build(deps): bump the all group across 1 directory with 7 updates

[dependabot[bot]]

Bumps the all group with 7 updates in the / directory:

Package	From	To
github.com/google/go-containerregistry	0.19.1	0.20.1
github.com/knqyf263/go-rpmdb	0.1.0	0.1.1
github.com/spf13/cobra	1.8.0	1.8.1
gitlab.alpinelinux.org/alpine/go	0.10.0	0.10.1
golang.org/x/mod	0.17.0	0.19.0
golang.org/x/term	0.20.0	0.22.0
sigs.k8s.io/release-utils	0.8.2	0.8.3

Updates github.com/google/go-containerregistry from 0.19.1 to 0.20.1

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.1

What's Changed

• Create remote.Push by @​mattmoor in google/go-containerregistry#1978

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.20.0...v0.20.1

v0.20.0

What's Changed

• Referrer API must return correct Content-Type by @​GregoireW in google/go-containerregistry#1968
• 🚨 POTENTIALLY BREAKING: Restore blind-write to remote.Put by @​jonjohnsonjr in google/go-containerregistry#1970

New Contributors

• @​GregoireW made their first contribution in google/go-containerregistry#1968

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.19.2...v0.20.0

v0.19.2

What's Changed

• Add JSON marshalling funcs for Digest. by @​wlynch in google/go-containerregistry#1915
• registry: Implement Range requests for blobs by @​jonjohnsonjr in google/go-containerregistry#1917
• Support podman auth file REGISTRY_AUTH_FILE. by @​zhaoyonghe in google/go-containerregistry#1914
• feat: crane mutate platform by @​joshwlewis in google/go-containerregistry#1919
• Add Context support to auth methods by @​jonjohnsonjr in google/go-containerregistry#1949
• Fix windows race condition when writing image with duplicate layers by @​dgannon991 in google/go-containerregistry#1921
• Add -O shorthand for --omit-digest-tags to crane. by @​smoser in google/go-containerregistry#1958

New Contributors

• @​wlynch made their first contribution in google/go-containerregistry#1915
• @​zhaoyonghe made their first contribution in google/go-containerregistry#1914
• @​joshwlewis made their first contribution in google/go-containerregistry#1919
• @​dgannon991 made their first contribution in google/go-containerregistry#1921
• @​smoser made their first contribution in google/go-containerregistry#1958

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2

Commits

• c3d1dcc Create remote.Push (#1978)
• d36047a Restore blind-write to remote.Put (#1970)
• 9915a85 Referrer API must return correct Content-Type (#1968)
• 1b4e407 Add -O shorthand for --omit-digest-tags to crane. (#1958)
• 3764db2 Fix windows race condition when writing image with duplicate layers (#1921)
• 39d1148 Add Context support to auth methods (#1949)
• ff385a9 feat: mutate platform (#1919)
• 98dd3e9 Support podman auth file REGISTRY_AUTH_FILE. (#1914)
• 051d642 registry: Implement Range requests for blobs (#1917)
• 0309184 Add JSON marshalling funcs for Digest. (#1915)
• See full diff in compare view

Updates github.com/knqyf263/go-rpmdb from 0.1.0 to 0.1.1

Commits

• facee9e Fix build constraints for OSes other than Linux (#53)
• 2f85daf fix: close db in example (#52)
• See full diff in compare view

Updates github.com/spf13/cobra from 1.8.0 to 1.8.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.8.1

✨ Features

• Add env variable to suppress completion descriptions on create by @​scop in spf13/cobra#1938

🐛 Bug fixes

• Micro-optimizations by @​scop in spf13/cobra#1957

🔧 Maintenance

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 by @​dependabot in spf13/cobra#2127
• Consistent annotation names by @​nirs in spf13/cobra#2140
• Remove fully inactivated linters by @​nirs in spf13/cobra#2148
• Address golangci-lint deprecation warnings, enable some more linters by @​scop in spf13/cobra#2152

🧪 Testing & CI/CD

• Add test for func in cobra.go by @​korovindenis in spf13/cobra#2094
• ci: test golang 1.22 by @​cyrilico in spf13/cobra#2113
• Optimized and added more linting by @​scop in spf13/cobra#2099
• build(deps): bump actions/setup-go from 4 to 5 by @​dependabot in spf13/cobra#2087
• build(deps): bump actions/labeler from 4 to 5 by @​dependabot in spf13/cobra#2086
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @​dependabot in spf13/cobra#2108
• build(deps): bump actions/cache from 3 to 4 by @​dependabot in spf13/cobra#2102

✏️ Documentation

• Fixes and docs for usage as plugin by @​nirs in spf13/cobra#2070
• flags: clarify documentation that LocalFlags related function do not modify the state by @​niamster in spf13/cobra#2064
• chore: remove repetitive words by @​racerole in spf13/cobra#2122
• Add LXC to the list of projects using Cobra @​VaradBelwalkar in spf13/cobra#2071
• Update projects_using_cobra.md by @​marcuskohlberg in spf13/cobra#2089
• [chore]: update projects using cobra by @​cmwylie19 in spf13/cobra#2093
• Add Taikun CLI to list of projects by @​Smidra in spf13/cobra#2098
• Add Incus to the list of projects using Cobra by @​montag451 in spf13/cobra#2118

... (truncated)

Commits

• e94f6d0 Address golangci-lint deprecation warnings, enable some more linters (#2152)
• 8003b74 Remove fully inactivated linters (#2148)
• 5c2c1d6 Consistent annotation names (#2140)
• 5a1acea build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.3 to 2.0.4 (#2127)
• 0fc86c2 docs: update user guide (#2128)
• 6b5f577 More linting (#2099)
• bd914e5 fix: remove deprecated io/ioutils package (#2120)
• 1f80fa2 chore: remove repetitive words (#2122)
• c69ae4c ci: test golang 1.22 (#2113)
• a30cee5 build(deps): bump actions/cache from 3 to 4 (#2102)
• Additional commits viewable in compare view

Updates gitlab.alpinelinux.org/alpine/go from 0.10.0 to 0.10.1

Updates golang.org/x/mod from 0.17.0 to 0.19.0

Commits

• d58be1c sumdb/tlog: set the hash of the empty tree according to RFC 6962
• 232e49f Revert "module: add COM0 and LPT0 to badWindowsNames"
• c0bdc7b modfile: add API for godebug lines
• 6686f41 module: add COM0 and LPT0 to badWindowsNames
• See full diff in compare view

Updates golang.org/x/term from 0.20.0 to 0.22.0

Commits

• c976cb1 go.mod: update golang.org/x dependencies
• 5f0bb72 go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates sigs.k8s.io/release-utils from 0.8.2 to 0.8.3

Release notes

Sourced from sigs.k8s.io/release-utils's releases.

v0.8.3

What's Changed

• Add support for sending HTTP HEAD requests by @​xmudrii in kubernetes-sigs/release-utils#104
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 in the all group by @​dependabot in kubernetes-sigs/release-utils#105
• Update golangci-lint and fix lints by @​saschagrunert in kubernetes-sigs/release-utils#106

Full Changelog: https://github.com/kubernetes-sigs/release-utils/compare/v0.8.2...v0.8.3

Commits

• 24b0b7a Merge pull request #106 from saschagrunert/lint
• 1e6967e Update golangci-lint and fix lints
• a8e8df7 Merge pull request #105 from kubernetes-sigs/dependabot/go_modules/all-f8a819...
• c85f3b8 build(deps): bump github.com/spf13/cobra in the all group
• e30fa4b Merge pull request #104 from xmudrii/http-head
• ddff40c Add support for sending HTTP HEAD requests
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign jeremyrickard for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/kubernetes-sigs/bom/blob/main/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

[k8s-ci-robot]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-bom-check-embedded-data	2f4f49a116e2fb0661b8f2c73b7dc80d3ded1028	link	true	/test pull-bom-check-embedded-data
pull-bom-verify	2f4f49a116e2fb0661b8f2c73b7dc80d3ded1028	link	true	/test pull-bom-verify

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).

[dependabot[bot]]

Superseded by #461.