chore(deps): Bump github.com/tektoncd/cli from 0.41.1 to 0.42.0

[dependabot]

Bumps github.com/tektoncd/cli from 0.41.1 to 0.42.0.

Release notes

Sourced from github.com/tektoncd/cli's releases.

v0.42.0 Release 🎉

This release comes with support for Pipelines v1.3.1, Triggers v0.33.0 and Hub v1.22.2. Also in this release, there are couple of bug fixes, we are now defaulting to print the log source during logs streaming and also we are deprecating the chains sub-command.

ChangeLog 📋

Deprecation ⚠️

• Deprecate the chain command tektoncd/cli#2550

Features ✨

• Add flag to prefix log lines with log source (task and step name) by default tektoncd/cli#2525

Fixes 🐛

• fix panic when trying to read pod logs when pod is already deleted tektoncd/cli#2595
• fix: update Pending color of PipelineRunPending tektoncd/cli#2553
• Fix deadlock issue when following logs tektoncd/cli#2556

Misc 🔨

• Migrate CI into GitHub workflows tektoncd/cli#2516
• Update CLI docs for tkn v0.41.0 tektoncd/cli#2544
• Bump the go-docker-dependencies group with 2 updates tektoncd/cli#2548
• Bump the go-docker-dependencies group with 2 updates tektoncd/cli#2549
• Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 tektoncd/cli#2552
• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 in /tools tektoncd/cli#2561
• Bump github.com/go-chi/chi/v5 from 5.2.1 to 5.2.2 tektoncd/cli#2560
• Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 tektoncd/cli#2562
• Bump github.com/sigstore/sigstore from 1.9.4 to 1.9.5 tektoncd/cli#2554
• Update golangci-lint to v2 tektoncd/cli#2566
• Bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible tektoncd/cli#2572
• Bump github.com/docker/cli from 28.2.2+incompatible to 28.3.3+incompatible in the go-docker-dependencies group across 1 directory tektoncd/cli#2573
• Bump github.com/tektoncd/pipeline from 1.0.0 to 1.2.0 tektoncd/cli#2563
• Bump ko-build/setup-ko from 0.8 to 0.9 tektoncd/cli#2579
• Bump github/codeql-action from 3.28.11 to 3.29.5 tektoncd/cli#2580
• Bump actions/setup-go from 5.3.0 to 5.5.0 tektoncd/cli#2578
• Bump step-security/harden-runner from 2.11.0 to 2.13.0 tektoncd/cli#2581
• Bump github.com/sigstore/cosign/v2 from 2.5.0 to 2.5.3 tektoncd/cli#2565
• Bump github.com/ktr0731/go-fuzzyfinder from 0.8.0 to 0.9.0 tektoncd/cli#2531
• Bump the go-k8s-dependencies group with 3 updates tektoncd/cli#2574
• Bump github.com/spf13/pflag from 1.0.6 to 1.0.7 tektoncd/cli#2586
• Bump tektoncd/pipeline, tektoncd/hub and tektoncd/triggers tektoncd/cli#2592
• Bump golang.org/x/term from 0.32.0 to 0.34.0 tektoncd/cli#2582
• Bump actions/checkout from 4.2.2 to 5.0.0 tektoncd/cli#2593
• Bump github/codeql-action from 3.29.7 to 3.29.10 tektoncd/cli#2594
• Bump the go-k8s-dependencies group with 3 updates tektoncd/cli#2596

Thanks ❤️

... (truncated)

Changelog

Sourced from github.com/tektoncd/cli's changelog.

Tekton CLI Releases

Release Frequency

Tekton CLI follows the Tekton community [release policy][release-policy] as follows:

• Versions are numbered according to semantic versioning: vX.Y.Z
• A new release is produced on a monthly basis
• Four releases a year are chosen for long term support (LTS). All remaining releases are supported for approximately 1 month (until the next release is produced)
  • LTS releases take place in January, April, July and October every year
  • The first Tekton CLI LTS release will be v0.30.0 in January 2023
  • Releases happen towards the middle of the month, but the exact date may vary, depending on week-ends and readiness

Tekton CLI produces nightly builds, publicly available on gcr.io/tekton-nightly.

Transition Process

Before release v0.28 Tekton CLI has worked on the basis of an undocumented support period of four months, which will be maintained for the releases between v0.26 and v0.27.

Release Process

Read about releasing the Tekton CLI in the [release process documentation] [tekton-release-process].

Further documentation available:

• [Tekton resources][tekton-releases-docs]
• Standard for [release notes][release-notes-standards]

Releases

v0.42 (LTS)

• Latest Release: [v0.42.0][v0-42-0] (2025-08-22) ([docs][v0-42-0-docs])
• Initial Release: [v0.42.0][v0-42-0] (2025-08-22) ([docs][v0-42-0-docs])
• End of Life: 2026-08-21

v0.41 (LTS)

• Latest Release: [v0.41.1][v0-41-1] (2025-07-14) ([docs][v0-41-1-docs])
• Initial Release: [v0.41.0][v0-41-0] (2025-05-20) ([docs][v0-41-0-docs])
• End of Life: 2026-05-19

... (truncated)

Commits

• 9f5e8ec New version v0.42.0
• 84d0c59 Handle nil steps and add error message
• 26b9c31 fix panic when trying to read pod logs when pod is already deleted
• 84bed78 Bump the go-k8s-dependencies group with 3 updates
• 887aa51 Bump github/codeql-action from 3.29.7 to 3.29.10
• 5b3eac6 Bump actions/checkout from 4.2.2 to 5.0.0
• b4b9908 Bump golang.org/x/term from 0.32.0 to 0.34.0
• 03c38dd Bump tektoncd/pipeline, tektoncd/triggers and tektoncd/hub
• de51ffe Bump github.com/spf13/pflag from 1.0.6 to 1.0.7
• f586b97 Bump the go-k8s-dependencies group with 3 updates
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)