Bump go.k6.io/k6 from 1.7.1 to 1.8.0 in /long-running-test-arch/xk6

[dependabot]

Bumps go.k6.io/k6 from 1.7.1 to 1.8.0.

Release notes

Sourced from go.k6.io/k6's releases.

v1.8.0

k6 v1.8.0 is here! This maintenance release on v1.x includes:

• Cloud secrets are now automatically available in k6 cloud run --local-execution — use --no-cloud-secrets to opt out.
• Pre-manifest extension dependencies are captured in archive metadata for cloud consumers.
• Structured logging from k6provider for better visibility into automatic extension provisioning.
• Multiple bug fixes for Browser, WebSocket, and Cloud modules.
• Dependency updates and reliability improvements.

Breaking changes

There are no breaking changes in this release.

New features

Cloud secrets now automatically available in local execution #5738 & #5875

When running k6 cloud run --local-execution, secrets stored in Grafana Cloud are now automatically available to your script via secrets.get() without any additional configuration.

To opt out, pass --no-cloud-secrets:

k6 cloud run --local-execution --no-cloud-secrets script.js

Thanks, @​vortegatorres!

Pre-manifest extension dependencies captured in archive metadata #5819 & #5977

When creating a k6 archive (k6 archive), extension dependency information is now captured in metadata.json under a "dependencies" field, using the constraints declared by the script before any external manifest overrides are applied. This ensures that k6/x/ imports are preserved correctly during auto-extension-resolution re-execution.

UX improvements and enhancements

• #5815 & #5993 Warns when http.get() or http.head() receive extra arguments that are silently ignored, helping catch common scripting mistakes. Thanks, @​moko-poi!
• #5657 Adds automatic retries to newAction-based Locator APIs in the browser module, improving reliability of browser tests. Thanks, @​janHildebrandt98!
• #5845 Wires k6provider's structured logging into k6's logger. Provisioning operations (artifact resolution, cache hits, downloads, retries, and cache pruning) now appear in k6's log output at the correct level.

Bug fixes

• #5855 Fixes auto-extension-resolution incorrectly triggering binary provisioning when a script manifest specifies a dependency as a Go module pseudo-version (v0.0.0+sha or v0.0.0-timestamp-sha), even when the running binary already satisfied the constraint.
• #5574 Fixes position parser for base pointer options. Thanks, @​chrismooreproductions!
• #5630 & #5987 Fixes duplicate redirect request metric emissions in the browser module, where each redirect was incorrectly emitting metrics for all prior redirects in the chain.
• #5620 & #5991 Preserves context cancellation causes across the scheduler, browser, and secret-source layers, improving the accuracy of error messages surfaced when a test is interrupted. Thanks, @​LBaronceli!
• #5716 & #5990 Fixes WebSocket bufferedAmount not being incremented when sending TypedArrays, causing it to go negative. Thanks, @​prakharbirla-ng!
• #5814 & #5975 Fixes k6 cloud run --local-execution ignoring K6_CLOUD_PUSH_REF_ID and unconditionally creating a new test run instead of reusing the provided run ID. Thanks, @​Reranko05!
• #5786 Fixes swapped Min and Max values for Gauge metrics in Cloud output v2, which caused incorrect peak and floor values in cloud test result queries. Thanks, @​esquonk!
• #5785 Fixes a race condition in the browser module's handleExitEvent where Done() was signalled before the subscription was removed, causing tests to hang until the timeout.
• #5905 Fixes a deadlock where WebSocket connections hang forever during teardown when the server sends pings. A server ping arriving during shutdown could permanently stall the k6 process.
• #5923 & #5989 Fixes a nil pointer panic in ElementHandle.DefaultTimeout (and any method that calls it, such as GetAttribute) when invoked on a nil or partially-initialized handle. Thanks, @​SAY-5!

... (truncated)

Commits

• 23d89b9 Bump version to v1.8.0
• d388fd0 Add v1.8.0 release notes (#6051)
• 636f081 chore(docker): bump images in Dockerfile
• 0c72fa6 fix(deps): update go toolchain directive to v1.25.11 [security]
• e7dcaac Merge pull request #6047 from grafana/renovate/v1.x-golangx
• 06307f6 fix(deps): update module golang.org/x/crypto to v0.52.0 [security]
• 3a8cea5 Move Docker Hub publishing to GAR mirror (#6035)
• 3f8495a fix(security/unknown): update module golang.org/x/net to v0.55.0 [security]
• 9a94e41 Wire k6provider structured logging into k6 (#5845)
• 0963ffe chore(deps): bump k6provider to v0.5.0 and drop vendored k6build
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)