Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the go-dependencies group across 1 directory with 5 updates #57

Closed
wants to merge 1 commit into from
Closed

build(deps): bump the go-dependencies group across 1 directory with 5 updates #57

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jul 22, 2024
edited
Loading

Bumps the go-dependencies group with 4 updates in the / directory: github.com/BurntSushi/toml, github.com/GoogleContainerTools/kaniko, github.com/buildpacks/lifecycle and github.com/google/go-containerregistry.

Updates github.com/BurntSushi/toml from 1.3.2 to 1.4.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.4.0

This version requires Go 1.18

  • Add toml.Marshal() (#405)

  • Require 2-digit hour (#320)

  • Wrap UnmarshalTOML() and UnmarshalText() return values in ParseError for position information (#398)

  • Fix inline tables with dotted keys inside inline arrays (e.g. k=[{a.b=1}]) (#400)

Commits
  • 1e2c053 Undeprecate PrimitiveDecode and MetaData.PrimitiveDecode()
  • f8f7e48 Update toml-test
  • 9a80667 Add -json flag to tomlv
  • 3203540 fuzz: move fuzz_targets from oss-fuzz (#406)
  • 77ce858 Add Marshal Function (#405)
  • 0e879cb Fix panic when trying to set subkey for a value that's not a table
  • c299e75 Update toml-test
  • 4223137 Fix inline tables with dotted keys inside inline arrays (#400)
  • 45e7e49 Update toml-test
  • c320c2d Fix utf8.RuneError test
  • Additional commits viewable in compare view

Updates github.com/GoogleContainerTools/kaniko from 1.22.0 to 1.23.2

Release notes

Sourced from github.com/GoogleContainerTools/kaniko's releases.

v1.23.2 Release 2024-07-09

The executor images in this release are:

gcr.io/kaniko-project/executor:v1.23.2
gcr.io/kaniko-project/executor:latest

The debug images are available at:

gcr.io/kaniko-project/executor:debug
gcr.io/kaniko-project/executor:v1.23.2-debug

The slim executor images which don't contain any authentication binaries are available at:

gcr.io/kaniko-project/executor:slim
gcr.io/kaniko-project/executor:v1.23.2-slim

v1.23.2 is a patch release updating kaniko dependency version. See below for the specific deps that were updated.

Dependency Updates:

  • chore(deps): bump github.com/moby/buildkit and github.com/docker/docker #3242
  • chore(deps): bump docker/build-push-action from 6.1.0 to 6.3.0 #3236
  • chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 #3235
  • chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 #3237
  • chore(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 #3238
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.1 to 1.17.5 #3239
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.16.24 to 1.17.1 #3220
  • chore(deps): bump docker/build-push-action from 6.0.0 to 6.1.0 #3218
  • chore(deps): bump google.golang.org/api from 0.183.0 to 0.185.0 #3219
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.55.1 to 1.56.1 #3221
  • chore(deps): bump docker/build-push-action from 5.3.0 to 6.0.0 #3212
  • chore(deps): bump cloud.google.com/go/storage from 1.41.0 to 1.42.0 #3204
  • chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 #3205
  • chore(deps): bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 #3206
  • chore(deps): bump imjasonh/setup-crane from 0.3 to 0.4 #3210
  • chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 #3190
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.16.21 to 1.16.24 #3191
  • chore(deps): bump google.golang.org/api from 0.182.0 to 0.183.0 #3192
  • chore(deps): bump github.com/containerd/containerd from 1.7.17 to 1.7.18 #3193
  • chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.27.0 to 1.27.2 #3194

Huge thank you for this release towards our contributors:

  • Aaron Prindle
  • dependabot[bot]

v1.23.1 Release 2024-06-07

The executor images in this release are:

... (truncated)

Changelog

Sourced from github.com/GoogleContainerTools/kaniko's changelog.

v1.23.2 Release 2024-07-09

The executor images in this release are:

gcr.io/kaniko-project/executor:v1.23.2
gcr.io/kaniko-project/executor:latest

The debug images are available at:

gcr.io/kaniko-project/executor:debug
gcr.io/kaniko-project/executor:v1.23.2-debug

The slim executor images which don't contain any authentication binaries are available at:

gcr.io/kaniko-project/executor:slim
gcr.io/kaniko-project/executor:v1.23.2-slim
  • deps: bump github.com/moby/buildkit and github.com/docker/docker #3242
  • chore(deps): bump docker/build-push-action from 6.1.0 to 6.3.0 #3236
  • chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 #3235
  • chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 #3237
  • chore(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 #3238
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.1 to 1.17.5 #3239
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.16.24 to 1.17.1 #3220
  • chore(deps): bump docker/build-push-action from 6.0.0 to 6.1.0 #3218
  • chore(deps): bump google.golang.org/api from 0.183.0 to 0.185.0 #3219
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.55.1 to 1.56.1 #3221
  • chore(deps): bump docker/build-push-action from 5.3.0 to 6.0.0 #3212
  • chore(deps): bump cloud.google.com/go/storage from 1.41.0 to 1.42.0 #3204
  • chore(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 #3205
  • chore(deps): bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 #3206
  • chore(deps): bump imjasonh/setup-crane from 0.3 to 0.4 #3210
  • chore(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 #3190
  • chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.16.21 to 1.16.24 #3191
  • chore(deps): bump google.golang.org/api from 0.182.0 to 0.183.0 #3192
  • chore(deps): bump github.com/containerd/containerd from 1.7.17 to 1.7.18 #3193
  • chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.27.0 to 1.27.2 #3194

Huge thank you for this release towards our contributors:

  • Aaron Prindle
  • dependabot[bot]

v1.23.1 Release 2024-06-07

The executor images in this release are:

gcr.io/kaniko-project/executor:v1.23.1
</tr></table>

... (truncated)

Commits
  • 1ae9a84 chore(release): release v1.23.2 (#3243)
  • 5283199 deps: bump github.com/moby/buildkit and github.com/docker/docker (#3242)
  • 38f1ad8 chore(deps): bump docker/build-push-action from 6.1.0 to 6.3.0 (#3236)
  • 1769774 chore(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0 (#3235)
  • 3dc85a1 chore(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 (#3237)
  • 22dfb05 chore(deps): bump google.golang.org/api from 0.185.0 to 0.187.0 (#3238)
  • c5d3495 chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager (#3239)
  • d6aab15 chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager (#3220)
  • 31f27d6 chore(deps): bump docker/build-push-action from 6.0.0 to 6.1.0 (#3218)
  • a3e7508 chore(deps): bump google.golang.org/api from 0.183.0 to 0.185.0 (#3219)
  • Additional commits viewable in compare view

Updates github.com/buildpacks/lifecycle from 0.19.6 to 0.20.0

Release notes

Sourced from github.com/buildpacks/lifecycle's releases.

lifecycle v0.20.0

Welcome to v0.20.0, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.20.0.

Features

  • The lifecycle, when encountering cache metadata for a layer that does not exist in the cache, will skip over the layer instead of failing the build (#1381 by @​joeybrown-sf)
  • When using Platform API 0.14 or greater, the restorer restores cached launch layers even if they are not found in the previous image (#1346 by @​pbusko)
  • When using Platform API 0.14 or greater, the restorer ensures read access to the run image selected by extensions (#1364 by @​pbusko)
  • The lifecycle surfaces the error from the registry (when it fails to verify image permissions) as an error instead of a debug message (#1376 by @​natalieparellano)
  • Bumps dependencies (#1375 and #1373)
  • Updates go to version 1.22.5

Bugfixes

  • The lifecycle, when populating target data for older platforms, populates OS & architecture as well as distro information (#1374 by @​natalieparellano)

Full Changelog: buildpacks/lifecycle@v0.19.7...release/0.20.0

Contributors

We'd like to acknowledge that this release wouldn't be as good without the help of the following amazing contributors:

@​edmorley, @​jabrown85, @​joeybrown-sf, @​natalieparellano, @​pbusko

lifecycle v0.19.7

Welcome to v0.19.7, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

... (truncated)

Commits
  • df6be88 Recover corrupted cache (#1381)
  • a87e12e Surface registry error (#1376)
  • 12e2de8 Bump google.golang.org/grpc from 1.64.0 to 1.64.1 (#1375)
  • 4c40dca Bump the go-dependencies group across 1 directory with 6 updates (#1373)
  • 04f1ad1 Fix CNB_TARGET_* env vars on older Platform API (#1374)
  • f2a3bd7 Restore cached launch layers not found in appLayers (#1346)
  • a02be03 Ensure read access to the run image selected by extensions (#1364)
  • 7b5a8ec Bump the go-dependencies group across 1 directory with 5 updates (#1360)
  • 36c0af0 Bump imgutil to pick up fixes for containerd and podman (#1361)
  • 85b745c Bump azure/docker-login from 1 to 2 (#1359)
  • See full diff in compare view

Updates github.com/docker/docker from 26.1.4+incompatible to 27.0.3+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.0.3

27.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Fix a regression that incorrectly reported a port mapping from a host IPv6 address to an IPv4-only container as an error. moby/moby#48090
  • Fix a regression that caused duplicate subnet allocations when creating networks. moby/moby#48089
  • Fix a regression resulting in "fail to register layer: failed to Lchown" errors when trying to pull an image with rootless enabled on a system that supports native overlay with user-namespaces. moby/moby#48086

v27.0.2

27.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Removed

  • api/types: deprecate ContainerJSONBase.Node field and ContainerNode type. These definitions were used by the standalone ("classic") Swarm API, but never implemented in the Docker Engine itself. moby/moby#48055

v27.0.1

27.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

New

  • containerd image store: Add --platform flag to docker image push and improve the default behavior when not all platforms of the multi-platform image are available locally. docker/cli#4984, moby/moby#47679
  • Add support to docker stack deploy for driver_opts in a service's networks. docker/cli#5125
  • Consider additional /usr/local/libexec and /usr/libexec paths when looking up the userland proxy binaries by a name with a docker- prefix. moby/moby#47804

Bug fixes and enhancements

... (truncated)

Commits
  • 662f78c Merge pull request #48090 from thaJeztah/27.0_backport_48067_fix_specific_ipv...
  • b86d9bd Merge pull request #48086 from thaJeztah/27.0_backport_fix_rootless_pull
  • 0dbc3ac Merge pull request #48087 from thaJeztah/27.0_backport_gofmt
  • 276a648 Fix incorrect validation of port mapping
  • 22aa07b Merge pull request #48089 from robmry/backport-27.0/48069_fix_overlapping_sub...
  • 23b8b02 Fix duplicate subnet allocations
  • bf222d6 fix some gofmt issues reported by goreportcard
  • f8231b5 daemon/graphdriver/overlay2: set TarOptions.InUserNS for native differ
  • b951474 pkg/archive: createTarFile: consistently use the same value for userns
  • c5794e2 pkg/archive: handleTarTypeBlockCharFifo: don't discard EPERM errors
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.0 to 0.20.1

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.1

What's Changed

Full Changelog: google/go-containerregistry@v0.20.0...v0.20.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the go-dependencies group across 1 directory with 5…
a7215bb 
… updates

Bumps the go-dependencies group with 4 updates in the / directory: [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml), [github.com/GoogleContainerTools/kaniko](https://github.com/GoogleContainerTools/kaniko), [github.com/buildpacks/lifecycle](https://github.com/buildpacks/lifecycle) and [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry).


Updates `github.com/BurntSushi/toml` from 1.3.2 to 1.4.0
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.3.2...v1.4.0)

Updates `github.com/GoogleContainerTools/kaniko` from 1.22.0 to 1.23.2
- [Release notes](https://github.com/GoogleContainerTools/kaniko/releases)
- [Changelog](https://github.com/GoogleContainerTools/kaniko/blob/main/CHANGELOG.md)
- [Commits](GoogleContainerTools/kaniko@v1.22.0...v1.23.2)

Updates `github.com/buildpacks/lifecycle` from 0.19.6 to 0.20.0
- [Release notes](https://github.com/buildpacks/lifecycle/releases)
- [Changelog](https://github.com/buildpacks/lifecycle/blob/main/RELEASE.md)
- [Commits](buildpacks/lifecycle@v0.19.6...v0.20.0)

Updates `github.com/docker/docker` from 26.1.4+incompatible to 27.0.3+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v26.1.4...v27.0.3)

Updates `github.com/google/go-containerregistry` from 0.20.0 to 0.20.1
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.20.0...v0.20.1)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/GoogleContainerTools/kaniko
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/buildpacks/lifecycle
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: go-dependencies
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner July 22, 2024 23:53
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 22, 2024
@dependabot dependabot bot requested a review from a team as a code owner July 22, 2024 23:53
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jul 29, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jul 29, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/go-dependencies-d7077959a0 branch July 29, 2024 23:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code type/chore
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants