Skip to content

Bump the go-dependencies group across 1 directory with 6 updates#1640

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-dependencies-273a2ad335
Open

Bump the go-dependencies group across 1 directory with 6 updates#1640
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-dependencies-273a2ad335

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026
edited
Loading

Bumps the go-dependencies group with 5 updates in the / directory:

Package From To
github.com/containerd/containerd 1.7.30 1.7.31
github.com/google/go-containerregistry 0.21.4 0.21.5
github.com/moby/moby/api 1.54.1 1.54.2
github.com/moby/moby/client 0.4.0 0.4.1
github.com/osscontainertools/kaniko 1.27.2 1.27.3

Updates github.com/containerd/containerd from 1.7.30 to 1.7.31

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.31

Welcome to the v1.7.31 release of containerd!

The thirty-first patch release for containerd 1.7 contains various fixes and updates including a security patch.

Security Updates

Highlights

Container Runtime Interface (CRI)

  • Fix CNI issue where DEL is never executed after a restart (#12931)
  • Sanitize error before gRPC return to prevent possible credential leak in pod events (#12805)
  • Improve error message and add warning when concurrent container creation is detected (#12744)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Samuel Karp
  • Maksym Pavlenko
  • Akhil Mohan
  • Phil Estes
  • Sebastiaan van Stijn
  • Wei Fu
  • Akihiro Suda
  • Alex Chernyakhovsky
  • Chris Henzie
  • Michael Zappa
  • Ricardo Branco
  • Shachar Tal
  • ningmingxiao
  • yashsingh74

Changes

  • Prepare release notes for v1.7.31 (#13221)
    • 7d2662653 Prepare release notes for v1.7.31
  • update github.com/moby/spdystream v0.5.1 (#13220)
    • 3f795c02a update github.com/moby/spdystream v0.5.1
  • update to Go 1.25.9, 1.26.2 (#13200)
    • 7b1e1b17b update to Go 1.25.9, 1.26.2
    • b673f2d42 update golangci-lint to v2.9.0 with go1.26 support

... (truncated)

Commits
  • 96caa5d Merge pull request #13221 from samuelkarp/prepare-release-1.7.31
  • 7d26626 Prepare release notes for v1.7.31
  • 67c7dbc Merge pull request #13220 from samuelkarp/update-spdystream-1.7
  • 3f795c0 update github.com/moby/spdystream v0.5.1
  • 81cf2b4 Merge pull request #13200 from chrishenzie/bump-go-1.25.9-1.7
  • 7b1e1b1 update to Go 1.25.9, 1.26.2
  • b673f2d update golangci-lint to v2.9.0 with go1.26 support
  • d88d851 remove windows/arm from cross build
  • a763407 Ignore warnings for golangci-lint bump
  • 03dcd83 ci: bump golangci from 6.5.2 to 7.0.0
  • Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.4 to 0.21.5

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.5

What's Changed

Full Changelog: google/go-containerregistry@v0.21.4...v0.21.5

Commits
  • 5b80281 build(deps): bump golang.org/x/tools from 0.43.0 to 0.44.0 in the go-deps gro...
  • b99bca2 build(deps): bump aws-actions/configure-aws-credentials (#2257)
  • f8be1d4 update to Go 1.26.2 (#2255)
  • 87ad88b Bump docker/cli v29.4.0, moby/api v1.54.1, moby/client v0.4.0 (#2254)
  • See full diff in compare view

Updates github.com/moby/moby/api from 1.54.1 to 1.54.2

Release notes

Sourced from github.com/moby/moby/api's releases.

api/v1.54.2

Changelog

Full Changelog: moby/moby@api/v1.54.1...api/v1.54.2

Commits
  • 6cbde19 Merge pull request #52387 from renovate-bot/renovate/golang-x
  • b602ac9 Merge pull request #52413 from justincormack/update-justin
  • d1a966e Merge pull request #51049 from thaJeztah/bump_memberlist_serf
  • 463f4c0 No longer a reviewer; update email address
  • 3ede246 Merge pull request #52410 from renovate-bot/renovate/github.com-aws-smithy-go...
  • 179985c Merge pull request #52358 from geekcoderr/52355-topology-swagger
  • 98c7106 vendor: github.com/hashicorp/memberlist v0.5.4, hashicorp/serf v0.10.2
  • b29d903 Merge pull request #52405 from renovate-bot/renovate/actions-github-script-9.x
  • f69fed1 fix(deps): update module github.com/aws/smithy-go to v1.25.0
  • 2a18e3d Merge pull request #52401 from renovate-bot/renovate/opentelemetry-go-contrib...
  • Additional commits viewable in compare view

Updates github.com/moby/moby/client from 0.4.0 to 0.4.1

Release notes

Sourced from github.com/moby/moby/client's releases.

client/v0.4.1

Bug fixes

  • client: fix ImagePullResponse.Wait, ImagePushResponse.Wait not returning an error if pull/push errors happend during the pull operation. moby/moby#52305

Other

Changelog

Sourced from github.com/moby/moby/client's changelog.

0.4.1 (2013-06-17)

  • Remote Api: Add flag to enable cross domain requests
  • Remote Api/Client: Add images and containers sizes in docker ps and docker images
  • Runtime: Configure dns configuration host-wide with 'docker -d -dns'
  • Runtime: Detect faulty DNS configuration and replace it with a public default
  • Runtime: allow docker run :
  • Runtime: you can now specify public port (ex: -p 80:4500)
  • Client: allow multiple params in inspect
  • Client: Print the container id before the hijack in docker run
  • Registry: add regexp check on repo's name
  • Registry: Move auth to the client
  • Runtime: improved image removal to garbage-collect unreferenced parents
  • Vagrantfile: Add the rest api port to vagrantfile's port_forward
  • Upgrade to Go 1.1
  • Builder: don't ignore last line in Dockerfile when it doesn't end with \n
  • Registry: Remove login check on pull
Commits

Updates github.com/osscontainertools/kaniko from 1.27.2 to 1.27.3

Release notes

Sourced from github.com/osscontainertools/kaniko's releases.

v1.27.3

What's Changed

Security

Bugfixes

Standardization

Usability

Maintenance

Fork Related

Changelog

Sourced from github.com/osscontainertools/kaniko's changelog.

v1.27.3 Release 2026-04-17

What's Changed

Security

Bugfixes

Standardization

Usability

Maintenance

Fork Related

Commits
  • 95c0d4e Merge pull request #645 from osscontainertools/release-v1.27.3
  • 4e4c543 release
  • 134b352 Merge pull request #644 from osscontainertools/dependabot/go_modules/gomod-14...
  • 44888e5 build(deps): bump the gomod group with 2 updates
  • a91a157 Merge pull request #643 from osscontainertools/dependabot/go_modules/google.g...
  • 8b124aa build(deps): bump step-security/harden-runner in the actions group (#642)
  • 6b5a662 build(deps): bump google.golang.org/api from 0.275.0 to 0.276.0
  • 101a07c build(deps): bump step-security/harden-runner in the actions group
  • 7bf7e43 1568: runCmdFilesUsedFromContext returned nil instead of empty slice (#641)
  • 3ccbe08 1568: bind mount (#615)
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.42.0 to 0.43.0

Commits
  • f33a730 windows: support nil security descriptor on GetNamedSecurityInfo
  • 493d172 cpu: add runtime import in cpu_darwin_arm64_other.go
  • 2c2be75 windows: use syscall.SyscallN in Proc.Call
  • a76ec62 cpu: roll back "use IsProcessorFeaturePresent to calculate ARM64 on windows"
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the go-dependencies group across 1 directory with 6 updates
c070fa4 
Bumps the go-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.30` | `1.7.31` |
| [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.21.4` | `0.21.5` |
| [github.com/moby/moby/api](https://github.com/moby/moby) | `1.54.1` | `1.54.2` |
| [github.com/moby/moby/client](https://github.com/moby/moby) | `0.4.0` | `0.4.1` |
| [github.com/osscontainertools/kaniko](https://github.com/osscontainertools/kaniko) | `1.27.2` | `1.27.3` |



Updates `github.com/containerd/containerd` from 1.7.30 to 1.7.31
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.30...v1.7.31)

Updates `github.com/google/go-containerregistry` from 0.21.4 to 0.21.5
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Commits](google/go-containerregistry@v0.21.4...v0.21.5)

Updates `github.com/moby/moby/api` from 1.54.1 to 1.54.2
- [Release notes](https://github.com/moby/moby/releases)
- [Commits](moby/moby@api/v1.54.1...api/v1.54.2)

Updates `github.com/moby/moby/client` from 0.4.0 to 0.4.1
- [Release notes](https://github.com/moby/moby/releases)
- [Changelog](https://github.com/moby/moby/blob/v0.4.1/CHANGELOG.md)
- [Commits](moby/moby@v0.4.0...v0.4.1)

Updates `github.com/osscontainertools/kaniko` from 1.27.2 to 1.27.3
- [Release notes](https://github.com/osscontainertools/kaniko/releases)
- [Changelog](https://github.com/osscontainertools/kaniko/blob/main/CHANGELOG.md)
- [Commits](osscontainertools/kaniko@v1.27.2...v1.27.3)

Updates `golang.org/x/sys` from 0.42.0 to 0.43.0
- [Commits](golang/sys@v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-version: 1.7.31
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/google/go-containerregistry
  dependency-version: 0.21.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/moby/moby/api
  dependency-version: 1.54.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/moby/moby/client
  dependency-version: 0.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/osscontainertools/kaniko
  dependency-version: 1.27.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 21, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 21, 2026 23:13
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants