build(deps): bump the go-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the go-dependencies group with 4 updates in the / directory: github.com/buildpacks/lifecycle, github.com/onsi/gomega, golang.org/x/crypto and golang.org/x/oauth2.

Updates github.com/buildpacks/lifecycle from 0.19.3 to 0.19.6

Release notes

Sourced from github.com/buildpacks/lifecycle's releases.

lifecycle v0.19.6

Welcome to v0.19.6, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.19.6.

Bugfixes

• More fixes for target compat checking during detect (buildpacks/lifecycle#1354 by @​natalieparellano)

Full Changelog: buildpacks/lifecycle@v0.19.5...release/0.19.6

lifecycle v0.19.5

Welcome to v0.19.5, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.19.5.

Bugfixes

• The detector, when determining if a base image satisfies target constraints declared by a buildpack, also uses information from /etc/os-release when distro information is not present in the run image labels (buildpacks/lifecycle#1352 by @​natalieparellano)

Full Changelog: buildpacks/lifecycle@v0.19.4...release/0.19.5

lifecycle v0.19.4

Welcome to v0.19.4, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

... (truncated)

Commits

• 73f6927 More fixes for target compat checking during detect (#1354)
• 1a1de08 fix: ibmcloud CLI nic attachment issue for s390x testing (#1353)
• 83efa75 Also read distro information from /etc/os-release when checking target compat...
• c0590cd Bump the go-dependencies group with 2 updates (#1351)
• 8a14842 Bump the go-dependencies group across 1 directory with 5 updates (#1349)
• effdf24 Read /etc/os-release file when distro information is not present in labels ...
• 44b7041 When a buildpack declares distro information, but a base image does not, (#1348)
• 13d3691 Try to fix test-s390x workflow (#1339)
• 37d6985 Bump imgutil to pick up fix from buildpacks/imgutil#2...
• 82fdf23 Bump imgutil and docker (#1335)
• Additional commits viewable in compare view

Updates github.com/docker/docker from 25.0.5+incompatible to 26.1.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v26.1.1

26.1.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.1.1 milestone
• moby/moby, 26.1.1 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix docker run -d printing an context canceled spurious error when OTEL is configured. docker/cli#5044
• Experimental environment variable DOCKER_BRIDGE_PRESERVE_KERNEL_LL=1 will prevent the daemon from removing the kernel-assigned link local address on a Linux bridge. moby/moby#47775
• Resolve an issue preventing container creation on hosts with a read-only /proc/sys/net filesystem. If IPv6 cannot be disabled on an interface due to this, either disable IPv6 by default on the host or ensure /proc/sys/net is read-write. Otherwise, start dockerd with DOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE=1 to bypass the error. moby/moby#47769

[!NOTE] The DOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE is added as a temporary fix and will be phased out in a future major release after simplifying the IPv6 enablement process.

Packaging updates

• Update BuildKit to v0.13.2. moby/moby#47762
• Update Compose to v2.27.0. docker/docker-ce-packages#1017

v26.1.0

26.1.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.1.0 milestone
• moby/moby, 26.1.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Add configurable OpenTelemetry utilities and basic instrumentation to commands. For more information, see OpenTelemetry for the Docker CLI. docker/cli#4889

Bug fixes and enhancements

• Native Windows containers are configured with an internal DNS server for container name resolution, and external DNS servers for other lookups. Not all resolvers, including nslookup, fall back to the external resolvers when they get a SERVFAIL answer from the internal server. So, the internal DNS server can now be configured to forward requests to the external resolvers, by setting "features": {"windows-dns-proxy": true } in the daemon.json file. moby/moby#47584

[!NOTE] This will be the new default behavior in Docker Engine 27.0.

[!WARNING] The windows-dns-proxy feature flag will be removed in a future release.

• Swarm: Fix Subpath not being passed to the container config. moby/moby#47711
• Classic builder: Fix cache miss on WORKDIR <directory>/ build step (directory with a trailing slash). moby/moby#47723
• containerd image store: Fix docker images failing when any image in the store has unexpected target. moby/moby#47738

... (truncated)

Commits

• ac2de55 Merge pull request #47775 from vvoland/v26.1-47771
• 9a2b531 Merge pull request #47774 from vvoland/v26.1-47769
• 2f5bbbe Option to avoid deleting the kernel_ll address from bridges.
• 4061808 Allow for a read-only "/proc/sys/net".
• 21da192 Merge pull request #47767 from austinvazquez/cherry-pick-eeec716e332e5c058dfe...
• 2c91196 Update containerd to v1.7.16
• a9a8787 Merge pull request #47762 from tonistiigi/26.1-update-buildkit-v0.13.2
• c9689ec vendor: update buildkit to v0.13.2
• c8af8eb Merge pull request #47738 from vvoland/c8d-walk-image-badimagetarget
• 7d95fe8 c8d/list: Ignore unexpected image target
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.33.0 to 1.33.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.33.1

1.33.1

Fixes

• fix confusing eventually docs [3a66379]

Maintenance

• Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.33.1

Fixes

• fix confusing eventually docs [3a66379]

Maintenance

• Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 [e9bc35a]

Commits

• 8a658bb v1.33.1
• e9bc35a Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2
• 3a66379 fix confusing eventually docs
• See full diff in compare view

Updates golang.org/x/crypto from 0.22.0 to 0.23.0

Commits

• 905d78a go.mod: update golang.org/x dependencies
• ebb717d ssh: validate key type in SSH_MSG_USERAUTH_PK_OK response
• 0da2a6a openpgp: fix function name in comment
• 5defcc1 sha3: fix Sum results for SHAKE functions on s390x
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.19.0 to 0.20.0

Commits

• 84cb9f7 oauth2: fix typo in comment
• 4b7f0bd go.mod: update cloud.google.com/go/compute/metadata dependency
• e11eea8 microsoft: added DeviceAuthURL to AzureADEndpoint
• See full diff in compare view

Updates golang.org/x/sys from 0.19.0 to 0.20.0

Commits

• 7d69d98 unix: extend support for z/OS
• 7758090 cpu: add support for sve2 detection
• 9a28524 windows: drop go version tags for unsupported versions
• 27dc90b unix: update to Linux kernel 6.4
• See full diff in compare view

Updates golang.org/x/term from 0.19.0 to 0.20.0

Commits

• 46c790f go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates golang.org/x/text from 0.14.0 to 0.15.0

Commits

• 8d533a0 encoding/charmap: update UCM spec file URL prefix
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.