chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.21.1 to 1.22.0

[dependabot]

Bumps github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.21.1 to 1.22.0.

Release notes

Sourced from github.com/Azure/azure-sdk-for-go/sdk/azcore's releases.

sdk/azcore/v1.22.0

1.22.0 (2026-06-04)

Features Added

• Added type datetime.RFC7231 for date/time values in RFC 1123 format with a fixed GMT timezone.

Other Changes

• Upgraded dependencies.

Commits

• a19f613 Prep azcore@v1.22.0 for release (#26926)
• 5803c0e Increment package version after release of storage/azblob (#26935) (#26943)
• 9a979ff [Automation] Regenerate SDK based on typespec-go branch main 【batch 6】 (#26939)
• 711094d eng/tools/generator: release v0.4.14 (#26934)
• 20bd677 Deprecate Change Analysis SDK (#26913)
• 92a31ec [Automation] Regenerate SDK based on typespec-go branch main 【batch 5】 (#26932)
• 768459d azcertificates: live recording for PlatformManaged + review fixes (follow-up ...
• e845f72 Update codeowners (#26918)
• 118bb35 eng/tools/internal/exports: handle untyped const with selector expr value (#2...
• 2b3767b Configurations: 'specification/containerservice/resource-manager/Microsoft.C...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cursor]

PR Summary

Low Risk
Lockfile-only minor SDK bump with no logic changes; Azure secret integration behavior should stay the same aside from upstream dependency updates.

Overview
Bumps github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.21.1 to 1.22.0 in go.mod / go.sum only; no application source changes.

The lockfile also refreshes indirect golang.org/x modules (crypto, net, sys, term, text) that come along with the Azure SDK upgrade. azcore is a direct dependency used with azidentity and Key Vault in pkg/secrets/azure.go; the 1.22.0 release adds datetime.RFC7231 and dependency upgrades, with no required code changes in this repo.

^{Reviewed by Cursor Bugbot for commit b548d0a. Bugbot is set up for automated code reviews on this repo. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	golang/​github.com/​Azure/​azure-sdk-for-go/​sdk/​azcore@​v1.21.1 ⏵ v1.22.0	+1

View full report