This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. ## Repository problems Renovate tried to run on this repository, but found these problems. - WARN: Cannot access vulnerability alerts. Please ensure permissions have been granted. ## Ignored or Blocked These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below. - [ ] <!-- recreate-branch=renovate/alauda-v0.34.0-go-golang.org-x-sys-vulnerability -->[chore(deps): update module golang.org/x/sys to v0.44.0 [security] (alauda-v0.34.0)](../pull/164) - [ ] <!-- recreate-branch=renovate/alauda-v0.34.0-go-github.com-tektoncd-pipeline-vulnerability -->[fix(deps): update module github.com/tektoncd/pipeline to v1 [security] (alauda-v0.34.0)](../pull/70) - [ ] <!-- recreate-branch=renovate/alauda-v0.41.1-go-github.com-tektoncd-pipeline-vulnerability -->[fix(deps): update module github.com/tektoncd/pipeline to v1.6.2 [security] (alauda-v0.41.1)](../pull/165) - [ ] <!-- recreate-branch=renovate/alauda-v0.41.1-go-golang.org-x-sys-vulnerability -->[chore(deps): update module golang.org/x/sys to v0.44.0 [security] (alauda-v0.41.1)](../pull/166) - [ ] <!-- recreate-branch=renovate/alauda-v0.43.0-go-golang.org-x-sys-vulnerability -->[chore(deps): update module golang.org/x/sys to v0.44.0 [security] (alauda-v0.43.0)](../pull/167) ## Vulnerabilities `22`/`26` CVEs have Renovate fixes. <details><summary>gomod</summary> <blockquote> <details><summary>go.mod</summary> <blockquote> <details><summary>github.com/sigstore/cosign/v2</summary> <blockquote> - [GO-2026-4529](https://osv.dev/vulnerability/GO-2026-4529) </blockquote> </details> <details><summary>github.com/tektoncd/pipeline</summary> <blockquote> - [GO-2023-1901](https://osv.dev/vulnerability/GO-2023-1901) - [GHSA-rmx9-2pp3-xhcr](https://osv.dev/vulnerability/GHSA-rmx9-2pp3-xhcr) (fixed in >= 1.0.2) </blockquote> </details> <details><summary>github.com/aws/aws-sdk-go</summary> <blockquote> - [GO-2022-0646](https://osv.dev/vulnerability/GO-2022-0646) - [GO-2022-0635](https://osv.dev/vulnerability/GO-2022-0635) </blockquote> </details> <details><summary>golang.org/x/crypto</summary> <blockquote> - [GO-2026-5021](https://osv.dev/vulnerability/GO-2026-5021) (fixed in >= 0.52.0) - [GO-2026-5017](https://osv.dev/vulnerability/GO-2026-5017) (fixed in >= 0.52.0) - [GO-2026-5020](https://osv.dev/vulnerability/GO-2026-5020) (fixed in >= 0.52.0) - [GO-2026-5013](https://osv.dev/vulnerability/GO-2026-5013) (fixed in >= 0.52.0) - [GO-2026-5019](https://osv.dev/vulnerability/GO-2026-5019) (fixed in >= 0.52.0) - [GO-2026-5023](https://osv.dev/vulnerability/GO-2026-5023) (fixed in >= 0.52.0) - [GO-2026-5033](https://osv.dev/vulnerability/GO-2026-5033) (fixed in >= 0.52.0) - [GO-2026-5018](https://osv.dev/vulnerability/GO-2026-5018) (fixed in >= 0.52.0) - [GO-2026-5005](https://osv.dev/vulnerability/GO-2026-5005) (fixed in >= 0.52.0) - [GO-2026-5015](https://osv.dev/vulnerability/GO-2026-5015) (fixed in >= 0.52.0) - [GO-2026-5014](https://osv.dev/vulnerability/GO-2026-5014) (fixed in >= 0.52.0) - [GO-2026-5016](https://osv.dev/vulnerability/GO-2026-5016) (fixed in >= 0.52.0) - [GO-2026-5006](https://osv.dev/vulnerability/GO-2026-5006) (fixed in >= 0.52.0) </blockquote> </details> <details><summary>golang.org/x/net</summary> <blockquote> - [GO-2026-5026](https://osv.dev/vulnerability/GO-2026-5026) (fixed in >= 0.55.0) - [GO-2026-5028](https://osv.dev/vulnerability/GO-2026-5028) (fixed in >= 0.55.0) - [GO-2026-5025](https://osv.dev/vulnerability/GO-2026-5025) (fixed in >= 0.55.0) - [GO-2026-5027](https://osv.dev/vulnerability/GO-2026-5027) (fixed in >= 0.55.0) - [GO-2026-5030](https://osv.dev/vulnerability/GO-2026-5030) (fixed in >= 0.55.0) - [GO-2026-5029](https://osv.dev/vulnerability/GO-2026-5029) (fixed in >= 0.55.0) </blockquote> </details> <details><summary>golang.org/x/sys</summary> <blockquote> - [GO-2026-5024](https://osv.dev/vulnerability/GO-2026-5024) (fixed in >= 0.44.0) </blockquote> </details> </blockquote> </details> <details><summary>tools/go.mod</summary> <blockquote> <details><summary>golang.org/x/sys</summary> <blockquote> - [GO-2026-5024](https://osv.dev/vulnerability/GO-2026-5024) (fixed in >= 0.44.0) </blockquote> </details> </blockquote> </details> </blockquote> </details> ## Detected dependencies > [!NOTE] > Detected dependencies section has been truncated <details><summary>Branch alauda-v0.34.0</summary> <blockquote> <details><summary>gomod</summary> <blockquote> <details><summary>go.mod</summary> - `go 1.26.4` - `github.com/AlecAivazis/survey/v2 v2.3.7` - `github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2@73e0943537d2` - `github.com/blang/semver v3.5.1+incompatible` - `github.com/cpuguy83/go-md2man v1.0.10` - `github.com/creack/pty v1.1.21` - `github.com/docker/cli v29.2.1+incompatible` - `github.com/fatih/color v1.18.0` - `github.com/google/go-cmp v0.7.0` - `github.com/google/go-containerregistry v0.21.2` - `github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b@5c1018a4e16b` - `github.com/hinshun/vt10x v0.0.0-20220228203356-1ab2cad5fd82@1ab2cad5fd82` - `github.com/jonboulle/clockwork v0.5.0` - `github.com/ktr0731/go-fuzzyfinder v0.8.0` - `github.com/mitchellh/go-homedir v1.1.0` - `github.com/pkg/errors v0.9.1` - `github.com/sigstore/cosign/v2 v2.6.2` - `github.com/sigstore/sigstore v1.10.5` - `github.com/spf13/cobra v1.10.2` - `github.com/spf13/pflag v1.0.10` - `github.com/tektoncd/chains v0.19.0` - `github.com/tektoncd/hub v1.15.1` - `github.com/tektoncd/pipeline v0.55.0` - `github.com/tektoncd/plumbing v0.0.0-20230907180608-5625252a2de1@5625252a2de1` - `github.com/tektoncd/triggers v0.25.1-0.20231222120246-0127ca12341d@0127ca12341d` - `github.com/theupdateframework/go-tuf v0.7.0` - `go.opencensus.io v0.24.0` - `go.uber.org/multierr v1.11.0` - `go.uber.org/zap v1.27.1` - `golang.org/x/term v0.42.0` - `gotest.tools v2.2.0+incompatible` - `gotest.tools/v3 v3.5.1` - `k8s.io/api v0.34.3` - `k8s.io/apimachinery v0.34.3` - `k8s.io/cli-runtime v0.26.12` - `k8s.io/client-go v0.34.3` - `knative.dev/pkg v0.0.0-20231103161548-f5b42e8dea44@f5b42e8dea44` - `sigs.k8s.io/yaml v1.6.0` - `cel.dev/expr v0.25.1` - `cloud.google.com/go v0.123.0` - `cloud.google.com/go/auth v0.18.2` - `cloud.google.com/go/auth/oauth2adapt v0.2.8` - `cloud.google.com/go/compute/metadata v0.9.0` - `cloud.google.com/go/firestore v1.21.0` - `cloud.google.com/go/iam v1.5.3` - `cloud.google.com/go/kms v1.26.0` - `cloud.google.com/go/longrunning v0.8.0` - `cloud.google.com/go/monitoring v1.24.3` - `cloud.google.com/go/storage v1.57.2` - `contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d@05415f1de66d` - `contrib.go.opencensus.io/exporter/prometheus v0.4.2` - `github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0` - `github.com/Azure/azure-sdk-for-go v68.0.0+incompatible` - `github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0` - `github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1` - `github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2` - `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.4.0` - `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0` - `github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c@faa5f7b0171c` - `github.com/Azure/go-autorest v14.2.0+incompatible` - `github.com/Azure/go-autorest/autorest v0.11.29` - `github.com/Azure/go-autorest/autorest/adal v0.9.23` - `github.com/Azure/go-autorest/autorest/azure/auth v0.5.12` - `github.com/Azure/go-autorest/autorest/azure/cli v0.4.6` - `github.com/Azure/go-autorest/autorest/date v0.3.0` - `github.com/Azure/go-autorest/logger v0.2.1` - `github.com/Azure/go-autorest/tracing v0.6.0` - `github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.30.