[gomod] bump the dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the dependencies group with 9 updates in the / directory:

Package	From	To
github.com/getkin/kin-openapi	0.133.0	0.134.0
github.com/oapi-codegen/runtime	1.2.0	1.3.0
k8s.io/api	0.35.1	0.35.2
k8s.io/client-go	0.35.1	0.35.2
k8s.io/kubectl	0.35.1	0.35.2
sigs.k8s.io/cluster-api	1.10.10	1.12.4
sigs.k8s.io/cluster-api/test	1.10.10	1.12.4
sigs.k8s.io/controller-runtime	0.22.5	0.23.3
github.com/k3s-io/cluster-api-k3s	0.3.0	0.3.1

Updates github.com/getkin/kin-openapi from 0.133.0 to 0.134.0

Release notes

Sourced from github.com/getkin/kin-openapi's releases.

v0.134.0

What's Changed

• openapi3filter: feat(multipart-ct-decoder): default body decoder on binary schema by @​mieltn in getkin/kin-openapi#1097
• openapi3: ensure SchemaErrors get the correct path for allOf schemas by @​jamesfcarter in getkin/kin-openapi#1098
• openapi3filter: Fix empty string handling in parameter validation by @​utah-KT in getkin/kin-openapi#1096
• tidy(docs): Update references to oapi-codegen project URL (issue getkin#1094) by @​frenchi in getkin/kin-openapi#1095
• openapi2conv: fix allOf inside additionalProperties by @​dani-maarouf in getkin/kin-openapi#1103
• openapi3filter: Reject requests with body when non expected (issue 1100) by @​CynanX in getkin/kin-openapi#1101
• openapi3: fix for RFC3339 validation: time-offset is a required component by @​mpreu in getkin/kin-openapi#1104
• openapi3: add file path to origin location tracking by @​reuvenharrison in getkin/kin-openapi#1128
• openapi3filter: fix bug where absent optional properties fail validation in form-urlencoded requests by @​thierry-f-78 in getkin/kin-openapi#1110
• feat: add document-scoped format validators to prevent global state pollution by @​the-corp-mark in getkin/kin-openapi#1126
• openapi3: process discriminator mapping values as refs by @​RaduPetreTarean in getkin/kin-openapi#1108
• openapi3: serialize Extensions when using $ref by @​irees in getkin/kin-openapi#1131

New Contributors

• @​mieltn made their first contribution in getkin/kin-openapi#1097
• @​jamesfcarter made their first contribution in getkin/kin-openapi#1098
• @​utah-KT made their first contribution in getkin/kin-openapi#1096
• @​frenchi made their first contribution in getkin/kin-openapi#1095
• @​dani-maarouf made their first contribution in getkin/kin-openapi#1103
• @​CynanX made their first contribution in getkin/kin-openapi#1101
• @​mpreu made their first contribution in getkin/kin-openapi#1104
• @​thierry-f-78 made their first contribution in getkin/kin-openapi#1110
• @​the-corp-mark made their first contribution in getkin/kin-openapi#1126
• @​RaduPetreTarean made their first contribution in getkin/kin-openapi#1108

Full Changelog: getkin/kin-openapi@v0.133.0...v0.134.0

Commits

• 713eff1 openapi3: serialize Extensions when using $ref (#1131)
• 88234d0 openapi3: process discriminator mapping values as refs (#1108)
• b4a86ce feat: add document-scoped format validators to prevent global state pollution...
• fd00a26 openapi3filter: fix bug where absent optional properties fail validation in f...
• ede8b1f openapi3: add file path to origin location tracking (#1128)
• 45db2ad Fix RFC3339 validation (#1104)
• 2ac6346 feat: support rejecting when request body present but not required by specifi...
• 6321ee8 openapi2conv: fix allOf inside additionalProperties (#1103)
• f53e403 tidy(docs): Update references to oapi-codegen project URL (issue getkin#1094)...
• 6a04fdf openapi3: Allow usage of empty string (#1096)
• Additional commits viewable in compare view

Updates github.com/oapi-codegen/runtime from 1.2.0 to 1.3.0

Release notes

Sourced from github.com/oapi-codegen/runtime's releases.

Echo V5, more parameter handling options, bug fixes

🚀 New features and improvements

• feat: improve parameter handling (#109) @​mromaszewicz Parameters now support the allowReserved property from OpenAPI 3.0.
• feat: add support for echo v5 (#89) @​jinuthankachan

🐛 Bug fixes

• Fix: Query param deepObject return without assign on !required (#68) @​voro015
• fix: strip style prefix for label/matrix primitive parameters (#99) (#100) @​mromaszewicz
• fix: parse un-exploded query param to map (#101) @​alexdulin
• fix: respect Binder interface for primitive types in BindStringToObject (#86) @​vikstrous

👻 Maintenance

• chore: Update to go 1.24 (#111) @​mromaszewicz

📦 Dependency updates

• chore: Update to go 1.24 (#111) @​mromaszewicz

Sponsors

We would like to thank our sponsors for their support during this release.

Commits

• ee2e591 chore: Update to go 1.24 (#111)
• fd63554 Fix: Query param deepObject return without assign on !required (#68)
• c9909ff fix: strip style prefix for label/matrix primitive parameters (#99) (#100)
• 09a43f0 feat: improve parameter handling (#109)
• 99b941f feat: add support for echo v5 (#89)
• d4b9383 fix: parse un-exploded query param to map (#101)
• bfe9ff9 fix: respect Binder interface for primitive types in BindStringToObject (#86)
• See full diff in compare view

Updates k8s.io/api from 0.35.1 to 0.35.2

Commits

• 8a137cd Update dependencies to v0.35.2 tag
• See full diff in compare view

Updates k8s.io/apimachinery from 0.35.1 to 0.35.2

Commits

• See full diff in compare view

Updates k8s.io/client-go from 0.35.1 to 0.35.2

Commits

• a21b329 Update dependencies to v0.35.2 tag
• See full diff in compare view

Updates k8s.io/kubectl from 0.35.1 to 0.35.2

Commits

• b1b835c Update dependencies to v0.35.2 tag
• See full diff in compare view

Updates sigs.k8s.io/cluster-api from 1.10.10 to 1.12.4

Release notes

Sourced from sigs.k8s.io/cluster-api's releases.

v1.12.4

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Changes since v1.12.3

📈 Overview

• 17 new commits merged
• 9 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13451)
• CI: Bump trivy to v0.69.2 to fix CI (#13388)
• Cluster: Fix panic in Cluster conversion (#13384)
• ClusterClass/KCP/MachineSet/MachineDeployment: Implement mitigation for managedFields issue with SSA in apiserver (#13355)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13471)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13377)
• e2e: Only retry creating objects that failed (#13430)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13406)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13427)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13399)
• CAPD: Implement pause for DockerMachinePool (#13448)
• clusterctl: Bump cert-manager v1.19.4 (#13381)
• Dependency: Bump cloudflare/circl (#13438)
• Dependency: Bump go v1.25.8 (#13432)
• e2e: Add retry in test framework when getting manifest YAMLs (#13358)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13375)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13468)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• gonum.org/v1/gonum: v0.16.0

Changed

• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: 2f00578 → 0feb691

... (truncated)

Commits

• 233b59b Merge pull request #13471 from k8s-infra-cherrypick-robot/cherry-pick-13463-t...
• 1813ad1 Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions
• 5b278fb Merge pull request #13468 from k8s-infra-cherrypick-robot/cherry-pick-13461-t...
• a68427e Improve condition if CAPD Machine is not yet ready for bootstrap exec
• bafc561 Merge pull request #13451 from k8s-infra-cherrypick-robot/cherry-pick-13447-t...
• 62fda79 Merge pull request #13448 from k8s-infra-cherrypick-robot/cherry-pick-13445-t...
• ac62d41 Fix "Failed to exec DockerMachine bootstrap" errors in CAPD
• 5e8bc42 Implement pause for DockerMachinePool
• 0cda8fd Merge pull request #13438 from fabriziopandini/bump-cloudflare/circl
• 7e7f1f2 Bump cloudflare/circl
• Additional commits viewable in compare view

Updates sigs.k8s.io/cluster-api/test from 1.10.10 to 1.12.4

Release notes

Sourced from sigs.k8s.io/cluster-api/test's releases.

v1.12.4

👌 Kubernetes version support

• Management Cluster: v1.31.x -> v1.35.x
• Workload Cluster: v1.29.x -> v1.35.x

More information about version support can be found here

Highlights

Starting from this release ReconcilerRateLimiting feature also requires PriorityQueue to be enabled. This ensures that ReconcilerRateLimiting works consistently with controller runtime ExponentialBackoff.

Changes since v1.12.3

📈 Overview

• 17 new commits merged
• 9 bugs fixed 🐛

🐛 Bug Fixes

• CAPD: Fix "Failed to exec DockerMachine bootstrap" errors in CAPD (#13451)
• CI: Bump trivy to v0.69.2 to fix CI (#13388)
• Cluster: Fix panic in Cluster conversion (#13384)
• ClusterClass/KCP/MachineSet/MachineDeployment: Implement mitigation for managedFields issue with SSA in apiserver (#13355)
• ClusterClass: Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions (#13471)
• Dependency: Bump dependencies to fix CVE GO-2026-4394 (go.opentelemetry.io/otel/sdk pkg) (#13377)
• e2e: Only retry creating objects that failed (#13430)
• Machine/MachineSet/MachineDeployment: Fix UpToDate calculation for rolloutAfter (#13406)
• util: Fix exponential backoff with ReconcilerRateLimiting (#13427)

🌱 Others

• API: Relax validation for Machine .status.addresses to maximum of 256 instead of 128 items (#13399)
• CAPD: Implement pause for DockerMachinePool (#13448)
• clusterctl: Bump cert-manager v1.19.4 (#13381)
• Dependency: Bump cloudflare/circl (#13438)
• Dependency: Bump go v1.25.8 (#13432)
• e2e: Add retry in test framework when getting manifest YAMLs (#13358)
• e2e: Bump autoscaler version used for testing to v1.35.0 (#13375)
• e2e: Improve condition if CAPD Machine is not yet ready for bootstrap exec (#13468)

Dependencies

Added

• github.com/cenkalti/backoff/v5: v5.0.3
• gonum.org/v1/gonum: v0.16.0

Changed

• cloud.google.com/go/compute/metadata: v0.6.0 → v0.9.0
• github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp: v1.26.0 → v1.30.0
• github.com/cloudflare/circl: v1.6.1 → v1.6.3
• github.com/cncf/xds/go: 2f00578 → 0feb691

... (truncated)

Commits

• 233b59b Merge pull request #13471 from k8s-infra-cherrypick-robot/cherry-pick-13463-t...
• 1813ad1 Fix upgradePlan computation in GetUpgradePlanFromClusterClassVersions
• 5b278fb Merge pull request #13468 from k8s-infra-cherrypick-robot/cherry-pick-13461-t...
• a68427e Improve condition if CAPD Machine is not yet ready for bootstrap exec
• bafc561 Merge pull request #13451 from k8s-infra-cherrypick-robot/cherry-pick-13447-t...
• 62fda79 Merge pull request #13448 from k8s-infra-cherrypick-robot/cherry-pick-13445-t...
• ac62d41 Fix "Failed to exec DockerMachine bootstrap" errors in CAPD
• 5e8bc42 Implement pause for DockerMachinePool
• 0cda8fd Merge pull request #13438 from fabriziopandini/bump-cloudflare/circl
• 7e7f1f2 Bump cloudflare/circl
• Additional commits viewable in compare view

Updates sigs.k8s.io/controller-runtime from 0.22.5 to 0.23.3

Release notes

Sourced from sigs.k8s.io/controller-runtime's releases.

v0.23.3

What's Changed

• 🐛 Ensure DefaulterRemoveUnknownOrOmitableFields is still working even if objects are equal by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3469

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.2...v0.23.3

v0.23.2

What's Changed

• 🐛 Fix fake client's SSA status patch resource version check by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3446
• ✨ Reduce memory usage of default webhooks by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3467

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.1...v0.23.2

v0.23.1

What's Changed

• 🐛 Cache reader: Wait for cache sync when ReaderFailOnMissingInformer is true by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3433
• 🐛 Fix panic when using CRs with embedded pointer structs by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3436
• 🌱 Test cache reader waits for cache sync by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3438
• 🐛 Fakeclient: Fix status apply if existing object has managedFields set by @​k8s-infra-cherrypick-robot in kubernetes-sigs/controller-runtime#3437

Full Changelog: kubernetes-sigs/controller-runtime@v0.23.0...v0.23.1

v0.23.0

🔆 Highlights

• Client: Add subresource Apply support by @​alvaroaleman in kubernetes-sigs/controller-runtime#3321
• Conversion: Enable implementation of conversion outside of API packages by @​sbueringer in kubernetes-sigs/controller-runtime#3335
• Priorityqueue: Various improvements, bug fixes and now enabled per default
• Webhooks: Generic Validator and Defaulter by @​alvaroaleman in kubernetes-sigs/controller-runtime#3360

⚠️ Breaking changes

• Dependencies: Update to k8s.io/* v1.35 by @​alvaroaleman @​dongjiang1989 @​kannon92 (#3316, #3349, #3386, #3391, #3401)
• Client: Add subresource Apply support by @​alvaroaleman in kubernetes-sigs/controller-runtime#3321
• Events: Migration to the new events API by @​clebs in kubernetes-sigs/controller-runtime#3262
  • Using the new GetEventRecorderFor requires updating your rbac for events to use the events.k8s.io apiGroup rather than the `` (core) apiGroup
• Fakeclient: Set ResourceVersion for SSA Create by @​alvaroaleman in kubernetes-sigs/controller-runtime#3311
• Webhooks: Generic Validator and Defaulter by @​alvaroaleman in kubernetes-sigs/controller-runtime#3360
  • Existing code of the form builder.WebhookManagedBy(mgr).For(&corev1.Deployment{}) has to be changed to builder.WebhookManagedBy(mgr, &appsv1.Deployment{})
  • Existing webhook implementations have to be changed to take the concrete object rather than runtime.Object, for example from ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) to ValidateCreate(ctx context.Context, obj *appsv1.Deployment) (admission.Warnings, error)

✨ Features

• Cache: Allow fine-granular SyncPeriod configuration by @​sbueringer in kubernetes-sigs/controller-runtime#3376
• Client: Add FieldOwner option to client.Options by @​aerfio in kubernetes-sigs/controller-runtime#3389
• Client: Add FieldValidation option to client.Options by @​aerfio in kubernetes-sigs/controller-runtime#3393

... (truncated)

Commits

• f9589b9 Merge pull request #3469 from k8s-infra-cherrypick-robot/cherry-pick-3468-to-...
• 25615ad Ensure DefaulterRemoveUnknownOrOmitableFields is still working even if object...
• 8122a62 Merge pull request #3467 from k8s-infra-cherrypick-robot/cherry-pick-3463-to-...
• 35093c6 Reduce memory usage of default webhooks
• 4dbfa5c [release-0.23] 🐛 Fix fake client's SSA status patch resource version check (#...
• f52bbb8 Merge pull request #3437 from k8s-infra-cherrypick-robot/cherry-pick-3430-to-...
• 4f41337 Merge pull request #3438 from k8s-infra-cherrypick-robot/cherry-pick-3434-to-...
• e29a1b9 seedling: Test cache reader waits for cache sync
• 83c8dc3 bug: Fakeclient: Fix status apply if existing object has managedFields set
• bf6bcd5 Merge pull request #3436 from k8s-infra-cherrypick-robot/cherry-pick-3431-to-...
• Additional commits viewable in compare view

Updates github.com/k3s-io/cluster-api-k3s from 0.3.0 to 0.3.1

Release notes

Sourced from github.com/k3s-io/cluster-api-k3s's releases.

v0.3.1

👌 Kubernetes version support

• Management Cluster: v1.X.x -> v1.X.x
• Workload Cluster: v1.X.x -> v1.X.x

More information about version support can be found here

Changes since v0.3.1

• Update the RBAC proxy image used, @​richardcase

---

📈 Overview

Thanks to all our contributors! 😊

Commits

• c6aac64 Merge pull request #202 from richardcase/change_rbac_proxy
• 6e1a763 chore: update rbac-proxy to use different registry
• 5915945 Merge pull request #154 from k3s-io/dependabot/github_actions/softprops/actio...
• 186afe2 Merge pull request #188 from k3s-io/dependabot/github_actions/actions/upload-...
• a105f4f Merge pull request #192 from k3s-io/dependabot/github_actions/actions/checkout-6
• 3ff1aa9 🌱 Bump actions/checkout from 5 to 6
• 21b99a8 🌱 Bump actions/upload-artifact from 4.6.2 to 5.0.0
• 018cbe9 🌱 Bump softprops/action-gh-release from 1 to 2
• 60d795e Merge pull request #168 from k3s-io/dependabot/go_modules/go_modules-89e3deb571
• 2e7be7b Merge pull request #173 from k3s-io/dependabot/github_actions/docker/build-pu...
• Additional commits viewable in compare view

Updates k8s.io/apiextensions-apiserver from 0.34.3 to 0.35.0

Commits

• a8d2a03 Update dependencies to v0.35.0 tag
• b9eb912 Merge remote-tracking branch 'origin/master' into release-1.35
• e526698 Bump golang.org/x/crypto to v0.45.0
• fd7881d Merge pull request #135278 from aman4433/KUBE-134468
• 8db5ab6 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 4ed5bd4 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 704bc3d Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 7d598d7 Refactor: Contextualize CRDFinalizer to fix goroutine leak
• 27e5803 Update vendored dependencies
• c4e434c Merge pull request #134216 from Goend/master
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions