Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the go-dependencies group across 1 directory with 7 updates #1472

Closed
wants to merge 1 commit into from
Closed

Bump the go-dependencies group across 1 directory with 7 updates #1472

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 28, 2025
edited
Loading

Bumps the go-dependencies group with 7 updates in the / directory:

Package From To
github.com/awslabs/amazon-ecr-credential-helper/ecr-login 0.0.0-20240419161514-af205d85bb44 0.9.1
github.com/containerd/containerd 1.7.24 1.7.26
github.com/google/go-cmp 0.6.0 0.7.0
github.com/google/go-containerregistry 0.20.2 0.20.3
github.com/moby/buildkit 0.14.1 0.20.0
golang.org/x/sync 0.10.0 0.11.0
golang.org/x/sys 0.29.0 0.30.0

Updates github.com/awslabs/amazon-ecr-credential-helper/ecr-login from 0.0.0-20240419161514-af205d85bb44 to 0.9.1

Release notes

Sourced from github.com/awslabs/amazon-ecr-credential-helper/ecr-login's releases.

Amazon ECR Credential Helper - Release v0.9.1

  • Drop golang 1.21 support.
  • Upgrade dependencies.

Assets

Amazon ECR Credential Helper - Release v0.9.0

  • Enhancement - Added support for environment variable AWS_ECR_IGNORE_CREDS_STORAGE=true to ignore ADD and DELETE requests. This makes tools that try to docker login work with registries managed the amazon-ecr-credential-helper. (#102 and #847)
  • Enhancement - Updated ECR pattern for new isolated regions. (#850)
  • Upgraded dependencies.

Assets

Amazon ECR Credential Helper - Release v0.8.0

  • Enhancement - Updated ECR pattern to match C2S environments. (#433)
  • Feature (Experimental) - Added support for building Windows ARM credential helper binaries. (#795)

Assets

Amazon ECR Credential Helper - Release v0.7.1

... (truncated)

Changelog

Sourced from github.com/awslabs/amazon-ecr-credential-helper/ecr-login's changelog.

0.9.1

  • Drop golang 1.21 support.
  • Upgrade dependencies.

0.9.0

  • Enhancement - Added support for environment variable AWS_ECR_IGNORE_CREDS_STORAGE=true to ignore ADD and DELETE requests. This makes tools that try to docker login work with registries managed the amazon-ecr-credential-helper. (#102 and #847)
  • Enhancement - Updated ECR pattern for new isolated regions. (#850)
  • Upgraded dependencies.

0.8.0

  • Enhancement - Updated ECR pattern to match C2S environments. (#433)
  • Feature (Experimental) - Added support for building Windows ARM credential helper binaries. (#795)

0.7.1

Note: v0.7.1 is functionally equivalent to v0.7.0. We have decided to create a duplicate release to reflect a more accurate changelog, since our v0.7.0 release did not contain any direct/indirect security patches.

  • Feature - Allow callers to set log output. (#309 and #312)
  • Upgrade dependencies for bug fixes.

0.7.0

  • Feature - Allow callers to set log output. (#309 and #312)
  • Upgrade dependencies for bug fixes and security patches.

0.6.0

  • Feature - Added support for AWS SSO (#229)
  • Feature - Added support to assume roles via EC2 instance metadata. (#282)
  • Feature - Added support for Apple Silicon (#291)
  • Enhancement - The AWS shared config file (~/.aws/config) is now always enabled. (AWS_SDK_LOAD_CONFIG environment variable is no longer supported) (#282)

0.5.0

  • Feature - Added support for ECR Public (#253)
  • Feature - Added support for EC2 IMDSv2 (#240)
  • Enhancement - The AWS shared config file (~/.aws/config) is now enabled by default. This can be disabled by setting the environment variable AWS_SDK_LOAD_CONFIG to false (#201)
  • Bug - Fixed an issue where output from a credential_process was sometimes too big for the default buffer (#240)

0.4.0

  • Feature - Added support for chaining assumed roles in the shared config file (~/.aws/config) defined by source_profile and credential_source (#177)
  • Feature - Added support for Web Identities and IAM Roles for Service Accounts (IRSA) with Kubernetes (#183)
  • Bug - Fixed the make docker target when the credential helper git repository is used as a git submodule (#184)

0.3.1

  • Bug - Log directory is now automatically created when the helper runs

... (truncated)

Commits

Updates github.com/containerd/containerd from 1.7.24 to 1.7.26

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.26

Welcome to the v1.7.26 release of containerd!

The twenty-sixth patch release for containerd 1.7 contains various fixes and updates.

Highlights

Container Runtime Interface (CRI)

  • Fix fatal concurrency error in port forwarding (#11306)

Node Resource Interface (NRI)

Runtime

  • Fix console TTY leak in runc shim (#11250)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Krisztian Litkey
  • Mike Brown
  • Samuel Karp
  • Wei Fu
  • Phil Estes
  • Derek McGowan
  • Iceber Gu
  • Akhil Mohan
  • Antonio Ojea
  • Austin Vazquez
  • Henry Wang
  • Jin Dong

... (truncated)

Commits
  • 753481e Merge pull request #11356 from austinvazquez/release-1.7.26
  • f18cc46 Merge pull request #11434 from pendo324/upgrade-1.7-x/net
  • 3486bc8 Upgrade x/net to 0.33.0
  • b538857 Merge pull request #11419 from akhilerm/1.7-update-go1.24
  • 9025d30 update build to go1.23.6, test go1.24.0
  • 9f40863 Merge pull request #11358 from samuelkarp/pr-11019-1.7
  • 9dbb9ed Merge pull request #11267 from tboevil/pick-syncfs
  • ceba197 Prepare release notes for v1.7.26
  • e9ea1c5 Merge pull request #11395 from k8s-infra-cherrypick-robot/cherry-pick-11388-t...
  • 27c472a Update runc binary to v1.2.5
  • Additional commits viewable in compare view

Updates github.com/google/go-cmp from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

  • (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

  • (#370) Detect proto.Message types when failing to export a field
Commits

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

New Contributors

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

Updates github.com/moby/buildkit from 0.14.1 to 0.20.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.20.0

Welcome to the v0.20.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • CrazyMax
  • Tõnis Tiigi
  • Sebastiaan van Stijn
  • Jonathan A. Sternberg
  • Akihiro Suda
  • Anthony Nandaa
  • Shaun Thompson
  • Austin Vazquez
  • Bertrand Paquet
  • Brian Goff
  • Pranav Pandit

Notable Changes

  • Builtin Dockerfile frontend has been updated to v1.14.0
  • Github Actions cache backend has been updated to support v2 API. Github is expected to stop supporting V1 API from March 1st 2025. #5720 #5750 #5754
  • Support for CDI (Container Device Interface) devices has been added allowing builds to use GPUs and other defined devices. Build steps can now request devices to be injected into the container, if they are permitted to do so. In Dockerfile, devices are currently available in the labs channel. #4056 #5722 #5726 #5729 #5742
  • History record APIs now support server-side filters and limiting amount of records returned. #5705
  • Update Runc to v1.2.5. #5741
  • Embedded binfmt emulators in the release image have been updated to QEMU v9.2.0 #5695 #5736
  • Fix possible errors from credentials expiration for long builds. #5684
  • Fix possible crash from S3 remote cache backend. #5597
  • Fix possible record leak in Bolt database. #5692
  • Fix invalid warning messages when running subrequests (e.g. check, outline) for a specific platform. #5730

Dependency Changes

  • github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 -> v1.16.0
  • github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 -> v1.8.0
  • github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 -> v1.10.0
  • github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.4.1 -> v1.5.0
  • github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 -> v1.3.2
  • github.com/containerd/cgroups/v3 v3.0.3 -> v3.0.5
  • github.com/containerd/fuse-overlayfs-snapshotter/v2 v2.1.0 -> v2.1.1
  • github.com/containerd/go-cni v1.1.11 -> v1.1.12
  • github.com/docker/cli v27.5.0 -> v27.5.1
  • github.com/docker/docker v27.5.0 -> v27.5.1
  • github.com/moby/term v0.5.0 -> v0.5.2
  • github.com/package-url/packageurl-go 89078438f170 -> v0.1.1
  • github.com/petermattis/goid 4fcff4a6cae7 new

... (truncated)

Commits
  • 121ecd5 Merge pull request #5761 from jsternberg/v0.20.0-picks
  • c7153d1 cache(gha): fix missing user-agent for importer
  • c016cda cache(gha): set user-agent for github cache service requests
  • 6cad2f9 Merge pull request #5755 from crazy-max/0.20_backport_rc3
  • b0f75aa test: handle gha cache v2
  • 5ae6c31 buildctl: set fallback url for gha cache
  • 61f13c0 dockerfile: update runc to 1.2.5
  • 281e8c9 client: test cdi entitlement
  • f901bcc cdi: test find devices
  • e500309 cdi: keep auto refresh
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits
  • fe3591b sync/errgroup: improve documentation for semaphore limit behavior
  • See full diff in compare view

Updates golang.org/x/sys from 0.29.0 to 0.30.0

Commits
  • 863b3c4 unix: update glibc to 2.41
  • 4d4692e unix: add Auxv
  • b215a1c unix: update to Linux kernel 6.13
  • c756214 cpu: add support for AVX-VNNI and IFMA detection
  • 1c14dca unix: add GetPeerUcred and UcredGet for solaris
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested a review from a team as a code owner February 28, 2025 15:42
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 28, 2025
@dependabot dependabot bot mentioned this pull request Feb 28, 2025
Closed
@jabrown85
Copy link
Contributor

@dependabot recreate

@dependabot
Bump the go-dependencies group across 1 directory with 7 updates
e0ac252 
Bumps the go-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/awslabs/amazon-ecr-credential-helper/ecr-login](https://github.com/awslabs/amazon-ecr-credential-helper) | `0.0.0-20240419161514-af205d85bb44` | `0.9.1` |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.24` | `1.7.26` |
| [github.com/google/go-cmp](https://github.com/google/go-cmp) | `0.6.0` | `0.7.0` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.20.2` | `0.20.3` |
| [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.14.1` | `0.20.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.10.0` | `0.11.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.29.0` | `0.30.0` |



Updates `github.com/awslabs/amazon-ecr-credential-helper/ecr-login` from 0.0.0-20240419161514-af205d85bb44 to 0.9.1
- [Release notes](https://github.com/awslabs/amazon-ecr-credential-helper/releases)
- [Changelog](https://github.com/awslabs/amazon-ecr-credential-helper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/awslabs/amazon-ecr-credential-helper/commits/v0.9.1)

Updates `github.com/containerd/containerd` from 1.7.24 to 1.7.26
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.24...v1.7.26)

Updates `github.com/google/go-cmp` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](google/go-cmp@v0.6.0...v0.7.0)

Updates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.3
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.20.2...v0.20.3)

Updates `github.com/moby/buildkit` from 0.14.1 to 0.20.0
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](moby/buildkit@v0.14.1...v0.20.0)

Updates `golang.org/x/sync` from 0.10.0 to 0.11.0
- [Commits](golang/sync@v0.10.0...v0.11.0)

Updates `golang.org/x/sys` from 0.29.0 to 0.30.0
- [Commits](golang/sys@v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: github.com/awslabs/amazon-ecr-credential-helper/ecr-login
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/containerd/containerd
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/moby/buildkit
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/go-dependencies-3441130c25 branch from d7511c8 to e0ac252 Compare February 28, 2025 19:20
@jabrown85
Copy link
Contributor

@dependabot ignore github.com/moby/buildkit minor version

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 28, 2025

OK, I won't notify you about version 0.20.x of github.com/moby/buildkit again, unless you unignore it.

@jabrown85
Copy link
Contributor

@dependabot recreate

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 28, 2025

Superseded by #1474.

@dependabot dependabot bot closed this Feb 28, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/go-dependencies-3441130c25 branch February 28, 2025 19:39
@jabrown85
Copy link
Contributor

@dependabot ignore github.com/moby/buildkit

The shell change was introduced in 0.15.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jabrown85