chore(deps): bump the engine group across 2 directories with 35 updates

[dependabot]

Bumps the engine group with 21 updates in the / directory:

Package	From	To
github.com/1password/onepassword-sdk-go	0.1.3	0.1.7
github.com/99designs/gqlgen	0.17.63	0.17.66
github.com/Khan/genqlient	0.7.0	0.8.0
github.com/charmbracelet/bubbletea	1.2.4	1.3.3
github.com/containerd/containerd	1.7.24	1.7.25
github.com/containerd/stargz-snapshotter	0.15.1	0.16.3
github.com/docker/cli	27.4.0+incompatible	27.5.1+incompatible
github.com/docker/docker	27.4.0+incompatible	27.5.1+incompatible
github.com/go-git/go-git/v5	5.13.1	5.13.2
github.com/google/go-containerregistry	0.20.2	0.20.3
github.com/goproxy/goproxy	0.18.2	0.19.2
github.com/hashicorp/vault/api	1.15.0	1.16.0
github.com/hashicorp/vault/api/auth/approle	0.8.0	0.9.0
github.com/invopop/jsonschema	0.12.0	0.13.0
github.com/jackpal/gateway	1.0.15	1.0.16
github.com/lmittmann/tint	1.0.5	1.0.7
github.com/opencontainers/runc	1.1.15	1.2.5
github.com/samber/slog-logrus/v2	2.5.0	2.5.2
go.etcd.io/bbolt	1.3.11	1.4.0
gotest.tools/v3	3.5.1	3.5.2
modernc.org/sqlite	1.34.2	1.35.0

Bumps the engine group with 3 updates in the /sdk/go directory: github.com/99designs/gqlgen, github.com/Khan/genqlient and google.golang.org/grpc.

Updates github.com/1password/onepassword-sdk-go from 0.1.3 to 0.1.7

Release notes

Sourced from github.com/1password/onepassword-sdk-go's releases.

Release 0.1.7

1Password Go SDK v0.1.7

IMPROVED:

• The SDK now returns an error with a custom type when it hits the rate limit of the 1Password servers.

FIXED:

• Using an SDK client in a long-running process no longer causes 401 server responses.

Release 0.1.7-beta.3

1Password Go SDK v0.1.7-beta.3

NEW:

• Support for resolving multiple references: You can now retrieve multiple secrets in batch.

Release 0.1.6

NEW

• Support for item sharing: You can now create an item sharing link via the 1Password SDKs using the new client.Items.Shares API.
• Support for item archiving: You can now move items to the archive with the SDKs, using the new client.Items.Archive(vault_uuid, item_uuid) function.

IMPROVED

• Support for item notes: You can now read, create and edit items with a notes field, accessing it via item.Notes.
• Support for SSH key attributes in secret references: You can now retrieve an SSH key's public key, key type and fingerprint with client.Secrets.Resolve.
• Support for additional field types: You can now read, create and edit items with Email (email addresses) and Reference (ID references to other 1Password items) type fields.

FIXED

• Fix item CRUD flow for the Password item category: Creating or editing a Password item no longer leads to a panic in the Go SDK.
• Improved field matching logic for secret references: Retrieving a field from the item's default field section is now possible even if there is an identically named field in one of the item's named sections.

Release 0.1.5

Version 0.1.5 of the 1Password Go SDK brings:

• Support for generating passwords. You can now generate random, PIN, and memorable passwords using the onepassword.Secrets.GeneratePassword function.
• Support for item subtitles. Creating and editing an item now sets the subtitle correctly, which is visible in the item preview in all client apps.
• Support for the Credit Card Number field type. You can now retrieve, create, and edit items containing credit card numbers.

Release 0.1.4

The v0.1.4 release of the Go SDK brings:

• Support for validating secret references. You can now check that a secret reference is formatted correctly without having to resolve it or even authenticate, using the 'ValidateSecretReference' function.

Commits

• 2caa183 Update RELEASE-NOTES
• 85c6da3 Update release notes
• f29343e Release v0.1.7
• 33f8f1d Remove changes from example
• 7687cf4 Update core to version 8374b01d
• cc049ec Merge pull request #175 from 1Password/morgan/174/example-test
• f68340e Update example/README.md
• 52cff57 Enforcing only onw matrix combination runs at a time to avoid 409 Error.
• 0e8e760 Reading proper GitHub Secrets for example test
• 3d7cc59 Updated readme to reflect need for vault id env var. Properly added GitHub Se...
• Additional commits viewable in compare view

Updates github.com/99designs/gqlgen from 0.17.63 to 0.17.66

Release notes

Sourced from github.com/99designs/gqlgen's releases.

v0.17.66

What's Changed

• x/tools update go get golang.org/x/tools@v0.30.0 by @​StevenACoffman in 99designs/gqlgen#3540

Full Changelog: 99designs/gqlgen@v0.17.65...v0.17.66

v0.17.65

What's Changed

• support all go versions 1.22, 1.23, 1.24 by using golang.org/x/tools@v0.25.0 by @​StevenACoffman in 99designs/gqlgen#3537
• feat: add logger for use with tracing middleware by @​lleadbet in 99designs/gqlgen#3509
• chore(deps-dev): bump @​graphql-codegen/client-preset from 4.5.1 to 4.6.1 in /integration by @​dependabot in 99designs/gqlgen#3513
• chore(deps-dev): bump @​apollo/client from 3.12.7 to 3.12.8 in /integration by @​dependabot in 99designs/gqlgen#3511
• chore(deps-dev): bump @​graphql-codegen/cli from 5.0.3 to 5.0.4 in /integration by @​dependabot in 99designs/gqlgen#3514
• chore(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @​dependabot in 99designs/gqlgen#3520
• chore(deps-dev): bump vite from 6.0.11 to 6.1.0 in /integration by @​dependabot in 99designs/gqlgen#3521
• chore(deps-dev): bump @​graphql-codegen/client-preset from 4.6.1 to 4.6.2 in /integration by @​dependabot in 99designs/gqlgen#3523
• chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.1 by @​dependabot in 99designs/gqlgen#3525
• chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 in /_examples by @​dependabot in 99designs/gqlgen#3526
• chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 in /_examples by @​dependabot in 99designs/gqlgen#3527
• chore(deps-dev): bump @​apollo/client from 3.12.8 to 3.12.11 in /integration by @​dependabot in 99designs/gqlgen#3522
• chore(deps-dev): bump vitest from 3.0.4 to 3.0.5 in /integration by @​dependabot in 99designs/gqlgen#3524
• chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 by @​dependabot in 99designs/gqlgen#3519

Full Changelog: 99designs/gqlgen@v0.17.64...v0.17.65

v0.17.64

What's Changed

• Add KeepAlivePingInterval to SSE transport by @​jlaprise in 99designs/gqlgen#3466
• Update gqlparser v2 to v2.5.22 to Support @oneOf and @deprecated on input values by @​StevenACoffman in 99designs/gqlgen#3507
• feat: add errors to ftv1 traces by @​lleadbet in 99designs/gqlgen#3506 99designs/gqlgen#3484
• Altair Playground updated to version 8.1.3 and configuration input added. by @​reginbald in
• chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 by @​dependabot in 99designs/gqlgen#3477
• chore(deps-dev): bump graphql-sse from 2.5.3 to 2.5.4 in /integration by @​dependabot in 99designs/gqlgen#3478
• chore(deps-dev): bump @​apollo/client from 3.12.4 to 3.12.5 in /integration by @​dependabot in 99designs/gqlgen#3481
• chore(deps-dev): bump typescript from 5.7.2 to 5.7.3 in /integration by @​dependabot in 99designs/gqlgen#3480
• chore(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2 by @​dependabot in 99designs/gqlgen#3482
• chore(deps-dev): bump graphql-ws from 5.16.0 to 5.16.2 in /integration by @​dependabot in 99designs/gqlgen#3479
• chore(deps): bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 by @​dependabot in 99designs/gqlgen#3485
• chore(deps): bump google.golang.org/protobuf from 1.36.2 to 1.36.3 by @​dependabot in 99designs/gqlgen#3489
• chore(deps-dev): bump vite from 6.0.7 to 6.0.9 in /integration by @​dependabot in 99designs/gqlgen#3491
• chore(deps-dev): bump @​apollo/client from 3.12.5 to 3.12.6 in /integration by @​dependabot in 99designs/gqlgen#3493
• chore(deps): bump graphql-ws from 5.16.2 to 6.0.1 in /_examples/chat by @​dependabot in 99designs/gqlgen#3494
• chore(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 by @​dependabot in 99designs/gqlgen#3495
• chore(deps-dev): bump vitest from 2.1.8 to 3.0.2 in /integration by @​dependabot in 99designs/gqlgen#3490
• chore(deps-dev): bump @​apollo/client from 3.12.6 to 3.12.7 in /integration by @​dependabot in 99designs/gqlgen#3500
• chore(deps-dev): bump vitest from 3.0.2 to 3.0.4 in /integration by @​dependabot in 99designs/gqlgen#3502
• chore(deps): bump dawidd6/action-download-artifact from 7 to 8 by @​dependabot in 99designs/gqlgen#3503
• chore(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4 by @​dependabot in 99designs/gqlgen#3504

... (truncated)

Commits

• 95600f6 release v0.17.66
• 005ea86 x/tools update go get golang.org/x/tools@v0.30.0 (#3540)
• 70d621f v0.17.65 postrelease bump
• 41a183c release v0.17.65
• 42a6a49 support all go versions 1.22, 1.23, 1.24 by using golang.org/x/tools@v0.25.0 ...
• 325c04a chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 (#3519)
• 084c6f0 chore(deps-dev): bump vitest from 3.0.4 to 3.0.5 in /integration (#3524)
• 0b36b16 chore(deps-dev): bump @​apollo/client in /integration (#3522)
• 3e5328b chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 in /_examples (#3527)
• b790acd chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 in /_examples (#3526)
• Additional commits viewable in compare view

Updates github.com/Khan/genqlient from 0.7.0 to 0.8.0

Release notes

Sourced from github.com/Khan/genqlient's releases.

v0.8.0

This release adds support for genqlient subscriptions; see the documentation for more, and thanks to @​matthieu4294967296moineau for the original implementation and @​HaraldNordgren for additional testing and improvements.

Note that genqlient now requires Go 1.22.5 or higher, and is tested through Go 1.23.3.

Breaking changes:

• genqlient now forbids omitempty: false (including implicit behaviour) when using pointer on non-null input field.
• The error text for HTTP errors has changed slightly. If you were parsing it, switch to As-ing to graphql.HTTPError.

New features:

• genqlient now supports subscriptions; the websocket protocol is by default graphql-transport-ws but can be set to another value.
  See the documentation for more details on how to use subscriptions.
• genqlient now supports double-star globs for schema and query files; see https://github.com/Khan/genqlient/blob/HEAD/genqlient.yaml docs for more.
• genqlient now generates slices containing all enum values for each enum type.
• genqlient now returns Is/As-able errors when the HTTP request returns a non-200 status.

Bug fixes:

• omitempty validation:
  • allow omitempty on non-nullable input field, if the field has a default
  • allow omitempty: false on an input field, even when it is non-nullable
• don't do omitempty and pointer input types validation when use_struct_reference is used, as the generated type is often not compatible with validation logic.
• the allow_broken_features option, which no longer did anything, has been removed

Changelog

Sourced from github.com/Khan/genqlient's changelog.

v0.8.0

This release adds support for genqlient subscriptions; see the documentation for more, and thanks to @​matthieu4294967296moineau for the original implementation and @​HaraldNordgren for additional testing and improvements.

Note that genqlient now requires Go 1.22.5 or higher, and is tested through Go 1.23.3.

Breaking changes:

• genqlient now forbids omitempty: false (including implicit behaviour) when using pointer on non-null input field.
• The error text for HTTP errors has changed slightly. If you were parsing it, switch to As-ing to graphql.HTTPError.

New features:

• genqlient now supports subscriptions; the websocket protocol is by default graphql-transport-ws but can be set to another value.
  See the documentation for more details on how to use subscriptions.
• genqlient now supports double-star globs for schema and query files; see https://github.com/Khan/genqlient/blob/main/docs/genqlient.yaml docs for more.
• genqlient now generates slices containing all enum values for each enum type.
• genqlient now returns Is/As-able errors when the HTTP request returns a non-200 status.

Bug fixes:

• omitempty validation:
  • allow omitempty on non-nullable input field, if the field has a default
  • allow omitempty: false on an input field, even when it is non-nullable
• don't do omitempty and pointer input types validation when use_struct_reference is used, as the generated type is often not compatible with validation logic.
• the allow_broken_features option, which no longer did anything, has been removed

Commits

• 78a03a6 Release v0.8.0 (#370)
• 8ba2f83 Fix documentation for client error As-ability, and add tests (#369)
• 6010b63 HTTPError wraps full Response for typed output (#366)
• d3e516b Move websocket headers to opt function 'WithWebsocketHeaders' (#365)
• 5913cd6 Improve HTTP error text (#364)
• 1147aaf Update Go (and golangci-lint, and gqlgen) versions, and test codegen (#362)
• 800909d Subscription connection parameters support (#360)
• adb9dd6 Standardize error return from HTTP requests (#363)
• ca5889f Use generics for subscriptions responses (#356)
• e030ff1 Fix issue where subscription server data channel closing gives error (#354)
• Additional commits viewable in compare view

Updates github.com/charmbracelet/bubbletea from 1.2.4 to 1.3.3

Release notes

Sourced from github.com/charmbracelet/bubbletea's releases.

v1.3.3

This release restore the program options that were deprecated in the previous releases.

Changelog

Full Changelog: charmbracelet/bubbletea@v1.3.2...v1.3.3

---

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

v1.3.2

Fix canceling terminal input reads on Windows.

Changelog

Bug fixes

• b0186ada899e2c5f270b753f577be2c89ed1836f: fix: windows: handle cancel io error (@​aymanbagabas)

---

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

v1.3.1

This release introduces some important bug fixes when it comes to cursor movements while rendering, and properly handle Windows AltGr key on non-English keyboards.

Changelog

Bug fixes

• 771a10156269427e1e0c0be807410a0246135bf3: fix: renderer: use newline instead of cud1 to move cursor down (#1323) (@​aymanbagabas)
• c66daf9744ee9cf9285e9d2e2c5f1ebb084b11fe: fix: windows: AltGr maps to LEFT_CTRL+RIGHT_ALT (#1162) (@​aymanbagabas)

Other work

• 439398b1dd1791a253723819baf8f184a7dcc385: Remove irrelevant option comments (@​nervo)

---

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

v1.3.0

Sorry to interrupt: it's time for Bubble Tea v1.3.0!

Bubble Tea now ships with refined interrupt handling, courtesy @​caarlos0. Now, you can throw your terminal a ctrl+c or an interrupt signal, Bubble Tea will take it with grace and poise. Switch any ol’ run-of-the-mill tea.Quit command with tea.Interrupt for seamless interruptions.

Bug Fixes

... (truncated)

Commits

• cb6f840 chore: revert "chore: deprecate some StartupOptions in favor of Cmds (#1307)"
• ee7cf45 chore: revert "Remove irrelevant option comments"
• b0186ad fix: windows: handle cancel io error
• 771a101 fix: renderer: use newline instead of cud1 to move cursor down (#1323)
• cebad5b chore(examples): update go.mod and go.sum
• 439398b Remove irrelevant option comments
• c66daf9 fix: windows: AltGr maps to LEFT_CTRL+RIGHT_ALT (#1162)
• 696e4ab chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 (#1312)
• 8eb3080 chore(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0 (#1311)
• 75d1b4b chore: deprecate some StartupOptions in favor of Cmds (#1307)
• Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.24 to 1.7.25

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.25

Welcome to the v1.7.25 release of containerd!

The twenty-fifth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Update runc binary to v1.2.4 (#11238)
• Fix proto conflicts and update to 1.8 API (#11184)

Container Runtime Interface (CRI)

• Fix ip_pref configuration option (#11223)

Runtime

• Fix panic due to nil dereference cgroups v2 (#11099)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Akihiro Suda
• Derek McGowan
• Sebastiaan van Stijn
• Wei Fu
• Maksym Pavlenko
• Akhil Mohan
• Henry Wang
• Jin Dong
• Phil Estes
• Sam Edwards
• Samuel Karp
• Brian Goff
• David Son
• Kohei Tokunaga
• Pierre Gimalac
• Yang Yang
• bo.jiang

Changes

• Prepare release notes for v1.7.25 (#11243)
  • bda53fc60 Prepare release notes for v1.7.25
• Update runc binary to v1.2.4 (#11238)
  • d4a649130 update runc binary to v1.2.4

... (truncated)

Commits

• bcc810d Merge pull request #11243 from dmcgowan/prepare-v1.7.25
• bda53fc Prepare release notes for v1.7.25
• d46d74c Merge pull request #11238 from k8s-infra-cherrypick-robot/cherry-pick-11230-t...
• d4a6491 update runc binary to v1.2.4
• e76cc83 Merge pull request #11224 from thaJeztah/1.7_backport_debug-log-shim-plugin
• 1079d92 Merge pull request #11223 from thaJeztah/1.7_backport_fix-ipv6-pref
• 99c9737 runtime/v2: reduce shim plugin log
• 0cfc1ed Fix "even if IPv4 comes first" test to have IPv4 first
• 53d1fd0 Don't use To16() != nil to detect IPv6 addresses
• 142e855 Merge pull request #11203 from pgimalac/pgimalac/containerd-no-plugin
• Additional commits viewable in compare view

Updates github.com/containerd/stargz-snapshotter from 0.15.1 to 0.16.3

Release notes

Sourced from github.com/containerd/stargz-snapshotter's releases.

v0.16.3

Notable Changes

• Fix zstd:chunked converter error on duplicated blobs (#1894)

v0.16.2

Notable Changes

• go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1 (#1877)

v0.16.1

Notable Changes

• prevernt go version upgraded to 1.23 in go.mod (#1863)

v0.16.0

Notable Changes

• Support for the latest CRI-O(>=v1.31.0) and Podman (>=v5.1.0) Additional Layer Store (#1673, #1674)
• Fix log message in refnode.Lookup (#1595), thanks to @​iain-macdonald
• store: use OnForget API for checking if a node is reusable (#1808)
• Support for containerd v2 (#1722), thanks to @​apostasie
• fs: Check connection only when image isn't fully cached (#1584)

Commits

• c0389e0 Merge pull request #1898 from ktock/prepare-v0.16.3
• c6a444e [v0.16] Prepare for v0.16.3
• 86bbdeb Merge pull request #1894 from ktock/bp-1885
• 9b706a2 Rely on OpenWriter for retrying opening writer
• 570ba70 Rely on contaienrd's GC for cleanup of temporary content
• 1d34a1b Merge pull request #1878 from ktock/prepare-v0.16.2
• 3971b26 Merge pull request #1877 from ktock/v0.16dev
• 1e4fad0 Preapre for v0.16.2
• 4edcebd go.mod: Use 1.22.0 by specifying to google.golang.org/grpc v1.67.1
• 7d3230e Merge pull request #1864 from ktock/prepare-v0.16.1
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.4.0+incompatible to 27.5.1+incompatible

Commits

• 9f9e405 Merge pull request #5759 from thaJeztah/27.x_vendor_docker_27.5.0
• d7cd22f Merge pull request #5762 from thaJeztah/27.x_bump_golang_1.22.11
• 0e2d4fe Merge pull request #5766 from thaJeztah/27.x_backport_bump_dev_tools
• fbc0a73 Dockerfile: update compose to v2.32.4
• 777695f Dockerfile: update buildx to v0.20.0
• 092d235 Merge pull request #5764 from vvoland/5763-27.x
• fa1ba05 gha: Adjust release branches
• 1ccfae7 update to go1.22.11 (fix CVE-2024-45341, CVE-2024-45336)
• 397c2f8 vendor: github.com/docker/docker v27.5.0
• a187fa5 Merge pull request #5736 from thaJeztah/27.x_vendor_docker_27.5.0
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.0+incompatible to 27.5.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.1

27.5.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.1 milestone
• moby/moby, 27.5.1 milestone

Bug fixes and enhancements

• Fixed an issue that could persistently prevent daemon startup after failure to initialize the default bridge. moby/moby#49307
• Add a DOCKER_IGNORE_BR_NETFILTER_ERROR environment variable. Setting it to 1 allows running on hosts that cannot load br_netfilter. Some things won't work, including disabling inter-container communication in a bridge network. With the userland proxy disabled, it won't be possible to access one container's published ports from another container on the same network. moby/moby#49306

Packaging updates

• Update Go runtime to 1.22.11 (fix CVE-2024-45341, CVE-2024-45336). moby/moby#49312, docker/docker-ce-packaging#1147, docker/cli#5762
• Update RootlessKit to v2.3.2 to support passt >= 2024_10_30.ee7d0b6. moby/moby#49304
• Update Buildx to v0.20.0. docker/docker-ce-packaging#1149

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.0 milestone
• moby/moby, 27.5.0 milestone

Bugfixes and enhancements

• containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194
• Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137
• Preserve network labels during daemon startup. moby/moby#49200
• Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

• pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247
• pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209
• pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255
• pkg/reexec: This package is deprecated and moved to a separate module. Use github.com/moby/sys/reexec instead. moby/moby#49135

Packaging updates

• Update containerd to v1.7.25 moby/moby#49253
• Update runc to v1.2.4 moby/moby#49243
• Update BuildKit to v0.18.2 moby/moby#48949
• Update Compose to v2.32.2 docker/docker-ce-packaging#1140

v27.5.0-rc.2

... (truncated)

Commits

• 4c9b3b0 Merge pull request #49317 from thaJeztah/27.x_backport_bump_dev_tools
• 0da7a26 Dockerfile: update compose to v2.32.4
• 4c8ec29 Dockerfile: update buildx to v0.20.0
• fbc854d Dockerfile: update docker CLI to v27.5.0
• 36c72d4 Merge pull request #49322 from thaJeztah/27.x_backport_bake-v6
• e85906c ci(bin-image): fix bake build
• 542e33c ci: update bake-action to v6
• c0df678 Merge pull request #49314 from vvoland/49313-27.x
• 95d1819 gha: Adjust release branches
• 13eca88 Merge pull request #49312 from thaJeztah/27.x_bump_golang_1.22.11
• Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.13.1 to 5.13.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.13.2

What's Changed

• plumbing: use the correct user agent string. Fixes #883 by @​uragirii in go-git/go-git#1364
• build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @​dependabot in go-git/go-git#1365
• build: bump the golang-org group with 2 updates by @​dependabot in go-git/go-git#1367
• build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @​dependabot in go-git/go-git#1368
• build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @​dependabot in go-git/go-git#1378
• build: bump github/codeql-action from 3.28.0 to 3.28.1 by @​dependabot in go-git/go-git#1376
• build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @​dependabot in go-git/go-git#1377
• git: worktree, fix restoring dot slash files (backported to v5). Fixes #1176 by @​BeChris in go-git/go-git#1361
• build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2 by @​dependabot in go-git/go-git#1392
• git: worktree_status, fix adding dot slash files to working tree (backported to v5). Fixes #1150 by @​BeChris in go-git/go-git#1359
• build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5 by @​dependabot in go-git/go-git#1383

Full Changelog: go-git/go-git@v5.13.1...v5.13.2

Commits

• 2c68247 Merge pull request #1383 from go-git/dependabot/go_modules/github.com/ProtonM...
• d462c2e Merge pull request #1359 from BeChris/issue1150-v5
• 32ac23a Merge pull request #1392 from go-git/dependabot/go_modules/github.com/pjbgf/s...
• 93e635a build: bump github.com/pjbgf/sha1cd from 0.3.0 to 0.3.2
• b2bb975 git: worktree_status, took into account code review remarks
• 518ac88 git: worktree_status, fix adding dot slash files to working tree (backported ...
• 21b3150 build: bump github.com/ProtonMail/go-crypto from 1.1.4 to 1.1.5
• 189e7e4 Merge pull request #1361 from BeChris/issue1176-v5
• 654815a Merge pull request #1377 from go-git/dependabot/go_modules/github.com/elazarl...
• 91dbdb9 Merge pull request #1376 from go-git/dependabot/github_actions/github/codeql-...
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/goproxy/goproxy from 0.18.2 to 0.19.2

Release notes

Sourced from github.com/goproxy/goproxy's releases.

v0.19.2

0.19.2 (2025-02-16)

Miscellaneous Chores

• .goreleaser.yaml: add DOCKER_IMAGE_REPO for dynamic repo config (#104) (524fde2)
• ci: add ...

  Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.