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.54.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.54.0` - `github.com/Microsoft/go-winio v0.6.2` - `github.com/Shopify/sarama v1.38.1` - `github.com/ThalesIgnite/crypto11 v1.2.5` - `github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4` - `github.com/alibabacloud-go/cr-20160607 v1.0.1` - `github.com/alibabacloud-go/cr-20181201 v1.0.10` - `github.com/alibabacloud-go/darabonba-openapi v0.2.1` - `github.com/alibabacloud-go/debug v1.0.0` - `github.com/alibabacloud-go/endpoint-util v1.1.1` - `github.com/alibabacloud-go/openapi-util v0.1.0` - `github.com/alibabacloud-go/tea v1.2.1` - `github.com/alibabacloud-go/tea-utils v1.4.5` - `github.com/alibabacloud-go/tea-xml v1.1.3` - `github.com/aliyun/credentials-go v1.3.2` - `github.com/antlr4-go/antlr/v4 v4.13.1` - `github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2@a9d515a09cc2` - `github.com/aws/aws-sdk-go v1.55.8` - `github.com/aws/aws-sdk-go-v2 v1.41.4` - `github.com/aws/aws-sdk-go-v2/config v1.32.12` - `github.com/aws/aws-sdk-go-v2/credentials v1.19.12` - `github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20` - `github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20` - `github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20` - `github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6` - `github.com/aws/aws-sdk-go-v2/service/ecr v1.45.1` - `github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.33.2` - `github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7` - `github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20` - `github.com/aws/aws-sdk-go-v2/service/kms v1.50.3` - `github.com/aws/aws-sdk-go-v2/service/signin v1.0.8` - `github.com/aws/aws-sdk-go-v2/service/sso v1.30.13` - `github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17` - `github.com/aws/aws-sdk-go-v2/service/sts v1.41.9` - `github.com/aws/smithy-go v1.24.2` - `github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.10.1` - `github.com/beorn7/perks v1.0.1` - `github.com/blendle/zapdriver v1.3.1` - `github.com/cenkalti/backoff/v4 v4.3.0` - `github.com/cenkalti/backoff/v5 v5.0.3` - `github.com/census-instrumentation/opencensus-proto v0.4.1` - `github.com/cespare/xxhash/v2 v2.3.0` - `github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589@82a0ddb27589` - `github.com/clbanning/mxj/v2 v2.7.0` - `github.com/clipperhouse/uax29/v2 v2.6.0` - `github.com/cloudevents/sdk-go/v2 v2.16.2` - `github.com/cloudflare/circl v1.6.3` - `github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5@ee656c7534f5` - `github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be@734e95fb86be` - `github.com/containerd/stargz-snapshotter/estargz v0.18.2` - `github.com/coreos/go-oidc/v3 v3.17.0` - `github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467@19d51d7fe467` - `github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc@d8f796af33cc` - `github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352@3a137a874352` - `github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7@220c5c2851b7` - `github.com/dimchansky/utfbom v1.1.1` - `github.com/docker/distribution v2.8.3+incompatible` - `github.com/docker/docker-credential-helpers v0.9.3` - `github.com/dustin/go-humanize v1.0.1` - `github.com/eapache/go-resiliency v1.4.0` - `github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3@c322873962e3` - `github.com/eapache/queue v1.1.0` - `github.com/emicklei/go-restful/v3 v3.12.2` - `github.com/envoyproxy/go-control-plane/envoy v1.36.0` - `github.com/envoyproxy/protoc-gen-validate v1.3.0` - `github.com/evanphx/json-patch v4.12.0+incompatible` - `github.com/evanphx/json-patch/v5 v5.9.11` - `github.com/felixge/httpsnoop v1.0.4` - `github.com/fsnotify/fsnotify v1.9.0` - `github.com/gdamore/encoding v1.0.0` - `github.com/gdamore/tcell/v2 v2.6.0` - `github.com/go-chi/chi/v5 v5.2.5` - `github.com/go-errors/errors v1.4.2` - `github.com/go-jose/go-jose/v4 v4.1.4` - `github.com/go-kit/log v0.2.1` - `github.com/go-logfmt/logfmt v0.6.0` - `github.com/go-logr/logr v1.4.3` - `github.com/go-logr/stdr v1.2.2` - `github.com/go-openapi/analysis v0.24.3` - `github.com/go-openapi/errors v0.22.7` - `github.com/go-openapi/jsonpointer v0.22.5` - `github.com/go-openapi/jsonreference v0.21.5` - `github.com/go-openapi/loads v0.23.3` - `github.com/go-openapi/runtime v0.29.3` - `github.com/go-openapi/spec v0.22.4` - `github.com/go-openapi/strfmt v0.26.1` - `github.com/go-openapi/swag v0.25.5` - `github.com/go-openapi/swag/cmdutils v0.25.5` - `github.com/go-openapi/swag/conv v0.25.5` - `github.com/go-openapi/swag/fileutils v0.25.5` - `github.com/go-openapi/swag/jsonname v0.25.5` - `github.com/go-openapi/swag/jsonutils v0.25.5` - `github.com/go-openapi/swag/loading v0.25.5` - `github.com/go-openapi/swag/mangling v0.25.5` - `github.com/go-openapi/swag/netutils v0.25.5` - `github.com/go-openapi/swag/stringutils v0.25.5` - `github.com/go-openapi/swag/typeutils v0.25.5` - `github.com/go-openapi/swag/yamlutils v0.25.5` - `github.com/go-openapi/validate v0.25.2` - `github.com/go-viper/mapstructure/v2 v2.5.0` - `github.com/gogo/protobuf v1.3.2` - `github.com/golang-jwt/jwt/v4 v4.5.2` - `github.com/golang-jwt/jwt/v5 v5.3.1` - `github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8@2c02b8208cf8` - `github.com/golang/protobuf v1.5.4` - `github.com/golang/snappy v0.0.4` - `github.com/google/btree v1.1.3` - `github.com/google/cel-go v0.26.1` - `github.com/google/certificate-transparency-go v1.3.2` - `github.com/google/gnostic v0.7.0` - `github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20240108195214-a0658aa1d0cc@a0658aa1d0cc` - `github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20240108195214-a0658aa1d0cc@a0658aa1d0cc` - `github.com/google/go-github/v73 v73.0.0` - `github.com/google/go-querystring v1.1.0` - `github.com/google/gofuzz v1.2.0` - `github.com/google/s2a-go v0.1.9` - `github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510@e7afc7fbc510` - `github.com/google/uuid v1.6.0` - `github.com/google/wire v0.7.0` - `github.com/googleapis/enterprise-certificate-proxy v0.3.14` - `github.com/googleapis/gax-go/v2 v2.19.0` - `github.com/gorilla/websocket v1.5.3` - `github.com/grafeas/grafeas v0.2.3` - `github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79@901d90724c79` - `github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.4` - `github.com/hashicorp/errwrap v1.1.0` - `github.com/hashicorp/go-cleanhttp v0.5.2` - `github.com/hashicorp/go-multierror v1.1.1` - `github.com/hashicorp/go-retryablehttp v0.7.8` - `github.com/hashicorp/go-rootcerts v1.0.2` - `github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0` - `github.com/hashicorp/go-secure-stdlib/strutil v0.1.2` - `github.com/hashicorp/go-sockaddr v1.0.7` - `github.com/hashicorp/go-uuid v1.0.3` - `github.com/hashicorp/golang-lru v1.0.2` - `github.com/hashicorp/hcl v1.0.1-vault-7` - `github.com/hashicorp/vault/api v1.22.0` - `github.com/imdario/mergo v0.3.16` - `github.com/in-toto/attestation v1.1.2` - `github.com/in-toto/in-toto-golang v0.11.0` - `github.com/inconshreveable/mousetrap v1.1.0` - `github.com/jcmturner/aescts/v2 v2.0.0` - `github.com/jcmturner/dnsutils/v2 v2.0.0` - `github.com/jcmturner/gofork v1.7.6` - `github.com/jcmturner/gokrb5/v8 v8.4.4` - `github.com/jcmturner/rpc/v2 v2.0.3` - `github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267@661be99b8267` - `github.com/jellydator/ttlcache/v3 v3.4.0` - `github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24@b0104c826a24` - `github.com/joho/godotenv v1.5.1` - `github.com/json-iterator/go v1.1.12` - `github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51@95032a82bc51` - `github.com/kelseyhightower/envconfig v1.4.0` - `github.com/klauspost/compress v1.18.4` - `github.com/ktr0731/go-ansisgr v0.1.0` - `github.com/kylelemons/godebug v1.1.0` - `github.com/letsencrypt/boulder v0.20260223.0` - `github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de@89fcab3d43de` - `github.com/lucasb-eyer/go-colorful v1.2.0` - `github.com/mattn/go-colorable v0.1.14` - `github.com/mattn/go-isatty v0.0.20` - `github.com/mattn/go-runewidth v0.0.19` - `github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d@d51e80ef957d` - `github.com/miekg/pkcs11 v1.1.1` - `github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c@8508981c8b6c` - `github.com/moby/term v0.5.2` - `github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd@bacd9c7ef1dd` - `github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee@35a7c28c31ee` - `github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00@205db1a8cc00` - `github.com/montanaflynn/stats v0.7.1` - `github.com/mozillazg/docker-credential-acr-helper v0.4.0` - `github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822@a7dc8b61c822` - `github.com/natefinch/atomic v1.0.1` - `github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481@2ea982251481` - `github.com/nsf/termbox-go v1.1.1` - `github.com/oklog/ulid/v2 v2.1.1` - `github.com/opencontainers/go-digest v1.0.0` - `github.com/opencontainers/image-spec v1.1.1` - `github.com/openzipkin/zipkin-go v0.4.2` - `github.com/pelletier/go-toml/v2 v2.2.4` - `github.com/peterbourgon/diskv v2.0.1+incompatible` - `github.com/pierrec/lz4/v4 v4.1.18` - `github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c@5ac0b6a4141c` - `github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10@0393e58bdf10` - `github.com/prometheus/client_golang v1.23.2` - `github.com/prometheus/client_model v0.6.2` - `github.com/prometheus/common v0.67.5` - `github.com/prometheus/procfs v0.19.2` - `github.com/prometheus/statsd_exporter v0.22.7` - `github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475@cf1acfcdf475` - `github.com/russross/blackfriday v1.6.0` - `github.com/ryanuber/go-glob v1.0.0` - `github.com/sagikazarmark/locafero v0.11.0` - `github.com/sassoftware/relic v7.2.1+incompatible` - `github.com/secure-systems-lab/go-securesystemslib v0.10.0` - `github.com/shibumi/go-pathspec v1.3.0` - `github.com/sigstore/fulcio v1.8.5` - `github.com/sigstore/protobuf-specs v0.5.0` - `github.com/sigstore/rekor v1.5.0` - `github.com/sigstore/rekor-tiles/v2 v2.0.1` - `github.com/sigstore/sigstore-go v1.1.4` - `github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.5` - `github.com/sigstore/timestamp-authority/v2 v2.0.6` - `github.com/sirupsen/logrus v1.9.4` - `github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8@5f936abd7ae8` - `github.com/spf13/afero v1.15.0` - `github.com/spf13/cast v1.10.0` - `github.com/spf13/viper v1.21.0` - `github.com/spiffe/go-spiffe/v2 v2.6.0` - `github.com/stoewer/go-strcase v1.3.1` - `github.com/subosito/gotenv v1.6.0` - `github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d@126854af5e6d` - `github.com/thales-e-security/pool v0.0.2` - `github.com/theupdateframework/go-tuf/v2 v2.4.1` - `github.com/tidwall/gjson v1.12.1` - `github.com/tidwall/match v1.1.1` - `github.com/tidwall/pretty v1.2.0` - `github.com/tidwall/sjson v1.2.4` - `github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399@afe73141d399` - `github.com/tjfoc/gmsm v1.4.1` - `github.com/transparency-dev/formats v0.0.0-20251017110053-404c0d5b696c@404c0d5b696c` - `github.com/transparency-dev/merkle v0.0.2` - `github.com/vbatts/tar-split v0.12.2` - `github.com/xdg-go/pbkdf2 v1.0.0` - `github.com/xdg-go/scram v1.1.2` - `github.com/xdg-go/stringprep v1.0.4` - `github.com/xlab/treeprint v1.2.0` - `github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78@a2c0da244d78` - `gitlab.com/gitlab-org/api/client-go v0.143.3` - `go.mongodb.org/mongo-driver v1.17.6` - `go.opentelemetry.io/auto/sdk v1.2.1` - `go.opentelemetry.io/contrib/detectors/gcp v1.39.0` - `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0` - `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.64.0` - `go.opentelemetry.io/otel v1.43.0` - `go.opentelemetry.io/otel/metric v1.43.0` - `go.opentelemetry.io/otel/sdk v1.43.0` - `go.opentelemetry.io/otel/sdk/metric v1.43.0` - `go.opentelemetry.io/otel/trace v1.43.0` - `go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5@8dd3e2ee1dd5` - `go.uber.org/atomic v1.11.0` - `go.yaml.in/yaml/v2 v2.4.3` - `go.yaml.in/yaml/v3 v3.0.4` - `goa.design/goa/v3 v3.23.4` - `gocloud.dev v0.40.0` - `gocloud.dev/docstore/mongodocstore v0.34.0` - `gocloud.dev/pubsub/kafkapubsub v0.34.0` - `golang.org/x/crypto v0.50.0` - `golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546@a4bb9ffd2546` - `golang.org/x/mod v0.34.0` - `golang.org/x/net v0.53.0` - `golang.org/x/oauth2 v0.36.0` - `golang.org/x/sync v0.20.0` - `golang.org/x/sys v0.43.0` - `golang.org/x/text v0.36.0` - `golang.org/x/time v0.15.0` - `golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da@7835f813f4da` - `gomodules.xyz/jsonpatch/v2 v2.5.0` - `google.golang.org/api v0.272.0` - `google.golang.org/genproto v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/genproto/googleapis/api v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/genproto/googleapis/rpc v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/grpc v1.79.3` - `google.golang.org/protobuf v1.36.11` - `gopkg.in/inf.v0 v0.9.1` - `gopkg.in/ini.v1 v1.67.1` - `gopkg.in/yaml.v2 v2.4.0` - `gopkg.in/yaml.v3 v3.0.1` - `k8s.io/apiextensions-apiserver v0.34.3` - `k8s.io/klog/v2 v2.130.1` - `k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b@f3f2b991d03b` - `k8s.io/utils v0.0.0-20250820121507-0af2bda4dd1d@0af2bda4dd1d` - `knative.dev/eventing v0.30.1-0.20220407170245-58865afba92c@58865afba92c` - `knative.dev/networking v0.0.0-20231017124814-2a7676e912b7@2a7676e912b7` - `knative.dev/serving v0.39.0` - `sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8@cfa47c3a1cc8` - `sigs.k8s.io/kustomize/api v0.12.1` - `sigs.k8s.io/kustomize/kyaml v0.13.9` - `sigs.k8s.io/release-utils v0.12.4` - `sigs.k8s.io/structured-merge-diff/v4 v4.6.0` - `github.com/google/gnostic v0.5.7-v3refs` - `github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49@c7be7c783f49` - `k8s.io/api v0.26.12` - `k8s.io/apiextensions-apiserver v0.26.12` - `k8s.io/apimachinery v0.26.12` - `k8s.io/client-go v0.26.12` - `k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280@172d655c2280` - `github.com/alaudadevops/timestamp-authority v1.2.10-alauda.3` - `github.com/AlaudaDevops/chains v0.19.2-0.20260304040940-ee32327fe2af@ee32327fe2af` - `github.com/AlaudaDevops/pipeline v0.56.10-alauda.1` </details> <details><summary>tools/go.mod</summary> - `go 1.25.5` - `github.com/golangci/golangci-lint v1.55.2` - `4d63.com/gocheckcompilerdirectives v1.2.1` - `4d63.com/gochecknoglobals v0.2.1` - `github.com/4meepo/tagalign v1.3.3` - `github.com/Abirdcfly/dupword v0.0.13` - `github.com/Antonboom/errname v0.1.12` - `github.com/Antonboom/nilnil v0.1.7` - `github.com/Antonboom/testifylint v0.2.3` - `github.com/BurntSushi/toml v1.3.2` - `github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24@aea10b59be24` - `github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0` - `github.com/Masterminds/semver v1.5.0` - `github.com/OpenPeeDeeP/depguard/v2 v2.1.0` - `github.com/alecthomas/go-check-sumtype v0.1.3` - `github.com/alexkohler/nakedret/v2 v2.0.2` - `github.com/alexkohler/prealloc v1.0.0` - `github.com/alingse/asasalint v0.0.11` - `github.com/ashanbrown/forbidigo v1.6.0` - `github.com/ashanbrown/makezero v1.1.1` - `github.com/beorn7/perks v1.0.1` - `github.com/bkielbasa/cyclop v1.2.1` - `github.com/blizzy78/varnamelen v0.8.0` - `github.com/bombsimon/wsl/v3 v3.4.0` - `github.com/breml/bidichk v0.2.7` - `github.com/breml/errchkjson v0.3.6` - `github.com/butuzov/ireturn v0.2.2` - `github.com/butuzov/mirror v1.1.0` - `github.com/catenacyber/perfsprint v0.2.0` - `github.com/ccojocar/zxcvbn-go v1.0.1` - `github.com/cespare/xxhash/v2 v2.1.2` - `github.com/charithe/durationcheck v0.0.10` - `github.com/chavacava/garif v0.1.0` - `github.com/curioswitch/go-reassign v0.2.0` - `github.com/daixiang0/gci v0.11.2` - `github.com/davecgh/go-spew v1.1.1` - `github.com/denis-tingaikin/go-header v0.4.3` - `github.com/esimonov/ifshort v1.0.4` - `github.com/ettle/strcase v0.1.1` - `github.com/fatih/color v1.15.0` - `github.com/fatih/structtag v1.2.0` - `github.com/firefart/nonamedreturns v1.0.4` - `github.com/fsnotify/fsnotify v1.5.4` - `github.com/fzipp/gocyclo v0.6.0` - `github.com/ghostiam/protogetter v0.2.3` - `github.com/go-critic/go-critic v0.9.0` - `github.com/go-toolsmith/astcast v1.1.0` - `github.com/go-toolsmith/astcopy v1.1.0` - `github.com/go-toolsmith/astequal v1.1.0` - `github.com/go-toolsmith/astfmt v1.1.0` - `github.com/go-toolsmith/astp v1.1.0` - `github.com/go-toolsmith/strparse v1.1.0` - `github.com/go-toolsmith/typep v1.1.0` - `github.com/go-xmlfmt/xmlfmt v1.1.2` - `github.com/gobwas/glob v0.2.3` - `github.com/gofrs/flock v0.8.1` - `github.com/golang/protobuf v1.5.2` - `github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2@cfe4005ccda2` - `github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a@3e9179ac440a` - `github.com/golangci/go-misc v0.0.0-20220329215616-d24fe342adfe@d24fe342adfe` - `github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e@f50ced29576e` - `github.com/golangci/lint-1 v0.0.0-20191013205115-297bf364a8e0@297bf364a8e0` - `github.com/golangci/maligned v0.0.0-20180506175553-b1d89398deca@b1d89398deca` - `github.com/golangci/misspell v0.4.1` - `github.com/golangci/revgrep v0.5.2` - `github.com/golangci/unconvert v0.0.0-20180507085042-28b1c447d1f4@28b1c447d1f4` - `github.com/google/go-cmp v0.6.0` - `github.com/gordonklaus/ineffassign v0.0.0-20230610083614-0e73809eb601@0e73809eb601` - `github.com/gostaticanalysis/analysisutil v0.7.1` - `github.com/gostaticanalysis/comment v1.4.2` - `github.com/gostaticanalysis/forcetypeassert v0.1.0` - `github.com/gostaticanalysis/nilerr v0.1.1` - `github.com/hashicorp/errwrap v1.0.0` - `github.com/hashicorp/go-multierror v1.1.1` - `github.com/hashicorp/go-version v1.6.0` - `github.com/hashicorp/hcl v1.0.0` - `github.com/hexops/gotextdiff v1.0.3` - `github.com/inconshreveable/mousetrap v1.1.0` - `github.com/jgautheron/goconst v1.6.0` - `github.com/jingyugao/rowserrcheck v1.1.1` - `github.com/jirfag/go-printf-func-name v0.0.0-20200119135958-7558a9eaa5af@7558a9eaa5af` - `github.com/julz/importas v0.1.0` - `github.com/kisielk/errcheck v1.6.3` - `github.com/kisielk/gotool v1.0.0` - `github.com/kkHAIKE/contextcheck v1.1.4` - `github.com/kulti/thelper v0.6.3` - `github.com/kunwardeep/paralleltest v1.0.8` - `github.com/kyoh86/exportloopref v0.1.11` - `github.com/ldez/gomoddirectives v0.2.3` - `github.com/ldez/tagliatelle v0.5.0` - `github.com/leonklingele/grouper v1.1.1` - `github.com/lufeee/execinquery v1.2.1` - `github.com/macabu/inamedparam v0.1.2` - `github.com/magiconair/properties v1.8.6` - `github.com/maratori/testableexamples v1.0.0` - `github.com/maratori/testpackage v1.1.1` - `github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26@006bad1f9d26` - `github.com/mattn/go-colorable v0.1.13` - `github.com/mattn/go-isatty v0.0.17` - `github.com/mattn/go-runewidth v0.0.9` - `github.com/matttproud/golang_protobuf_extensions v1.0.1` - `github.com/mbilski/exhaustivestruct v1.2.0` - `github.com/mgechev/revive v1.3.4` - `github.com/mitchellh/go-homedir v1.1.0` - `github.com/mitchellh/mapstructure v1.5.0` - `github.com/moricho/tparallel v0.3.1` - `github.com/nakabonne/nestif v0.3.1` - `github.com/nishanths/exhaustive v0.11.0` - `github.com/nishanths/predeclared v0.2.2` - `github.com/nunnatsa/ginkgolinter v0.14.1` - `github.com/olekukonko/tablewriter v0.0.5` - `github.com/pelletier/go-toml v1.9.5` - `github.com/pelletier/go-toml/v2 v2.0.5` - `github.com/pmezard/go-difflib v1.0.0` - `github.com/polyfloyd/go-errorlint v1.4.5` - `github.com/prometheus/client_golang v1.12.1` - `github.com/prometheus/client_model v0.2.0` - `github.com/prometheus/common v0.32.1` - `github.com/prometheus/procfs v0.7.3` - `github.com/quasilyte/go-ruleguard v0.4.0` - `github.com/quasilyte/gogrep v0.5.0` - `github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727@b3f0c404a727` - `github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567@f7386bf02567` - `github.com/ryancurrah/gomodguard v1.3.0` - `github.com/ryanrolds/sqlclosecheck v0.5.1` - `github.com/sanposhiho/wastedassign/v2 v2.0.7` - `github.com/sashamelentyev/interfacebloat v1.1.0` - `github.com/sashamelentyev/usestdlibvars v1.24.0` - `github.com/securego/gosec/v2 v2.18.2` - `github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c@b6b7b6733b8c` - `github.com/sirupsen/logrus v1.9.3` - `github.com/sivchari/containedctx v1.0.3` - `github.com/sivchari/nosnakecase v1.7.0` - `github.com/sivchari/tenv v1.7.1` - `github.com/sonatard/noctx v0.0.2` - `github.com/sourcegraph/go-diff v0.7.0` - `github.com/spf13/afero v1.8.2` - `github.com/spf13/cast v1.5.0` - `github.com/spf13/cobra v1.7.0` - `github.com/spf13/jwalterweatherman v1.1.0` - `github.com/spf13/pflag v1.0.5` - `github.com/spf13/viper v1.12.0` - `github.com/ssgreg/nlreturn/v2 v2.2.1` - `github.com/stbenjam/no-sprintf-host-port v0.1.1` - `github.com/stretchr/objx v0.5.0` - `github.com/stretchr/testify v1.8.4` - `github.com/subosito/gotenv v1.4.1` - `github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c@aaee18c8195c` - `github.com/tdakkota/asciicheck v0.2.0` - `github.com/tetafro/godot v1.4.15` - `github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966@574207250966` - `github.com/timonwong/loggercheck v0.9.4` - `github.com/tomarrell/wrapcheck/v2 v2.8.1` - `github.com/tommy-muehle/go-mnd/v2 v2.5.1` - `github.com/ultraware/funlen v0.1.0` - `github.com/ultraware/whitespace v0.0.5` - `github.com/uudashr/gocognit v1.1.2` - `github.com/xen0n/gosmopolitan v1.2.2` - `github.com/yagipy/maintidx v1.0.0` - `github.com/yeya24/promlinter v0.2.0` - `github.com/ykadowak/zerologlint v0.1.3` - `gitlab.com/bosi/decorder v0.4.1` - `go-simpler.org/sloglint v0.1.2` - `go.tmz.dev/musttag v0.7.2` - `go.uber.org/atomic v1.7.0` - `go.uber.org/multierr v1.6.0` - `go.uber.org/zap v1.24.0` - `golang.org/x/exp v0.0.0-20230510235704-dd950f8aeaea@dd950f8aeaea` - `golang.org/x/exp/typeparams v0.0.0-20230307190834-24139beb5833@24139beb5833` - `golang.org/x/mod v0.13.0` - `golang.org/x/sync v0.4.0` - `golang.org/x/sys v0.13.0` - `golang.org/x/text v0.13.0` - `golang.org/x/tools v0.14.0` - `google.golang.org/protobuf v1.33.0` - `gopkg.in/ini.v1 v1.67.0` - `gopkg.in/yaml.v2 v2.4.0` - `gopkg.in/yaml.v3 v3.0.1` - `honnef.co/go/tools v0.4.6` - `mvdan.cc/gofumpt v0.5.0` - `mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed@c20040233aed` - `mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b@adc824a0674b` - `mvdan.cc/unparam v0.0.0-20221223090309-7455f1af531d@7455f1af531d` </details> </blockquote> </details> </blockquote> </details> <details><summary>Branch alauda-v0.41.1</summary> <blockquote> <details><summary>gomod</summary> <blockquote> <details><summary>go.mod</summary> - `go 1.26.4` - `github.com/AlecAivazis/survey/v2 v2.3.7` - `github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2@73e0943537d2` - `github.com/blang/semver v3.5.1+incompatible` - `github.com/cpuguy83/go-md2man v1.0.10` - `github.com/creack/pty v1.1.24` - `github.com/docker/cli v29.2.0+incompatible` - `github.com/fatih/color v1.18.0` - `github.com/google/go-cmp v0.7.0` - `github.com/google/go-containerregistry v0.20.7` - `github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b@5c1018a4e16b` - `github.com/hinshun/vt10x v0.0.0-20220228203356-1ab2cad5fd82@1ab2cad5fd82` - `github.com/jonboulle/clockwork v0.5.0` - `github.com/ktr0731/go-fuzzyfinder v0.8.0` - `github.com/mitchellh/go-homedir v1.1.0` - `github.com/pkg/errors v0.9.1` - `github.com/sigstore/cosign/v2 v2.6.2` - `github.com/sigstore/sigstore v1.10.5` - `github.com/spf13/cobra v1.10.2` - `github.com/spf13/pflag v1.0.10` - `github.com/tektoncd/chains v0.26.3` - `github.com/tektoncd/hub v1.21.0` - `github.com/tektoncd/pipeline v1.6.1` - `github.com/tektoncd/plumbing v0.0.0-20250430145243-3b7cd59879c1@3b7cd59879c1` - `github.com/tektoncd/triggers v0.32.0` - `github.com/theupdateframework/go-tuf v0.7.0` - `go.opencensus.io v0.24.0` - `go.uber.org/multierr v1.11.0` - `go.uber.org/zap v1.27.1` - `golang.org/x/term v0.42.0` - `gotest.tools v2.2.0+incompatible` - `gotest.tools/v3 v3.5.2` - `k8s.io/api v0.34.1` - `k8s.io/apimachinery v0.34.1` - `k8s.io/cli-runtime v0.29.15` - `k8s.io/client-go v0.34.1` - `knative.dev/pkg v0.0.0-20250415155312-ed3e2158b883@ed3e2158b883` - `sigs.k8s.io/yaml v1.6.0` - `github.com/vdemeester/cr-20160607 v1.0.1` - `cel.dev/expr v0.25.1` - `cloud.google.com/go v0.123.0` - `cloud.google.com/go/auth v0.18.2` - `cloud.google.com/go/auth/oauth2adapt v0.2.8` - `cloud.google.com/go/compute/metadata v0.9.0` - `cloud.google.com/go/firestore v1.21.0` - `cloud.google.com/go/iam v1.5.3` - `cloud.google.com/go/kms v1.26.0` - `cloud.google.com/go/longrunning v0.8.0` - `cloud.google.com/go/monitoring v1.24.3` - `cloud.google.com/go/storage v1.57.1` - `contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d@05415f1de66d` - `contrib.go.opencensus.io/exporter/prometheus v0.4.2` - `filippo.io/edwards25519 v1.2.0` - `github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0` - `github.com/Azure/azure-sdk-for-go v68.0.0+incompatible` - `github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0` - `github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.13.1` - `github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2` - `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.4.0` - `github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.2.0` - `github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c@faa5f7b0171c` - `github.com/Azure/go-autorest v14.2.0+incompatible` - `github.com/Azure/go-autorest/autorest v0.11.29` - `github.com/Azure/go-autorest/autorest/adal v0.9.23` - `github.com/Azure/go-autorest/autorest/azure/auth v0.5.12` - `github.com/Azure/go-autorest/autorest/azure/cli v0.4.6` - `github.com/Azure/go-autorest/autorest/date v0.3.0` - `github.com/Azure/go-autorest/logger v0.2.1` - `github.com/Azure/go-autorest/tracing v0.6.0` - `github.com/AzureAD/microsoft-authentication-library-for-go v1.6.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.31.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.54.0` - `github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.54.0` - `github.com/IBM/sarama v1.45.2` - `github.com/Microsoft/go-winio v0.6.2` - `github.com/ThalesIgnite/crypto11 v1.2.5` - `github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4` - `github.com/alibabacloud-go/cr-20160607 v1.0.1` - `github.com/alibabacloud-go/cr-20181201 v1.0.10` - `github.com/alibabacloud-go/darabonba-openapi v0.2.1` - `github.com/alibabacloud-go/debug v1.0.0` - `github.com/alibabacloud-go/endpoint-util v1.1.1` - `github.com/alibabacloud-go/openapi-util v0.1.0` - `github.com/alibabacloud-go/tea v1.2.1` - `github.com/alibabacloud-go/tea-utils v1.4.5` - `github.com/alibabacloud-go/tea-xml v1.1.3` - `github.com/aliyun/credentials-go v1.3.2` - `github.com/antlr4-go/antlr/v4 v4.13.1` - `github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2@a9d515a09cc2` - `github.com/aws/aws-sdk-go v1.55.8` - `github.com/aws/aws-sdk-go-v2 v1.41.4` - `github.com/aws/aws-sdk-go-v2/config v1.32.12` - `github.com/aws/aws-sdk-go-v2/credentials v1.19.12` - `github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20` - `github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20` - `github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20` - `github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6` - `github.com/aws/aws-sdk-go-v2/service/ecr v1.45.1` - `github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.33.2` - `github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7` - `github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20` - `github.com/aws/aws-sdk-go-v2/service/kms v1.50.3` - `github.com/aws/aws-sdk-go-v2/service/signin v1.0.8` - `github.com/aws/aws-sdk-go-v2/service/sso v1.30.13` - `github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17` - `github.com/aws/aws-sdk-go-v2/service/sts v1.41.9` - `github.com/aws/smithy-go v1.24.2` - `github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.10.1` - `github.com/beorn7/perks v1.0.1` - `github.com/blendle/zapdriver v1.3.1` - `github.com/cenkalti/backoff/v4 v4.3.0` - `github.com/cenkalti/backoff/v5 v5.0.3` - `github.com/census-instrumentation/opencensus-proto v0.4.1` - `github.com/cespare/xxhash/v2 v2.3.0` - `github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589@82a0ddb27589` - `github.com/clbanning/mxj/v2 v2.7.0` - `github.com/clipperhouse/uax29/v2 v2.6.0` - `github.com/cloudevents/sdk-go/v2 