chore(deps): bump the go group with 12 updates

[dependabot]

Bumps the go group with 12 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.32.6	1.32.7
github.com/aws/aws-sdk-go-v2/config	1.28.6	1.28.7
github.com/aws/aws-sdk-go-v2/credentials	1.17.47	1.17.48
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.17.43	1.17.44
github.com/aws/aws-sdk-go-v2/service/ecr	1.36.7	1.36.8
github.com/aws/aws-sdk-go-v2/service/s3	1.71.0	1.71.1
github.com/docker/cli	27.4.0+incompatible	27.4.1+incompatible
github.com/docker/docker	27.4.0+incompatible	27.4.1+incompatible
github.com/mittwald/go-helm-client	0.12.15	0.12.16
github.com/onsi/ginkgo/v2	2.22.0	2.22.1
golang.org/x/net	0.32.0	0.33.0
helm.sh/helm/v3	3.16.3	3.16.4

Updates github.com/aws/aws-sdk-go-v2 from 1.32.6 to 1.32.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.6 to 1.28.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.47 to 1.17.48

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.43 to 1.17.44

Commits

• 2f70834 Release 2024-11-07
• ef9a3c3 Regenerated Clients
• c054fe7 Update endpoints model
• b68675c Update API model
• 1d989f3 send opt-in query-compatible header where applicable (#2891)
• 5d0eb23 Merge pull request #2889 from aws/customize-identity-store-exception-message
• a39caf3 adding new line and inline comments
• 2ae3246 refactor logic to use switch case
• 7c4bde0 add changelog
• f01c284 regenerating clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.36.7 to 1.36.8

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.71.0 to 1.71.1

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.4.0+incompatible to 27.4.1+incompatible

Commits

• b9d17ea Merge pull request #5700 from thaJeztah/27.x_backport_remove_use_of_netfilter...
• a08a120 cli/command/system: remove BridgeNfIptables, BridgeNfIp6tables in tests
• 4870b3d Merge pull request #5699 from thaJeztah/27.x_backport_remove_system_isabs
• d3b59fb cli/command/container: use local copy of pkg/system.IsAbs
• ac40240 Merge pull request #5685 from thaJeztah/27.x_backport_bump_xx
• 3fa9480 Merge pull request #5690 from thaJeztah/27.x_backport_bump_gomd2man
• fce7c04 Merge pull request #5692 from thaJeztah/27.x_backport_remove_netfilter_warnings
• 70815c1 cli/command/system: remove netfilter warnings from tests
• 12d98b0 update go-md2man to v2.0.5
• f9783ec update xx to v1.6.1 for compatibility with alpine 3.21
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.0+incompatible to 27.4.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.1

27.4.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.1 milestone
• moby/moby, 27.4.1 milestone

Bug fixes and enhancements

• Fix excessive memory allocations when OTel is not configured. moby/moby#49079
• The docker info command and the corresponding GET /info API endpoint no longer include warnings when bridge-nf-call-iptables or bridge-nf-call-ip6tables are disabled at the daemon is started. The br_netfilter kernel module is now attempted to be loaded when needed, which made those warnings inaccurate. moby/moby#49090
• Attempt to load kernel modules, including ip6_tables and br_netfilter when required, using a method that is likely to succeed inside a Docker-in-Docker container. moby/moby#49043
• Fix a bug that could result in an iptables DOCKER FILTER chain not being cleaned up on failure. moby/moby#49110

Deprecations

• pkg/system: Deprecate Lstat(), Mkdev(), Mknod(), FromStatT() and Stat() functions, and related StatT types. These were only used internally, and will be removed in the next release. moby/moby#49100
• libnetwork/iptables: Deprecate IPV, Iptables and IP6Tables types in favor of IPVersion, IPv4, and IPv6. This type and consts will be removed in the next release. moby/moby#49093
• libnetwork/iptables: Deprecate Passthrough. This function was only used internally, and will be removed in the next release. moby/moby#49119

Packaging updates

• Update Compose to v2.32.1. docker/docker-ce-packaging#1130
• Update Buildx to v0.19.3. docker/docker-ce-packaging#1132
• Update runc to v1.2.3 (static packages only). moby/moby#49085

Commits

• c710b88 Merge pull request #49119 from thaJeztah/27.x_backport_libnetwork_deprecate_P...
• eda0a20 libnetwork/iptables: deprecate Passthrough
• b51622d libnet/iptables: deprecate type IPV
• 829ac83 Merge pull request #49104 from thaJeztah/27.x_backport_update_swagger_headers
• bd7da11 Merge pull request #49110 from thaJeztah/27.x_backport_fix_setupIPChains_defer
• 135b144 Merge pull request #49105 from thaJeztah/27.x_backport_testing-suse-apparmor
• 08de719 libnetwork/drivers/bridge: setupIPChains: fix defer checking wrong err
• 2a62319 Merge pull request #49100 from thaJeztah/27.x_backport_deprecate_pkg_system
• 6855ca1 integration-cli: don't skip AppArmor tests on SLES
• 224b305 docs/api: document correct case for Api-Version header
• Additional commits viewable in compare view

Updates github.com/mittwald/go-helm-client from 0.12.15 to 0.12.16

Release notes

Sourced from github.com/mittwald/go-helm-client's releases.

v0.12.16

What's Changed

• bump helm and k8s deps to latest stable releases by @​tariq1890 in mittwald/go-helm-client#224

Full Changelog: mittwald/go-helm-client@v0.12.15...v0.12.16

Commits

• 534c33c Merge pull request #224 from tariq1890/bump-helm-k8s
• def3674 bump helm and k8s deps to latest stable releases
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.22.0 to 2.22.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.22.1

2.22.1

Fixes

Fix CSV encoding

• Update tests [aab3da6]
• Properly encode CSV rows [c09df39]
• Add test case for proper csv escaping [96a80fc]
• Add meta-test [43dad69]

Maintenance

• ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
• remove golang.org/x/net/context in favour of stdlib context [4df44bf]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.22.1

Fixes

Fix CSV encoding

• Update tests [aab3da6]
• Properly encode CSV rows [c09df39]
• Add test case for proper csv escaping [96a80fc]
• Add meta-test [43dad69]

Maintenance

• ensure *.test files are gitignored so we don't accidentally commit compiled tests again [c88c634]
• remove golang.org/x/net/context in favour of stdlib context [4df44bf]

Commits

• a0190b7 v2.22.1
• 4df44bf remove golang.org/x/net/context in favour of stdlib context
• c88c634 ensure *.test files are gitignored so we don't accidentally commit compiled t...
• aab3da6 Update tests
• c09df39 Properly encode CSV rows
• 96a80fc Add test case for proper csv escaping
• 43dad69 Add meta-test
• See full diff in compare view

Updates golang.org/x/net from 0.32.0 to 0.33.0

Commits

• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• 552d8ac Revert "route: change from syscall to x/sys/unix"
• 13a7c01 Revert "route: remove unused sizeof* consts on freebsd"
• See full diff in compare view

Updates helm.sh/helm/v3 from 3.16.3 to 3.16.4

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.16.4 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.4. The common platform binaries are here:

• MacOS amd64 (checksum / 8dc25671120a4af197afe7ad9041fb8e1dd71bc01e5ef73dba1139cbc9e9f44b)
• MacOS arm64 (checksum / e2442d8f05d53d84c39b869bc5fe5affad247ee2f4c706a040919c146edb1f94)
• Linux amd64 (checksum / fc307327959aa38ed8f9f7e66d45492bb022a66c3e5da6063958254b9767d179)
• Linux arm (checksum / 432e774d1087d3773737888d384c62477b399227662b42cbf0c32e95e6e72556)
• Linux arm64 (checksum / d3f8f15b3d9ec8c8678fbf3280c3e5902efabe5912e2f9fcf29107efbc8ead69)
• Linux i386 (checksum / 6022b34e165a5196827043c77bcd1fa28ef48109b3a4af46e8660ddb0a6c44e0)
• Linux ppc64le (checksum / 0ba4375a6dcf6117a8e7729fbed36d9220f8ad98dbc7aabc16186f22917caead)
• Linux s390x (checksum / 10b88dc2afd97267feba8283d58dcb1c937defb7df8de152c86b60aaece47d59)
• Linux riscv64 (checksum / e733c727de7644cfeb25b094e1f0a56c53a7cb437c93c992aa92e6c7b9f6af93)
• Windows amd64 (checksum / 9bb114c12e530a7129fd3d78fc1784e813dd7a6e29e5f9b5af8bc83fd1066d36)
• Windows arm64 (checksum / a4afeee93031920ec08b7e880c859a159bcd222837a81196cadaeb42408ad0b3)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

• Bump golang.org/x/crypto from 0.30.0 to 0.31.0 7877b45b63f95635153b29a42c0c2f4273ec45ca (dependabot[bot])
• Bump the k8s-io group with 7 updates 848e586c27f05d84bc19d082f395098aba0b7619 (dependabot[bot])

Commits

• 7877b45 Bump golang.org/x/crypto from 0.30.0 to 0.31.0
• 848e586 Bump the k8s-io group with 7 updates
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	4
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	3
HIGH RISK LICENSES	9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.