Bump the go-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the go-dependencies group with 7 updates in the / directory:

Package	From	To
github.com/awslabs/amazon-ecr-credential-helper/ecr-login	0.0.0-20240419161514-af205d85bb44	0.9.1
github.com/containerd/containerd	1.7.24	1.7.26
github.com/google/go-cmp	0.6.0	0.7.0
github.com/google/go-containerregistry	0.20.2	0.20.3
github.com/moby/buildkit	0.14.1	0.20.0
golang.org/x/sync	0.10.0	0.11.0
golang.org/x/sys	0.29.0	0.30.0

Updates github.com/awslabs/amazon-ecr-credential-helper/ecr-login from 0.0.0-20240419161514-af205d85bb44 to 0.9.1

Release notes

Sourced from github.com/awslabs/amazon-ecr-credential-helper/ecr-login's releases.

Amazon ECR Credential Helper - Release v0.9.1

• Drop golang 1.21 support.
• Upgrade dependencies.

Assets

• release.tar.gz (SHA256)
• release-novendor.tar.gz (SHA256)
• linux-amd64/docker-credential-ecr-login (SHA256)
• linux-arm64/docker-credential-ecr-login (SHA256)
• darwin-amd64/docker-credential-ecr-login (SHA256)
• darwin-arm64/docker-credential-ecr-login (SHA256)
• windows-amd64/docker-credential-ecr-login.exe (SHA256)
• windows-arm64/docker-credential-ecr-login.exe (SHA256)

Amazon ECR Credential Helper - Release v0.9.0

• Enhancement - Added support for environment variable AWS_ECR_IGNORE_CREDS_STORAGE=true to ignore ADD and DELETE requests. This makes tools that try to docker login work with registries managed the amazon-ecr-credential-helper. (#102 and #847)
• Enhancement - Updated ECR pattern for new isolated regions. (#850)
• Upgraded dependencies.

Assets

• release.tar.gz (SHA256)
• release-novendor.tar.gz (SHA256)
• linux-amd64/docker-credential-ecr-login (SHA256)
• linux-arm64/docker-credential-ecr-login (SHA256)
• darwin-amd64/docker-credential-ecr-login (SHA256)
• darwin-arm64/docker-credential-ecr-login (SHA256)
• windows-amd64/docker-credential-ecr-login.exe (SHA256)
• windows-arm64/docker-credential-ecr-login.exe (SHA256)

Amazon ECR Credential Helper - Release v0.8.0

• Enhancement - Updated ECR pattern to match C2S environments. (#433)
• Feature (Experimental) - Added support for building Windows ARM credential helper binaries. (#795)

Assets

• release.tar.gz (SHA256)
• release-novendor.tar.gz (SHA256)
• linux-amd64/docker-credential-ecr-login (SHA256)
• linux-arm64/docker-credential-ecr-login (SHA256)
• darwin-amd64/docker-credential-ecr-login (SHA256)
• darwin-arm64/docker-credential-ecr-login (SHA256)
• windows-amd64/docker-credential-ecr-login.exe (SHA256)
• windows-arm64/docker-credential-ecr-login.exe (SHA256)

Amazon ECR Credential Helper - Release v0.7.1

... (truncated)

Changelog

Sourced from github.com/awslabs/amazon-ecr-credential-helper/ecr-login's changelog.

0.9.1

• Drop golang 1.21 support.
• Upgrade dependencies.

0.9.0

• Enhancement - Added support for environment variable AWS_ECR_IGNORE_CREDS_STORAGE=true to ignore ADD and DELETE requests. This makes tools that try to docker login work with registries managed the amazon-ecr-credential-helper. (#102 and #847)
• Enhancement - Updated ECR pattern for new isolated regions. (#850)
• Upgraded dependencies.

0.8.0

• Enhancement - Updated ECR pattern to match C2S environments. (#433)
• Feature (Experimental) - Added support for building Windows ARM credential helper binaries. (#795)

0.7.1

Note: v0.7.1 is functionally equivalent to v0.7.0. We have decided to create a duplicate release to reflect a more accurate changelog, since our v0.7.0 release did not contain any direct/indirect security patches.

• Feature - Allow callers to set log output. (#309 and #312)
• Upgrade dependencies for bug fixes.

0.7.0

• Feature - Allow callers to set log output. (#309 and #312)
• Upgrade dependencies for bug fixes and security patches.

0.6.0

• Feature - Added support for AWS SSO (#229)
• Feature - Added support to assume roles via EC2 instance metadata. (#282)
• Feature - Added support for Apple Silicon (#291)
• Enhancement - The AWS shared config file (~/.aws/config) is now always enabled. (AWS_SDK_LOAD_CONFIG environment variable is no longer supported) (#282)

0.5.0

• Feature - Added support for ECR Public (#253)
• Feature - Added support for EC2 IMDSv2 (#240)
• Enhancement - The AWS shared config file (~/.aws/config) is now enabled by default. This can be disabled by setting the environment variable AWS_SDK_LOAD_CONFIG to false (#201)
• Bug - Fixed an issue where output from a credential_process was sometimes too big for the default buffer (#240)

0.4.0

• Feature - Added support for chaining assumed roles in the shared config file (~/.aws/config) defined by source_profile and credential_source (#177)
• Feature - Added support for Web Identities and IAM Roles for Service Accounts (IRSA) with Kubernetes (#183)
• Bug - Fixed the make docker target when the credential helper git repository is used as a git submodule (#184)

0.3.1

• Bug - Log directory is now automatically created when the helper runs

... (truncated)

Commits

• See full diff in compare view

Updates github.com/containerd/containerd from 1.7.24 to 1.7.26

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.26

Welcome to the v1.7.26 release of containerd!

The twenty-sixth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Add support for syncfs after unpack (#11267)
• Update runc binary to v1.2.5 (#11395)
• Fix race between serve and immediate shutdown on the server (containerd/ttrpc#175)
• Reject oversized messages from the sender (containerd/ttrpc#171)

Container Runtime Interface (CRI)

• Fix fatal concurrency error in port forwarding (#11306)

Node Resource Interface (NRI)

• Fix initial sync race when registering NRI plugins (#11326)
• Add API support for reading Pod IPs (containerd/nri#119)
• Fix plugin sync to use multiple messages if ttrpc max message limit is hit (containerd/nri#111)
• Update API to pass configured timeouts to plugins. (containerd/nri#109)
• Fix mount removal in adjustments (containerd/nri#107)
• Close plugin if initial synchronization fails (containerd/nri#103)
• Add support for adjusting OOM score (containerd/nri#94)
• Add API support for NRI-native CDI injection (containerd/nri#98)
• Add support for pids cgroup (containerd/nri#76)

Runtime

• Fix console TTY leak in runc shim (#11250)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Krisztian Litkey
• Mike Brown
• Samuel Karp
• Wei Fu
• Phil Estes
• Derek McGowan
• Iceber Gu
• Akhil Mohan
• Antonio Ojea
• Austin Vazquez
• Henry Wang
• Jin Dong

... (truncated)

Commits

• 753481e Merge pull request #11356 from austinvazquez/release-1.7.26
• f18cc46 Merge pull request #11434 from pendo324/upgrade-1.7-x/net
• 3486bc8 Upgrade x/net to 0.33.0
• b538857 Merge pull request #11419 from akhilerm/1.7-update-go1.24
• 9025d30 update build to go1.23.6, test go1.24.0
• 9f40863 Merge pull request #11358 from samuelkarp/pr-11019-1.7
• 9dbb9ed Merge pull request #11267 from tboevil/pick-syncfs
• ceba197 Prepare release notes for v1.7.26
• e9ea1c5 Merge pull request #11395 from k8s-infra-cherrypick-robot/cherry-pick-11388-t...
• 27c472a Update runc binary to v1.2.5
• Additional commits viewable in compare view

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

• (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

• (#370) Detect proto.Message types when failing to export a field

Commits

• 9b12f36 Detect proto.Message types when failing to export a field (#370)
• 4dd3d63 fix: type 'aribica' => 'arabica' (#368)
• 391980c Support compare functions with SortSlices and SortMaps (#367)
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/moby/buildkit from 0.14.1 to 0.20.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.20.0

Welcome to the v0.20.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• CrazyMax
• Tõnis Tiigi
• Sebastiaan van Stijn
• Jonathan A. Sternberg
• Akihiro Suda
• Anthony Nandaa
• Shaun Thompson
• Austin Vazquez
• Bertrand Paquet
• Brian Goff
• Pranav Pandit

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.14.0
• Github Actions cache backend has been updated to support v2 API. Github is expected to stop supporting V1 API from March 1st 2025. #5720 #5750 #5754
• Support for CDI (Container Device Interface) devices has been added allowing builds to use GPUs and other defined devices. Build steps can now request devices to be injected into the container, if they are permitted to do so. In Dockerfile, devices are currently available in the labs channel. #4056 #5722 #5726 #5729 #5742
• History record APIs now support server-side filters and limiting amount of records returned. #5705
• Update Runc to v1.2.5. #5741
• Embedded binfmt emulators in the release image have been updated to QEMU v9.2.0 #5695 #5736
• Fix possible errors from credentials expiration for long builds. #5684
• Fix possible crash from S3 remote cache backend. #5597
• Fix possible record leak in Bolt database. #5692
• Fix invalid warning messages when running subrequests (e.g. check, outline) for a specific platform. #5730

Dependency Changes

• github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 -> v1.16.0
• github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 -> v1.8.0
• github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 -> v1.10.0
• github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.4.1 -> v1.5.0
• github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 -> v1.3.2
• github.com/containerd/cgroups/v3 v3.0.3 -> v3.0.5
• github.com/containerd/fuse-overlayfs-snapshotter/v2 v2.1.0 -> v2.1.1
• github.com/containerd/go-cni v1.1.11 -> v1.1.12
• github.com/docker/cli v27.5.0 -> v27.5.1
• github.com/docker/docker v27.5.0 -> v27.5.1
• github.com/moby/term v0.5.0 -> v0.5.2
• github.com/package-url/packageurl-go 89078438f170 -> v0.1.1
• github.com/petermattis/goid 4fcff4a6cae7 new

... (truncated)

Commits

• 121ecd5 Merge pull request #5761 from jsternberg/v0.20.0-picks
• c7153d1 cache(gha): fix missing user-agent for importer
• c016cda cache(gha): set user-agent for github cache service requests
• 6cad2f9 Merge pull request #5755 from crazy-max/0.20_backport_rc3
• b0f75aa test: handle gha cache v2
• 5ae6c31 buildctl: set fallback url for gha cache
• 61f13c0 dockerfile: update runc to 1.2.5
• 281e8c9 client: test cdi entitlement
• f901bcc cdi: test find devices
• e500309 cdi: keep auto refresh
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits

• fe3591b sync/errgroup: improve documentation for semaphore limit behavior
• See full diff in compare view

Updates golang.org/x/sys from 0.29.0 to 0.30.0

Commits

• 863b3c4 unix: update glibc to 2.41
• 4d4692e unix: add Auxv
• b215a1c unix: update to Linux kernel 6.13
• c756214 cpu: add support for AVX-VNNI and IFMA detection
• 1c14dca unix: add GetPeerUcred and UcredGet for solaris
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[jabrown85]

@dependabot recreate

[jabrown85]

@dependabot ignore github.com/moby/buildkit minor version

[dependabot]

OK, I won't notify you about version 0.20.x of github.com/moby/buildkit again, unless you unignore it.

[jabrown85]

@dependabot recreate

[dependabot]

Superseded by #1474.

[jabrown85]

@dependabot ignore github.com/moby/buildkit

The shell change was introduced in 0.15.0