chore(deps): update all dependencies

[renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change
golangci/golangci-lint	uses-with	minor	v2.8 → v2.11.3
google.golang.org/genproto	require	digest	4cfbd41 → a57be14
google.golang.org/genproto/googleapis/api	require	digest	4cfbd41 → a57be14

---

Release Notes

golangci/golangci-lint (golangci/golangci-lint)

v2.11.3

Compare Source

Released on 2026-03-10

1. Linters bug fixes
   • gosec: from v2.24.7 to 619ce21

v2.11.2

Compare Source

Released on 2026-03-07

1. Fixes
   • fmt: fix error when using the fmt command with explicit paths.

v2.11.1

Compare Source

Released on 2026-03-06

Due to an error related to AUR, some artifacts of the v2.11.0 release have not been published.

This release contains the same things as v2.11.0.

v2.11.0

Compare Source

Released on 2026-03-06

1. Linters new features or changes
   • errcheck: from 1.9.0 to 1.10.0 (exclude crypto/rand.Read by default)
   • gosec: from 2.23.0 to 2.24.6 (new rules: G113, G118, G119, G120, G121, G122, G123, G408, G707)
   • noctx: from 0.4.0 to 0.5.0 (new detection: httptest.NewRequestWithContext)
   • prealloc: from 1.0.2 to 1.1.0
   • revive: from 1.14.0 to 1.15.0 (⚠️ Breaking change: package-related checks moved from var-naming to a new rule package-naming)
2. Linters bug fixes
   • gocognit: from 1.2.0 to 1.2.1
   • gosec: from 2.24.6 to 2.24.7
   • unqueryvet: from 1.5.3 to 1.5.4

v2.10.1

Compare Source

Released on 2026-02-17

1. Fixes
   • buildssa panic

v2.10.0

Compare Source

Released on 2026-02-17

1. Linters new features or changes
   • ginkgolinter: from 0.22.0 to 0.23.0
   • gosec: from 2.22.11 to 2.23.0 (new rules: G117, G602, G701, G702, G703, G704, G705, G706)
   • staticcheck: from 0.6.1 to 0.7.0
2. Linters bug fixes
   • godoclint: from 0.11.1 to 0.11.2

v2.9.0

Compare Source

Released on 2026-02-10

1. Enhancements
   • 🎉 go1.26 support
2. Linters new features or changes
   • arangolint: from 0.3.1 to 0.4.0 (new rule: detect potential query injections)
   • ginkgolinter: from 0.21.2 to 0.22.0 (support for wrappers)
   • golines: from 0.14.0 to 0.15.0
   • misspell: from 0.7.0 to 0.8.0
   • unqueryvet: from 1.4.0 to 1.5.3 (new options: check-n1, check-sql-injection, check-tx-leaks, allow, custom-rules)
   • wsl: from 5.3.0 to 5.6.0 (new rule: after-block)
3. Linters bug fixes
   • modernize: from 0.41.0 to 0.42.0
   • prealloc: from 1.0.1 to 1.0.2
   • protogetter: from 0.3.18 to 0.3.20
4. Misc.
   • Log information about files when configuration verification
   • Emit an error when no linters enabled
   • Do not collect VCS information when loading code

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[forking-renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 3 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.24.0 -> 1.25.0
golang.org/x/net	v0.48.0 -> v0.49.0
golang.org/x/sys	v0.39.0 -> v0.40.0
google.golang.org/genproto/googleapis/rpc	v0.0.0-20260203192932-546029d2fa20 -> v0.0.0-20260217215200-42d3e9bedb6d

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request automates the process of keeping the project's Go module dependencies and the Go language version current. By updating to Go 1.25.0 and refreshing various direct and indirect module versions, it ensures the project benefits from the latest performance improvements, security patches, and features provided by its underlying libraries, maintaining a healthy and up-to-date development environment.

Highlights

• Go Language Version Update: The project's required Go language version was upgraded from 1.24.0 to 1.25.0.
• Dependency Updates: Direct dependencies google.golang.org/genproto and google.golang.org/genproto/googleapis/api were updated to their latest digest versions.
• Indirect Dependency Refresh: Several indirect dependencies, including golang.org/x/net, golang.org/x/sys, and various go.opentelemetry.io modules, received updates to their latest versions.

Changelog

• go.mod
  • Updated the required Go version from 1.24.0 to 1.25.0.
  • Updated google.golang.org/genproto and google.golang.org/genproto/googleapis/api to a newer commit hash.
  • Updated indirect dependencies golang.org/x/net and golang.org/x/sys.
• go.sum
  • Removed old checksums for github.com/bmatcuk/doublestar/v4 v4.9.2.
  • Updated checksums for go.opentelemetry.io related modules (auto/sdk, otel, otel/metric, otel/sdk, otel/sdk/metric, otel/trace).
  • Updated checksums for golang.org/x/net and golang.org/x/sys.
  • Updated checksums for google.golang.org/genproto, google.golang.org/genproto/googleapis/api, and google.golang.org/genproto/googleapis/rpc.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/ci.yaml

Activity

• This pull request was automatically generated by Renovate Bot to update project dependencies.
• Automerge is disabled by configuration, requiring manual merge.
• The PR is configured to be recreated if closed unmerged (Immortal PR).

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates several dependencies and bumps the Go version from 1.24.0 to 1.25.0. The changes are standard for dependency maintenance. My review includes one comment on go.mod pointing out that the Go version update was not mentioned in the PR summary, which is a minor point about process clarity. Assuming CI passes, especially with the linter updates that include breaking changes, the PR seems ready for merge.

[gemini-code-assist]

The Go version is being updated from 1.24.0 to 1.25.0. This change is not mentioned in the PR description's summary table. While this is likely a safe and desirable update, it's a good practice for automated tools to list all significant changes, including the Go toolchain version, for full transparency.

[gcf-merge-on-green]

Merge-on-green attempted to merge your PR for 6 hours, but it was not mergeable because either one of your required status checks failed, one of your required reviews was not approved, or there is a do not merge label. Learn more about your required status checks here: https://help.github.com/en/github/administering-a-repository/enabling-required-status-checks. You can remove and reapply the label to re-run the bot.