fix(deps): update all non-major go dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/cloudnative-pg/cloudnative-pg	v1.27.0 -> v1.27.1
github.com/onsi/ginkgo/v2	v2.27.0 -> v2.27.1

---

Release Notes

cloudnative-pg/cloudnative-pg (github.com/cloudnative-pg/cloudnative-pg)

v1.27.1

Compare Source

Release date: Oct 23, 2025

Changes

• Delayed the decommissioning of native in-core support for Barman Cloud to at least version 1.29. (#​8670)

• Adopted the new format of postgres-containers and postgis-containers images and image catalog artifacts, and updated the default PostgreSQL version to 18.0-system-trixie (PostgreSQL 18 is now supported). (#​8578, #​8760, #​8558)

• Deprecated the monitoring.enablePodMonitor field in the Cluster and Pooler resources. This field will be removed in a future release. Users who rely on PodMonitor resources should create them manually instead. (#​8753)

Enhancements

• Added support for overriding the PgBouncer auth_type, server_tls_sslmode, and client_tls_sslmode settings, which were previously hardcoded. Default values remain consistent with the former behavior but can now be customized when required. (#​8674)

• Added a CHECKPOINT step before PostgreSQL smart and fast shutdowns to reduce shutdown duration and replica promotion time, especially on systems with a high checkpoint_timeout. (#​8867)

• Added a warning in the instance manager for deprecated or unsupported OS versions, based on the official postgres-containers project. (#​8601)

• Improved certificate parsing error reporting. Failures now log specific errors instead of a generic message, aiding troubleshooting. This is particularly relevant after the CVE-2025-58187 fix in Go 1.25.2 and 1.24.8, which may trigger parsing failures for invalid DNS SANs. (#​8801)

• Added a check to ensure the destination WAL archive path is empty when bootstrapping a cluster using the pg_basebackup method, consistent with other bootstrap methods. (#​8895)

• Added validation to prevent backups from running on hibernated clusters. Backups attempted on such clusters now fail with reason ClusterIsHibernated, following the standard prerequisite check pattern. (#​8870)

• Added support for pprof profiling. Instances can now enable the pprof tool by adding the alpha.cnpg.io/enableInstancePprof annotation to the Cluster resource for advanced debugging. (#​7876)

• cnpg plugin:

  • Updated the Flexible I/O Tester (FIO) image to wallnerryan/fiotools-aio:v2, as provided by Ryan Wallner. (#​8847)

  • Enhanced the cnpg status backup command to provide more detailed status information when using a barman-cloud-based backup plugin. (#​8780, #​8690)

Fixes

• Fixed backup restoration failures when using custom WAL segment sizes with parallel WAL recovery. The operator no longer manages the end-of-WAL file marker during restoration, preventing errors when backups span multiple WAL segments. (#​8873)

• Fixed a bug in major upgrades where a volume snapshot from a previous minor version could be incorrectly used to optimize replica creation. (#​8475)

• Fixed initdb to wait for the application user secret before bootstrapping a new cluster, preventing potential race conditions. (#​8663)

• Fixed quorum-based failover to work correctly in clusters with only two instances using synchronous replication. (#​8680)

• Fixed configuration hash calculation to ignore internal configuration fields, preventing unnecessary reconciliations. (#​8868)

• Fixed the connection retry logic in the cnpgi plugin. The reconciliation loop now detects connection pool changes correctly and uses exponential backoff to reduce "closed pool" errors. (#​8554)

• Fixed volume snapshot usage during replica scaling to work with backup plugins. Previously, this optimization was only available with the in-tree backup implementation, but now clusters using backup plugins can also leverage volume snapshots when creating new replicas. (#​8506)

• Fixed the Pooler templating to correctly inherit settings for the bootstrap controller init container. (#​8394)

• Fixed webhook errors to use the correct API group (postgresql.cnpg.io) in Pooler and backup webhooks, ensuring consistent API error reporting. (#​8485)

• Fixed a potential nil pointer dereference in the hibernation reconciler when handling errors. Contributed by @​PascalBourdier. (#​8756)

• Fixed an issue in the environment cache where callers could inadvertently modify shared data. The LoadEnv function now returns a copy of cached environment slices to prevent mutations from affecting the cache. (#​8880)

onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.27.1

Compare Source

2.27.1

Fixes

• Fix Ginkgo Reporter slice-bounds panic [606c1cb]
• Bug Fix: Add GinkoTBWrapper.Attr() and GinkoTBWrapper.Output() [a6463b3]

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 5 additional dependencies were updated

Details:

Package	Change
github.com/go-openapi/swag	v0.23.1 -> v0.24.1
github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring	v0.84.1 -> v0.86.1
go.yaml.in/yaml/v2	v2.4.2 -> v2.4.3
golang.org/x/sys	v0.36.0 -> v0.37.0
golang.org/x/term	v0.35.0 -> v0.36.0