Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the go-dependencies group across 1 directory with 8 updates #38

Closed
wants to merge 1 commit into from
Closed

build(deps): bump the go-dependencies group across 1 directory with 8 updates #38

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 13, 2024
edited
Loading

Bumps the go-dependencies group with 4 updates in the / directory: github.com/buildpacks/lifecycle, github.com/onsi/gomega, golang.org/x/crypto and golang.org/x/oauth2.

Updates github.com/buildpacks/lifecycle from 0.19.3 to 0.19.5

Release notes

Sourced from github.com/buildpacks/lifecycle's releases.

lifecycle v0.19.5

Welcome to v0.19.5, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.19.5.

Bugfixes

  • The detector, when determining if a base image satisfies target constraints declared by a buildpack, also uses information from /etc/os-release when distro information is not present in the run image labels (buildpacks/lifecycle#1352 by @​natalieparellano)

Full Changelog: buildpacks/lifecycle@v0.19.4...release/0.19.5

lifecycle v0.19.4

Welcome to v0.19.4, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.19.4.

Features

Bugfixes

  • The lifecycle, when finding run image target information, will fall back to reading /etc/os-release when distro information is not present in the run image labels (#1347 by @​pbusko)
  • The lifecycle, when determining if a base image satisfies target constraints declared by a buildpack, fails if the buildpack declares distro information but the base image does not (fixes spec compliance) (#1348 by @​natalieparellano)

Library Changes

... (truncated)

Commits
  • 83efa75 Also read distro information from /etc/os-release when checking target compat...
  • c0590cd Bump the go-dependencies group with 2 updates (#1351)
  • 8a14842 Bump the go-dependencies group across 1 directory with 5 updates (#1349)
  • effdf24 Read /etc/os-release file when distro information is not present in labels ...
  • 44b7041 When a buildpack declares distro information, but a base image does not, (#1348)
  • 13d3691 Try to fix test-s390x workflow (#1339)
  • 37d6985 Bump imgutil to pick up fix from buildpacks/imgutil#2...
  • 82fdf23 Bump imgutil and docker (#1335)
  • 27ee435 Initialize default LayerMetadataRestorer and SBOMRestorer if none provided (#...
  • See full diff in compare view

Updates github.com/docker/docker from 25.0.5+incompatible to 26.1.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v26.1.1

26.1.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Fix docker run -d printing an context canceled spurious error when OTEL is configured. docker/cli#5044
  • Experimental environment variable DOCKER_BRIDGE_PRESERVE_KERNEL_LL=1 will prevent the daemon from removing the kernel-assigned link local address on a Linux bridge. moby/moby#47775
  • Resolve an issue preventing container creation on hosts with a read-only /proc/sys/net filesystem. If IPv6 cannot be disabled on an interface due to this, either disable IPv6 by default on the host or ensure /proc/sys/net is read-write. Otherwise, start dockerd with DOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE=1 to bypass the error. moby/moby#47769

[!NOTE] The DOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE is added as a temporary fix and will be phased out in a future major release after simplifying the IPv6 enablement process.

Packaging updates

v26.1.0

26.1.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

New

Bug fixes and enhancements

  • Native Windows containers are configured with an internal DNS server for container name resolution, and external DNS servers for other lookups. Not all resolvers, including nslookup, fall back to the external resolvers when they get a SERVFAIL answer from the internal server. So, the internal DNS server can now be configured to forward requests to the external resolvers, by setting "features": {"windows-dns-proxy": true } in the daemon.json file. moby/moby#47584

[!NOTE] This will be the new default behavior in Docker Engine 27.0.

[!WARNING] The windows-dns-proxy feature flag will be removed in a future release.

  • Swarm: Fix Subpath not being passed to the container config. moby/moby#47711
  • Classic builder: Fix cache miss on WORKDIR <directory>/ build step (directory with a trailing slash). moby/moby#47723
  • containerd image store: Fix docker images failing when any image in the store has unexpected target. moby/moby#47738

... (truncated)

Commits
  • ac2de55 Merge pull request #47775 from vvoland/v26.1-47771
  • 9a2b531 Merge pull request #47774 from vvoland/v26.1-47769
  • 2f5bbbe Option to avoid deleting the kernel_ll address from bridges.
  • 4061808 Allow for a read-only "/proc/sys/net".
  • 21da192 Merge pull request #47767 from austinvazquez/cherry-pick-eeec716e332e5c058dfe...
  • 2c91196 Update containerd to v1.7.16
  • a9a8787 Merge pull request #47762 from tonistiigi/26.1-update-buildkit-v0.13.2
  • c9689ec vendor: update buildkit to v0.13.2
  • c8af8eb Merge pull request #47738 from vvoland/c8d-walk-image-badimagetarget
  • 7d95fe8 c8d/list: Ignore unexpected image target
  • Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.33.0 to 1.33.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.33.1

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.33.1

Fixes

  • fix confusing eventually docs [3a66379]

Maintenance

  • Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]
Commits

Updates golang.org/x/crypto from 0.22.0 to 0.23.0

Commits
  • 905d78a go.mod: update golang.org/x dependencies
  • ebb717d ssh: validate key type in SSH_MSG_USERAUTH_PK_OK response
  • 0da2a6a openpgp: fix function name in comment
  • 5defcc1 sha3: fix Sum results for SHAKE functions on s390x
  • See full diff in compare view

Updates golang.org/x/oauth2 from 0.19.0 to 0.20.0

Commits
  • 84cb9f7 oauth2: fix typo in comment
  • 4b7f0bd go.mod: update cloud.google.com/go/compute/metadata dependency
  • e11eea8 microsoft: added DeviceAuthURL to AzureADEndpoint
  • See full diff in compare view

Updates golang.org/x/sys from 0.19.0 to 0.20.0

Commits
  • 7d69d98 unix: extend support for z/OS
  • 7758090 cpu: add support for sve2 detection
  • 9a28524 windows: drop go version tags for unsupported versions
  • 27dc90b unix: update to Linux kernel 6.4
  • See full diff in compare view

Updates golang.org/x/term from 0.19.0 to 0.20.0

Commits

Updates golang.org/x/text from 0.14.0 to 0.15.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the go-dependencies group across 1 directory with 8…
e30094a 
… updates

Bumps the go-dependencies group with 4 updates in the / directory: [github.com/buildpacks/lifecycle](https://github.com/buildpacks/lifecycle), [github.com/onsi/gomega](https://github.com/onsi/gomega), [golang.org/x/crypto](https://github.com/golang/crypto) and [golang.org/x/oauth2](https://github.com/golang/oauth2).


Updates `github.com/buildpacks/lifecycle` from 0.19.3 to 0.19.5
- [Release notes](https://github.com/buildpacks/lifecycle/releases)
- [Changelog](https://github.com/buildpacks/lifecycle/blob/main/RELEASE.md)
- [Commits](buildpacks/lifecycle@v0.19.3...v0.19.5)

Updates `github.com/docker/docker` from 25.0.5+incompatible to 26.1.1+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v25.0.5...v26.1.1)

Updates `github.com/onsi/gomega` from 1.33.0 to 1.33.1
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.33.0...v1.33.1)

Updates `golang.org/x/crypto` from 0.22.0 to 0.23.0
- [Commits](golang/crypto@v0.22.0...v0.23.0)

Updates `golang.org/x/oauth2` from 0.19.0 to 0.20.0
- [Commits](golang/oauth2@v0.19.0...v0.20.0)

Updates `golang.org/x/sys` from 0.19.0 to 0.20.0
- [Commits](golang/sys@v0.19.0...v0.20.0)

Updates `golang.org/x/term` from 0.19.0 to 0.20.0
- [Commits](golang/term@v0.19.0...v0.20.0)

Updates `golang.org/x/text` from 0.14.0 to 0.15.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: github.com/buildpacks/lifecycle
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: go-dependencies
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/term
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested review from a team as code owners May 13, 2024 23:19
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code type/chore labels May 13, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 20, 2024

Superseded by #39.

@dependabot dependabot bot closed this May 20, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-dependencies-bddbdba53e branch May 20, 2024 23:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code type/chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants