Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[pull] master from docker-slim:master #211

Open
wants to merge 310 commits into
base: master
Choose a base branch
from
Open

[pull] master from docker-slim:master #211

wants to merge 310 commits into from

Conversation

pull[bot]
Copy link

@pull pull bot commented Jun 9, 2022
edited
Loading

See Commits and Changes for more details.

Created by pull[bot]

Can you help keep this open source service alive? 💖 Please sponsor : )

@pull pull bot added the ⤵️ pull label Jun 9, 2022
iximiuz and others added 29 commits December 23, 2022 10:33
@iximiuz
fix: Sensor misses error check when walking container's fs (#441)
5afc9c4 
fstat() can fail for some of the entries making the file enumeration
panic. This PR should make sensor warn instead.
@kcq
xray - base image info
50a1ef4
@kcq
xray reverse dockerfile enhancements and buildkit instruction support
9783409
@kcq
name updates
4ab562b
@kcq
Update README.md
525b330
@iximiuz
DockerSlim -> Slim name change in the How diagram (#452)
2817f64
@kcq
release 1.40.0 info
a4bb798
@iximiuz
fix: bats tests broken due to recent project renaming (#456)
d9060dd
@BMDan
docs: Specify arg format in HTTPProbeCmd's help (#458)
a652188
@kcq
cleanup
502a2e3
@BMDan
chore: remove exec bit on src files (#457)
3d7c377
@notemptylist
Change the call to slim --version in install-slim.sh (#462)
82cc817 
Signed-off-by: Yuriy Kovalchuk <yk@koduro.com>
@dependabot
Bump test/bats from ca5a2dc to 5a47c79 (#455)
e6852c8 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `ca5a2dc` to `5a47c79`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@ca5a2dc...5a47c79)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/test_helper/bats-assert from 78fa631 to db015db (#446)
8a438be 
Bumps [test/test_helper/bats-assert](https://github.com/bats-core/bats-assert) from `78fa631` to `db015db`.
- [Release notes](https://github.com/bats-core/bats-assert/releases)
- [Commits](bats-core/bats-assert@78fa631...db015db)

---
updated-dependencies:
- dependency-name: test/test_helper/bats-assert
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@iximiuz
sensor: Too fast lifecycle hook handlers cause false positive error c…
364c60b 
…onditions (#463)

exec.Command().Run() and its derivatives are prone to a race condition
between the underlying cmd.Start() + cmd.Wait() calls and the actual
child process execution. Too fast commands can cause the Wait() call
being called when the child process is already gone. This makes the
Run() method to return an error. This PR makes sensor ignore such
errors.
@dependabot
Bump test/bats from 5a47c79 to fe7df4f (#465)
dd25efe 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `5a47c79` to `fe7df4f`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@5a47c79...fe7df4f)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@cthach
Pin Actions workflow versions for deterministic execution. Configure …
da8868a 
…Dependabot to keep workflows up to date. (#464)

* Pin all GitHub Actions workflow versions for deterministic workflow execution

Signed-off-by: Chris Thach <12981621+cthach@users.noreply.github.com>

* Use Dependabot to keep GitHub Action workflows up to date

Signed-off-by: Chris Thach <12981621+cthach@users.noreply.github.com>

---------

Signed-off-by: Chris Thach <12981621+cthach@users.noreply.github.com>
@kcq
Install the CodeSee workflow. Learn more at https://docs.codesee.io (#…
bb84664 
…440)

Co-authored-by: codesee-maps[bot] <86324825+codesee-maps[bot]@users.noreply.github.com>
Co-authored-by: Kyle Quest <kcq.public@gmail.com>
@disconnect3d
sysenv_linux.go: fix SeccompMode always using /proc/self/ instead of …
3ce560f 
…$pid (#474)

This commit fixes a bug in SeccompMode where the `pid` argument was unused while it should have been passed further to the function that creates the `/proc/$pid/status` path (and when `pid=0` was provided, it returned `/proc/self/status`).
@kcq
cleanup
aee5203
@kcq
Merge branch 'master' of github.com:docker-slim/docker-slim
d3f5243
@darklight147
fixed: unknown --directory flag causing script to fail (#478)
2ce7cc1 
Co-authored-by: Mohamed Belkamel <quasimodo@Mohameds-MacBook-Pro.local>
@kcq
artifact processing cleanup
6eb2690
@kcq
logging cleanup
d493657
@iximiuz
Fix debug statement (#496)
0dcf57b 
Nothing wrong with it, but It makes unit tests fail.
@iximiuz
Fix sensor e2e tests
78c33fb 
Assertion adjustments to reflect recent log format changes.
@iximiuz
Merge pull request #497 from slimtoolkit/iximiuz-patch-2
98ea486 
Fix sensor e2e tests
@iximiuz
Adjust test assertions - second try
9142cdb
@iximiuz
Merge pull request #499 from slimtoolkit/iximiuz-patch-4
29f0f31 
Adjust test assertions - second try
dependabot bot and others added 30 commits February 13, 2024 00:10
@dependabot
Bump github.com/containerd/containerd from 1.7.9 to 1.7.11 (#626)
c368116 
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.9 to 1.7.11.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.9...v1.7.11)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github.com/opencontainers/runc from 1.1.10 to 1.1.12 (#636)
731f4d8 
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.10 to 1.1.12.
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md)
- [Commits](opencontainers/runc@v1.1.10...v1.1.12)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@kcq
Update README.md
f8a01bf 
cleanup
@kcq
Update README.md
8ac478e 
cleanup (codesee is depricated / shutdown)
@kcq
Update README.md
0d9446b 
cleanup
@kcq
Update README.md
eeaece4 
link updates
@dependabot
Bump actions/download-artifact from 4.1.2 to 4.1.4 (#650)
1ac2bac 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4.1.2...v4.1.4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/bats from de96df0 to 12c23ed (#661)
51319a2 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `de96df0` to `12c23ed`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@de96df0...12c23ed)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@pullmerge
Fix function name in comment (#664)
a341056 
Signed-off-by: pullmerge <watchmessi@outlook.com>
@dependabot
Bump actions/upload-artifact from 4.3.1 to 4.3.3 (#670)
78e4fa2 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.3.1...v4.3.3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/bats from 12c23ed to a751f3d (#673)
d95be59 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `12c23ed` to `a751f3d`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@12c23ed...a751f3d)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#657)
04aa514 
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github.com/docker/docker (#659)
1035008 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v24.0.7...v24.0.9)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump golang.org/x/net from 0.18.0 to 0.23.0 (#667)
43b2e80 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.18.0 to 0.23.0.
- [Commits](golang/net@v0.18.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/download-artifact from 4.1.4 to 4.1.7 (#675)
21e7fdd 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.4 to 4.1.7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4.1.4...v4.1.7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/setup-go from 5.0.0 to 5.0.1 (#677)
f672275 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v5.0.0...v5.0.1)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/checkout from 4.1.1 to 4.1.6 (#681)
7415be0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.1...v4.1.6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/bats from a751f3d to 5642f5b (#690)
4788e27 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `a751f3d` to `5642f5b`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@a751f3d...5642f5b)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/bats from 5642f5b to 190c7c9 (#691)
3c49d64 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `5642f5b` to `190c7c9`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@5642f5b...190c7c9)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/checkout from 4.1.6 to 4.1.7 (#692)
6f11da5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#697)
a63baf0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.3.3...v4.3.4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/download-artifact from 4.1.7 to 4.1.8 (#698)
27cc8f2 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4.1.7...v4.1.8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/setup-go from 5.0.1 to 5.0.2 (#699)
81fa44f 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v5.0.1...v5.0.2)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump github.com/docker/docker (#702)
a6764b6 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.9+incompatible to 25.0.6+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v24.0.9...v25.0.6)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#703)
366ac2b 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.3.4...v4.3.5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#706)
ff237d9 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.3.5...v4.3.6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#712)
4c3fac9 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.3.6...v4.4.0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump test/bats from 190c7c9 to 89a7fae (#714)
7a94be8 
Bumps [test/bats](https://github.com/bats-core/bats-core) from `190c7c9` to `89a7fae`.
- [Release notes](https://github.com/bats-core/bats-core/releases)
- [Commits](bats-core/bats-core@190c7c9...89a7fae)

---
updated-dependencies:
- dependency-name: test/bats
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/checkout from 4.1.7 to 4.2.0 (#717)
4b98f24 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.1.7...v4.2.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
Bump actions/upload-artifact from 4.4.0 to 4.4.3 (#723)
862fb52 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.4.0...v4.4.3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
⤵️ pull
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.