From b14accb3d4997fbb44cd212c1f4606ce147553c7 Mon Sep 17 00:00:00 2001
From: Stephen Augustus <foo@auggie.dev>
Date: Mon, 22 Feb 2021 09:58:12 -0500
Subject: [PATCH] dependencies.yaml: Pin zeitgeist version and add comment
 about usage

Signed-off-by: Stephen Augustus <foo@auggie.dev>
---
 build/dependencies.yaml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/build/dependencies.yaml b/build/dependencies.yaml
index 243a3d2c383..7205d7145af 100644
--- a/build/dependencies.yaml
+++ b/build/dependencies.yaml
@@ -1,4 +1,21 @@
 dependencies:
+  # zeitgeist (https://github.com/kubernetes-sigs/zeitgeist) was inspired by
+  # (and now replaces) the cmd/verifydependencies tool to verify external
+  # dependencies across the repo.
+  #
+  # The zeitgeist dependencies.yaml file format is intended to be
+  # backwards-compatible with the original tooling.
+  #
+  # In instances where the file format may change across versions, this meta
+  # dependency check exists to ensure we're pinned to a known good version.
+  #
+  # ref: https://github.com/kubernetes/kubernetes/pull/98845
+  - name: "zeitgeist"
+    version: "v0.1.1-0.20210222132743-e06e27751b7f"
+    refPaths:
+    - path: hack/tools/go.mod
+      match: sigs.k8s.io/zeitgeist\ v(?P<major>0|[1-9]\d*)\.(?P<minor>0|[1-9]\d*)\.(?P<patch>0|[1-9]\d*)(?:-(?P<prerelease>(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+(?P<buildmetadata>[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?
+
   # agnhost: bump this one first
   - name: "agnhost"
     version: "2.28"