Bump the go-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the go-dependencies group with 4 updates in the / directory: github.com/containerd/containerd, github.com/docker/docker, github.com/google/go-containerregistry and github.com/moby/buildkit.

Updates github.com/containerd/containerd from 1.7.24 to 1.7.25

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.25

Welcome to the v1.7.25 release of containerd!

The twenty-fifth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Update runc binary to v1.2.4 (#11238)
• Fix proto conflicts and update to 1.8 API (#11184)

Container Runtime Interface (CRI)

• Fix ip_pref configuration option (#11223)

Runtime

• Fix panic due to nil dereference cgroups v2 (#11099)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Akihiro Suda
• Derek McGowan
• Sebastiaan van Stijn
• Wei Fu
• Maksym Pavlenko
• Akhil Mohan
• Henry Wang
• Jin Dong
• Phil Estes
• Sam Edwards
• Samuel Karp
• Brian Goff
• David Son
• Kohei Tokunaga
• Pierre Gimalac
• Yang Yang
• bo.jiang

Changes

• Prepare release notes for v1.7.25 (#11243)
  • bda53fc60 Prepare release notes for v1.7.25
• Update runc binary to v1.2.4 (#11238)
  • d4a649130 update runc binary to v1.2.4

... (truncated)

Commits

• bcc810d Merge pull request #11243 from dmcgowan/prepare-v1.7.25
• bda53fc Prepare release notes for v1.7.25
• d46d74c Merge pull request #11238 from k8s-infra-cherrypick-robot/cherry-pick-11230-t...
• d4a6491 update runc binary to v1.2.4
• e76cc83 Merge pull request #11224 from thaJeztah/1.7_backport_debug-log-shim-plugin
• 1079d92 Merge pull request #11223 from thaJeztah/1.7_backport_fix-ipv6-pref
• 99c9737 runtime/v2: reduce shim plugin log
• 0cfc1ed Fix "even if IPv4 comes first" test to have IPv4 first
• 53d1fd0 Don't use To16() != nil to detect IPv6 addresses
• 142e855 Merge pull request #11203 from pgimalac/pgimalac/containerd-no-plugin
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.0.3+incompatible to 27.5.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.5.0

27.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.5.0 milestone
• moby/moby, 27.5.0 milestone

Bugfixes and enhancements

• containerd image store: Fix passing a build context via tarball to the /build endpoint. moby/moby#49194
• Builder garbage collection policies without a keepStorage value now inherit the defaultKeepStorage limit as intended. moby/moby#49137
• Preserve network labels during daemon startup. moby/moby#49200
• Fix a potential race condition error when deleting a container. moby/moby#49239

Go SDK

• pkg/sysinfo: deprecate NumCPU. This utility has the same behavior as runtime.NumCPU. moby/moby#49247
• pkg/fileutils: deprecate GetTotalUsedFds: this function is only used internally and will be removed in the next release. moby/moby#49209
• pkg/ioutils: deprecate BytesPipe, NewBytesPipe, ErrClosed, WriteCounter, NewWriteCounter, NewReaderErrWrapper, NopFlusher, NopWriter, NopWriteCloser. They were only used internally and will be removed in the next release. moby/moby#49246, moby/moby#49255
• pkg/reexec: This package is deprecated and moved to a separate module. Use github.com/moby/sys/reexec instead. moby/moby#49135

Packaging updates

• Update containerd to v1.7.25 moby/moby#49253
• Update runc to v1.2.4 moby/moby#49243
• Update BuildKit to v0.18.2 moby/moby#48949
• Update Compose to v2.32.2 docker/docker-ce-packaging#1140

v27.5.0-rc.2

27.5.0-rc.2

This is a pre-release of the upcoming 27.5.0 release.

Pre-releases are intended for testing new releases: only install in a test environment!

curl -fsSL https://get.docker.com -o get-docker.sh
sudo CHANNEL=test sh get-docker.sh

Known issues:

• There is no changelog yet; an overview of pull requests included in this release can be found on GitHub:
  • docker cli: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0
  • docker engine: all pull requests for 27.5.0 / all "changelog" pull requests for 27.5.0
• There are no packages available yet for the s390x and ppc64le architectures

Bugs and regressions can be reported in these issue trackers:

... (truncated)

Commits

• 38b84dc Merge pull request #49255 from thaJeztah/27.x_backport_ioutils_more_deprecations
• ae82113 Merge pull request #49253 from thaJeztah/27.x_backport_bump_containerd_binary...
• 8a2fd51 pkg/ioutils: deprecate NopWriteCloser
• cf37b66 pkg/ioutils: deprecate NopWriter
• c83f658 Dockerfile: update containerd to v1.7.25
• 931be8e Merge pull request #49246 from thaJeztah/27.x_backport_ioutils_deprecations
• 2e1aee3 Merge pull request #49249 from robmry/backport-27.x/fix_unit_tests_for_nftabl...
• f53d72e Fix unit tests for an nftables host
• 55f7055 Merge pull request #49243 from thaJeztah/27.x_backport_bump_runc_binary_1.2.4
• 36ad318 Merge pull request #49247 from thaJeztah/27.x_backport_deprecate_runtime_numcpu
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.20.2 to 0.20.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.20.3

What's Changed

• remote/transport: Make bearer transport go-routine-safe by @​2opremio in google/go-containerregistry#1806
• Expose compare package by @​jonjohnsonjr in google/go-containerregistry#2001
• fix: redact.URL uses (*URL).Redacted to omit basic-auth password by @​bmoylan in google/go-containerregistry#1947
• bump actions to latest by @​ajayk in google/go-containerregistry#2011
• don't pin chainguard-dev/actions by @​imjasonh in google/go-containerregistry#2025
• Check for 406 status code when handling referrers API endpoint response by @​malancas in google/go-containerregistry#2026
• mutate: Create a defensive annotations copy by @​jonjohnsonjr in google/go-containerregistry#2030
• Detect zstd in crane append by @​jonjohnsonjr in google/go-containerregistry#2023
• bump deps using hack/bump-deps.sh by @​imjasonh in google/go-containerregistry#2042

New Contributors

• @​bmoylan made their first contribution in google/go-containerregistry#1947
• @​ajayk made their first contribution in google/go-containerregistry#2011
• @​malancas made their first contribution in google/go-containerregistry#2026

Full Changelog: google/go-containerregistry@v0.20.2...v0.20.3

Commits

• c4dd792 bump deps using hack/bump-deps.sh (#2042)
• 6bce25e Detect zstd in crane append (#2023)
• 06dcd85 mutate: Create a defensive annotations copy (#2030)
• a9a53a8 check for 406 status code when handling referrers endpoint response (#2026)
• 4630c40 don't pin chainguard-dev/actions (#2025)
• 808e354 bump actions to latest (#2011)
• a07d1ca fix: redact.URL uses (*URL).Redacted to omit basic-auth password (#1947)
• 00f182b Expose compare package (#2001)
• b8e87ed remote/transport: Make bearer transport go-routine-safe (#1806)
• See full diff in compare view

Updates github.com/moby/buildkit from 0.14.1 to 0.19.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.19.0

Welcome to the v0.19.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Sebastiaan van Stijn
• Akihiro Suda
• Jonathan A. Sternberg
• Anthony Nandaa
• Brian Goff
• David Karlsson
• Marat Radchenko
• Shaun Thompson
• Alberto Garcia Hierro
• Daniel Githinji
• Peter Engelbert
• Steeve Chailloux
• lvyaoting

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.13.0
• Attestations embedded into build results can now be generated in OCI artifact format with oci-artifact=true option #5573
• Platform specifiers that set Windows OSVersion are now supported #5614
• Add powershell.exe dir to default PATH for WCOW #5446
• Allow unix address for debug address for buildkitd #5568
• Requests that pull in Git sources now inherit proxy environment variables from buildkitd #5613
• Update Runc to v1.2.4 #5639
• Update RootlessKit to v2.3.2 #5674
• Fix possible "unknown file mode" error when transferring files on Windows #5636 #5657
• Fix possible panic from data race in history record serialization #5666
• Fix error message for invalid includepatterns #5649
• Fix invalid index.json annotations on tar=false export #5589
• Fix possible panic when walking provenance due to race condition #5606

Dependency Changes

• github.com/AdaLogics/go-fuzz-headers ced1acdcaa24 -> e8a1dd7889d6
• github.com/AdamKorcz/go-118-fuzz-build 8075edf89bb0 -> 2b5cbb29f3e2
• github.com/Microsoft/hcsshim v0.12.8 -> v0.12.9
• github.com/aws/aws-sdk-go-v2 v1.24.1 -> v1.30.3
• github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.5.4 -> v1.6.3
• github.com/aws/aws-sdk-go-v2/config v1.26.6 -> v1.27.27

... (truncated)

Commits

• 3637d1b Merge pull request #5676 from crazy-max/v0.19_backport_rootless-update
• fd911c1 Dockerfile: update RootlessKit to v2.3.2
• 3a76127 Merge pull request #5613 from WnP/git-proxy
• 4f97acf fix git http_proxy ignored
• c2c70ac Merge pull request #5643 from crazy-max/update-libcap
• 77c7489 Merge pull request #5656 from cpuguy83/platform_format_add_config_check
• e7185ac Merge pull request #5636 from jsternberg/unroll-prune-loop
• f55aa54 Merge pull request #5665 from jsternberg/clear-mode-irregular
• f101ab5 Merge pull request #5666 from tonistiigi/marshal-history-record-fix
• 45177da contenthash: clear ModeIrregular before sending to archive/tar
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions