build(deps): bump the go-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the go-dependencies group with 8 updates in the / directory:

Package	From	To
github.com/chainguard-dev/kaniko	1.25.10	1.25.11
github.com/docker/cli	29.2.1+incompatible	29.3.0+incompatible
github.com/google/go-containerregistry	0.21.1	0.21.2
github.com/moby/moby/api	1.53.0	1.54.0
github.com/moby/moby/client	0.2.2	0.3.0
golang.org/x/oauth2	0.35.0	0.36.0
golang.org/x/sync	0.19.0	0.20.0
golang.org/x/sys	0.41.0	0.42.0

Updates github.com/chainguard-dev/kaniko from 1.25.10 to 1.25.11

Release notes

Sourced from github.com/chainguard-dev/kaniko's releases.

v1.25.11

What's Changed

• chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 by @​dependabot[bot] in chainguard-forks/kaniko#329
• chore(deps): bump the gomod group with 2 updates by @​dependabot[bot] in chainguard-forks/kaniko#328
• chore(deps): bump actions/setup-go from 6.2.0 to 6.3.0 in the actions group by @​dependabot[bot] in chainguard-forks/kaniko#327
• fix(util): resolve only parent dir in SecureJoin by @​tdunlap607 in chainguard-forks/kaniko#330

Full Changelog: chainguard-forks/kaniko@v1.25.10...v1.25.11

Changelog

Sourced from github.com/chainguard-dev/kaniko's changelog.

v1.25.0 and newer releases

Find information about newer releases in the releases and tags section of the source repository and the releases section of the documentation.

v1.24.0 Release 2025-05-21

The executor images in this release are:

gcr.io/kaniko-project/executor:v1.24.0
gcr.io/kaniko-project/executor:latest

The debug images are available at:

gcr.io/kaniko-project/executor:debug
gcr.io/kaniko-project/executor:v1.24.0-debug

The slim executor images which don't contain any authentication binaries are available at:

gcr.io/kaniko-project/executor:slim
gcr.io/kaniko-project/executor:v1.24.0-slim

Huge thank you for this release towards our contributors:

• Aaron Prindle
• Aswin A
• dependabot[bot]
• Michael Plump
• Mick van Gelderen
• Thomas L. Kjeldsen

v1.23.2 Release 2024-07-09

The executor images in this release are:

gcr.io/kaniko-project/executor:v1.23.2
gcr.io/kaniko-project/executor:latest

The debug images are available at:

gcr.io/kaniko-project/executor:debug
gcr.io/kaniko-project/executor:v1.23.2-debug
</tr></table> 

... (truncated)

Commits

• cb447ed fix(util): resolve only parent dir in SecureJoin to prevent symlink loops (#330)
• 00bca62 chore(deps): bump actions/setup-go in the actions group (#327)
• c80aeb7 chore(deps): bump the gomod group with 2 updates (#328)
• 3447433 chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#329)
• See full diff in compare view

Updates github.com/docker/cli from 29.2.1+incompatible to 29.3.0+incompatible

Commits

• 5927d80 Merge pull request #6844 from vvoland/update-docker
• 206fc8c vendor: github.com/moby/moby/client v0.3.0
• 874a8df vendor: github.com/moby/moby/api v1.54.0
• 964a6d2 Merge pull request #6792 from vvoland/bind-create
• 210147d Merge pull request #6843 from docker/dependabot/github_actions/docker/setup-b...
• 847f547 Merge pull request #6842 from docker/dependabot/github_actions/docker/login-a...
• 668b367 build(deps): bump docker/setup-buildx-action from 3 to 4
• 30a2ace build(deps): bump docker/login-action from 3 to 4
• 32aa575 docs/service: Document bind-create-src
• c747cff container/opts: Add bind-create-src mount option
• Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.1 to 0.21.2

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.2

What's Changed

• Better handle redirects to https in ping by @​jonjohnsonjr in google/go-containerregistry#2225

Full Changelog: google/go-containerregistry@v0.21.1...v0.21.2

Commits

• 9e0ccb0 Better handle redirects to https in ping (#2225)
• See full diff in compare view

Updates github.com/moby/moby/api from 1.53.0 to 1.54.0

Release notes

Sourced from github.com/moby/moby/api's releases.

api/v1.54.0

1.54.0

New

• GET /images/json now supports an identity query parameter. When set, the response includes manifest summaries and may include an Identity field for each manifest with trusted identity and origin information. moby/moby#52030

Bug fixes and enhancements

• api/types/swarm: PortConfig: add Compare method. moby/moby#52047
• api: swagger: document "platform" param for GET /image/{name}/json. moby/moby#52082
• Fix swagger/OpenAPI return value specification for /system/df endpoint. moby/moby#52124
• Add a MediaType pseudo-type to help discoverability of available mediatypes. moby/moby#52089
• api/types/jsonstream: Add sanity-check for Message marshaling. moby/moby#52059
• api/types/jsonstream: Prevent panic on nil-Error. moby/moby#52059

Commits

• 7f1a670 Merge pull request #52140 from vvoland/drop-replace
• 4569055 Drop replace rules
• 37cc25c Merge pull request #52040 from vvoland/network-connect-macaddres
• 2fa6029 network/connect: Support MacAddress
• c0625f2 Merge pull request #52124 from chemodax/patch-1
• 4c19a01 Merge pull request #52048 from shiv-tyagi/vendor-detection
• 018cdea Merge pull request #52119 from ricardobranco777/saveload
• 6d771cc Merge pull request #52137 from vvoland/label-notesting
• 71c4815 gha/labeler: Remove *_test.go from area/testing label
• 13a8626 daemon/devices: Turn RegisterGPUDeviceDrivers into func
• Additional commits viewable in compare view

Updates github.com/moby/moby/client from 0.2.2 to 0.3.0

Release notes

Sourced from github.com/moby/moby/client's releases.

client/v0.3.0

0.3.0

New

• client: ImageListOptions now supports Identity field. When set, the response includes manifest summaries and may include an Identity field for each manifest with trusted identity and origin information. moby/moby#52030

Bug fixes and enhancements

• Lower minimum API version from v1.44. to v1.40 (Docker 19.03). moby/moby#52067
• client/pkg/jsonmessage.DisplayJSONMessages now accepts an iter.Seq2[jsonstream.Message, error] instead of only a JSONMessagesStream,. moby/moby#52062

Changelog

Sourced from github.com/moby/moby/client's changelog.

0.3.0 (2013-05-06)

• Registry: Implement the new registry
• Documentation: new example: sharing data between 2 couchdb databases

• Runtime: Fix the command existance check
• Runtime: strings.Split may return an empty string on no match
• Runtime: Fix an index out of range crash if cgroup memory is not

• Documentation: Various improvments
• Vagrant: Use only one deb line in /etc/apt

Commits

• 4f202cd Bumped version to 0.3.0
• da01dd3 Merge remote-tracking branch 'origin/registry-update'
• 09f1cba Fixed imports
• c9994ed Moved the Debugf message in a registry to a more useful place
• b0e076f Add output to checksums, code cleaning
• 00266df Fixed public pull + Added some verbosity about what is happening
• 3febeb9 Added help message to invite to login when getting a 401
• bcdf030 Fixed pulling repositories from library
• a372f98 Switching to prod index server
• d985050 gofmt pass
• Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.35.0 to 0.36.0

Commits

• 4d954e6 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits

• ec11c4a errgroup: fix a typo in the documentation
• 1a58307 all: modernize interface{} -> any
• 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Updates golang.org/x/sys from 0.41.0 to 0.42.0

Commits

• eaaaaee windows/registry: correct KeyInfo.ModTime calculation
• 942780b cpu: darwin/arm64 feature detection
• acef388 unix/linux: Prefixmsg and PrefixCacheinfo structs
• 3687fbd cpu: better defaults on darwin ARM64
• 48062e9 plan9: change Note to alias syscall.Note
• 4f23f80 windows: change Signal to alias syscall.Signal
• 7548802 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions