Bump the go-deps group across 1 directory with 6 updates

[dependabot]

Bumps the go-deps group with 6 updates in the / directory:

Package	From	To
github.com/Masterminds/semver/v3	3.3.0	3.4.0
github.com/fluxcd/pkg/apis/meta	1.12.0	1.13.0
github.com/fluxcd/pkg/runtime	0.60.0	0.62.0
github.com/fluxcd/pkg/version	0.7.0	0.8.0
github.com/go-logr/logr	1.4.2	1.4.3
github.com/google/go-containerregistry	0.20.5	0.20.6

Updates github.com/Masterminds/semver/v3 from 3.3.0 to 3.4.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.4.0

There are a few changes in this release to highlight:

1. Constraints now has a property IncludePrerelease. When set to true the Check and Validate methods will include prereleases.
2. When an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, >1.0.0-beta.1 < 2. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, >1.0.0-beta.1 < 2 || > 3. In this case, prereleases will not be included when evaluating against >3.
3. NewVersion coercion with leading "0"'s is restored. This can be disabled by setting the package level property CoerceNewVersion to false.

What's Changed

• fix the CodeQL link by @​dmitris in Masterminds/semver#257
• Restore detailed errors when failed to parse with NewVersion by @​mattfarina in Masterminds/semver#262
• updating go version tested with by @​mattfarina in Masterminds/semver#263
• Restore the ability to have leading 0's with NewVersion by @​mattfarina in Masterminds/semver#266
• Handle pre-releases on all in an and group by @​mattfarina in Masterminds/semver#267
• Add property to include prereleases by @​mattfarina in Masterminds/semver#268
• Updating the error message handling by @​mattfarina in Masterminds/semver#269
• Update the release notes and readme for new version by @​mattfarina in Masterminds/semver#270

New Contributors

• @​dmitris made their first contribution in Masterminds/semver#257

Full Changelog: Masterminds/semver@v3.3.1...v3.4.0

v3.3.1

What's Changed

• Fix for allowing some version that were invalid by @​mattfarina in Masterminds/semver#253

Full Changelog: Masterminds/semver@v3.3.0...v3.3.1

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

3.4.0 (2025-06-27)

Added

• #268: Added property to Constraints to include prereleases for Check and Validate

Changed

• #263: Updated Go testing for 1.24, 1.23, and 1.22
• #269: Updated the error message handling for message case and wrapping errors
• #266: Restore the ability to have leading 0's when parsing with NewVersion. Opt-out of this by setting CoerceNewVersion to false.

Fixed

• #257: Fixed the CodeQL link (thanks @​dmitris)
• #262: Restored detailed errors when failed to parse with NewVersion. Opt-out of this by setting DetailedNewVersionErrors to false for faster performance.
• #267: Handle pre-releases for an "and" group if one constraint includes them

3.3.1 (2024-11-19)

Fixed

• #253: Fix for allowing some version that were invalid

Commits

• 61fc460 Merge pull request #270 from mattfarina/relnotes-3.4.0
• 69a63e7 Update the release notes and readme for new version
• dc05094 Merge pull request #269 from mattfarina/lowercase-error-strings
• a2cd9c2 Updating the error message handling
• 9760c47 Merge pull request #268 from mattfarina/include-prerelease
• c374751 Add property to include prereleases
• 057c901 Merge pull request #267 from mattfarina/fix-259
• abab1c2 Handle pre-releases on all in an and group
• ebda872 Merge pull request #266 from mattfarina/restore-calver
• 4ed619e Restore the ability to have leading 0's with NewVersion
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.12.0 to 1.13.0

Commits

• 246bc82 Merge pull request #942 from fluxcd/force-annotation
• 86ef319 Introduce reconcile.fluxcd.io/forceAt annotation
• 9be33b3 Merge pull request #941 from fluxcd/crypto-v0.39.0
• 8957219 Update golang.org/x/crypto to v0.39.0
• 406c48d Merge pull request #940 from fluxcd/release-git-pkgs
• 2298005 Release git/v0.32.0 and git/gogit/v0.34.0
• 47a1b23 Merge pull request #938 from fluxcd/public-ecr
• a0d4442 Fix support for public.ecr.aws
• 53c7b2d Merge pull request #939 from kane8n/update-go-git
• 77f008c update go-git
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/runtime from 0.60.0 to 0.62.0

Commits

• 645523e Merge pull request #955 from cappyzawa/add-deprecated-field-logging
• 88a990f runtime/secrets: add legacy field logging to TLS functions
• 264a3b3 Merge pull request #954 from fluxcd/fix-rsa-hk-algos
• 343e4db Add test for cloning Azure DevOps Git repository with SSH
• 780892c Support rsa-sha2-512 and rsa-sha2-256 host key algos when ssh-rsa is supported
• e5de5fa Merge pull request #951 from cappyzawa/remove-runtime-tls-package
• aab4541 runtime/tls: remove deprecated package
• 5d70542 Merge pull request #950 from cappyzawa/add-runtime-secrets-package
• deb3fae fixup! fixup! runtime/secrets: add package for consolidated secret handling
• 9eb2c69 fixup! fixup! fixup! fixup! runtime/secrets: add package for consolidated sec...
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/version from 0.7.0 to 0.8.0

Commits

• 7ef01b0 Merge pull request #442 from blurpy/feature/git_bearer_token
• 659695f Add back support for passphrase protected ssh keys
• 767e771 Validate that basic auth and bearer token cannot be set at the same time
• cbf091c Add test to verify that username from Secret is preferred
• b6c6888 Refactor of NewAuthOptions to only fill the auth options that are relevant
• fef9d6a Add more test scenarios for NewAuthOptions
• 9b9b723 Validate that bearer token is not used over http
• 04d0d48 Add some quick tests of basic auth in client.validateUrl()
• a451505 Support specifying bearerToken for git http token authentication.
• bfb6385 Merge pull request #448 from fluxcd/e2e-ux
• Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.4.2 to 1.4.3

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.4.3

Minor release.

What's Changed

• Fix slog tests for 1.25 by @​hoeppi-google in go-logr/logr#361
• Remove one exception from Slog testing by @​thockin in go-logr/logr#362

New Contributors

• @​hoeppi-google made their first contribution in go-logr/logr#361

Full Changelog: go-logr/logr@v1.4.2...v1.4.3

Commits

• 38a1c47 build(deps): bump github/codeql-action from 3.28.17 to 3.28.18
• f08bedd build(deps): bump actions/setup-go from 5.4.0 to 5.5.0
• 6295e99 build(deps): bump golangci/golangci-lint-action from 7.0.0 to 8.0.0
• 028840d build(deps): bump github/codeql-action from 3.28.15 to 3.28.17
• 511e5fa Merge pull request #367 from go-logr/dependabot/github_actions/github/codeql-...
• d806463 build(deps): bump github/codeql-action from 3.28.13 to 3.28.15
• 158c311 Merge pull request #366 from thockin/master
• c79ddb3 Update to support golangci-lint v2
• 20a64ba build(deps): bump github/codeql-action from 3.28.12 to 3.28.13
• 0385e14 Add comments around slog exceptions
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.5 to 0.20.6

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.6

What's Changed

• Ensure that tag name is not empty if name contains colon by @​SaschaSchwarze0 in google/go-containerregistry#2094
• Bump some deps by @​jonjohnsonjr in google/go-containerregistry#2110

New Contributors

• @​SaschaSchwarze0 made their first contribution in google/go-containerregistry#2094

Full Changelog: google/go-containerregistry@v0.20.4...v0.20.6

Commits

• 59a4b85 Bump some deps (#2110)
• 5b10395 Ensure that tag name is not empty if name contains colon (#2094)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.