Bump the minor-dependencies group with 5 updates

[dependabot]

Bumps the minor-dependencies group with 5 updates:

Package	From	To
github.com/Microsoft/hcsshim	0.12.1	0.12.3
github.com/containernetworking/cni	1.1.2	1.2.0
golang.org/x/sync	0.6.0	0.7.0
golang.org/x/sys	0.18.0	0.19.0
google.golang.org/grpc	1.62.1	1.63.2

Updates github.com/Microsoft/hcsshim from 0.12.1 to 0.12.3

Release notes

Sourced from github.com/Microsoft/hcsshim's releases.

v0.12.3

What's Changed

• [release/0.12] Update go-winio to v0.6.2 by @​kiashok in microsoft/hcsshim#2114

Full Changelog: microsoft/hcsshim@v0.12.2...v0.12.3

v0.12.2

No release notes provided.

Commits

• c950974 Update go-winio to v0.6.2 & fix lint errors
• See full diff in compare view

Updates github.com/containernetworking/cni from 1.1.2 to 1.2.0

Release notes

Sourced from github.com/containernetworking/cni's releases.

v1.2.0

This is libcni v1.2.0, which releases the new CNI spec version v1.1.0.

Major changes:

GC verb

The GC verb allows runtimes to specify the set of known-good attachments, allowing plugins to clean up stale and leaked resources such as IPAM reservations. Libcni will also synthesize a CNI DEL for any stale cached attachments, so all users will have a form of GC, even if their plugins do not support CNI v1.1

STATUS verb

The STATUS verb allows a plugin to report its readiness to accept ADD requests. Runtimes such as containerd and cri-o will no longer have to rely merely on the presence of a CNI configuration file to determine network readiness.

Version negotiation

CNI configurations may now contain multiple versions, so that an administrator can opportunistically update the protocol version without breaking older runtimes:

{
  "cniVersion": "1.0.0",
  "cniVersions": ["1.0.0", "1.1.0"]
}

New fields

A number of new fields have been added to the result type:

• (#1060). Add MTU to CNI result
• (#1068). Add Scope property for routes Fixes: #598
• (#1069). Add SocketPath/PciID to Interface struct This is to resolve: #1050
• (#1062). Add table ID property for routes Fixes #1061
• (#1041). Add route attributes - MTU, AdvMSS, Priority

Other improvements

• (#911). libcni: add specific type for CHECK not supported
• (#1072). tolerate invalid cni caches for deletion
• (#1054). Add Version() to CNI interface

Commits

• df52e94 Merge pull request #1082 from squeed/v1.2-release
• 047255e spec: remove "-dev" tag
• 0137b32 Merge pull request #1054 from MikeZappa87/feature/addversiontocni
• dd65e2d add version to cni interface
• bbae220 Merge pull request #1080 from s1061123/cnitool-1.1.0-support
• 0036b62 cnitool CNI 1.1.0 support
• 83287db Merge pull request #1078 from henry118/multierror
• a67dabb use errors package in golang v20 to join multiple errors
• 951d8d0 Merge pull request #1077 from containernetworking/dependabot/go_modules/golan...
• f846cb7 build(deps): bump the golang group with 2 updates
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.6.0 to 0.7.0

Commits

• 14be23e semaphore: cancel acquisition with a done context
• See full diff in compare view

Updates golang.org/x/sys from 0.18.0 to 0.19.0

Commits

• cabba82 windows: use uint32 for serial comm flags for consistency
• 1a50d97 windows: add serial comm functions
• 95f07ec x/sys/windows: add func windows.DisconnectNamedPipe(handle Handle) (err error)
• 4be02d3 unix: expose mmap calls on z/OS
• See full diff in compare view

Updates google.golang.org/grpc from 1.62.1 to 1.63.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.63.2

Bugs

• Fix the user agent string

Release 1.63.1

Bugs

• grpc: fixed subchannel log messages to properly reference the parent channel (#7101)
  • Special thanks: @​daniel-weisse

API Changes

• grpc: remove Deprecated tag from Dial and DialContext; these will be deprecated in v1.64 instead (#7103)

Release 1.63.0

Behavior Changes

• grpc: Return canonical target string from resolver.Address.String() (experimental) (#6923)
• client & server: when using write buffer pooling, use input value for buffer size instead of size*2 (#6983)
  • Special Thanks: @​raghav-stripe

New Features

• grpc: add ClientConn.CanonicalTarget() to return the canonical target string. (#7006)
• xds: implement LRS named metrics support (gRFC A64) (#7027)
  • Special Thanks: @​danielzhaotongliu
• grpc: introduce grpc.NewClient to allow users to create new clients in idle mode and with "dns" as the default resolver (#7010)
  • Special Thanks: @​bruuuuuuuce

API Changes

• grpc: stabilize experimental method ClientConn.Target() (#7006)

Bug Fixes

• xds: fix an issue that would cause the client to send an empty list of resources for LDS/CDS upon reconnecting with the management server (#7026)
• server: Fix some errors returned by a server when using a grpc.Server as an http.Handler with the Go stdlib HTTP server (#6989)
• resolver/dns: add SetResolvingTimeout to allow configuring the DNS resolver's global timeout (#6917)
  • Special Thanks: @​and1truong
• Set the security level of Windows named pipes to NoSecurity (#6956)
  • Special Thanks: @​irsl

Release 1.62.2

Dependencies

• Update http2 library to address vulnerability CVE-2023-45288

Commits

• d32e66c Change version to 1.63.2 (#7104)
• 92f6dd0 channelz: pass parent pointer instead of parent ID to RegisterSubChannel (#7101)
• 0f6ef0f grpc: un-deprecate Dial and DialContext
• 58dc749 Change version to 1.63.1-dev (#7051)
• c68f456 Change version to 1.63.0 (#7050)
• 6369167 *: update http2 dependency (#7082)
• 8854761 cherry-pick: channelz: fix race accessing channelMap without lock (#7079) (#7...
• e62770d channelz: add LocalAddr to listen sockets and test (#7062) (#7063)
• 4ffccf1 googlec2p: use xdstp style template for client LDS resource name (#7048)
• faf9964 gracefulswitch: add ParseConfig and make UpdateClientConnState call SwitchTo ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #360.