Bump github.com/buildpacks/lifecycle from 0.20.5 to 0.20.8

[dependabot]

Bumps github.com/buildpacks/lifecycle from 0.20.5 to 0.20.8.

Release notes

Sourced from github.com/buildpacks/lifecycle's releases.

lifecycle v0.20.8

Welcome to v0.20.8, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

An OCI image containing the lifecycle binaries is available at buildpacksio/lifecycle:0.20.8.

Features

• Updates go to version 1.24.2

Chores

• Update vulnerable dependencies by @​pbusko in buildpacks/lifecycle#1494
• Remove build unix constraint to exec_d.go and restore archive tar windows file by @​jjbustamante in buildpacks/lifecycle#1493

Full Changelog: buildpacks/lifecycle@v0.20.7...v0.20.8

Contributors

We'd like to acknowledge that this release wouldn't be as good without the help of the following amazing contributors:

@​pbusko @​jjbustamante @​jabrown85

lifecycle v0.20.7

Welcome to v0.20.7, a release of the Cloud Native Buildpacks Lifecycle.

Prerequisites

The lifecycle runs as a normal user in a series of unprivileged containers. To export images and cache image layers, it requires access to a Docker (compatible) daemon or an OCI registry.

Install

Extract the .tgz file and copy the lifecycle binaries into a build image. The build image can then be orchestrated by a platform implementation such as the pack CLI or tekton.

Lifecycle Image

... (truncated)

Commits

• 8bdb640 Merge pull request #1493 from buildpacks/jjbustamante/restore-exec-d-windows
• 997840b restoring archive/tar_windows.go
• 4f7f331 removing go:build unix because we already removed windows support
• 55c8b98 removing the os build constraint and moving the linux implementation into exec_d
• 92d9833 Merge pull request #1494 from sap-contributions/update-vulnerable-deps
• 5f77688 code lint
• d34588e update vulnerable dependencies
• f923ae5 adding also archive windows file
• 3d23976 restoring launch/exec_d_windows.go to being able to compile pack LCOW
• c895ed4 Merge pull request #1486 from buildpacks/dependabot/go_modules/go-dependencie...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)