chore(deps): bump github.com/privateerproj/privateer-sdk from 1.25.0 to 1.31.0 in the dependencies group across 1 directory

[dependabot]

Bumps the dependencies group with 1 update in the / directory: github.com/privateerproj/privateer-sdk.

Updates github.com/privateerproj/privateer-sdk from 1.25.0 to 1.31.0

Release notes

Sourced from github.com/privateerproj/privateer-sdk's releases.

v1.31.0

Changelog

• feat(publish): add plugin publishing pipeline to grc.store @​eddie-knight (#238)
• feat(pluginkit): add publish-manifest generation for plugins @​eddie-knight (#237)
• feat(auth): add OIDC login, keyless signing, and token store for the hub @​eddie-knight (#236)
• feat(verify): add keyless signature + identity verification with digest walk @​eddie-knight (#235)

🚀 Features

• feat(install): migrate to grc.store verified install; remove GitHub-releases path @​eddie-knight (#239)

See details of all code changes since previous release

v1.30.0

Changelog

• feat(config): add getters for services, autoinstall, and binaries path @​eddie-knight (#233)

🚀 Features

• feat(oci): add grc.store OCI client (pull, push, sign, discovery, index) @​eddie-knight (#234)

See details of all code changes since previous release

v1.29.0

Changelog

🚀 Features

• feat(utils): add WriteFileAtomic for crash-safe file writes @​eddie-knight (#232)

See details of all code changes since previous release

v1.28.0

Changelog

🚀 Features

• feat(ai): add AI evidence packet writer @​vinayada1 (#229)

See details of all code changes since previous release

v1.27.0

Changelog

🚀 Features

• feat(ai): add AI dry-run mode and SDK config integration @​vinayada1 (#227)

🧰 Maintenance

• chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 in the dependencies group @dependabot[bot] (#228)

See details of all code changes since previous release

... (truncated)

Commits

• 43643c9 feat(install): migrate to grc.store verified install; remove GitHub-releases ...
• eb8fda6 feat(publish): add plugin publishing pipeline to grc.store (#238)
• a469b34 feat(pluginkit): add publish-manifest generation for plugins (#237)
• e527225 feat(auth): add OIDC login, keyless signing, and token store for the hub (#236)
• 6f0748e feat(verify): add keyless signature + identity verification with digest walk ...
• cc31fbc feat(oci): add grc.store OCI client (pull, push, sign, discovery, index) (#234)
• 3df1657 feat(config): add getters for services, autoinstall, and binaries path (#233)
• b1b0aae feat(utils): add WriteFileAtomic for crash-safe file writes (#232)
• b895eae feat(ai): add AI evidence packet writer (#229)
• e785024 feat(ai): add AI dry-run mode and SDK config integration (#227)
• Additional commits viewable in compare view

[jmeridth]

Root Cause

SDK v1.26.0 added a persistent --output / -o flag on the root command (base.go:39):

cmd.PersistentFlags().StringP("output", "o", "yaml", "...")

Because it's a PersistentFlag, it propagates to all subcommands, including generate-plugin. Then in cmd/generate-plugin.go:28 in this repo:

genPluginCmd.Flags().StringP("output-dir", "o", "generated-plugin/", "...")

...tries to claim -o again on the same flagset, causing the cobra panic. This crashes every generate-plugin invocation with exit code 2 instead of the expected exit codes, which fails all 5 generate-plugin integration test assertions.

Fix Options

Option A -- Drop the -o shorthand from --output-dir in this repo (simplest)
Change "o" to "" on line 28 of cmd/generate-plugin.go. Users would need to type --output-dir fully. This is the least invasive change.

Option B -- Rename the shorthand to something else, like -d
Change "o" to "d" (for "directory"). Users who relied on -o for output-dir would need to switch, but it avoids the collision while keeping a shorthand available.

Option C -- Fix it in the SDK by removing -o from the persistent --output flag
This is arguably the better long-term fix since --output is mostly relevant to run, not all subcommands. But it's a separate repo/PR and doesn't solve the immediate CI failure.