Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the go-deps group with 5 updates #53

Merged
merged 1 commit into from
Jan 1, 2025
Merged

chore(deps): bump the go-deps group with 5 updates #53

merged 1 commit into from
Jan 1, 2025

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 1, 2025

Bumps the go-deps group with 5 updates:

Package From To
github.com/docker/docker 27.3.1+incompatible 27.4.1+incompatible
github.com/gliderlabs/ssh 0.3.7 0.3.8
golang.org/x/tools 0.27.0 0.28.0
gorm.io/driver/postgres 1.5.10 1.5.11
gorm.io/driver/sqlite 1.5.6 1.5.7

Updates github.com/docker/docker from 27.3.1+incompatible to 27.4.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.1

27.4.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Fix excessive memory allocations when OTel is not configured. moby/moby#49079
  • The docker info command and the corresponding GET /info API endpoint no longer include warnings when bridge-nf-call-iptables or bridge-nf-call-ip6tables are disabled at the daemon is started. The br_netfilter kernel module is now attempted to be loaded when needed, which made those warnings inaccurate. moby/moby#49090
  • Attempt to load kernel modules, including ip6_tables and br_netfilter when required, using a method that is likely to succeed inside a Docker-in-Docker container. moby/moby#49043
  • Fix a bug that could result in an iptables DOCKER FILTER chain not being cleaned up on failure. moby/moby#49110

Deprecations

  • pkg/system: Deprecate Lstat(), Mkdev(), Mknod(), FromStatT() and Stat() functions, and related StatT types. These were only used internally, and will be removed in the next release. moby/moby#49100
  • libnetwork/iptables: Deprecate IPV, Iptables and IP6Tables types in favor of IPVersion, IPv4, and IPv6. This type and consts will be removed in the next release. moby/moby#49093
  • libnetwork/iptables: Deprecate Passthrough. This function was only used internally, and will be removed in the next release. moby/moby#49119

Packaging updates

v27.4.0

27.4.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

API

  • GET /images/json with the manifests option enabled now preserves the original order in which manifests appeared in the manifest-index. moby/moby#48712

Bug fixes and enhancements

  • When reading logs with the jsonfile or local log drivers, any errors while trying to read or parse underlying log files will cause the rest of the file to be skipped and move to the next log file (if one exists) rather than returning an error to the client and closing the stream. The errors are viewable in the Docker Daemon logs and exported to traces when tracing is configured. moby/moby#48842
  • When reading log files, compressed log files are now only decompressed when needed rather than decompressing all files before starting the log stream. moby/moby#48842
  • Fix an issue that meant published ports from one container on a bridge network were not accessible from another container on the same network with userland-proxy disabled, if the kernel's br_netfilter module was not loaded and enabled. The daemon will now attempt to load the module and enable bridge-nf-call-iptables or bridge-nf-call-ip6tables when creating a network with the userland proxy disabled. moby/moby#48685
  • Fix loading of bridge and br_netfilter kernel modules. moby/moby#48966
  • containerd image store: Fix Docker daemon failing to fully start with a "context deadline exceeded error" with containerd snapshotter and many builds/images. moby/moby#48954
  • containerd image-store: Fix partially pulled images not being garbage-collected. moby#48910, moby/moby#48957
  • containerd image store: Fix docker image inspect outputting duplicate references in RepoDigests. moby/moby#48785

... (truncated)

Commits
  • c710b88 Merge pull request #49119 from thaJeztah/27.x_backport_libnetwork_deprecate_P...
  • eda0a20 libnetwork/iptables: deprecate Passthrough
  • b51622d libnet/iptables: deprecate type IPV
  • 829ac83 Merge pull request #49104 from thaJeztah/27.x_backport_update_swagger_headers
  • bd7da11 Merge pull request #49110 from thaJeztah/27.x_backport_fix_setupIPChains_defer
  • 135b144 Merge pull request #49105 from thaJeztah/27.x_backport_testing-suse-apparmor
  • 08de719 libnetwork/drivers/bridge: setupIPChains: fix defer checking wrong err
  • 2a62319 Merge pull request #49100 from thaJeztah/27.x_backport_deprecate_pkg_system
  • 6855ca1 integration-cli: don't skip AppArmor tests on SLES
  • 224b305 docs/api: document correct case for Api-Version header
  • Additional commits viewable in compare view

Updates github.com/gliderlabs/ssh from 0.3.7 to 0.3.8

Release notes

Sourced from github.com/gliderlabs/ssh's releases.

v0.3.8

This bumps x/crypto to 0.31.0 to resolve CVE-2024-45337. The API has not changed, which means there are still a number of ways you could be vulnerable if your code improperly uses the PublicKeyHandler.

Note that this may result in a performance regression, as the PublicKeyHandler may be called multiple times for the same key. The last time it is called will be the key the user is actually using.

Note that if you are using Permissions to pass information about the public key out of the handler, you need to make sure you always overwrite all relevant stored map keys in order to avoid being vulnerable.

Full Changelog: gliderlabs/ssh@v0.3.7...v0.3.8

Commits

Updates golang.org/x/tools from 0.27.0 to 0.28.0

Commits
  • 44670c7 go.mod: update golang.org/x dependencies
  • 7eebab3 gopls/internal/golang: support extract variable at top level
  • e334696 gopls/internal/golang: ignore effects for change signature refactoring
  • 3901733 internal/refactor/inline: substitute groups of dependent arguments
  • 61b2408 gopls/internal/golang: add "Extract constant" counterpart
  • c01eead internal/gcimporter: require binary export data header
  • 9a04136 gopls/internal/golang/stubmethods: refine crash into bug report
  • 01e0b05 internal/refactor/inline: fix condition for splice assignment strategy
  • 557f540 gopls/internal/golang: don't offer to move variadic parameters
  • 399ee16 internal/gcimporter: update FindExportData to return a non-negative size
  • Additional commits viewable in compare view

Updates gorm.io/driver/postgres from 1.5.10 to 1.5.11

Commits

Updates gorm.io/driver/sqlite from 1.5.6 to 1.5.7

Commits
  • 02b8e06 🐛 fix logic of parsing multiple columns (i.e. for PRIMARY KEYS, CONSTRAINT) (...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the go-deps group with 5 updates
b6cd47e 
Bumps the go-deps group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/docker](https://github.com/docker/docker) | `27.3.1+incompatible` | `27.4.1+incompatible` |
| [github.com/gliderlabs/ssh](https://github.com/gliderlabs/ssh) | `0.3.7` | `0.3.8` |
| [golang.org/x/tools](https://github.com/golang/tools) | `0.27.0` | `0.28.0` |
| [gorm.io/driver/postgres](https://github.com/go-gorm/postgres) | `1.5.10` | `1.5.11` |
| [gorm.io/driver/sqlite](https://github.com/go-gorm/sqlite) | `1.5.6` | `1.5.7` |


Updates `github.com/docker/docker` from 27.3.1+incompatible to 27.4.1+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v27.3.1...v27.4.1)

Updates `github.com/gliderlabs/ssh` from 0.3.7 to 0.3.8
- [Release notes](https://github.com/gliderlabs/ssh/releases)
- [Commits](gliderlabs/ssh@v0.3.7...v0.3.8)

Updates `golang.org/x/tools` from 0.27.0 to 0.28.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.27.0...v0.28.0)

Updates `gorm.io/driver/postgres` from 1.5.10 to 1.5.11
- [Commits](go-gorm/postgres@v1.5.10...v1.5.11)

Updates `gorm.io/driver/sqlite` from 1.5.6 to 1.5.7
- [Commits](go-gorm/sqlite@v1.5.6...v1.5.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/gliderlabs/ssh
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: golang.org/x/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: gorm.io/driver/postgres
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: gorm.io/driver/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jan 1, 2025
@github-actions github-actions bot enabled auto-merge (squash) January 1, 2025 02:44
@github-actions github-actions bot merged commit e6225b3 into master Jan 1, 2025
11 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/go-deps-a21549421a branch January 1, 2025 02:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants