chore(deps): bump github.com/onsi/gomega from 1.39.1 to 1.40.0

[dependabot]

Bumps github.com/onsi/gomega from 1.39.1 to 1.40.0.

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.40.0

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

Commits

• 87ee9d3 v1.40.0
• ea66027 v1.40.0 (full)
• e3fd789 update docs to reflect new versioning strategy
• 7d4ee30 first push to master-lite
• e4a82d1 Bump github/codeql-action from 3 to 4 (#875)
• af62723 Bump rexml from 3.4.0 to 3.4.2 in /docs (#870)
• e164221 Bump github.com/onsi/ginkgo/v2 from 2.28.0 to 2.28.1 (#895)
• 334a282 Bump faraday from 2.12.2 to 2.14.1 in /docs (#896)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[Copilot]

Pull request overview

Updates the repository’s Go module dependencies to use github.com/onsi/gomega v1.40.0 (from v1.39.1), aligning the test assertion library with the latest upstream release (including Gomega’s new “master-lite” release/tagging strategy intended to reduce dependency bloat for consumers).

Changes:

• Bump github.com/onsi/gomega from v1.39.1 to v1.40.0 in go.mod.
• Update go.sum checksums to match github.com/onsi/gomega v1.40.0 and remove v1.39.1 entries.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
go.mod	Updates the required Gomega version to v1.40.0.
go.sum	Refreshes checksums for Gomega to v1.40.0 (and drops v1.39.1).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.