chore(deps): bump the all group across 1 directory with 4 updates

[dependabot]

Bumps the all group with 3 updates in the / directory: cloud.google.com/go/storage, github.com/google/go-containerregistry and github.com/in-toto/go-witness.

Updates cloud.google.com/go/storage from 1.62.0 to 1.62.1

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage: v1.62.1

v1.62.1 (2026-04-13)

Commits

• f4b10ee chore: librarian release pull request: 20260413T041034Z (#14421)
• dc245af feat(storage): add client feature tracking support (#14320)
• cfdd7ba chore(.github/CODEOWNERS): Add AION SDK as code owners for the auth library (...
• e2d578c test(datastore): skip flaky tests due to datastore contention (#14416)
• 56e1a62 chore: librarian release pull request: 20260409T222456Z (#14413)
• 5ca653a chore: regenerate libraries using protobuf 31, and update generation check wo...
• b4c40aa chore(all): update module go.opentelemetry.io/otel/sdk to v1.43.0 [SECURITY] ...
• eb896d0 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /comp...
• 26c0341 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /cont...
• 8a7febc feat(firestore): Implement Search pipeline stage and related expressions (#14...
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.4 to 0.21.5

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.5

What's Changed

• Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 by @​thaJeztah in google/go-containerregistry#2254
• update to Go 1.26.2 by @​thaJeztah in google/go-containerregistry#2255
• Bump aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0 in the actions group across 1 directory by @​dependabot[bot] in google/go-containerregistry#2257
• build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps group across 1 directory by @​dependabot[bot] in google/go-containerregistry#2260

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

Commits

• 5b80281 build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps gro...
• b99bca2 build(deps): bump aws-actions/configure-aws-credentials (#2257)
• f8be1d4 update to Go 1.26.2 (#2255)
• 87ad88b Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 (#2254)
• See full diff in compare view

Updates github.com/in-toto/go-witness from 0.9.2 to 0.10.0

Commits

• ca49d4d chore: bump softprops/action-gh-release from 2.6.1 to 3.0.0 (#703)
• 905a400 chore: bump actions/upload-artifact from 7.0.0 to 7.0.1 (#702)
• a589679 chore: bump step-security/harden-runner from 2.16.1 to 2.17.0 (#701)
• f0ee6dd chore: bump github.com/mattn/go-isatty from 0.0.20 to 0.0.21 (#700)
• 03c39ab chore: bump fossas/fossa-action from 1.8.0 to 1.9.0 (#697)
• fba24ec chore(dep): update dependencies and more (#693)
• 164f71d chore: bump step-security/harden-runner from 2.16.0 to 2.16.1 (#696)
• 695c252 chore: bump github.com/sigstore/sigstore from 1.10.4 to 1.10.5 (#690)
• 5f634b5 chore: bump github.com/openvex/go-vex from 0.2.7 to 0.2.8 (#691)
• c2f9dea chore: bump actions/setup-go from 6.3.0 to 6.4.0 (#692)
• Additional commits viewable in compare view

Updates golang.org/x/exp from 0.0.0-20250620022241-b7579e27df2b to 0.0.0-20260312153236-7ab1446f8b90

Commits

• See full diff in compare view

[tekton-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign wlynch after the PR has been reviewed.
You can assign the PR to them by writing /assign @wlynch in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment