build(deps): bump github.com/golangci/golangci-lint/v2 from 2.5.0 to 2.6.0 in /tools/mod

[dependabot]

Bumps github.com/golangci/golangci-lint/v2 from 2.5.0 to 2.6.0.

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.6.0

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

• b99da877a2476e61b7b43d5b7f9f80bff0a16a4a build(deps): bump github.com/Abirdcfly/dupword from 0.1.6 to 0.1.7 (#6142)
• 45547bcef0e48b08ced753fa5dcbf28a23b32b0f build(deps): bump github.com/ashanbrown/forbidigo/v2 from 2.1.0 to 2.3.0 (#6149)
• ddce9aa4cb8ac53a7486136a65779e0fd17428c7 build(deps): bump github.com/ashanbrown/makezero/v2 from 2.0.1 to 2.1.0 (#6150)
• 43aa1373aedf8b5360b6a6a88445d4e5a343da8b build(deps): bump github.com/bombsimon/wsl/v5 from 5.2.0 to 5.3.0 (#6113)
• 6970e52b7b56739fe5df7fd6f105086cff32cedc build(deps): bump github.com/catenacyber/perfsprint from 0.9.1 to 0.10.0 (#6134)
• e6d1006d7e4c80433c9cd58ec5dca0b222a73439 build(deps): bump github.com/charithe/durationcheck from 0.0.10 to 0.0.11 (#6148)
• ee369a2b03acebc489d9f53b6a3488b63609d222 build(deps): bump github.com/ghostiam/protogetter from 0.3.16 to 0.3.17 (#6112)
• f61b8111836f1e09e49f557ad15a3d7cd756a235 build(deps): bump github.com/go-critic/go-critic from 0.13.0 to 0.14.0 (#6135)
• b6347cac2cdc109393adc5ec2ff0eb4d6fe1d367 build(deps): bump github.com/godoc-lint/godoc-lint from 0.10.0 to 0.10.1 (#6131)
• 05470761da8752748dbe340106f7045bb9c222e4 build(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 (#6124)
• a0ecbfe5c9f95102c4c3e59291907f0567fc2643 build(deps): bump github.com/gostaticanalysis/nilerr from 0.1.1 to 0.1.2 (#6105)
• 6e9a864a003e35e5d3b46420738c67ec1bb399e1 build(deps): bump github.com/kunwardeep/paralleltest from 1.0.14 to 1.0.15 (#6132)
• d9bc87f6715fb0b6c062f96dedf5bae5a78c7b9b build(deps): bump github.com/ldez/exptostd from 0.4.4 to 0.4.5 (#6117)
• 12a767bacf5c447b2a058398e1d6b1b18a4aefba build(deps): bump github.com/ldez/gomoddirectives from 0.7.0 to 0.7.1 (#6101)
• 4d9abc898d9539cdd1f48cec46694a3e0b951ebe build(deps): bump github.com/nunnatsa/ginkgolinter from 0.21.0 to 0.21.2 (#6118)
• fe94ab013613017a807fc7eb6dc75ecfd1ece88d build(deps): bump github.com/quasilyte/go-ruleguard/dsl from 0.3.22 to 0.3.23 (#6102)
• 69cb39dee433151bc65f00603fee3914f851b044 build(deps): bump github.com/securego/gosec/v2 from 2.22.8 to 2.22.9 (#6103)
• 68007a646bbe1dd2eb6017b2665490d73353067f build(deps): bump github.com/securego/gosec/v2 from 2.22.9 to 2.22.10 (#6133)
• 893f8d87a2e10742fec8faaf223db1acf57b7d2d build(deps): bump github.com/shirou/gopsutil/v4 from 4.25.8 to 4.25.9 (#6111)
• 354996c09e0b7d6ade98f669e69c94b6f0828690 build(deps): bump github/codeql-action from 3 to 4 in the github-actions group (#6129)
• 2fb8ec3cc590c3f4e16f1fa3fb16627f4704a434 build(deps): bump go.augendre.info/arangolint from 0.2.0 to 0.3.0 (#6139)
• a53feb405dd418559dcf7fc2fb87fa8eddadf7e5 build(deps): bump go.augendre.info/arangolint from 0.3.0 to 0.3.1 (#6141)
• 564ba150f41e867428609b1c5b24fff275e1e8bc build(deps): bump go.augendre.info/fatcontext from 0.8.1 to 0.9.0 (#6104)
• d520da6f7a51fd92eb95efe4737194528c76249f build(deps): bump golang.org/x/mod from 0.28.0 to 0.29.0 (#6119)
• 3be46d6cd84e5d8bb46623c2ed9af5250b45c89d build(deps): bump golang.org/x/oauth2 from 0.31.0 to 0.32.0 in /scripts/gen_github_action_config in the scripts group (#6130)
• 6d7508475b86bc4a9c1ea4f580cea81d1f1f458c build(deps): bump golang.org/x/sys from 0.36.0 to 0.37.0 (#6116)
• bcfa9db76a32f056bb8fa6949354b3402de9bbf9 build(deps): bump golang.org/x/tools from 0.37.0 to 0.38.0 (#6123)
• 95f94ffd0cb35ce5aa67b4cd857f3eb8b90f5e4e build(deps): bump mvdan.cc/gofumpt from 0.9.1 to 0.9.2 (#6143)
• 4d2276d2070bcaca4d993ca9c8ab9ef3ef848133 build(deps): bump mvdan.cc/unparam to HEAD (#6152)
• a0694f96f43f869c9ea5898134e908f8cd8c35d5 build(deps): bump the linter-testdata group across 4 directories with 7 updates (#6106)
• 655e8ede5178280b2a640e185bc4a343aed0f54e feat: add modernize analyzer suite (#6126)
• faa618a2076493b807eca1e3c2ec77ad8075ef0d fix: ignore some files to hash the version for custom build (#6100)
• 588af2ffb8087b29407d9246022f83ae70eb2cc3 gocritic: add new checks
• 657bc31501751e011b5dc5466bc33bb51dad443c perfsprint: add new options

Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.6.0

1. New linters
   • Add modernize analyzer suite
2. Linters new features or changes
   • arangolint: from 0.2.0 to 0.3.1
   • dupword: from 0.1.6 to 0.1.7 (new option comments-only)
   • go-critic: from 0.13.0 to 0.14.0 (new rules/checkers: zeroByteRepeat, dupOption)
   • gofumpt: from 0.9.1 to 0.9.2 ("clothe" naked returns is now controlled by the extra-rules option)
   • perfsprint: from 0.9.1 to 0.10.0 (new options: concat-loop, loop-other-ops)
   • wsl: from 5.2.0 to 5.3.0
3. Linters bug fixes
   • dupword: from 0.1.6 to 0.1.7
   • durationcheck: from 0.0.10 to 0.0.11
   • exptostd: from 0.4.4 to 0.4.5
   • fatcontext: from 0.8.1 to 0.9.0
   • forbidigo: from 2.1.0 to 2.3.0
   • ginkgolinter: from 0.21.0 to 0.21.2
   • godoc-lint: from 0.10.0 to 0.10.1
   • gomoddirectives: from 0.7.0 to 0.7.1
   • gosec: from 2.22.8 to 2.22.10
   • makezero: from 2.0.1 to 2.1.0
   • nilerr: from 0.1.1 to 0.1.2
   • paralleltest: from 1.0.14 to 1.0.15
   • protogetter: from 0.3.16 to 0.3.17
   • unparam: from 0df0534333a4 to 5beb8c8f8f15
4. Misc.
   • fix: ignore some files to hash the version for custom build

Commits

• fb09c37 chore: prepare release
• a817841 dev: update goreleaser configuration (#6155)
• 4d2276d build(deps): bump mvdan.cc/unparam to HEAD (#6152)
• 3266b0b chore: improve PR template
• ddce9aa build(deps): bump github.com/ashanbrown/makezero/v2 from 2.0.1 to 2.1.0 (#6150)
• 45547bc build(deps): bump github.com/ashanbrown/forbidigo/v2 from 2.1.0 to 2.3.0 (#6149)
• e6d1006 build(deps): bump github.com/charithe/durationcheck from 0.0.10 to 0.0.11 (#6...
• d64a8e2 chore: improve PR template
• b99da87 build(deps): bump github.com/Abirdcfly/dupword from 0.1.6 to 0.1.7 (#6142)
• 95f94ff build(deps): bump mvdan.cc/gofumpt from 0.9.1 to 0.9.2 (#6143)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign jmhbnz for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[ahrtr]

/ok-to-test

[ahrtr]

https://prow.k8s.io/view/gs/kubernetes-ci-logs/pr-logs/pull/etcd-io_etcd/20880/pull-etcd-verify/1985415604776996864

PASSES="go_workspace" ./scripts/test.sh
Running with --race
Starting at: Mon Nov  3 18:41:00 UTC 2025
              
'go_workspace' started at Mon Nov  3 18:41:00 UTC 2025
Ensuring go workspace is in sync.
% 'go' 'mod' 'download'
�[0;31mGo workspace not in sync.
Suggestion: run "make fix" to address the issue.
              
�[0;31mFAIL: 'go_workspace' FAILED at Mon Nov  3 18:41:39 UTC 2025
make: *** [Makefile:225: verify-go-workspace] Error 255

cc @ivanvc

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 69.12%. Comparing base (1b2ed5a) to head (4b95c90).

Additional details and impacted files

see 15 files with indirect coverage changes

@@            Coverage Diff             @@
##             main   #20880      +/-   ##
==========================================
- Coverage   69.21%   69.12%   -0.09%     
==========================================
  Files         422      422              
  Lines       34831    34831              
==========================================
- Hits        24108    24077      -31     
- Misses       9327     9355      +28     
- Partials     1396     1399       +3     

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1b2ed5a...4b95c90. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[k8s-ci-robot]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-etcd-release-tests	4b95c90	link	true	/test pull-etcd-release-tests
pull-etcd-verify	4b95c90	link	true	/test pull-etcd-verify
pull-etcd-e2e-amd64	4b95c90	link	true	/test pull-etcd-e2e-amd64

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[ivanvc]

Hi @ahrtr. We're not merging dependencies from Depabot pull requests outside of our current workflow.

1. Dependabot doesn't make the dependencies consistent across our different modules.
2. Dependabot doesn't update the Go workspace.

Can you explain why you're trying to do this outside the weekly dependency update process?

[ahrtr]

Can you explain why you're trying to do this outside the weekly dependency update process?

I am just bringing the errors to your attention. For the tools/mod, usually it is independent. There shouldn't be any error.

Clarification:

• For workflow dep version, we can merge when green, see example build(deps): bump github/codeql-action from 4.31.0 to 4.31.2 #20879
• For others, usually we deliver a comprehensive/consolidated PR.

[ivanvc]

I am just bringing the errors to your attention. For the tools/mod, usually it is independent. There shouldn't be any error.

We can't/It's not independent. Please refer to: #20548

Clarification:

* For workflow dep version, we can merge when green, see example #20879

This example is from a GitHub action, not a Go dependency.