upgrade to latest dependencies

bumping google.golang.org/genproto/googleapis/api 796eee8...e9438ea:
  > e9438ea chore(all): auto-regenerate .pb.go files (# 1187)
  > 7023788 chore(all): auto-regenerate .pb.go files (# 1186)
  > 29210b9 chore(all): update all (# 1185)
  > 65684f5 chore(all): auto-regenerate .pb.go files (# 1184)
  > 138b5a5 chore(all): update all (# 1183)
  > 1a7da9e chore(all): update all (# 1182)
  > 5f5ef82 chore(all): update all (# 1181)
  > 6982302 chore: bump to min Go to 1.22 (# 1180)
  > 26aa7a2 chore(all): update all (# 1178)
  > 3abc09e chore(all): update all (# 1177)
  > 6b3ec00 fix: update golang.org/x/net to v0.33.0 (# 1176)
  > bd15449 chore(all): auto-regenerate .pb.go files (# 1175)
  > 9240e9c chore(all): update all (# 1174)
  > e6fa225 chore(all): update all (# 1173)
  > a4fef06 chore(all): auto-regenerate .pb.go files (# 1172)
  > 19429a9 chore(all): update all (# 1171)
  > e639e21 chore(all): update all (# 1170)
  > 65e8d21 Fix: GitHub workflow script injection (# 1169)
  > e0fbfb7 chore(all): update all (# 1168)
  > dd2ea8e chore(all): update all (# 1166)
  > 324edc3 chore(all): update all (# 1165)
bumping k8s.io/utils 3ea5e8c...24370be:
  > 24370be [Fake clock] Make Stop / Reset return false if Timer stopped (# 320)
  > 6fe5fd8 Merge pull request # 319 from dims/add-lock-unlock-in-SetEvictionFunc
  > 7a270de Add lock/unlock in SetEvictionFunc
bumping google.golang.org/api c642c84...d135e2f:
  > d135e2f chore(main): release 0.198.0 (# 2781)
  > c16dd63 feat(all): auto-regenerate discovery clients (# 2789)
  > d27a832 feat(all): auto-regenerate discovery clients (# 2788)
  > 82803c7 chore(all): update all (# 2785)
  > 65d7953 feat(all): auto-regenerate discovery clients (# 2786)
  > 786e8a8 feat(all): auto-regenerate discovery clients (# 2784)
  > 923816f feat(all): auto-regenerate discovery clients (# 2783)
  > 5a4dc60 feat(all): auto-regenerate discovery clients (# 2782)
  > 3c2f8ce feat(all): auto-regenerate discovery clients (# 2780)
  > c5990e2 chore(main): release 0.197.0 (# 2771)
  > dc3697a chore(all): update all (# 2777)
  > cedc5b0 feat(all): auto-regenerate discovery clients (# 2779)
  > 72cc5c4 feat(all): auto-regenerate discovery clients (# 2778)
  > cc62887 feat(all): auto-regenerate discovery clients (# 2776)
  > 11e2ff6 feat(all): auto-regenerate discovery clients (# 2775)
  > 6476ddd feat(all): auto-regenerate discovery clients (# 2774)
  > 140d0a5 fix(transport): set UniverseDomain in http.NewClient for new auth (# 2773)
  > 0c7c227 feat(all): auto-regenerate discovery clients (# 2772)
  > 07782e2 feat(all): auto-regenerate discovery clients (# 2770)
  > 6273efe chore(main): release 0.196.0 (# 2761)
  > 7714cd9 chore: bump some deps to latest (# 2769)
  > 2856eee chore(all): update all (# 2766)
  > 00da46b feat(all): auto-regenerate discovery clients (# 2768)
  > 6e81c8f feat(all): auto-regenerate discovery clients (# 2765)
  > d9ef5ce feat(all): auto-regenerate discovery clients (# 2764)
  > 293fdcd feat(all): auto-regenerate discovery clients (# 2763)
  > 21f10ed feat(all): auto-regenerate discovery clients (# 2760)
  > f9bde01 chore(main): release 0.195.0 (# 2751)
  > 04cbad8 feat(all): auto-regenerate discovery clients (# 2759)
  > e907e01 feat(all): auto-regenerate discovery clients (# 2756)
  > 47629a1 chore(all): update all to 4ba0660 (# 2754)
  > 3f3bd66 feat(all): auto-regenerate discovery clients (# 2755)
  > 70a68c2 feat(all): auto-regenerate discovery clients (# 2753)
  > 5b1ebe2 feat(all): auto-regenerate discovery clients (# 2752)
  > 6bdae51 feat(all): auto-regenerate discovery clients (# 2750)
  > cd95a34 chore(main): release 0.194.0 (# 2747)
  > eda6a59 fix(gen): change HttpBody.Data from string to any for monitoring:v1 (# 2744)
  > f836095 chore(all): Updating auth library version (# 2748)
  > 5d61f08 feat(all): auto-regenerate discovery clients (# 2746)
  > d994b67 chore(main): release 0.193.0 (# 2734)
  > 254bbe1 chore(all): update all (# 2740)
  > cb825c8 feat(all): auto-regenerate discovery clients (# 2742)
  > 9d915ff feat(all): auto-regenerate discovery clients (# 2739)
  > 7296c72 feat(all): auto-regenerate discovery clients (# 2738)
  > a2308c1 feat(all): auto-regenerate discovery clients (# 2737)
  > 6b81f1a feat(all): auto-regenerate discovery clients (# 2736)
  > c2b2ac9 chore: update to 1.21 (# 2735)
  > 4118ec2 feat(all): auto-regenerate discovery clients (# 2733)
  > c616f47 chore(main): release 0.192.0 (# 2726)
  > b457582 fix(internal/cba): Update credsNewAuth path to use nil oauth2 client (# 2731)
  > 2b4e9f4 feat: move storage, bigquery, and compute to new auth lib (# 2730)
  > a0ed1f3 feat(all): auto-regenerate discovery clients (# 2729)
  > 97c7f2e feat(all): auto-regenerate discovery clients (# 2728)
  > 36e3fa7 feat(all): auto-regenerate discovery clients (# 2727)
  > b2c7c05 feat(all): auto-regenerate discovery clients (# 2725)
  > d0759b0 chore(main): release 0.191.0 (# 2718)
  > 918e3d2 feat(all): auto-regenerate discovery clients (# 2724)
  > 0d15913 feat(all): auto-regenerate discovery clients (# 2722)
  > b365461 chore(all): update all (# 2721)
  > fffff7f fix: reference gax import in storage libs (# 2720)
  > a5ddb40 feat(all): auto-regenerate discovery clients (# 2719)
  > f5b0bb5 fix(transport): disable automatic universe domain check (# 2717)
  > 88dca19 chore(main): release 0.190.0 (# 2694)
  > 1f2d6d3 chore: bump cloud.google.com/go/[email protected] (# 2716)
  > 164a8d6 feat(all): auto-regenerate discovery clients (# 2715)
  > 05a4fc5 feat(all): auto-regenerate discovery clients (# 2706)
  > c8041b0 chore(all): update all (# 2702)
  > aa62c85 revert: move storage, bigquery, and compute to new auth lib (# 2695)" (# 2704)
  > 7b03cff feat(all): auto-regenerate discovery clients (# 2703)
  > a8b0821 feat(all): auto-regenerate discovery clients (# 2700)
  > 1e4c024 chore(all): update module github.com/google/s2a-go to v0.1.8 (# 2697)
  > d07fd26 feat(all): auto-regenerate discovery clients (# 2699)
  > ddc4e0b feat(all): auto-regenerate discovery clients (# 2698)
  > 66ace6c feat: move storage, bigquery, and compute to new auth lib (# 2695)
  > cbc19e7 feat(all): auto-regenerate discovery clients (# 2693)
  > d0089f3 chore(main): release 0.189.0 (# 2681)
  > af28112 chore: upgrade some dependencies (# 2692)
  > a94722f feat(all): auto-regenerate discovery clients (# 2691)
  > aa4662f fix(transport/grpc): retain UserAgent option with new auth stack (# 2690)
  > 786363b chore(all): update all (# 2688)
  > 27405af feat(all): auto-regenerate discovery clients (# 2687)
  > 611884d feat(all): auto-regenerate discovery clients (# 2685)
  > d925dcb fix(cba): Update newAuth path to use nil oauth2 client (# 2684)
  > 1e3757d feat(all): auto-regenerate discovery clients (# 2683)
  > eba243a chore: generate based on discovery-artifact-manager (# 2682)
  > 4a713f7 feat(all): auto-regenerate discovery clients (# 2680)
  > 9957790 chore(main): release 0.188.0 (# 2666)
  > 7021e3e chore: bump some deps (# 2679)
  > d17f6be feat(all): auto-regenerate discovery clients (# 2678)
  > 40b5113 fix: allow ForceSendFields to work for map types (# 2670)
  > 5cdcbe0 chore(all): update all (# 2676)
  > 5dd2fb2 feat(all): auto-regenerate discovery clients (# 2677)
  > a9177bd feat(all): auto-regenerate discovery clients (# 2675)
  > d465cec feat(all): auto-regenerate discovery clients (# 2674)
  > 88240e3 feat(all): auto-regenerate discovery clients (# 2673)
  > 0d54a85 feat(all): auto-regenerate discovery clients (# 2671)
  > 6df3749 feat(all): auto-regenerate discovery clients (# 2669)
  > 711eb91 fix: check []bytes > 0 instead of nil (# 2667)
  > e84fa65 feat(all): auto-regenerate discovery clients (# 2665)
  > b6c87f6 chore(main): release 0.187.0 (# 2656)
  > e051997 fix: pass through gRPC api key option to new auth lib (# 2664)
  > 2ea4e07 chore(all): update all to dc46fd2 (# 2662)
  > 6e061ce feat(all): auto-regenerate discovery clients (# 2663)
  > 0a238f5 feat(all): auto-regenerate discovery clients (# 2661)
  > 3ca2f84 feat(all): auto-regenerate discovery clients (# 2660)
  > 7cd88da feat(all): auto-regenerate discovery clients (# 2659)
  > a758bc1 fix(gensupport): wrap chunk upload err for retries (# 2657)
  > 719f988 feat(all): auto-regenerate discovery clients (# 2658)
  > 1a28e06 feat(all): auto-regenerate discovery clients (# 2655)
  > 89bc0dc chore(main): release 0.186.0 (# 2642)
  > 6c8b3b9 chore: bump auth lib dep (# 2654)
  > bc370a7 feat(all): auto-regenerate discovery clients (# 2653)
  > ddb2d15 chore(all): update module github.com/googleapis/gax-go/v2 to v2.12.5 (# 2651)
  > 10c47f3 feat(all): auto-regenerate discovery clients (# 2652)
  > 695484b feat(all): auto-regenerate discovery clients (# 2649)
  > 1bac79d feat(all): auto-regenerate discovery clients (# 2648)
  > c1a7681 feat(all): auto-regenerate discovery clients (# 2645)
  > 1fcd83d chore: add simple readme for generator (# 2633)
  > 20ffdd8 feat(all): auto-regenerate discovery clients (# 2644)
  > 72fb128 feat(all): auto-regenerate discovery clients (# 2641)
  > e732ee3 chore(main): release 0.185.0 (# 2635)
  > 0c868b2 feat(all): auto-regenerate discovery clients (# 2638)
  > 324ae13 chore(all): update all (# 2640)
  > 51ff8a4 feat(all): auto-regenerate discovery clients (# 2636)
  > ea513cb fix(internal/gensupport): update shouldRetry for GCS uploads (# 2634)
  > 66c2e4a chore(main): release 0.184.0 (# 2628)
  > 7fccba6 feat(all): auto-regenerate discovery clients (# 2624)
  > 953f728 fix(cba): Update credsNewAuth to support oauth2 over mTLS (# 2610)
  > ebc44d1 feat: support structpb.Struct as req/resp (# 2632)
  > 56d0d59 chore: remove some nil clients (# 2631)
  > e760319 chore(gensupport): merge x-goog-api-client vals into a single header (# 2612)
  > bec8b5c chore(all): update all (# 2630)
  > 643675b Revert "feat: regen cloudcommerceprocurement v1 from updated discovery file (…" (# 2629)
  > 7e30ed2 feat: regen cloudcommerceprocurement v1 from updated discovery file (# 2627)
  > 8a7c0e1 chore: bump auth dep (# 2621)
bumping knative.dev/serving df7f168...a3be1ef:
  > a3be1ef fix repeat option (# 15813)
  > c09ff6c Update net-gateway-api nightly (# 15806)
  > 636392e Update net-kourier nightly (# 15804)
  > ee523c0 Update net-istio nightly (# 15805)
  > e067066 Update net-gateway-api nightly (# 15803)
  > f2aa6e3 Update net-kourier nightly (# 15796)
  > b06a773 Bump the github-actions group with 3 updates (# 15800)
  > 0210658 upgrade to latest dependencies (# 15793)
  > 87c07ee Update net-istio nightly (# 15789)
  > 09ec3f5 Update net-gateway-api nightly (# 15788)
  > 1124aff Update net-contour nightly (# 15787)
  > 99a8b20 Update net-istio nightly (# 15786)
  > 8d80bbe Update community files (# 15785)
  > 6da3d87 Update net-kourier nightly (# 15784)
  > 582f453 upgrade to latest dependencies (# 15783)
  > 7125e03 upgrade to latest dependencies (# 15782)
  > 02800e8 drop replace directives for incoming lib bumps (# 15777)
  > 407adcf Update net-istio nightly (# 15779)
  > 8a665f2 Fix golangci exclude config (# 15775)
  > 3f7fd94 Update net-kourier nightly (# 15776)
  > 45236a3 bump min k8s version to v1.31 (# 15774)
  > 4994b59 upgrade to latest dependencies (# 15772)
  > fcf8404 Update net-gateway-api nightly (# 15771)
  > 86edcad add test for probe path without a leading slash (# 15769)
  > 2317dc6 Update net-istio nightly (# 15762)
  > c9994b8 Update net-contour nightly (# 15763)
  > d933e25 Update net-gateway-api nightly (# 15757)
  > 817e853 Bump go-containerregistry dependency (# 15754)
  > a9c5467 upgrade to latest dependencies (# 15749)
  > 9be0816 Bump go-containerregistry (# 15751)
  > 220c826 Update net-gateway-api nightly (# 15750)
  > 9c35416 Fix kourier tls runtime tests (# 15732)
  > ff8a4ab Bump ko-build/setup-ko from 0.7 to 0.8 in the github-actions group (# 15747)
  > fbfa937 Update net-contour nightly (# 15743)
  > c1e4644 Update net-gateway-api nightly (# 15741)
  > cbc236e Update net-istio nightly (# 15742)
  > f13695f upgrade to latest dependencies (# 15739)
  > 45ca4c6 Update net-gateway-api nightly (# 15736)
  > e41df09 Update net-istio nightly (# 15737)
  > 81db3b8 Update net-contour nightly (# 15734)
  > 2215525 Update net-kourier nightly (# 15735)
  > bb3d521 Update community files (# 15733)
  > 6fca262 Update net-gateway-api nightly (# 15728)
  > 8f2c4a7 Update net-contour nightly (# 15726)
  > 6174c65 Update net-istio nightly (# 15727)
  > 72500e7 Update community files (# 15725)
  > b64b468 Update net-gateway-api nightly (# 15723)
  > 6265a8e Fix configuration timeout defaulting  (# 15617)
  > 5842f16 Update net-contour nightly (# 15718)
  > 1a30e12 Allow paths without leading slash in probes (# 15681)
  > 59f6633 Update net-gateway-api nightly (# 15720)
  > f10e715 Update net-kourier nightly (# 15719)
  > 309d4ef Update net-istio nightly (# 15717)
  > da5e7fd Bump cert-manager and use their clientset  (# 15703)
  > 460e0b3 Ensure ContainerHealthy condition is set back to True (# 15503)
bumping github.com/google/go-containerregistry 1e09daa...c4dd792:
  > c4dd792 bump deps using hack/bump-deps.sh (# 2042)
  > 6bce25e Detect zstd in crane append (# 2023)
  > 06dcd85 mutate: Create a defensive annotations copy (# 2030)
  > a9a53a8 check for 406 status code when handling referrers endpoint response (# 2026)
  > 4630c40 don't pin chainguard-dev/actions  (# 2025)
  > 808e354 bump actions to latest (# 2011)
  > a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (# 1947)
  > 00f182b Expose compare package (# 2001)
  > b8e87ed remote/transport: Make bearer transport go-routine-safe (# 1806)
  > c195f15 deps: bump docker dep (# 1991)
  > c3d1dcc Create `remote.Push` (# 1978)
  > d36047a Restore blind-write to remote.Put (# 1970)
  > 9915a85 Referrer API must return correct Content-Type (# 1968)
  > 1b4e407 Add -O shorthand for --omit-digest-tags to crane. (# 1958)
  > 3764db2 Fix windows race condition when writing image with duplicate layers (# 1921)
  > 39d1148 Add Context support to auth methods (# 1949)
  > ff385a9 feat: mutate platform (# 1919)
  > 98dd3e9 Support podman auth file REGISTRY_AUTH_FILE. (# 1914)
  > 051d642 registry: Implement Range requests for blobs (# 1917)
  > 0309184 Add JSON marshalling funcs for Digest. (# 1915)
  > 8b3c303 Bump golang.org/x/ packages (# 1892)
  > afec664 Bump golang.org/x/net from 0.10.0 to 0.17.0 in /pkg/authn/k8schain (# 1815)
  > 8dadbe7 Work around docker v25 tarballs (# 1872)
  > a0658aa Always print pushed digest in crane push (# 1860)
  > 55ffb00 fix: goreleaser config (# 1764)
  > 4fdaa32 feat: allow port and disk path to be overriden (# 1848)
  > ceb0580 feat: implement gc command (# 1811)
  > 5a53a12 tag: add command explanation to the long help (# 1843)
  > c722ce9 fix: mimic oci-layout (# 1810)
  > b2485cb Build releases with Go 1.21 (# 1840)
  > dbcd01c Don't wrap DefaultKeychain with refreshes (# 1791)
  > a748190 Set Content-Length for blob uploads (# 1781)
  > 190ad0e Validate index architectures match children (# 1776)
  > a54d642 fix: pin to goreleaser v1.18 to unblock release (# 1763)
  > ea19b57 Return OCI Index content-type for referrers response (# 1762)
  > b850480 Drop localhost to support crane registry serve in a container (# 1746)
  > fe268b7 Don't try cross-origin mounting against dockerhub (# 1743)
  > 2472cbb Let the filesystem handle atomicity (# 1735)
  > db818dc Use RWLock, limit scope of locking, write digest first (# 1734)
  > 44a6e2e Allow concurrent blob Sets, use RWMutex (# 1733)
  > 9010ce1 Correct crane registry help text (# 1732)
  > 03ad2ac add --blobs-to-disk to 'crane registry serve' (# 1731)
  > 4e4b03a Don't load into daemon if the image already exists (# 1724)
  > 6de8d1d Change ErrSchema1 error to dynamic strings. (# 1721)
  > 0a9bb12 crane: Respect cmd.OutOrStdout (# 1728)
  > 145eebe Add missing name option in crane index commands (# 1723)
  > 037ab31 Surface better error messages in crane index (# 1722)
  > 03b8657 fix: add bounds checking to addendum layer mutations to prevent panic (# 1715)
  > c3f8a49 Pass scopes through crane auth token (# 1713)
  > 53fbcf9 Bump codecov/codecov-action from 3.1.3 to 3.1.4 (# 1710)
  > 1d535e2 Add crane auth token (# 1709)
  > 5fe7f2e Limit size of manifest (# 1711)
  > e61c519 retry HTTP 522 errors by default (# 1707)
  > 2015ceb fixed a goroutine leak (# 1705)
  > 0ec36ad Allow crane to export schema 1 images (# 1704)
  > b7ad3f1 bump deps using ./hack/bump-deps.sh (# 1702)
  > dbecb1d Do not reuse pushers for pullers (# 1701)
  > a927d7c Make 403 non-fatal for manifest existence checks (# 1691)
  > 0b12f56 Add ppc64le to all binaries (# 1688)
  > 69d1a19 Add `mutate` `--ports` option to set the exposed ports (# 1677)
  > 691004b bump deps using ./hack/bump-deps.sh (# 1685)
  > 370e8a5 Fix a few lint issues (# 1684)
  > 3120ba5 Keep order of env in crane mutate (# 1683)
  > afd15f1 Add --all-tags flag to crane cp (# 1682)
  > 5438948 add registry.Repo("foo") (# 1671)
  > 43710a9 Retry without mount if auth fails (# 1681)
  > 3228a60 Add ppc64le to .goreleaser.yml (# 1680)
  > d64f9e0 remove time from random.Image history (# 1678)
  > 3706061 allow pkg/v1/random to accept a RNG source (# 1675)
  > b7c6e9d Fall back to puller if reusing pusher fails (# 1676)
  > 005bb71 Add remote.Reuse for Pusher/Puller (# 1672)
  > 58bd35b Bump codecov/codecov-action from 3.1.2 to 3.1.3 (# 1668)
  > ad695c0 Replace deprecated command with environment file (# 1667)
  > 07c767c Add remote.Puller (# 1644)
  > 9f68710 feat(daemon): generate config file from Docker Engine API (# 1130)
  > d1c4e9f verify provenance (# 1611)
  > df518f9 add crane auth logout (# 1589)
  > 52d59d1 feat(remote): make retryStatusCodes configurable (# 1635)
  > df72a9a crane push: print pushed ref@digest to stdout (# 1663)
