NO-JIRA: Bump the github-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the github-dependencies group with 3 updates in the / directory: github.com/kubernetes-csi/external-snapshotter/client/v8, github.com/onsi/gomega and github.com/sirupsen/logrus.

Updates github.com/kubernetes-csi/external-snapshotter/client/v8 from 8.2.0 to 8.4.0

Release notes

Sourced from github.com/kubernetes-csi/external-snapshotter/client/v8's releases.

client/v8.4.0

The release tag client/v8.4.0 is for VolumeSnapshot and VolumeGroupSnapshot APIs and client library which are in a separate go package.

Changes by Kind

API Change

• Introduce the v1beta2 VolumeGroupSnapshot API as described by KEP 5013 (#1312, @​leonardoce)
• Several VolumeGroupSnapshot, VolumeGroupSnapshotClass and VolumeGroupSnapshotContent fields are now immutable. The v1beta1 VolumeGroupSnapshot API is now marked as deprecated. (#1337, @​leonardoce)

Full Changelog

https://github.com/kubernetes-csi/external-snapshotter/blob/v8.4.0/CHANGELOG/CHANGELOG-8.4.md

v8.4.0

Overall Status

Volume snapshotting has been a GA feature since Kubernetes v1.20.

Supported CSI Spec Versions

1.0-1.12

• VolumeGroupSnapshot moves to GA in CSI spec v1.11.0.

Minimum Kubernetes version

1.25

Recommended Minimum Kubernetes version

1.25

Container

docker pull registry.k8s.io/sig-storage/snapshot-controller:v8.4.0
docker pull registry.k8s.io/sig-storage/csi-snapshotter:v8.4.0

Changes by Kind

API Change

• Introduce the v1beta2 VolumeGroupSnapshot API as described by KEP 5013 (#1312, @​leonardoce)

Feature

• The number of worker threads in the snapshot-controller and csi-snapshotter is now configurable via the worker-threads flag. (#282, @​huffmanca)

Other (Cleanup or Flake)

• Several VolumeGroupSnapshot, VolumeGroupSnapshotClass and VolumeGroupSnapshotContent fields are now immutable. The v1beta1 VolumeGroupSnapshot API is now marked as deprecated. (#1337, @​leonardoce)
• Update kubernetes dependencies to v1.34.0 (#1330, @​dobsonj)

Uncategorized

... (truncated)

Commits

• f21cb02 Merge pull request #1342 from xing-yang/changelog_8.4
• ff86d39 Add changelog for v8.4
• d282047 Merge pull request #1338 from Madhu-1/cleanup
• bf2ed74 Merge pull request #1337 from leonardoce/dev-api-review
• 5e23337 Merge pull request #1341 from xing-yang/csi_1.12
• 2573990 Update CSI spec to 1.12
• b96c58f Merge pull request #1340 from darshansreenivas/release_tool_update
• 1655048 Merge commit 'b3dcf6b186d9cab2da1ca62ea82312fec813e3d7' into release_tool_update
• b3dcf6b Squashed 'release-tools/' changes from 5f38a9075..74502e544
• 0d9a187 Add CEL test cases
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

• 49561ad v1.39.0
• 8f7f425 document MatchErrorStrictly
• bae643d add matcher relecting errors.Is behavior
• a3ca2ca v1.38.3
• 4dada36 fix failing have http tests
• d40c691 make string formatitng more consistent for users who use format.Object directly
• 2a37b46 doc: fix typos
• ee26170 docs: fix HaveValue example
• cc85c05 Bump actions/setup-go from 5 to 6 (#866)
• 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
• Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

• go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460
• go.mod: bump up dependencies sirupsen/logrus#1460
• Touch-up godoc and add "doc" links.
• README: fix links, grammar, and update examples.
• Add GNU/Hurd support sirupsen/logrus#1364
• Add WASI wasip1 support sirupsen/logrus#1388
• Remove uses of deprecated ioutil package sirupsen/logrus#1472
• CI: update actions and golangci-lint sirupsen/logrus#1459
• CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits

• b61f268 Merge pull request #1472 from goldlinker/master
• 15c29db refactor: replace the deprecated function in the ioutil package
• cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
• 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
• d916819 Merge pull request #1427 from dolmen/fix-testify-usage
• 135e482 README: small touch-ups
• 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
• 877ecec README: remove travis badge
• 55cf256 Merge pull request #1393 from jsoref/grammar
• 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Summary by CodeRabbit

• Chores
  • Updated third-party dependencies with minor version upgrades to improve stability and security.
  • These non-functional updates contain no changes to public interfaces or user-facing behavior and are intended to maintain compatibility and reliability.

[dependabot]

Labels

The following labels could not be found: area/ci-tooling. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[openshift-ci-robot]

@dependabot[bot]: This pull request explicitly references no jira issue.

Details

In response to this:

Bumps the github-dependencies group with 3 updates in the / directory: github.com/kubernetes-csi/external-snapshotter/client/v8, github.com/onsi/gomega and github.com/sirupsen/logrus.

Updates github.com/kubernetes-csi/external-snapshotter/client/v8 from 8.2.0 to 8.4.0

Release notes

Sourced from github.com/kubernetes-csi/external-snapshotter/client/v8's releases.

client/v8.4.0

The release tag client/v8.4.0 is for VolumeSnapshot and VolumeGroupSnapshot APIs and client library which are in a separate go package.

Changes by Kind

API Change

• Introduce the v1beta2 VolumeGroupSnapshot API as described by KEP 5013 (#1312, @​leonardoce)
• Several VolumeGroupSnapshot, VolumeGroupSnapshotClass and VolumeGroupSnapshotContent fields are now immutable. The v1beta1 VolumeGroupSnapshot API is now marked as deprecated. (#1337, @​leonardoce)

Full Changelog

https://github.com/kubernetes-csi/external-snapshotter/blob/v8.4.0/CHANGELOG/CHANGELOG-8.4.md

v8.4.0

Overall Status

Volume snapshotting has been a GA feature since Kubernetes v1.20.

Supported CSI Spec Versions

1.0-1.12

• VolumeGroupSnapshot moves to GA in CSI spec v1.11.0.

Minimum Kubernetes version

1.25

Recommended Minimum Kubernetes version

1.25

Container

docker pull registry.k8s.io/sig-storage/snapshot-controller:v8.4.0
docker pull registry.k8s.io/sig-storage/csi-snapshotter:v8.4.0

Changes by Kind

API Change

• Introduce the v1beta2 VolumeGroupSnapshot API as described by KEP 5013 (#1312, @​leonardoce)

Feature

• The number of worker threads in the snapshot-controller and csi-snapshotter is now configurable via the worker-threads flag. (#282, @​huffmanca)

Other (Cleanup or Flake)

• Several VolumeGroupSnapshot, VolumeGroupSnapshotClass and VolumeGroupSnapshotContent fields are now immutable. The v1beta1 VolumeGroupSnapshot API is now marked as deprecated. (#1337, @​leonardoce)
• Update kubernetes dependencies to v1.34.0 (#1330, @​dobsonj)

Uncategorized

... (truncated)

Commits

• f21cb02 Merge pull request #1342 from xing-yang/changelog_8.4
• ff86d39 Add changelog for v8.4
• d282047 Merge pull request #1338 from Madhu-1/cleanup
• bf2ed74 Merge pull request #1337 from leonardoce/dev-api-review
• 5e23337 Merge pull request #1341 from xing-yang/csi_1.12
• 2573990 Update CSI spec to 1.12
• b96c58f Merge pull request #1340 from darshansreenivas/release_tool_update
• 1655048 Merge commit 'b3dcf6b186d9cab2da1ca62ea82312fec813e3d7' into release_tool_update
• b3dcf6b Squashed 'release-tools/' changes from 5f38a9075..74502e544
• 0d9a187 Add CEL test cases
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

• 49561ad v1.39.0
• 8f7f425 document MatchErrorStrictly
• bae643d add matcher relecting errors.Is behavior
• a3ca2ca v1.38.3
• 4dada36 fix failing have http tests
• d40c691 make string formatitng more consistent for users who use format.Object directly
• 2a37b46 doc: fix typos
• ee26170 docs: fix HaveValue example
• cc85c05 Bump actions/setup-go from 5 to 6 (#866)
• 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
• Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

• go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460
• go.mod: bump up dependencies sirupsen/logrus#1460
• Touch-up godoc and add "doc" links.
• README: fix links, grammar, and update examples.
• Add GNU/Hurd support sirupsen/logrus#1364
• Add WASI wasip1 support sirupsen/logrus#1388
• Remove uses of deprecated ioutil package sirupsen/logrus#1472
• CI: update actions and golangci-lint sirupsen/logrus#1459
• CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits

• b61f268 Merge pull request #1472 from goldlinker/master
• 15c29db refactor: replace the deprecated function in the ioutil package
• cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
• 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
• d916819 Merge pull request #1427 from dolmen/fix-testify-usage
• 135e482 README: small touch-ups
• 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
• 877ecec README: remove travis badge
• 55cf256 Merge pull request #1393 from jsoref/grammar
• 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 71465c9a-bed9-417c-9c35-51ca49e3e764

📥 Commits

Reviewing files that changed from the base of the PR and between a63d115 and 2834799.

⛔ Files ignored due to path filters (17)

• go.sum is excluded by !**/*.sum
• vendor/github.com/onsi/gomega/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/gomega_dsl.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/.golangci.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/appveyor.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/entry.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/hooks.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/logger.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/logrus.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/terminal_check_bsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/terminal_check_unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/terminal_check_wasi.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/terminal_check_wasip1.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/sirupsen/logrus/text_formatter.go is excluded by !**/vendor/**, !vendor/**
• vendor/modules.txt is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (1)

• go.mod

🚧 Files skipped from review as they are similar to previous changes (1)

• go.mod

---

Walkthrough

Go module dependency versions updated in go.mod: external-snapshotter/client/v8 (v8.2.0 → v8.4.0), github.com/onsi/gomega (v1.39.0 → v1.39.1), and github.com/sirupsen/logrus (v1.9.3 → v1.9.4). No code or public API signature changes.

Changes

Cohort / File(s)	Summary
Dependency Updates go.mod	Bumped versions: sigs.k8s.io/external-snapshotter/client/v8 v8.2.0 → v8.4.0, github.com/onsi/gomega v1.39.0 → v1.39.1, github.com/sirupsen/logrus v1.9.3 → v1.9.4. No functional changes in source files.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the pull request as a dependency bump update affecting the go.mod file with 3 specific dependency version upgrades.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	PR only modifies go.mod with dependency version updates and does not modify any test files or Ginkgo test definitions.
Test Structure And Quality	✅ Passed	This PR contains only go.mod dependency version updates with no test code changes, making the Ginkgo test quality check not applicable.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/go_modules/github-dependencies-1bfdf702bb

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign muraee for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-merge-robot]

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/unit	2834799	link	true	/test unit
ci/prow/verify	2834799	link	true	/test verify
ci/prow/build	2834799	link	true	/test build

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.