chore(deps): bump the gomod group across 1 directory with 9 updates

[dependabot]

Bumps the gomod group with 9 updates in the / directory:

Package	From	To
github.com/DataDog/datadog-api-client-go/v2	2.50.0	2.52.0
github.com/aws/aws-sdk-go-v2	1.40.0	1.41.0
github.com/aws/aws-sdk-go-v2/config	1.32.2	1.32.6
github.com/aws/aws-sdk-go-v2/service/s3	1.92.1	1.94.0
github.com/cert-manager/cert-manager	1.19.1	1.19.2
github.com/miekg/dns	1.1.68	1.1.69
github.com/spf13/cobra	1.10.1	1.10.2
k8s.io/apimachinery	0.34.2	0.35.0
k8s.io/client-go	0.34.2	0.35.0

Updates github.com/DataDog/datadog-api-client-go/v2 from 2.50.0 to 2.52.0

Release notes

Sourced from github.com/DataDog/datadog-api-client-go/v2's releases.

v2.52.0

See ./CHANGELOG.md for details

v2.51.0

See ./CHANGELOG.md for details

Changelog

Sourced from github.com/DataDog/datadog-api-client-go/v2's changelog.

2.52.0/2025-12-17

Changed

• Mark Incident Impact Endpoints stable #3530
• Vulnerability Management - Update ListVulnerabilities endpoint query params and response schema #3521
• Update specs for AWS account updates and creation for CCM configs #3514
• add suppression version history #3490
• Add processors groups to Observability Pipelines #3450

Added

• Update security finding triage specs #3522
• Add routes for managing On-Call user notification channels #3517
• Add host field to Post an event V2 API #3515
• Add GET /api/v2/apm/services endpoint to public documentation #3512
• Dashboards - Add semantic_mode support to FormulaAndFunctionMetricQueryDefinition #3506
• Cloud SIEM - Add instantaneousBaseline feature parameter. #3503
• Add new fields to usage metering api spec #3501
• update geomap widget definition about conditional_format and text_formats and view focus #3495
• Add new endpoint for listing rules for a gate #3481

Removed

• Tag security findings Jira endpoints as unstable #3510

Fixed

• Add field attribute to the Workload Protection hash action #3487

2.51.0/2025-12-08

Added

• On-Call Add positioned schedule policy target #3491
• Introduced new APIs to manage team hierarchy links #3482
• Add Row Update Endpoints to Reference Tables API spec #3472
• Add incident management seats to spec #3469
• Support provisioning teams from external sources #3467
• security_monitoring - Add signalOutput field to ThreatHuntingJobResponseAttributes schema #3465
• Add filter.scope to Monitor Notification Rules #3462
• Add Support for Monitor Assets #3452
• Add api specs for deployment gates #3412

Changed

• Add Security Finding Ticketing endpoints #3485
• Flatten file_metadata response schema to avoid OneOf unmarshaling issues #3471

Fixed

• obs_pipelines: make google auth optional #3476

Commits

• c224caf Bump versions and add changelog entries. (#3536)
• 0001d44 Add GET /api/v2/apm/services endpoint to public documentation (#3512)
• ce11823 Add field attribute to the Workload Protection hash action (#3487)
• 935ce0c Cloud SIEM - Add instantaneousBaseline feature parameter. (#3503)
• 6e3ded7 Add routes for managing On-Call user notification channels (#3517)
• 58d892e add suppression version history (#3490)
• 4bf2b08 Regenerate client from commit fcf2546 of spec repo (#3521)
• 156713a Mark Incident Impact Endpoints stable (#3530)
• 2a004b3 Update security finding triage specs (#3522)
• 2abe96a Add processors groups to Observability Pipelines (#3450)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.40.0 to 1.41.0

Commits

• 2c5c1de Release 2025-12-08
• a968e75 Regenerated Clients
• b110f67 Update endpoints model
• 82760c3 Update API model
• 9e038d3 [merge 12/8/25] default MaxConnsPerHost to 2048 (#3245)
• 55b9a85 Release 2025-12-05
• cb36f84 Regenerated Clients
• 081bac0 Update API model
• 25f26c2 Release 2025-12-04
• aadf9d3 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.2 to 1.32.6

Commits

• 776903f Release 2024-12-02
• 170b13c Regenerated Clients
• c1a02e7 Update API model
• 2835f7b Fix user agent to add business metrics at the end instead of prepend them (#2...
• ba4965d Release 2024-11-27
• 55149b0 Regenerated Clients
• fd6bb8b Update endpoints model
• 65ab4f8 Update API model
• 8939ed0 Release 2024-11-26
• 23cf36b Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.92.1 to 1.94.0

Commits

• 3297582 Release 2025-12-15
• 682a1b6 Regenerated Clients
• f2a67b1 Update API model
• fbe0776 Release 2025-12-12
• 91070ff Regenerated Clients
• 67f5776 Update endpoints model
• a154798 Update API model
• 76d0a55 Release 2025-12-11
• 72bae88 Regenerated Clients
• 9b57b96 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/cert-manager/cert-manager from 1.19.1 to 1.19.2

Release notes

Sourced from github.com/cert-manager/cert-manager's releases.

v1.19.2

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

We updated Go to fix some vulnerabilities in the standard library.

📖 Read the full 1.19 release notes on the cert-manager.io website before upgrading.

Changes since v1.19.1

Bug or Regression

• Address false positive vulnerabilities CVE-2025-47914 and CVE-2025-58181 which were reported by Trivy. (#8283, @​SgtCoDFish)
• Update Go to v1.25.5 to fix CVE-2025-61727 and CVE-2025-61729 (#8294, @​wallrj-cyberark)
• Update global.nodeSelector to helm chart to perform a merge and allow for a single nodeSelector to be set across all services. (#8233, @​cert-manager-bot)

Other (Cleanup or Flake)

• Update cert-manager's ACME client, forked from golang/x/crypto (#8270, @​SgtCoDFish)
• Updated Debian 12 distroless base images (#8326, @​wallrj-cyberark)

Commits

• 6e38ee5 Merge pull request #8326 from wallrj-cyberark/release-1.19-update-base-images
• 104c79c [release-1.19] update distroless base image digests
• 569144f Merge pull request #8294 from wallrj-cyberark/release-1.19-go-1.25.5
• a6157e1 [release-1.19] Update Go to v1.25.5 to fix CVE-2025-61727 and CVE-2025-61729
• 9a2f8f1 Merge pull request #8283 from SgtCoDFish/release-1.19-trivy
• 29b2e76 [release-1.19] fix CVE-2025-47914 and CVE-2025-58181
• 07ee848 Merge pull request #8270 from SgtCoDFish/release-1.19-vendored-acme-update
• ab38d24 [release-1.19] run make update-third-party
• cce3725 also run third_party tests in CI
• 7d515d2 fix make update-third-party on macOS (sed)
• Additional commits viewable in compare view

Updates github.com/miekg/dns from 1.1.68 to 1.1.69

Commits

• 49a9cee Release 1.1.69
• 66f2f27 fix EDNS0 flags and MBZ in String() output (#1693)
• acb3aba optimized EDNS0_SUBNET pack, reducing make() calls (#1692)
• 74d2ba1 MsgInvalidFunc: Make DefaultMsgInvalidFunc a variable. (#1690)
• b39ef96 Update deps (#1688)
• a0f8faa fix(test): Increase RSA key length for sig0 (#1682)
• f15b2dd feat(edns0): Add zoneversion option from RFC9660 (#1680)
• f640e4b Bump the all group across 1 directory with 4 updates (#1679)
• 294d373 Added OwNS (NS for VPN users) (#1674)
• d495d33 update readme some more
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

• chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

• Fix linter and allow CI to pass by @​marckhouzam in spf13/cobra#2327
• fix: actions/setup-go v6 by @​jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

• Add documentation for repeated flags functionality by @​rvergis in spf13/cobra#2316

🍂 Refactors

• refactor: replace several vars with consts by @​htoyoda18 in spf13/cobra#2328
• refactor: change minUsagePadding from var to const by @​ssam18 in spf13/cobra#2325

🤗 New Contributors

• @​rvergis made their first contribution in spf13/cobra#2316
• @​htoyoda18 made their first contribution in spf13/cobra#2328
• @​ssam18 made their first contribution in spf13/cobra#2325
• @​dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

• 88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
• 346d408 fix: actions/setup-go v6 (#2337)
• fc81d20 refactor: change minUsagePadding from var to const (#2325)
• 117698a refactor: replace several vars with consts (#2328)
• e2dd29d Add documentation for repeated flags functionality (#2316)
• 0629892 Fix linter (#2327)
• See full diff in compare view

Updates k8s.io/apimachinery from 0.34.2 to 0.35.0

Commits

• 72d71ea Merge remote-tracking branch 'origin/master' into release-1.35
• e2a2dbc Bump golang.org/x/crypto to v0.45.0
• 2e9c228 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• f274aac vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• 9445443 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 52154f7 Update vendored dependencies
• 5a348c5 KEP-5471: Extend tolerations operators (#134665)
• 6f89492 Merge pull request #133648 from richabanker/merged-discovery
• c77dde2 util/sort: Add MergePreservingRelativeOrder for topological sorting
• 729c13d Merge pull request #134624 from yt2985/podcertificates-beta
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.34.2 to 0.35.0

Commits

• 9bcb694 Update dependencies to v0.35.0 tag
• 2d83546 Merge remote-tracking branch 'origin/master' into release-1.35
• 56b4af2 Merge pull request #135591 from p0lyn0mial/upstream-watchlist-reflector-log-f...
• 891f94c Merge remote-tracking branch 'origin/master' into release-1.35
• 65ffe04 Merge pull request #135580 from serathius/client-go-transformer
• 2fe4ac2 downgrade reflector watchlist fallback log to V(4)
• 97256a6 Bump golang.org/x/crypto to v0.45.0
• 46360b5 Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• 171ef8c Use transformer in consistency checker
• 3878a64 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions