deps(consul)(deps): bump the consul-dependencies group in /consul with 3 updates

[dependabot]

Bumps the consul-dependencies group in /consul with 3 updates: github.com/hashicorp/consul/api, github.com/kivigo/kivigo and github.com/testcontainers/testcontainers-go.

Updates github.com/hashicorp/consul/api from 1.32.2 to 1.32.3

Changelog

Sourced from github.com/hashicorp/consul/api's changelog.

1.21.4 (August 13, 2025)

SECURITY:

• security: Update Go to 1.23.12 to address CVE-2025-47906 [GH-22547]

IMPROVEMENTS:

• ui: Replaced internal code editor with HDS (HashiCorp Design System) code editor and code block components for improved accessibility and maintainability across the Consul UI. [GH-22513]

BUG FIXES:

• cli: capture pprof when ACL is enabled and a token with operator:read is used, even if enable_debug config is not explicitly set. [GH-22552]

1.21.3 (July 18, 2025)

IMPROVEMENTS:

• ui: Improved display and handling of IPv6 addresses for better readability and usability in the Consul web interface. [GH-22468]

BUG FIXES:

• cli: validate IP address in service registration to prevent invalid IPs in service and tagged addresses. [GH-22467]
• ui: display IPv6 addresses with proper bracketed formatting [GH-22423]

1.21.2 (June 17, 2025)

SECURITY:

• security: Upgrade UBI base image version to address CVE CVE-2025-4802 CVE-2024-40896 CVE-2024-12243 CVE-2025-24528 CVE-2025-3277 CVE-2024-12133 CVE-2024-57970 CVE-2025-31115 [GH-22409]
• cli: update tls ca and cert create to reduce excessive file perms for generated public files [GH-22286]
• connect: Added non default namespace and partition checks to ConnectCA CSR requests. [GH-22376]
• security: Upgrade Go to 1.23.10. [GH-22412]

IMPROVEMENTS:

• config: Warn about invalid characters in datacenter resulting in non-generation of X.509 certificates when using external CA for agent TLS communication. [GH-22382]
• connect: Use net.JoinHostPort for host:port formatting to handle IPv6. [GH-22359]

BUG FIXES:

• http: return a clear error when both Service.Service and Service.ID are missing during catalog registration [GH-22381]

... (truncated)

Commits

• c3cf49c go mod update
• bb1b11a Revert "go mod update for sdk"
• 35fdb8b go mod update for sdk
• d76ae63 Latest Envoy version update - default v1.34.7 (#22735) (#22765)
• See full diff in compare view

Updates github.com/kivigo/kivigo from 1.5.2-0.20250914212215-f5f2f8b90039 to 1.6.0

Release notes

Sourced from github.com/kivigo/kivigo's releases.

v1.6.0

🚀 Release v1.6.0

💥 Breaking changes

• 🏢 The project has been moved to the new kivigo organization. Please update your import paths accordingly to ensure compatibility.
• 📦 All backend modules have been relocated to the dedicated kivigo/backends project for improved modularity and maintainability.
• 🔄 The encoder modules have been moved to the dedicated kivigo/encoders project to improve code organization and maintainability.

📝 Documentation

• 📚 Updated documentation to reference the new import paths for backend and encoder packages, reflecting their relocation to separate repositories.

Commits

• See full diff in compare view

Updates github.com/testcontainers/testcontainers-go from 0.38.0 to 0.39.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.39.0

What's Changed

🚀 Features

• feat(atlaslocal): add MongoDB Atlas Local module (#3254) @​prestonvasquez
• feat: allow saving specific platforms for an image (#3218) @​LaurentGoderre
• feat(redpanda): add support for http proxy (#3258) @​simon0191
• feat(nebulagraph): add NebulaGraph module (#3266) @​egasimov
• feat(registry): add helper functions to pull and tag images (#3275) @​mdelapenya
• feat: add Solace pubsub+ module (#3230) @​unicod3
• feat(options): add WithProvider (#3241) @​dfioravanti
• feat(mcpgateay): add Docker's MCP gateway module (#3232) @​mdelapenya

🐛 Bug Fixes

• fix: preserve unix socket schema in testcontainersHostFromProperties (#3213) @​knqyf263
• fix(reaper): remove termSignal override (#3261) @​buraindo
• fix(registry): update WithHtpasswd to use os.CreateTemp instead of os.Create with filepath.Join. (#3272) @​jakobmoellerdev
• fix(nats): use wait for listening port instead of wait for log (#3256) @​own2pwn
• fix(postgres): snapshot restore (#3264) @​ascheman

📖 Documentation

• docs: clarify no client SDKs in production modules/images, in contributing.md (#3279) @​nimdrak

🧹 Housekeeping

• chore(atlas): simplify host-port calculation in tests (#3300) @​mdelapenya
• chore(deps): bump tj-actions/changed-files from 46.0.3 to 47.0.0 (#3283) @dependabot[bot]
• chore(modulegen): detect missing project files after new module creation (#3281) @​mdelapenya
• chore(release): refine release script to update inter-module dependencies (#3273) @​mdelapenya
• chore(postgres): use require.NotNil instead of assert.NotNil (#3252) @​nolandseigler
• fix(dockermcpgateway): use duckduckgo instead of brave (#3247) @​mdelapenya

📦 Dependency updates

• chore(deps): bump golang.org/x/net from 0.28.0 to 0.38.0 (#3299) @dependabot[bot]
• chore(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 (#3238) @dependabot[bot]
• chore(deps): bump golang.org/x/sys from 0.32.0 to 0.36.0 (#3282) @dependabot[bot]
• chore(deps): bump github/codeql-action from 3.29.3 to 3.30.3 (#3287) @dependabot[bot]
• chore(go): bump to Go 1.24 as minimal version (#3298) @​mdelapenya
• deps(mongodb): update MongoDB Go Driver to v2 (#3278) @​matthewdale
• chore(deps): bump github.com/shirou/gopsutil/v4 from 4.25.5 to 4.25.6 (#3224) @dependabot[bot]
• chore(deps): bump mkdocs-include-markdown-plugin from 7.1.6 to 7.1.7 (#3284) @dependabot[bot]
• chore(deps): bump github.com/docker/go-connections from 0.5.0 to 0.6.0 (#3285) @dependabot[bot]
• chore(deps): bump tj-actions/changed-files from 46.0.3 to 47.0.0 (#3283) @dependabot[bot]
• chore(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible in /modules/nebulagraph (#3277) @dependabot[bot]
• chore(deps): bump ryuk to v0.13.0, which uses scratch as base image (#3274) @​mdelapenya
• chore(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible (#3270) @​mdelapenya
• chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /modules/compose (#3267) @dependabot[bot]

... (truncated)

Commits

• da47f5d chore: use new version (v0.39.0) in modules and examples
• 404b345 chore(atlas): simplify host-port calculation in tests (#3300)
• 6e14bda feat(atlaslocal): add MongoDB Atlas Local module (#3254)
• 1fdd847 chore(deps): bump golang.org/x/net from 0.28.0 to 0.38.0 (#3299)
• 88dead6 feat: allow saving specific platforms for an image (#3218)
• 44d970c chore(deps): bump dario.cat/mergo from 1.0.1 to 1.0.2 (#3238)
• ac8fdd3 chore(deps): bump golang.org/x/sys from 0.32.0 to 0.36.0 (#3282)
• d254caa feat(redpanda): add support for http proxy (#3258)
• f54a356 chore(deps): bump github/codeql-action from 3.29.3 to 3.30.3 (#3287)
• 7098d80 chore(go): bump to Go 1.24 as minimal version (#3298)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: backend, consul, dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[azrod]

@dependabot recreate

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.