build(deps): bump github.com/zalando/go-keyring from 0.2.6 to 0.2.8

[dependabot]

Bumps github.com/zalando/go-keyring from 0.2.6 to 0.2.8.

Release notes

Sourced from github.com/zalando/go-keyring's releases.

v0.2.8

What's Changed

• gh: hardening workflows by @​szuecs in zalando/go-keyring#141

Full Changelog: zalando/go-keyring@v0.2.7...v0.2.8

v0.2.7

What's Changed

• Inline shellescape dependency by @​williammartin in zalando/go-keyring#117
• docs: Fix 404-ing secret service link by @​tinder-ryantrontz in zalando/go-keyring#120
• fix(readme): remove extra trailing slash by @​tinder-ryantrontz in zalando/go-keyring#121
• docs: document how to set data via the CLI and then access it via the Go library by @​alexec in zalando/go-keyring#128
• security: GH Actions by @​szuecs in zalando/go-keyring#137
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in zalando/go-keyring#138
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in zalando/go-keyring#139
• Bump the all-go-mod-patch-and-minor group with 2 updates by @​dependabot[bot] in zalando/go-keyring#140

New Contributors

• @​tinder-ryantrontz made their first contribution in zalando/go-keyring#120
• @​alexec made their first contribution in zalando/go-keyring#128
• @​dependabot[bot] made their first contribution in zalando/go-keyring#138

Full Changelog: zalando/go-keyring@v0.2.6...v0.2.7

Commits

• a8cdfe3 Merge pull request #141 from zalando/gh/hardening-workflows
• d4162d9 gh: hardening workflows
• e0dd98f Merge pull request #140 from zalando/dependabot/go_modules/all-go-mod-patch-a...
• 98f9091 Merge pull request #139 from zalando/dependabot/github_actions/actions/setup-...
• 40806c2 Merge pull request #138 from zalando/dependabot/github_actions/actions/checko...
• 1d4d07c Bump the all-go-mod-patch-and-minor group with 2 updates
• e6c0d8a Bump actions/setup-go from 5 to 6
• 0151d30 Bump actions/checkout from 4 to 6
• d6ac580 Merge pull request #137 from zalando/security/gh-actions
• 036041f security: GH Actions should be able read only
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Update github.com/zalando/go-keyring from 0.2.6 to 0.2.8 to pick up upstream maintenance fixes and dependency cleanup. This also reduces transitive dependencies.

• Dependencies
  • Bump github.com/zalando/go-keyring to 0.2.8.
  • Remove al.essio.dev/pkg/shellescape (inlined upstream).
  • Update indirect: github.com/danieljoos/wincred to 1.2.3, github.com/godbus/dbus/v5 to 5.2.2.

^{Written for commit 522df39. Summary will update on new commits.}

[dependabot]

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[cubic-dev-ai]

No issues found across 2 files