Bump the all group across 1 directory with 4 updates

[dependabot]

Bumps the all group with 4 updates in the /tools directory: github.com/golangci/golangci-lint, github.com/open-policy-agent/conftest, helm.sh/helm/v3 and sigs.k8s.io/kustomize/kustomize/v5.

Updates github.com/golangci/golangci-lint from 1.63.4 to 1.64.5

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.64.5

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• a43c84c5543785870617ec578d29a3d4fc58b720 build(deps): bump github.com/gostaticanalysis/forcetypeassert from 0.1.0 to 0.2.0 (#5409)
• 4be8bf8053eaef5d8c5aef0a3771c75e16a0d8b7 build(deps): bump github.com/securego/gosec/v2 from 2.22.0 to 2.22.1 (#5410)
• e352220b9c3016dbd40243ce2701fc32fa2654e9 build(deps): bump github.com/tdakkota/asciicheck from 0.3.0 to 0.4.0 (#5411)
• 0a603e49e5e9870f5f9f2035bcbe42cd9620a9d5 fix: add missing new-from-merge-base flag (#5412)

v1.64.4

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• 04aec4f787c25a737641f3d434059880d2af0f53 gci: fix section parsing (#5407)

v1.64.3

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• b8920ddc2352bf2a679c2424db16d2b36c2dbbce build(deps): bump github.com/go-critic/go-critic from 0.11.5 to 0.12.0 (#5400)
• 1a0b85b0ff9f5c90b72a5b20d34dd1620d860181 build(deps): bump github.com/mgechev/revive from 1.6.0 to 1.6.1 (#5399)
• 750e1abb31ec7883586d87e10722645a244317fb build(deps): bump github.com/nunnatsa/ginkgolinter from 0.18.4 to 0.19.0 (#5404)
• 08ae8055872f911072dd2c29b1454fc46a914245 gci: fix standard packages list for go1.24 (#5402)

v1.64.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

... (truncated)

Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.64.5

1. Bug fixes
   • Add missing flag new-from-merge-base-flag
2. Linters bug fixes
   • asciicheck: from 0.3.0 to 0.4.0
   • forcetypeassert: from 0.1.0 to 0.2.0
   • gosec: from 2.22.0 to 2.22.1

v1.64.4

1. Linters bug fixes
   • gci: fix standard packages list for go1.24

v1.64.3

1. Linters bug fixes
   • ginkgolinter: from 0.18.4 to 0.19.0
   • go-critic: from 0.11.5 to 0.12.0
   • revive: from 1.6.0 to 1.6.1
   • gci: fix standard packages list for go1.24
2. Misc.
   • Build Docker images with go1.24

v1.64.2

This is the last minor release of golangci-lint v1. The next release will be golangci-lint v2.

1. Enhancements
   • 🎉 go1.24 support
   • New issues.new-from-merge-base option
   • New run.relative-path-mode option
2. Linters new features
   • copyloopvar: from 1.1.0 to 1.2.1 (support suggested fixes)
   • exptostd: from 0.3.1 to 0.4.1 (handles golang.org/x/exp/constraints.Ordered)
   • fatcontext: from 0.5.3 to 0.7.1 (new option: check-struct-pointers)
   • perfsprint: from 0.7.1 to 0.8.1 (new options: integer-format, error-format, string-format, bool-format, and hex-format)
   • revive: from 1.5.1 to 1.6.0 (new rules: redundant-build-tag, use-errors-new. New option early-return.early-return)
3. Linters bug fixes
   • go-errorlint: from 1.7.0 to 1.7.1
   • gochecknoglobals: from 0.2.1 to 0.2.2
   • godox: from 006bad1f9d26 to 1.1.0
   • gosec: from 2.21.4 to 2.22.0
   • iface: from 1.3.0 to 1.3.1
   • nilnesserr: from 0.1.1 to 0.1.2
   • protogetter: from 0.3.8 to 0.3.9
   • sloglint: from 0.7.2 to 0.9.0
   • spancheck: fix default StartSpanMatchersSlice values
   • staticcheck: from 0.5.1 to 0.6.0

... (truncated)

Commits

• 0a603e4 fix: add missing new-from-merge-base flag (#5412)
• a43c84c build(deps): bump github.com/gostaticanalysis/forcetypeassert from 0.1.0 to 0...
• e352220 build(deps): bump github.com/tdakkota/asciicheck from 0.3.0 to 0.4.0 (#5411)
• 4be8bf8 build(deps): bump github.com/securego/gosec/v2 from 2.22.0 to 2.22.1 (#5410)
• b59bd60 docs: update GitHub Action assets (#5408)
• 04aec4f gci: fix section parsing (#5407)
• 5984eab docs: update GitHub Action assets (#5406)
• 09167d7 dev: update Docker base images (#5405)
• 750e1ab build(deps): bump github.com/nunnatsa/ginkgolinter from 0.18.4 to 0.19.0 (#5404)
• 08ae805 gci: fix standard packages list for go1.24 (#5402)
• Additional commits viewable in compare view

Updates github.com/open-policy-agent/conftest from 0.55.0 to 0.57.0

Release notes

Sourced from github.com/open-policy-agent/conftest's releases.

v0.57.0

Announcements

⚠️ Upcoming Breaking Changes ⚠️

In the May 2025 release of conftest, we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.

• With this release of conftest, users may opt-in to this behavior early by setting the --rego-version flag to v1.
• Individual policies can be updated gradually, by adding import rego.v1 to the policy.
• The rego-version flag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag to v0.

For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.

Changelog

New Features

• eacba23603b16a7b0b517304d13f8b735a8a4142: feat(engine): add query metadata to evaluation results (#1061) (@​thevilledev)
• 5decd1873e4aba2cedf97202545a21e619c56494: feat(parser): handle UTF-8 BOM in JSON input (#1065) (@​thevilledev)
• abad25585b78d45ab896ce836c3477a9c00c77d7: feat: Implement SARIF output (#1042) (@​thevilledev)
• aa9e3c821138704fcb2a240a4825ab322cd42a8f: feat: enable relative jsonnet imports by setting a path-aware importer (@​thevilledev)
• 3f67b78db289d10e77f26a86b1e6b6d701c73bed: feature: Documentation command (#1009) (@​xNok)

Bug Fixes

• 151643bd4221e2b3a87413c5e165e7286519d1f0: fix: add output and tests for GitHub and Azure DevOps (@​thevilledev)
• a770d29c83a81accc0d8320918dcb877918fc5cc: fix: correct linters-settings in .golangci.yaml to enable misspell (@​thevilledev)
• 8e541da4e46bcf30f98c2681fac7eb4cf970f4bb: fix: improve handling for YAML version directives (@​thevilledev)
• 4f6bc40abada70ebc33d5273cf188ab0a0d958fa: fix: make sure lookup_ip_addr throwing builtin-err in test (#1017) (@​boranx)
• 0bbb473dd62712a9635c909632d0911a8118a9e0: fix: max stack size already set by jsonnet.MakeVM() (@​thevilledev)
• 163bdd8e5ccd02fe8ff7a517fdf6231339d75d1a: fix: prevent policy file overwrite on downloads (#1039) (@​thevilledev)
• 8b34fcbe944eec3c433386980319e55bbe8ded07: fix: remove redundant error check in push command (@​thevilledev)
• 74288411d2a3c2b55d8686dcb07ad746f30bdd1e: fix: set jsonnet VM stack limits and add test coverage (@​thevilledev)

OPA Changes

• a8d6544ad6ceb22d88d6a655a5b605e1e6fabdb7: build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0 (#1016) (@​dependabot[bot])
• 19c82bcec98c11f9d1b9bf11b905e1d0a1e0c5a5: build(deps): bump github.com/open-policy-agent/opa from 0.70.0 to 1.1.0 (#1050) (@​dependabot[bot])

Other Changes

• 356ede4880ac68ecb005cb247e669bed5f1ac448: Merge pull request #1035 from open-policy-agent/dependabot/docker/alpine-3.21.2 (@​anderseknert)
• d5e8a778a1da62330150fca1a2f077c5498f7e58: Merge pull request #1036 from open-policy-agent/dependabot/go_modules/github.com/hashicorp/go-getter-1.7.8 (@​anderseknert)
• a60365616fb666449379903429996964f804e7cc: Merge pull request #1037 from thevilledev/fix/recursive-jsonnet (@​anderseknert)
• 3096ca75f68df61995106138285abc5ed10f17c8: Merge pull request #1038 from thevilledev/fix/yaml-preamble-multidoc (@​anderseknert)
• 6b31946d825d56636f2d04ec65f8faec12ba7ab6: Merge pull request #1040 from thevilledev/fix/missing-outputs (@​anderseknert)
• 5063084fb4bbfc2c2e9f2760f252a65a591ba7a2: Merge pull request #1041 from thevilledev/fix/impossible-nil (@​anderseknert)
• 1a2584466d979060089e6bec14842baddb596252: Merge pull request #1043 from open-policy-agent/dependabot/docker/golang-1.23.5-alpine (@​anderseknert)
• 326a1a4bfde5e2a2ea8b64712b274010b479ef8f: Merge pull request #1044 from thevilledev/fix/jsonnet-library-imports (@​anderseknert)
• 744f867abf4417a0c297861ad0d016784669f0c4: Merge pull request #1046 from open-policy-agent/dependabot/go_modules/github.com/moby/buildkit-0.19.0 (@​anderseknert)
• ea55b6165592c6147f43e065b7315b8d206778b0: Merge pull request #1051 from open-policy-agent/dependabot/go_modules/cuelang.org/go-0.12.0 (@​anderseknert)
• 6c867fcb5b2a616b7fe4cc229bf5ba7964b461d6: Merge pull request #1052 from thevilledev/fix/linters-settings (@​anderseknert)
• f110dde92b8763e55b34bb79e8f7c974ad339591: Merge pull request #1053 from thevilledev/style/enable-nilness-lint (@​anderseknert)
• 26b6c245867e5674fa4b944d47a5d9ac7f405e67: Merge pull request #1054 from thevilledev/test/registry-store-init (@​anderseknert)
• 4299ce790bad8a802b1ac1ab00e90a5257ef65a0: build(deps): bump alpine from 3.20.3 to 3.21.0 (#1026) (@​dependabot[bot])
• 154c1aae06527fc47e4f732936805f87d2a10679: build(deps): bump alpine from 3.21.0 to 3.21.2 (@​dependabot[bot])
• 33d468df93ceb4e0ec30086ae189adfa4b49c4cf: build(deps): bump cuelang.org/go from 0.10.0 to 0.10.1 (#1013) (@​dependabot[bot])
• 103315dfca8c5c15ee7342c63c574d5b3406b7a8: build(deps): bump cuelang.org/go from 0.10.1 to 0.11.0 (#1020) (@​dependabot[bot])

... (truncated)

Commits

• abad255 feat: Implement SARIF output (#1042)
• 9efcd87 test(plugin): add comprehensive plugin package tests (#1056)
• 5decd18 feat(parser): handle UTF-8 BOM in JSON input (#1065)
• 8a44613 engine: Refactor to allow for Rego version to be specified (#1059)
• eacba23 feat(engine): add query metadata to evaluation results (#1061)
• 6da5673 build(deps): bump golang from 1.23.5-alpine to 1.23.6-alpine (#1062)
• 19c82bc build(deps): bump github.com/open-policy-agent/opa from 0.70.0 to 1.1.0 (#1050)
• 256bf5e test(policy): improve engine test coverage (#1055)
• 26b6c24 Merge pull request #1054 from thevilledev/test/registry-store-init
• 3f67b78 feature: Documentation command (#1009)
• Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.16.4 to 3.17.1

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.17.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.17.1. The common platform binaries are here:

• MacOS amd64 (checksum / aba59ba9511971a71943b5c76f15d52ace1681197bb3f71ed1f0b15caceacb2c)
• MacOS arm64 (checksum / b823a213d8d7937222becc63d9c7bb3d15a090e7ecd1f70f3a583ed39657e21b)
• Linux amd64 (checksum / 3b66f3cd28409f29832b1b35b43d9922959a32d795003149707fea84cbcd4469)
• Linux arm (checksum / 1dc5ed54350f4f7ae87441e878be4f4fd9b727a86b11b1d20b1001358c83bed3)
• Linux arm64 (checksum / c86c9b23602d4abbfae39d9634e25ab1d0ea6c4c16c5b154113efe316a402547)
• Linux i386 (checksum / b972562a1171673db2892f000248b2540ddcd6f76850ec152852a8e9ce7972cb)
• Linux ppc64le (checksum / 4223394f3fca82a7f8e8d083caf6faf0ee0639d8f235071334579237078a2c2e)
• Linux s390x (checksum / fe47e5ee8abd6baef01bb1c4fc995343121bf5fc7dead1f67e97484a441ba9e8)
• Linux riscv64 (checksum / cf174b1ff83032255f798278152c637d01dd1d1533fd77915ab751d8cf4191a7)
• Windows amd64 (checksum / 08281ee6d4d272835ff10c510b8b39736d112d9cb89dfbc853fe83913fbe48d0)
• Windows arm64 (checksum / 44c9c8246f643ea45bb45013a182fc25da2a8206a6f322a0c6fa47a1f4bcf1e4)

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.17.2 is the next patch release and will be on March 12, 2025
• 3.18.0 is the next minor release and will be on May 14, 2025

Changelog

• add test for nullifying nested global value 980d8ac1939e39138101364400756af2bdee1da5 (Ryan Hockstad)
• Add test case for removing an entire object c23e3b6c495658bb1eec04b32c8e4bfc5ef4dd60 (Ryan Hockstad)
• Tests for bugfix: Override subcharts with null values #12879 3110d5ff63a0edcf6decac8288106b55a6f41760 (Scott Rigby)
• merge null child chart objects 9520c71fb04783cdab111759f0f3c5d1cdc83f1c (Ryan Hockstad)
• build(deps): bump the k8s-io group with 7 updates ab7dedd4cf47cb7455a283d93a1627a35933d634 (dependabot[bot])
• fix: check group for resource info match a2d36029d5dba292073d23acea2ef59cfb429ee9 (Jiasheng Zhu)

Helm v3.17.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom

... (truncated)

Commits

• 980d8ac add test for nullifying nested global value
• c23e3b6 Add test case for removing an entire object
• 3110d5f Tests for bugfix: Override subcharts with null values #12879
• 9520c71 merge null child chart objects
• ab7dedd build(deps): bump the k8s-io group with 7 updates
• a2d3602 fix: check group for resource info match
• 301108e bump version to v3.17.0
• 0ac5d28 Merge pull request #13588 from mattfarina/v3-backport-oci-digest
• 949b2e6 fix: make ORAS reference private
• aba95b9 fix: issue with helm template and oci chart
• Additional commits viewable in compare view

Updates sigs.k8s.io/kustomize/kustomize/v5 from 5.5.0 to 5.6.0

Release notes

Sourced from sigs.k8s.io/kustomize/kustomize/v5's releases.

kustomize/v5.6.0

Announce

This release introduces a unified internal package version (v0.19.0) across the entire kustomize repository. ref. kubernetes-sigs/kustomize#5800

Chore

#5809: fix: "edit add labels" make labels handle -f flag same as commonLabels

Dependencies

#5825: Update to latest kube-opeapi to drop govalidator dependency #5830: downgrade go-difflib and go-spew to tagged releases #5837: Update kyaml to v0.19.0 #5839: Update cmd/config to v0.19.0 #5840: Update api to v0.19.0

Commits

• 95db4aa Merge pull request #5840 from koba1t/pinToApi
• 07f62bd Update api to v0.19.0
• b69e765 Merge pull request #5839 from koba1t/pinToCmdConfig
• 8a51255 Update cmd/config to v0.19.0
• ce667b7 Merge pull request #5837 from koba1t/pinToKyaml
• 1b33db5 Update kyaml to v0.19.0
• 880a7a0 add go work verification step for github actions (#5833)
• 2867f35 downgrade go-difflib and go-spew to tagged releases (#5830)
• 214aa2a Merge pull request #5823 from kubernetes-sigs/dependabot/go_modules/hack/gola...
• 6f62ee7 build(deps): bump golang.org/x/crypto from 0.24.0 to 0.31.0 in /hack
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/open-policy-agent/conftest	[>= 0.56.a, < 0.57]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions