Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.

## Repository problems

Renovate tried to run on this repository, but found these problems.

 - WARN: Cannot access vulnerability alerts. Please ensure permissions have been granted.

## Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

 - [ ] [chore(deps): update module golang.org/x/sys to v0.44.0 [security]](../pull/20)

## Vulnerabilities

`7`/`9` CVEs have Renovate fixes.
<details><summary>gomod</summary>
<blockquote>

<details><summary>image/git-init/go.mod</summary>
<blockquote>

<details><summary>github.com/tektoncd/pipeline</summary>
<blockquote>

- [GO-2023-1901](https://osv.dev/vulnerability/GO-2023-1901)
- [GO-2026-4730](https://osv.dev/vulnerability/GO-2026-4730)
</blockquote>
</details>

<details><summary>golang.org/x/net</summary>
<blockquote>

- [GO-2026-5027](https://osv.dev/vulnerability/GO-2026-5027) (fixed in >= 0.55.0)
- [GO-2026-5029](https://osv.dev/vulnerability/GO-2026-5029) (fixed in >= 0.55.0)
- [GO-2026-5025](https://osv.dev/vulnerability/GO-2026-5025) (fixed in >= 0.55.0)
- [GO-2026-5028](https://osv.dev/vulnerability/GO-2026-5028) (fixed in >= 0.55.0)
- [GO-2026-5026](https://osv.dev/vulnerability/GO-2026-5026) (fixed in >= 0.55.0)
- [GO-2026-5030](https://osv.dev/vulnerability/GO-2026-5030) (fixed in >= 0.55.0)
</blockquote>
</details>

<details><summary>golang.org/x/sys</summary>
<blockquote>

- [GO-2026-5024](https://osv.dev/vulnerability/GO-2026-5024) (fixed in >= 0.44.0)
</blockquote>
</details>

</blockquote>
</details>

</blockquote>
</details>

## Detected dependencies

<details><summary>gomod</summary>
<blockquote>

<details><summary>image/git-init/go.mod</summary>

 - `go 1.26.4`
 - `github.com/google/go-cmp v0.7.0`
 - `github.com/mitchellh/go-homedir v1.1.0`
 - `github.com/tektoncd/pipeline v1.0.3`
 - `go.uber.org/zap v1.27.0`
 - `cel.dev/expr v0.25.1`
 - `contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d@05415f1de66d`
 - `contrib.go.opencensus.io/exporter/prometheus v0.4.2`
 - `github.com/antlr4-go/antlr/v4 v4.13.0`
 - `github.com/beorn7/perks v1.0.1`
 - `github.com/blendle/zapdriver v1.3.1`
 - `github.com/census-instrumentation/opencensus-proto v0.4.1`
 - `github.com/cespare/xxhash/v2 v2.3.0`
 - `github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc@d8f796af33cc`
 - `github.com/emicklei/go-restful/v3 v3.12.1`
 - `github.com/evanphx/json-patch/v5 v5.9.11`
 - `github.com/fxamacker/cbor/v2 v2.7.0`
 - `github.com/go-kit/log v0.2.1`
 - `github.com/go-logfmt/logfmt v0.5.1`
 - `github.com/go-logr/logr v1.4.3`
 - `github.com/go-openapi/jsonpointer v0.21.0`
 - `github.com/go-openapi/jsonreference v0.21.0`
 - `github.com/go-openapi/swag v0.23.0`
 - `github.com/gogo/protobuf v1.3.2`
 - `github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da@41bb18bfe9da`
 - `github.com/golang/protobuf v1.5.4`
 - `github.com/google/cel-go v0.24.1`
 - `github.com/google/gnostic-models v0.6.9`
 - `github.com/google/gofuzz v1.2.0`
 - `github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1`
 - `github.com/hashicorp/errwrap v1.1.0`
 - `github.com/hashicorp/go-multierror v1.1.1`
 - `github.com/josharian/intern v1.0.0`
 - `github.com/json-iterator/go v1.1.12`
 - `github.com/klauspost/compress v1.17.11`
 - `github.com/mailru/easyjson v0.9.0`
 - `github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd@bacd9c7ef1dd`
 - `github.com/modern-go/reflect2 v1.0.2`
 - `github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822@a7dc8b61c822`
 - `github.com/prometheus/client_golang v1.20.5`
 - `github.com/prometheus/client_model v0.6.1`
 - `github.com/prometheus/common v0.62.0`
 - `github.com/prometheus/procfs v0.15.1`
 - `github.com/prometheus/statsd_exporter v0.22.7`
 - `github.com/stoewer/go-strcase v1.3.0`
 - `github.com/x448/float16 v0.8.4`
 - `go.opencensus.io v0.24.0`
 - `go.uber.org/multierr v1.11.0`
 - `golang.org/x/exp v0.0.0-20250210185358-939b2ce775ac@939b2ce775ac`
 - `golang.org/x/net v0.53.0`
 - `golang.org/x/oauth2 v0.34.0`
 - `golang.org/x/sync v0.20.0`
 - `golang.org/x/sys v0.43.0`
 - `golang.org/x/term v0.42.0`
 - `golang.org/x/text v0.36.0`
 - `golang.org/x/time v0.10.0`
 - `gomodules.xyz/jsonpatch/v2 v2.5.0`
 - `google.golang.org/api v0.217.0`
 - `google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217@ff82c1b0f217`
 - `google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217@ff82c1b0f217`
 - `google.golang.org/grpc v1.79.3`
 - `google.golang.org/protobuf v1.36.10`
 - `gopkg.in/inf.v0 v0.9.1`
 - `gopkg.in/yaml.v2 v2.4.0`
 - `gopkg.in/yaml.v3 v3.0.1`
 - `k8s.io/api v0.32.2`
 - `k8s.io/apimachinery v0.32.4`
 - `k8s.io/client-go v0.32.2`
 - `k8s.io/klog/v2 v2.130.1`
 - `k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7@2c72e554b1e7`
 - `k8s.io/utils v0.0.0-20241210054802-24370beab758@24370beab758`
 - `knative.dev/pkg v0.0.0-20250415155312-ed3e2158b883@ed3e2158b883`
 - `sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8@cfa47c3a1cc8`
 - `sigs.k8s.io/structured-merge-diff/v4 v4.5.0`
 - `sigs.k8s.io/yaml v1.4.0`
 - `github.com/AlaudaDevops/pipeline v1.0.3-alauda.1`

</details>

</blockquote>
</details>

---

- [ ] Check this box to trigger a request for Renovate to run again on this repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependency Dashboard #5

Repository problems

Ignored or Blocked

Vulnerabilities

Detected dependencies

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Dependency Dashboard #5

Description

Repository problems

Ignored or Blocked

Vulnerabilities

Detected dependencies

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions