Skip to content
This repository was archived by the owner on Jun 26, 2026. It is now read-only.

build(deps): bump the build group across 8 directories with 6 updates#454

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/examples/go-grpc/build-affc95a761
Closed

build(deps): bump the build group across 8 directories with 6 updates#454
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/examples/go-grpc/build-affc95a761

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the build group with 1 update in the /examples/go-grpc directory: google.golang.org/grpc.
Bumps the build group with 1 update in the /examples/go-rego directory: github.com/open-policy-agent/opa.
Bumps the build group with 1 update in the /examples/go-rego-with-store directory: github.com/open-policy-agent/opa.
Bumps the build group with 1 update in the /examples/go-sdk directory: github.com/open-policy-agent/opa.
Bumps the build group with 1 update in the /examples/go-sdk-with-store directory: github.com/open-policy-agent/opa.
Bumps the build group with 1 update in the /examples/regal directory: github.com/open-policy-agent/regal.
Bumps the build group with 1 update in the /examples/rego directory: github.com/open-policy-agent/opa.
Bumps the build group with 4 updates in the /examples/sdk directory: github.com/open-policy-agent/opa, github.com/hashicorp/vault/api, github.com/testcontainers/testcontainers-go and github.com/testcontainers/testcontainers-go/modules/vault.

Updates google.golang.org/grpc from 1.78.0 to 1.81.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.1

Security

  • xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per gRFC A41. (#9111)

Bug Fixes

  • otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (#9081)

Release 1.81.0

Behavior Changes

  • balancer/rls: Switch gauge metrics to asynchronous emission (once per collection cycle) to reduce telemetry noise and align with other gRPC language implementations. (#8808)

Dependencies

  • Minimum supported Go version is now 1.25. (#8969)

Bug Fixes

  • xds: Use the leaf cluster's security config for the TLS handshake instead of the aggregate cluster's config. (#8956)
  • transport: Send a RST_STREAM when receiving an END_STREAM when the stream is not already half-closed. (#8832)
  • xds: Fix ADS resource name validation to prevent a panic. (#8970)

New Features

  • grpc/stats: Add support for custom labels in per-call metrics (gRFC A108). (#9008)
  • xds: Add support for Server Name Indication (SNI) and SAN validation (gRFC A101). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_SNI=true environment variable. (#9016)
  • xds: Add support to control which fields get propagated from ORCA backend metric reports to LRS load reports (gRFC A85). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_ORCA_LRS_PROPAGATION=true. (#9005)
  • xds: Add metrics to track xDS client connectivity and cached resource state (gRFC A78). (#8807)
  • stats/otel: Enhance grpc.subchannel.disconnections metric by adding disconnection reason to the grpc.disconnect_error label (gRFC A94). This provides granular insights into why subchannels are closing. (#8973)
  • mem: Add mem.Buffer.Slice() API to slice the buffer like a slice. (#8977)

Performance Improvements

  • alts: Pool read buffers to lower memory utilization when sockets are unreadable. (#8964)
  • transport: Pool HTTP/2 framer read buffers to reduce idle memory consumption. Currently limited to Linux for ALTS and non-encrypted transports (TCP, Unix). To disable, set GRPC_GO_EXPERIMENTAL_HTTP_FRAMER_READ_BUFFER_POOLING=false and report any issues. (#9032)

Release 1.80.0

Behavior Changes

  • balancer: log a warning if a balancer is registered with uppercase letters, as balancer names should be lowercase. In a future release, balancer names will be treated as case-insensitive; see #5288 for details. (#8837)
  • xds: update resource error handling and re-resolution logic (#8907)
    • Re-resolve all LOGICAL_DNS clusters simultaneously when re-resolution is requested.
    • Fail all in-flight RPCs immediately upon receipt of listener or route resource errors, instead of allowing them to complete.

Bug Fixes

... (truncated)

Commits

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

... (truncated)

Commits
  • 187c696 Release v1.17.1
  • a0c116e build: bump go 1.26.3 -> 1.26.4
  • 64a3625 Release v1.17.0 (#8710)
  • 68c9de5 benchmarks: tweak per-PR benchmark regression check based on pr-check
  • 7fe3066 server: remove dead code (s.partials) (#8708)
  • 37830be ast,storage/inmem: Add inmem.NewFromASTObject and add missing string case t...
  • 1661f22 ast: add some schema $ref tests
  • 3e22f56 benchmarks: only run for go changes
  • 13aaeab benchmarks: move env vars, remove zizmor-ignore comment
  • 93e1708 benchmarks: fix PR message, skip tests
  • Additional commits viewable in compare view

Updates github.com/open-policy-agent/opa from 1.13.1 to 1.17.1

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

It is otherwise the same code as v1.17.0.

Note that users building their own OPA binaries and images already control the Golang version, so this is not relevant for them.

Miscellaneous

  • build: bump go 1.26.3 -> 1.26.4 (authored by @​srenatus)

v1.17.0

This release contains a mix of new features, performance improvements, and bugfixes. Notably:

  • A new future.keywords.not import that adds improved semantics to the not keyword.
  • Rule Labels in Decision Logs
  • Published json schema for IR and bundle manifest
  • Dropped automaxprocs and x/net dependencies

Improved Negation Semantics (#8387)

This OPA release introduces a new future.keywords.not import that fixes a long-standing semantic issue with negation in Rego.

Without the import, the compiler expands a negated composite expression like not f(g(input.x)) into a series of sub-expressions evaluated before the not:

__local0__ = input.x
g(__local0__, __local1__)
not f(__local1__)

If any sub-expression fails — for example, input.x is undefined or g produces an undefined result — the entire rule fails rather than the not succeeding. This is unintuitive: the user's intent is "the condition does not hold," but an undefined intermediate value causes a silent failure instead of the expected not result.

With import future.keywords.not, composite-expression negation wraps the full compiler expansion in an implicit body:

not { __local0__ = input.x; g(__local0__, __local1__); f(__local1__) }

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.17.1

This release uses the latest version of Go (1.26.4) to build OPA, fixing stdlib vulnerabilities in code that OPA's HTTP handler and crypto builtins use:

Bumps the build group with 1 update in the /examples/go-grpc directory: [google.golang.org/grpc](https://github.com/grpc/grpc-go).
Bumps the build group with 1 update in the /examples/go-rego directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).
Bumps the build group with 1 update in the /examples/go-rego-with-store directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).
Bumps the build group with 1 update in the /examples/go-sdk directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).
Bumps the build group with 1 update in the /examples/go-sdk-with-store directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).
Bumps the build group with 1 update in the /examples/regal directory: [github.com/open-policy-agent/regal](https://github.com/open-policy-agent/regal).
Bumps the build group with 1 update in the /examples/rego directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).
Bumps the build group with 4 updates in the /examples/sdk directory: [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa), [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault), [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) and [github.com/testcontainers/testcontainers-go/modules/vault](https://github.com/testcontainers/testcontainers-go).


Updates `google.golang.org/grpc` from 1.78.0 to 1.81.1
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.78.0...v1.81.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/regal` from 0.38.1 to 0.41.1
- [Release notes](https://github.com/open-policy-agent/regal/releases)
- [Commits](open-policy-agent/regal@v0.38.1...v0.41.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/open-policy-agent/opa` from 1.13.1 to 1.17.1
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/v1.17.1/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.13.1...v1.17.1)

Updates `github.com/hashicorp/vault/api` from 1.22.0 to 1.23.0
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault@api/v1.22.0...api/v1.23.0)

Updates `github.com/testcontainers/testcontainers-go` from 0.40.0 to 0.42.0
- [Release notes](https://github.com/testcontainers/testcontainers-go/releases)
- [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0)

Updates `github.com/testcontainers/testcontainers-go/modules/vault` from 0.40.0 to 0.42.0
- [Release notes](https://github.com/testcontainers/testcontainers-go/releases)
- [Commits](testcontainers/testcontainers-go@v0.40.0...v0.42.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.81.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/regal
  dependency-version: 0.41.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/hashicorp/vault/api
  dependency-version: 1.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/testcontainers/testcontainers-go
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
- dependency-name: github.com/testcontainers/testcontainers-go/modules/vault
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 8, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #461.

@dependabot dependabot Bot closed this Jun 22, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/examples/go-grpc/build-affc95a761 branch June 22, 2026 14:16
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants