[conf](deps): Bump the main group across 1 directory with 3 updates

[dependabot]

Bumps the main group with 3 updates in the /conf directory: github.com/knadh/koanf/v2, github.com/fsnotify/fsnotify and golang.org/x/sys.

Updates github.com/knadh/koanf/v2 from 2.3.4 to 2.3.5

Release notes

Sourced from github.com/knadh/koanf/v2's releases.

v2.3.5

What's Changed

• go-toml v3.3.0 by @​GreyXor in knadh/koanf#410
• Bump github.com/go-jose/go-jose/v4 from 4.1.0 to 4.1.4 in /providers/vault by @​dependabot[bot] in knadh/koanf#411
• go-toml v2.3.1 by @​GreyXor in knadh/koanf#414
• feat: Add k8smount provider by @​mattdowdell in knadh/koanf#409
• Bools: return the matched []bool, not the nil intermediate by @​c-tonneslan in knadh/koanf#416
• fix: report the full key path in MergeStrict type-mismatch error by @​koriyoshi2041 in knadh/koanf#418

New Contributors

• @​mattdowdell made their first contribution in knadh/koanf#409
• @​c-tonneslan made their first contribution in knadh/koanf#416
• @​koriyoshi2041 made their first contribution in knadh/koanf#418

Full Changelog: knadh/koanf@v2.3.4...v2.3.5

Commits

• e09e4c8 fix: report full key var in MergeStrict type-mismatch error message (#418)
• 7a28d59 Exclude nats, vault providers from global workspace and fix CI test commands.
• d511690 Fix test action to use local Go toolchain for different versions.
• 308274c Fix async file provider Watch() test that would race and fail randomly.
• 91fa65d Upgrade vault lib in providers/vault.
• f941889 Upgrade hjson lib in providers/jhson.
• 3a69086 Upgrade NATS deps (dependabot sent 8 alerts) in providers/nats.
• 2dd78e8 Bools: return the matched []bool, not the nil intermediate (#416)
• d1d3dd7 Exclude the ./examples dir from Go workspace to avoid being pulled into tests.
• 1641671 Move k8smount provider mock files out of the global mock dir.
• Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits

• 76b01a6 Release 1.10.1
• fec150b Update changelog
• 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
• 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
• e0c956c windows: document directory Write events and stabilize tests (#745)
• 8d01d7b Release 1.10.0
• 602284e Update changelog
• 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
• dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
• eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
• Additional commits viewable in compare view

Updates golang.org/x/sys from 0.43.0 to 0.45.0

Commits

• 397d5f8 unix: update to Linux kernel 7.0
• 0a387f7 cpu: detect zbc extension on riscv64
• 758f71c cpu: add LLACQ_SCREL, SCQ, DBAR_HINTS detection for loong64
• 99666ae unix: merge Linux readv/writev implementation with Darwin/OpenBSD
• e4444cb windows: add NtSetEaFile, NtQueryEaFile and NtQueryInformationFile
• 04396e8 unix: add Readv, Writev, Preadv, Pwritev for OpenBSD
• fb1facd windows: avoid uint16 overflow in NewNTUnicodeString
• 94ad893 windows: add GetIfTable2Ex, GetIpInterface{Entry,Table}, GetUnicastIpAddressT...
• 54fe89f cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
• df7d5d7 unix: automatically remove container created by mkall.sh
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions