Bump the go-modules group across 1 directory with 27 updates

[dependabot]

Bumps the go-modules group with 18 updates in the / directory:

Package	From	To
github.com/onsi/gomega	1.33.1	1.34.1
github.com/paketo-buildpacks/packit/v2	2.14.0	2.14.2
dario.cat/mergo	1.0.0	1.0.1
github.com/DataDog/zstd	1.5.5	1.5.6
github.com/Microsoft/hcsshim	0.12.4	0.12.5
github.com/cyphar/filepath-securejoin	0.2.5	0.3.1
github.com/docker/cli	27.0.2+incompatible	27.1.2+incompatible
github.com/google/go-containerregistry	0.19.2	0.20.2
github.com/mattn/go-runewidth	0.0.15	0.0.16
github.com/moby/sys/sequential	0.5.0	0.6.0
github.com/moby/sys/user	0.1.0	0.3.0
github.com/skeema/knownhosts	1.2.2	1.3.0
github.com/spf13/cast	1.6.0	1.7.0
github.com/sylabs/sif/v2	2.17.0	2.18.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	0.52.0	0.53.0
golang.org/x/sync	0.7.0	0.8.0
golang.org/x/text	0.16.0	0.17.0
google.golang.org/grpc	1.64.1	1.65.0

Updates github.com/onsi/gomega from 1.33.1 to 1.34.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.1

1.34.1

Maintenance

• Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

1.34.0

Features

• Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

• fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
• issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

• bump ginkgo [8af2ece]
• Fix typo in docs [123a071]
• Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
• Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
• Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
• Bump github-pages from 230 to 231 in /docs (#748) [892c303]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.1

Maintenance

• Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

1.34.0

Features

• Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

• fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
• issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

• bump ginkgo [8af2ece]
• Fix typo in docs [123a071]
• Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
• Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
• Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
• Bump github-pages from 230 to 231 in /docs (#748) [892c303]

Commits

• fa057b8 v1.34.1
• 5e71dcd Use slices from exp/slices to keep golang 1.20 compat
• 32e5498 v1.34.0
• cb3fa6a run go mod tidy and wonder why go get doesnt just run it for me in the first ...
• 8af2ece bump ginkgo
• 878940c fix incorrect handling of nil slices in HaveExactElements (fixes #771)
• f5bec80 clean up bipartitegraph tests
• ebadb67 issue_765 - fixed bug in Hopcroft-Karp algorithm
• 123a071 Fix typo in docs
• c549e0d Add RoundTripper method to ghttp.Server
• Additional commits viewable in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.14.0 to 2.14.2

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.14.2

What's Changed

• Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 by @​dependabot in paketo-buildpacks/packit#573
• Bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 by @​dependabot in paketo-buildpacks/packit#574
• Updates github-config by @​paketo-bot in paketo-buildpacks/packit#576
• Fix override of existing values in prepend & append by @​nicolasbender in paketo-buildpacks/packit#581
• Updates github-config by @​paketo-bot in paketo-buildpacks/packit#585
• Bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5 by @​dependabot in paketo-buildpacks/packit#588
• Bump github.com/onsi/gomega from 1.33.1 to 1.34.1 by @​dependabot in paketo-buildpacks/packit#589

New Contributors

• @​nicolasbender made their first contribution in paketo-buildpacks/packit#581

Full Changelog: paketo-buildpacks/packit@v2.14.0...v2.14.2

v2.14.1

⚠️ This release contains unwanted changes due to release automation issues. Please use https://github.com/paketo-buildpacks/packit/releases/tag/v2.14.2 instead!

What's Changed

• Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0 by @​dependabot in paketo-buildpacks/packit#573
• Bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 by @​dependabot in paketo-buildpacks/packit#574
• Updates github-config by @​paketo-bot in paketo-buildpacks/packit#576
• Fix override of existing values in prepend & append by @​nicolasbender in paketo-buildpacks/packit#581
• Updates github-config by @​paketo-bot in paketo-buildpacks/packit#585
• Bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5 by @​dependabot in paketo-buildpacks/packit#588
• Bump github.com/onsi/gomega from 1.33.1 to 1.34.1 by @​dependabot in paketo-buildpacks/packit#589

New Contributors

• @​nicolasbender made their first contribution in paketo-buildpacks/packit#581

Full Changelog: paketo-buildpacks/packit@v2.14.0...v2.14.1

Commits

• 3bc586e do not run draft release workflow on branches named v2-<something>
• d558b87 Bump github.com/onsi/gomega from 1.33.1 to 1.34.1
• 9f2a7b3 Bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5
• b117031 Updating github-config
• b6530bc Include error handling
• 7222905 Fix override of existing values in prepend & append
• e366827 Updating github-config
• a8ac405 Bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4
• 4ff7347 Bump github.com/BurntSushi/toml from 1.3.2 to 1.4.0
• See full diff in compare view

Updates dario.cat/mergo from 1.0.0 to 1.0.1

Release notes

Sourced from dario.cat/mergo's releases.

v1.0.1

What's Changed

• fixes issue #187 by @​vsemichev in darccio/mergo#253
• fix: WithoutDereference should respect non-nil struct pointers by @​joshkaplinsky in darccio/mergo#251

New Contributors

• @​vsemichev made their first contribution in darccio/mergo#253
• @​joshkaplinsky made their first contribution in darccio/mergo#251

Full Changelog: darccio/mergo@v1.0.0...v1.0.1

Commits

• 59ea6a9 Merge pull request #251 from joshkaplinsky/joshkaplinsky/without-dereference-...
• 96f24af Merge pull request #253 from vsemichev/master
• 2f1a615 fixes issue #187. adds test to verify the fix.
• 4da170b fixes issue #187. attempt #3
• a13a117 fixes issue #187. attempt #2
• 6b830ff fixes issue #187
• f33862a WithoutDereference should respect structs
• cde9f0e Merge pull request #246 from darccio/darccio/v1-frozen
• f1e2fe5 chore: frozen v1
• 7f7b4af Update FUNDING.yml
• Additional commits viewable in compare view

Updates github.com/DataDog/zstd from 1.5.5 to 1.5.6

Release notes

Sourced from github.com/DataDog/zstd's releases.

zstd 1.5.6

What's Changed

• Fix readme typo by @​colinlyguo in DataDog/zstd#136
• Update upperBound ratio when guessing the required decompression buffer size by @​sfluor in DataDog/zstd#141
• Update vendored zstd to 1.5.6 by @​Viq111 in DataDog/zstd#143

Full Changelog: DataDog/zstd@v1.5.5+patch1...v1.5.6

Commits

• b52f603 Merge pull request #143 from DataDog/viq111/1.5.6
• cf4778e Update Readme for 1.5.6
• ed87d43 Update vendored zstd to 1.5.6
• dd7b332 Merge pull request #136 from colinlyguo/fix-readme
• beb4dfd Merge pull request #141 from DataDog/sfluor-patch-1
• e75a26a Update upperBound ratio when guessing the required decompression buffer size
• c9a5141 fix readme
• 869dae0 Merge pull request #132 from DataDog/viq111/bulk-fix-highlycompressed-payloads
• bf7b920 [bulk] Add extra empty payload decompression test
• 9c0d33f [bulk] Fix naming
• Additional commits viewable in compare view

Updates github.com/Microsoft/hcsshim from 0.12.4 to 0.12.5

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.5

What's Changed

• [release/0.12] Adding state attribute to the HNSEndpoint struct to support hyperv co… by @​ritikaguptams in microsoft/hcsshim#2183
• [release/0.12] vendor: github.com/containerd/containerd v17.18 by @​thaJeztah in microsoft/hcsshim#2186
• [release/0.12] Backport networking commits for L1VH feature by @​princepereira in microsoft/hcsshim#2205

Full Changelog: microsoft/hcsshim@v0.12.4...v0.12.5

Commits

• e970943 Modifying network flag EnableIov.
• 4f77a09 Hcsshim wrapper over HNS API needed for exclusion of management mac addresses...
• 3b5bd8a [release/0.12] vendor: github.com/containerd/containerd v17.18
• 40cdbc8 Adding state attribute to the HNSEndpoint struct to support hyperv containers...
• See full diff in compare view

Updates github.com/cyphar/filepath-securejoin from 0.2.5 to 0.3.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.1

• By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

• We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

  Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

• Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

  These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

Signed-off-by: Aleksa Sarai [email protected]

v0.3.0

This release contains no changes to SecureJoin.

However, it does introduce a new *os.File-based API which is much safer to use for most usecases. These are adapted from [libpathrs][1] and are the bare minimum to be able to operate more safely on an untrusted rootfs where an attacker has write access (something that SecureJoin cannot protect against). The new APIs are:

• OpenInRoot, which resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the file handle returned by OpenInRoot is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- see open(2) for more details).

• Reopen, which takes an O_PATH file handle and safely re-opens it to "upgrade" it to a regular handle.

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.1] - 2024-07-23

Changed

• By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

• We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

  Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

Fixed

• Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

  These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

[0.3.0] - 2024-07-11

Added

• A new set of *os.File-based APIs have been added. These are adapted from [libpathrs][] and we strongly suggest using them if possible (as they provide far more protection against attacks than SecureJoin):

  • Open(at)InRoot resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the handle returned is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- [see open(2) for more details][open.2])

  • Reopen takes an O_PATH file handle and safely re-opens it to upgrade it to a regular handle. This can also be used with non-O_PATH handles, but O_PATH is the most obvious application.

  • MkdirAll is an implementation of os.MkdirAll that is safe to use to

... (truncated)

Commits

• ce7b28a VERSION: release v0.3.1
• a2c14f8 CHANGELOG: add readlinkat(fd, "") shout-out
• 4ea279f merge #22 into cyphar/filepath-securejoin:main
• 16e1bec CHANGELOG: add initial changelog with current history
• 2404ffb merge #21 into cyphar/filepath-securejoin:main
• f29b7a4 lookup: handle // and trailing slash components correctly
• ecd61ca merge #19 into cyphar/filepath-securejoin:main
• 38b1220 procfs: refactor statx mnt_id logic
• 45c4415 procfs: use readlink(fd, "") for magic-links
• edab538 merge #17 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.0.2+incompatible to 27.1.2+incompatible

Commits

• d01f264 Merge pull request #5333 from thaJeztah/27.x_bump_engine
• 65dec14 vendor: github.com/docker/docker f9522e5e96c3 (v27.1.2-dev)
• 1f80c54 Merge pull request #5339 from thaJeztah/27.x_backport_fix_bps_limit
• 33573e2 Merge pull request #5343 from dvdksn/cp-docs-manuals-refactor-linkfix
• 73452e3 docs: update internal links after refactor
• bcd90be docs: fix link to http proxy document
• f62c68e Merge pull request #5337 from vvoland/5327-27.x
• 946d109 run: fix GetList return empty issue for throttledevice
• 096e42b Merge pull request #5335 from vvoland/5310-27.x
• 984ef90 plugins: don't panic on Close if PluginServer nil
• Additional commits viewable in compare view

Updates github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5

Release notes

Sourced from github.com/gabriel-vasile/mimetype's releases.

v1.4.5

What's Changed

• json: improve performance by using a pool of scanners in gabriel-vasile/mimetype#535
• tar: remove strconv dependency for tar checksum octal numbers in gabriel-vasile/mimetype#536
• zip: use []byte instead of string to prevent allocs in gabriel-vasile/mimetype#537
• remove tarbomb from testdata folder in gabriel-vasile/mimetype#540
• Updating RTF Magic number to match https://www.iana.org/assignments/media-types/application/rtf by @​zdiff in gabriel-vasile/mimetype#544
• alias text/rtf to application/rtf in gabriel-vasile/mimetype#547
• reduce project size by moving mimetype.gif to testdata in gabriel-vasile/mimetype#548
• Bump golang.org/x/net from 0.25.0 to 0.27.0 in the gomod group across 1 directory by @​dependabot in gabriel-vasile/mimetype#552
• remove exe from testdata in gabriel-vasile/mimetype#561

New Contributors

• @​zdiff made their first contribution in gabriel-vasile/mimetype#544

Full Changelog: gabriel-vasile/mimetype@v1.4.4...v1.4.5

Commits

• b36b70f remove exe from testdata (#561)
• e802551 Bump the github-actions group across 1 directory with 3 updates (#560)
• f003e99 Bump golang.org/x/net in the gomod group across 1 directory (#552)
• e0c5c59 reduce project size by moving mimetype.gif to testdata (#548)
• f296c1b alias rtf to application/rtf (#547)
• 8329892 Updating RTF Magic number to match <https://www.iana.org/assignments/media-ty...
• 3267116 remove tarbomb from testdata folder (#540)
• cdceff9 zip: use []byte instead of string to prevent allocs (#537)
• 77e3848 tar: remove strconv dependency for tar checksum octal numbers (#536)
• 09ff708 json: improve performance by using a pool of scanners (#535)
• See full diff in compare view

Updates github.com/google/go-containerregistry from 0.19.2 to 0.20.2

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.2

What's Changed

• deps: bump docker dep by @​imjasonh in google/go-containerregistry#1991

Full Changelog: google/go-containerregistry@v0.20.1...v0.20.2

v0.20.1

What's Changed

• Create remote.Push by @​mattmoor in google/go-containerregistry#1978

Full Changelog: google/go-containerregistry@v0.20.0...v0.20.1

v0.20.0

What's Changed

• Referrer API must return correct Content-Type by @​GregoireW in google/go-containerregistry#1968
• 🚨 POTENTIALLY BREAKING: Restore blind-write to remote.Put by @​jonjohnsonjr in google/go-containerregistry#1970

New Contributors

• @​GregoireW made their first contribution in google/go-containerregistry#1968

Full Changelog: google/go-containerregistry@v0.19.2...v0.20.0

Commits

• c195f15 deps: bump docker dep (#1991)
• c3d1dcc Create remote.Push (#1978)
• d36047a Restore blind-write to remote.Put (#1970)
• 9915a85 Referrer API must return correct Content-Type (#1968)
• See full diff in compare view

Updates github.com/mattn/go-runewidth from 0.0.15 to 0.0.16

Commits

• 6ceadc6 Support Unicode 15.1.0
• See full diff in compare view

Updates github.com/moby/sys/sequential from 0.5.0 to 0.6.0

Release notes

Sourced from github.com/moby/sys/sequential's releases.

signal/v0.6.0

What's Changed

• signal: Handle more signals to make ParseSignal containerd compatible by @​kzys in moby/sys#71
• signal: fix name for SIGBUS on darwin by @​thaJeztah in moby/sys#72
• signal: fix name for SIGBUS on freebsd by @​thaJeztah in moby/sys#73
• signal: sort Windows signals alphabetically by @​thaJeztah in moby/sys#74
• signal: remove DefaultStopSignal by @​thaJeztah in moby/sys#77
• linting: do not capitalize errors by @​thaJeztah in moby/sys#75
• CI: update Vagrant to Fedora 34 by @​thaJeztah in moby/sys#80
• lint: update golangci-lint to v1.41.1 by @​thaJeztah in moby/sys#79
• ci/gha: drop go 1.14, add go 1.17 by @​kolyshkin in moby/sys#84
• Test fixes by @​kolyshkin in moby/sys#87
• Drop go < 1.16 compatibility by @​kolyshkin in moby/sys#89
• CI: add more linters by @​kolyshkin in moby/sys#92
• ci: bump Fedora to 35 by @​kolyshkin in moby/sys#93

New Contributors

• @​kzys made their first contribution in moby/sys#71

Full Changelog: moby/sys@signal/v0.5.0...signal/v0.6.0

mountinfo v0.6.0

New functionality

• Add MountedFast by @​kolyshkin in moby/sys#100 Note: most users should keep using Mounted, which already incorporates all optimizations from MountedFast

Full changelog: moby/sys@mountinfo/v0.5.0...mountinfo/v0.6.0

sequential v0.6.0

What's Changed

• sequential: remove fileFlagSequentialScan const
• sequential: consistently use x/sys/windows for consts
• sequential: open(File)Sequential: remove unused arg
• sequential: move error-handling to openFileSequential
• sequential: simplify docs for non-Windows implementations
• sequential: update docs for Windows-implementation
• bump golang.org/x/sys to v0.1.0

Full Changelog: moby/sys@sequential/v0.5.0...sequential/v0.6.0

Commits

• 03b9f8d Merge pull request #94 from thaJeztah/bump_mountinfo
• bdd898e mount: update github.com/moby/sys/mountinfo v0.5.0
• fbd276c Merge pull request #93 from kolyshkin/ci-f35
• afb7f50 Merge pull request #92 from kolyshkin/more-linters
• 9372d68 ci: bump Fedora to 35
• 9a90d6d Format code with gofumpt, enable linter
• 85e4bfd Makefile: update golangci-lint to 1.43.0
• f0fb439 .gitattributes: add
• b016007 ci: add unconvert and errorlint linters to golanci
• 6056970 Fix errorlint warnings
• Additional commits viewable in compare view

Updates github.com/moby/sys/user from 0.1.0 to 0.3.0

Release notes

Sourced from github.com/moby/sys/user's releases.

mountinfo v0.3.0

Breaking changes:

• Some field names of struct Mountinfo are changed to be more in-line with Go naming conventions. Users need to be converted. (#34)

Fixes and improvements:

• Fixed per-package doc to be shown by go doc (#37)
• Make GetMountsFromReader Linux-specific. (#39)
• OpenBSD support added (same code as FreeBSD; not tested). (#32)

Thanks to:

• Sebastiaan van Stijn
• Tobias Klauser

mount/v0.3.0

What's Changed

• mount: create proper mounter for OpenBSD by @​yukiisbored in moby/sys#59
• ci/gha: add go 1.16; run as root; fix some tests; add fedora by @​kolyshkin in moby/sys#65
• mount: add exec and noexec as valid flags to mount options by @​thaJeztah in moby/sys#66
• mount: bump mountinfo to 0.4.1, add TestRecursiveUnmountTooGreedy test by @​kolyshkin in moby/sys#64
• mount: errors should not start with a capital by @​thaJeztah in moby/sys#78
• CI: update Vagrant to Fedora 34 by @​thaJeztah in moby/sys#80
• lint: update golangci-lint to v1.41.1 by @​thaJeztah in moby/sys#79
• ci/gha: drop go 1.14, add go 1.17 by @​kolyshkin in moby/sys#84
• Test fixes by @​kolyshkin in moby/sys#87
• Drop go < 1.16 compatibility by @​kolyshkin in moby/sys#89
• CI: add more linters by @​kolyshkin in moby/sys#92
• ci: bump Fedora to 35 by @​kolyshkin in moby/sys#93
• mount: update github.com/moby/sys/mountinfo v0.5.0 by @​thaJeztah in moby/sys#94

New Contributors

• @​yukiisbored made their first contribution in moby/sys#59

Full Changelog: moby/sys@mount/v0.2.0...mount/v0.3.0

symlink v0.3.0

What's Changed

• symlink: touch-up documentation
• update minimum supported go version to go1.17
• bump golang.org/x/sys to v0.1.0

Full Changelog: moby/sys@symlink/v0.2.0...symlink/v0.3.0

user v0.3.0

What's Changed

• remove userns package that was added in v0.2.0
• downgrade minimum go version to v1.17
• retract v0.2.0

... (truncated)

Commits

• 5447519 Merge pull request #145 from thaJeztah/separate_userns
• 370a9ed user: move userns package to separate module, and retract v0.2.0
• 86870e7 Merge pull request #140 from thaJeztah/integrate_libcontainer_userns
• 5cd502c user: require go1.21 or higher
• a40602b user/userns: add godoc for package
• bc3a8a5 libct/userns: implement RunningInUserNS with sync.OnceValue
• bc0de32 libct/userns: make fuzzer Linux-only, and remove stub for uidMapInUserNS
• 333fe31 libct/userns: change RunningInUserNS to a wrapper instead of an alias
• bb72464 remove pre-go1.17 build-tags
• 87e38c8 libcontainer/userns: simplify, and separate from "user" package.
• Additional commits viewable in compare view

Updates github.com/skeema/knownhosts from 1.2.2 to 1.3.0

Commits

• 9485bde docs: add PR template and CONTRIBUTING.md guide; minor README tweaks
• 8b8ca37 host matching: handle wildcards with non-standard port (#10)
• 7c797a4 Merge pull request #9 from skeema/certs-backwards-compat
• 53a26cc Minor adjustments based on initial PR feedback
• 69b4a62 certs: reimplement previous commit to maintain backwards compat
• d314bf3 Support cert authorities
• 5832aa8 ci: send coverage to Coveralls; upgrade action versions
• 7acc57b go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates github.com/spf13/cast from 1.6.0 to 1.7.0

Release notes

Sourced from github.com/spf13/cast's releases.

v1.7.0

What's Changed

• Misc improvements by @​bep in spf13/cast#221

Full Changelog: spf13/cast@v1.6.0...v1.7.0

Commits

• 6e0c3ab Support some commonly used Float64 interfaces
• 6c5f3fc github: Bump versions
• See full diff in compare view

Updates github.com/sylabs/sif/v2 from 2.17.0 to 2.18.0

Release notes

Sourced from github.com/sylabs/sif/v2's releases.

v2.18.0

What's Changed

• docs: update links to Go docs by @​tri-adam in sylabs/sif#375
• refactor: improve compaction logic by @​tri-adam in sylabs/sif#373
• build(deps): bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 by @​dependabot in sylabs/sif#376
• feat: add DeleteObjects by @​tri-adam in sylabs/sif#374

Full Changelog: sylabs/sif@v2.17.1...v2.18.0

v2.17.1

What's Changed

• refactor: use DSSE wrappers from sigstore by @​tri-adam in sylabs/sif#366
• ci: add testing against Go 1.23 RC by @​tri-adam in sylabs/sif#368

Full Changelog: sylabs/sif@v2.17.0...v2.17.1

Commits

• a2a8352 Merge pull request #374 from tri-adam/delete-objects
• 68683b4 feat: add DeleteObjects
• 94b0b65 build(deps): bump github.com/google/go-containerregistry (#376)
• 48f265f Merge pull request #373 from tri-adam/compaction
• e8dad67 refactor: improve delete compaction logic
• 8783e3b refactor: improve compaction logic for AddObject
• e3aa617 Merge pull request #375 from tri-adam/update-readme
• 8f557d5 docs: update links to Go docs
• de30604 Merge pull request #368 from tri-adam/go-1.23-rc
• 9ea2328 ci: add testing against Go 1.23 RC
• Additional commits viewable in compare view

Updates go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.52.0 to 0.53.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.

Release v1.28.0/v0.53.0/v0.22.0/v0.8.0/v0.3.0/v0.1.0

Overview

Added

• Add the new go.opentelemetry.io/contrib/detectors/azure/azurevm package to provide a resource detector for Azure VMs. (#5422)
• Add support to configure views when creating MeterProvider using the config package. (#5654)
• The go.opentelemetry.io/contrib/config add support to configure periodic reader interval and timeout. (#5661)
• Add log support for the autoexport package. (#5733)
• Add support for disabling the old runtime metrics using the OTEL_GO_X_DEPRECATED_RUNTIME_METRICS=false environment variable. (#5747)
• Add support for signal-specific protocols environment variables (OTEL_EXPORTER_OTLP_TRACES_PROTOCOL, OTEL_EXPORTER_OTLP_LOGS_PROTOCOL, OTEL_EXPORTER_OTLP_METRICS_PROTOCOL) in go.opentelemetry.io/contrib/exporters/autoexport. (#5816)
• The go.opentelemetry.io/contrib/processors/minsev module is added. This module provides and experimental logging processor with a configurable threshold for the minimum severity records must have to be recorded. (#5817)
<...

Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.