  > 27a6ad6 Revert "authn: Add NewConfigKeychain to load a config from explicit path (# 1603)" (# 1664)
  > 217318c deprecate estargz (# 1660)
  > 1cb7e13 authn: Add NewConfigKeychain to load a config from explicit path (# 1603)
  > 348cd86 bump deps using ./hack/bump-deps.sh (# 1659)
  > e055961 Bump peter-evans/create-pull-request from 4 to 5 (# 1642)
  > 6f96bba gcrane: Use page size of 10,000 for googley things (# 1645)
  > 375fb61 Bump slsa-framework/slsa-verifier from 2.1.0 to 2.2.0 (# 1649)
  > 07eb440 Bump codecov/codecov-action from 3.1.1 to 3.1.2 (# 1650)
  > 9aa45a1 Change return type of remote.Referrers (# 1652)
  > bc990d6 Fix fetching referrers error handling (# 1648)
  > ed5c185 Retry net.ErrClosed (# 1637)
  > 2435320 Revert "Cleanup: Switch the debug image to `cgr.dev/chainguard/busybox` (# 1638)" (# 1641)
  > 2ccd41c Cleanup: Switch the debug image to `cgr.dev/chainguard/busybox` (# 1638)
  > 6743ec9 Implement remote.Pusher (# 1633)
  > 0962e29 Allow remote config layers to be lazy fetched (# 1634)
  > 4a79e94 Fix race in stream (# 1632)
  > 65e78dc Add partial.Manifests for lazy index access (# 1631)
  > 0577676 crane: ignore buildx attestations in flatten (# 1630)
  > 93be9c4 Don't export whiteouts for single layers (# 1629)
  > d958444 Add remote.Descriptor.Schema1() (# 1626)
  > aee00b1 Fix race in mutate (# 1627)
  > 6ac92e8 Refactor fetcher, writer, and progress (# 1625)
  > 249d7e1 Refresh authn.DefaultKeychain creds every 5 min (# 1624)
  > b8d1c0a Bump slsa-framework/slsa-verifier from 2.0.1 to 2.1.0 (# 1621)
  > ace7be7 update GCR quotas (# 1619)
  > e2620e5 Actually retry retryable status codes (# 1618)
  > 21ac1b2 Adding `mutate` `--workdir` option to set the working directory (# 1615)
  > 54e3f49 Bump actions/stale from 7 to 8 (# 1616)
  > a34235c Support `Warning` header aggregation and reporting in `crane` (# 1604)
  > 46488f7 retry HTTP 499 errors by default (# 1612)
  > 0f2db49 release: use ko 0.13.0 to build images (# 1607)
  > 53189d3 Bump actions/setup-go from 3 to 4 (# 1602)
  > 01bbd53 Update release.yml (# 1601)
  > 4b081f8 Avoid v1.Manifest in crane edit config (# 1583)
  > 1cfe1fc Bump aws-actions/configure-aws-credentials from 1.7.0 to 2.0.0 (# 1593)
  > e94d408 bump deps using ./hack/bump-deps.sh (# 1592)
  > ff810c1 crane: add serve subcommand (# 1586)
  > 57f010d replace manual slsa-verifier installation with action (# 1585)
  > 6770304 Update descriptor "data" field (when valid) during "crane edit config" (# 1584)
  > 1b8dc2b Bump slsa-framework/slsa-github-generator from 1.2.2 to 1.5.0 (# 1580)
  > 8ea5e0e crane: support --omit-digest-tags in crane ls (# 1528)
  > 4e95ae2 crane: add --flatten for index append (# 1566)
  > 4a0e0af docs: Update crane installation and verification instructions (# 1567)
  > 3624968 tarball: pass imageToTags (# 1563)
  > 9f42e02 Set mediaType for empty.ImageIndex in RawManifest (# 1562)
  > 2ceebaa Implement crane index subcommand (# 1561)
  > 9cd098e skip tls verification if default transport is used with insecure option (# 1559)
  > eb7d746 authn: also read mount secrets (# 1560)
  > 62f183e Bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 (# 1556)
  > b3c23b4 Support for OCI 1.1+ referrers via API (# 1546)
  > de35f0f Allow setting Content-Type in crane edit manifest (# 1551)
  > e04520b fix: Fix the crane release url and add more steps (# 1532)
  > 824efc7 fix(mutate): also set timestamps only present in some formats (# 1550)
  > 061ee6b Support for OCI 1.1+ referrers via fallback tag (# 1543)
  > da1008f Bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (# 1548)
  > 86be45f Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 (# 1547)
  > 9306eba Allow crane edit to generate non-image artifacts (# 1545)
  > 759b19f Support artifactType, for images whose config.mediaType is not a config (# 1541)
  > 11843ba Enforce proper sha256 usage (# 1544)
  > 76bac93 Update release.yml (# 1540)
  > d872232 hash: use generic instantiation (# 1538)
bumping golang.org/x/sys d4ac05d...74cfc93:
  > 74cfc93 all: upgrade go directive to at least 1.23.0 [generated]
  > 863b3c4 unix: update glibc to 2.41
  > 4d4692e unix: add Auxv
  > b215a1c unix: update to Linux kernel 6.13
  > c756214 cpu: add support for AVX-VNNI and IFMA detection
  > 1c14dca unix: add GetPeerUcred and UcredGet for solaris
bumping golang.org/x/net 8da7ed1...99b3ae0:
  > 99b3ae0 go.mod: update golang.org/x dependencies
  > 85d1d54 go.mod: update golang.org/x dependencies
  > cde1dda proxy, http/httpproxy: do not mismatch IPv6 zone ids against hosts
  > fe7f039 publicsuffix: spruce up code gen and speed up PublicSuffix
  > 459513d internal/http3: move more common stream processing to genericConn
  > aad0180 http2: fix flakiness from t.Log when GOOS=js
  > b73e574 http2: don't log expected errors from writing invalid trailers
  > 5f45c77 internal/http3: make read-data tests usable for server handlers
  > 43c2540 http2, internal/httpcommon: reject userinfo in :authority
  > 1d78a08 http2, internal/httpcommon: factor out server header logic for h2/h3
  > 0d7dc54 quic: add Conn.ConnectionState
  > b4c8655 http2: avoid extended CONNECT hang when connection breaks during startup
  > 163d836 internal/http3: add Server
  > 447f458 context: delete lone example
  > 918d64e context: delete dead code, sync docs with upstream context package
  > 5095d0c all: upgrade go directive to at least 1.23.0 [generated]
  > 8844327 internal/httpcommon: don't depend on net/http
  > cd9d661 route: fix RTM_GET netmask parsing on Darwin
  > df97a48 go.mod: update golang.org/x dependencies
  > 2dab271 route: treat short sockaddr lengths as unspecified
  > b914489 internal/http3: refactor in prep for sharing transport/server code
  > ebd23f8 route: fix parsing network address of length zero
  > 938a9fb internal/http3: add request/response body transfer
  > 145b2d7 internal/http3: add RoundTrip
  > 5bda71a internal/http3: define connection and stream error types
  > 3c1185a internal/http3: return error on mid-frame EOF
  > a6c2c7f http2, internal/httpcommon: factor out common request header logic for h2/h3
  > c72e89d internal/http3: QPACK encoding and decoding
  > 93c1957 internal/http3: add Transport and ClientConn
  > 45432b5 internal/socket, webdav: use testing.T.TempDir
  > 56691ee quic: don't return EOF from ReadByte when we have a byte
  > 7ad0ebf internal/http3: qpack wire primitives
  > f6b2e53 internal/http3: basic stream read/write operations
  > 78717f9 internal/http3: error codes
  > 84b528b internal/http3: new package
  > 445eead http2: encode :protocol pseudo-header before regular headers
  > 5566b43 quic: add the ability to create an endpoint with a fake network
  > 97dd44e http2, internal/gate: move Gate type to an internal package
  > 35e1007 quic, internal/quic/quicwire: split wire encode/decode functions to new package
  > 0a5dcdd http2: disable extended CONNECT by default
  > 03179ce quic: report error string when peer closes connection
  > 4428704 quic: surface connection errors in stream methods
  > dc3b8a8 quic: return error from Stream.Flush
  > 2e60102 quic, internal/testcert: move test cert to internal package
bumping golang.org/x/sync 913fb63...b637f27:
  > b637f27 errgroup: drop support for Go versions before 1.20
  > 960bf1f all: upgrade go directive to at least 1.23.0 [generated]
  > fe3591b sync/errgroup: improve documentation for semaphore limit behavior
bumping sigs.k8s.io/json 9aa6b5e...cfa47c3:
  > cfa47c3 Merge pull request # 23 from liggitt/go123
  > 08d7098 Update required go version to 1.23
  > 7061b8c Matrix test go versions
bumping github.com/google/go-cmp c3ad843...9b12f36:
  > 9b12f36 Detect proto.Message types when failing to export a field (# 370)
  > 4dd3d63 fix: type 'aribica' => 'arabica' (# 368)
  > 391980c Support compare functions with SortSlices and SortMaps (# 367)
bumping github.com/prometheus/common 0c7b585...280b0e7:
  > 280b0e7 http_config: Allow customizing TLS config and settings. (# 748)
  > aea8919 Update common Prometheus files (# 747)
  > 8d916fa Bump golang.org/x/net from 0.32.0 to 0.33.0 (# 743)
  > fe88605 Bump google.golang.org/protobuf from 1.35.2 to 1.36.1 (# 744)
  > 5d9961d Update common Prometheus files (# 742)
  > 0a89b98 Merge pull request # 740 from dashpole/update_om_links
  > d88ee1f Remove deprecated sigv4 module (# 737)
  > e3926e2 update links to openmetrics to reference the v1.0.0 release
  > c3fdb17 Remove deprecated promlog package (# 738)
  > cf5f48f Change default validation scheme to UTF8Validation (# 724)
  > 7b484e9 Bump google.golang.org/protobuf from 1.35.1 to 1.35.2 (# 732)
  > 05e3c40 Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (# 731)
  > a0ef737 Bump golang.org/x/net from 0.30.0 to 0.32.0 (# 736)
  > f99f029 Update common Prometheus files (# 726)
  > b88f24c promslog: always lowercase log level from CLI (# 728)
  > 2c3c048 Bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 (# 730)
  > ec7291f Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in /assets (# 729)
  > 145b50a fix(promslog): always use UTC for time (# 735)
  > 39a62f7 fix: values escaping bugs (# 727)
  > 7ed4523 Allow custom user-agent definition (# 725)
  > e25286d Update common Prometheus files (# 722)
  > b83ece4 Mark promlog deprecated (# 720)
  > 8675cd9 Update common Prometheus files (# 721)
  > c971f56 setup dependabot for `github.com/prometheus/common/assets` (# 719)
  > 34874f2 Bump google.golang.org/protobuf from 1.34.2 to 1.35.1 (# 711)
  > ab95209 chore: use testify instead of testing.Fatal (# 718)
  > 937c5b5 chore: enable perfsprint linter (# 717)
  > 28e4459 Bump golang.org/x/net from 0.29.0 to 0.30.0 (# 712)
  > b424bae Update common Prometheus files (# 714)
  > ee5cc87 Provide a way to get UserAgent (# 716)
  > 6ad2990 Mark sigv4 deprecated (# 715)
  > 653e0fa Update common Prometheus files (# 701)
  > 0d2e2e5 Reload certificates even when no CA is used (# 707)
  > a9d2e3f Merge pull request # 705 from roidelapluie/sourcefile
  > dae848d Update supported Go versions (# 700)
  > fdc50c7 promslog: Only log basename, not full path
  > 63ff77e Bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 (# 698)
  > b7aa68c Bump golang.org/x/net from 0.28.0 to 0.29.0 (# 699)
  > 4e3a6fd feat: add `promslog.NewNopLogger()` convenience func (# 697)
  > d66e745 promslog: use UTC timestamps for go-kit log style (# 696)
  > 14bac55 Merge pull request # 695 from prometheus/repo_sync
  > 40d6251 Merge pull request # 694 from jkroepke/slog/writer
  > 8bc4cd5 Update common Prometheus files
  > fa21dfd Update common Prometheus files (# 692)
  > 5f9af24 slog: expose io.Writer
  > be8a747 fix(utf8): Fix multiple metric name inside braces validation (# 691)
  > bf4843e Merge pull request # 690 from ywwg/owilliams/default-escaping
  > 4f8e8f4 expfmt: Add WithEscapingScheme to help construct Formats (# 688)
  > 01da226 Change the default escape method to UnderscoreEscaping
  > b1880d0 Merge pull request # 687 from roidelapluie/checkheader
  > 06c2425 Bump golang.org/x/net from 0.27.0 to 0.28.0 (# 685)
  > 334963d Change the logic for SetDirectory
  > 4606c0a Bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 (# 684)
  > d64a747 Remove secret file existence check in Validate for headers
  > d98411b Merge pull request # 683 from tjhop/docs/promslog-README
  > 9bbc9cb Merge pull request # 677 from tjhop/feat/add-promslog-pkg
  > 76549db docs: mention new promslog package in package list in README
  > 6623230 Provide a method for explicitly checking label names for legacy validity. (# 682)
  > 6ea2584 feat: new promslog and promslog/flag packages to wrap log/slog
  > 19d0796 Merge pull request # 681 from prometheus/repo_sync
  > 8968b6c expfmt: Add UTF-8 syntax support in text_parse.go (# 670)
  > 29a2d2c Update common Prometheus files
  > cd4bcc0 Update golangci lint (# 679)
  > 2cac84e Update client_golang (# 676)
  > 79c0459 Merge pull request # 675 from dswarbrick/fix-32bit-overflows
  > 1dade5b sigv4: support nil body (# 673)
  > 008d7b8 Fix overflows of untyped int constants on 32-bit
  > 430dbfe Bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.5 in /sigv4 (# 671)
  > d235298 Update common Prometheus files (# 674)
  > 3f9e4f8 Merge pull request # 672 from prometheus/repo_sync
  > a3eaa75 Merge pull request # 668 from ywwg/owilliams/param
  > 6eac2f4 Update common Prometheus files
  > 0b924af Bump golang.org/x/net from 0.26.0 to 0.27.0 (# 667)
  > a9acdc7 use basic string in IsValidLegacyMetricName
  > 4cf22c5 Merge pull request # 665 from prometheus/superq/revert_unexport
  > 1d53a04 Update common Prometheus files (# 664)
  > c3e8247 Deprecate format strings
  > 8e3075b Bump github.com/aws/aws-sdk-go from 1.54.7 to 1.54.11 in /sigv4 (# 661)
  > 279f076 Revert "Unexport Format strings"
  > 3e6afe2 remove dependency to github.com/prometheus/client_golang in sigv4
  > 8742f09 Merge pull request # 647 from multani/fix-oauth2-secret-file-refresh
  > 249682f Don't always fetch a OAuth2 token, if the secret from a file didn't change
bumping k8s.io/client-go 9d43434...86ff7a1:
  > 86ff7a1 Update dependencies to v0.32.2 tag
bumping golang.org/x/oauth2 3e64809...b9c813b:
  > b9c813b google: add warning about externally-provided credentials
  > 49a531d all: make method and struct comments match the names
  > 22134a4 README: don't recommend go get
bumping knative.dev/hack c142b48...8f599b7:
  > 8f599b7 Skip whitespace changes in codegen (# 420)
  > 742e1e5 Deprecate knative.dev/hack/schema (# 418)
  > 306ce74 Update community files (# 414)
  > ce4c934 Bump default GKE version to 1.31 (# 413)
  > 5f7f0f5 Update community files (# 412)
  > b38a2ca Update community files (# 411)

Signed-off-by: Knative Automation <[email protected]>

Author: knative-automation

go.mod

@@ -4,17 +4,17 @@ go 1.23.0
 
 require (
 	github.com/emicklei/go-restful v2.9.5+incompatible
-	github.com/golang-jwt/jwt/v4 v4.5.0
+	github.com/golang-jwt/jwt/v4 v4.5.1
 	github.com/hashicorp/golang-lru v1.0.2
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/zeebo/xxh3 v1.0.2
 	go.uber.org/zap v1.27.0
-	k8s.io/api v0.32.1
-	k8s.io/apimachinery v0.32.1
-	k8s.io/client-go v0.32.1
-	knative.dev/hack v0.0.0-20250116150306-c142b4835bc5
-	knative.dev/pkg v0.0.0-20250117084104-c43477f0052b
-	knative.dev/serving v0.43.1-0.20250120145709-df7f1681a4e9
+	k8s.io/api v0.32.2
+	k8s.io/apimachinery v0.32.2
+	k8s.io/client-go v0.32.2
+	knative.dev/hack v0.0.0-20250318155814-8f599b7a828c
+	knative.dev/pkg v0.0.0-20250312035536-b7bbf4be5dbd
+	knative.dev/serving v0.44.1-0.20250321013115-a3be1efff409
 )
 
 require (
@@ -27,7 +27,7 @@ require (
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/emicklei/go-restful/v3 v3.12.1 // indirect
-	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
+	github.com/evanphx/json-patch/v5 v5.9.11 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/go-kit/log v0.2.1 // indirect
 	github.com/go-logfmt/logfmt v0.5.1 // indirect
@@ -39,14 +39,15 @@ require (
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.9 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
-	github.com/google/go-containerregistry v0.13.0 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/go-containerregistry v0.20.3 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/websocket v1.5.3 // indirect
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.17.11 // indirect
 	github.com/klauspost/cpuid/v2 v2.0.9 // indirect
 	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -55,43 +56,42 @@ require (
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/openzipkin/zipkin-go v0.4.3 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.19.1 // indirect
+	github.com/prometheus/client_golang v1.20.5 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.55.0 // indirect
+	github.com/prometheus/common v0.62.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/prometheus/statsd_exporter v0.23.0 // indirect
 	github.com/spf13/pflag v1.0.6 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.uber.org/automaxprocs v1.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/oauth2 v0.23.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/sys v0.29.0 // indirect
-	golang.org/x/term v0.28.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	golang.org/x/time v0.7.0 // indirect
-	golang.org/x/tools v0.29.0 // indirect
+	golang.org/x/mod v0.24.0 // indirect
+	golang.org/x/net v0.37.0 // indirect
+	golang.org/x/oauth2 v0.26.0 // indirect
+	golang.org/x/sync v0.12.0 // indirect
+	golang.org/x/sys v0.31.0 // indirect
+	golang.org/x/term v0.30.0 // indirect
+	golang.org/x/text v0.23.0 // indirect
+	golang.org/x/time v0.10.0 // indirect
+	golang.org/x/tools v0.31.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/api v0.183.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
-	google.golang.org/grpc v1.69.2 // indirect
-	google.golang.org/protobuf v1.36.4 // indirect
+	google.golang.org/api v0.198.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20250207221924-e9438ea467c6 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20250207221924-e9438ea467c6 // indirect
+	google.golang.org/grpc v1.71.0 // indirect
+	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/code-generator v0.32.1 // indirect
-	k8s.io/gengo v0.0.0-20250130153323-76c5745d3511 // indirect
+	k8s.io/code-generator v0.32.2 // indirect
 	k8s.io/gengo/v2 v2.0.0-20250130153323-76c5745d3511 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect
-	k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect
-	knative.dev/networking v0.0.0-20250117155906-67d1c274ba6a // indirect
-	sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
+	k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
+	knative.dev/networking v0.0.0-20250226145929-863b7af736fb // indirect
+	sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )