Bump github.com/sigstore/cosign/v2 from 2.4.0 to 2.4.1 (#232)

Bumps [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) from 2.4.0 to 2.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign/releases">github.com/sigstore/cosign/v2's releases</a>.</em></p> <blockquote> <h2>v2.4.1</h2> <h2>Changelog</h2> <ul> <li>9a4cfe1aae777984c07ce373d97a65428bbff734 update changelog for v2.4.1 (<a href="https://redirect.github.com/sigstore/cosign/issues/3896">#3896</a>)</li> <li>0bd0d91ff5532e6774c312d0d88d87b21b8ae267 chore(deps): bump actions/checkout in the actions group (<a href="https://redirect.github.com/sigstore/cosign/issues/3893">#3893</a>)</li> <li>66af64ef9515a05ef609b5c20e9c3f8254e5f562 chore(deps): bump github.com/theupdateframework/go-tuf/v2 (<a href="https://redirect.github.com/sigstore/cosign/issues/3895">#3895</a>)</li> <li>677a262c3205c7bf8612f30b7b44bdf51bd68bac bump scaffolding release to v0.7.11 (<a href="https://redirect.github.com/sigstore/cosign/issues/3887">#3887</a>)</li> <li>77f71e0d7470e31ed4ed5653fe5a7c8e3b283606 Update README.md (<a href="https://redirect.github.com/sigstore/cosign/issues/3886">#3886</a>)</li> <li>43933130d2cae41d333e5148c54fc2fb7e77e712 Fix bug in attest-blob when using a timestamp authority with new bundles (<a href="https://redirect.github.com/sigstore/cosign/issues/3877">#3877</a>)</li> <li>081dea1918e9536c1fe233aa2596301381967b3b fix: documentation link for installation guide (<a href="https://redirect.github.com/sigstore/cosign/issues/3884">#3884</a>)</li> <li>780780b11e0998512c034317fd7e98776153e59d chore(deps): bump github.com/xanzy/go-gitlab from 0.108.0 to 0.109.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3867">#3867</a>)</li> <li>dee0b23f97cf9cc48a0edf985301c64014c984e0 chore(deps): bump github.com/buildkite/agent/v3 from 3.79.0 to 3.81.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3874">#3874</a>)</li> <li>4ffbf5f681dc94cf3cb7b57aa95a97f6d8e0c72d update to use go1.22.7 and golangci-lint (<a href="https://redirect.github.com/sigstore/cosign/issues/3864">#3864</a>)</li> <li>4c35ffc40d58e09b89c24342024a0d15b2c756d5 chore(deps): bump github.com/sigstore/sigstore-go from 0.6.0 to 0.6.1 (<a href="https://redirect.github.com/sigstore/cosign/issues/3863">#3863</a>)</li> <li>081ad98a526de15a16ff2c0b2b25281e1eaeb05f use go1.22.6 to build cosign (<a href="https://redirect.github.com/sigstore/cosign/issues/3862">#3862</a>)</li> <li>f90977c9f881cf6e0023391ea982440296c41979 chore(deps): bump github.com/open-policy-agent/opa from 0.67.1 to 0.68.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3861">#3861</a>)</li> <li>c1e508521d73805569b86f245fa35e74c0f607f5 chore(deps): bump google.golang.org/api from 0.194.0 to 0.195.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3860">#3860</a>)</li> <li>42fd5f2161f7e0cfd2f0abd6adcc7aa9e8fdc571 chore(deps): bump github.com/mozillazg/docker-credential-acr-helper (<a href="https://redirect.github.com/sigstore/cosign/issues/3859">#3859</a>)</li> <li>4beb7f49ff2b0957804b6dafc87a06edfe7b416b chore(deps): bump github.com/buildkite/agent/v3 from 3.78.0 to 3.79.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3858">#3858</a>)</li> <li>247c9dcb8d7af3702deedde50f9b84ecfbde69db chore(deps): bump go.step.sm/crypto in the gomod group (<a href="https://redirect.github.com/sigstore/cosign/issues/3857">#3857</a>)</li> <li>842d3cc86c35198aa74fda496e003721f75ea482 chore(deps): bump actions/upload-artifact in the actions group (<a href="https://redirect.github.com/sigstore/cosign/issues/3856">#3856</a>)</li> <li>8defb0e72baa6c0385f4097723a3574e6d0406d0 chore(deps): bump google.golang.org/api from 0.192.0 to 0.194.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3852">#3852</a>)</li> <li>fe71244d19c12561dc88cce662959ffcfff2d29a chore(deps): bump github.com/xanzy/go-gitlab from 0.107.0 to 0.108.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3851">#3851</a>)</li> <li>84e979df87efd744c97d051c8f64fc47a84645d9 chore(deps): bump the actions group across 1 directory with 3 updates (<a href="https://redirect.github.com/sigstore/cosign/issues/3853">#3853</a>)</li> <li>198b8e497292009deb5e657973a302954d061734 chore(deps): bump github.com/buildkite/agent/v3 from 3.77.0 to 3.78.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3850">#3850</a>)</li> <li>282070958f0b92bbf8d0547e3bb85e13ef32031e chore(deps): bump github.com/sigstore/fulcio in the gomod group (<a href="https://redirect.github.com/sigstore/cosign/issues/3848">#3848</a>)</li> <li>d712844a0677cb07bfadbca6f8e937dd4f47ea63 add oss-fuzz build script, seeds and dictionaries (<a href="https://redirect.github.com/sigstore/cosign/issues/3843">#3843</a>)</li> <li>8a4f39046605e0072cda5da67a457fcb57b5e767 chore(deps): bump github.com/sigstore/fulcio from 1.5.1 to 1.6.2 (<a href="https://redirect.github.com/sigstore/cosign/issues/3839">#3839</a>)</li> <li>be4cdc231b5264cb62b2f9d03354900165e04cae chore(deps): bump google.golang.org/api from 0.191.0 to 0.192.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3837">#3837</a>)</li> <li>30c1d0f53bf9d646fe5d97c98c69dd4c16fad986 chore(deps): bump github.com/sigstore/sigstore-go from 0.5.1 to 0.6.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3840">#3840</a>)</li> <li>9c0c81cba077a75dcdc137f735e4721cd0ad7538 fuzzing: add fuzzers for multiple packages (<a href="https://redirect.github.com/sigstore/cosign/issues/3834">#3834</a>)</li> <li>3694644fdcb3502770658f12167404f225695c15 chore(deps): bump the gomod group with 2 updates (<a href="https://redirect.github.com/sigstore/cosign/issues/3824">#3824</a>)</li> <li>182f64b3d7ce0be64bbbd74f31f287d409802020 chore(deps): bump github.com/buildkite/agent/v3 from 3.76.2 to 3.77.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3828">#3828</a>)</li> <li>fa128457108cfb1c4f49f953fdf1818e34857003 chore(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3825">#3825</a>)</li> <li>cddce0f1edc5c398ee63433b1e254b548b2c2782 chore(deps): bump google.golang.org/api from 0.190.0 to 0.191.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3830">#3830</a>)</li> <li>e99c1a536e595ce72c236ed11dc1acaaa3dca395 chore(deps): bump github.com/docker/docker (<a href="https://redirect.github.com/sigstore/cosign/issues/3823">#3823</a>)</li> <li>b23586d6390d6a48ba4789848fe6ad89710afb7f Add changelog for v2.4.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3821">#3821</a>)</li> <li>cb338e9f788f7105f51ad153825ce2b5b39663d9 Add missing permission to push containers (<a href="https://redirect.github.com/sigstore/cosign/issues/3822">#3822</a>)</li> </ul> <h3>Thanks to all contributors!</h3> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign/blob/main/CHANGELOG.md">github.com/sigstore/cosign/v2's changelog</a>.</em></p> <blockquote> <h1>v2.4.1</h1> <p>v2.4.1 largely contains bug fixes and updates dependencies.</p> <h2>Features</h2> <ul> <li>Added fuzzing coverage to multiple packages</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Fix bug in attest-blob when using a timestamp authority with new bundles (<a href="https://redirect.github.com/sigstore/cosign/issues/3877">#3877</a>)</li> <li>fix: documentation link for installation guide (<a href="https://redirect.github.com/sigstore/cosign/issues/3884">#3884</a>)</li> </ul> <h2>Contributors</h2> <ul> <li>AdamKorcz</li> <li>Bob Callaway</li> <li>Carlos Tadeu Panato Junior</li> <li>Hayden B</li> <li>Hemil K</li> <li>Sota Sugiura</li> <li>Zach Steindler</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign/commit/9a4cfe1aae777984c07ce373d97a65428bbff734"><code>9a4cfe1</code></a> update changelog for v2.4.1 (<a href="https://redirect.github.com/sigstore/cosign/issues/3896">#3896</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/0bd0d91ff5532e6774c312d0d88d87b21b8ae267"><code>0bd0d91</code></a> chore(deps): bump actions/checkout in the actions group (<a href="https://redirect.github.com/sigstore/cosign/issues/3893">#3893</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/66af64ef9515a05ef609b5c20e9c3f8254e5f562"><code>66af64e</code></a> chore(deps): bump github.com/theupdateframework/go-tuf/v2 (<a href="https://redirect.github.com/sigstore/cosign/issues/3895">#3895</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/677a262c3205c7bf8612f30b7b44bdf51bd68bac"><code>677a262</code></a> bump scaffolding release to v0.7.11 (<a href="https://redirect.github.com/sigstore/cosign/issues/3887">#3887</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/77f71e0d7470e31ed4ed5653fe5a7c8e3b283606"><code>77f71e0</code></a> Update README.md (<a href="https://redirect.github.com/sigstore/cosign/issues/3886">#3886</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/43933130d2cae41d333e5148c54fc2fb7e77e712"><code>4393313</code></a> Fix bug in attest-blob when using a timestamp authority with new bundles (<a href="https://redirect.github.com/sigstore/cosign/issues/3877">#3877</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/081dea1918e9536c1fe233aa2596301381967b3b"><code>081dea1</code></a> fix: documentation link for installation guide (<a href="https://redirect.github.com/sigstore/cosign/issues/3884">#3884</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/780780b11e0998512c034317fd7e98776153e59d"><code>780780b</code></a> chore(deps): bump github.com/xanzy/go-gitlab from 0.108.0 to 0.109.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3867">#3867</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/dee0b23f97cf9cc48a0edf985301c64014c984e0"><code>dee0b23</code></a> chore(deps): bump github.com/buildkite/agent/v3 from 3.79.0 to 3.81.0 (<a href="https://redirect.github.com/sigstore/cosign/issues/3874">#3874</a>)</li> <li><a href="https://github.com/sigstore/cosign/commit/4ffbf5f681dc94cf3cb7b57aa95a97f6d8e0c72d"><code>4ffbf5f</code></a> update to use go1.22.7 and golangci-lint (<a href="https://redirect.github.com/sigstore/cosign/issues/3864">#3864</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/cosign/compare/v2.4.0...v2.4.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/sigstore/cosign/v2&package-manager=go_modules&previous-version=2.4.0&new-version=2.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
chainguard-dev · Oct 9, 2024 · aae7886 · aae7886
1 parent 3e54caa
commit aae7886
Show file tree

Hide file tree

Showing 2 changed files with 146 additions and 139 deletions.
diff --git a/go.mod b/go.mod
@@ -20,7 +20,7 @@ require (
 	github.com/hashicorp/terraform-plugin-log v0.9.0
 	github.com/hashicorp/terraform-plugin-testing v1.10.0
 	github.com/secure-systems-lab/go-securesystemslib v0.8.0
-	github.com/sigstore/cosign/v2 v2.4.0
+	github.com/sigstore/cosign/v2 v2.4.1
 	github.com/sigstore/fulcio v1.6.4
 	github.com/sigstore/policy-controller v0.10.0
 	github.com/sigstore/rekor v1.3.6
@@ -32,18 +32,18 @@ require (
 
 require (
 	cloud.google.com/go v0.115.1 // indirect
-	cloud.google.com/go/auth v0.9.1 // indirect
+	cloud.google.com/go/auth v0.9.3 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
 	cloud.google.com/go/compute/metadata v0.5.0 // indirect
-	cloud.google.com/go/iam v1.1.13 // indirect
-	cloud.google.com/go/kms v1.18.5 // indirect
-	cloud.google.com/go/longrunning v0.5.12 // indirect
+	cloud.google.com/go/iam v1.2.0 // indirect
+	cloud.google.com/go/kms v1.19.0 // indirect
+	cloud.google.com/go/longrunning v0.6.0 // indirect
 	contrib.go.opencensus.io/exporter/ocagent v0.7.1-0.20200907061046-05415f1de66d // indirect
 	contrib.go.opencensus.io/exporter/prometheus v0.4.2 // indirect
 	cuelang.org/go v0.9.2 // indirect
-	github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 // indirect
+	github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0 // indirect
 	github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.13.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
 	github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.1.0 // indirect
@@ -77,27 +77,27 @@ require (
 	github.com/alibabacloud-go/tea v1.2.1 // indirect
 	github.com/alibabacloud-go/tea-utils v1.4.5 // indirect
 	github.com/alibabacloud-go/tea-xml v1.1.3 // indirect
-	github.com/aliyun/credentials-go v1.3.1 // indirect
+	github.com/aliyun/credentials-go v1.3.2 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aws/aws-sdk-go v1.55.5 // indirect
-	github.com/aws/aws-sdk-go-v2 v1.30.3 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.27.27 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.27 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.30.5 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.27.33 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.32 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ecr v1.24.7 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.21.6 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
-	github.com/aws/aws-sdk-go-v2/service/kms v1.35.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
-	github.com/aws/smithy-go v1.20.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect
+	github.com/aws/aws-sdk-go-v2/service/kms v1.35.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 // indirect
+	github.com/aws/smithy-go v1.20.4 // indirect
 	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8 // indirect
 	github.com/benbjohnson/clock v1.3.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
@@ -158,7 +158,7 @@ require (
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
-	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.3 // indirect
 	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect
@@ -214,12 +214,12 @@ require (
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/mozillazg/docker-credential-acr-helper v0.3.0 // indirect
+	github.com/mozillazg/docker-credential-acr-helper v0.4.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
 	github.com/oklog/run v1.1.0 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
-	github.com/open-policy-agent/opa v0.67.0 // indirect
+	github.com/open-policy-agent/opa v0.68.0 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
@@ -266,7 +266,7 @@ require (
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
-	github.com/xanzy/go-gitlab v0.107.0 // indirect
+	github.com/xanzy/go-gitlab v0.109.0 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/yashtewari/glob-intersection v0.2.0 // indirect
@@ -276,32 +276,32 @@ require (
 	go.abhg.dev/goldmark/frontmatter v0.2.0 // indirect
 	go.mongodb.org/mongo-driver v1.14.0 // indirect
 	go.opencensus.io v0.24.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
-	go.opentelemetry.io/otel v1.28.0 // indirect
-	go.opentelemetry.io/otel/metric v1.28.0 // indirect
-	go.opentelemetry.io/otel/sdk v1.28.0 // indirect
-	go.opentelemetry.io/otel/trace v1.28.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
+	go.opentelemetry.io/otel v1.29.0 // indirect
+	go.opentelemetry.io/otel/metric v1.29.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.29.0 // indirect
+	go.opentelemetry.io/otel/trace v1.29.0 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.26.0 // indirect
+	golang.org/x/crypto v0.27.0 // indirect
 	golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8 // indirect
-	golang.org/x/mod v0.19.0 // indirect
+	golang.org/x/mod v0.20.0 // indirect
 	golang.org/x/net v0.28.0 // indirect
 	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.24.0 // indirect
-	golang.org/x/term v0.23.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/term v0.24.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
 	golang.org/x/time v0.6.0 // indirect
 	golang.org/x/tools v0.23.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/api v0.195.0 // indirect
+	google.golang.org/api v0.196.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto v0.0.0-20240823204242-4ba0660f739c // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240814211410-ddb44dafa142 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240823204242-4ba0660f739c // indirect
-	google.golang.org/grpc v1.65.0 // indirect
+	google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240827150818-7e3bb234dfed // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
+	google.golang.org/grpc v1.66.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect