Bump github.com/regclient/regclient from 0.11.2 to 0.11.5

[dependabot]

Bumps github.com/regclient/regclient from 0.11.2 to 0.11.5.

Release notes

Sourced from github.com/regclient/regclient's releases.

v0.11.5

Release v0.11.5

Security:

• Prevent https to non-https downgrades and localhost redirects. (PR 1093)
• Forbid sending auth on redirects. (PR 1095)

Features:

• Add regbot manifest.descriptor to the sandbox. (PR 1091)

Contributors:

• @​GimmyDatBeeR
• @​sudo-bmitch

v0.11.4

Release v0.11.4

Security:

• Validate server URL in token auth. (PR 1075)
• Upgrading Go fixes CVE-2026-33814 and CVE-2026-39836, other vulnerabilities fixed in 1.26.3 were not called by this project. (PR 1084)

Features:

• Support scanning OCI Layout for referrers. (PR 1074)
• Add created timestamp in OCI Layout entries. (PR 1081)
• tag.ls now accepts the same pagination parameters as repo.ls. (PR 1086)

Fixes:

• Push tags for minor and major releases on Docker Hub. (PR 1087)

Contributors:

• @​ffried
• @​sudo-bmitch

... (truncated)

Changelog

Sourced from github.com/regclient/regclient's changelog.

Release v0.11.5

Security:

• Prevent https to non-https downgrades and localhost redirects. (PR 1093)
• Forbid sending auth on redirects. (PR 1095)

Features:

• Add regbot manifest.descriptor to the sandbox. (PR 1091)

Contributors:

• @​GimmyDatBeeR
• @​sudo-bmitch

Commits

• 2bc542b Release v0.11.5
• 1a6316a Merge for release v0.11.5
• bb093cf Merge pull request #1095 from sudo-bmitch/pr-forbid-auth-on-redirect
• 746d6cf Sec: Forbid sending auth on redirects
• c439fbf Merge pull request #1094 from sudo-bmitch/pr-update-20260524
• 2afb750 Version bump
• 139138e Merge pull request #1093 from sudo-bmitch/pr-prevent-bad-redirect
• 1a80807 Sec: Prevent https to non-https downgrades and localhost redirects
• 65a279a Merge pull request #1092 from sudo-bmitch/pr-update-20260520
• a617d64 Version bump
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)