Bump the prod-minor-updates group across 1 directory with 3 updates

[dependabot]

Bumps the prod-minor-updates group with 3 updates in the / directory: github.com/docker/docker, golang.org/x/crypto and golang.org/x/net.

Updates github.com/docker/docker from 28.3.3+incompatible to 28.4.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.4.0

28.4.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.4.0 milestone
• moby/moby, 28.4.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Allow Docker CLI to set the GODEBUG environment variable when the key-value pair ("GODEBUG":"...") exists inside the docker context metadata. docker/cli#6399

Bug fixes and enhancements

• Add shell completion for docker pull and docker image pull. docker/cli#6420
• Fix a regression in v28.3.3 that could cause a panic on docker push if the client did not send an X-Registry-Auth header. moby/moby#50738
• Windows: Potentially fix an issue with "access denied" error when pulling images. moby/moby#50871
• containerd image store: Fix docker history failing with snapshot X does not exist when calling on a non-native image that was built locally. moby/moby#50875
• containerd image store: Fix docker image prune to emit correct untag and delete events and list only the deleted images root digests instead of every blob. moby/moby#50837
• Remove interactive login prompt from docker push and docker pull after a failure caused by missing authentication. docker/cli#6256

Packaging updates

• Update BuildKit to v0.24.0. moby#50888
• Update Go runtime to 1.24.7. moby/moby#50889, docker/cli#6422
• Update runc to v1.3.0. moby/moby#50699
• Update containerd (static binaries only) to v1.7.28. moby/moby#50700

Networking

• Fix an issue that could cause slow container restart on live-restore. moby/moby#50829

API

• Update deprecation message for AuthConfig.Email field. moby/moby#50797

Go SDK

• Deprecate profiles package which got migrated to github.com/moby/profiles. moby/moby#50513

Deprecations

• Deprecate special handling for quoted values for the --tlscacert, --tlscert, and --tlskey command-line flags. docker/cli#6291
• Mark legacy links env vars (DOCKER_KEEP_DEPRECATED_LEGACY_LINKS_ENV_VARS) as deprecated in v28.4 and set for removal in v30.0. docker/cli#6309
• Go-SDK: Deprecate field NetworkSettingsBase.Bridge, struct NetworkSettingsBase, all the fields of DefaultNetworkSettings, and struct DefaultNetworkSettings. moby/moby#50839
• Go-SDK: api/types: build.CacheDiskUsage, container.DiskUsage, images.DiskUsage and volumes.DiskUsage are now deprecated and will be removed in the next major release. moby/moby#50768
• Go-SDK: cli-plugins/manager: deprecate ReexecEnvvar. docker/cli#6411
• Go-SDK: cli-plugins/manager: deprecate annotation aliases (CommandAnnotationPlugin, CommandAnnotationPluginVendor, CommandAnnotationPluginVersion, CommandAnnotationPluginInvalid, CommandAnnotationPluginCommandPath) in favor of their equivalent in cli-plugins/manager/metadata. docker/cli#6298

... (truncated)

Commits

• 249d679 Merge pull request #50890 from vvoland/50889-28.x
• d664cfe update to go1.24.7
• b384cd2 Merge pull request #50888 from vvoland/50885-28.x
• c1ce88e vendor: update buildkit to v0.24.0
• 4a34e8e Merge pull request #50875 from vvoland/50867-28.x
• cfa70d0 gha/arm64: Setup qemu
• d70382e integration/internal: Print Buildkit logs
• 687b206 c8d/history: Fix non-native platforms
• e4224f8 integration/internal: Handle Buildkit in GetImageIDFromBody
• 5d5332b Merge pull request #50871 from vvoland/50870-28.x
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.42.0

Commits

• 5307a0c go.mod: update golang.org/x dependencies
• 9d77937 acme: include order problem in OrderError
• 8f580de ssh: remove Go 1.24 build tag for ML-KEM kex
• a4d1237 ssh/knownhosts: improve IPv6 support in Normalize
• b8d8dae curve25519: include potential fips140=only error in panic message
• f5a2eab ssh: use curve25519.X25519 instead of curve25519.ScalarMult
• 44ecf3a all: upgrade go directive to at least 1.24.0 [generated]
• See full diff in compare view

Updates golang.org/x/net from 0.43.0 to 0.44.0

Commits

• 3b23d57 http2: fix race condition when disabling goroutine debugging for one test
• 8741050 http2: simplify TestServer_Push_RejectAfterGoAway
• 96e405c http2: modernize TestTransportRoundtripCloseOnWriteError
• 6dc6880 http2: simplify ClientConn Close and Shutdown tests
• 4e2915b http2: modernize TestTransportAllocationsAfterResponseBodyClose
• 30b0e78 http2: modernize TestRoundTripDoesntConsumeRequestBodyEarly
• b9acd77 http2: speed up TestTransportFlowControl
• 5153f4d go.mod: update golang.org/x dependencies
• 9338bdd http2: speed up TestTransportHandlerBodyClose
• 6b20036 http2: add synchronous handler support to serverTester
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

None of your dependencies match this group anymore, you may need to update your configuration file to remove it or change its rules.