chore: bump the golang group across 1 directory with 9 updates

[dependabot]

Bumps the golang group with 5 updates in the / directory:

Package	From	To
cloud.google.com/go/storage	1.61.1	1.61.3
github.com/docker/cli	29.3.0+incompatible	29.3.1+incompatible
github.com/google/go-containerregistry	0.21.2	0.21.3
github.com/googleapis/gax-go/v2	2.18.0	2.20.0
github.com/letsencrypt/boulder	0.20260309.0	0.20260324.0

Updates cloud.google.com/go/storage from 1.61.1 to 1.61.3

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.61.3

v1.61.3 (2026-03-13)

Documentation

• Fix godoc formatting (#14169) (428b2288)

storage: v1.61.2

v1.61.2 (2026-03-12)

Commits

• 35cd86a chore: librarian release pull request: 20260313T045834Z (#14170)
• 428b228 docs(storage): Fix godoc formatting (#14169)
• e56381c feat(vertexai): Support AgentEngine for Agent Development Kit (#14168)
• d38abf9 feat(auth): add OpenTelemetry gRPC and HTTP wrappers for T4 tracing (#14133)
• 9f56e9f chore: librarian release pull request: 20260312T071057Z (#14164)
• 2dc8c9f chore: librarian release pull request: 20260312T041544Z (#14162)
• aeffa93 feat(pubsub/v2): add keep alive support (#13457)
• bb64998 feat(bigtable): add load balancing penalty for channel (#14149)
• 704a21f Revert "Revert "chore: librarian release pull request: 20260311T074420Z"" (#1...
• b1b0586 Revert "chore: librarian release pull request: 20260311T074420Z" (#14157)
• Additional commits viewable in compare view

Updates github.com/docker/cli from 29.3.0+incompatible to 29.3.1+incompatible

Commits

• c2be9cc Merge pull request #6887 from thaJeztah/29.x_backport_pin_actions
• 0da6a51 ci: pin actions to digests
• 6b3ca8f Merge pull request #6884 from thaJeztah/29.x_backport_missing_buildtags
• f47603c Merge pull request #6885 from thaJeztah/29.x_backport_update_actions
• 9709c8f build(deps): bump docker/metadata-action from 5 to 6
• af45a23 build(deps): bump docker/bake-action from 6 to 7
• bc97f5a Merge pull request #6883 from thaJeztah/29.x_backport_update_go1.25.8
• 6d71967 cli/command: add missing "go:build" comments
• 9b51892 update to go1.25.8
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.21.2 to 0.21.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.3

What's Changed

• Adds local file support to the crane index subcommand by @​edwardthiele in google/go-containerregistry#2223
• migrate to github.com/moby/moby modules by @​thaJeztah in google/go-containerregistry#2228
• Bump the go-deps group across 4 directories with 7 updates by @​dependabot[bot] in google/go-containerregistry#2233
• Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 in the actions group by @​dependabot[bot] in google/go-containerregistry#2220
• mutate: reject path traversal and symlink escape in Extract by @​KevinZhao in google/go-containerregistry#2227
• tarball: detect symlink cycles in extractFileFromTar by @​vnykmshr in google/go-containerregistry#2232
• bump golang to 1.25.7 by @​Subserial in google/go-containerregistry#2236

New Contributors

• @​edwardthiele made their first contribution in google/go-containerregistry#2223
• @​thaJeztah made their first contribution in google/go-containerregistry#2228
• @​KevinZhao made their first contribution in google/go-containerregistry#2227
• @​vnykmshr made their first contribution in google/go-containerregistry#2232

Full Changelog: google/go-containerregistry@v0.21.2...v0.21.3

Commits

• 3888fb8 bump golang to 1.25.7 (#2236)
• f439624 tarball: detect symlink cycles in extractFileFromTar (#2232)
• 400c263 mutate: reject path traversal and symlink escape in Extract (#2227)
• 47eedc9 Bump goreleaser/goreleaser-action in the actions group (#2220)
• be0a845 Bump the go-deps group across 4 directories with 7 updates (#2233)
• e916301 migrate to github.com/moby/moby modules (#2228)
• 8b2478e Adds local file support to the crane index subcommand (#2223)
• See full diff in compare view

Updates github.com/googleapis/gax-go/v2 from 2.18.0 to 2.20.0

Release notes

Sourced from github.com/googleapis/gax-go/v2's releases.

v2: v2.20.0

v2.20.0 (2026-03-25)

Features

• hook metric recording into gax.Invoke (#494) (1f3e9aef)

• add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487) (defdded3)

v2: v2.19.0

v2.19.0 (2026-03-17)

Features

• update WithLogger to WithLoggerContext. (#478) (1cb70baf)

• pass logger to downstream via context (#474) (434fa676)

• add WithClientMetrics CallOption (#479) (76f0284e)

• add TransportTelemetryData for dynamic transport attributes (#481) (8a7caf00)

• add ClientMetrics initialization core (#473) (f53618c2)

Bug Fixes

• lazy initialization and getters for ClientMetrics (#485) (fb6c5f4d)

Commits

• 25485ab chore: create a release (#495)
• 1f3e9ae feat: hook metric recording into gax.Invoke (#494)
• defdded feat(v2): add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487)
• 399c197 chore(all): update all (#492)
• c64aabe chore(all): update module google.golang.org/grpc to v1.79.3 [SECURITY] (#490)
• 06bdf7f chore: create a release (#486)
• bf56424 chore(all): update all (#484)
• fb6c5f4 fix(v2): lazy initialization and getters for ClientMetrics (#485)
• 336f424 build: run linters on all submodules and fix deprecations (#483)
• a46b2de chore(v2): Improve docs surrounding TransportTelemetryData (#482)
• Additional commits viewable in compare view

Updates github.com/letsencrypt/boulder from 0.20260309.0 to 0.20260324.0

Release notes

Sourced from github.com/letsencrypt/boulder's releases.

v0.20260324.0

What's Changed

• test: add health check for bvitess by @​jsha in letsencrypt/boulder#8658
• crl/va/test: Let the bodies hit the Close() by @​beautifulentropy in letsencrypt/boulder#8682
• noncebalancer: use endpointsharding, ignore ready status by @​jsha in letsencrypt/boulder#8679
• wfe/ra/va/pa: Add support for draft-ietf-acme-dns-persist-00 by @​beautifulentropy in letsencrypt/boulder#8660
• CTPolicy: always try to get SCTs from a tiled log first by @​aarongable in letsencrypt/boulder#8676

Full Changelog: letsencrypt/boulder@v0.20260317.0...v0.20260324.0

v0.20260317.0

What's Changed

• test: Remove badNonce retries and increase nonce maxConnectionAge by @​beautifulentropy in letsencrypt/boulder#8661
• Remove ra.validateContacts because it is unused by @​aarongable in letsencrypt/boulder#8666
• Remove TODOs from challenge.RecordsSane by @​aarongable in letsencrypt/boulder#8670
• Remove sa.Count[Pending|Invalid]Authorizations2 by @​aarongable in letsencrypt/boulder#8669
• observer: add CCADB CRL prober by @​jsha in letsencrypt/boulder#8644
• test: make health-checker quieter by @​jsha in letsencrypt/boulder#8671
• CI: Drop go1.25.x by @​beautifulentropy in letsencrypt/boulder#8675
• vitess: add vschemas with vindexes by @​jsha in letsencrypt/boulder#8634
• Update publicsuffix-go (PSL) from v0.50.2 to v0.50.3 by @​jprenken in letsencrypt/boulder#8678
• ratelimits: stricter() should always prefer denied decisions by @​beautifulentropy in letsencrypt/boulder#8674

Full Changelog: letsencrypt/boulder@v0.20260309.0...v0.20260317.0

Commits

• 429d8b5 CTPolicy: always try to get SCTs from a tiled log first (#8676)
• efb6758 wfe/ra/va/pa: Add support for draft-ietf-acme-dns-persist-00 (#8660)
• 3f18560 noncebalancer: use endpointsharding, ignore ready status (#8679)
• b27b2c0 crl/va/test: Let the bodies hit the Close() (#8682)
• c3c1684 test: add health check for bvitess (#8658)
• e7eb105 ratelimits: stricter() should always prefer denied decisions (#8674)
• f05103a Update publicsuffix-go (PSL) from v0.50.2 to v0.50.3 (#8678)
• d2c1c53 vitess: add vschemas with vindexes (#8634)
• bb274ec CI: Drop go1.25.x (#8675)
• b871820 test: make health-checker quieter (#8671)
• Additional commits viewable in compare view

Updates golang.org/x/tools from 0.42.0 to 0.43.0

Commits

• 24a8e95 go.mod: update golang.org/x dependencies
• 3dd57fb gopls/internal/mcp: refactor unified diff generation
• fcc014d cmd/digraph: fix package doc
• 39f0f5c cmd/stress: add -failfast flag
• 063c264 gopls/test/integration/misc: add diagnostics to flaky test
• deb6130 gopls/internal/golang: fix hover panic in raw strings with CRLF
• 5f1186b gopls/internal/analysis/driverutil: remove unnecessary new imports
• ff45494 go/analysis: expose GoMod etc. to Pass.Module
• 62daff4 go/analysis/passes/inline: fix panic in inlineAlias with instantiated generic...
• fcb6088 x/tools: delete obsolete code
• Additional commits viewable in compare view

Updates google.golang.org/api from 0.271.0 to 0.272.0

Release notes

Sourced from google.golang.org/api's releases.

v0.272.0

0.272.0 (2026-03-16)

Features

• all: Auto-regenerate discovery clients (#3534) (b4d37a1)
• all: Auto-regenerate discovery clients (#3536) (549ef3e)
• all: Auto-regenerate discovery clients (#3537) (6def284)
• all: Auto-regenerate discovery clients (#3538) (319b5ab)
• all: Auto-regenerate discovery clients (#3539) (73bcfcf)
• all: Auto-regenerate discovery clients (#3541) (6374c49)

Changelog

Sourced from google.golang.org/api's changelog.

0.272.0 (2026-03-16)

Features

• all: Auto-regenerate discovery clients (#3534) (b4d37a1)
• all: Auto-regenerate discovery clients (#3536) (549ef3e)
• all: Auto-regenerate discovery clients (#3537) (6def284)
• all: Auto-regenerate discovery clients (#3538) (319b5ab)
• all: Auto-regenerate discovery clients (#3539) (73bcfcf)
• all: Auto-regenerate discovery clients (#3541) (6374c49)

Commits

• e7df9fe chore(main): release 0.272.0 (#3535)
• 5d8b266 chore(all): update all (#3540)
• 6374c49 feat(all): auto-regenerate discovery clients (#3541)
• 73bcfcf feat(all): auto-regenerate discovery clients (#3539)
• 319b5ab feat(all): auto-regenerate discovery clients (#3538)
• 6def284 feat(all): auto-regenerate discovery clients (#3537)
• 549ef3e feat(all): auto-regenerate discovery clients (#3536)
• b4d37a1 feat(all): auto-regenerate discovery clients (#3534)
• See full diff in compare view

Updates google.golang.org/genproto from 0.0.0-20260311181403-84a4fc48630c to 0.0.0-20260319201613-d00831a3d3e7

Commits

• See full diff in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20260311181403-84a4fc48630c to 0.0.0-20260319201613-d00831a3d3e7

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions