Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible #4641

dependabot · 2023-10-30T15:37:18Z

Bumps github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.7

24.0.7

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 24.0.7 milestone

moby/moby, 24.0.7 milestone

Bug fixes and enhancements

Write overlay2 layer metadata atomically. moby/moby#46703

Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. moby/moby#46626

Fix dockerd-rootless-setuptools.sh when username contains a backslash. moby/moby#46407

Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when dockerd --bridge=none is used. moby/moby#46702

Fix a bug where cancelling an API request could interrupt container restart. moby/moby#46697

Fix an issue where containers would fail to start when providing --ip-range with a range larger than the subnet. docker/for-mac#6870

Fix data corruption with zstd output. moby/moby#46709

Fix the conditions under which the container's MAC address is applied. moby/moby#46478

Improve the performance of the stats collector. moby/moby#46448

Fix an issue with source policy rules ending up in the wrong order. moby/moby#46441

Packaging updates

Add support for Fedora 39 and Ubuntu 23.10. docker/docker-ce-packaging#940, docker/docker-ce-packaging#955

Fix docker.socket not getting disabled when uninstalling the docker-ce RPM package. docker/docker-ce-packaging#852

Upgrade Go to go1.20.10. docker/docker-ce-packaging#951

Upgrade containerd to v1.7.6 (static binaries only). moby/moby#46103

Upgrade the containerd.io package to v1.6.24.

Security

Deny containers access to /sys/devices/virtual/powercap by default. This change hardens against CVE-2020-8694, CVE-2020-8695, and CVE-2020-12912, and an attack known as the PLATYPUS attack. For more details, see advisory, commit.

v24.0.6

24.0.6

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 24.0.6 milestone

moby/moby, 24.0.6 milestone

Bug fixes and enhancements

containerd storage backend: Fix docker ps failing when a container image is no longer present in the content store. moby/moby#46095

containerd storage backend: Fix docker ps -s -a and docker container prune failing when a container image config is no longer present in the content store. moby/moby#46097

containerd storage backend: Fix docker inspect failing when a container image config is no longer (or was never) present in the content store. moby/moby#46244

containerd storage backend: Fix diff and export with the overlayfs snapshotter by using reference-counted rootfs mounts. moby/moby#46266

containerd storage backend: Fix a misleading error message when the image platforms available locally do not match the desired platform. moby/moby#46300

containerd storage backend: Fix the FROM scratch Dockerfile instruction with the classic builder. moby/moby#46302

containerd storage backend: Fix mismatched image rootfs and manifest layers errors with the classic builder. moby/moby#46310

... (truncated)

Commits

311b9ff Merge pull request #46697 from thaJeztah/24.0_backport_restart_nocancel
af60804 Merge pull request from GHSA-jq35-85cj-fj4p
3cf363e Merge pull request #46709 from thaJeztah/24.0_backport_bump_compress
05d7386 daemon: daemon.containerRestart: don't cancel restart on context cancel
649c944 Merge pull request #46703 from thaJeztah/24.0_backport_atomic-layer-data-write
9b20b1a Merge pull request #46702 from thaJeztah/24.0_backport_releaseNetwork_Network...
dd37b0b vendor: github.com/klauspost/compress v1.17.2
7058c0d vendor: github.com/klauspost/compress v1.16.5
57bd388 daemon: overlay2: Write layer metadata atomically
05d95fd daemon: release sandbox even when NetworkDisabled
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.24+incompatible to 24.0.7+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v20.10.24...v24.0.7) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>

#4628 #4629 #4631 #4632 #4633 #4637 #4638 #4641 #4648 #4650 #4656 #4658 #4662 #4666 (#4669) * Bump golang.org/x/net from 0.7.0 to 0.17.0 in /tool/actions-plan-preview (#4611) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. - [Commits](golang/net@v0.7.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump golang.org/x/net from 0.7.0 to 0.17.0 in /tool/actions-gh-release (#4612) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.17.0. - [Commits](golang/net@v0.7.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Khanh Tran <[email protected]> * Bump golang.org/x/net from 0.8.0 to 0.17.0 (#4613) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.8.0 to 0.17.0. - [Commits](golang/net@v0.8.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump @babel/traverse from 7.14.7 to 7.23.2 in /web (#4619) * Fix part of lint/go errors (misspell, depguard, unconvert) (#4621) * Fix lint/go errors (misspell) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (depguard) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (unconvert) Signed-off-by: karamaru-alpha <[email protected]> --------- Signed-off-by: karamaru-alpha <[email protected]> * Fix part of lint/go errors (goimports, staticcheck, gosimple) (#4622) * Fix lint/go errors (goimport) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (staticcheck) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (gosimple) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (gosimple) Signed-off-by: karamaru-alpha <[email protected]> * Fix return error by function Signed-off-by: karamaru-alpha <[email protected]> --------- Signed-off-by: karamaru-alpha <[email protected]> * Fix part of lint/go errors (deadcode, ineffassign, depguard) (#4624) * Ignore mannwhitney from golangci-lint Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (deadcode) Signed-off-by: karamaru-alpha <[email protected]> * Fix lint/go errors (depguard) Signed-off-by: karamaru-alpha <[email protected]> --------- Signed-off-by: karamaru-alpha <[email protected]> * Add tests to terraform platform provider (#4625) Signed-off-by: Kenta Kozuka <[email protected]> * Add tests to apikey model (#4626) Signed-off-by: Kenta Kozuka <[email protected]> * Add tests to application model (#4627) Signed-off-by: Kenta Kozuka <[email protected]> * Reduce `make lint/go` execution time by adding the GOCACHE environment variable (#4628) * Add GOCACHE env to lint/go Signed-off-by: karamaru-alpha <[email protected]> * Add verbose flag to lint/go Signed-off-by: karamaru-alpha <[email protected]> * Change timeout golangci.yml Signed-off-by: karamaru-alpha <[email protected]> --------- Signed-off-by: karamaru-alpha <[email protected]> * Add tests to model/deployment (#4629) Signed-off-by: Kenta Kozuka <[email protected]> * Add tests to model/notificationevent (#4631) * Add tests to model/notificationevent Signed-off-by: Kenta Kozuka <[email protected]> * Add Parallel() Signed-off-by: Kenta Kozuka <[email protected]> --------- Signed-off-by: Kenta Kozuka <[email protected]> * Add tests to model/deployment_chain (#4632) * Bump google.golang.org/grpc from 1.54.0 to 1.56.3 (#4633) * Bump google.golang.org/grpc from 1.54.0 to 1.56.3 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.54.0 to 1.56.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.54.0...v1.56.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Update grpc test version Signed-off-by: khanhtc1202 <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: khanhtc1202 <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: khanhtc1202 <[email protected]> * Fix lint/go errors (gocritic) (#4637) Signed-off-by: karamaru-alpha <[email protected]> * Fix part of lint/go errors (stylecheck) (#4638) * Fix lint/go errors (stylecheck) Signed-off-by: karamaru-alpha <[email protected]> * Remove nolint:stylecheck Signed-off-by: karamaru-alpha <[email protected]> * Change method reveiver name Signed-off-by: karamaru-alpha <[email protected]> * Change receiver name k to ak Signed-off-by: karamaru-alpha <[email protected]> --------- Signed-off-by: karamaru-alpha <[email protected]> * Bump github.com/docker/docker (#4641) * Make actions plan preview handle timeout option (#4648) * Format and make tests pass in tool/actions-plan-preview Signed-off-by: mi11km <[email protected]> * Use --piped-handle-timeout to make the timeout arg activate Signed-off-by: mi11km <[email protected]> * Add tests to model/notificationevent (#4631) * Add tests to model/notificationevent Signed-off-by: Kenta Kozuka <[email protected]> * Add Parallel() Signed-off-by: Kenta Kozuka <[email protected]> --------- Signed-off-by: Kenta Kozuka <[email protected]> Signed-off-by: mi11km <[email protected]> * add piped-handle-timeout(input args) Signed-off-by: mi11km <[email protected]> --------- Signed-off-by: mi11km <[email protected]> Signed-off-by: Kenta Kozuka <[email protected]> Co-authored-by: Kenta Kozuka <[email protected]> Co-authored-by: Khanh Tran <[email protected]> * Fix panic error in ListDeployments API (#4650) * Update golangci-lint and fix lint errors (#4656) Signed-off-by: karamaru-alpha <[email protected]> * Send error comment before plan preview exit (#4658) * Send error comment before plan preview exit Signed-off-by: Takumaron <[email protected]> * Apply review commnet Signed-off-by: Takumaron <[email protected]> --------- Signed-off-by: Takumaron <[email protected]> * Handle plan preview workflow's error and exit with error status code (#4662) * Add a flag to skip running standalone task during deployment (#4666) * Add a flag to skip running standalone task during deployment Signed-off-by: Kenta Kozuka <[email protected]> * Fix docs Signed-off-by: Kenta Kozuka <[email protected]> --------- Signed-off-by: Kenta Kozuka <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: karamaru-alpha <[email protected]> Signed-off-by: Kenta Kozuka <[email protected]> Signed-off-by: khanhtc1202 <[email protected]> Signed-off-by: mi11km <[email protected]> Signed-off-by: Takumaron <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Khanh Tran <[email protected]> Co-authored-by: karamaru <[email protected]> Co-authored-by: Kenta Kozuka <[email protected]> Co-authored-by: khanhtc1202 <[email protected]> Co-authored-by: Masafumi Ikeyama <[email protected]> Co-authored-by: Seitaro Fujigaki <[email protected]> Co-authored-by: Kurosawa Takuma <[email protected]>

Signed-off-by: 鈴木優耀 <[email protected]>

dependabot bot requested review from nghialv, khanhtc1202 and kentakozuka as code owners October 30, 2023 15:37

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 30, 2023

dependabot bot requested a review from ffjlabo as a code owner October 30, 2023 15:37

dependabot bot added the go Pull requests that update Go code label Oct 30, 2023

khanhtc1202 approved these changes Oct 31, 2023

View reviewed changes

khanhtc1202 merged commit d2dcafa into master Oct 31, 2023
11 checks passed

khanhtc1202 deleted the dependabot/go_modules/github.com/docker/docker-24.0.7incompatible branch October 31, 2023 01:11

sZma5a pushed a commit to sZma5a/pipecd that referenced this pull request Nov 5, 2023

Bump github.com/docker/docker (pipe-cd#4641)

337c4fa

ffjlabo mentioned this pull request Nov 13, 2023

Cherry-pick #4611 #4612 #4613 #4619 #4621 #4622 #4624 #4625 #4626 #4627 #4628 #4629 #4631 #4632 #4633 #4637 #4638 #4641 #4648 #4650 #4656 #4658 #4662 #4666 #4669

Merged

ffjlabo pushed a commit that referenced this pull request Nov 13, 2023

Bump github.com/docker/docker (#4641)

442e597

github-actions bot mentioned this pull request Dec 1, 2023

Release v0.45.4 #4697

Merged

github-actions bot mentioned this pull request Feb 6, 2024

Release v0.46.0 #4775

Merged

sZma5a pushed a commit to sZma5a/pipecd that referenced this pull request Feb 12, 2024

Bump github.com/docker/docker (pipe-cd#4641)

2e17160

Signed-off-by: 鈴木優耀 <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible #4641

Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible #4641

dependabot bot commented on behalf of github Oct 30, 2023

Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible #4641

Bump github.com/docker/docker from 20.10.24+incompatible to 24.0.7+incompatible #4641

Conversation

dependabot bot commented on behalf of github Oct 30, 2023

v24.0.7

24.0.7

Bug fixes and enhancements

Packaging updates

Security

v24.0.6

24.0.6

Bug fixes and enhancements