chore(deps): bump the go group across 1 directory with 8 updates

[dependabot]

Bumps the go group with 8 updates in the / directory:

Package	From	To
github.com/containerd/containerd	1.7.11	1.7.22
github.com/docker/cli	27.0.3+incompatible	27.3.0+incompatible
github.com/docker/docker	27.1.1+incompatible	27.3.0+incompatible
github.com/go-test/deep	1.0.8	1.1.1
github.com/google/go-containerregistry	0.19.2	0.20.2
github.com/sylabs/sif/v2	2.17.1	2.19.1
golang.org/x/crypto	0.25.0	0.27.0
github.com/docker/go-connections	0.4.0	0.5.0

Updates github.com/containerd/containerd from 1.7.11 to 1.7.22

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.22

Welcome to the v1.7.22 release of containerd!

The twenty-second patch release for containerd 1.7 contains various fixes and updates.

Highlights

Build and Release Toolchain

• Update to go1.22.7, go1.23.1 (#10679)

Container Runtime Interface (CRI)

• Cumulative stats can't decrease (#10670)

Runtime

• Fix bug where init exits were being dropped (#10675)
• Update runc binary to 1.1.14 (#10668)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Samuel Karp
• James Sturtevant
• Laura Brehm
• Maksym Pavlenko
• Akhil Mohan
• Akihiro Suda
• Cory Snider
• Derek McGowan
• Sebastiaan van Stijn

Changes

• Prepare release notes for v1.7.22 (#10684)
  • 43174ee6a Prepare release notes for v1.7.22
• integration: regression test for issue 10589 (#10682)
  • 0c4ba21d8 integration: regression test for issue 10589
  • 1cc2cfa4b fifosync: cross-process synchronization
• Fix bug where init exits were being dropped (#10675)
  • f338717ed runc-shim: handle pending execs as running
  • 686c69490 runc-shim: refuse to start execs after init exits
  • 760935e52 runc-shim: remove misleading comment
• Update to go1.22.7, go1.23.1 (#10679)

... (truncated)

Commits

• 7f7fdf5 Merge pull request #10684 from samuelkarp/release-1.7.22
• 43174ee Prepare release notes for v1.7.22
• c10e4a6 Merge pull request #10682 from samuelkarp/shim-exec-fp-test-1.7
• 0c4ba21 integration: regression test for issue 10589
• 1cc2cfa fifosync: cross-process synchronization
• b19be30 Merge pull request #10675 from laurazard/1.7-backport-shim-dropped-init-exits
• c62aa06 Merge pull request #10679 from thaJeztah/1.7_update_go1.22.7
• 19d678f update to go1.22.7, go1.23.1
• f338717 runc-shim: handle pending execs as running
• 686c694 runc-shim: refuse to start execs after init exits
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.0.3+incompatible to 27.3.0+incompatible

Commits

• e85edf8 Merge pull request #5452 from laurazard/27.3.0-match-moby-version
• ca62759 vendor: github.com/docker/docker v27.3.0-rc2
• e4dc9d2 Merge pull request #5448 from laurazard/backport-otel-shutdown-errors
• ddf8f23 Merge pull request #5449 from laurazard/backport-lowercase-windows-drive
• c6dde25 command: change drive to lowercase for wsl path
• fcf6dd0 Merge pull request #5447 from thaJeztah/27.x_backport_codeql_updates
• 4b5a196 telemetry: pass otel errors to the otel handler for shutdown and force flush
• e2eb069 gha: update codeql workflow to go1.22.7
• 58a14cc Merge pull request #5443 from laurazard/backport-container-rm-docs
• 81ca58b docs: Fix --rm=false flag in container_run.md
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.1.1+incompatible to 27.3.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.3.0

27.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.3.0 milestone
• moby/moby, 27.3.0 milestone

Bug fixes and enhancements

• containerd image store: Fix docker image prune -a untagging images used by containers started from images referenced by a digested reference. moby/moby#48488
• Add a --feature flag to the daemon options. moby/moby#48487
• Updated the handling of the --gpus=0 flag to be consistent with the NVIDIA Container Runtime. moby/moby#48483 (docker/cli#5432)
• Support WSL2 mirrored-mode networking's use of interface loopback0 for packets from the Windows host. moby/moby#48514
• Fix an issue that prevented communication between containers on an IPv4 bridge network when running with --iptables=false, --ip6tables=true (the default), a firewall with a DROP rule for forwarded packets on hosts where the br_netfilter kernel module was not normally loaded. moby/moby#48511
• CLI: Fix issue where docker volume update command would cause the CLI to panic if no argument/volume was passed. docker/cli#5426
• docker/cli#5432

Packaging updates

• Update containerd (static binaries only) to v1.7.22 moby/moby#48468
• Updated Buildkit to v0.16.0
• Update Compose to v2.29.6
• Update Buildx to v0.17.1

v27.3.0-rc.2

27.3.0-rc.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.3.0 milestone
• moby/moby, 27.3.0 milestone

Bug fixes and enhancements

• containerd image store: Fix docker image prune -a untagging images used by containers started from images referenced by a digested reference. moby/moby#48488
• Add a --feature flag to the daemon options. moby/moby#48487
• Updated the handling of the --gpus=0 flag to be consistent with the NVIDIA Container Runtime. moby/moby#48483 (docker/cli#5432)
• Support WSL2 mirrored-mode networking's use of interface loopback0 for packets from the Windows host. moby/moby#48514
• Fix an issue that prevented communication between containers on an IPv4 bridge network when running with --iptables=false, --ip6tables=true (the default), a firewall with a DROP rule for forwarded packets on hosts where the br_netfilter kernel module was not normally loaded. moby/moby#48511
• CLI: Fix issue where docker volume update command would cause the CLI to panic if no argument/volume was passed. docker/cli#5426
• docker/cli#5432

Packaging updates

• Update containerd (static binaries only) to v1.7.22 moby/moby#48468

... (truncated)

Commits

• 41ca978 Merge pull request #48525 from thaJeztah/27.x_backport_govulncheck_permissions
• a6b772b gha: govulncheck: make sure read permissions are set
• 856359c Merge pull request #48514 from robmry/backport-27.x/wsl2_mirrored_loopback0_w...
• cd21af7 Do not DNAT packets from WSL2's loopback0
• 8516f3b Merge pull request #48510 from thaJeztah/27.x_backport_bump_buildx_compose
• 3a7779a Merge pull request #48511 from robmry/backport-27.x/48375_bridge_netfiltering
• 5c499fc Only enable bridge netfiltering when needed
• 98f24aa Merge pull request #48506 from thaJeztah/27.x_backport_man_dockerd_logformat
• 8adc8e4 Dockerfile: update compose to v2.29.4
• 576fc88 Dockerfile: update buildx to v0.17.1
• Additional commits viewable in compare view

Updates github.com/go-test/deep from 1.0.8 to 1.1.1

Release notes

Sourced from github.com/go-test/deep's releases.

v1.1.1

What's Changed

• Fix copy pasta error in TestNilMapsAreEmpty by @​bartleyg in go-test/deep#58
• Add an option to consider nil pointers to be equivalent to zero values by @​seveas in go-test/deep#61

New Contributors

• @​bartleyg made their first contribution in go-test/deep#58
• @​seveas made their first contribution in go-test/deep#61

Full Changelog: go-test/deep@v1.1.0...v1.1.1

v1.1.0

New minor release, v1.1, that adds support for optional flags.

What's Changed

• Implment issue 28 with FLAG_IGNORE_SLICE_ORDER by @​daniel-nichter in go-test/deep#56

Full Changelog: go-test/deep@v1.0.9...v1.1.0

v1.0.9

What's Changed

• Remove Travis CI, use GitHub Actinos instead by @​daniel-nichter in go-test/deep#53
• Fix issue 45: don't try to call Error method on unexported field by @​daniel-nichter in go-test/deep#54
• Add CompareFunctions (issue 46) by @​daniel-nichter in go-test/deep#55

Full Changelog: go-test/deep@v1.0.8...v1.0.9

Changelog

Sourced from github.com/go-test/deep's changelog.

v1.1.1 released 2024-06-23

• Added NilPointersAreZero option: causes a nil pointer to be equal to a zero value (PR #61) (@​seveas)
• Updated test matrix to go1.22, go1.21, and go1.20

v1.1.0 released 2022-12-09

• Add optional flags: Equal(a, b, flags..) and FLAG_IGNORE_SLICE_ORDER (issue #28, PR #56) (@​alenkacz)

---

v1.0.9 released 2022-12-09

• Fixed issue #45: Panic when comparing errors in unexported fields (PR #54) (@​seveas)
• Fixed issue #46: Functions are handled differently from reflect.DeepEqual (PR #55) (@​countcb)
• Updated test matrix to go1.17, go1.18, and go1.19 and moved testing to GitHub Actions

Commits

• 9e863ff Release v1.1.1
• dc5b2f6 Update SECURITY.md
• 185886d Restore 100% test coverage (NilPointersAreZero case)
• 47ae1b8 Merge pull request #61 from seveas/nil-pointers-are-zero
• 93c35ac Merge branch 'master' into nil-pointers-are-zero
• 2982c5c Update test matrix to latest 3 Go versions
• 2b8252e Add an option to consider nil pointers to be equivalent to zero values
• 95fb3b1 Merge pull request #58 from bartleyg/patch-1
• 1127c84 fix copy pasta test
• 7ff4e92 Update changelog for v1.1.0
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.19.2 to 0.20.2

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.2

What's Changed

• deps: bump docker dep by @​imjasonh in google/go-containerregistry#1991

Full Changelog: google/go-containerregistry@v0.20.1...v0.20.2

v0.20.1

What's Changed

• Create remote.Push by @​mattmoor in google/go-containerregistry#1978

Full Changelog: google/go-containerregistry@v0.20.0...v0.20.1

v0.20.0

What's Changed

• Referrer API must return correct Content-Type by @​GregoireW in google/go-containerregistry#1968
• 🚨 POTENTIALLY BREAKING: Restore blind-write to remote.Put by @​jonjohnsonjr in google/go-containerregistry#1970

New Contributors

• @​GregoireW made their first contribution in google/go-containerregistry#1968

Full Changelog: google/go-containerregistry@v0.19.2...v0.20.0

Commits

• c195f15 deps: bump docker dep (#1991)
• c3d1dcc Create remote.Push (#1978)
• d36047a Restore blind-write to remote.Put (#1970)
• 9915a85 Referrer API must return correct Content-Type (#1968)
• See full diff in compare view

Updates github.com/sylabs/sif/v2 from 2.17.1 to 2.19.1

Release notes

Sourced from github.com/sylabs/sif/v2's releases.

v2.19.1

What's Changed

• chore: bump golangci-lint to v1.60 by @​tri-adam in sylabs/sif#383
• fix: correct the range check for descriptor IDs by @​tri-adam in sylabs/sif#384

Full Changelog: sylabs/sif@v2.19.0...v2.19.1

v2.19.0

This release drops support for Go 1.21.

What's Changed

• build(deps): bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1 by @​dependabot in sylabs/sif#378
• build(deps): bump github.com/sebdah/goldie/v2 from 2.5.3 to 2.5.5 by @​dependabot in sylabs/sif#379
• build(deps): bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2 by @​dependabot in sylabs/sif#380
• chore: bump module to Go 1.22 by @​tri-adam in sylabs/sif#382
• build(deps): bump github.com/sigstore/sigstore from 1.8.4 to 1.8.8 by @​dependabot in sylabs/sif#381

Full Changelog: sylabs/sif@v2.18.0...v2.19.0

v2.18.0

What's Changed

• docs: update links to Go docs by @​tri-adam in sylabs/sif#375
• refactor: improve compaction logic by @​tri-adam in sylabs/sif#373
• build(deps): bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 by @​dependabot in sylabs/sif#376
• feat: add DeleteObjects by @​tri-adam in sylabs/sif#374

Full Changelog: sylabs/sif@v2.17.1...v2.18.0

Commits

• 1ed3ce5 Merge pull request #384 from tri-adam/overflow-fix
• 6f00aba fix: check descriptor capacity during SIF creation
• c1fcc37 fix: correct the range check for descriptor IDs
• fd8a090 Merge pull request #383 from tri-adam/golangci-lint-v1.60
• d2a9ddc fix: address lint with golangci-lint v1.60
• f4453b3 ci: remove deprecated exportloopref linter
• dd77d01 chore: bump golangci-lint to v1.60
• 518b3a3 build(deps): bump github.com/sigstore/sigstore from 1.8.4 to 1.8.8 (#381)
• afa5a4e Merge pull request #382 from tri-adam/go-1.23
• 9a07943 chore: bump module to Go 1.22
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.25.0 to 0.27.0

Commits

• c9da6b9 all: fix printf(var) mistakes detected by latest printf checker
• b35ab4f go.mod: update golang.org/x dependencies
• bcb0f91 internal/poly1305: Port sum_amd64.s to Avo
• 7eace71 chacha20poly1305: Avo port of chacha20poly1305_amd64.s
• 620dfbc salsa20/salsa: Port salsa20_amd64.s to Avo
• 82942cf blake2b: port blake2b_amd64.s to Avo
• 0484c26 blake2b: port blake2bAVX2_amd64.s to Avo
• 38ed1bc blake2s: port blake2s_amd64.s to Avo
• 38a0b5d argon2: Avo port of blamka_amd64.s
• bf5f14f x509roots/fallback: update bundle
• Additional commits viewable in compare view

Updates github.com/docker/go-connections from 0.4.0 to 0.5.0

Commits

• fa09c95 Merge pull request #108 from thaJeztah/carry_6
• 7a67a58 Swap CloseRead and CloseWrite
• 481d3d2 Merge pull request #107 from thaJeztah/drop_legacy_go
• 9548f9f tlsconfig: remove deprecated io/ioutil
• c564c21 drop support for go1.17 and older
• 7cbebcf gha: update actions
• 2cf423f tlsconfig: move allTLSVersions var
• dca283b tlsconfig: drop support for go1.12 and older
• 21876c5 tlsconfig: drop support for go1.6 and older
• 4d174db tlsconfig: drop support for go1.4 and older
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #293.