Bump github.com/moby/buildkit from 0.19.0 to 0.20.0

[dependabot]

Bumps github.com/moby/buildkit from 0.19.0 to 0.20.0.

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.20.0

Welcome to the v0.20.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• CrazyMax
• Tõnis Tiigi
• Sebastiaan van Stijn
• Jonathan A. Sternberg
• Akihiro Suda
• Anthony Nandaa
• Shaun Thompson
• Austin Vazquez
• Bertrand Paquet
• Brian Goff
• Pranav Pandit

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.14.0
• Github Actions cache backend has been updated to support v2 API. Github is expected to stop supporting V1 API from March 1st 2025. #5720 #5750 #5754
• Support for CDI (Container Device Interface) devices has been added allowing builds to use GPUs and other defined devices. Build steps can now request devices to be injected into the container, if they are permitted to do so. In Dockerfile, devices are currently available in the labs channel. #4056 #5722 #5726 #5729 #5742
• History record APIs now support server-side filters and limiting amount of records returned. #5705
• Update Runc to v1.2.5. #5741
• Embedded binfmt emulators in the release image have been updated to QEMU v9.2.0 #5695 #5736
• Fix possible errors from credentials expiration for long builds. #5684
• Fix possible crash from S3 remote cache backend. #5597
• Fix possible record leak in Bolt database. #5692
• Fix invalid warning messages when running subrequests (e.g. check, outline) for a specific platform. #5730

Dependency Changes

• github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 -> v1.16.0
• github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 -> v1.8.0
• github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 -> v1.10.0
• github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v0.4.1 -> v1.5.0
• github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 -> v1.3.2
• github.com/containerd/cgroups/v3 v3.0.3 -> v3.0.5
• github.com/containerd/fuse-overlayfs-snapshotter/v2 v2.1.0 -> v2.1.1
• github.com/containerd/go-cni v1.1.11 -> v1.1.12
• github.com/docker/cli v27.5.0 -> v27.5.1
• github.com/docker/docker v27.5.0 -> v27.5.1
• github.com/moby/term v0.5.0 -> v0.5.2
• github.com/package-url/packageurl-go 89078438f170 -> v0.1.1
• github.com/petermattis/goid 4fcff4a6cae7 new

... (truncated)

Commits

• 121ecd5 Merge pull request #5761 from jsternberg/v0.20.0-picks
• c7153d1 cache(gha): fix missing user-agent for importer
• c016cda cache(gha): set user-agent for github cache service requests
• 6cad2f9 Merge pull request #5755 from crazy-max/0.20_backport_rc3
• b0f75aa test: handle gha cache v2
• 5ae6c31 buildctl: set fallback url for gha cache
• 61f13c0 dockerfile: update runc to 1.2.5
• 281e8c9 client: test cdi entitlement
• f901bcc cdi: test find devices
• e500309 cdi: keep auto refresh
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)