lifubang
75188fab73
bump github.com/cyphar/filepath-securejoin from 0.6.0 to 0.6.1
...
Signed-off-by: lifubang <lifubang@acmcoder.com >
2025-11-20 19:43:22 +08:00
dependabot[bot]
da4ec2375c
build(deps): bump golang.org/x/net from 0.46.0 to 0.47.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.46.0 to 0.47.0.
- [Commits](https://github.com/golang/net/compare/v0.46.0...v0.47.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.47.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-20 09:52:34 +08:00
lfbzhm
db1b9368e1
Merge pull request #5018 from opencontainers/dependabot/go_modules/github.com/godbus/dbus/v5-5.2.0
...
build(deps): bump github.com/godbus/dbus/v5 from 5.1.0 to 5.2.0
2025-11-20 09:51:28 +08:00
dependabot[bot]
95baf621b4
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.13.0 to 1.13.1.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.13.0...v1.13.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-version: 1.13.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-20 01:15:13 +00:00
dependabot[bot]
8f2a85dc94
build(deps): bump github.com/godbus/dbus/v5 from 5.1.0 to 5.2.0
...
Bumps [github.com/godbus/dbus/v5](https://github.com/godbus/dbus ) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/godbus/dbus/releases )
- [Commits](https://github.com/godbus/dbus/compare/v5.1.0...v5.2.0 )
---
updated-dependencies:
- dependency-name: github.com/godbus/dbus/v5
dependency-version: 5.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-20 01:15:03 +00:00
Aleksa Sarai
3b75374cc7
runtime-spec: update pids.limit handling to match new guidance
...
The main update is actually in github.com/opencontainers/cgroups, but we
need to also update runtime-spec to a newer pre-release version to get
the updates from there as well.
In short, the behaviour change is now that "0" is treated as a valid
value to set in "pids.max", "-1" means "max" and unset/nil means "do
nothing". As described in the opencontainers/cgroups PR, this change is
actually backwards compatible because our internal state.json stores
PidsLimit, and that entry is marked as "omitempty". So, an old runc
would omit PidsLimit=0 in state.json, and this will be parsed by a new
runc as being "nil" -- and both would treat this case as "do not set
anything".
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-11 15:15:27 +11:00
dependabot[bot]
071beab281
build(deps): bump golang.org/x/sys from 0.37.0 to 0.38.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/sys/compare/v0.37.0...v0.38.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-version: 0.38.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-11-10 04:03:04 +00:00
Aleksa Sarai
96f1962f91
deps: update to github.com/opencontainers/selinux@v0.13.0
...
This new version includes the fixes for CVE-2025-52881, so we can remove
the internal/third_party copy of the library we added in commit
ed6b1693b8 ("selinux: use safe procfs API for labels") as well as the
"replace" directive in go.mod (which is problematic for "go get"
installs).
Fixes: ed6b1693b8 ("selinux: use safe procfs API for labels")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-08 02:14:38 +11:00
Aleksa Sarai
a41366e740
openat2: improve resilience on busy systems
...
Previously, we would see a ~3% failure rate when starting containers
with mounts that contain ".." (which can trigger -EAGAIN). To counteract
this, filepath-securejoin v0.5.1 includes a bump of the internal retry
limit from 32 to 128, which lowers the failure rate to 0.12%.
However, there is still a risk of spurious failure on regular systems.
In order to try to provide more resilience (while avoiding DoS attacks),
this patch also includes an additional retry loop that terminates based
on a deadline rather than retry count. The deadline is 2ms, as my
testing found that ~800us for a single pathrs operation was the longest
latency due to -EAGAIN retries, and that was an outlier compared to the
more common ~400us latencies -- so 2ms should be more than enough for
any real system.
The failure rates above were based on more 50k runs of runc with an
attack script (from libpathrs) running a rename attack on all cores of a
16-core system, which is arguably a worst-case but heavily utilised
servers could likely approach similar results.
Tested-by: Phil Estes <estesp@gmail.com >
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-05 18:57:51 +11:00
Aleksa Sarai
ed6b1693b8
selinux: use safe procfs API for labels
...
Due to the sensitive nature of these fixes, it was not possible to
submit these upstream and vendor the upstream library. Instead, this
patch uses a fork of github.com/opencontainers/selinux, branched at
commit opencontainers/selinux@879a755db5 .
In order to permit downstreams to build with this patched version, a
snapshot of the forked version has been included in
internal/third_party/selinux. Note that since we use "go mod vendor",
the patched code is usable even without being "go get"-able. Once the
embargo for this issue is lifted we can submit the patches upstream and
switch back to a proper upstream go.mod entry.
Also, this requires us to temporarily disable the CI job we have that
disallows "replace" directives.
Fixes: GHSA-cgrx-mc8f-2prm CVE-2025-52881
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-01 21:24:06 +11:00
Aleksa Sarai
44a0fcf685
go.mod: update to github.com/cyphar/filepath-securejoin@v0.5.0
...
In order to avoid lint errors due to the deprecation of the top-level
securejoin methods ported from libpathrs, we need to adjust
internal/pathrs to use the new pathrs-lite subpackage instead.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-01 21:24:03 +11:00
dependabot[bot]
e59062cec9
build(deps): bump golang.org/x/net from 0.45.0 to 0.46.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.45.0 to 0.46.0.
- [Commits](https://github.com/golang/net/compare/v0.45.0...v0.46.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.46.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-10-09 04:02:50 +00:00
dependabot[bot]
a35a0e0276
build(deps): bump golang.org/x/net from 0.44.0 to 0.45.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.44.0 to 0.45.0.
- [Commits](https://github.com/golang/net/compare/v0.44.0...v0.45.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.45.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-10-08 04:02:33 +00:00
dependabot[bot]
dbffd5cd08
build(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10
...
Bumps google.golang.org/protobuf from 1.36.9 to 1.36.10.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-version: 1.36.10
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-10-03 04:02:51 +00:00
Kir Kolyshkin
37b5acc2d7
libct: use manager.AddPid to add exec to cgroup
...
The main benefit here is when we are using a systemd cgroup driver,
we actually ask systemd to add a PID, rather than doing it ourselves.
This way, we can add rootless exec PID to a cgroup.
This requires newer opencontainers/cgroups and coreos/go-systemd.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-09-16 13:31:16 -07:00
Kir Kolyshkin
b5cb56413c
Merge pull request #4830 from marquiz/devel/rdt-schemata-field
...
libcontainer/intelrdt: add support for Schemata field
2025-09-16 13:23:43 -07:00
dependabot[bot]
ffe6d3a3c8
build(deps): bump golang.org/x/net from 0.43.0 to 0.44.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.43.0 to 0.44.0.
- [Commits](https://github.com/golang/net/compare/v0.43.0...v0.44.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.44.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-09-10 06:50:38 +00:00
dependabot[bot]
cbf8a4d933
build(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9
...
Bumps google.golang.org/protobuf from 1.36.8 to 1.36.9.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-version: 1.36.9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-09-10 04:02:44 +00:00
dependabot[bot]
527d2e668f
build(deps): bump golang.org/x/sys from 0.35.0 to 0.36.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.35.0 to 0.36.0.
- [Commits](https://github.com/golang/sys/compare/v0.35.0...v0.36.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-version: 0.36.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-09-08 04:02:59 +00:00
Kir Kolyshkin
26602650ad
Add go 1.25, require go 1.24
...
Now that Go 1.25 is out, let's switch to go 1.24.0 as a minimally
supported version, drop Go 1.23 and add Go 1.25 to CI matrix.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-08-27 19:11:01 -07:00
Markus Lehtonen
74c5436b7d
Update runtime-spec
...
Signed-off-by: Markus Lehtonen <markus.lehtonen@intel.com >
2025-08-26 19:55:01 +03:00
Rodrigo Campos
835591bab6
Merge pull request #4860 from opencontainers/dependabot/go_modules/google.golang.org/protobuf-1.36.8
...
build(deps): bump google.golang.org/protobuf from 1.36.7 to 1.36.8
2025-08-21 10:16:07 -03:00
dependabot[bot]
a876347d08
build(deps): bump github.com/coreos/go-systemd/v22 from 22.5.0 to 22.6.0
...
Bumps [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd ) from 22.5.0 to 22.6.0.
- [Release notes](https://github.com/coreos/go-systemd/releases )
- [Commits](https://github.com/coreos/go-systemd/compare/v22.5.0...v22.6.0 )
---
updated-dependencies:
- dependency-name: github.com/coreos/go-systemd/v22
dependency-version: 22.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-21 04:38:46 +00:00
dependabot[bot]
eedec9c5f0
build(deps): bump google.golang.org/protobuf from 1.36.7 to 1.36.8
...
Bumps google.golang.org/protobuf from 1.36.7 to 1.36.8.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-version: 1.36.8
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-21 04:38:43 +00:00
dependabot[bot]
db26a717b9
build(deps): bump golang.org/x/net from 0.42.0 to 0.43.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.42.0 to 0.43.0.
- [Commits](https://github.com/golang/net/compare/v0.42.0...v0.43.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.43.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-09 07:19:22 +00:00
dependabot[bot]
8f0bb87748
build(deps): bump golang.org/x/sys from 0.34.0 to 0.35.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.34.0 to 0.35.0.
- [Commits](https://github.com/golang/sys/compare/v0.34.0...v0.35.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-version: 0.35.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-09 06:55:58 +00:00
dependabot[bot]
bf33fe5fdb
build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.7
...
Bumps google.golang.org/protobuf from 1.36.6 to 1.36.7.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-version: 1.36.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-08 04:33:24 +00:00
dependabot[bot]
f6a52d7f5f
build(deps): bump github.com/seccomp/libseccomp-golang
...
Bumps [github.com/seccomp/libseccomp-golang](https://github.com/seccomp/libseccomp-golang ) from 0.11.0 to 0.11.1.
- [Release notes](https://github.com/seccomp/libseccomp-golang/releases )
- [Changelog](https://github.com/seccomp/libseccomp-golang/blob/main/CHANGELOG )
- [Commits](https://github.com/seccomp/libseccomp-golang/compare/v0.11.0...v0.11.1 )
---
updated-dependencies:
- dependency-name: github.com/seccomp/libseccomp-golang
dependency-version: 0.11.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-08-06 03:34:49 +00:00
dependabot[bot]
6a0644df63
build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.41.0 to 0.42.0.
- [Commits](https://github.com/golang/net/compare/v0.41.0...v0.42.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.42.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-07-16 10:31:31 +00:00
dependabot[bot]
fc8162e60e
build(deps): bump github.com/opencontainers/cgroups from 0.0.3 to 0.0.4
...
Bumps [github.com/opencontainers/cgroups](https://github.com/opencontainers/cgroups ) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/opencontainers/cgroups/releases )
- [Changelog](https://github.com/opencontainers/cgroups/blob/main/RELEASES.md )
- [Commits](https://github.com/opencontainers/cgroups/compare/v0.0.3...v0.0.4 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/cgroups
dependency-version: 0.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-07-15 06:35:26 +00:00
dependabot[bot]
4a6ef6b9fa
build(deps): bump golang.org/x/sys from 0.33.0 to 0.34.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.33.0 to 0.34.0.
- [Commits](https://github.com/golang/sys/compare/v0.33.0...v0.34.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-version: 0.34.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-07-10 04:54:21 +00:00
Kir Kolyshkin
da90947848
deps: bump cgroups to v0.0.3, fix tests
...
For changelog, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.3
This fixes two runc issues:
1. JSON incompatibility introduced in cgroups v0.0.2 (see
https://github.com/opencontainers/cgroups/pull/22 ).
2. Bad CPU shares to CPU weight conversion (see
https://github.com/opencontainers/runc/issues/4772 ).
Due to item 2, modify some tests accordingly.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-06-19 10:25:22 -07:00
Antonio Ojea
8d180e9658
Add support for Linux Network Devices
...
Implement support for passing Linux Network Devices to the container
network namespace.
The network device is passed during the creation of the container,
before the process is started.
It implements the logic defined in the OCI runtime specification.
Signed-off-by: Antonio Ojea <aojea@google.com >
2025-06-18 15:52:30 +01:00
Antonio Ojea
889c7b272f
update runtime-spec
...
Signed-off-by: Antonio Ojea <aojea@google.com >
2025-06-18 15:52:30 +01:00
dependabot[bot]
99a4f1983d
build(deps): bump github.com/urfave/cli from 1.22.16 to 1.22.17
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.16 to 1.22.17.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.16...v1.22.17 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-version: 1.22.17
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-06-16 04:36:33 +00:00
dependabot[bot]
31d141e2e7
build(deps): bump golang.org/x/net from 0.40.0 to 0.41.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.40.0 to 0.41.0.
- [Commits](https://github.com/golang/net/compare/v0.40.0...v0.41.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.41.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-06-06 04:56:47 +00:00
Akihiro Suda
9a0145a001
Merge pull request #4751 from kolyshkin/cgroups-002
...
deps: bump opencontainers/cgroups to v0.0.2, fix tests
2025-06-03 00:39:47 +09:00
dependabot[bot]
8b0e7511cf
build(deps): bump github.com/containerd/console from 1.0.4 to 1.0.5
...
Bumps [github.com/containerd/console](https://github.com/containerd/console ) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/containerd/console/releases )
- [Commits](https://github.com/containerd/console/compare/v1.0.4...v1.0.5 )
---
updated-dependencies:
- dependency-name: github.com/containerd/console
dependency-version: 1.0.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-21 04:22:38 +00:00
Kir Kolyshkin
b206a015b3
deps: bump opencontainers/cgroups to v0.0.2
...
For changes, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.2
Fix integration tests according to changes in [1] (now the CPU quota value set
is rounded the same way systemd does it).
[1]: https://github.com/opencontainers/cgroups/pull/4
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-05-13 13:28:36 -07:00
dependabot[bot]
fbf1a320d8
build(deps): bump github.com/vishvananda/netlink from 1.3.0 to 1.3.1
...
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/vishvananda/netlink/releases )
- [Commits](https://github.com/vishvananda/netlink/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
dependency-version: 1.3.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-12 04:47:59 +00:00
dependabot[bot]
0623ea108a
build(deps): bump golang.org/x/net from 0.39.0 to 0.40.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-06 04:31:36 +00:00
Rodrigo Campos
67b8a68599
go.mod: Delete exclude directives
...
We already have the indirect require for 1.17.3, that comes
opencontainers/cgroups[1]. That module requires that version as min, so
go can't use older versions. We can just remove the excludes.
There might be cases where people can use runc as a dependency and use
replace to override it (not sure, but probably). We were clear on what
our dependencies are, so we can sleep fine. In the unlikely case that
some project uses runc as a dependency and:
* Uses a replace for cilium v0.17.x but not the latest patch release (0.17.3 is fixed)
* they run with 32bits
* and hit this (that didn't happen always on CI)
* Ignore the changelog for 0.17.3 that mentions the buffer overflow on
32 bits platforms[2].
In that case, if we have a bug report, we can point them to the right
place. But 0.17.3 was released for some months now (most people probably
update) and 0.18.0 was released recently. I wouldn't worry about someone
hitting this in real life.
Also, the excludes directives prevent go install from working, so let's
just remove them.
[1]: https://github.com/opencontainers/cgroups/blob/9657f5a18b8d60a0f39fbb34d0cb7771e28e6278/go.mod#L6
[2]: https://github.com/cilium/ebpf/releases/tag/v0.17.3
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com >
2025-04-28 12:04:46 +02:00
dependabot[bot]
d920a72202
build(deps): bump github.com/seccomp/libseccomp-golang
...
Bumps [github.com/seccomp/libseccomp-golang](https://github.com/seccomp/libseccomp-golang ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/seccomp/libseccomp-golang/releases )
- [Changelog](https://github.com/seccomp/libseccomp-golang/blob/main/CHANGELOG )
- [Commits](https://github.com/seccomp/libseccomp-golang/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: github.com/seccomp/libseccomp-golang
dependency-version: 0.11.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-24 04:50:34 +00:00
Kir Kolyshkin
75a4546b2b
go.mod: rm toolchain
...
This was added by dependabot in commit 0b536265 . Seems there is a bug
about it: https://github.com/dependabot/dependabot-core/issues/11933 .
Having "toolchain" means instead of using installed go version to
build/test, the version specified in toolchain is [downloaded and] used,
which might not be what we actually want.
For more details on toolchain directive, see
https://go.dev/doc/toolchain .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-04-08 12:31:03 -07:00
dependabot[bot]
0a9639e380
build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.38.0 to 0.39.0.
- [Commits](https://github.com/golang/net/compare/v0.38.0...v0.39.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-version: 0.39.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-08 04:41:06 +00:00
Rodrigo Campos
bf9e609b3b
Merge pull request #4710 from opencontainers/dependabot/go_modules/golang.org/x/sys-0.32.0
...
build(deps): bump golang.org/x/sys from 0.31.0 to 0.32.0
2025-04-07 07:20:15 -03:00
dependabot[bot]
c5e0ece494
build(deps): bump golang.org/x/sys from 0.31.0 to 0.32.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.31.0 to 0.32.0.
- [Commits](https://github.com/golang/sys/compare/v0.31.0...v0.32.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-version: 0.32.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-07 04:09:11 +00:00
dependabot[bot]
bb5aa11622
build(deps): bump github.com/moby/sys/user from 0.3.0 to 0.4.0
...
Bumps [github.com/moby/sys/user](https://github.com/moby/sys ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/moby/sys/releases )
- [Commits](https://github.com/moby/sys/compare/user/v0.3.0...user/v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/moby/sys/user
dependency-version: 0.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-04 04:34:30 +00:00
dependabot[bot]
0b5362651f
build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-03-28 13:00:18 +00:00
dependabot[bot]
4622bb87fd
build(deps): bump google.golang.org/protobuf from 1.36.5 to 1.36.6
...
Bumps google.golang.org/protobuf from 1.36.5 to 1.36.6.
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-03-25 04:06:22 +00:00