Update google.golang.org/genproto/googleapis/rpc digest to 7ab31c2

[red-hat-konflux-kflux-prd-rh02]

This PR contains the following updates:

Package	Type	Update	Change
google.golang.org/genproto/googleapis/rpc	indirect	digest	0a33c5d → 7ab31c2

---

Configuration

📅 Schedule: Branch creation - "on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ciaranroche for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift-hyperfleet member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: e5181c0a-d7a3-440e-b391-60da2691b1a3

📥 Commits

Reviewing files that changed from the base of the PR and between 7f49e34 and 1d7a43c.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum, !**/go.sum

📒 Files selected for processing (1)

• go.mod

🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

• openshift-hyperfleet/architecture (manual)
• openshift-hyperfleet/hyperfleet-api (manual)
• openshift-hyperfleet/hyperfleet-sentinel (manual)
• openshift-hyperfleet/hyperfleet-adapter (manual)
• openshift-hyperfleet/hyperfleet-broker (manual)

---

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Updated indirect dependencies for infrastructure improvements.

Walkthrough

go.mod bumps the indirect dependency google.golang.org/genproto/googleapis/rpc from pseudo-version v0.0.0-20260523011958-0a33c5d7ca68 to v0.0.0-20260610212136-7ab31c22f7ad. No other files are modified. go.sum is not included in this diff, which means the hash pinning for the new commit is not visible here.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

---

Supply chain surface (CWE-829: Inclusion of Functionality from Untrusted Control Sphere):

• go.sum is absent from this PR. The new pseudo-version 7ab31c22f7ad must be verified against the Go checksum database (sum.golang.org). Without go.sum changes visible, there is no on-record proof that the fetched module bytes match an audited hash.
• Pseudo-versions are commit-pinned, not release-tagged. Confirm 7ab31c22f7ad is a legitimate upstream commit on the google.golang.org/genproto main branch and not an injected or typosquatted artifact.
• Verify this bump was not triggered by an unvetted automated PR (e.g., Dependabot misconfiguration) without a corresponding CVE or security advisory — absent justification is a red flag for supply chain manipulation (CWE-494).

🚥 Pre-merge checks | ✅ 11

✅ Passed checks (11 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title clearly describes the specific dependency update by package name and target digest hash.
Description check	✅ Passed	Description provides relevant context including package details, digest change, and MintMaker configuration information related to the dependency update.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output	✅ Passed	All log statements (slog, log, fmt.Print*) examined across 260 added log lines contain no tokens, passwords, credentials, or secrets.
No Hardcoded Secrets	✅ Passed	No hardcoded secrets, API keys, tokens, passwords, or private keys detected. PR contains automated dependency updates with legitimate version strings and auto-generated go.sum hashes.
No Weak Cryptography	✅ Passed	PR updates indirect dependency google.golang.org/genproto/googleapis/rpc. No weak cryptography (MD5/DES/RC4/SHA1 for security, ECB mode, custom crypto) or unsafe secret comparisons detected in code...
No Injection Vectors	✅ Passed	No injection patterns detected. PR updates dependency digest only; no code contains CWE-78, CWE-79, CWE-89, or CWE-502 vulnerabilities.
No Privileged Containers	✅ Passed	PR contains only go.mod dependency update; no Dockerfiles or Kubernetes manifests were modified. Existing configs show non-root users (UID 65532), allowPrivilegeEscalation: false, capabilities: dro...
No Pii Or Sensitive Data In Logs	✅ Passed	PR contains only dependency version updates to go.mod/go.sum with no new or modified logging statements that could expose PII or sensitive data.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/main/google.golang.org-genproto-googleapis-rpc-digest

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch konflux/mintmaker/main/google.golang.org-genproto-googleapis-rpc-digest

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}