build(deps): bump the dependabot group across 1 directory with 10 updates

[dependabot]

Bumps the dependabot group with 9 updates in the / directory:

Package	From	To
github.com/docker/docker	27.5.1+incompatible	28.0.0+incompatible
github.com/prometheus/client_golang	1.20.5	1.21.0
github.com/spf13/cobra	1.8.1	1.9.1
golang.org/x/net	0.34.0	0.35.0
google.golang.org/api	0.220.0	0.222.0
k8s.io/api	0.33.0-alpha.1	0.33.0-alpha.2
k8s.io/client-go	0.33.0-alpha.1	0.33.0-alpha.2
github.com/elastic/go-elasticsearch/v8	8.17.0	8.17.1
go.mongodb.org/mongo-driver/v2	2.0.0	2.0.1

Updates github.com/docker/docker from 27.5.1+incompatible to 28.0.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.0.0

28.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.0.0 milestone
• moby/moby, 28.0.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Add ability to mount an image inside a container via --mount type=image. moby/moby#48798
  • You can also specify --mount type=image,image-subpath=[subpath],... option to mount a specific path from the image. docker/cli#5755
• docker images --tree now shows metadata badges. docker/cli#5744
• docker load, docker save, and docker history now support a --platform flag allowing you to choose a specific platform for single-platform operations on multi-platform images. docker/cli#5331
• Add OOMScoreAdj to docker service create and docker stack. docker/cli#5145
• docker buildx prune now supports reserved-space, max-used-space, min-free-space and keep-bytes filters. moby/moby#48720
• Windows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. moby/moby#47955

Networking

• The docker-proxy binary has been updated, older versions will not work with the updated dockerd. moby/moby#48132
  • Close a window in which the userland proxy (docker-proxy) could accept TCP connections, that would then fail after iptables NAT rules were set up.
  • The executable rootlesskit-docker-proxy is no longer used, it has been removed from the build and distribution.
• DNS nameservers read from the host's /etc/resolv.conf are now always accessed from the host's network namespace. moby/moby#48290
  • When the host's /etc/resolv.conf contains no nameservers and there are no --dns overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.
• Container interfaces in bridge and macvlan networks now use randomly generated MAC addresses. moby/moby#48808
  • Gratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.
  • IPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.
• The deprecated OCI prestart hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. moby/moby#47406
• Add a new gw-priority option to docker run, docker container create, and docker network connect. This option will be used by the Engine to determine which network provides the default gateway for a container. On docker run, this option is only available through the extended --network syntax. docker/cli#5664
• Add a new netlabel com.docker.network.endpoint.ifname to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. moby/moby#49155
  • When a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example eth, the container might fail to start.
  • The recommended practice is to use a different prefix, for example en0, or a numerical suffix high enough to never collide, for example eth100.
  • This label can be specified on docker network connect via the --driver-opt flag, for example docker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar ….
  • Or via the long-form --network flag on docker run, for example docker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …
• If a custom network driver reports capability GwAllocChecker then, before a network is created, it will get a GwAllocCheckerRequest with the network's options. The custom driver may then reply that no gateway IP address should be allocated. moby/moby#49372

Port publishing in bridge networks

• dockerd now requires ipset support in the Linux kernel. moby/moby#48596
  • The iptables and ip6tables rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native nftables support in a future release. moby/moby#48815
  • If it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use iptables -F and ip6tables -F to flush all existing iptables rules from the filter table before starting the older version of the daemon. When that is not possible, run the following commands as root:
    • iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
    • iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER
    • If you were previously running with the iptables filter-FORWARD policy set to ACCEPT and need to restore access to unpublished ports, also delete per-bridge-network rules from the DOCKER chains. For example, iptables -D DOCKER ! -i docker0 -o docker0 -j DROP.
• Fix a security issue that was allowing remote hosts to connect directly to a container on its published ports. moby/moby#49325
• Fix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. moby/moby#49325

... (truncated)

Commits

• af898ab Merge pull request #49495 from vvoland/update-buildkit
• d67f035 vendor: github.com/moby/buildkit v0.20.0
• 00ab386 Merge pull request #49491 from vvoland/update-buildkit
• 1fde8c4 builder-next: fix cdi manager
• cde9f07 vendor: github.com/moby/buildkit v0.20.0-rc3
• 89e1429 Merge pull request #49490 from thaJeztah/dockerfile_linting
• b2b5590 Dockerfile: fix linting warnings
• 62bc597 Merge pull request #49480 from thaJeztah/docs_api_1.48
• 670cd81 Merge pull request #49485 from vvoland/c8d-list-panic
• a3628f3 docs/api: add documentation for API v1.48
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.20.5 to 1.21.0

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.21.0 / 2025-02-19

⚠️ This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang (and depend on the strict, legacy validation for the label names). New common version changes model.NameValidationScheme global variable, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change model.NameValidationScheme to old model.LegacyValidation value in your project init function. ⚠️

• [BUGFIX] gocollector: Fix help message for runtime/metric metrics. #1583
• [BUGFIX] prometheus: Fix Desc.String() method for no labels case. #1687
• [PERF] prometheus: Optimize popular prometheus.BuildFQName function; now up to 30% faster. #1665
• [PERF] prometheus: Optimize Inc, Add and Observe cumulative metrics; now up to 50% faster under high concurrent contention. #1661
• [CHANGE] Upgrade prometheus/common to 0.62.0 which changes model.NameValidationScheme global variable. #1712
• [CHANGE] Add support for Go 1.23. #1602
• [FEATURE] process_collector: Add support for Darwin systems. #1600 #1616 #1625 #1675 #1715
• [FEATURE] api: Add ability to invoke CloseIdleConnections on api.Client using api.Client.(CloseIdler).CloseIdleConnections() casting. #1513
• [FEATURE] promhttp: Add promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). #1408
• [FEATURE] prometheus: Add NewConstNativeHistogram function. #1654

... (truncated)

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.21.0 / 2025-02-17

⚠️ This release contains potential breaking change if you upgrade github.com/prometheus/common to 0.62+ together with client_golang. ⚠️

New common version changes model.NameValidationScheme global variable, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change model.NameValidationScheme to old model.LegacyValidation value in your project init function.

• [BUGFIX] gocollector: Fix help message for runtime/metric metrics. #1583
• [BUGFIX] prometheus: Fix Desc.String() method for no labels case. #1687
• [ENHANCEMENT] prometheus: Optimize popular prometheus.BuildFQName function; now up to 30% faster. #1665
• [ENHANCEMENT] prometheus: Optimize Inc, Add and Observe cumulative metrics; now up to 50% faster under high concurrent contention. #1661
• [CHANGE] Upgrade prometheus/common to 0.62.0 which changes model.NameValidationScheme global variable. #1712
• [CHANGE] Add support for Go 1.23. #1602
• [FEATURE] process_collector: Add support for Darwin systems. #1600 #1616 #1625 #1675 #1715
• [FEATURE] api: Add ability to invoke CloseIdleConnections on api.Client using api.Client.(CloseIdler).CloseIdleConnections() casting. #1513
• [FEATURE] promhttp: Add promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). #1408
• [FEATURE] prometheus: Add NewConstNativeHistogram function. #1654

Commits

• eaf03ef Cut 1.21.0 (#1737)
• f1f89dc Cut 1.21.0-rc.0 (#1718)
• c923f7c Revert "ci: daggerize test and lint pipelines (#1534)" (#1717)
• 1bcda80 process collector: Fixed pedantic registry failures on darwin with cgo. (#1715)
• 038b37a tutorials/whatsup: Updated deps (#1716)
• 56a2431 docs: Add RELEASE.md for the release process (#1690)
• cbd9526 Merge pull request #1713 from prometheus/dependabot/go_modules/tutorials/what...
• 80b5a2a build(deps): bump golang.org/x/net in /tutorials/whatsup
• 1a822a8 Upgrade to prometheus/common 0.62.0 with breaking change (#1712)
• 7b39d01 Update common Prometheus files (#1708)
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.9.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.9.1

🐛 Fixes

• Fix CompletionFunc implementation by @​ccoVeille in spf13/cobra#2234
• Revert "Make detection for test-binary more universal (#2173)" by @​marckhouzam in spf13/cobra#2235

Full Changelog: spf13/cobra@v1.9.0...v1.9.1

v1.9.0

✨ Features

• Allow linker to perform deadcode elimination for program using Cobra by @​aarzilli in spf13/cobra#1956
• Add default completion command even if there are no other sub-commands by @​marckhouzam in spf13/cobra#1559
• Add CompletionWithDesc helper by @​ccoVeille in spf13/cobra#2231

🐛 Fixes

• Fix deprecation comment for Command.SetOutput by @​thaJeztah in spf13/cobra#2172
• Replace deprecated ioutil usage by @​nirs in spf13/cobra#2181
• Fix --version help and output for plugins by @​nirs in spf13/cobra#2180
• Allow to reset the templates to the default by @​marckhouzam in spf13/cobra#2229

🤖 Completions

• Make Powershell completion work in constrained mode by @​lstemplinger in spf13/cobra#2196
• Improve detection for flags that accept multiple values by @​thaJeztah in spf13/cobra#2210
• add CompletionFunc type to help with completions by @​ccoVeille in spf13/cobra#2220
• Add similar whitespace escape logic to bash v2 completions than in other completions by @​kangasta in spf13/cobra#1743
• Print ActiveHelp for bash along other completions by @​marckhouzam in spf13/cobra#2076
• fix(completions): Complete map flags multiple times by @​gabe565 in spf13/cobra#2174
• fix(bash): nounset unbound file filter variable on empty extension by @​scop in spf13/cobra#2228

🧪 Testing

• Test also with go 1.23 by @​nirs in spf13/cobra#2182
• Make detection for test-binary more universal by @​thaJeztah in spf13/cobra#2173

✍🏼 Documentation

• docs: update README.md by @​eltociear in spf13/cobra#2197
• Improve site formatting by @​nirs in spf13/cobra#2183
• doc: add Conduit by @​raulb in spf13/cobra#2230
• doc: azion project added to the list of CLIs that use cobra by @​maxwelbm in spf13/cobra#2198
• Fix broken links in active_help.md by @​vuil in spf13/cobra#2202
• chore: fix function name in comment by @​zhuhaicity in spf13/cobra#2216

🔧 Dependency upgrades

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​thaJeztah in spf13/cobra#2206
• Update to latest go-md2man by @​mikelolasagasti in spf13/cobra#2201

... (truncated)

Commits

• 40b5bc1 Revert "Make detection for test-binary more universal (#2173)" (#2235)
• a97f9fd fix CompletionFunc implementation (#2234)
• 5f9c408 chore: Upgrade dependencies for v1.9.0 (#2233)
• 24ada7f Remove the default "completion" cmd if it is alone (#1559)
• 680936a New logo
• 8cb30f9 feat: add CompletionWithDesc helper (#2231)
• 17b6dca doc: add Conduit (#2230)
• ab5cadc Allow to reset the templates to the default (#2229)
• 4ba5566 fix(bash): nounset unbound file filter variable on empty extension (#2228)
• 41b26ec Print ActiveHelp for bash along other completions (#2076)
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.34.0 to 0.35.0

Commits

• df97a48 go.mod: update golang.org/x dependencies
• 2dab271 route: treat short sockaddr lengths as unspecified
• b914489 internal/http3: refactor in prep for sharing transport/server code
• ebd23f8 route: fix parsing network address of length zero
• 938a9fb internal/http3: add request/response body transfer
• 145b2d7 internal/http3: add RoundTrip
• 5bda71a internal/http3: define connection and stream error types
• 3c1185a internal/http3: return error on mid-frame EOF
• a6c2c7f http2, internal/httpcommon: factor out common request header logic for h2/h3
• c72e89d internal/http3: QPACK encoding and decoding
• Additional commits viewable in compare view

Updates google.golang.org/api from 0.220.0 to 0.222.0

Release notes

Sourced from google.golang.org/api's releases.

v0.222.0

0.222.0 (2025-02-18)

Features

• all: Auto-regenerate discovery clients (#3014) (27cb014)
• all: Auto-regenerate discovery clients (#3016) (8169e72)
• all: Auto-regenerate discovery clients (#3018) (769817f)
• all: Auto-regenerate discovery clients (#3019) (f6aa2a4)
• all: Auto-regenerate discovery clients (#3021) (24ae542)
• all: Auto-regenerate discovery clients (#3022) (28b0491)

v0.221.0

0.221.0 (2025-02-12)

Features

• all: Auto-regenerate discovery clients (#2998) (0735943)
• all: Auto-regenerate discovery clients (#3002) (28be0d7)
• all: Auto-regenerate discovery clients (#3004) (aa95c21)
• all: Auto-regenerate discovery clients (#3005) (9550afc)
• all: Auto-regenerate discovery clients (#3007) (28149bc)
• all: Auto-regenerate discovery clients (#3010) (c454338)
• all: Auto-regenerate discovery clients (#3013) (a34f3f4)
• option/internaloption: Add new allowHardBoundTokens option (#2975) (1cc19b7)

Changelog

Sourced from google.golang.org/api's changelog.

0.222.0 (2025-02-18)

Features

• all: Auto-regenerate discovery clients (#3014) (27cb014)
• all: Auto-regenerate discovery clients (#3016) (8169e72)
• all: Auto-regenerate discovery clients (#3018) (769817f)
• all: Auto-regenerate discovery clients (#3019) (f6aa2a4)
• all: Auto-regenerate discovery clients (#3021) (24ae542)
• all: Auto-regenerate discovery clients (#3022) (28b0491)

0.221.0 (2025-02-12)

Features

• all: Auto-regenerate discovery clients (#2998) (0735943)
• all: Auto-regenerate discovery clients (#3002) (28be0d7)
• all: Auto-regenerate discovery clients (#3004) (aa95c21)
• all: Auto-regenerate discovery clients (#3005) (9550afc)
• all: Auto-regenerate discovery clients (#3007) (28149bc)
• all: Auto-regenerate discovery clients (#3010) (c454338)
• all: Auto-regenerate discovery clients (#3013) (a34f3f4)
• option/internaloption: Add new allowHardBoundTokens option (#2975) (1cc19b7)

Commits

• a627cda chore(main): release 0.222.0 (#3015)
• 8a616df chore(all): update all to 5a70512 (#3020)
• 28b0491 feat(all): auto-regenerate discovery clients (#3022)
• 24ae542 feat(all): auto-regenerate discovery clients (#3021)
• f6aa2a4 feat(all): auto-regenerate discovery clients (#3019)
• 769817f feat(all): auto-regenerate discovery clients (#3018)
• 2aaef90 test(support/bundler): increase context timeout to avoid occasional test fail...
• 8169e72 feat(all): auto-regenerate discovery clients (#3016)
• 27cb014 feat(all): auto-regenerate discovery clients (#3014)
• 3bdd389 chore(main): release 0.221.0 (#2999)
• Additional commits viewable in compare view

Updates k8s.io/api from 0.33.0-alpha.1 to 0.33.0-alpha.2

Commits

• c69b547 Update dependencies to v0.33.0-alpha.2 tag
• 4629116 Merge pull request #130049 from aojea/avoid_ginkgo_dep
• 101b455 reduce dependencies in apimachinery net testing utils
• See full diff in compare view

Updates k8s.io/apimachinery from 0.33.0-alpha.1 to 0.33.0-alpha.2

Commits

• 47e7fa9 Merge pull request #130151 from marosset/windows-unit-tests-externaljwt-plugi...
• 11b535c fixing various unit tests on Windows that create abstract sockets
• 46c230e Merge pull request #130049 from aojea/avoid_ginkgo_dep
• a19f1f8 Merge pull request #129792 from likakuli/fix-errshortbuffer
• d8c2c0a reduce dependencies in apimachinery net testing utils
• 1235242 Merge pull request #129341 from pohly/log-client-go-watch
• f7fd8b3 fix: Fix the issue of relist caused by client-side timeout
• 675c4f7 client-go + apimachinery watch: context support
• See full diff in compare view

Updates k8s.io/client-go from 0.33.0-alpha.1 to 0.33.0-alpha.2

Commits

• cce6f52 Update dependencies to v0.33.0-alpha.2 tag
• 90ccd59 Merge pull request #130105 from seans3/websocket-logging-level
• bf05f9c Merge pull request #130039 from p0lyn0mial/upstream-fake-client-improve-unit-...
• 3ead27a Update websocket logging levels for better debuggability
• 8683d2d Merge pull request #130049 from aojea/avoid_ginkgo_dep
• fb7de29 reduce dependencies in apimachinery net testing utils
• 2b1c073 fake/clientset: improve TestNewSimpleClientset
• 07d61b6 Merge pull request #129341 from pohly/log-client-go-watch
• 57bc261 client-go watch: NewIndexerInformerWatcherWithContext -> WithLogger
• e8a7cb0 client-go informers: provide ListWatch *WithContext variants
• Additional commits viewable in compare view

Updates github.com/elastic/go-elasticsearch/v8 from 8.17.0 to 8.17.1

Release notes

Sourced from github.com/elastic/go-elasticsearch/v8's releases.

v8.17.1

• Update elastictransport to 8.6.1 fixes #912

Thanks to @​AkisAya and @​jmfrees for their contributions!

Changelog

Sourced from github.com/elastic/go-elasticsearch/v8's changelog.

8.17.1

• Update elastictransport to 8.6.1

Thanks to @​AkisAya and @​jmfrees for their contributions!

Commits

• ef056fb Release 8.17.1
• c5acc23 Bump elastictransport to 8.6.1 (#954) (#955)
• 419ddf2 esutil: Add failure_store key to bulk response item (#948) (#950)
• d7ae96e Update version to 8.17.0-SNAPSHOT
• See full diff in compare view

Updates go.mongodb.org/mongo-driver/v2 from 2.0.0 to 2.0.1

Commits

• 1e183a4 BUMP v2.0.1
• b95d499 GODRIVER-3477 Bump golang.org/x/crypto from 0.29.0 to 0.31.0 [release/2.0] (#...
• cf27920 GODRIVER-3284 Allow valid SRV hostnames with less than 3 parts. (#1898) [rele...
• 71e025b GODRIVER-3452 MergeClientOptions returns object when given nil arguments (#19...
• 3dcf4f8 GODRIVER-3443 Remove internal APIs in migration guide. (#1911) [release/2.0] ...
• eff0672 GODRIVER-3470 Correct BSON unmarshaling logic for null values (#1924) [master...
• 80c2f1d Fix erroneous nil error return in FindOne. (#1926) [release/2.0] (#1944)
• f057c85 GODRIVER-3298 Handle joined errors correctly in WithTransaction. (#1928) [rel...
• f327bc6 GODRIVER-3307 clone returned byte slice in MarshalValue (#1913) [release/2.0]...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for ohsu-comp-bio-funnel ready!

Name	Link
🔨 Latest commit	511d96e
🔍 Latest deploy log	https://app.netlify.com/sites/ohsu-comp-bio-funnel/deploys/67b86598b712aa00087e45e2
😎 Deploy Preview	https://deploy-preview-1154--ohsu-comp-bio-funnel.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.