chore(deps): bump the go-dependencies group across 1 directory with 5 updates#68
Open
dependabot[bot] wants to merge 1 commit into
Open
chore(deps): bump the go-dependencies group across 1 directory with 5 updates#68dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
… updates Bumps the go-dependencies group with 4 updates in the / directory: [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry), [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb), [go.podman.io/image/v5](https://github.com/podman-container-tools/container-libs) and [golang.org/x/sync](https://github.com/golang/sync). Updates `github.com/google/go-containerregistry` from 0.21.5 to 0.21.6 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.21.5...v0.21.6) Updates `github.com/vbauerster/mpb/v8` from 8.12.0 to 8.12.1 - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](vbauerster/mpb@v8.12.0...v8.12.1) Updates `go.podman.io/image/v5` from 5.39.2 to 5.40.0 - [Release notes](https://github.com/podman-container-tools/container-libs/releases) - [Commits](podman-container-tools/container-libs@image/v5.39.2...image/v5.40.0) Updates `golang.org/x/crypto` from 0.50.0 to 0.51.0 - [Commits](golang/crypto@v0.50.0...v0.51.0) Updates `golang.org/x/sync` from 0.20.0 to 0.21.0 - [Commits](golang/sync@v0.20.0...v0.21.0) --- updated-dependencies: - dependency-name: github.com/google/go-containerregistry dependency-version: 0.21.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/vbauerster/mpb/v8 dependency-version: 8.12.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: go.podman.io/image/v5 dependency-version: 5.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/crypto dependency-version: 0.51.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/sync dependency-version: 0.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the go-dependencies group with 4 updates in the / directory: github.com/google/go-containerregistry, github.com/vbauerster/mpb/v8, go.podman.io/image/v5 and golang.org/x/sync.
Updates
github.com/google/go-containerregistryfrom 0.21.5 to 0.21.6Release notes
Sourced from github.com/google/go-containerregistry's releases.
Commits
53f7e39Update go version to 1.26.3 (#2300)bf87c3btransport: allow bearer realm at same host:port as registry (#2302)c55facdtransport: retry HTTP 429 (Too Many Requests) (#2301)68a569efix: preserve per-occurrence layer identity in Layers() (#2299)35b354bfix(mutate): preserve config blob and layers for non-Docker OCI artifacts (#2...e5983f2remote: block SSRF via private-IP Location headers in blob uploads (#2295)6dad820remote: validate foreign layer URLs to prevent SSRF (fixes #2259) (#2293)78bdf1bvalidate: skip non-layer layers (#2298)c29d91cpkg/v1/mutate: preserve relative symlinks that stay within rootfs in Extract ...a70d75atransport: block redirects from token server to private/link-local addresses ...Updates
github.com/vbauerster/mpb/v8from 8.12.0 to 8.12.1Release notes
Sourced from github.com/vbauerster/mpb/v8's releases.
Commits
1fcdaddv8.12.198992b5go get -ueb5935afeat: ToBuilder() BarFillerBuildercf7d4dcrefactor: iTip is iLen9af2c34refactor: drop SpinnerStyleComposer interface050fe87refactor: drop BarStyleComposer interfacea03d9e1refactor: proxywriter_test with ewma4c4ab56refactor: proxywriter_test2208a21refactor: proxyreader_test with ewma7db7229refactor: proxyreader_testUpdates
go.podman.io/image/v5from 5.39.2 to 5.40.0Commits
3c2fa91Bump to c/image v5.40f871d19Bump to c/storage v1.63.0 in c/image, c/image to v5.40550f62fBump c/storage to v1.63.04fa1864Merge pull request #816 from alexlarsson/fix-composefs-verity32704efMerge pull request #855 from containers/renovate/github.com-docker-cli-29.x98ff31aMerge pull request #853 from mheon/containers_conf_documentation_removals3e16145Update module github.com/docker/cli to v29.5.1+incompatible206fff3Manpage: remove slirp4netns/boltdb references3592bdaMerge pull request #852 from containers/renovate/github.com-onsi-gomega-1.xf04d9c8Update module github.com/onsi/gomega to v1.41.0Updates
golang.org/x/cryptofrom 0.50.0 to 0.51.0Commits
b8a14a8go.mod: update golang.org/x dependencies9d9d507x509roots/fallback/bundle: fix bundle test with Go 1.27+fd0b90dacme: include Problem in OrderError.Errorb9e5359pbkdf2: turn into a wrapper for crypto/pbkdf2cc0e4fchkdf: forward Extract to the standard librarya8e9237x509roots/fallback: update bundleUpdates
golang.org/x/syncfrom 0.20.0 to 0.21.0Commits
5071ed6all: fix some comments to improve readabilityDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions