AroundNode(func()) - func will be called before the node is run.
• AroundNode(func(ctx context.Context) context.Context) - func can wrap the passed in context and return a new one which will be passed on to the node.
• AroundNode(func(ctx context.Context, body func(ctx context.Context))) - ctx is the context for the node and body is a function that must be called to run the node. This gives you complete control over what runs before and after the node.

Multiple AroundNode decorators can be applied to a single node and they will run in the order they are applied.

Unlike setup nodes like BeforeEach and DeferCleanup, AroundNode is guaranteed to run in the same goroutine as the decorated node. This is necessary when working with lower-level libraries that must run on a single thread (you can call runtime.LockOSThread() in the AroundNode to ensure that the node runs on a single thread).

Since AroundNode allows you to modify the context you can also use AroundNode to implement shared setup that attaches values to the context.

If applied to a container, AroundNode will run before every node in the container. Including setup nodes like BeforeEach and DeferCleanup.

AroundNode can also be applied to RunSpecs to run before every node in the suite. This opens up new mechanisms for instrumenting individual nodes across an entire suite.

2.24.0

Features

Specs can now be decorated with (e.g.) SemVerConstraint("2.1.0") and ginkgo --sem-ver-filter="2.1.1" will only run constrained specs that match the requested version. Learn more in the docs here! Thanks to @​Icarus9913 for the PR.

Fixes

• remove -o from run command [3f5d379]. fixes #1582

Maintenance

Numerous dependency bumps and documentation fixes

Commits

• 1ec9114 v2.25.1
• 2e42cff chore: fix some CodeQL warnings
• 10866d3 fix(types): ignore nameless nodes on FullText()
• fcc0e74 v2.25.0
• 79e35c9 tidy up docs
• 6fef07c Document AroundNode
• 665e7ba AroundNode supports simpler signatures too
• d41f01e AroundNode - preview
• 3d9dae2 v2.24.0
• 3f5d379 remove -o from run command
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.0 to 1.38.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.38.1

1.38.1

Fixes

Numerous minor fixes and dependency bumps

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.38.1

Fixes

Numerous minor fixes and dependency bumps

Commits

• c36e89a v1.38.1
• 92eaa57 go mod tidy
• b9ed3cd deprecate CompileTest*
• 2a5bf77 fix invalid fmt.Errorf
• 3e9e385 bump ginkgo
• 7f37abe Replace gopkg.in/yaml.v3 with go.yaml.in/yaml/v3
• 69e4761 fix(async_assertion): use correct error in errors.As
• 95737c0 Bump golang.org/x/net from 0.41.0 to 0.43.0 (#856)
• 91b20ea chore: fix Go vet issue with Go 1.15
• 6823587 Bump nokogiri from 1.18.8 to 1.18.9 in /docs (#854)
• Additional commits viewable in compare view

Updates sigs.k8s.io/cluster-api from 1.8.12 to 1.11.0

Release notes

Sourced from sigs.k8s.io/cluster-api's releases.

v1.11.0

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.33.x
• Workload Cluster: v1.28.x -> v1.33.x

More information about version support can be found here

Highlights

• Bumped to Go 1.24, controller-runtime v0.21, k8s.io/* v0.33, controller-gen v0.18 (also moved to sigs.k8s.io/randfill) (#12191)
• v1beta2 API version has been introduced and considering the awesome amount of improvements it marks an important step in the journey towards graduating our API to v1.
  • Accordingly there is now a new v1beta2 version of our contract for providers.
  • Improve status:
    • The transition to the new K8s aligned conditions using metav1.Conditions types and the new condition semantic has been completed.
    • Replica counters are now consistent with new conditions and across all resources; new replica counters have been added at cluster level.
    • Semantic of contract fields in status have been improved and are now consistent across all resources.
    • The confusing FailureReason and FailureMessage fields have been dropped.
  • Support CC across namespaces: API changes planned for this feature have been implemented.
  • Improve object references:
    • Unnecessary fields have been dropped from object reference.
    • Object references are now GitOps friendly (API version is not overwritten anymore by controllers).
  • KubeadmConfig and KubeadmControlPlane APIs have been aligned with kubeadm v1beta4 API.
    • Additionally, fields inferred from top level objects have been removed, thus getting rid of a common source of confusion/issues.
• Compliance with K8s API guidelines:
  • Thanks to the adoption of the KAL linter compliance with K8s API guidelines has been greatly improved.
  • All Duration fields are now represented as *int32 fields with units being part of the field name.
  • All bool fields have been changed to *bool to preserve user intent.
  • Extensive work has been done to ensure required and optional is explicitly set in the API, and that both serialization and validation works accordingly:
    • Stop rendering empty structs (review of all occurrences of omitempty and introduction of omitzero)
    • Do not allow "" when it is not semantically different from value not set (either you have to provide a non-empty string value or not set the field at all).
    • Do not allow 0 when it is not semantically different from value not set (either you have to provide a non-0 int value or not set the field at all).
    • Do not allow {} when it is not semantically different from value not set (either you have to set at least one property in the object or not set the field at all).
    • Do not allow [] when it is not semantically different from value not set (either you have to set at least one item in the list or not set the field at all).
    • Ensure validation for all enum types.
  • Missing list markers have been added for SSA.
  • Drop unnecessary pointers:
    • After fixing required and optional according to K8s API guidelines, extensive work has been done to drop unnecessary pointers thus improving the usability of the API's Go structs.
  • Avoid embedding structs: Coupling between API types has been reduced by reducing the usage of embedded structs.
  • Extensive work has been done to improve consistency across all resources, e.g.:
    • Fields for Machine deletion are under a new deletion struct in all resources.
    • Settings about rollout have been logically grouped in all resources.
    • Settings about health checks and remediation have been logically grouped in all resources.
  • Missing validations have been added where required.
  • Tech debt has been reduced by dropping deprecated fields.

• ClusterClass: Fix continuous reconciles because of apiVersion differences in Cluster topology controller (#12341)

... (truncated)

Commits

• 2590bbf Merge pull request #12639 from k8s-infra-cherrypick-robot/cherry-pick-12636-t...
• 3635fb3 Bump corefile-migration to v1.0.27
• 0a2d8df Merge pull request #12632 from k8s-infra-cherrypick-robot/cherry-pick-12616-t...
• 47f6416 Merge pull request #12633 from k8s-infra-cherrypick-robot/cherry-pick-12617-t...
• 54ee772 Fix flaky TestReconcileState unit test
• 64d0225 Fix flaky TestReconcileMachinePhases unit test
• 9519623 Merge pull request #12631 from k8s-infra-cherrypick-robot/cherry-pick-12619-t...
• 49c496b Stop using unsafe for EnvVar conversion
• 038a9da Merge pull request #12630 from k8s-infra-cherrypick-robot/cherry-pick-12618-t...
• c685cf2 Fix flaky TestFuzzyConversion (Cluster) test
• Additional commits viewable in compare view

Updates sigs.k8s.io/cluster-api/test from 1.8.12 to 1.11.0

Release notes

Sourced from sigs.k8s.io/cluster-api/test's releases.

v1.11.0

👌 Kubernetes version support

• Management Cluster: v1.30.x -> v1.33.x
• Workload Cluster: v1.28.x -> v1.33.x

More information about version support can be found here

Highlights

• Bumped to Go 1.24, controller-runtime v0.21, k8s.io/* v0.33, controller-gen v0.18 (also moved to sigs.k8s.io/randfill) (#12191)
• v1beta2 API version has been introduced and considering the awesome amount of improvements it marks an important step in the journey towards graduating our API to v1.
  • Accordingly there is now a new v1beta2 version of our contract for providers.
  • Improve status:
    • The transition to the new K8s aligned conditions using metav1.Conditions types and the new condition semantic has been completed.
    • Replica counters are now consistent with new conditions and across all resources; new replica counters have been added at cluster level.
    • Semantic of contract fields in status have been improved and are now consistent across all resources.
    • The confusing FailureReason and FailureMessage fields have been dropped.
  • Support CC across namespaces: API changes planned for this feature have been implemented.
  • Improve object references:
    • Unnecessary fields have been dropped from object reference.
    • Object references are now GitOps friendly (API version is not overwritten anymore by controllers).
  • KubeadmConfig and KubeadmControlPlane APIs have been aligned with kubeadm v1beta4 API.
    • Additionally, fields inferred from top level objects have been removed, thus getting rid of a common source of confusion/issues.
• Compliance with K8s API guidelines:
  • Thanks to the adoption of the KAL linter compliance with K8s API guidelines has been greatly improved.
  • All Duration fields are now represented as *int32 fields with units being part of the field name.
  • All bool fields have been changed to *bool to preserve user intent.
  • Extensive work has been done to ensure required and optional is explicitly set in the API, and that both serialization and validation works accordingly:
    • Stop rendering empty structs (review of all occurrences of omitempty and introduction of omitzero)
    • Do not allow "" when it is not semantically different from value not set (either you have to provide a non-empty string value or not set the field at all).
    • Do not allow 0 when it is not semantically different from value not set (either you have to provide a non-0 int value or not set the field at all).
    • Do not allow {} when it is not semantically different from value not set (either you have to set at least one property in the object or not set the field at all).
    • Do not allow [] when it is not semantically different from value not set (either you have to set at least one item in the list or not set the field at all).
    • Ensure validation for all enum types.
  • Missing list markers have been added for SSA.
  • Drop unnecessary pointers:
    • After fixing required and optional according to K8s API guidelines, extensive work has been done to drop unnecessary pointers thus improving the usability of the API's Go structs.
  • Avoid embedding structs: Coupling between API types has been reduced by reducing the usage of embedded structs.
  • Extensive work has been done to improve consistency across all resources, e.g.:
    • Fields for Machine deletion are under a new deletion struct in all resources.
    • Settings about rollout have been logically grouped in all resources.
    • Settings about health checks and remediation have been logically grouped in all resources.
  • Missing validations have been added where required.
  • Tech debt has been reduced by dropping deprecated fields.

• ClusterClass: Fix continuous reconciles because of apiVersion differences in Cluster topology controller (#12341)

... (truncated)

Commits

• 2590bbf Merge pull request #12639 from k8s-infra-cherrypick-robot/cherry-pick-12636-t...
• 3635fb3 Bump corefile-migration to v1.0.27
• 0a2d8df Merge pull request #12632 from k8s-infra-cherrypick-robot/cherry-pick-12616-t...
• 47f6416 Merge pull request #12633 from k8s-infra-cherrypick-robot/cherry-pick-12617-t...
• 54ee772 Fix flaky TestReconcileState unit test
• 64d0225 Fix flaky TestReconcileMachinePhases unit test
• 9519623 Merge pull request #12631 from k8s-infra-cherrypick-robot/cherry-pick-12619-t...
• 49c496b Stop using unsafe for EnvVar conversion
• 038a9da Merge pull request #12630 from k8s-infra-cherrypick-robot/cherry-pick-12618-t...
• c685cf2 Fix flaky TestFuzzyConversion (Cluster) test
• Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.18.7 to 0.21.0

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.21.0

Highlights

• Bump to Kubernetes v1.33 libraries
• Improvements for priority queue (#2374)
• envtest now has an option to download envtest binaries (can be used to replace setup-envtest depending on use case)
• Metric improvements: native histograms, all Go runtime metrics are enabled now
• Various bug fixes
• New reviewers: @​troy0820, @​JoelSpeed!!

⚠️ Breaking Changes

• Bump to k8s.io/* v0.33.0 and Go 1.24 (#3104 #3142 #3161 #3204 #3215)
• config: Stop enabling client-side ratelimiter by default (#3119)
  • Previous behavior can be preserved by setting QPS 20 and Burst 30 on the rest.Config
• controller: NewUnmanaged/NewTypedUnmanaged: Stop requiring a manager (#3141)
• reconcile: Deprecate Result.Requeue (#3107)

✨ New Features

• controller: priority queue:
  • Add debug logging for the state of the priority queue (#3075)
  • Add priority label to queue depth metric (#3156)
  • Leverage IsInInitialList (#3162)
  • Remove redundant WithLowPriorityWhenUnchanged in builder (#3168)
  • Retain the priority after Reconcile (#3167)
  • Set priority automatically in handlers (#3111 #3152 #3160 #3174)
• envtest: Add Environment.KubeConfig field (#2278)
• envtest: Add option to download envtest binaries (#3135 #3137)
• events: Add IsInInitialList to TypedCreateEvent (#3162)
• log/zap: Enable panic log level (#3186)
• logging: Adopt WarningHandlerWithContext (#3176)
• logging: Improve logging by adopting contextual logging (#3149)
• metrics: Adopt native histograms (#3165)
• metrics: Expose all Go runtime metrics (#3070)

🐛 Bug Fixes

• apiutil: restmapper: Respect preferred version (#3151)
• builder: webhook: Fix custom path for webhook conflicts (#3102)
• cache: Clone maps to prevent data races when concurrently creating caches using the same options (#3078)
• cache: Stop accumulating lists in multi-namespace cache implementation (#3195)
• cache: List out of global cache when present and necessary (#3126)
• client: Return error if pagination is used with the cached client (#3134)
• controller: Support WaitForSync in TypedSyncingSource (#3084)
• controller: priority queue: Fix behavior of rate limit option in priorityqueue.AddWithOpts (#3103)
• controller: priority queue: Yet another queue_depth metric fix (#3085)
• controllerutil: CreateOrUpdate: Avoid panic when the MutateFn is nil (#2828)
• envtest: Fix nil pointer exception in Stop() (#3153)
• fake client: Fix data races when writing to the scheme (#3143)

... (truncated)

Commits

• 71f7db5 Merge pull request #3225 from troy0820/troy0820/prepare-for-0.21-release
• 52d8779 update README with go version
• ab37f74 Merge pull request #3223 from troy0820/troy0820/return-warnings-on-webhooks
• 250a88f return warnings on webhooks
• 85ee7a9 Merge pull request #3217 from kubernetes-sigs/dependabot/github_actions/all-g...
• 81f1fae 🌱 Bump the all-github-actions group across 1 directory with 3 updates
• d9a2274 Merge pull request #3187 from dongjiang1989/update-golangci-lint-v2
• 9c38211 update golangci-lint to v2
• 9b5f6a7 Merge pull request #3208 from troy0820/troy0820/api-machinery-marshal
• b3278df use sigs.k8s.io/json to unmarshal in fakeclient
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.