build(deps): bump the misc-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the misc-dependencies group with 9 updates in the / directory:

Package	From	To
go.etcd.io/etcd/api/v3	3.6.8	3.6.10
go.etcd.io/etcd/client/pkg/v3	3.6.8	3.6.10
go.etcd.io/etcd/client/v3	3.6.8	3.6.10
go.etcd.io/etcd/server/v3	3.6.8	3.6.10
go.etcd.io/etcd/tests/v3	3.6.8	3.6.10
google.golang.org/api	0.269.0	0.274.0
google.golang.org/grpc	1.79.3	1.80.0
kubevirt.io/api	1.7.1	1.8.1
kubevirt.io/containerized-data-importer-api	1.64.0	1.65.0

Updates go.etcd.io/etcd/api/v3 from 3.6.8 to 3.6.10

Release notes

Sourced from go.etcd.io/etcd/api/v3's releases.

v3.6.10

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits

• db8d13a version: bump up to 3.6.10
• 83bb20d Merge pull request #21549 from etcd-io/cherry-pick-36/allow-non-admin-user-to...
• c99cf0c etcdserver: allow non-admin to fetch member list and alarms
• 8a1830c Merge pull request #21530 from k8s-infra-cherrypick-robot/cherry-pick-21528-t...
• e841e10 Merge pull request #21531 from ahrtr/20260327_dep
• f2173cd Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815
• e0f7af4 Fix etcdctl endpoint command with option --cluster when auth is enabled
• 85651fa version: bump up to 3.6.9
• d2fd011 Merge pull request #21501 from ivanvc/release-3.6-grpc-go-1.79.3
• 2a8cd59 Merge pull request #21497 from fuweid/3.6-weifu-donotreview
• Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/pkg/v3 from 3.6.8 to 3.6.10

Release notes

Sourced from go.etcd.io/etcd/client/pkg/v3's releases.

v3.6.10

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits

• db8d13a version: bump up to 3.6.10
• 83bb20d Merge pull request #21549 from etcd-io/cherry-pick-36/allow-non-admin-user-to...
• c99cf0c etcdserver: allow non-admin to fetch member list and alarms
• 8a1830c Merge pull request #21530 from k8s-infra-cherrypick-robot/cherry-pick-21528-t...
• e841e10 Merge pull request #21531 from ahrtr/20260327_dep
• f2173cd Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815
• e0f7af4 Fix etcdctl endpoint command with option --cluster when auth is enabled
• 85651fa version: bump up to 3.6.9
• d2fd011 Merge pull request #21501 from ivanvc/release-3.6-grpc-go-1.79.3
• 2a8cd59 Merge pull request #21497 from fuweid/3.6-weifu-donotreview
• Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/v3 from 3.6.8 to 3.6.10

Release notes

Sourced from go.etcd.io/etcd/client/v3's releases.

v3.6.10

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits

• db8d13a version: bump up to 3.6.10
• 83bb20d Merge pull request #21549 from etcd-io/cherry-pick-36/allow-non-admin-user-to...
• c99cf0c etcdserver: allow non-admin to fetch member list and alarms
• 8a1830c Merge pull request #21530 from k8s-infra-cherrypick-robot/cherry-pick-21528-t...
• e841e10 Merge pull request #21531 from ahrtr/20260327_dep
• f2173cd Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815
• e0f7af4 Fix etcdctl endpoint command with option --cluster when auth is enabled
• 85651fa version: bump up to 3.6.9
• d2fd011 Merge pull request #21501 from ivanvc/release-3.6-grpc-go-1.79.3
• 2a8cd59 Merge pull request #21497 from fuweid/3.6-weifu-donotreview
• Additional commits viewable in compare view

Updates go.etcd.io/etcd/server/v3 from 3.6.8 to 3.6.10

Release notes

Sourced from go.etcd.io/etcd/server/v3's releases.

v3.6.10

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits

• db8d13a version: bump up to 3.6.10
• 83bb20d Merge pull request #21549 from etcd-io/cherry-pick-36/allow-non-admin-user-to...
• c99cf0c etcdserver: allow non-admin to fetch member list and alarms
• 8a1830c Merge pull request #21530 from k8s-infra-cherrypick-robot/cherry-pick-21528-t...
• e841e10 Merge pull request #21531 from ahrtr/20260327_dep
• f2173cd Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815
• e0f7af4 Fix etcdctl endpoint command with option --cluster when auth is enabled
• 85651fa version: bump up to 3.6.9
• d2fd011 Merge pull request #21501 from ivanvc/release-3.6-grpc-go-1.79.3
• 2a8cd59 Merge pull request #21497 from fuweid/3.6-weifu-donotreview
• Additional commits viewable in compare view

Updates go.etcd.io/etcd/tests/v3 from 3.6.8 to 3.6.10

Release notes

Sourced from go.etcd.io/etcd/tests/v3's releases.

v3.6.10

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)

ETCD_VER=v3.6.10
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits

• db8d13a version: bump up to 3.6.10
• 83bb20d Merge pull request #21549 from etcd-io/cherry-pick-36/allow-non-admin-user-to...
• c99cf0c etcdserver: allow non-admin to fetch member list and alarms
• 8a1830c Merge pull request #21530 from k8s-infra-cherrypick-robot/cherry-pick-21528-t...
• e841e10 Merge pull request #21531 from ahrtr/20260327_dep
• f2173cd Bump golang.org/x/image to v0.38.0 to resolve GO-2026-4815
• e0f7af4 Fix etcdctl endpoint command with option --cluster when auth is enabled
• 85651fa version: bump up to 3.6.9
• d2fd011 Merge pull request #21501 from ivanvc/release-3.6-grpc-go-1.79.3
• 2a8cd59 Merge pull request #21497 from fuweid/3.6-weifu-donotreview
• Additional commits viewable in compare view

Updates google.golang.org/api from 0.269.0 to 0.274.0

Release notes

Sourced from google.golang.org/api's releases.

v0.274.0

0.274.0 (2026-04-02)

Features

• all: Auto-regenerate discovery clients (#3555) (0e634ae)

v0.273.1

0.273.1 (2026-03-31)

Bug Fixes

• Merge duplicate x-goog-request-params header (#3547) (2008108)

v0.273.0

0.273.0 (2026-03-23)

Features

• all: Auto-regenerate discovery clients (#3542) (a4b4711)
• all: Auto-regenerate discovery clients (#3546) (0cacfa8)

v0.272.0

0.272.0 (2026-03-16)

Features

• all: Auto-regenerate discovery clients (#3534) (b4d37a1)
• all: Auto-regenerate discovery clients (#3536) (549ef3e)
• all: Auto-regenerate discovery clients (#3537) (6def284)
• all: Auto-regenerate discovery clients (#3538) (319b5ab)
• all: Auto-regenerate discovery clients (#3539) (73bcfcf)
• all: Auto-regenerate discovery clients (#3541) (6374c49)

v0.271.0

0.271.0 (2026-03-10)

Features

• all: Auto-regenerate discovery clients (#3532) (ccff5b3)

v0.270.0

0.270.0 (2026-03-08)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.274.0 (2026-04-02)

Features

• all: Auto-regenerate discovery clients (#3555) (0e634ae)

0.273.1 (2026-03-31)

Bug Fixes

• Merge duplicate x-goog-request-params header (#3547) (2008108)

0.273.0 (2026-03-23)

Features

• all: Auto-regenerate discovery clients (#3542) (a4b4711)
• all: Auto-regenerate discovery clients (#3546) (0cacfa8)

0.272.0 (2026-03-16)

Features

• all: Auto-regenerate discovery clients (#3534) (b4d37a1)
• all: Auto-regenerate discovery clients (#3536) (549ef3e)
• all: Auto-regenerate discovery clients (#3537) (6def284)
• all: Auto-regenerate discovery clients (#3538) (319b5ab)
• all: Auto-regenerate discovery clients (#3539) (73bcfcf)
• all: Auto-regenerate discovery clients (#3541) (6374c49)

0.271.0 (2026-03-10)

Features

• all: Auto-regenerate discovery clients (#3532) (ccff5b3)

0.270.0 (2026-03-08)

Features

• all: Auto-regenerate discovery clients (#3515) (44db8ef)
• all: Auto-regenerate discovery clients (#3518) (b3dc663)
• all: Auto-regenerate discovery clients (#3519) (01c06b9)
• all: Auto-regenerate discovery clients (#3520) (7ed0454)

... (truncated)

Commits

• 6c759a2 chore(main): release 0.274.0 (#3556)
• 0e634ae feat(all): auto-regenerate discovery clients (#3555)
• 0f75259 chore: embargo aiplatform:v1beta1 temporarily (#3554)
• 550f00c chore(main): release 0.273.1 (#3551)
• da01f6a chore(deps): bump github.com/go-git/go-git/v5 (#3552)
• 2008108 fix: merge duplicate x-goog-request-params header (#3547)
• 2e86962 chore(main): release 0.273.0 (#3545)
• 50ea74c chore(google-api-go-generator): restore aiplatform:v1beta1 (#3549)
• 0cacfa8 feat(all): auto-regenerate discovery clients (#3546)
• d38a129 chore(all): update all (#3548)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.79.3 to 1.80.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.80.0

Behavior Changes

• balancer: log a warning if a balancer is registered with uppercase letters, as balancer names should be lowercase. In a future release, balancer names will be treated as case-insensitive; see #5288 for details. (#8837)
• xds: update resource error handling and re-resolution logic (#8907)
  • Re-resolve all LOGICAL_DNS clusters simultaneously when re-resolution is requested.
  • Fail all in-flight RPCs immediately upon receipt of listener or route resource errors, instead of allowing them to complete.

Bug Fixes

• xds: support the LB policy configured in LOGICAL_DNS cluster resources instead of defaulting to pick_first. (#8733)
• credentials/tls: perform per-RPC authority validation against the leaf certificate instead of the entire peer certificate chain. (#8831)
• xds: enabling A76 ring hash endpoint keys no longer causes EDS resources with invalid proxy metadata to be NACKed when HTTP CONNECT (gRFC A86) is disabled. (#8875)
• xds: validate that the sum of endpoint weights in a locality does not exceed the maximum uint32 value. (#8899)
  • Special Thanks: @​RAVEYUS
• xds: fix incorrect proto field access in the weighted round robin (WRR) configuration where blackout_period was used instead of weight_expiration_period. (#8915)
  • Special Thanks: @​gregbarasch
• xds/rbac: handle addresses with ports in IP matchers. (#8990)

New Features

• ringhash: enable gRFC A76 (endpoint hash keys and request hash headers) by default. (#8922)

Performance Improvements

• credentials/alts: pool write buffers to reduce memory allocations and usage. (#8919)
• grpc: enable the use of pooled write buffers for buffering HTTP/2 frame writes by default. This reduces memory usage when connections are idle. Use the WithSharedWriteBuffer dial option or the SharedWriteBuffer server option to disable this feature. (#8957)
• xds/priority: stop caching child LB policies removed from the configuration. This will help reduce memory and cpu usage when localities are constantly switching between priorities. (#8997)
• mem: add a faster tiered buffer pool; use the experimental mem.NewBinaryTieredBufferPool function to create such pools. (#8775)

Commits

• 397e45e Change version to 1.80.0 (#8948)
• 64ebf0a Cherry-pick #8997 to v1.80.x (#9027)
• e45ed24 xds/rbac: add additional handling for addresses with ports (#8990) (#9022)
• c78d26e Cherry-pick #8957 to v1.80.x (#9007)
• bd7cd3c grpc: enforce strict path checking for incoming requests on the server (#8987)
• b6597b3 xds/clusterimpl: use xdsConfig for updates and remove redundant fields from L...
• 1d4fa8a xds: change cdsbalancer to use update from dependency manager (#8907)
• 8f47d36 attributes: Replace internal map with linked list (#8933)
• 22e1ee8 xds: add panic recovery in xdsclient resource unmarshalling. (#8895)
• 7136e99 credentials/alts: Pool write buffers (#8919)
• Additional commits viewable in compare view

Updates kubevirt.io/api from 1.7.1 to 1.8.1

Commits

• 015302c api update by KubeVirt Prow build 2038518105730191360
• e1f0279 api update by KubeVirt Prow build 2037334441394704384
• c71383f api update by KubeVirt Prow build 2037261570177765376
• be4758e api update by KubeVirt Prow build 2037261629120319488
• 7bcdf62 api update by KubeVirt Prow build 2037261535738335232
• cba20b7 api update by KubeVirt Prow build 2037261662020440064
• f852221 api update by KubeVirt Prow build 2033871810008715264
• d8a6d86 api update by KubeVirt Prow build 2032367531741679616
• 25a94ff api update by KubeVirt Prow build 2031047525162553344
• 1a8527b api update by KubeVirt Prow build 2029836056332865536
• Additional commits viewable in compare view

Updates kubevirt.io/containerized-data-importer-api from 1.64.0 to 1.65.0

Commits

• 9827e95 containerized-data-importer-api update by KubeVirt Prow build 203902605866513...
• 18a5d1f containerized-data-importer-api update by KubeVirt Prow build 203469373313542...
• e03152c containerized-data-importer-api update by KubeVirt Prow build 203246576458111...
• 0e3694c containerized-data-importer-api update by KubeVirt Prow build 203133743240996...
• 9080750 containerized-data-importer-api update by KubeVirt Prow build 200396036716783...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Upgraded a broad set of external dependencies to newer compatible versions (etcd, golang.org/x modules, Google APIs & gRPC, OpenTelemetry, KubeVirt-related modules and others). No public or exported API signatures were changed. These maintenance updates improve security, stability, and compatibility across integrations. Lines changed: +31/-31. Estimated review effort: Low.

[openshift-ci-robot]

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: 1b061541-e55b-42ca-9358-03b2a84b3f0d

📥 Commits

Reviewing files that changed from the base of the PR and between 45ad508 and 31f2abd.

⛔ Files ignored due to path filters (182)

• go.sum is excluded by !**/*.sum
• vendor/cloud.google.com/go/auth/CHANGES.md is excluded by !vendor/**, !**/vendor/**
• vendor/cloud.google.com/go/auth/httptransport/transport.go is excluded by !vendor/**, !**/vendor/**
• vendor/cloud.google.com/go/auth/internal/transport/transport.go is excluded by !vendor/**, !**/vendor/**
• vendor/cloud.google.com/go/auth/internal/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/CHANGES.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/apierror/apierror.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/custom_error.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/error.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/github.com/googleapis/gax-go/v2/call_option.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/callctx/callctx.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/content_type.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/feature.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/internal/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/invoke.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/telemetry.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/api/v3/version/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/client/v3/internal/resolver/resolver.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/client/v3/retry_interceptor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/etcdctl/v3/ctlv3/command/ep_command.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/etcdctl/v3/ctlv3/command/util.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/grpc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/key.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/maintenance.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/member.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/txn/txn.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/v3_server.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/storage/mvcc/watchable_store.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/config.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/internal/parse.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/metadata_supplier.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/stats_handler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/LICENSE is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/client.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/common.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/client.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/transport.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/.golangci.yml is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/CONTRIBUTING.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/Makefile is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/RELEASING.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/attribute/encoder.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/attribute/hash.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/attribute/kv.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/attribute/type_string.go is excluded by !vendor/**, !**/vendor/**, !**/*_string.go
• vendor/go.opentelemetry.io/otel/attribute/value.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/baggage/baggage.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/dependencies.Dockerfile is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/errorhandler/errorhandler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/handler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/state.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncint64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/meter.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncfloat64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncint64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/propagation/baggage.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/propagation/trace_context.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/requirements.txt is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/x/features.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/builtin.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/config.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/container.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/env.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_readfile.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/process.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/resource.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/batch_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/simple_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/tracer.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/sampling.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/attribute_group.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/event.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/http.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/resource.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.20.0/trace.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/attribute_group.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/exception.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/schema.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.37.0/rpcconv/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/MIGRATION.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/exception.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/schema.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/MIGRATION.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/attribute_group.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/error_type.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/exception.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/httpconv/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/otelconv/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/rpcconv/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/schema.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/auto.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/trace.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/tracestate.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/versions.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/http2.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/transport.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched_random.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sync/singleflight/singleflight.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/asm_darwin_arm64_gc.s is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_darwin_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_other_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/syscall_darwin_arm64_gc.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/plan9/syscall_plan9.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/unix/ztypes_linux.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/aliases.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/registry/key.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/syscall_windows.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute2-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute3-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/dns/v1/dns-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/dns/v1/dns-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/iam/v1/iam-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/iam/v1/iam-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/internal/gensupport/send.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/internal/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/option/internaloption/unsaferesolver.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/genproto/googleapis/rpc/code/code.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/genproto/googleapis/rpc/errdetails/error_details.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/genproto/googleapis/rpc/status/status.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/attributes/attributes.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/balancer.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/base/balancer.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/endpointsharding/endpointsharding.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/pickfirst/pickfirst.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/credentials/tls.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/dialoptions.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/internal/envconfig/envconfig.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/mem/buffer_pool.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/defaults.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/http2_client.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/http2_server.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/interop/grpc_testing/benchmark_service.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/benchmark_service_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/control.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go

📒 Files selected for processing (1)

• go.mod

✅ Files skipped from review due to trivial changes (1)

• go.mod

---

📝 Walkthrough

Walkthrough

The go.mod file was updated to bump multiple direct and indirect dependencies. Key changes: etcd modules v3.6.8 → v3.6.10; golang.org/x packages (crypto, net, oauth2, sync, time) advanced; google.golang.org/api v0.269.0 → v0.276.0 and grpc v1.79.3 → v1.80.0; kubevirt.io/api v1.7.1 → v1.8.1 and containerized-data-importer-api v1.64.0 → v1.65.0. Several OpenTelemetry, Google, and other indirect requirements were also updated. No code logic, exported/public API signatures, or control flow were changed.

🚥 Pre-merge checks | ✅ 10

✅ Passed checks (10 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: a dependency version bump group update across the repository root with multiple dependency upgrades.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	PR modifies only go.mod file with dependency version bumps; no Ginkgo test files are modified, making the test naming check not applicable.
Test Structure And Quality	✅ Passed	This PR only modifies go.mod and go.sum files for dependency version bumps. No Ginkgo test code or test files are changed, so the test quality check does not apply.
Microshift Test Compatibility	✅ Passed	This PR contains only dependency version updates in go.mod and go.sum files with no new Ginkgo e2e tests.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR contains only dependency version updates to go.mod and go.sum files with no new Ginkgo e2e tests added.
Topology-Aware Scheduling Compatibility	✅ Passed	This PR only modifies go.mod and go.sum files (dependency version bump) with no changes to deployment manifests, operator code, or controllers. The topology-aware scheduling check only applies when these types of files are added or modified, so it is not applicable to this PR.
Ote Binary Stdout Contract	✅ Passed	PR is a dependency version bump with zero source code changes, so no stdout contract violations can be introduced.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	This PR contains only go.mod dependency version bumps with no new Ginkgo e2e tests added.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/misc-dependencies-a542bac1e4

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign cblecker for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Around line 86-90: Replace the incorrect etcd module versions with the
published security-fixed release v3.6.9: update each module line for
go.etcd.io/etcd/api/v3, go.etcd.io/etcd/client/pkg/v3,
go.etcd.io/etcd/client/v3, go.etcd.io/etcd/server/v3 and
go.etcd.io/etcd/tests/v3 to use v3.6.9 (replace any occurrences of v3.6.8 or
v3.6.10 with v3.6.9).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro

Run ID: eff49067-df8f-4533-9b9e-f98347ade3e3

📥 Commits

Reviewing files that changed from the base of the PR and between 51af991 and e0a6d32.

⛔ Files ignored due to path filters (156)

• go.sum is excluded by !**/*.sum
• vendor/github.com/googleapis/gax-go/v2/CHANGES.md is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/custom_error.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/github.com/googleapis/gax-go/v2/apierror/internal/proto/error.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/github.com/googleapis/gax-go/v2/call_option.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/callctx/callctx.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/content_type.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/internal/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/invoke.go is excluded by !vendor/**, !**/vendor/**
• vendor/github.com/googleapis/gax-go/v2/telemetry.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/api/v3/version/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/client/v3/internal/resolver/resolver.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/client/v3/retry_interceptor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/etcdctl/v3/ctlv3/command/ep_command.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/etcdctl/v3/ctlv3/command/util.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/auth.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/grpc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/key.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/maintenance.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/api/v3rpc/member.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/txn/txn.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/etcdserver/v3_server.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.etcd.io/etcd/server/v3/storage/mvcc/watchable_store.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/.golangci.yml is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/CHANGELOG.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/CONTRIBUTING.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/Makefile is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/baggage/baggage.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/dependencies.Dockerfile is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/errorhandler/errorhandler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/handler.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/state.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncint64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/meter.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncfloat64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncint64.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/propagation/baggage.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/propagation/trace_context.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/requirements.txt is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/builtin.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/container.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/env.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_readfile.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/process.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/batch_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/simple_span_processor.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/internal/observ/tracer.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/provider.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/sdk/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/MIGRATION.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.39.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/MIGRATION.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/README.md is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/attribute_group.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/error_type.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/exception.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/otelconv/metric.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.40.0/schema.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/auto.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/trace.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/trace/tracestate.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/go.opentelemetry.io/otel/versions.yaml is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/http2.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/transport.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/net/http2/writesched_random.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sync/singleflight/singleflight.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/asm_darwin_arm64_gc.s is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_darwin_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/cpu_other_arm64.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/cpu/syscall_darwin_arm64_gc.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/plan9/syscall_plan9.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/unix/ztypes_linux.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/aliases.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/registry/key.go is excluded by !vendor/**, !**/vendor/**
• vendor/golang.org/x/sys/windows/syscall_windows.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute2-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/compute/v1/compute3-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/dns/v1/dns-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/dns/v1/dns-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/iam/v1/iam-api.json is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/iam/v1/iam-gen.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/internal/gensupport/send.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/internal/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/api/option/internaloption/unsaferesolver.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/attributes/attributes.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/balancer.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/base/balancer.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/endpointsharding/endpointsharding.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/balancer/pickfirst/pickfirst.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/credentials/tls.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/dialoptions.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/health/grpc_health_v1/health.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/health/grpc_health_v1/health_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/internal/envconfig/envconfig.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/mem/buffer_pool.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/defaults.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/http2_client.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/internal/transport/http2_server.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/interop/grpc_testing/benchmark_service.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/benchmark_service_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/control.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/core/stats.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/empty.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/messages.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/payloads.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/report_qps_scenario_service.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/report_qps_scenario_service_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/stats.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/test.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/test_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/worker_service.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/interop/grpc_testing/worker_service_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/mem/buffer_pool.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/picker_wrapper.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/reflection/grpc_reflection_v1/reflection.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/reflection/grpc_reflection_v1/reflection_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/reflection/grpc_reflection_v1alpha/reflection_grpc.pb.go is excluded by !**/*.pb.go, !vendor/**, !**/vendor/**, !**/*.pb.go
• vendor/google.golang.org/grpc/resolver/map.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/rpc_util.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/server.go is excluded by !vendor/**, !**/vendor/**
• vendor/google.golang.org/grpc/version.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/register.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/v1alpha1/deepcopy_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/v1alpha1/doc.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/v1alpha1/register.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/v1alpha1/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/backup/v1alpha1/types_swagger_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/deepcopy_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/schema.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/schema_swagger_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/types_swagger_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/api/core/v1/zz_generated.defaults.go is excluded by !vendor/**, !**/vendor/**, !**/zz_generated*.go
• vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/types_swagger_generated.go is excluded by !vendor/**, !**/vendor/**
• vendor/kubevirt.io/containerized-data-importer-api/pkg/apis/core/v1beta1/zz_generated.deepcopy.go is excluded by !vendor/**, !**/vendor/**, !**/zz_generated*.go
• vendor/modules.txt is excluded by !vendor/**, !**/vendor/**

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Verify etcd v3.6.10 release exists and check for security advisories

# Check if v3.6.10 tag exists in etcd repository
gh api repos/etcd-io/etcd/git/refs/tags/v3.6.10 --jq '.ref' || echo "Tag not found"

# Check for security advisories affecting etcd v3.6.8
gh api graphql -f query='
{
  securityVulnerabilities(first: 10, ecosystem: GO, package: "go.etcd.io/etcd") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Repository: openshift/hypershift

Length of output: 381

---

🌐 Web query:

etcd v3.6.10 release information

💡 Result:

etcd v3.6.10 has not been released as of 2026-04-03. It is listed as upcoming in the official CHANGELOG-3.6.md with the change "Fix etcdctl endpoint command regression with option --cluster when auth is enabled", marked as (TBC) meaning "to be confirmed" or "to be released". The latest released version in the 3.6 series is v3.6.9, released on 2026-03-20. No GitHub release page or assets for v3.6.10 were found, and GitHub releases page does not list it. Previous releases follow a pattern of changelog entries updated post-release with dates.

Citations:

• 1: https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.6.md
• 2: https://github.com/etcd-io/etcd/releases/tag/v3.6.9
• 3: https://github.com/etcd-io/etcd/releases
• 4: Plan to release v3.6.9 etcd-io/etcd#21439
• 5: https://github.com/coreos/etcd/releases

---

🌐 Web query:

etcd v3.6.8 security vulnerabilities CVE

💡 Result:

etcd v3.6.8 has two known security vulnerabilities assigned CVEs, both disclosed in March 2026 and fixed in v3.6.9: - CVE-2026-33413: Authorization bypasses in multiple APIs (e.g., MemberList, Alarm, Lease APIs, compaction). Allows unauthorized access to certain functions via gRPC API in clusters with auth enabled. Rated moderate/high severity (CVSS 4.0: 8.8 HIGH by GitHub). Affects etcd <=3.6.8. Kubernetes deployments unaffected. - CVE-2026-33343: Nested etcd transactions bypass RBAC authorization checks. Allows authenticated users with restricted permissions to access entire data store. Rated moderate (CVSS 3.1: 6.5 MEDIUM by NVD). Affects etcd <=3.6.8. Kubernetes unaffected. v3.6.8 itself addressed prior dependency CVEs (e.g., Go toolchain CVEs like CVE-2025-61726) but is vulnerable to these auth issues. Upgrade to v3.6.9 recommended. Mitigations: restrict network access to etcd ports, use mTLS. No other CVEs specific to v3.6.8 found in official sources.

Citations:

• 1: https://nvd.nist.gov/vuln/detail/CVE-2026-33413
• 2: https://groups.google.com/g/etcd-dev/c/jNGxYo6ICUA
• 3: https://etcd.io/blog/2026/mar20-patch-release/
• 4: https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.6.md
• 5: GHSA-q8m4-xhhv-38mg
• 6: https://nvd.nist.gov/vuln/detail/CVE-2026-33343

---

🌐 Web query:

etcd changelog v3.6.8 to v3.6.10

💡 Result:

etcd v3.6.8 to v3.6.10 changelog (as of 2026-04-03): v3.6.10 (TBC, not yet released): - etcdctl: Fix etcdctl endpoint command regression with option --cluster when auth is enabled. v3.6.9 (2026-03-20): etcd server: - Ensure the metrics interceptor runs before other interceptors so that metrics remain up to date. - Fix Race between read index and leader change. - Fix Stale reads caused by process pausing. - Guard unauthenticated endpoints with auth checks to fix Authorization bypasses in multiple APIs (CVE-2026-33413). - [other security fix] (CVE-2026-33343). Package clientv3: - Print the endpoint the grpc request was actually sent to in unary interceptor. etcd grpc-proxy: - server/etcdmain: fix startup deadlock in grpcproxy. etcdctl: [unspecified changes]. Dependencies: - Bump go.opentelemetry.io/otel/sdk to v1.40.0 to resolve GO-2026-4394. - Compile binaries using go 1.25.8. - Bump golang.org/x/net to v0.51.0 to resolve GO-2026-4559. - Bump google.golang.org/grpc to 1.79.3 to resolve CVE-2026-33186. v3.6.8 (2026-02-13): etcd server: - Postpone removal of the --max-snapshots flag from v3.7 to v3.8. - Revoke the deprecation of the --snapshot-count flag. Dependencies: - Compile binaries using go 1.24.10. - Bump golang.org/x/crypto to 0.45.0 to address CVE-2025-47914, and CVE-2025-58181. - Compile binaries using go 1.24.13. This addresses CVE-2025-61726, CVE-2025-61731. Full details in official CHANGELOG-3.6.md. No breaking changes noted in these patch releases. Always read the upgrade guide before upgrading.

Citations:

• 1: https://github.com/etcd-io/etcd/releases
• 2: Plan to release v3.6.8 etcd-io/etcd#21226
• 3: https://github.com/etcd-io/etcd/releases/tag/v3.6.9
• 4: Plan to release v3.6.9 etcd-io/etcd#21439
• 5: https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.6.md

---

etcd v3.6.10 does not exist; use v3.6.9 instead.

The etcd v3.6.10 release has not been published. As of April 3, 2026, the latest available version in the 3.6 series is v3.6.9 (released March 20, 2026). Update all five etcd modules (api/v3, client/pkg/v3, client/v3, server/v3, tests/v3) from v3.6.8 to v3.6.9.

This change is critical: v3.6.8 contains two security vulnerabilities (CVE-2026-33413 and CVE-2026-33343) affecting authorization that are resolved in v3.6.9. Upgrading is recommended for security.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` around lines 86 - 90, Replace the incorrect etcd module versions with
the published security-fixed release v3.6.9: update each module line for
go.etcd.io/etcd/api/v3, go.etcd.io/etcd/client/pkg/v3,
go.etcd.io/etcd/client/v3, go.etcd.io/etcd/server/v3 and
go.etcd.io/etcd/tests/v3 to use v3.6.9 (replace any occurrences of v3.6.8 or
v3.6.10 with v3.6.9).

[hypershift-jira-solve-ci]

Test Failure Analysis Complete

Job Information

• Prow Job: Verify (GitHub Actions workflow)
• Build ID: 24542357253 / Job 71750722910
• Target: make generate update → make hypershift-api → controller-gen
• PR: build(deps): bump the misc-dependencies group across 1 directory with 9 updates #8161 — build(deps): bump the misc-dependencies group across 1 directory with 9 updates
• Branch: dependabot/go_modules/misc-dependencies-a542bac1e4

Test Failure Analysis

Error

Error: load packages in root "/home/runner/_work/hypershift/hypershift/api": err: exit status 1:
stderr: go: inconsistent vendoring in /home/runner/_work/hypershift/hypershift/api:
    golang.org/x/net@v0.52.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/oauth2@v0.36.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/sync@v0.20.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/sys@v0.42.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/term@v0.41.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/text@v0.35.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt
    golang.org/x/time@v0.15.0: is explicitly required in go.mod, but not marked as explicit in vendor/modules.txt

make: *** [Makefile:240: hypershift-api] Error 1

Summary

The Dependabot PR bumped 9 dependencies in the root go.mod/go.sum/vendor/ only, but the hypershift repository has a separate Go module at api/ with its own api/go.mod, api/go.sum, and api/vendor/ directory. The make generate update step runs controller-gen against paths="./api/...", which loads the api/ module. Because the api/go.mod still pins the old versions of 7 golang.org/x/* transitive dependencies while the root module pulled in newer versions, the api/vendor/modules.txt is out of sync with what api/go.mod requires after the root-level dependency resolution propagated version bumps into the api/ module's dependency graph. controller-gen runs with -mod=vendor and Go detects the inconsistency, aborting the build.

Root Cause

Dependabot is configured to bump dependencies in the root Go module (go.mod) but does not update the nested api/ Go module (api/go.mod + api/vendor/). The hypershift repository uses a multi-module layout where api/ is a standalone Go module with its own go.mod, go.sum, and vendored dependencies.

When Dependabot bumped the misc-dependencies group (including transitive golang.org/x/* packages), the root module's go.mod now requires newer versions of 7 golang.org/x/* packages. The make generate update target runs controller-gen object paths=./api/..., which loads the api/ module. During the make generate update step, the script likely runs go mod tidy and go mod vendor for the root module, which updates api/go.mod to align with the root module's resolved dependency versions — but it does not run go mod vendor inside the api/ directory. This leaves api/vendor/modules.txt referencing the old versions while api/go.mod now requires the new versions, causing the "inconsistent vendoring" error.

The 7 mismatched packages and their version deltas are:

Package	api/vendor/modules.txt (old)	api/go.mod (new, after tidy)
golang.org/x/net	v0.51.0	v0.52.0
golang.org/x/oauth2	v0.35.0	v0.36.0
golang.org/x/sync	v0.19.0	v0.20.0
golang.org/x/sys	v0.41.0	v0.42.0
golang.org/x/term	v0.40.0	v0.41.0
golang.org/x/text	v0.34.0	v0.35.0
golang.org/x/time	v0.14.0	v0.15.0

This is a known limitation of Dependabot with multi-module Go repositories — it does not traverse nested modules.

Recommendations

1. Immediate fix for this PR: Run cd api && go mod tidy && go mod vendor after the root-level dependency bump to synchronize the api/ module's vendor directory, then commit the updated api/go.sum, api/go.mod, and api/vendor/ files.

2. Prevent recurrence — Dependabot configuration: Add a separate Dependabot entry in .github/dependabot.yml for the api/ module directory so that both modules are bumped together:

   - package-ecosystem: gomod
     directory: "/api"
     schedule:
       interval: weekly
     groups:
       misc-dependencies:
         patterns: ["*"]

3. Alternative — CI-level guard: Add a pre-verify step in the GitHub Actions workflow that runs cd api && go mod tidy && go mod vendor and checks for uncommitted changes, providing a clearer error message when the api/ module is out of sync.

4. Alternative — Makefile fix: Update the make update or make generate target to also run cd api && go mod tidy && go mod vendor, ensuring the api/ module stays in sync automatically during development.

Evidence

Evidence	Detail
Failing step	make generate update → make hypershift-api → controller-gen object paths=./api/...
Error type	go: inconsistent vendoring in .../api — vendor/modules.txt does not match go.mod
Root go.mod versions	x/net@v0.52.0, x/oauth2@v0.36.0, x/sync@v0.20.0, x/sys@v0.42.0, x/term@v0.41.0, x/text@v0.35.0, x/time@v0.15.0
api/vendor/modules.txt versions	x/net@v0.51.0, x/oauth2@v0.35.0, x/sync@v0.19.0, x/sys@v0.41.0, x/term@v0.40.0, x/text@v0.34.0, x/time@v0.14.0
PR changed files	Only root go.mod, go.sum, and vendor/ (218 vendor files) — zero changes to api/ directory
Multi-module layout	api/go.mod declares module github.com/openshift/hypershift/api as a separate Go module
Makefile line	Makefile:240: hypershift-api — controller-gen object:headerFile=hack/boilerplate.go.txt paths=./api/...
Workflow file	.github/workflows/verify.yaml — step make generate update runs first

---

[openshift-ci]

@dependabot[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.