build(deps): bump github.com/go-openapi/swag/jsonname from 0.25.4 to 0.25.5

[dependabot]

Bumps github.com/go-openapi/swag/jsonname from 0.25.4 to 0.25.5.

Release notes

Sourced from github.com/go-openapi/swag/jsonname's releases.

v0.25.5

0.25.5 - 2026-03-02

Full Changelog: go-openapi/swag@v0.25.4...v0.25.5

16 commits in this release.

---

Documentation

• doc: updated contributors file by @​bot-go-openapi[bot] in #177 ...

Code quality

• Doc/discord invite by @​fredbi in #180 ...

Testing

• test: upgraded tests to use generics by @​fredbi in #176 ...
• test: upgraded to go-openapi/testify@v2.3.0 by @​fredbi in #175 ...

Miscellaneous tasks

• chore: prepare release v0.25.5 by @​bot-go-openapi[bot] in #181 ...
• ci: updated ci workflows by @​fredbi in #179 ...
• ci: upgraded shared workflows (fixed secret propagation, fuzz matrix) by @​fredbi in #174 ...
• ci: upgraded shared workflows (fixes mono-repo releases) by @​fredbi in #173 ...

Updates

• build(deps): bump the go-openapi-dependencies group across 15 directories with 2 updates by @​dependabot[bot] in #178 ...
• build(deps): bump the development-dependencies group across 2 directories with 1 update by @​dependabot[bot] in #172 ...
• build(deps): bump the development-dependencies group across 2 directories with 1 update by @​dependabot[bot] in #170 ...
• build(deps): bump the development-dependencies group across 2 directories with 1 update by @​dependabot[bot] in #168 ...
• build(deps): bump the development-dependencies group across 2 directories with 2 updates by @​dependabot[bot] in #167 ...
• build(deps): bump the development-dependencies group across 2 directories with 1 update by @​dependabot[bot] in #166 ...
• build(deps): bump the development-dependencies group across 2 directories with 2 updates by @​dependabot[bot] in #165 ...
• build(deps): bump the development-dependencies group across 2 directories with 1 update by @​dependabot[bot] in #164 ...

---

People who contributed to this release

• @​fredbi

---

... (truncated)

Commits

• 86905cc chore: prepare release v0.25.5
• 345f85b doc: updated docs, links (#180)
• 01b074b ci: updated ci workflows (#179)
• 607decd build(deps): bump the go-openapi-dependencies group across 15 directories wit...
• 4924f95 doc: updated contributors file
• 281942d test: upgraded tests to use generics (#176)
• b9f9e45 test: upgraded to go-openapi/testify@v2.3.0 (#175)
• b7e96e1 ci: upgraded shared workflows (fixed secret propagation, fuzz matrix) (#174)
• 236d975 ci: upgraded shared workflows (fixes mono-repo releases) (#173)
• fd4d373 build(deps): bump the development-dependencies group across 2 directories wit...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Warning

Rate limit exceeded

@dependabot[bot] has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 4 minutes and 10 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: bfe105e7-94d6-4358-a140-ebb462e431b8

📥 Commits

Reviewing files that changed from the base of the PR and between 33b99d7 and 195382b.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

Walkthrough

A single indirect dependency version is updated in the Go module file. The github.com/go-openapi/swag/jsonname dependency is bumped from v0.25.4 to v0.25.5 in go.mod.

Changes

Cohort / File(s)	Summary
Dependency Update go.mod	Updated github.com/go-openapi/swag/jsonname indirect dependency from v0.25.4 to v0.25.5.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is auto-generated by Dependabot and does not follow the repository's template, which requires Summary, Change Type, and Checklist sections.	This is a Dependabot-generated PR. Consider configuring Dependabot to use the repository's PR template, or manually add a Summary section and Change Type (Bug Fix or Docs/Test) to align with repository standards.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: bumping a Go dependency from version 0.25.4 to 0.25.5, which matches the changeset in go.mod.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/go_modules/github.com/go-openapi/swag/jsonname-0.25.5

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Line 45: The go.mod has a version mismatch: the dependency
"github.com/go-openapi/swag/jsonname v0.25.5" is inconsistent with the rest of
the go-openapi/swag submodules pinned at v0.25.4; either revert
"github.com/go-openapi/swag/jsonname" to v0.25.4 to match the other submodules
or intentionally upgrade all "github.com/go-openapi/swag" entries (e.g., the
main "github.com/go-openapi/swag" and its submodules like cmdutils, conv,
fileutils, jsonutils, loading, mangling, netutils, stringutils, typeutils,
yamlutils) to v0.25.5 so versions are consistent—update the go.mod accordingly
and run go mod tidy to ensure no leftover inconsistencies.

---

ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between f645243 and 33b99d7.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify go.mod/go.sum are consistent for the bumped module version.
set -euo pipefail

echo "=== Checking go.mod entry for v0.25.5 ==="
rg -n 'github.com/go-openapi/swag/jsonname\s+v0\.25\.5' go.mod || echo "Entry not found"

echo
echo "=== Checking all go-openapi/swag modules in go.mod ==="
rg 'github.com/go-openapi/swag' go.mod

echo
echo "=== Checking go.sum for v0.25.5 checksums ==="
rg 'github\.com/go-openapi/swag/jsonname v0\.25\.5' go.sum || echo "Checksums not found"

echo
echo "=== Checking if other swag/jsonname versions exist in go.sum ==="
rg 'github\.com/go-openapi/swag/jsonname' go.sum | head -5

Repository: package-operator/boxcutter

Length of output: 1399

---

Version inconsistency detected: jsonname submodule is v0.25.5 while all other go-openapi/swag modules remain at v0.25.4.

The main github.com/go-openapi/swag module and all other submodules (cmdutils, conv, fileutils, jsonutils, loading, mangling, netutils, stringutils, typeutils, yamlutils) are pinned to v0.25.4. Only jsonname is bumped to v0.25.5. This version mismatch across submodules of the same package is unusual and should be verified—it may indicate a Dependabot configuration issue or an unintended selective upgrade. Confirm this is intentional before merging.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 45, The go.mod has a version mismatch: the dependency
"github.com/go-openapi/swag/jsonname v0.25.5" is inconsistent with the rest of
the go-openapi/swag submodules pinned at v0.25.4; either revert
"github.com/go-openapi/swag/jsonname" to v0.25.4 to match the other submodules
or intentionally upgrade all "github.com/go-openapi/swag" entries (e.g., the
main "github.com/go-openapi/swag" and its submodules like cmdutils, conv,
fileutils, jsonutils, loading, mangling, netutils, stringutils, typeutils,
yamlutils) to v0.25.5 so versions are consistent—update the go.mod accordingly
and run go mod tidy to ensure no leftover inconsistencies.

[dependabot]

Superseded by #482.