build(deps): bump the go group with 7 updates

[dependabot]

Bumps the go group with 7 updates:

Package	From	To
github.com/envoyproxy/go-control-plane/envoy	1.32.3	1.32.4
github.com/go-playground/validator/v10	10.24.0	10.25.0
github.com/google/go-cmp	0.6.0	0.7.0
github.com/open-policy-agent/opa	1.1.0	1.2.0
github.com/spf13/cobra	1.8.1	1.9.1
golang.org/x/sync	0.10.0	0.11.0
google.golang.org/protobuf	1.36.3	1.36.4

Updates github.com/envoyproxy/go-control-plane/envoy from 1.32.3 to 1.32.4

Commits

• c19bf63 Release envoy/v1.32.4
• 454f8a0 build(deps): Bump github.com/prometheus/client_model in /envoy (#1119)
• 58efc63 build(deps): Bump google.golang.org/protobuf in /envoy (#1115)
• 33b45de build(deps): Bump github.com/envoyproxy/protoc-gen-validate in /envoy (#1118)
• 4e8ae81 build(deps): Bump google.golang.org/protobuf in /contrib (#1112)
• aca1ecc build(deps): Bump google.golang.org/protobuf in /ratelimit (#1116)
• 74d3edc build(deps): Bump google.golang.org/grpc from 1.67.1 to 1.70.0 in /envoy (#1120)
• 639a4f1 chore: setup dependabot for new sub-modules (#1110)
• 0d09f56 build(deps): Bump go.opentelemetry.io/build-tools/multimod (#1108)
• d881ae0 build(deps): Bump github.com/golangci/golangci-lint in /internal/tools (#1107)
• Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.24.0 to 10.25.0

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

Release 10.25.0

What's Changed

• Fix postcode_iso3166_alpha2_field validation by @​ddevcap in go-playground/validator#1359
• Update README to replace the Travis CI badge with a GitHub Actions badge by @​nodivbyzero in go-playground/validator#1362
• chore: using errors.As instead of type assertion by @​fatelei in go-playground/validator#1346
• Fix/remove issue template md by @​ganeshdipdumbare in go-playground/validator#1375
• feat: Add support for omitting empty and zero values in validation (including nil pointer and empty content of pointer) by @​zeewell in go-playground/validator#1289

New Contributors

• @​ddevcap made their first contribution in go-playground/validator#1359
• @​fatelei made their first contribution in go-playground/validator#1346
• @​zeewell made their first contribution in go-playground/validator#1289

Full Changelog: go-playground/validator@v10.24.0...v10.25.0

Commits

• 0240917 Update README.md
• f5f02dc feat: Add support for omitting empty and zero values in validation (including...
• c171f2d Fix/remove issue template md (#1375)
• e564451 chore: using errors.As instead of type assertion (#1346)
• 57dcfdc Update README to replace the Travis CI badge with a GitHub Actions badge (#1362)
• b111154 Fix postcode_iso3166_alpha2_field validation (#1359)
• See full diff in compare view

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

• (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

• (#370) Detect proto.Message types when failing to export a field

Commits

• 9b12f36 Detect proto.Message types when failing to export a field (#370)
• 4dd3d63 fix: type 'aribica' => 'arabica' (#368)
• 391980c Support compare functions with SortSlices and SortMaps (#367)
• See full diff in compare view

Updates github.com/open-policy-agent/opa from 1.1.0 to 1.2.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.2.0

This release contains a mix of features, performance improvements, and bugfixes.

Parameterized Rego Tests (#2176)

Rego tests now support parameterization, allowing a single test rule to include multiple, hierarchical, named test cases. This feature is useful for data-driven testing, where a single test rule can be used for multiple test cases with different inputs and expected outputs.

package example_test
test_concat[note] if {
some note, tc in {
"empty + empty": {
"a": [],
"b": [],
"exp": [],
},
"empty + filled": {
"a": [],
"b": [1, 2],
"exp": [1, 2],
},
"filled + filled": {
"a": [1, 2],
"b": [3, 4],
"exp": [1, 2, 3], # Faulty expectation, this test case will fail
},
}
act := array.concat(tc.a, tc.b)
act == tc.exp

}

$ opa test example_test.rego
example_test.rego:
data.example_test.test_concat: FAIL (263.375µs)
  empty + empty: PASS
  empty + filled: PASS
  filled + filled: FAIL
--------------------------------------------------------------------------------
FAIL: 1/1

See the documentation for more information.

Authored by @​johanfylling, reported by @​anderseknert

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.2.0

This release contains a mix of features, performance improvements, and bugfixes.

