chore(deps): bump tailscale.com from 1.96.5 to 1.98.1

[dependabot]

Bumps tailscale.com from 1.96.5 to 1.98.1.

Commits

• 87ab419 VERSION.txt: this is v1.98.1
• bdcb71a tsnet: make workload identity federation opt-in
• 06a48f5 tsnet: ban awsstore and kubestore as deps in TestDeps
• f2d5ef7 VERSION.txt: this is v1.98.0
• aa21b0c client/systray: fix recommended exit node not showing as selected (#19627)
• eac531d cmd/tailscale/cli: unhide --report posture flag in up
• 883d4fd wgengine/netstack, net/ping: stop using pro-bing and use our net/ping instead
• 81569e8 tstest/iosdeps: update import list to mirror ipn-go-bridge
• 9bb7ca6 cmd/vet/lowerell, drive/driveimpl: forbid variables named "l" or "I"
• 0cf8996 util/linuxfw/linuxfwtest: remove unused package (#19520)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cursor]

PR Summary

Medium Risk
Updates a core networking dependency (tailscale.com/tsnet) used by the authz service, which could subtly change connectivity/auth behavior despite being a version bump. Go module graph changes (including indirect deps) can also introduce build/runtime differences across platforms.

Overview
Upgrades tailscale.com from v1.96.5 to v1.98.1 and refreshes associated indirect Tailscale/WireGuard dependencies in go.mod/go.sum.

Also bumps the Go patch version (go 1.26.1 → 1.26.2) and updates/removes several indirect modules (notably github.com/klauspost/compress, golang.org/x/oauth2, and Docker-related sums) as a result of the dependency resolution.

^{Reviewed by Cursor Bugbot for commit 59a941c. Bugbot is set up for automated code reviews on this repo. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	golang/​tailscale.com@​v1.96.5 ⏵ v1.98.1

View full report