Bump the gomodupdates group across 1 directory with 22 updates

[dependabot]

Bumps the gomodupdates group with 20 updates in the / directory:

Package	From	To
github.com/CycloneDX/cyclonedx-go	0.9.1	0.9.2
github.com/aws/aws-sdk-go-v2	1.32.6	1.32.7
github.com/aws/aws-sdk-go-v2/config	1.28.6	1.28.7
github.com/aws/aws-sdk-go-v2/service/ec2	1.195.0	1.198.1
github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect	1.27.7	1.27.8
github.com/aws/aws-sdk-go-v2/service/secretsmanager	1.34.7	1.34.8
github.com/aws/aws-sdk-go-v2/service/ssm	1.56.1	1.56.2
github.com/docker/cli	27.4.0-rc.2+incompatible	27.4.1+incompatible
github.com/docker/docker	27.4.0-rc.2+incompatible	27.4.1+incompatible
github.com/pierrec/lz4/v4	4.1.21	4.1.22
go.mondoo.com/ranger-rpc	0.6.4	0.6.5
golang.org/x/crypto	0.30.0	0.31.0
golang.org/x/net	0.32.0	0.33.0
google.golang.org/grpc	1.68.1	1.69.2
google.golang.org/protobuf	1.35.2	1.36.0
k8s.io/apimachinery	0.28.9	0.32.0
k8s.io/client-go	0.28.9	0.32.0
k8s.io/component-base	0.28.9	0.32.0
k8s.io/kubelet	0.28.9	0.32.0
github.com/moby/buildkit	0.18.1	0.18.2

Updates github.com/CycloneDX/cyclonedx-go from 0.9.1 to 0.9.2

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.9.2

Changelog

Features

• 39ede217f126cfbc80eabf880f6643be3d392a4f: feat: add MarshalXML and UnmarshalXML (@​DmitriyLewen)
• e9191ed11a269fcb6b3fb54e000ed6d81b5bf9db: feat: add UnmarshalJSON (@​DmitriyLewen)

Fixes

• 80fede1f13a956d35eb14696cd2ca9d2d943f809: fix: add json tag for Identity (@​DmitriyLewen)
• 24e9503293f0837e6e7ea3ff670ef958e6075b87: fix: tests (@​DmitriyLewen)
• d68a199bc1747e5d6a7d4196c2f270535bbf6e3e: fix: use identity as array in valid-evidence.json (@​DmitriyLewen)
• ff9cc28f9c9554328bd6c1ad56098be5a692d5e9: fix: use componentEvidence array for Evidence.Identity field (@​DmitriyLewen)

Building and Packaging

• 016ee293d464d6383be3a714f7fb0debebef8ad5: build(deps): bump actions/checkout from 4.1.7 to 4.2.0 (@​dependabot[bot])
• 77153ab5fe005f6484ac1e1225e7152df00db3f1: build(deps): bump actions/checkout from 4.2.0 to 4.2.1 (@​dependabot[bot])
• 4f50d02c1282ac1d0d7448502b231a0e84a1e529: build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (@​dependabot[bot])
• b84451219e77e0fbbe7d5ba054bcf25dbc7aaea4: build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 (@​dependabot[bot])
• 238cbea3479fed9fdfcbfa5f1751828390a05211: build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 (@​dependabot[bot])
• bbe8f3c2c7c4567514ae966c69bf93fc1b3dba2a: build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (@​dependabot[bot])
• 05f8930fe918a31941ebf90eec627e5e6e908d1c: build(deps): bump github.com/terminalstatic/go-xsd-validate (@​dependabot[bot])
• 082f87791a5e290c9d4c6e8126dc0cc987028a60: build(deps): bump gitpod/workspace-go from 2a9e01c to 9c95281 (@​dependabot[bot])
• 093b1c15164dad5d46768db0e3f6ee43eb60ca20: build(deps): bump gitpod/workspace-go from 9c95281 to 6932342 (@​dependabot[bot])
• 47b7e01ce8f8209894065e9656217b8c00a3c8ea: build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 (@​dependabot[bot])
• ce6eb841cb1e21aa28efbccd9eb8fe5eea0555c9: build(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 (@​dependabot[bot])

Others

• 4d3aff9fab9ae78bd6fbbc9fd0912fab14c8fb64: UPDATE_SNAPSHOTS=true make test (@​DmitriyLewen)
• 31d954443e6563aeee69d82bdfb82aee83e07df1: refactor (@​DmitriyLewen)
• 0170729e313a681fc8659643601410ae10ffe803: refactor: update convert package (@​DmitriyLewen)

Commits

• cba06ff Merge pull request #205 from CycloneDX/dependabot/go_modules/github.com/termi...
• 5c81749 Merge pull request #211 from CycloneDX/dependabot/github_actions/actions/setu...
• 753526c Merge pull request #204 from DmitriyLewen/fix/componentEvidence-as-array
• 4d3aff9 UPDATE_SNAPSHOTS=true make test
• d68a199 fix: use identity as array in valid-evidence.json
• 24e9503 fix: tests
• 238cbea build(deps): bump actions/setup-go from 5.1.0 to 5.2.0
• a7f7415 Merge branch 'master' of github.com:DmitriyLewen/cyclonedx-go into fix/compon...
• 05f8930 build(deps): bump github.com/terminalstatic/go-xsd-validate
• 464d426 Merge pull request #202 from CycloneDX/dependabot/github_actions/actions/chec...
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.32.6 to 1.32.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.6 to 1.28.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.47 to 1.17.48

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/ec2/imds from 1.16.21 to 1.16.22

Commits

• 7655449 Release 2022-10-21
• dcae829 Regenerated Clients
• b82766b Update API model
• 1c05fb6 Implements IsCredentialsProvider for checking if a provider matches a target ...
• 0fab39a Merge pull request #1888 from aws/isvita/issues-1787
• 56eb993 added changelog file
• cde8cbc Release 2022-10-20
• d7765f9 Regenerated Clients
• b9dab7e Update endpoints model
• 93ed3ee Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ec2 from 1.195.0 to 1.198.1

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ec2instanceconnect from 1.27.7 to 1.27.8

Commits

• 427c682 Release 2024-03-18
• 93e06ff Regenerated Clients
• 58be623 Update endpoints model
• 9927740 Update API model
• e5b7766 add ratelimit.None (#2562)
• 10c4487 Release 2024-03-15
• db0b1ab Regenerated Clients
• 92c0060 Update endpoints model
• e5bb86e Update API model
• 49b368e Release 2024-03-14
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/secretsmanager from 1.34.7 to 1.34.8

Commits

• f1d71c5 Release 2024-09-04
• e4813e1 Regenerated Clients
• 0e8bb90 Update partitions file
• 6a5875b Update endpoints model
• f7030de Update API model
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ssm from 1.56.1 to 1.56.2

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.4.0-rc.2+incompatible to 27.4.1+incompatible

Commits

• b9d17ea Merge pull request #5700 from thaJeztah/27.x_backport_remove_use_of_netfilter...
• a08a120 cli/command/system: remove BridgeNfIptables, BridgeNfIp6tables in tests
• 4870b3d Merge pull request #5699 from thaJeztah/27.x_backport_remove_system_isabs
• d3b59fb cli/command/container: use local copy of pkg/system.IsAbs
• ac40240 Merge pull request #5685 from thaJeztah/27.x_backport_bump_xx
• 3fa9480 Merge pull request #5690 from thaJeztah/27.x_backport_bump_gomd2man
• fce7c04 Merge pull request #5692 from thaJeztah/27.x_backport_remove_netfilter_warnings
• 70815c1 cli/command/system: remove netfilter warnings from tests
• 12d98b0 update go-md2man to v2.0.5
• f9783ec update xx to v1.6.1 for compatibility with alpine 3.21
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.4.0-rc.2+incompatible to 27.4.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.1

27.4.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.1 milestone
• moby/moby, 27.4.1 milestone

Bug fixes and enhancements

• Fix excessive memory allocations when OTel is not configured. moby/moby#49079
• The docker info command and the corresponding GET /info API endpoint no longer include warnings when bridge-nf-call-iptables or bridge-nf-call-ip6tables are disabled at the daemon is started. The br_netfilter kernel module is now attempted to be loaded when needed, which made those warnings inaccurate. moby/moby#49090
• Attempt to load kernel modules, including ip6_tables and br_netfilter when required, using a method that is likely to succeed inside a Docker-in-Docker container. moby/moby#49043
• Fix a bug that could result in an iptables DOCKER FILTER chain not being cleaned up on failure. moby/moby#49110

Deprecations

• pkg/system: Deprecate Lstat(), Mkdev(), Mknod(), FromStatT() and Stat() functions, and related StatT types. These were only used internally, and will be removed in the next release. moby/moby#49100
• libnetwork/iptables: Deprecate IPV, Iptables and IP6Tables types in favor of IPVersion, IPv4, and IPv6. This type and consts will be removed in the next release. moby/moby#49093
• libnetwork/iptables: Deprecate Passthrough. This function was only used internally, and will be removed in the next release. moby/moby#49119

Packaging updates

• Update Compose to v2.32.1. docker/docker-ce-packaging#1130
• Update Buildx to v0.19.3. docker/docker-ce-packaging#1132
• Update runc to v1.2.3 (static packages only). moby/moby#49085

v27.4.0

27.4.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.0 milestone
• moby/moby, 27.4.0 milestone

API

• GET /images/json with the manifests option enabled now preserves the original order in which manifests appeared in the manifest-index. moby/moby#48712

Bug fixes and enhancements

• When reading logs with the jsonfile or local log drivers, any errors while trying to read or parse underlying log files will cause the rest of the file to be skipped and move to the next log file (if one exists) rather than returning an error to the client and closing the stream. The errors are viewable in the Docker Daemon logs and exported to traces when tracing is configured. moby/moby#48842
• When reading log files, compressed log files are now only decompressed when needed rather than decompressing all files before starting the log stream. moby/moby#48842
• Fix an issue that meant published ports from one container on a bridge network were not accessible from another container on the same network with userland-proxy disabled, if the kernel's br_netfilter module was not loaded and enabled. The daemon will now attempt to load the module and enable bridge-nf-call-iptables or bridge-nf-call-ip6tables when creating a network with the userland proxy disabled. moby/moby#48685
• Fix loading of bridge and br_netfilter kernel modules. moby/moby#48966
• containerd image store: Fix Docker daemon failing to fully start with a "context deadline exceeded error" with containerd snapshotter and many builds/images. moby/moby#48954
• containerd image-store: Fix partially pulled images not being garbage-collected. moby#48910, moby/moby#48957
• containerd image store: Fix docker image inspect outputting duplicate references in RepoDigests. moby/moby#48785

... (truncated)

Commits

• c710b88 Merge pull request #49119 from thaJeztah/27.x_backport_libnetwork_deprecate_P...
• eda0a20 libnetwork/iptables: deprecate Passthrough
• b51622d libnet/iptables: deprecate type IPV
• 829ac83 Merge pull request #49104 from thaJeztah/27.x_backport_update_swagger_headers
• bd7da11 Merge pull request #49110 from thaJeztah/27.x_backport_fix_setupIPChains_defer
• 135b144 Merge pull request #49105 from thaJeztah/27.x_backport_testing-suse-apparmor
• 08de719 libnetwork/drivers/bridge: setupIPChains: fix defer checking wrong err
• 2a62319 Merge pull request #49100 from thaJeztah/27.x_backport_deprecate_pkg_system
• 6855ca1 integration-cli: don't skip AppArmor tests on SLES
• 224b305 docs/api: document correct case for Api-Version header
• Additional commits viewable in compare view

Updates github.com/pierrec/lz4/v4 from 4.1.21 to 4.1.22

Commits

• fdaa7e2 lz4stream/block: compute block checksum on the block not its source.
• See full diff in compare view

Updates go.mondoo.com/ranger-rpc from 0.6.4 to 0.6.5

Release notes

Sourced from go.mondoo.com/ranger-rpc's releases.

v0.6.5

What's Changed

• Bump contributor-assistant/github-action from 2.5.1 to 2.5.2 by @​dependabot in mondoohq/ranger-rpc#98
• Bump contributor-assistant/github-action from 2.5.2 to 2.6.1 by @​dependabot in mondoohq/ranger-rpc#99
• Bump golang.org/x/crypto from 0.27.0 to 0.28.0 in the gomodupdates group by @​dependabot in mondoohq/ranger-rpc#100
• Bump check-spelling/check-spelling from 0.0.22 to 0.0.24 by @​dependabot in mondoohq/ranger-rpc#103
• Bump the gomodupdates group across 1 directory with 4 updates by @​dependabot in mondoohq/ranger-rpc#105
• Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 in the gomodupdates group by @​dependabot in mondoohq/ranger-rpc#106
• Bump golang.org/x/crypto from 0.29.0 to 0.30.0 in the gomodupdates group by @​dependabot in mondoohq/ranger-rpc#107

Full Changelog: mondoohq/ranger-rpc@v0.6.4...v0.6.5

Commits

• b5865d6 Bump golang.org/x/crypto from 0.29.0 to 0.30.0 in the gomodupdates group (#107)
• f7415cf Bump github.com/stretchr/testify in the gomodupdates group (#106)
• d83ed86 Bump the gomodupdates group across 1 directory with 4 updates (#105)
• 36efefb Bump check-spelling/check-spelling from 0.0.22 to 0.0.24 (#103)
• a134222 Bump golang.org/x/crypto from 0.27.0 to 0.28.0 in the gomodupdates group (#100)
• 15eabb8 Bump contributor-assistant/github-action from 2.5.2 to 2.6.1 (#99)
• be8c7c1 Bump contributor-assistant/github-action from 2.5.1 to 2.5.2 (#98)
• See full diff in compare view

Updates golang.org/x/crypto from 0.30.0 to 0.31.0

Commits

• b4f1988 ssh: make the public key cache a 1-entry FIFO cache
• See full diff in compare view

Updates golang.org/x/net from 0.32.0 to 0.33.0

Commits

• dfc720d go.mod: update golang.org/x dependencies
• 8e66b04 html: use strings.EqualFold instead of lowering ourselves
• b935f7b html: avoid endless loop on error token
• 9af49ef route: remove unused sizeof* consts
• 6705db9 quic: clean up crypto streams when dropping packet protection keys
• 4ef7588 quic: handle ACK frame in packet which drops number space
• 552d8ac Revert "route: change from syscall to x/sys/unix"
• 13a7c01 Revert "route: remove unused sizeof* consts on freebsd"
• See full diff in compare view

Updates google.golang.org/grpc from 1.68.1 to 1.69.2

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.69.2

Bug Fixes

• stats/experimental: add type aliases for symbols (Metrics/etc) that were moved to the stats package (#7929).
• client: set user-agent string to the correct version.

Release 1.69.0

Known Issues

• The recently added grpc.NewClient function is incompatible with forward proxies, because it resolves the target hostname on the client instead of passing the hostname to the proxy. A fix is expected to be a part of grpc-go v1.70. (#7556)

New Features

• stats/opentelemetry: Introduce new APIs to enable OpenTelemetry instrumentation for metrics on servers and clients (#7874)
• xdsclient: add support to fallback to lower priority servers when higher priority ones are down (#7701)
• dns: Add support for link local IPv6 addresses (#7889)
• The new experimental pickfirst LB policy (disabled by default) supports Happy Eyeballs, interleaving IPv4 and IPv6 address as described in RFC-8305 section 4, to attempt connections to multiple backends concurrently. The experimental pickfirst policy can be enabled by setting the environment variable GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST to true. (#7725, #7742)
• balancer/pickfirst: Emit metrics from the pick_first load balancing policy (#7839)
• grpc: export MethodHandler, which is the type of an already-exported field in MethodDesc (#7796)
  • Special Thanks: @​mohdjishin

Bug Fixes

• credentials/google: set scope for application default credentials (#7887)
  • Special Thanks: @​halvards
• xds: fix edge-case issues where some clients or servers would not initialize correctly or would not receive errors when resources are invalid or unavailable if another channel or server with the same target was already in use . (#7851, #7853)
• examples: fix the debugging example, which was broken by a recent change (#7833)

Behavior Changes

• client: update retry attempt backoff to apply jitter per updates to gRFC A6. (#7869)
  • Special Thanks: @​isgj
• balancer/weightedroundrobin: use the pick_first LB policy to manage connections (#7826)

API Changes

• balancer: An internal method is added to the balancer.SubConn interface to force implementors to embed a delegate implementation. This requirement is present in the interface documentation, but wasn't enforced earlier. (#7840)

Performance Improvements

• mem: implement a ReadAll() method for more efficient io.Reader consumption (#7653)
  • Special Thanks: @​ash2k
• mem: use slice capacity instead of length to determine whether to pool buffers or directly allocate them (#7702)
  • Special Thanks: @​PapaCharlie

Documentation

• examples/csm_observability: Add xDS Credentials and switch server to be xDS enabled (#7875)

Release 1.68.2

Dependencies

... (truncated)

Commits

• b615b35 Change version to 1.69.2 (#7947)
• 6b36a3e experimental/stats: re-add type aliases for migration (#7929) (#7941)
• 4535c6d Change version to 1.69.2-dev (#7928)
• b6e7c72 examples/features/csm_observability: Make CSM Observability example server li...
• 9355fbc Change version to 1.69.1 (#7927)
• 927a1e1 Change version to 1.69.1-dev (#7902)
• 97d633a Change version to 1.69.0 (#7901)
• 317271b pickfirst: Register a health listener when used as a leaf policy (#7832)
• 5565631 balancer/pickfirst: replace grpc.Dial with grpc.NewClient in tests (#7879)
• 634497b test: Split import paths for generated message and service code (#7891)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.35.2 to 1.36.0

Updates k8s.io/apimachinery from 0.28.9 to 0.32.0

Commits

• 59e9003 Merge remote-tracking branch 'origin/master' into release-1.32
• 639247c Drop use of winreadlinkvolume godebug option
• 220d7c3 Merge remote-tracking branch 'origin/master' into release-1.32
• c199d3b Revert to go1.22 windows filesystem stdlib behavior
• 16af2ff implement unsafe deletion, and wire it
• 6ff8305 api: run codegen
• ca9b8b2 api: add a new field to meta/v1 DeleteOptions
• d941d9f Merge pull request #128503 from benluddy/cbor-codecs-featuregate
• 3b4250f Wire serving codecs to CBOR feature gate.
• daaad09 Merge pull request #128501 from benluddy/watch-cbor-seq
• Additional commits viewable in compare view

Updates k8s.io/client-go from 0.28.9 to 0.32.0

Commits

• 0d55461 Update dependencies to v0.32.0 tag
• 4765ade Merge remote-tracking branch 'origin/master' into release-1.32
• 692a511 Drop use of winreadlinkvolume godebug option
• 9df5099 Merge remote-tracking branch 'origin/master' into release-1.32
• 120beb2 Revert to go1.22 windows filesystem stdlib behavior
• 55d23e2 Align fake client-go clients with the main interface
• 646e79b Run codegen
• c475fe0 Generify fake clientsets
• 955401c Merge pull request #128407 from ndixita/pod-level-resources
• eddb107 Merge pull request #127857 from Jefftree/cle-v1alpha2
• Additional commits viewable in compare view

Updates k8s.io/component-base from 0.28.9 to 0.32.0

Commits

• 52977b0 Update dependencies to v0.32.0 tag
• e168b31 Merge remote-tracking branch 'origin/master' into release-1.32
• 46e6e7b Drop use of winreadlinkvolume godebug option
• c7b5643 Merge remote-tracking branch 'origin/master' into release-1.32
• a6cf394 Merge pull request #129081 from stlaz/fg_remote_uid
• af0d53b Merge remote-tracking branch 'origin/master' into release-1.32
• ceed2e3 Update tests to handle RemoteRequestHeaderUID
• 6a10d97 Revert to go1.22 windows filesystem stdlib behavior
• ad7c524 Generify fake clientsets
• 804c007 Merge pull request #127581 from richabanker/flagz-apiserver
• Additional commits viewable in compare view

Updates k8s.io/kubelet from 0.28.9 to 0.32.0

Commits

• ab6d6c0 Update dependencies to v0.32.0 tag
• 78330cb Merge remote-tracking branch 'origin/master' into release-1.32
• 9aa82a6 Drop use of winreadlinkvolume godebug option
• 351b167 Merge remote-tracking branch 'origin/master' into release-1.32
• 97885c0 Revert to go1.22 windows filesystem stdlib behavior
• de4c476 DRA kubelet: use unique protobuf package name
• 3b14f64 KEP-4603: Node specific kubelet config for maximum backoff down to 1 second (...
• 353a4bc Merge pull request #126503 from skitt/generic-fake-client
• 35e9b33 Generify fake clientsets
• 2466f75 Merge pull request #128646 from pohly/dra-kubelet-separate-beta-api
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.18.1 to 0.18.2

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.18.2

buildkit 0.18.2

Welcome to the v0.18.2 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.12.1 changelog
• Fix possible concurrent map write error #5577
• Update Runc to v1.2.3 to fix possible build error when using parallel cache mounts #5588 #5590

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.18.1

Commits

• e4da654 Merge pull request #5601 from tonistiigi/v0.18.2-picks
• 987b409 dockerfile: fix named context replacement for child stages
• 873382b dockerfile: fix onbuild propagation for child stages
• 6614837 dockerfile: add regression test for parallel cache mounts
• 25649b3 Dockerfile: update runc binary to v1.2.3
• 36a6e05 llb: avoid concurrent map write on parallel marshal
• 4241ae2 update xx to v1.6.1
• 715418b hack: remove loong64 validation in archutil
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Test Results

0 tests   - 3 205   0 ✅  - 3 202   0s ⏱️ - 1m 39s
0 suites  -   379   0 💤  -     3 
0 files    -    29   0 ❌ ±    0 

Results for commit cd32635. ± Comparison against base commit 1784c48.

♻️ This comment has been updated with latest results.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.