Skip to content

ROX-34117, ROX-34121: bump the k8s-io group with 7 updates#20039

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/k8s-io-dc9379caa6
Open

ROX-34117, ROX-34121: bump the k8s-io group with 7 updates#20039
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/k8s-io-dc9379caa6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026

Bumps the k8s-io group with 7 updates:

Package From To
k8s.io/api 0.35.3 0.35.4
k8s.io/apiextensions-apiserver 0.35.3 0.35.4
k8s.io/apimachinery 0.35.3 0.35.4
k8s.io/apiserver 0.35.3 0.35.4
k8s.io/cli-runtime 0.35.3 0.35.4
k8s.io/client-go 0.35.3 0.35.4
k8s.io/kubectl 0.35.3 0.35.4

Updates k8s.io/api from 0.35.3 to 0.35.4

Commits
  • e8f0e9f Update dependencies to v0.35.4 tag
  • 0b2a75e Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • e1ef9bc Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • See full diff in compare view

Updates k8s.io/apiextensions-apiserver from 0.35.3 to 0.35.4

Commits
  • b0e553c Update dependencies to v0.35.4 tag
  • c580382 Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 895a1c1 Merge pull request #138348 from dashpole/update_prop_35
  • d25970d Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • eacefa7 update go.opentelemetry.io/otel to v1.41.0
  • See full diff in compare view

Updates k8s.io/apimachinery from 0.35.3 to 0.35.4

Commits
  • 475c941 Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 6c08bb5 Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • 45398ef Merge pull request #137927 from lalitc375/cherry-pick-137864
  • b414b94 Fix backport differences for 1.35 (remove WithOrigin and MarkAlpha)
  • f933a4d Add slice and map union member support with tests
  • 977ad5b Use IsZero instead of IsNil for union ratcheting check
  • a128230 Fix union validation ratcheting when oldObj is nil
  • See full diff in compare view

Updates k8s.io/apiserver from 0.35.3 to 0.35.4

Commits
  • 135139a Update dependencies to v0.35.4 tag
  • bab823a Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 665bee2 Merge pull request #138348 from dashpole/update_prop_35
  • 0ca90dd Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • cbf8e95 update go.opentelemetry.io/otel to v1.41.0
  • cea098d Merge pull request #136281chaochn47/automated-cherry-pick-of-#135685
  • 18cba36 Bugfix: calculate request latency properly in audit log filter
  • See full diff in compare view

Updates k8s.io/cli-runtime from 0.35.3 to 0.35.4

Commits
  • 3e48915 Update dependencies to v0.35.4 tag
  • a919008 Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • fd8da9a Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • See full diff in compare view

Updates k8s.io/client-go from 0.35.3 to 0.35.4

Commits
  • d43aed2 Update dependencies to v0.35.4 tag
  • 8ebd9bb Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • 00b2f2b Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • See full diff in compare view

Updates k8s.io/kubectl from 0.35.3 to 0.35.4

Commits
  • 7d32eae Update dependencies to v0.35.4 tag
  • e46deaa Merge pull request #138356 from dims/update-moby-spdystream-v0.5.1-1.35
  • fc15b68 Merge pull request #138348 from dashpole/update_prop_35
  • 0a81a31 Update github.com/moby/spdystream from v0.5.0 to v0.5.1
  • 5ba1da8 update go.opentelemetry.io/otel to v1.41.0
  • See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
k8s.io/client-go [>= 0.25.a, < 0.26]
k8s.io/apiserver [>= 0.25.a, < 0.26]
k8s.io/apimachinery [>= 0.25.a, < 0.26]
k8s.io/api [>= 0.25.a, < 0.26]
k8s.io/kubectl [>= 0.25.a, < 0.26]
k8s.io/api [>= 0.27.a, < 0.28]
k8s.io/cli-runtime [>= 0.27.a, < 0.28]
k8s.io/kubectl [>= 0.27.a, < 0.28]
k8s.io/client-go [>= 0.27.a, < 0.28]
k8s.io/apiserver [>= 0.27.a, < 0.28]
k8s.io/client-go [>= 0.28.a, < 0.29]
k8s.io/apimachinery [>= 0.28.a, < 0.29]
k8s.io/apiserver [>= 0.28.a, < 0.29]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the k8s-io group with 7 updates
e3c3dd6 
Bumps the k8s-io group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [k8s.io/api](https://github.com/kubernetes/api) | `0.35.3` | `0.35.4` |
| [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) | `0.35.3` | `0.35.4` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.35.3` | `0.35.4` |
| [k8s.io/apiserver](https://github.com/kubernetes/apiserver) | `0.35.3` | `0.35.4` |
| [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) | `0.35.3` | `0.35.4` |
| [k8s.io/client-go](https://github.com/kubernetes/client-go) | `0.35.3` | `0.35.4` |
| [k8s.io/kubectl](https://github.com/kubernetes/kubectl) | `0.35.3` | `0.35.4` |


Updates `k8s.io/api` from 0.35.3 to 0.35.4
- [Commits](kubernetes/api@v0.35.3...v0.35.4)

Updates `k8s.io/apiextensions-apiserver` from 0.35.3 to 0.35.4
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](kubernetes/apiextensions-apiserver@v0.35.3...v0.35.4)

Updates `k8s.io/apimachinery` from 0.35.3 to 0.35.4
- [Commits](kubernetes/apimachinery@v0.35.3...v0.35.4)

Updates `k8s.io/apiserver` from 0.35.3 to 0.35.4
- [Commits](kubernetes/apiserver@v0.35.3...v0.35.4)

Updates `k8s.io/cli-runtime` from 0.35.3 to 0.35.4
- [Commits](kubernetes/cli-runtime@v0.35.3...v0.35.4)

Updates `k8s.io/client-go` from 0.35.3 to 0.35.4
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.35.3...v0.35.4)

Updates `k8s.io/kubectl` from 0.35.3 to 0.35.4
- [Commits](kubernetes/kubectl@v0.35.3...v0.35.4)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/apiserver
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/cli-runtime
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/client-go
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
- dependency-name: k8s.io/kubectl
  dependency-version: 0.35.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: k8s-io
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added auto-merge Auto-merge minor and patch version bumps auto-retest PRs with this label will be automatically retested if prow checks fails ci-all-qa-tests Tells CI to run all API tests (not just BAT). dependencies Pull requests that update a dependency file labels Apr 16, 2026
@dependabot dependabot bot requested a review from a team as a code owner April 16, 2026 05:54
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ci-all-qa-tests Tells CI to run all API tests (not just BAT). auto-merge Auto-merge minor and patch version bumps auto-retest PRs with this label will be automatically retested if prow checks fails labels Apr 16, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 16, 2026
edited
Loading

🚀 Build Images Ready

Images are ready for commit e3c3dd6. To use with deploy scripts:

export MAIN_IMAGE_TAG=4.11.x-661-ge3c3dd6d8f

@guzalv guzalv changed the title chore(deps): bump the k8s-io group with 7 updates ROX-34115: bump the k8s-io group with 7 updates CVE-2026-35469 Apr 16, 2026
@guzalv guzalv changed the title ROX-34115: bump the k8s-io group with 7 updates CVE-2026-35469 ROX-34117, ROX-34121: bump the k8s-io group with 7 updates Apr 16, 2026
guzalv
guzalv reviewed Apr 16, 2026
View reviewed changes
Comment thread go.mod
@rhacs-bot
Copy link
Copy Markdown
Contributor

rhacs-bot commented Apr 16, 2026

/retest

2 similar comments
@guzalv
Copy link
Copy Markdown
Contributor

guzalv commented Apr 16, 2026

/retest

@rhacs-bot
Copy link
Copy Markdown
Contributor

rhacs-bot commented Apr 16, 2026

/retest

@openshift-ci
Copy link
Copy Markdown

openshift-ci bot commented Apr 16, 2026

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/gke-qa-e2e-tests e3c3dd6 link false /test gke-qa-e2e-tests

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@rhacs-bot
Copy link
Copy Markdown
Contributor

rhacs-bot commented Apr 16, 2026

/retest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guzalv guzalv guzalv approved these changes

Assignees

No one assigned

Labels

auto-merge Auto-merge minor and patch version bumps auto-retest PRs with this label will be automatically retested if prow checks fails ci-all-qa-tests Tells CI to run all API tests (not just BAT). dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rhacs-bot @guzalv