chore(deps): bump the go-deps group across 1 directory with 18 updates

[dependabot]

Bumps the go-deps group with 14 updates in the / directory:

Package	From	To
github.com/PuerkitoBio/goquery	1.10.3	1.11.0
github.com/aws/aws-sdk-go-v2	1.39.4	1.40.0
github.com/aws/aws-sdk-go-v2/config	1.31.15	1.32.1
github.com/aws/aws-sdk-go-v2/service/ec2	1.258.1	1.274.0
github.com/aws/aws-sdk-go-v2/service/eks	1.74.5	1.75.0
github.com/aws/aws-sdk-go-v2/service/fis	1.37.7	1.37.12
github.com/aws/aws-sdk-go-v2/service/iam	1.48.1	1.52.1
github.com/aws/aws-sdk-go-v2/service/pricing	1.40.1	1.40.6
github.com/aws/aws-sdk-go-v2/service/sqs	1.42.11	1.42.16
github.com/aws/aws-sdk-go-v2/service/ssm	1.66.2	1.67.3
github.com/aws/aws-sdk-go-v2/service/timestreamwrite	1.35.7	1.35.12
github.com/docker/docker	28.5.1+incompatible	28.5.2+incompatible
github.com/onsi/ginkgo/v2	2.27.1	2.27.2
go.uber.org/zap	1.27.0	1.27.1

Updates github.com/PuerkitoBio/goquery from 1.10.3 to 1.11.0

Release notes

Sourced from github.com/PuerkitoBio/goquery's releases.

v1.11.0

Note that Go1.24 is now required (use goquery < 1.11.0 if you can't use go1.24+).

Commits

• d3e3ce5 Merge pull request #534 from PuerkitoBio/mna-prepare-1.11
• 9841a36 Update readme for 1.11 release
• 469d4ea Merge pull request #533 from PuerkitoBio/dependabot/go_modules/golang.org/x/n...
• a03654e Bump golang.org/x/net from 0.43.0 to 0.47.0
• faf16ca Merge pull request #523 from PuerkitoBio/dependabot/github_actions/actions/ch...
• 4c1c718 Update test matrix to run on Go 1.24 and 1.25
• 62bfb67 Bump actions/checkout from 4 to 5
• e314281 Merge pull request #525 from PuerkitoBio/dependabot/github_actions/actions/se...
• 0961921 Bump actions/setup-go from 5 to 6
• 695fbfd Merge pull request #522 from PuerkitoBio/dependabot/go_modules/golang.org/x/n...
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.39.4 to 1.40.0

Commits

• 466d9d5 Release 2025-11-19.2
• ca4b05e Regenerated Clients
• d780944 add logincreds provider (#3230)
• 115ff14 Release 2025-11-19
• 964750d Regenerated Clients
• 5b181c4 Update API model
• 1e2c145 Release 2025-11-18
• 163dcfe Regenerated Clients
• 38b8afe Update endpoints model
• 0252675 Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.31.15 to 1.32.1

Commits

• b737dc9 Release 2024-10-07
• 7279a51 Regenerated Clients
• a1b1f5a Update endpoints model
• 4853c41 Update API model
• 99e2be8 Allow empty values on prefix headers (#2816)
• 18e6b6e remove autoscaling smoke tests (#2817)
• 8200000 remove private metrics collection APIs (#2818)
• 7a76a2a Release 2024-10-04
• e35b8be Regenerated Clients
• 6e95871 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/ec2/imds from 1.18.11 to 1.18.14

Changelog

Sourced from github.com/aws/aws-sdk-go-v2/feature/ec2/imds's changelog.

Release (2023-02-20)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2: v1.17.5
  • Bug Fix: fix int overflow bug on 32 bit architecture
• github.com/aws/aws-sdk-go-v2/service/auditmanager: v1.24.0
  • Feature: This release introduces a ServiceQuotaExceededException to the UpdateAssessmentFrameworkShare API operation.
• github.com/aws/aws-sdk-go-v2/service/connect: v1.47.0
  • Feature: Reasons for failed diff has been approved by SDK Reviewer

Release (2023-02-17)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/apprunner: v1.17.0
  • Feature: This release supports removing MaxSize limit for AutoScalingConfiguration.
• github.com/aws/aws-sdk-go-v2/service/glue: v1.43.0
  • Feature: Release of Delta Lake Data Lake Format for Glue Studio Service

Release (2023-02-16)

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/emr: v1.23.0
  • Feature: This release provides customers the ability to define a timeout period for procuring capacity during a resize operation for Instance Fleet clusters. Customers can specify this timeout using the ResizeSpecifications parameter supported by RunJobFlow, ModifyInstanceFleet and AddInstanceFleet APIs.
• github.com/aws/aws-sdk-go-v2/service/grafana: v1.12.0
  • Feature: With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
• github.com/aws/aws-sdk-go-v2/service/ivs: v1.20.3
  • Documentation: Doc-only update. Updated text description in DeleteChannel, Stream, and StreamSummary.
• github.com/aws/aws-sdk-go-v2/service/wafv2: v1.25.1
  • Documentation: Added a notice for account takeover prevention (ATP). The interface incorrectly lets you to configure ATP response inspection in regional web ACLs in Region US East (N. Virginia), without returning an error. ATP response inspection is only available in web ACLs that protect CloudFront distributions.

Release (2023-02-15)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/accessanalyzer: v1.19.3
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.
  • Bug Fix: Correct error type parsing for restJson services.
• github.com/aws/aws-sdk-go-v2/service/account: v1.9.1
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.
  • Bug Fix: Correct error type parsing for restJson services.
• github.com/aws/aws-sdk-go-v2/service/acm: v1.17.3
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.

... (truncated)

Commits

• b1af56e Release 2023-02-20
• 4f504d9 Regenerated Clients
• c6191ff Update API model
• 8e6fa27 Merge pull request #2026 from aws/firstissue
• 9af2842 Don't skip anonymous (embedded) fields with named tags (#2022)
• 1ca1e18 add changelog entry
• b19c337 fix int overflow on 32 bit architecture
• 50d82a9 Release 2023-02-17
• 19dc375 Regenerated Clients
• 8fe3523 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ec2 from 1.258.1 to 1.274.0

Commits

• a7a1be5 Release 2025-11-21
• 5d2dbc1 Regenerated Clients
• ba4e773 Update endpoints model
• 619d604 Update API model
• e15ffcf Merge customizations for SageMaker Runtime HTTP2
• 69a6df8 Release 2025-11-20
• d97cf39 Regenerated Clients
• b322924 Update endpoints model
• 1869e89 Update API model
• 466d9d5 Release 2025-11-19.2
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/eks from 1.74.5 to 1.75.0

Commits

• b820c57 Release 2025-01-29
• 40ddb76 Regenerated Clients
• 2b4adae Update API model
• 78c2be4 Revert "beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)"
• 5c9d67c beta: feature/s3/transfermanager (S3 transfer manager v2) (#2988)
• 571aa56 Release 2025-01-28
• 783ff00 Regenerated Clients
• fcdc1bb Update API model
• df279db Release 2025-01-27
• 912497b Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/fis from 1.37.7 to 1.37.12

Commits

• ab56437 Release 2025-11-11
• 3dcd1d8 Regenerated Clients
• 51e8881 Update API model
• 1ed4f27 add MAINTAINERS.md
• a5136d5 host label
• 0bf4293 Feat ep region validation (#3225)
• 7f09d56 Release 2025-11-10
• f7d3676 Regenerated Clients
• f077cda Update API model
• a432037 Release 2025-11-07
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/iam from 1.48.1 to 1.52.1

Commits

• 10c4487 Release 2024-03-15
• db0b1ab Regenerated Clients
• 92c0060 Update endpoints model
• e5bb86e Update API model
• 49b368e Release 2024-03-14
• 0aa6643 Regenerated Clients
• bb0d403 Update API model
• 7229e9c Merge pull request #2553 from aws/feat-deprec-iotroborunner
• 8fa1496 update changelog
• 4174347 add changelog
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/pricing from 1.40.1 to 1.40.6

Commits

• 18bff5e Release 2023-03-10
• cca7003 Regenerated Clients
• 87bde6f Update endpoints model
• 361bd48 Update API model
• 61d474d Fix staticcheck linter warnings (#2044)
• 59a58ae Release 2023-03-09
• aa1d8ae Regenerated Clients
• 3441f5f Update endpoints model
• 826cc36 Update API model
• 5799416 Release 2023-03-08
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sqs from 1.42.11 to 1.42.16

Commits

• 466d9d5 Release 2025-11-19.2
• ca4b05e Regenerated Clients
• d780944 add logincreds provider (#3230)
• 115ff14 Release 2025-11-19
• 964750d Regenerated Clients
• 5b181c4 Update API model
• 1e2c145 Release 2025-11-18
• 163dcfe Regenerated Clients
• 38b8afe Update endpoints model
• 0252675 Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ssm from 1.66.2 to 1.67.3

Commits

• ab56437 Release 2025-11-11
• 3dcd1d8 Regenerated Clients
• 51e8881 Update API model
• 1ed4f27 add MAINTAINERS.md
• a5136d5 host label
• 0bf4293 Feat ep region validation (#3225)
• 7f09d56 Release 2025-11-10
• f7d3676 Regenerated Clients
• f077cda Update API model
• a432037 Release 2025-11-07
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sts from 1.38.9 to 1.41.1

Commits

• fe7486f Release 2025-06-17
• 1b6cafd Regenerated Clients
• 8db1137 Update API model
• 3c5cc0e Bump smithy go version (#3115)
• 6746486 Release 2025-06-16
• f536b0d Regenerated Clients
• b014b35 Update API model
• 5c12a3b correct smithy go bumping to correct commit in its main branch (#3112)
• b65321f Bump codegen for CBOR empty check (#3111)
• e6c02cd Release 2025-06-12
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/timestreamwrite from 1.35.7 to 1.35.12

Commits

• b01c60e Release 2025-11-12
• 17946cc Regenerated Clients
• a435b3c Update API model
• 1e4148a collapse changelogs
• 86618e5 track allocation improvements from codegen (#3227)
• ab56437 Release 2025-11-11
• 3dcd1d8 Regenerated Clients
• 51e8881 Update API model
• 1ed4f27 add MAINTAINERS.md
• a5136d5 host label
• Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.23.1 to 1.23.2

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2025-11-03)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.23.2
  • Bug Fix: Adjust the initial sizes of each middleware phase to avoid some unnecessary reallocation.
  • Bug Fix: Avoid unnecessary allocation overhead from the metrics system when not in use.

Release (2025-10-15)

General Highlights

• Dependency Update: Bump minimum go version to 1.23.
• Dependency Update: Updated to the latest SDK module versions

Release (2025-09-18)

Module Highlights

• github.com/aws/smithy-go/aws-http-auth: v1.1.0
  • Feature: Added support for SIG4/SIGV4A querystring authentication.

Release (2025-08-27)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.23.0
  • Feature: Sort map keys in JSON Document types.

Release (2025-07-24)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.22.5
  • Feature: Add HTTP interceptors.

Release (2025-06-16)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/smithy-go: v1.22.4
  • Bug Fix: Fix CBOR serd empty check for string and enum fields
  • Bug Fix: Fix HTTP metrics data race.
  • Bug Fix: Replace usages of deprecated ioutil package.

... (truncated)

Commits

• 299f404 Release 2025-11-03
• 8d4c6fb adjust initial caps on middleware steps (#611)
• 5cc76d9 don't re-instantiate nop instruments everywhere (#610)
• 29d3973 remove httptrace metrics overhead w/ nop metrics (#609)
• 7993c1f ci: scope down GitHub Token permissions (#607)
• See full diff in compare view

Updates github.com/docker/docker from 28.5.1+incompatible to 28.5.2+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.5.2

28.5.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.5.2 milestone
• moby/moby, 28.5.2 milestone

[!CAUTION] This release contains fixes for three high-severity security vulnerabilities in runc:

• CVE-2025-31133
• CVE-2025-52565
• CVE-2025-52881

All three vulnerabilities ultimately allow (through different methods) for full container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files.

Packaging updates

• Update runc to v1.3.3. moby/moby#51394

Bug fixes and enhancements

• dockerd-rootless.sh: if slirp4netns is not installed, try using pasta (passt). moby/moby#51162
• Update Go runtime to 1.24.9. moby/moby#51387, docker/cli#6613

Deprecations

• Go-SDK: cli/command/image/build: deprecate DefaultDockerfileName, DetectArchiveReader, WriteTempDockerfile, ResolveAndValidateContextPath. These utilities were only used internally and will be removed in the next release. docker/cli#6610
• Go-SDK: cli/command/image/build: deprecate IsArchive utility. docker/cli#6560
• Go-SDK: opts: deprecate ValidateMACAddress. docker/cli#6560
• Go-SDK: opts: deprecate ListOpts.Delete(). docker/cli#6560

Commits

• 89c5e8f Merge pull request #51396 from thaJeztah/28.x_backport_api_docs
• 9b93878 Merge pull request #51395 from thaJeztah/28.x_backport_rootless_reject
• 6178456 Merge pull request #51398 from vvoland/51397-28.x
• 0cae4e5 vendor: github.com/moby/buildkit v0.25.2
• 33cc06f Merge pull request #51394 from vvoland/51393-28.x
• d525277 api/docs: remove BuildCache.Parent field for API v1.42 and up
• 2fbc51b dockerd-rootless.sh: reject DOCKERD_ROOTLESS_ROOTLESSKIT_NET=host
• bd98008 integration-cli: Adjust nofile limits
• 1967515 Dockerfile: update runc binary to v1.3.3
• 4489660 Merge pull request #51387 from thaJeztah/28.x_bump_go
• Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.1 to 2.27.2

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.27.2

2.27.2

Fixes

• inline automaxprocs to simplify dependencies; this will be removed when Go 1.26 comes out [a69113a]

Maintenance

• Fix syntax errors and typo [a99c6e0]
• Fix paragraph position error [f993df5]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.27.2

Fixes

• inline automaxprocs to simplify dependencies; this will be removed when Go 1.26 comes out [a69113a]

Maintenance

• Fix syntax errors and typo [a99c6e0]
• Fix paragraph position error [f993df5]

Commits

• 9a84c21 v2.27.2
• a69113a inline automaxprocs to simplify dependencies; this will be removed when Go 1....
• a99c6e0 Fix syntax errors and typo
• f993df5 Fix paragraph position error
• See full diff in compare view

Updates go.uber.org/zap from 1.27.0 to 1.27.1

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.1

Enhancements:

• #1501[]: prevent Object from panicking on nils
• #1511[]: Fix a race condition in WithLazy.

Thanks to @​rabbbit, @​alshopov, @​jquirke, @​arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.1 (19 Nov 2025)

Enhancements:

• #1501[]: prevent Object from panicking on nils
• #1511[]: Fix a race condition in WithLazy.

Thanks to @​rabbbit, @​alshopov, @​jquirke, @​arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Commits

• 7b755a3 release 1.27.1 (#1521)
• d6b395b Update lazy logger not to materialize unless it's being written to (#1519)
• 4b9cea0 ci: Test with Go 1.24, Go 1.25 (#1508)
• 7c80d7b Fix race condition in WithLazy implementation (#1426) (#1511)
• 07077a6 Prevent zap.Object from panicing on nils (#1501)
• a6afd05 Fix lint check name (#1502)
• 6d48253 chore: fix typo (#1482)
• 32f2ec1 Fix the field test for bool type (#1480)
• fe16eb5 Upgrade grpc in zapgrc test package & bump go version (#1478)
• 5f00c34 test(AtomicLevel): demonstrate Handler is not vulnerable to XSS (#1477)
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.17.0 to 0.18.0

Commits

• 1966f53 errgroup: fix some typos in comment
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for karpenter-docs-prod canceled.

Name	Link
🔨 Latest commit	82a4c2d
🔍 Latest deploy log	https://app.netlify.com/projects/karpenter-docs-prod/deploys/6923f9ae360e350008b7dbdd

[github-actions]

Preview deployment ready!

Preview URL: https://pr-8729.d18coufmbnnaag.amplifyapp.com

Built from commit a2efdcf16f9b9ea8e6aec8534262604ee184fec0

[coveralls]

Pull Request Test Coverage Report for Build 19814253858

Details

• 0 of 0 changed or added relevant lines in 0 files are covered.
• 3 unchanged lines in 1 file lost coverage.
• Overall coverage decreased (-0.03%) to 67.516%

---

Files with Coverage Reduction	New Missed Lines	%
pkg/fake/ec2api.go	3	84.79%

Totals
Change from base Build 19644428198:	-0.03%
Covered Lines:	7821
Relevant Lines:	11584

---

💛 - Coveralls