Bump github.com/buildpacks/lifecycle from 0.21.8 to 0.21.9

[dependabot]

Bumps github.com/buildpacks/lifecycle from 0.21.8 to 0.21.9.

Release notes

Sourced from github.com/buildpacks/lifecycle's releases.

lifecycle v0.21.9

Welcome to v0.21.9, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.21.9.

Features

• Updates go to version 1.26.3

Chores

• Update imgutil to v0.0.0-20260415151438-73856e68b72b by @​jabrown85 in buildpacks/lifecycle#1637
• fix: adding required permissions to top level and jobs in the workflow by @​gaganhr94 in buildpacks/lifecycle#1639
• Bump the go-dependencies group across 1 directory with 6 updates by @​dependabot[bot] in buildpacks/lifecycle#1640
• Bump github.com/osscontainertools/kaniko from 1.27.3 to 1.27.4 in the go-dependencies group by @​dependabot[bot] in buildpacks/lifecycle#1643
• go 1.26.3 by @​jabrown85 in buildpacks/lifecycle#1645

Full Changelog: buildpacks/lifecycle@v0.21.8...release/0.21.9

Contributors

We'd like to acknowledge that this release wouldn't be as good without the help of the amazing contributors!

New Contributors

• @​gaganhr94 made their first contribution in buildpacks/lifecycle#1639

Full Changelog: buildpacks/lifecycle@v0.21.8...v0.21.9

Commits

• 0f721e1 Merge pull request #1645 from buildpacks/upgrade-go-version-1-26-3
• 1d34ed9 go 1.26.3
• 0a0ef17 Merge pull request #1643 from buildpacks/dependabot/go_modules/go-dependencie...
• 598e0a5 Bump github.com/osscontainertools/kaniko in the go-dependencies group
• b582e4c Merge pull request #1640 from buildpacks/dependabot/go_modules/go-dependencie...
• e56927a Merge pull request #1639 from gaganhr94/fix/token-permissions
• c070fa4 Bump the go-dependencies group across 1 directory with 6 updates
• b2639db fix: adding required permissions to top level and jobs in the workflow
• c4fa900 Merge pull request #1637 from buildpacks/jab/update-imgutil-reference
• cee9b92 Update imgutil to v0.0.0-20260415151438-73856e68b72b
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)