Skip to content

build(deps): bump the dependencies group across 1 directory with 7 updates #5963

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

build(deps): bump the dependencies group across 1 directory with 7 updates #5963

wants to merge 2 commits into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025

Bumps the dependencies group with 7 updates in the / directory:

Package From To
github.com/docker/cli 28.4.0+incompatible 28.5.1+incompatible
github.com/docker/docker 28.4.0+incompatible 28.5.1+incompatible
github.com/go-git/go-git/v5 5.16.2 5.16.3
github.com/rhysd/actionlint 1.7.7 1.7.8
github.com/spf13/pflag 1.0.9 1.0.10
golang.org/x/term 0.35.0 0.36.0
google.golang.org/protobuf 1.36.9 1.36.10

Updates github.com/docker/cli from 28.4.0+incompatible to 28.5.1+incompatible

Commits
  • e180ab8 Merge pull request #6541 from vvoland/6540-28.x
  • 0d799c5 update to go1.24.8
  • 887030f Merge pull request #6522 from thaJeztah/28.x_bump_moby
  • 9c6a0e0 Merge pull request #6531 from thaJeztah/28.x_backport_bump_macos
  • f784471 vendor: github.com/docker/docker cd048300a487 (v28.5.0-dev)
  • d7afcf9 Merge pull request #6529 from thaJeztah/28.x_backport_deprecate_ResolveDefaul...
  • 9d9adf6 gha: add macOS 15, remove macOS 13 (deprecated)
  • d4b7734 cli/command: deprecate ResolveDefaultContext
  • a106161 Merge pull request #6519 from thaJeztah/28.x_backport_authconfig_no_direct_cast
  • 5e42f82 Merge pull request #6518 from thaJeztah/28.x_backport_memstore_notfounderr
  • Additional commits viewable in compare view

Updates github.com/docker/docker from 28.4.0+incompatible to 28.5.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.5.1

28.5.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Deprecations

  • api/types/image: InspectResponse: deprecate Parent and DockerVersion fields. moby/moby#51105
  • api/types/plugin: deprecate Config.DockerVersion field. moby/moby#51110

v28.5.0

28.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Don't print warnings in docker info for broken symlinks in CLI-plugin directories. docker/cli#6476
  • Fix a panic during stats on empty event Actor.ID. docker/cli#6471

Packaging updates

Networking

  • Eliminated harmless warning about deletion of endpoint_count from the data store. moby/moby#51064
  • Fix a bug causing IPAM plugins to not be loaded on Windows. moby/moby#51035

API

  • Deprecate support for kernel memory TCP accounting (KernelMemoryTCP). moby/moby#51067
  • Fix GET containers/{name}/checkpoints returning null instead of empty JSON array when there are no checkpoints. moby/moby#51052

... (truncated)

Commits
  • f8215cc Merge pull request #51137 from austinvazquez/cherry-pick-vendor-buildkit-0.25...
  • 40a856a hack: add patch to buildkit tests
  • 5d1c311 vendor: update buildkit to v0.25.1
  • 90506c1 Merge pull request #51133 from vvoland/51132-28.x
  • 17db0cd Merge pull request #51128 from thaJeztah/28.x_backport_gcpolicy-invalid-calcu...
  • f7c40ea update to go1.24.8
  • dccf7c8 builder: use proper percentage calculations for default gc policy
  • 0f040aa Merge pull request #51126 from vvoland/51124-28.x
  • 5b1a039 ci: fix cache for go modules
  • 8fa4bd5 Merge pull request #51121 from crazy-max/28.x_ci-caches-fixes
  • Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.16.2 to 5.16.3

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.3

What's Changed

Full Changelog: go-git/go-git@v5.16.2...v5.16.3

Commits
  • ad9a3a5 Merge pull request #1633 from baloo/baloo/release-5.x/jj-signed-commits
  • f2c3467 plumbing: support extra headers, support jujutsu signed commit [5.x]
  • c12263d Merge pull request #1646 from baloo/baloo/release-5.x/fixup-windows-ci
  • 111f374 build: disable fuzzing on maintenance branch
  • 15d46ce build: raise timeouts for windows CI tests
  • ce83ba1 Merge pull request #1644 from baloo/baloo/release-5.x/fixup-build
  • b486201 internal: Expand regex to fix build
  • See full diff in compare view

Updates github.com/rhysd/actionlint from 1.7.7 to 1.7.8

Release notes

Sourced from github.com/rhysd/actionlint's releases.

v1.7.8

Changelog

Sourced from github.com/rhysd/actionlint's changelog.

v1.7.8 - 2025-10-11

[Changes][v1.7.8]

Commits
  • e7d448e bump up version to v1.7.8
  • 8e91629 follow the URL change in the official security document
  • 724284c ignore .exe files in scripts directory
  • 493abb8 remove redundant type annotations
  • 6aa7c19 fix linting playground sources does not work on Windows
  • c9a84fe Merge pull request #577 from muzimuzhi/check_run_id-is-number
  • 8571752 add peter-evans/create-or-update-comment@v5 to popular actions data set
  • 4701b7a set @main explicitly when installing the head via go install
  • 433415b fix legacy ENV format and case sensitivity in Dockerfile
  • a9fd256 migrate from macos-13 runner to macos-15-intel runner
  • Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.9 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

New Contributors

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

Commits
  • 0491e57 Merge pull request #448 from thaJeztah/fix_go_version
  • 72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
  • 7e4dfb1 Test on Go 1.12
  • 18a9d17 move Func, BoolFunc, tests as they require go1.21
  • c5b9e98 remove uses of errors.Is, which requires go1.13
  • 45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
  • See full diff in compare view

Updates golang.org/x/term from 0.35.0 to 0.36.0

Commits

Updates google.golang.org/protobuf from 1.36.9 to 1.36.10

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the dependencies group across 1 directory with 7 up…
c1b5fd0 
…dates

Bumps the dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/cli](https://github.com/docker/cli) | `28.4.0+incompatible` | `28.5.1+incompatible` |
| [github.com/docker/docker](https://github.com/docker/docker) | `28.4.0+incompatible` | `28.5.1+incompatible` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.2` | `5.16.3` |
| [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) | `1.7.7` | `1.7.8` |
| [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.9` | `1.0.10` |
| [golang.org/x/term](https://github.com/golang/term) | `0.35.0` | `0.36.0` |
| google.golang.org/protobuf | `1.36.9` | `1.36.10` |



Updates `github.com/docker/cli` from 28.4.0+incompatible to 28.5.1+incompatible
- [Commits](docker/cli@v28.4.0...v28.5.1)

Updates `github.com/docker/docker` from 28.4.0+incompatible to 28.5.1+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v28.4.0...v28.5.1)

Updates `github.com/go-git/go-git/v5` from 5.16.2 to 5.16.3
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.16.2...v5.16.3)

Updates `github.com/rhysd/actionlint` from 1.7.7 to 1.7.8
- [Release notes](https://github.com/rhysd/actionlint/releases)
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md)
- [Commits](rhysd/actionlint@v1.7.7...v1.7.8)

Updates `github.com/spf13/pflag` from 1.0.9 to 1.0.10
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](spf13/pflag@v1.0.9...v1.0.10)

Updates `golang.org/x/term` from 0.35.0 to 0.36.0
- [Commits](golang/term@v0.35.0...v0.36.0)

Updates `google.golang.org/protobuf` from 1.36.9 to 1.36.10

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-version: 28.5.1+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/docker/docker
  dependency-version: 28.5.1+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/rhysd/actionlint
  dependency-version: 1.7.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: golang.org/x/term
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 1, 2025
@codecov
Copy link

codecov bot commented Nov 1, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.70%. Comparing base (bd4bc99) to head (23785be).
⚠️ Report is 28 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5963      +/-   ##
==========================================
+ Coverage   74.65%   76.70%   +2.05%     
==========================================
  Files          73       73              
  Lines       11139     9201    -1938     
==========================================
- Hits         8316     7058    -1258     
+ Misses       2186     1507     -679     
+ Partials      637      636       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@mergify
Copy link
Contributor

mergify bot commented Nov 26, 2025
edited
Loading

Merge Queue Status Beta

🚫 The pull request has left the queue (rule: default)

This pull request spent 3 minutes 7 seconds in the queue, with no time waiting for CI.
The checks were run in-place.

Required conditions to merge

Reason

The merge conditions cannot be satisfied due to failing checks

Hint

You may have to fix your CI before adding the pull request to the queue again.
If you update this pull request, to fix the CI, it will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue instead, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

@mergify mergify bot added the queued label Nov 26, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 26, 2025

🦙 MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
✅ EDITORCONFIG editorconfig-checker 2 0 0.01s
✅ REPOSITORY gitleaks yes no 2.72s
✅ REPOSITORY git_diff yes no 0.01s
❌ REPOSITORY grype yes 7 12.6s
✅ REPOSITORY secretlint yes no 1.2s
✅ REPOSITORY trivy-sbom yes no 0.39s
✅ REPOSITORY trufflehog yes no 4.2s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@mergify mergify bot added needs-work Extra attention is needed dequeued and removed queued labels Nov 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file dequeued go Pull requests that update Go code needs-work Extra attention is needed size/S

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant