Bump dependencies using scripts/bump-deps.sh

[github-actions]

This PR created by create-pull-request must be closed and reopened manually to trigger automated checks.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 11 package(s) with unknown licenses.

See the Details below.

License Issues

cmd/go.mod

Package	Version	License	Issue Type
golang.org/x/sync	0.10.0	Null	Unknown License
golang.org/x/sys	0.28.0	Null	Unknown License
golang.org/x/term	0.27.0	Null	Unknown License
golang.org/x/text	0.21.0	Null	Unknown License
github.com/hanwen/go-fuse/v2	2.7.2	Null	Unknown License

go.mod

Package	Version	License	Issue Type
golang.org/x/crypto	0.31.0	Null	Unknown License
golang.org/x/sync	0.10.0	Null	Unknown License
golang.org/x/sys	0.28.0	Null	Unknown License
golang.org/x/term	0.27.0	Null	Unknown License
golang.org/x/text	0.21.0	Null	Unknown License
github.com/hanwen/go-fuse/v2	2.7.2	Null	Unknown License

Allowed Licenses: Apache-2.0, BSD-2-Clause, BSD-2-Clause-FreeBSD, BSD-3-Clause, MIT, ISC, Python-2.0, PostgreSQL, X11, Zlib

Excluded from license check: pkg:golang/github.com/hashicorp/go-retryablehttp, pkg:golang/github.com/hashicorp/errwrap, pkg:golang/github.com/hashicorp/go-cleanhttp, pkg:golang/github.com/hashicorp/go-multierror

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
gomod/github.com/docker/cli	27.4.0+incompatible	🟢 8.3	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/golang/groupcache	0.0.0-20241129210726-2c02b8208cf8	🟢 4.7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ -1 No tokens found CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/github.com/hanwen/go-fuse/v2	2.7.2	🟢 4.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 no SAST tool detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/golang.org/x/sync	0.10.0	Unknown	Unknown
gomod/golang.org/x/sys	0.28.0	Unknown	Unknown
gomod/golang.org/x/term	0.27.0	Unknown	Unknown
gomod/golang.org/x/text	0.21.0	Unknown	Unknown
gomod/github.com/docker/cli	27.4.0+incompatible	🟢 8.3	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
gomod/github.com/golang/groupcache	0.0.0-20241129210726-2c02b8208cf8	🟢 4.7	Details Check Score Reason Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Code-Review 🟢 8 Found 18/21 approved changesets -- score normalized to 8 Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ -1 No tokens found CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/github.com/hanwen/go-fuse/v2	2.7.2	🟢 4.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 no SAST tool detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected
gomod/golang.org/x/crypto	0.31.0	Unknown	Unknown
gomod/golang.org/x/sync	0.10.0	Unknown	Unknown
gomod/golang.org/x/sys	0.28.0	Unknown	Unknown
gomod/golang.org/x/term	0.27.0	Unknown	Unknown
gomod/golang.org/x/text	0.21.0	Unknown	Unknown

Scanned Files

• cmd/go.mod
• go.mod