v2.16.1` - `github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5@ee656c7534f5` - `github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be@734e95fb86be` - `github.com/containerd/stargz-snapshotter/estargz v0.18.1` - `github.com/coreos/go-oidc/v3 v3.17.0` - `github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467@19d51d7fe467` - `github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc@d8f796af33cc` - `github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352@3a137a874352` - `github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7@220c5c2851b7` - `github.com/dimchansky/utfbom v1.1.1` - `github.com/docker/distribution v2.8.3+incompatible` - `github.com/docker/docker-credential-helpers v0.9.3` - `github.com/dustin/go-humanize v1.0.1` - `github.com/eapache/go-resiliency v1.7.0` - `github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3@c322873962e3` - `github.com/eapache/queue v1.1.0` - `github.com/edwarnicke/gitoid v0.0.0-20220710194850-1be5bfda1f9d@1be5bfda1f9d` - `github.com/emicklei/go-restful/v3 v3.12.2` - `github.com/envoyproxy/go-control-plane/envoy v1.36.0` - `github.com/envoyproxy/protoc-gen-validate v1.3.0` - `github.com/evanphx/json-patch v5.9.0+incompatible` - `github.com/evanphx/json-patch/v5 v5.9.11` - `github.com/felixge/httpsnoop v1.0.4` - `github.com/fsnotify/fsnotify v1.9.0` - `github.com/fxamacker/cbor/v2 v2.9.0` - `github.com/gdamore/encoding v1.0.0` - `github.com/gdamore/tcell/v2 v2.6.0` - `github.com/go-chi/chi/v5 v5.2.5` - `github.com/go-errors/errors v1.4.2` - `github.com/go-jose/go-jose/v4 v4.1.4` - `github.com/go-kit/log v0.2.1` - `github.com/go-logfmt/logfmt v0.6.0` - `github.com/go-logr/logr v1.4.3` - `github.com/go-logr/stdr v1.2.2` - `github.com/go-openapi/analysis v0.24.3` - `github.com/go-openapi/errors v0.22.7` - `github.com/go-openapi/jsonpointer v0.22.5` - `github.com/go-openapi/jsonreference v0.21.5` - `github.com/go-openapi/loads v0.23.3` - `github.com/go-openapi/runtime v0.29.3` - `github.com/go-openapi/spec v0.22.4` - `github.com/go-openapi/strfmt v0.26.1` - `github.com/go-openapi/swag v0.25.5` - `github.com/go-openapi/swag/cmdutils v0.25.5` - `github.com/go-openapi/swag/conv v0.25.5` - `github.com/go-openapi/swag/fileutils v0.25.5` - `github.com/go-openapi/swag/jsonname v0.25.5` - `github.com/go-openapi/swag/jsonutils v0.25.5` - `github.com/go-openapi/swag/loading v0.25.5` - `github.com/go-openapi/swag/mangling v0.25.5` - `github.com/go-openapi/swag/netutils v0.25.5` - `github.com/go-openapi/swag/stringutils v0.25.5` - `github.com/go-openapi/swag/typeutils v0.25.5` - `github.com/go-openapi/swag/yamlutils v0.25.5` - `github.com/go-openapi/validate v0.25.2` - `github.com/go-viper/mapstructure/v2 v2.5.0` - `github.com/gogo/protobuf v1.3.2` - `github.com/golang-jwt/jwt/v4 v4.5.2` - `github.com/golang-jwt/jwt/v5 v5.3.0` - `github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8@2c02b8208cf8` - `github.com/golang/protobuf v1.5.4` - `github.com/golang/snappy v1.0.0` - `github.com/google/btree v1.1.3` - `github.com/google/cel-go v0.26.1` - `github.com/google/certificate-transparency-go v1.3.2` - `github.com/google/gnostic-models v0.7.0` - `github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20240108195214-a0658aa1d0cc@a0658aa1d0cc` - `github.com/google/go-containerregistry/pkg/authn/kubernetes v0.0.0-20240108195214-a0658aa1d0cc@a0658aa1d0cc` - `github.com/google/go-github/v73 v73.0.0` - `github.com/google/go-querystring v1.1.0` - `github.com/google/s2a-go v0.1.9` - `github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510@e7afc7fbc510` - `github.com/google/uuid v1.6.0` - `github.com/google/wire v0.6.0` - `github.com/googleapis/enterprise-certificate-proxy v0.3.14` - `github.com/googleapis/gax-go/v2 v2.19.0` - `github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674@e064f32e3674` - `github.com/grafeas/grafeas v0.2.3` - `github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79@901d90724c79` - `github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.4` - `github.com/hashicorp/errwrap v1.1.0` - `github.com/hashicorp/go-cleanhttp v0.5.2` - `github.com/hashicorp/go-multierror v1.1.1` - `github.com/hashicorp/go-retryablehttp v0.7.8` - `github.com/hashicorp/go-rootcerts v1.0.2` - `github.com/hashicorp/go-secure-stdlib/parseutil v0.2.0` - `github.com/hashicorp/go-secure-stdlib/strutil v0.1.2` - `github.com/hashicorp/go-sockaddr v1.0.7` - `github.com/hashicorp/go-uuid v1.0.3` - `github.com/hashicorp/golang-lru v1.0.2` - `github.com/hashicorp/hcl v1.0.1-vault-7` - `github.com/hashicorp/vault/api v1.22.0` - `github.com/imdario/mergo v0.3.16` - `github.com/in-toto/archivista v0.10.0` - `github.com/in-toto/attestation v1.1.2` - `github.com/in-toto/go-witness v0.9.1` - `github.com/in-toto/in-toto-golang v0.11.0` - `github.com/inconshreveable/mousetrap v1.1.0` - `github.com/jcmturner/aescts/v2 v2.0.0` - `github.com/jcmturner/dnsutils/v2 v2.0.0` - `github.com/jcmturner/gofork v1.7.6` - `github.com/jcmturner/gokrb5/v8 v8.4.4` - `github.com/jcmturner/rpc/v2 v2.0.3` - `github.com/jedisct1/go-minisign v0.0.0-20230811132847-661be99b8267@661be99b8267` - `github.com/jellydator/ttlcache/v3 v3.4.0` - `github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24@b0104c826a24` - `github.com/joho/godotenv v1.5.1` - `github.com/json-iterator/go v1.1.12` - `github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51@95032a82bc51` - `github.com/kelseyhightower/envconfig v1.4.0` - `github.com/klauspost/compress v1.18.1` - `github.com/ktr0731/go-ansisgr v0.1.0` - `github.com/kylelemons/godebug v1.1.0` - `github.com/letsencrypt/boulder v0.20260223.0` - `github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de@89fcab3d43de` - `github.com/lucasb-eyer/go-colorful v1.2.0` - `github.com/mattn/go-colorable v0.1.14` - `github.com/mattn/go-isatty v0.0.20` - `github.com/mattn/go-runewidth v0.0.19` - `github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d@d51e80ef957d` - `github.com/miekg/pkcs11 v1.1.1` - `github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c@8508981c8b6c` - `github.com/moby/term v0.5.2` - `github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd@bacd9c7ef1dd` - `github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee@35a7c28c31ee` - `github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00@205db1a8cc00` - `github.com/montanaflynn/stats v0.7.1` - `github.com/mozillazg/docker-credential-acr-helper v0.4.0` - `github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822@a7dc8b61c822` - `github.com/natefinch/atomic v1.0.1` - `github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481@2ea982251481` - `github.com/nsf/termbox-go v1.1.1` - `github.com/oklog/ulid/v2 v2.1.1` - `github.com/opencontainers/go-digest v1.0.0` - `github.com/opencontainers/image-spec v1.1.1` - `github.com/openzipkin/zipkin-go v0.4.3` - `github.com/pelletier/go-toml/v2 v2.2.4` - `github.com/peterbourgon/diskv v2.0.1+incompatible` - `github.com/pierrec/lz4/v4 v4.1.22` - `github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c@5ac0b6a4141c` - `github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10@0393e58bdf10` - `github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2@5d4384ee4fb2` - `github.com/prometheus/client_golang v1.23.2` - `github.com/prometheus/client_model v0.6.2` - `github.com/prometheus/common v0.67.5` - `github.com/prometheus/procfs v0.17.0` - `github.com/prometheus/statsd_exporter v0.22.7` - `github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9@65e299d6c5c9` - `github.com/russross/blackfriday v1.6.0` - `github.com/ryanuber/go-glob v1.0.0` - `github.com/sagikazarmark/locafero v0.11.0` - `github.com/sassoftware/relic v7.2.1+incompatible` - `github.com/secure-systems-lab/go-securesystemslib v0.10.0` - `github.com/shibumi/go-pathspec v1.3.0` - `github.com/sigstore/fulcio v1.8.5` - `github.com/sigstore/protobuf-specs v0.5.0` - `github.com/sigstore/rekor v1.5.0` - `github.com/sigstore/rekor-tiles/v2 v2.0.1` - `github.com/sigstore/sigstore-go v1.1.4` - `github.com/sigstore/sigstore/pkg/signature/kms/aws v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/azure v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.10.5` - `github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.10.5` - `github.com/sigstore/timestamp-authority/v2 v2.0.6` - `github.com/sirupsen/logrus v1.9.4` - `github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8@5f936abd7ae8` - `github.com/spf13/afero v1.15.0` - `github.com/spf13/cast v1.10.0` - `github.com/spf13/viper v1.21.0` - `github.com/spiffe/go-spiffe/v2 v2.6.0` - `github.com/stoewer/go-strcase v1.3.1` - `github.com/subosito/gotenv v1.6.0` - `github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d@126854af5e6d` - `github.com/thales-e-security/pool v0.0.2` - `github.com/theupdateframework/go-tuf/v2 v2.4.1` - `github.com/tidwall/gjson v1.14.2` - `github.com/tidwall/match v1.1.1` - `github.com/tidwall/pretty v1.2.0` - `github.com/tidwall/sjson v1.2.5` - `github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399@afe73141d399` - `github.com/tjfoc/gmsm v1.4.1` - `github.com/transparency-dev/formats v0.0.0-20251017110053-404c0d5b696c@404c0d5b696c` - `github.com/transparency-dev/merkle v0.0.2` - `github.com/vbatts/tar-split v0.12.2` - `github.com/x448/float16 v0.8.4` - `github.com/xdg-go/pbkdf2 v1.0.0` - `github.com/xdg-go/scram v1.1.2` - `github.com/xdg-go/stringprep v1.0.4` - `github.com/xlab/treeprint v1.2.0` - `github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78@a2c0da244d78` - `gitlab.com/gitlab-org/api/client-go v0.143.3` - `go.mongodb.org/mongo-driver v1.17.6` - `go.opentelemetry.io/auto/sdk v1.2.1` - `go.opentelemetry.io/contrib/detectors/gcp v1.39.0` - `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0` - `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0` - `go.opentelemetry.io/otel v1.43.0` - `go.opentelemetry.io/otel/metric v1.43.0` - `go.opentelemetry.io/otel/sdk v1.43.0` - `go.opentelemetry.io/otel/sdk/metric v1.43.0` - `go.opentelemetry.io/otel/trace v1.43.0` - `go.starlark.net v0.0.0-20230525235612-a134d8f9ddca@a134d8f9ddca` - `go.step.sm/crypto v0.77.2` - `go.yaml.in/yaml/v2 v2.4.3` - `go.yaml.in/yaml/v3 v3.0.4` - `goa.design/goa/v3 v3.23.4` - `gocloud.dev v0.43.0` - `gocloud.dev/docstore/mongodocstore v0.43.0` - `gocloud.dev/pubsub/kafkapubsub v0.43.0` - `golang.org/x/crypto v0.50.0` - `golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b@b7579e27df2b` - `golang.org/x/mod v0.34.0` - `golang.org/x/net v0.53.0` - `golang.org/x/oauth2 v0.36.0` - `golang.org/x/sync v0.20.0` - `golang.org/x/sys v0.43.0` - `golang.org/x/text v0.36.0` - `golang.org/x/time v0.15.0` - `golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da@7835f813f4da` - `gomodules.xyz/jsonpatch/v2 v2.5.0` - `google.golang.org/api v0.272.0` - `google.golang.org/genproto v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/genproto/googleapis/api v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/genproto/googleapis/rpc v0.0.0-20260316180232-0b37fe3546d5@0b37fe3546d5` - `google.golang.org/grpc v1.80.0` - `google.golang.org/protobuf v1.36.11` - `gopkg.in/evanphx/json-patch.v4 v4.12.0` - `gopkg.in/inf.v0 v0.9.1` - `gopkg.in/ini.v1 v1.67.1` - `gopkg.in/yaml.v2 v2.4.0` - `k8s.io/apiextensions-apiserver v0.32.8` - `k8s.io/klog/v2 v2.130.1` - `k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b@f3f2b991d03b` - `k8s.io/utils v0.0.0-20250820121507-0af2bda4dd1d@0af2bda4dd1d` - `knative.dev/eventing v0.30.3` - `knative.dev/networking v0.0.0-20231017124814-2a7676e912b7@2a7676e912b7` - `knative.dev/serving v0.39.4` - `sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8@cfa47c3a1cc8` - `sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3@6ce0bf390ce3` - `sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3@6ce0bf390ce3` - `sigs.k8s.io/randfill v1.0.0` - `sigs.k8s.io/release-utils v0.12.4` - `sigs.k8s.io/structured-merge-diff/v6 v6.3.0` - `github.com/alaudadevops/timestamp-authority v1.2.10-alauda.3` - `github.com/AlaudaDevops/pipeline v1.0.3-alauda.1` </details> <details><summary>tools/go.mod</summary> - `go 1.26.4` - `github.com/golangci/golangci-lint v1.64.8` - `4d63.com/gocheckcompilerdirectives v1.3.0` - `4d63.com/gochecknoglobals v0.2.2` - `github.com/4meepo/tagalign v1.4.2` - `github.com/Abirdcfly/dupword v0.1.3` - `github.com/Antonboom/errname v1.0.0` - `github.com/Antonboom/nilnil v1.0.1` - `github.com/Antonboom/testifylint v1.5.2` - `github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c@a339e1f7089c` - `github.com/Crocmagnon/fatcontext v0.7.1` - `github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24@aea10b59be24` - `github.com/GaijinEntertainment/go-exhaustruct/v3 v3.3.1` - `github.com/Masterminds/semver/v3 v3.3.0` - `github.com/OpenPeeDeeP/depguard/v2 v2.2.1` - `github.com/alecthomas/go-check-sumtype v0.3.1` - `github.com/alexkohler/nakedret/v2 v2.0.5` - `github.com/alexkohler/prealloc v1.0.0` - `github.com/alingse/asasalint v0.0.11` - `github.com/alingse/nilnesserr v0.1.2` - `github.com/ashanbrown/forbidigo v1.6.0` - `github.com/ashanbrown/makezero v1.2.0` - `github.com/beorn7/perks v1.0.1` - `github.com/bkielbasa/cyclop v1.2.3` - `github.com/blizzy78/varnamelen v0.8.0` - `github.com/bombsimon/wsl/v4 v4.5.0` - `github.com/breml/bidichk v0.3.2` - `github.com/breml/errchkjson v0.4.0` - `github.com/butuzov/ireturn v0.3.1` - `github.com/butuzov/mirror v1.3.0` - `github.com/catenacyber/perfsprint v0.8.2` - `github.com/ccojocar/zxcvbn-go v1.0.2` - `github.com/cespare/xxhash/v2 v2.3.0` - `github.com/charithe/durationcheck v0.0.10` - `github.com/chavacava/garif v0.1.0` - `github.com/ckaznocha/intrange v0.3.0` - `github.com/curioswitch/go-reassign v0.3.0` - `github.com/daixiang0/gci v0.13.5` - `github.com/davecgh/go-spew v1.1.1` - `github.com/denis-tingaikin/go-header v0.5.0` - `github.com/ettle/strcase v0.2.0` - `github.com/fatih/color v1.18.0` - `github.com/fatih/structtag v1.2.0` - `github.com/firefart/nonamedreturns v1.0.5` - `github.com/fsnotify/fsnotify v1.5.4` - `github.com/fzipp/gocyclo v0.6.0` - `github.com/ghostiam/protogetter v0.3.9` - `github.com/go-critic/go-critic v0.12.0` - `github.com/go-toolsmith/astcast v1.1.0` - `github.com/go-toolsmith/astcopy v1.1.0` - `github.com/go-toolsmith/astequal v1.2.0` - `github.com/go-toolsmith/astfmt v1.1.0` - `github.com/go-toolsmith/astp v1.1.0` - `github.com/go-toolsmith/strparse v1.1.0` - `github.com/go-toolsmith/typep v1.1.0` - `github.com/go-viper/mapstructure/v2 v2.4.0` - `github.com/go-xmlfmt/xmlfmt v1.1.3` - `github.com/gobwas/glob v0.2.3` - `github.com/gofrs/flock v0.12.1` - `github.com/golang/protobuf v1.5.3` - `github.com/golangci/dupl v0.0.0-20250308024227-f665c8d69b32@f665c8d69b32` - `github.com/golangci/go-printf-func-name v0.1.0` - `github.com/golangci/gofmt v0.0.0-20250106114630-d62b90e6713d@d62b90e6713d` - `github.com/golangci/misspell v0.6.0` - `github.com/golangci/plugin-module-register v0.1.1` - `github.com/golangci/revgrep v0.8.0` - `github.com/golangci/unconvert v0.0.0-20240309020433-c5143eacb3ed@c5143eacb3ed` - `github.com/google/go-cmp v0.7.0` - `github.com/gordonklaus/ineffassign v0.1.0` - `github.com/gostaticanalysis/analysisutil v0.7.1` - `github.com/gostaticanalysis/comment v1.5.0` - `github.com/gostaticanalysis/forcetypeassert v0.2.0` - `github.com/gostaticanalysis/nilerr v0.1.1` - `github.com/hashicorp/go-immutable-radix/v2 v2.1.0` - `github.com/hashicorp/go-version v1.7.0` - `github.com/hashicorp/golang-lru/v2 v2.0.7` - `github.com/hashicorp/hcl v1.0.0` - `github.com/hexops/gotextdiff v1.0.3` - `github.com/inconshreveable/mousetrap v1.1.0` - `github.com/jgautheron/goconst v1.7.1` - `github.com/jingyugao/rowserrcheck v1.1.1` - `github.com/jjti/go-spancheck v0.6.4` - `github.com/julz/importas v0.2.0` - `github.com/karamaru-alpha/copyloopvar v1.2.1` - `github.com/kisielk/errcheck v1.9.0` - `github.com/kkHAIKE/contextcheck v1.1.6` - `github.com/kulti/thelper v0.6.3` - `github.com/kunwardeep/paralleltest v1.0.10` - `github.com/lasiar/canonicalheader v1.1.2` - `github.com/ldez/exptostd v0.4.2` - `github.com/ldez/gomoddirectives v0.6.1` - `github.com/ldez/grignotin v0.9.0` - `github.com/ldez/tagliatelle v0.7.1` - `github.com/ldez/usetesting v0.4.2` - `github.com/leonklingele/grouper v1.1.2` - `github.com/macabu/inamedparam v0.1.3` - `github.com/magiconair/properties v1.8.6` - `github.com/maratori/testableexamples v1.0.0` - `github.com/maratori/testpackage v1.1.1` - `github.com/matoous/godox v1.1.0` - `github.com/mattn/go-colorable v0.1.14` - `github.com/mattn/go-isatty v0.0.20` - `github.com/mattn/go-runewidth v0.0.16` - `github.com/matttproud/golang_protobuf_extensions v1.0.1` - `github.com/mgechev/revive v1.7.0` - `github.com/mitchellh/go-homedir v1.1.0` - `github.com/mitchellh/mapstructure v1.5.0` - `github.com/moricho/tparallel v0.3.2` - `github.com/nakabonne/nestif v0.3.1` - `github.com/nishanths/exhaustive v0.12.0` - `github.com/nishanths/predeclared v0.2.2` - `github.com/nunnatsa/ginkgolinter v0.19.1` - `github.com/olekukonko/tablewriter v0.0.5` - `github.com/pelletier/go-toml v1.9.5` - `github.com/pelletier/go-toml/v2 v2.2.3` - `github.com/pmezard/go-difflib v1.0.0` - `github.com/polyfloyd/go-errorlint v1.7.1` - `github.com/prometheus/client_golang v1.12.1` - `github.com/prometheus/client_model v0.2.0` - `github.com/prometheus/common v0.32.1` - `github.com/prometheus/procfs v0.7.3` - `github.com/quasilyte/go-ruleguard v0.4.3-0.20240823090925-0fe6f58b47b1@0fe6f58b47b1` - `github.com/quasilyte/go-ruleguard/dsl v0.3.22` - `github.com/quasilyte/gogrep v0.5.0` - `github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727@b3f0c404a727` - `github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567@f7386bf02567` - `github.com/raeperd/recvcheck v0.2.0` - `github.com/rivo/uniseg v0.4.7` - `github.com/rogpeppe/go-internal v1.14.1` - `github.com/ryancurrah/gomodguard v1.3.5` - `github.com/ryanrolds/sqlclosecheck v0.5.1` - `github.com/sanposhiho/wastedassign/v2 v2.1.0` - `github.com/santhosh-tekuri/jsonschema/v6 v6.0.1` - `github.com/sashamelentyev/interfacebloat v1.1.0` - `github.com/sashamelentyev/usestdlibvars v1.28.0` - `github.com/securego/gosec/v2 v2.22.2` - `github.com/sirupsen/logrus v1.9.3` - `github.com/sivchari/containedctx v1.0.3` - `github.com/sivchari/tenv v1.12.1` - `github.com/sonatard/noctx v0.1.0` - `github.com/sourcegraph/go-diff v0.7.0` - `github.com/spf13/afero v1.12.0` - `github.com/spf13/cast v1.5.0` - `github.com/spf13/cobra v1.9.1` - `github.com/spf13/jwalterweatherman v1.1.0` - `github.com/spf13/pflag v1.0.6` - `github.com/spf13/viper v1.12.0` - `github.com/ssgreg/nlreturn/v2 v2.2.1` - `github.com/stbenjam/no-sprintf-host-port v0.2.0` - `github.com/stretchr/objx v0.5.2` - `github.com/stretchr/testify v1.10.0` - `github.com/subosito/gotenv v1.4.1` - `github.com/tdakkota/asciicheck v0.4.1` - `github.com/tetafro/godot v1.5.0` - `github.com/timakin/bodyclose v0.0.0-20241017074812-ed6a65f985e3@ed6a65f985e3` - `github.com/timonwong/loggercheck v0.10.1` - `github.com/tomarrell/wrapcheck/v2 v2.10.0` - `github.com/tommy-muehle/go-mnd/v2 v2.5.1` - `github.com/ultraware/funlen v0.2.0` - `github.com/ultraware/whitespace v0.2.0` - `github.com/uudashr/gocognit v1.2.0` - `github.com/uudashr/iface v1.3.1` - `github.com/xen0n/gosmopolitan v1.2.2` - `github.com/yagipy/maintidx v1.0.0` - `github.com/yeya24/promlinter v0.3.0` - `github.com/ykadowak/zerologlint v0.1.5` - `gitlab.com/bosi/decorder v0.4.2` - `go-simpler.org/musttag v0.13.0` - `go-simpler.org/sloglint v0.9.0` - `go.uber.org/atomic v1.7.0` - `go.uber.org/automaxprocs v1.6.0` - `go.uber.org/multierr v1.6.0` - `go.uber.org/zap v1.24.0` - `golang.org/x/exp/typeparams v0.0.0-20250210185358-939b2ce775ac@939b2ce775ac` - `golang.org/x/mod v0.24.0` - `golang.org/x/sync v0.12.0` - `golang.org/x/sys v0.31.0` - `golang.org/x/text v0.22.0` - `golang.org/x/tools v0.31.0` - `google.golang.org/protobuf v1.36.5` - `gopkg.in/ini.v1 v1.67.0` - `gopkg.in/yaml.v2 v2.4.0` - `gopkg.in/yaml.v3 v3.0.1` - `honnef.co/go/tools v0.6.1` - `mvdan.cc/gofumpt v0.7.0` - `mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f@8a5130ca722f` </details> </blockquote> </details> </blockquote> </details> <details><summary>Branch alauda-v0.43.0</summary> <blockquote> <details><summary>gomod</summary> <blockquote> <details><summary>go.mod</summary> - `go 1.26.4` - `github.com/AlecAivazis/survey/v2 v2.3.7` - `github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2@73e0943537d2` - `github.com/blang/semver v3.5.1+incompatible` - `github.com/cpuguy83/go-md2man v1.0.10` - `github.com/creack/pty v1.1.24` - `github.com/docker/cli v29.3.0+incompatible` - `github.com/fatih/color v1.18.0` - `github.com/google/go-cmp v0.7.0` - `github.com/google/go-containerregistry v0.21.3` - `github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b@5c1018a4e16b` - `github.com/hinshun/vt10x v0.0.0-20220228203356-1ab2cad5fd82@1ab2cad5fd82` - `github.com/jonboulle/clockwork v0.5.0` - `github.com/ktr0731/go-fuzzyfinder v0.9.0` - `github.com/mitchellh/go-homedir v1.1.0` - `github.com/pkg/errors v0.9.1` - `github.com/sigstore/cosign/v2 v2.6.2` - `github.com/sigstore/sigstore v1.10.5` - `github.com/spf13/cobra v1.10.2` - `github.com/spf13/pflag v1.0.10` - `github.com/tektoncd/chains v0.26.0` </details> </blockquote> </details> </blockquote> </details> --- - [ ] <!-- manual job -->Check this box to trigger a request for Renovate to run again on this repository
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Repository problems
Renovate tried to run on this repository, but found these problems.
Ignored or Blocked
These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.
Vulnerabilities
22/26CVEs have Renovate fixes.gomod
Detected dependencies
Note
Detected dependencies section has been truncated
Branch alauda-v0.34.0
Branch alauda-v0.41.1
Branch alauda-v0.43.0