chore(deps): bump the dependencies group with 17 updates #186

dependabot · 2025-05-01T04:52:47Z

Bumps the dependencies group with 17 updates:

Package	From	To
github.com/Scalingo/go-utils/logger	`1.2.0`	`1.5.0`
github.com/fsouza/go-dockerclient	`1.11.2`	`1.12.1`
github.com/go-sql-driver/mysql	`1.8.1`	`1.9.2`
github.com/redis/go-redis/v9	`9.6.1`	`9.8.0`
github.com/stretchr/testify	`1.9.0`	`1.10.0`
go.etcd.io/etcd/client/v2	`2.305.15`	`2.305.21`
github.com/cyphar/filepath-securejoin	`0.2.5`	`0.4.1`
github.com/moby/sys/user	`0.2.0`	`0.4.0`
gotest.tools/v3	`3.5.1`	`3.5.2`
github.com/docker/docker	`27.1.1+incompatible`	`27.5.1+incompatible`
github.com/klauspost/compress	`1.17.9`	`1.18.0`
github.com/moby/term	`0.5.0`	`0.5.2`
github.com/ncw/swift/v2	`2.0.2`	`2.0.3`
github.com/opencontainers/image-spec	`1.1.0`	`1.1.1`
go.etcd.io/etcd/api/v3	`3.5.15`	`3.5.21`
go.etcd.io/etcd/client/pkg/v3	`3.5.15`	`3.5.21`
golang.org/x/sys	`0.22.0`	`0.31.0`

Updates github.com/Scalingo/go-utils/logger from 1.2.0 to 1.5.0

Commits

84cafaa Merge pull request #1111 from Scalingo/release/logger/1.5.0
13c17a4 [logger] Bump v1.5.0
03c7501 Merge pull request #1110 from Scalingo/feat/logger/rollbarplugin/add_close_wr...
391ad8e feat(logger) update readme related to close wrapper
a97b22c Merge pull request #1109 from Scalingo/feat/logger/rollbarplugin/add_close_wr...
15ab255 feat(logger) add close wrapper
a2cafca Merge pull request #1107 from Scalingo/dependabot/go_modules/storage/dependen...
eb2609d Merge pull request #1106 from Scalingo/dependabot/go_modules/tarball/dependen...
a03212d Merge pull request #1105 from Scalingo/dependabot/go_modules/cronsetup/depend...
2f6fc9c build(deps): bump the dependencies group in /storage with 14 updates
Additional commits viewable in compare view

Updates github.com/fsouza/go-dockerclient from 1.11.2 to 1.12.1

Release notes

Sourced from github.com/fsouza/go-dockerclient's releases.

Version compatible with Docker 1.9 and Go 1.4

This has a special tag name to make it clear that it was the latest version compatible with Docker 1.9 and Go 1.4.

Commits

911724f Generate test TLS certificates on demand
9e09969 Use nanoserver for integration tests on Windows
7065e2e build(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.5.0 (#1111)
d28655c Go 1.24 is out, drop Go 1.22
218cb9f build(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.3.2 (#1108)
ee382d5 build(deps): bump golang.org/x/term from 0.28.0 to 0.29.0 (#1105)
a401e79 build(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 (#1106)
0eab2db build(deps): bump github.com/docker/docker (#1104)
2fdfe52 build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (#1102)
2709c1b build(deps): bump actions/setup-go from 5.2.0 to 5.3.0 (#1103)
Additional commits viewable in compare view

Updates github.com/go-sql-driver/mysql from 1.8.1 to 1.9.2

Release notes

Sourced from github.com/go-sql-driver/mysql's releases.

v1.9.2

What's Changed

v1.9.2 is a re-release of v1.9.1 due to a release process issue; no changes were made to the content.

Full Changelog: go-sql-driver/mysql@v1.9.1...v1.9.2

v1.9.1

What's Changed

add Charset() option by @methane in go-sql-driver/mysql#1679

Fix FormatDSN missing ConnectionAttributes by @bogcon in go-sql-driver/mysql#1619

go.mod: fix go version format by @methane in go-sql-driver/mysql#1682

release v1.9.1 by @methane in go-sql-driver/mysql#1683

New Contributors

@bogcon made their first contribution in go-sql-driver/mysql#1619

Full Changelog: go-sql-driver/mysql@v1.9.0...v1.9.1

v1.9.0

Major Changes

Implement zlib compression. (#1487)

Supported Go version is updated to Go 1.21+. (#1639)

Add support for VECTOR type introduced in MySQL 9.0. (#1609)

Config object can have custom dial function. (#1527)

Bugfixes

Fix auth errors when username/password are too long. (#1625)

Check if MySQL supports CLIENT_CONNECT_ATTRS before sending client attributes. (#1640)

Fix auth switch request handling. (#1666)

Other changes

Add "filename:line" prefix to log in go-mysql. Custom loggers now show it. (#1589)

Improve error handling. It reduces the "busy buffer" errors. (#1595, #1601, #1641)

Use strconv.Atoi to parse max_allowed_packet. (#1661)

rejectReadOnly option now handles ER_READ_ONLY_MODE (1290) error too. (#1660)

Full Changelog: go-sql-driver/mysql@v1.8.1...v1.9.0

New Contributors

@dbussink made their first contribution in go-sql-driver/mysql#1609

@yokonao made their first contribution in go-sql-driver/mysql#1615

@pengbanban made their first contribution in go-sql-driver/mysql#1620

@aaronjheng made their first contribution in go-sql-driver/mysql#1527

@kratkyzobak made their first contribution in go-sql-driver/mysql#1625

@raffertyyu made their first contribution in go-sql-driver/mysql#1640

@minhquang4334 made their first contribution in go-sql-driver/mysql#1647

... (truncated)

Changelog

Sourced from github.com/go-sql-driver/mysql's changelog.

v1.9.2 (2025-04-07)

v1.9.2 is a re-release of v1.9.1 due to a release process issue; no changes were made to the content.

v1.9.1 (2025-03-21)

Major Changes

Add Charset() option. (#1679)

Bugfixes

go.mod: fix go version format (#1682)

Fix FormatDSN missing ConnectionAttributes (#1619)

v1.9.0 (2025-02-18)

Major Changes

Implement zlib compression. (#1487)

Supported Go version is updated to Go 1.21+. (#1639)

Add support for VECTOR type introduced in MySQL 9.0. (#1609)

Config object can have custom dial function. (#1527)

Bugfixes

Fix auth errors when username/password are too long. (#1625)

Check if MySQL supports CLIENT_CONNECT_ATTRS before sending client attributes. (#1640)

Fix auth switch request handling. (#1666)

Other changes

Add "filename:line" prefix to log in go-mysql. Custom loggers now show it. (#1589)

Improve error handling. It reduces the "busy buffer" errors. (#1595, #1601, #1641)

Use strconv.Atoi to parse max_allowed_packet. (#1661)

rejectReadOnly option now handles ER_READ_ONLY_MODE (1290) error too. (#1660)

Commits

21ef4c6 release v1.9.2 (#1693)
1fbafa8 release v1.9.1 (#1683)
b84ac5a go.mod: fix go version format (#1682)
88ff88b Fix FormatDSN missing ConnectionAttributes (#1619)
c879816 add Charset() option (#1679)
58941dd release v1.9.0 (#1662)
5d1bb8a fix flaky test. (#1663)
341a5a5 Fix auth_switch_request packet handling
85c6311 Add error 1290/ER_READ_ONLY_MODE to rejectReadOnly handling (#1660)
255d1ad better max_allowed_packet parsing (#1661)
Additional commits viewable in compare view

Updates github.com/redis/go-redis/v9 from 9.6.1 to 9.8.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

v9.8.0

9.8.0 (2025-04-30)

🚀 Highlights

Redis 8 Support: Full compatibility with Redis 8.0, including testing and CI integration

Enhanced Hash Operations: Added support for new hash commands (HGETDEL, HGETEX, HSETEX) and HSTRLEN command

Search Improvements: Enabled Search DIALECT 2 by default and added CountOnly argument for FT.Search

✨ New Features

Added support for new hash commands: HGETDEL, HGETEX, HSETEX (#3305)

Added HSTRLEN command for hash operations (#2843)

Added Do method for raw query by single connection from pool.Conn() (#3182)

Prevent false-positive marshaling by treating zero time.Time as empty in isEmptyValue (#3273)

Added FailoverClusterClient support for Universal client (#2794)

Added support for cluster mode with IsClusterMode config parameter (#3255)

Added client name support in HELLO RESP handshake (#3294)

Enabled Search DIALECT 2 by default (#3213)

Added read-only option for failover configurations (#3281)

Added CountOnly argument for FT.Search to use LIMIT 0 0 (#3338)

Added DB option support in NewFailoverClusterClient (#3342)

Added nil check for the options when creating a client (#3363)

🐛 Bug Fixes

Fixed PubSub concurrency safety issues (#3360)

Fixed panic caused when argument is nil (#3353)

Improved error handling when fetching master node from sentinels (#3349)

Fixed connection pool timeout issues and increased retries (#3298)

Fixed context cancellation error leading to connection spikes on Primary instances (#3190)

Fixed RedisCluster client to consider MASTERDOWN a retriable error (#3164)

Fixed tracing to show complete commands instead of truncated versions (#3290)

Fixed OpenTelemetry instrumentation to prevent multiple span reporting (#3168)

Fixed FT.Search Limit argument and added CountOnly argument for limit 0 0 (#3338)

Fixed missing command in interface (#3344)

Fixed slot calculation for COUNTKEYSINSLOT command (#3327)

Updated PubSub implementation with correct context (#3329)

📚 Documentation

Added hash search examples (#3357)

Fixed documentation comments (#3351)

Added CountOnly search example (#3345)

Added examples for list commands: LLEN, LPOP, LPUSH, LRANGE, RPOP, RPUSH (#3234)

Added SADD and SMEMBERS command examples (#3242)

Updated README.md to use Redis Discord guild (#3331)

Updated HExpire command documentation (#3355)

Featured OpenTelemetry instrumentation more prominently (#3316)

Updated README.md with additional information (#310ce55)

⚡ Performance and Reliability

Bound connection pool background dials to configured dial timeout (#3089)

Ensured context isn't exhausted via concurrent query (#3334)

... (truncated)

Commits

fba6dec Merge branch 'master' into v9.8
46ede21 chore(release): Update version to v9.8.0
2299211 feat(options): panic when options are nil (#3363)
8f58235 chore(ci): Use redis 8 rc2 image. (#3361)
09dc351 migrate golangci-lint config to v2 format (#3354)
cb2cfb0 fix: PubSub isn't concurrency-safe (#3360)
46d4b20 feat: func isEmptyValue support time.Time (#3273)
f9b0e70 update HExpire command documentation (#3355)
b28606c Update README.md, use redis discord guild (#3331)
adb4798 fix: Fix panic caused when arg is nil (#3353)
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.10.0

What's Changed

Functional Changes

Add PanicAssertionFunc by @fahimbagar in stretchr/testify#1337

assert: deprecate CompareType by @dolmen in stretchr/testify#1566

assert: make YAML dependency pluggable via build tags by @dolmen in stretchr/testify#1579

assert: new assertion NotElementsMatch by @hendrywiranto in stretchr/testify#1600

mock: in order mock calls by @ReyOrtiz in stretchr/testify#1637

Add assertion for NotErrorAs by @palsivertsen in stretchr/testify#1129

Record Return Arguments of a Call by @jayd3e in stretchr/testify#1636

assert.EqualExportedValues: accepts everything by @redachl in stretchr/testify#1586

Fixes

assert: make tHelper a type alias by @dolmen in stretchr/testify#1562

Do not get argument again unnecessarily in Arguments.Error() by @TomWright in stretchr/testify#820

Fix time.Time compare by @myxo in stretchr/testify#1582

assert.Regexp: handle []byte array properly by @kevinburkesegment in stretchr/testify#1587

assert: collect.FailNow() should not panic by @marshall-lee in stretchr/testify#1481

mock: simplify implementation of FunctionalOptions by @dolmen in stretchr/testify#1571

mock: caller information for unexpected method call by @spirin in stretchr/testify#1644

suite: fix test failures by @stevenh in stretchr/testify#1421

Fix issue #1662 (comparing infs should fail) by @ybrustin in stretchr/testify#1663

NotSame should fail if args are not pointers #1661 by @sikehish in stretchr/testify#1664

Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI by @sikehish in stretchr/testify#1667

fix: compare functional option names for indirect calls by @arjun-1 in stretchr/testify#1626

Documentation, Build & CI

.gitignore: ignore "go test -c" binaries by @dolmen in stretchr/testify#1565

mock: improve doc by @dolmen in stretchr/testify#1570

mock: fix FunctionalOptions docs by @snirye in stretchr/testify#1433

README: link out to the excellent testifylint by @brackendawson in stretchr/testify#1568

assert: fix typo in comment by @JohnEndson in stretchr/testify#1580

Correct the EventuallyWithT and EventuallyWithTf example by @JonCrowther in stretchr/testify#1588

CI: bump softprops/action-gh-release from 1 to 2 by @dependabot in stretchr/testify#1575

mock: document more alternatives to deprecated AnythingOfTypeArgument by @dolmen in stretchr/testify#1569

assert: Correctly document EqualValues behavior by @brackendawson in stretchr/testify#1593

fix: grammar in godoc by @miparnisari in stretchr/testify#1607

.github/workflows: Run tests for Go 1.22 by @HaraldNordgren in stretchr/testify#1629

Document suite's lack of support for t.Parallel by @brackendawson in stretchr/testify#1645

assert: fix typos in comments by @alexandear in stretchr/testify#1650

mock: fix doc comment for NotBefore by @alexandear in stretchr/testify#1651

Generate better comments for require package by @Neokil in stretchr/testify#1610

README: replace Testify V2 notice with @dolmen's V2 manifesto by @hendrywiranto in stretchr/testify#1518

New Contributors

@fahimbagar made their first contribution in stretchr/testify#1337

@TomWright made their first contribution in stretchr/testify#820

@snirye made their first contribution in stretchr/testify#1433

@myxo made their first contribution in stretchr/testify#1582

@JohnEndson made their first contribution in stretchr/testify#1580

... (truncated)

Commits

89cbdd9 Merge pull request #1626 from arjun-1/fix-functional-options-diff-indirect-calls
07bac60 Merge pull request #1667 from sikehish/flaky
716de8d Increase timeouts in Test_Mock_Called_blocks to reduce flakiness in CI
118fb83 NotSame should fail if args are not pointers #1661 (#1664)
7d99b2b attempt 2
05f87c0 more similar
ea7129e better fmt
a1b9c9e Merge pull request #1663 from ybrustin/master
8302de9 Merge branch 'master' into master
89352f7 Merge pull request #1518 from hendrywiranto/adjust-readme-remove-v2
Additional commits viewable in compare view

Updates go.etcd.io/etcd/client/v2 from 2.305.15 to 2.305.21

Commits

a17edfd version: bump up to 3.5.21
2c77e22 Merge pull request #19686 from ivanvc/release-3.5-golang.org-x-net-to-v0.37.0
14b8ce4 dependency: bump golang.org/x/net from v0.36.0 to v0.38.0
163ff00 Merge pull request #19646 from ivanvc/release-3.5-bump-github.com-golang-jwt-...
6439620 dependency: bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2
ac31c34 version: bump up to 3.5.20
c518f6f Merge pull request #19629 from ahrtr/learner_test_20250319
0a51fc2 Add e2e test to verify etcd is able to automatically fix the issue
3c65dfa Merge pull request #19602 from ahrtr/3.5_add_learner_test_20250314
341af03 Fix the issue that learner promotion command doesn't support json output
Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.2.5 to 0.4.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.4.1

This release fixes a regression introduced in one of the hardening features added to filepath-securejoin 0.4.0.

The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths. (#46)

Signed-off-by: Aleksa Sarai [email protected]

v0.4.0

This release primarily includes a few minor breaking changes to make the MkdirAll and SecureJoin interfaces more robust against accidental misuse.

SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.4.1] - 2025-01-28

Fixed

The restrictions added for root paths passed to SecureJoin in 0.4.0 was found to be too strict and caused some regressions when folks tried to update, so this restriction has been relaxed to only return an error if the path contains a .. component. We still recommend users use filepath.Clean (and even filepath.EvalSymlinks) on the root path they are using, but at least you will no longer be punished for "trivial" unclean paths.

[0.4.0] - 2025-01-13

Breaking

SecureJoin(VFS) will now return an error if the provided root is not a filepath.Clean'd path.

While it is ultimately the responsibility of the caller to ensure the root is a safe path to use, passing a path like /symlink/.. as a root would result in the SecureJoin'd path being placed in / even though /symlink/.. might be a different directory, and so we should more strongly discourage such usage.

All major users of securejoin.SecureJoin already ensure that the paths they provide are safe (and this is ultimately a question of user error), but removing this foot-gun is probably a good idea. Of course, this is necessarily a breaking API change (though we expect no real users to be affected by it).

Thanks to Erik Sjölund, who initially reported this issue as a possible security issue.

MkdirAll and MkdirHandle now take an os.FileMode-style mode argument instead of a raw unix.S_*-style mode argument, which may cause compile-time type errors depending on how you use filepath-securejoin. For most users, there will be no change in behaviour aside from the type change (as the bottom 0o777 bits are the same in both formats, and most users are probably only using those bits).

However, if you were using unix.S_ISVTX to set the sticky bit with MkdirAll(Handle) you will need to switch to os.ModeSticky otherwise you will get a runtime error with this update. In addition, the error message you will get from passing unix.S_ISUID and unix.S_ISGID will be different as they are treated as invalid bits now (note that previously passing said bits was also an error).

[0.3.6] - 2024-12-17

Compatibility

The minimum Go version requirement for filepath-securejoin is now Go 1.18 (we use generics internally).

... (truncated)

Commits

7abd870 VERSION: release v0.4.1
509a359 merge #47 into cyphar/filepath-securejoin:main
fbaef26 join: loosen cleanliness requirements for SecureJoin root
54460df merge #45 into cyphar/filepath-securejoin:main
14e6cfe VERSION: back to development
9a17e6b VERSION: release v0.4.0
e410d4a merge #44 into cyphar/filepath-securejoin:main
ea4e5b6 gha: add GOARCH=386 build check
0c2fbe6 mkdirall: switch to os.FileMode argument
f3a512c merge #43 into cyphar/filepath-securejoin:main
Additional commits viewable in compare view

Updates github.com/moby/sys/user from 0.2.0 to 0.4.0

Release notes

Sourced from github.com/moby/sys/user's releases.

mountinfo v0.4.0

Breaking changes:

PidMountInfo is now deprecated and will be removed before v1.0; users should switch to GetMountsFromReader (#47)

Fixes and improvements:

run filter after all fields are parsed (#50)

correct handling errors from bufio.Scan

documentation formatting fixes (#48)

Thanks to:

Aleksa Sarai

capability v0.4.0

Added

New separate API for ambient (GetAmbient, [SetAmbient], [ResetAmbient]) and bound (GetBound, DropBound) capabilities, modelled after libcap. (#176)

Fixed

Apply now returns an error if called for non-zero pid. Before this change, it could silently change some capabilities of the current process, instead of the one identified by the pid. (#168, #174)

Fixed tests that change capabilities to be run in a separate process. (#173)

Other improvements in tests. (#169, #170)

Changed

Use raw syscalls (which are slightly faster). (#176)

Most tests are now limited to testing the public API of the package. (#162)

Simplify parsing /proc/pid/status, add a test case. (#162)

Optimize the number of syscall to set ambient capabilities in Apply by clearing them first; add a test case. (#163, #164)

Better documentation for Apply, [NewFile], [NewFile2], [NewPid], [NewPid2]. (#175)

Removed

.golangci.yml and .codespellrc are no longer part of the package. (#158)

For the complete list of changes, see https://github.com/moby/sys/blob/HEAD/capability/CHANGELOG.md.

Thanks to all of the contributors who made this release possible:

Kir Kolyshkin (@kolyshkin)

lifubang (@lifubang)

Sebastiaan van Stijn (@thaJeztah)

Tianon Gravi (@tianon)

... (truncated)

Commits

71f0c5e Merge pull request #182 from dmcgowan/merge-idtools
db55716 Update interface to fit into user package
8e08d6b Merge idtools from github.com/moby/moby/pkg/idtools
7e518ec Merge pull request #49087 from dmcgowan/split-idtools-internal
6134528 Split internal idtools functionality
9ecbe7b pkg/idtools: rewrite to use moby/sys/user
5805d70 pkg/idtools: use lazyregexp to compile regexes on first use
fdf2879 Merge pull request #49162 from thaJeztah/pkg_system_volume_uuid
3d38759 pkg/idtools: remove uses of deprecated system.MkdirAll
ca0444f Merge pull request #180 from thaJeztah/add_codecov
Additional commits viewable in compare view

Updates gotest.tools/v3 from 3.5.1 to 3.5.2

Release notes

Sourced from gotest.tools/v3's releases.

v3.5.2

What's Changed

assert: ensure message is always displayed & fix under bazel by @cstrahan in gotestyourself/gotest.tools#276

go.mod: golang.org/x/tools v0.13.0 for go1.22+ compatibility by @thaJeztah in gotestyourself/gotest.tools#282

poll: Continue(): use format.Message for formatting by @thaJeztah in gotestyourself/gotest.tools#279

fix TestFromDirSymlink on Windows due to missing drive-letter by @thaJeztah in gotestyourself/gotest.tools#283

Fix various linting issues and minor bugs by @thaJeztah in gotestyourself/gotest.tools#280

fix badges in readme, gofmt, and minor linting fix by @thaJeztah in gotestyourself/gotest.tools#284

circleci: add go1.21, go1.22, go1.23, and update golangci-lint to v1.60.3 by @thaJeztah in gotestyourself/gotest.tools#285

assert, assert/cmp: un-deprecate assert.ErrorType for now by @thaJeztah in gotestyourself/gotest.tools#286

New Contributors

@cstrahan made their first contribution in gotestyourself/gotest.tools#276

Full Changelog: gotestyourself/gotest.tools@v3.5.1...v3.5.2

Commits

0b81523 Merge pull request #286 from thaJeztah/undeprecate_ErrorType
c5dad8f Merge pull request #285 from thaJeztah/update_go_versions
160ab0e Remove go1.18 and go1.19
8569bbc Merge pull request #284 from thaJeztah/cleanup_readme
4256834 assert, assert/cmp: un-deprecate assert.ErrorType for now
eb32186 circleci: update golangci-lint to v1.60.3
5fc8473 circleci: add go1.21, go1.22, go1.23
6f26df9 circleci: test generics on go1.20 and windows as well
732dfcf internal/difflib: rename funcs that collided with built-ins
7d95f55 internal/difflib: gofmt
Additional commits viewable in compare view

Updates github.com/docker/docker from 27.1.1+incompatible to 27.5.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.1

27.5.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 27.5.1 milestone

moby/moby, 27.5.1 milestone

Bug fixes and enhancements

Fixed an issue that could persistently prevent daemon startup after failure to initialize the default bridge. moby/moby#49307

Add a DOCKER_IGNORE_BR_NETFILTER_ERROR environment variable. Setting it to 1 allows running on hosts that cannot load br_netfilter. Some things won't work, including disabling inter-container communication in a bridge network. With the userland proxy disabled, it won't be possible to access one container's published ports from another container on the same network. moby/moby#49306

Packaging updates

Update Go runtime to 1.22.11 (fix CVE-2024-45341, CVE-2024-45336). moby/moby#49312, docker/docker-ce-packaging#1147, docker/cli#5762

Update RootlessKit to v2.3.2 to support passt >= 2024_10_30.ee7d0b6. moby/moby#49304

Update Buildx to v0.20.0. docker/docker-ce-packaging#1149

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 27.5.0 milestone

moby/moby, 27.5.0 milestone

Bugfixes and enhancements

containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194

Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137

Preserve network labels during daemon startup. moby/moby#49200

Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247

pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209

pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255

pkg/reexec: This package is deprecated and moved to...
Description has been truncated

Bumps the dependencies group with 17 updates: | Package | From | To | | --- | --- | --- | | [github.com/Scalingo/go-utils/logger](https://github.com/Scalingo/go-utils) | `1.2.0` | `1.5.0` | | [github.com/fsouza/go-dockerclient](https://github.com/fsouza/go-dockerclient) | `1.11.2` | `1.12.1` | | [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) | `1.8.1` | `1.9.2` | | [github.com/redis/go-redis/v9](https://github.com/redis/go-redis) | `9.6.1` | `9.8.0` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.9.0` | `1.10.0` | | [go.etcd.io/etcd/client/v2](https://github.com/etcd-io/etcd) | `2.305.15` | `2.305.21` | | [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) | `0.2.5` | `0.4.1` | | [github.com/moby/sys/user](https://github.com/moby/sys) | `0.2.0` | `0.4.0` | | [gotest.tools/v3](https://github.com/gotestyourself/gotest.tools) | `3.5.1` | `3.5.2` | | [github.com/docker/docker](https://github.com/docker/docker) | `27.1.1+incompatible` | `27.5.1+incompatible` | | [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.17.9` | `1.18.0` | | [github.com/moby/term](https://github.com/moby/term) | `0.5.0` | `0.5.2` | | [github.com/ncw/swift/v2](https://github.com/ncw/swift) | `2.0.2` | `2.0.3` | | [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) | `1.1.0` | `1.1.1` | | [go.etcd.io/etcd/api/v3](https://github.com/etcd-io/etcd) | `3.5.15` | `3.5.21` | | [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) | `3.5.15` | `3.5.21` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.22.0` | `0.31.0` | Updates `github.com/Scalingo/go-utils/logger` from 1.2.0 to 1.5.0 - [Release notes](https://github.com/Scalingo/go-utils/releases) - [Changelog](https://github.com/Scalingo/go-utils/blob/master/CHANGELOG_LEGACY.md) - [Commits](Scalingo/go-utils@mongo/v1.2.0...logger/v1.5.0) Updates `github.com/fsouza/go-dockerclient` from 1.11.2 to 1.12.1 - [Release notes](https://github.com/fsouza/go-dockerclient/releases) - [Changelog](https://github.com/fsouza/go-dockerclient/blob/main/container_changes_test.go) - [Commits](fsouza/go-dockerclient@v1.11.2...v1.12.1) Updates `github.com/go-sql-driver/mysql` from 1.8.1 to 1.9.2 - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.8.1...v1.9.2) Updates `github.com/redis/go-redis/v9` from 9.6.1 to 9.8.0 - [Release notes](https://github.com/redis/go-redis/releases) - [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md) - [Commits](redis/go-redis@v9.6.1...v9.8.0) Updates `github.com/stretchr/testify` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) Updates `go.etcd.io/etcd/client/v2` from 2.305.15 to 2.305.21 - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@client/v2.305.15...client/v2.305.21) Updates `github.com/cyphar/filepath-securejoin` from 0.2.5 to 0.4.1 - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](cyphar/filepath-securejoin@v0.2.5...v0.4.1) Updates `github.com/moby/sys/user` from 0.2.0 to 0.4.0 - [Release notes](https://github.com/moby/sys/releases) - [Commits](moby/sys@user/v0.2.0...user/v0.4.0) Updates `gotest.tools/v3` from 3.5.1 to 3.5.2 - [Release notes](https://github.com/gotestyourself/gotest.tools/releases) - [Commits](gotestyourself/gotest.tools@v3.5.1...v3.5.2) Updates `github.com/docker/docker` from 27.1.1+incompatible to 27.5.1+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v27.1.1...v27.5.1) Updates `github.com/klauspost/compress` from 1.17.9 to 1.18.0 - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](klauspost/compress@v1.17.9...v1.18.0) Updates `github.com/moby/term` from 0.5.0 to 0.5.2 - [Commits](moby/term@v0.5.0...v0.5.2) Updates `github.com/ncw/swift/v2` from 2.0.2 to 2.0.3 - [Release notes](https://github.com/ncw/swift/releases) - [Changelog](https://github.com/ncw/swift/blob/master/RELEASE.md) - [Commits](ncw/swift@v2.0.2...v2.0.3) Updates `github.com/opencontainers/image-spec` from 1.1.0 to 1.1.1 - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](opencontainers/image-spec@v1.1.0...v1.1.1) Updates `go.etcd.io/etcd/api/v3` from 3.5.15 to 3.5.21 - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.15...v3.5.21) Updates `go.etcd.io/etcd/client/pkg/v3` from 3.5.15 to 3.5.21 - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](etcd-io/etcd@v3.5.15...v3.5.21) Updates `golang.org/x/sys` from 0.22.0 to 0.31.0 - [Commits](golang/sys@v0.22.0...v0.31.0) --- updated-dependencies: - dependency-name: github.com/Scalingo/go-utils/logger dependency-version: 1.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/fsouza/go-dockerclient dependency-version: 1.12.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/go-sql-driver/mysql dependency-version: 1.9.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/redis/go-redis/v9 dependency-version: 9.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/stretchr/testify dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: go.etcd.io/etcd/client/v2 dependency-version: 2.305.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/cyphar/filepath-securejoin dependency-version: 0.4.1 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/moby/sys/user dependency-version: 0.4.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: gotest.tools/v3 dependency-version: 3.5.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/docker/docker dependency-version: 27.5.1+incompatible dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/klauspost/compress dependency-version: 1.18.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/moby/term dependency-version: 0.5.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/ncw/swift/v2 dependency-version: 2.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/opencontainers/image-spec dependency-version: 1.1.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: go.etcd.io/etcd/api/v3 dependency-version: 3.5.21 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-version: 3.5.21 dependency-type: indirect update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: golang.org/x/sys dependency-version: 0.31.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-05-14T11:07:34Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot requested a review from john-scalingo May 1, 2025 04:52

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 1, 2025

github-actions bot enabled auto-merge May 1, 2025 04:53

github-actions bot previously approved these changes May 1, 2025

View reviewed changes

dependabot bot dismissed github-actions[bot]’s stale review via 8173105 May 14, 2025 11:04

dependabot bot force-pushed the dependabot/go_modules/dependencies-cd0acafff1 branch from 0dccfe4 to 8173105 Compare May 14, 2025 11:04

github-actions bot approved these changes May 14, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/go_modules/dependencies-cd0acafff1 branch from 8173105 to 4675544 Compare May 14, 2025 11:06

dependabot bot closed this May 14, 2025

auto-merge was automatically disabled May 14, 2025 11:07
Pull request was closed

dependabot bot deleted the dependabot/go_modules/dependencies-cd0acafff1 branch May 14, 2025 11:07

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the dependencies group with 17 updates #186

chore(deps): bump the dependencies group with 17 updates #186

Uh oh!

dependabot bot commented on behalf of github May 1, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github May 14, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the dependencies group with 17 updates #186

chore(deps): bump the dependencies group with 17 updates #186

Uh oh!

Conversation

dependabot bot commented on behalf of github May 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Version compatible with Docker 1.9 and Go 1.4

v1.9.2

What's Changed

v1.9.1

What's Changed

New Contributors

v1.9.0

Major Changes

Bugfixes

Other changes

New Contributors

v1.9.2 (2025-04-07)

v1.9.1 (2025-03-21)

Major Changes

Bugfixes

v1.9.0 (2025-02-18)

Major Changes

Bugfixes

Other changes

v9.8.0

9.8.0 (2025-04-30)

🚀 Highlights

✨ New Features

🐛 Bug Fixes

📚 Documentation

⚡ Performance and Reliability

v1.10.0

What's Changed

Functional Changes

Fixes

Documentation, Build & CI

New Contributors

v0.4.1

v0.4.0

[0.4.1] - 2025-01-28

Fixed

[0.4.0] - 2025-01-13

Breaking

[0.3.6] - 2024-12-17

Compatibility

mountinfo v0.4.0

capability v0.4.0

Added

Fixed

Changed

Removed

v3.5.2

What's Changed

New Contributors

v27.5.1

27.5.1

Bug fixes and enhancements

Packaging updates

v27.5.0

27.5.0

Bugfixes and enhancements

Go SDK

Uh oh!

dependabot bot commented on behalf of github May 14, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github May 1, 2025 •

edited

Loading