chore(deps): Bump the production-dependencies group across 1 directory with 36 updates

[dependabot]

Bumps the production-dependencies group with 25 updates in the / directory:

Package	From	To
github.com/tektoncd/pipeline	0.68.0	0.69.1
k8s.io/apimachinery	0.32.2	0.32.3
kubevirt.io/api	1.4.0	1.5.0
kubevirt.io/client-go	1.4.0	1.5.0
kubevirt.io/kubevirt	1.4.0	1.5.0
cel.dev/expr	0.21.2	0.22.1
github.com/cloudevents/sdk-go/v2	2.15.2	2.16.0
github.com/docker/cli	28.0.1+incompatible	28.0.4+incompatible
github.com/docker/docker-credential-helpers	0.9.1	0.9.3
github.com/go-openapi/jsonpointer	0.21.0	0.21.1
github.com/grpc-ecosystem/grpc-gateway/v2	2.26.1	2.26.3
github.com/k8snetworkplumbingwg/network-attachment-definition-client	1.7.5	1.7.6
github.com/opencontainers/image-spec	1.1.0	1.1.1
github.com/prometheus/client_golang	1.21.0	1.21.1
github.com/prometheus/common	0.62.0	0.63.0
github.com/prometheus/procfs	0.15.1	0.16.0
github.com/sigstore/sigstore	1.8.15	1.9.1
golang.org/x/crypto	0.35.0	0.36.0
golang.org/x/net	0.36.0	0.37.0
golang.org/x/oauth2	0.27.0	0.28.0
golang.org/x/time	0.10.0	0.11.0
golang.org/x/tools	0.30.0	0.31.0
gomodules.xyz/jsonpatch/v2	2.4.0	2.5.0
google.golang.org/api	0.223.0	0.228.0
sigs.k8s.io/structured-merge-diff/v4	4.5.0	4.6.0

Updates github.com/tektoncd/pipeline from 0.68.0 to 0.69.1

Release notes

Sourced from github.com/tektoncd/pipeline's releases.

Tekton Pipeline release v0.69.1 "Oriental Longhair Omnibot"

-Docs @ v0.69.1 -Examples @ v0.69.1

Installation one-liner

kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.69.1/release.yaml

Attestation

The Rekor UUID for this release is 108e9186e8c5677a76ee1ec9649527ab153790fc1b5385843dcb8c6522c3d9b0db77451a35b2068f

Obtain the attestation:

REKOR_UUID=108e9186e8c5677a76ee1ec9649527ab153790fc1b5385843dcb8c6522c3d9b0db77451a35b2068f
rekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .

Verify that all container images in the attestation are in the release file:

RELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.69.1/release.yaml
REKOR_UUID=108e9186e8c5677a76ee1ec9649527ab153790fc1b5385843dcb8c6522c3d9b0db77451a35b2068f
Obtains the list of images with sha from the attestation
REKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid "$REKOR_UUID" --format json | jq -r .Attestation | jq -r '.subject[]|.name + ":v0.69.1@sha256:" + .digest.sha256')
Download the release file
curl "$RELEASE_FILE" > release.yaml
For each image in the attestation, match it to the release file
for image in $REKOR_ATTESTATION_IMAGES; do
printf $image; grep -q $image release.yaml && echo " ===> ok" || echo " ===> no match";
done

Changes

Features

... (truncated)

Changelog

Sourced from github.com/tektoncd/pipeline's changelog.

Tekton Pipeline Releases

Release Frequency

Tekton Pipelines follows the Tekton community [release policy][release-policy] as follows:

• Versions are numbered according to semantic versioning: vX.Y.Z
• A new release is produced on a monthly basis
• Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
  • LTS releases take place in January, April, July and October every year
  • The first Tekton Pipelines LTS release will be v0.41.0 in October 2022
  • Releases happen towards the middle of the month, between the 13th and the 20th, depending on week-ends and readiness

Tekton Pipelines produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.41 Tekton Pipelines has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.37 and v0.40.

Release Process

Tekton Pipeline releases are made of YAML manifests and container images. Manifests are published to cloud object-storage as well as [GitHub][tekton-pipeline-releases]. Container images are signed by [Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be verified through the [public key][chains-public-key] hosted by the Tekton Chains project.

Further documentation available:

• The Tekton Pipeline [release process][tekton-releases-docs]
• [Installing Tekton][tekton-installation]
• Standard for [release notes][release-notes-standards]

Release

v0.69

• Latest Release: [v0.69.0][v0.69-0] (2025-01-30) ([docs][v0.69-0-docs], [examples][v0.69-0-examples])
• Initial Release: [v0.69.0][v0.69-0] (2025-03-07)
• End of Life: 2025-03-31
• Patch Releases: [v0.69.0][v0.69-0]

v0.68 (LTS)

... (truncated)

Commits

• 1122e76 fix: Fix remote task params default-value substitution
• 5b082b1 build(deps): bump k8s.io/client-go from 0.31.4 to 0.31.6
• 192317d build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0
• 1d2ea8b build(deps): bump k8s.io/code-generator from 0.31.4 to 0.31.6
• e32aef2 build(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/azure
• 81f8bf7 build(deps): bump the all group in /tekton with 2 updates
• 17f79a9 build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4
• c6449b7 build(deps): bump actions/cache from 4.2.1 to 4.2.2
• 339f421 build(deps): bump tj-actions/changed-files from 45.0.6 to 45.0.7
• 25a6227 add disable_spire build tag for entrypoint command
• Additional commits viewable in compare view

Updates k8s.io/apimachinery from 0.32.2 to 0.32.3

Commits

• See full diff in compare view

Updates knative.dev/pkg from 0.0.0-20240716082220-4355f0c73608 to 0.0.0-20250117084104-c43477f0052b

Commits

• See full diff in compare view

Updates kubevirt.io/api from 1.4.0 to 1.5.0

Commits

• 859a261 api update by KubeVirt Prow build 1900245809371287552
• 0dca60f api update by KubeVirt Prow build 1895107364684566528
• 2198c91 api update by KubeVirt Prow build 1891667863366799360
• 9f8aed4 api update by KubeVirt Prow build 1890088759584624640
• 3284bff api update by KubeVirt Prow build 1889911582771646464
• 8c60119 api update by KubeVirt Prow build 1889871871529193472
• 3bebbcd api update by KubeVirt Prow build 1889871832421502976
• f0b9a69 api update by KubeVirt Prow build 1889871898087526400
• 40f7e9f api update by KubeVirt Prow build 1888681897098219520
• 0bc9c59 api update by KubeVirt Prow build 1887322155939532800
• Additional commits viewable in compare view

Updates kubevirt.io/client-go from 1.4.0 to 1.5.0

Commits

• 4f31b6e client-go update by KubeVirt Prow build 1900245809371287552
• 57f7dd8 client-go update by KubeVirt Prow build 1900039639599681536
• bde2f8d client-go update by KubeVirt Prow build 1895107364684566528
• f1ccb05 client-go update by KubeVirt Prow build 1891667863366799360
• 519a23b client-go update by KubeVirt Prow build 1890088759584624640
• 29b24c1 client-go update by KubeVirt Prow build 1889911582771646464
• 149edb6 client-go update by KubeVirt Prow build 1889871871529193472
• fea84d6 client-go update by KubeVirt Prow build 1889871832421502976
• 0569aee client-go update by KubeVirt Prow build 1889871898087526400
• dc148cc client-go update by KubeVirt Prow build 1888681897098219520
• Additional commits viewable in compare view

Updates kubevirt.io/kubevirt from 1.4.0 to 1.5.0

Release notes

Sourced from kubevirt.io/kubevirt's releases.

v1.5.0

tag v1.5.0 Tagger: Vladik Romanovsky [email protected]

This release follows v1.4.0 and consists of 1475 changes, contributed by 66 people, leading to 1347 files changed, 60509 insertions(+), 35866 deletions(-). v1.5.0 is a promotion of release candidate v1.5.0-rc.2 which was originally published 2025-03-10 The source code and selected binaries are available for download at: https://github.com/kubevirt/kubevirt/releases/tag/v1.5.0.

The primary release artifact of KubeVirt is the git tree. The release tag is signed and can be verified using git tag -v v1.5.0.

Pre-built containers are published on Quay and can be viewed at: https://quay.io/kubevirt/.

Notable changes

• [PR #14200][kubevirt-bot] Fetch non-cluster instance type and preferences with namespace key
• [PR #14125][kubevirt-bot] Add entrypoint to the pr-helper for creating the symlink to the multipath socket
• [PR #13942][kubevirt-bot] Instance type and preference runtime data is now stored under Status.{Instancetype,Preference}Ref and is no longer mutated into the core VirtualMachine Spec`.
• [PR #13988][kubevirt-bot] Network interfaces state can be set to down or up in order to set the link state accordingly when VM is running. Hot plugging of interface in these states is also supported.
• [PR #13985][kubevirt-bot] Interrupted migrations will now be reconciled on next VM start.
• [PR #13936][kubevirt-bot] Updated common-instancetypes bundles to v1.3.0
• [PR #13871][0xFelix] By default the local SSH client on the machine running virtctl ssh is now used. The --local-ssh flag is now deprecated.
• [PR #11964][ShellyKa13] VMClone: Remove webhook that checks VM Source
• [PR #13918][0xFelix] type being optional in the syntax of virtctl port-forward/ssh/scp is now deprecated.
• [PR #13838][iholder101] Add the KeepValueUpdated() method to time-defined cache
• [PR #13857][ShellyKa13] VMSnapshot: allow creating snapshot when source doesnt exist yet
• [PR #13864][alromeros] Reject VM clone when source uses backend storage PVC
• [PR #13850][nirdothan] Network interfaces state can be set to down or up in order to set the link state accordingly.
• [PR #13803][ShellyKa13] BugFix: VMSnapshot: wait for volumes to be bound instead of skip
• [PR #13610][avlitman] Added kubevirt_vm_vnic_info and kubevirt_vmi_vnic_info metrics
• [PR #13642][0xFelix] VMs in a VMPool are able to receive individual configuration through individually indexed ConfigMaps and Secrets.
• [PR #12624][victortoso] Better handle unsupported volume type with Slic table
• [PR #13775][sbrivio-rh] This version of KubeVirt upgrades the passt package, providing user-mode networking, to match upstream version 2025_01_21.4f2c8e7.
• [PR #13717][alicefr] Refuse to volume migrate to legacy datavolumes using no-CSI storageclasses
• [PR #13208][davidvossel] Add VM reset functionality to virtctl and api
• [PR #13817][Barakmor1] The AutoResourceLimits feature gate is now deprecated with the feature state graduated to GA and thus enabled by default
• [PR #13756][germag] Live migration support for VMIs with (virtiofs) filesystem devices
• [PR #13497][tiraboschi] As an hardening measure (principle of least privilege), the right of creating, editing and deleting VirtualMachineInstanceMigrations are not anymore assigned by default to namespace admins.
• [PR #13777][0xFelix] virtctl: VMs/VMIs with dots in their name are now supported in virtctl portforward, ssh and scp.
• [PR #13713][akalenyu] Enhancement: Declare to libvirt upfront which filesystems are shared to allow migration on some NFS backed provisioners
• [PR #13535][machadovilaca] Collect resource requests and limits from VM instance type/preference
• [PR #13708][orelmisan] Network interfaces' link state will be reported for interfaces present in VMI spec
• [PR #13428][machadovilaca] Add kubevirt_vmi_migration_(start|end)_time_seconds metrics
• [PR #11266][jean-edouard] KubeVirt will no longer deploy a custom SELinux policy on worker nodes
• [PR #13423][machadovilaca] Add kubevirt_vmi_migration_data_total_bytes metric
• [PR #13699][brianmcarey] Build KubeVirt with go v1.23.4
• [PR #13711][ShellyKa13] VMSnapshot: honor StorageProfile snapshotClass when choosing volumesnapshotclass
• [PR #13667][arnongilboa] Set VM status indication if storage exceeds quota
• [PR #13288][alicefr] Graduation of VolumeUpdateStrategy and VolumeMigration feature gates

... (truncated)

Commits

• 522b44c Merge pull request #14138 from orelmisan/release-1.5-link-state-missing-assert
• dbf2050 Merge pull request #14076 from kubevirt-bot/cherry-pick-14049-to-release-1.5
• 25e005f net, e2e, link state: Add missing assertion
• 5f0d509 Merge pull request #14125 from kubevirt-bot/cherry-pick-14071-to-release-1.5
• 95dcd08 pr-helper: wrap pr-helper in starting script
• 251c731 pr-helper: add reservation_key option
• fbd5188 Merge pull request #14032 from kubevirt-bot/cherry-pick-13749-to-release-1.5
• 6666b39 featuregates: Graduate InstancetypeReferencePolicy to Beta
• fa24491 Merge pull request #14034 from kubevirt-bot/cherry-pick-13841-to-release-1.5
• 7a2120b Merge pull request #14027 from kubevirt-bot/cherry-pick-14012-to-release-1.5
• Additional commits viewable in compare view

Updates cel.dev/expr from 0.21.2 to 0.22.1

Release notes

Sourced from cel.dev/expr's releases.

Release v0.22.1

What's Changed

• Add a doc field on Function and update content advice by @​TristonianJones in google/cel-spec#446
• Upgrade the googleapis repo deps, remove switched_rules by @​TristonianJones in google/cel-spec#447
• Add a separate field for expressions under input bindings map by @​aakash070 in google/cel-spec#449
• Add java_lite messages to test_all_types messages by @​l46kok in google/cel-spec#450

Full Changelog: google/cel-spec@v0.22.0...v0.22.1

Release v0.22.0

What's Changed

• Add test_suite and test_config under conformance #441

New Contributors

• @​aakash070 made their first contribution in google/cel-spec#441

Full Changelog: google/cel-spec@v0.21.2...v0.22.0

Commits

• 6f8806d Add java_lite messages to test_all_types messages (#450)
• ae6fb0d Add a separate field for expressions under input bindings map (#449)
• 0ae0913 Upgrade the googleapis repo deps, remove switched_rules (#447)
• b0b1083 Add a doc field on Function and update content advice (#446)
• d564205 Add test_suite and test_config under conformance (#441)
• See full diff in compare view

Updates github.com/cloudevents/sdk-go/v2 from 2.15.2 to 2.16.0

Release notes

Sourced from github.com/cloudevents/sdk-go/v2's releases.

Release v2.16.0

✨ Features & Enhancements

• Confluent Kafka binding #988 by @​yanmxa
  Added a new Confluent Kafka protocol binding for CloudEvents, supporting modern Kafka client features.

• Producer report channel for Confluent Kafka #1031 by @​yanmxa
  Exposed a producer report channel via Events() to allow users to track delivery status of Kafka messages.

• Support structured content type suffixes #1007 by @​dan-j
  Improved content type handling by recognizing structured syntax suffixes like +json, increasing compatibility with various encodings.

• Default timeout via context #992 by @​nkreiger
  Introduced support for configuring protocol default timeouts using context.Context.

• Benchmarks for CESQL #1050 by @​Cali0707
  Added benchmark tests to measure CESQL query performance.

• Optimized CESQL LIKE matching #1049 by @​Cali0707
  Improved the performance of CESQL's LIKE pattern matching logic.

• Expose AddFunction API for CESQL Parser [#1047 / #1051] by @​dgeorgievski
  Enabled users to register custom functions in CESQL via the newly exposed AddFunction API.

• Flexible subject matching for NATS JetStream #1084 by @​evankanderson
  Added support for flexible subject pattern matching in NATS JetStream subscriptions.

• Add v3 version of NATS JetStream protocol #1095 by @​stephen-totty-hpe
  Introduced a new version of the NATS JetStream protocol (v3) with enhanced features and forward compatibility.

• Expose WithHost option #1070 by @​jaxtonw
  Added a configurable WithHost option for improved protocol initialization flexibility.

• Support dataref cloud event extension [[Dataref Extension #1018](https://redirect.github.com/Adding a simple dataref extension cloudevents/sdk-go#1018)] by @​matzew Implements the Dataref (Claim Check Pattern) as specified by the CloudEvent Extension Attributes spec.

---

🛠 Fixes

• Handle multiple AMQP data fields correctly #1034 by @​embano1
  Fixed parsing of AMQP messages containing multiple data fields to conform with spec expectations.

• Fix invalid ce- prefix in Confluent binding #1059 by @​embano1
  Corrected an issue where CloudEvents extensions were incorrectly prefixed in the Confluent Kafka binding.

• Fix LIKE expression error handling #1046 by @​Cali0707
  Prevented panics on malformed LIKE expressions in CESQL; now returns a parse error instead.

• Fix MQTT content-type issue #1063 by @​yanmxa

... (truncated)

Commits

• 6de37de Merge pull request #1139 from duglin/upgradeLint
• 25cdf94 upgrade-lint
• 240eb02 Merge pull request #1137 from duglin/fix-automerge
• 7b6701c fix automerge by giving better names
• d3e82a7 Merge pull request #1136 from cloudevents/dependabot/github_actions/golangci/...
• 00e3d7c chore(deps): Bump golangci/golangci-lint-action from 6.5.2 to 7.0.0
• 69cfc2d Merge pull request #1018 from matzew/add_dataref_extension
• 535da92 Adding a simple dataref extension, similar to the java sdk
• 74ac76d Merge pull request #1134 from cloudevents/dependabot/go_modules/observability...
• 6da042f chore: run go mod tidy
• Additional commits viewable in compare view

Updates github.com/docker/cli from 28.0.1+incompatible to 28.0.4+incompatible

Commits

• b8034c0 Merge pull request #5962 from thaJeztah/bump_docker_28.0.3
• 3e699a3 Merge pull request #5964 from vvoland/fix-auth-regressionq
• f596202 Revert "cli/command: remove uses of GetAuthConfigKey, ParseRepositoryInfo"
• ee2f787 cli/config: update link to current version
• d8432cd vendor: github.com/docker/docker v28.0.3
• 2b0631f Merge pull request #5941 from thaJeztah/TestUserTerminatedError_handle_errs
• 84828b0 Merge pull request #5960 from vvoland/vendor-docker
• b5ca7e8 vendor: github.com/docker/docker v28.0.3-dev (330857ad0ffb)
• cfaaeb0 Merge pull request #5957 from vvoland/stdout-trunc
• 5a8120c container/run: Fix TestRunAttachTermination
• Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.9.1 to 0.9.3

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.9.3

What's Changed

• osxkeychain: fix a bug that was preventing credentials created with v0.9.0+ to be retrieved with older versions in docker/docker-credential-helpers#367

Full Changelog: docker/docker-credential-helpers@v0.9.2...v0.9.3

v0.9.2

What's Changed

• osxkeychain: list: return full URIs (regression introduced in v0.9.0) in docker/docker-credential-helpers#364
• osxkeychain: list: fix malformed URIs when a ServerURL is stored with a port specified (introduced in v0.4.2) in docker/docker-credential-helpers#364
• go.mod: retract v0.9.1 in docker/docker-credential-helpers#363
• gha: add ubuntu 24.04, remove 20.04 in docker/docker-credential-helpers#366

Full Changelog: docker/docker-credential-helpers@v0.9.1...v0.9.2

Commits

• f9d3010 Merge pull request #367 from akerouanton/osxkeychain-set-atyp
• e7bd395 osxkeychain: store: add atyp attribute
• cfd6d21 Merge pull request #366 from thaJeztah/gha_bump_ubuntu
• ab29a6c gha: add ubuntu 24.04, remove 20.04
• 576efaa Merge pull request #363 from akerouanton/retract-v0.9.1
• 9d6cddd Merge pull request #364 from akerouanton/fix-regression-v0.9.0
• d8e34f8 osxkeychain: tests: uncleaned paths are preserved
• b1d5bf0 osxkeychain: list: return full server URIs
• 50b162c go.mod: retract v0.9.1
• See full diff in compare view

Updates github.com/go-openapi/jsonpointer from 0.21.0 to 0.21.1

Commits

• 6bb743a updated dependencies
• ba7dfd1 re-enacted dependabot auto-merge
• 381b78e fixed undue move of reflect declarations
• 31411a0 Relint
• 2bee274 Merge pull request #39 from go-openapi/dependabot/go_modules/github.com/stret...
• c1d9e8d Bump github.com/stretchr/testify from 1.9.0 to 1.10.0
• ad6963c Bump codecov/codecov-action in the development-dependencies group
• 6368b84 Bump golangci/golangci-lint-action in the development-dependencies group
• 5ef89de Bump golangci/golangci-lint-action in the development-dependencies group
• 026fa61 Bump the development-dependencies group with 1 update
• See full diff in compare view

Updates github.com/go-openapi/swag from 0.23.0 to 0.23.1

Commits

• 87317ee re-enacted dependabot auto-merge
• 223b27e Relint
• 06305b8 Bump github.com/mailru/easyjson in the other-dependencies group (#98)
• 4bc9026 Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#97)
• 06326a3 Bump codecov/codecov-action in the development-dependencies group
• 0640ba3 Bump golangci/golangci-lint-action in the development-dependencies group
• 3d6928a Bump golangci/golangci-lint-action in the development-dependencies group
• 10a3a2f Bump the development-dependencies group with 1 update
• See full diff in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.26.1 to 2.26.3

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.26.3

What's Changed

• docs(install-guide): update Go 1.24 tool directive usage by @​WwhdsOne in grpc-ecosystem/grpc-gateway#5298
• mod: downgrade to Go 1.23 by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#5313

New Contributors

• @​WwhdsOne made their first contribution in grpc-ecosystem/grpc-gateway#5298

Full Changelog: grpc-ecosystem/grpc-gateway@v2.26.2...v2.26.3

v2.26.2

What's Changed

• Fix slow test startup by @​paskozdilar in grpc-ecosystem/grpc-gateway#5245
• Drain req.body on server stream methods with no body defined by @​paskozdilar in grpc-ecosystem/grpc-gateway#5240
• Update go version by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#5265
• Remove noisy error log by @​ccampo133 in grpc-ecosystem/grpc-gateway#5268
• Revert #4819 by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#5303

New Contributors

• @​paskozdilar made their first contribution in grpc-ecosystem/grpc-gateway#5245
• @​ccampo133 made their first contribution in grpc-ecosystem/grpc-gateway#5268

Full Changelog: grpc-ecosystem/grpc-gateway@v2.26.1...v2.26.2

Commits

• e80a2e5 mod: downgrade to Go 1.23 (#5313)
• 72466fe chore(deps): update googleapis digest to 0c50144 (#5314)
• a337874 chore(deps): update googleapis digest to 938783f (#5311)
• 22bb6bf chore(deps): update googleapis digest to d51753b (#5310)
• 470a32d docs(install-guide): update Go 1.24 tool directive usage (#5298)
• d9141b9 chore(deps): update googleapis digest to 05f571e (#5307)
• e70c53c Update gorelease base
• 641f83f chore(deps): update googleapis digest to c414002 (#5305)
• 260ccbd Revert "feat: expose invalid argument error to clients in bidirectional strea...
• c18bc4e fix(deps): update google.golang.org/genproto/googleapis/rpc digest to a0af3ef...
• Additional commits viewable in compare view

Updates github.com/k8snetworkplumbingwg/network-attachment-definition-client from 1.7.5 to 1.7.6

Release notes

Sourced from github.com/k8snetworkplumbingwg/network-attachment-definition-client's releases.

v1.7.6

This release fixes a regression affecting CNI plugins that do not specify interfaces in their CNI ADD result.

Previously, IP addresses returned without an associated interface index were not being assigned to any network-status entry. This release restores the prior behavior by assigning such IPs to the last network status (i.e., the last sandboxed interface), ensuring consistent handling across plugins, especially those that omit the interfaces field entirely.

This change is important for compatibility with certain CNI plugins and maintains expected behavior from earlier versions of the net-attach-def library.

Special thanks to @​Brian-McM for identifying the issue and providing the fix!

Commits

• e12bd55 Merge pull request #77 from Brian-McM/assign-ips-with-no-interface-to-default...
• 77dfd49 Update pkg/utils/net-attach-def_test.go
• 1945b69 Assign IPs that don't have an interface index to the last network status
• See full diff in compare view

Updates github.com/opencontainers/image-spec from 1.1.0 to 1.1.1

Release notes

Sourced from github.com/opencontainers/image-spec's releases.

v1.1.1

Vote Passed [+5 -0 nv1] - https://groups.google.com/a/opencontainers.org/g/dev/c/T-olx0jdT18 Release PR : opencontainers/image-spec#1247 Full Changelog: opencontainers/image-spec@v1.1.0...v1.1.1

Commits

• 147f9c1 Release v1.1.1
• fbb4662 Merge pull request #1238 from mkenigs/wording-nit
• 81e457e Fix grammar nit
• 92353b0 Merge pull request #1225 from sudo-bmitch/pr-doc-go-version
• 1a0b9f9 Merge pull request #1230 from sudo-bmitch/pr-layout-extensibility
• f272635 Merge pull request #1228 from sudo-bmitch/pr-mixed-digest-algo
• e0462ab Merge pull request #1229 from tianon/setup-go
• cf536e3 Merge pull request #1227 from sudo-bmitch/pr-rm-project-doc
• 60acaac Document extensibility of the image layout
• 4dcf962 Document Go version policy
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.21.0 to 1.21.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.21.1 / 2025-03-04

This release addresses a performance regression introduced in #1661 -- thanks to all who reported this quickly: @​chlunde, @​dethi, @​aaronbee @​tsuna @​kakkoyun 💪🏽. This patch release also fixes the iOS build.

We will be hardening the release process even further (#1759, #1761) to prevent this in future, sorry for the inconvenience!

The high concurrency optimization is planned to be eventually reintroduced, however in a much safer manner, potentially in a separate API.

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low concurrency cases #1757
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags. #1758

• Revert "exponential backoff for CAS operations on floats" and cut 1.21.1 by @​bwplotka in prometheus/client_golang#1757
• Fix ios build for 1.21.1 by @​bwplotka in prometheus/client_golang#1758

Full Changelog: prometheus/client_golang@v1.21.0...v1.21.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.21.1 / 2025-03-04

• [BUGFIX] prometheus: Revert of Inc, Add and Observe cumulative metric CAS optimizations (#1661), causing regressions on low contention cases.
• [BUGFIX] prometheus: Fix GOOS=ios build, broken due to process_collector_* wrong build tags.

Commits

• 8a42da3 Fix ios build. (#1758)
• 40c62f7 Merge pull request #1757 from prometheus/revert-121cas
• 689f590 Cut 1.21.1
• 9e567a7 Revert "Add: exponential backoff for CAS operations on floats (#1661)"
• See full diff in compare view

Updates github.com/prometheus/common from 0.62.0 to 0.63.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.63.0

What's Changed

• Making the map a public variable for promtheus-operator by @​dongjiang1989 in prometheus/common#741
• setup ossf scorecard and codeql workflows by @​mmorel-35 in prometheus/common#564
• feat(promslog): implement reserved keys, rename duplicates by @​tjhop in prometheus/common#746
• Bump golang.org/x/oauth2 from 0.24.0 to 0.25.0 by @​dependabot in prometheus/common#750
• Bump golang.org/x/net from 0.33.0 to 0.34.0 by @​dependabot in prometheus/common#749
• Bump google.golang.org/protobuf from 1.36.1 to 1.36.3 by @​dependabot in prometheus/common#751
• promslog: Make AllowedLevel concurrency safe. by @​bwplotka in prometheus/common#754
• Fix typo 'the an' by @​petern48 in prometheus/common#752
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#757
• build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @​dependabot in prometheus/common#756
• build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @​dependabot in prometheus/common#761
• build(deps): bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @​dependabot in prometheus/common#763
• build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 by @​dependabot in prometheus/common#762
• model: Clarify the purpose of model.NameValidationScheme by

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign ksimon1 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/unit-tests	a81ce2f	link	true	/test unit-tests
ci/prow/e2e-tests	a81ce2f	link	true	/test e2e-tests
ci/prow/images	a81ce2f	link	true	/test images

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.