Parameterized Rego Tests (#2176)

Rego tests now support parameterization, allowing a single test rule to include multiple, hierarchical, named test cases. This feature is useful for data-driven testing, where a single test rule can be used for multiple test cases with different inputs and expected outputs.

package example_test
test_concat[note] if {
some note, tc in {
"empty + empty": {
"a": [],
"b": [],
"exp": [],
},
"empty + filled": {
"a": [],
"b": [1, 2],
"exp": [1, 2],
},
"filled + filled": {
"a": [1, 2],
"b": [3, 4],
"exp": [1, 2, 3], # Faulty expectation, this test case will fail
},
}
act := array.concat(tc.a, tc.b)
act == tc.exp

}

$ opa test example_test.rego
example_test.rego:
data.example_test.test_concat: FAIL (263.375µs)
  empty + empty: PASS
  empty + filled: PASS
  filled + filled: FAIL
--------------------------------------------------------------------------------
FAIL: 1/1

See the documentation for more information.

Authored by @​johanfylling, reported by @​anderseknert

... (truncated)

Commits

• d537788 Release v1.2.0 (#7403)
• d6b8e6d perf: various small improvements (#7357)
• e46696e ci: Using fetch-depth when fetching tags (#7400)
• 85eaacd docs: Add note about v1.0 addr behaviour (#7398)
• 83c8e0e ci: Adding fetch-tags under with in GHA (#7397)
• 10d1a54 Explicitly fetching fetching git tags for CI builds (#7395)
• 6088316 build(deps): bump github.com/containerd/containerd from 1.7.25 to 1.7.26 (#7392)
• 3ab892f docs: Update homepage examples to drop v1 import (#7391)
• bad1b1a build(deps): bump github.com/prometheus/client_golang (#7375)
• e75f583 build(deps): bump actions/download-artifact from 4.1.8 to 4.1.9 (#7389)
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.9.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.9.1

🐛 Fixes

• Fix CompletionFunc implementation by @​ccoVeille in spf13/cobra#2234
• Revert "Make detection for test-binary more universal (#2173)" by @​marckhouzam in spf13/cobra#2235

Full Changelog: spf13/cobra@v1.9.0...v1.9.1

v1.9.0

✨ Features

• Allow linker to perform deadcode elimination for program using Cobra by @​aarzilli in spf13/cobra#1956
• Add default completion command even if there are no other sub-commands by @​marckhouzam in spf13/cobra#1559
• Add CompletionWithDesc helper by @​ccoVeille in spf13/cobra#2231

🐛 Fixes

• Fix deprecation comment for Command.SetOutput by @​thaJeztah in spf13/cobra#2172
• Replace deprecated ioutil usage by @​nirs in spf13/cobra#2181
• Fix --version help and output for plugins by @​nirs in spf13/cobra#2180
• Allow to reset the templates to the default by @​marckhouzam in spf13/cobra#2229

🤖 Completions

• Make Powershell completion work in constrained mode by @​lstemplinger in spf13/cobra#2196
• Improve detection for flags that accept multiple values by @​thaJeztah in spf13/cobra#2210
• add CompletionFunc type to help with completions by @​ccoVeille in spf13/cobra#2220
• Add similar whitespace escape logic to bash v2 completions than in other completions by @​kangasta in spf13/cobra#1743
• Print ActiveHelp for bash along other completions by @​marckhouzam in spf13/cobra#2076
• fix(completions): Complete map flags multiple times by @​gabe565 in spf13/cobra#2174
• fix(bash): nounset unbound file filter variable on empty extension by @​scop in spf13/cobra#2228

🧪 Testing

• Test also with go 1.23 by @​nirs in spf13/cobra#2182
• Make detection for test-binary more universal by @​thaJeztah in spf13/cobra#2173

✍🏼 Documentation

• docs: update README.md by @​eltociear in spf13/cobra#2197
• Improve site formatting by @​nirs in spf13/cobra#2183
• doc: add Conduit by @​raulb in spf13/cobra#2230
• doc: azion project added to the list of CLIs that use cobra by @​maxwelbm in spf13/cobra#2198
• Fix broken links in active_help.md by @​vuil in spf13/cobra#2202
• chore: fix function name in comment by @​zhuhaicity in spf13/cobra#2216

🔧 Dependency upgrades

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​thaJeztah in spf13/cobra#2206
• Update to latest go-md2man by @​mikelolasagasti in spf13/cobra#2201

... (truncated)

Commits

• 40b5bc1 Revert "Make detection for test-binary more universal (#2173)" (#2235)
• a97f9fd fix CompletionFunc implementation (#2234)
• 5f9c408 chore: Upgrade dependencies for v1.9.0 (#2233)
• 24ada7f Remove the default "completion" cmd if it is alone (#1559)
• 680936a New logo
• 8cb30f9 feat: add CompletionWithDesc helper (#2231)
• 17b6dca doc: add Conduit (#2230)
• ab5cadc Allow to reset the templates to the default (#2229)
• 4ba5566 fix(bash): nounset unbound file filter variable on empty extension (#2228)
• 41b26ec Print ActiveHelp for bash along other completions (#2076)
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits

• fe3591b sync/errgroup: improve documentation for semaphore limit behavior
• See full diff in compare view

Updates google.golang.org/protobuf from 1.36.3 to 1.36.4

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions