InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
55,438 Commits 21 Branches 532 Tags
0d27c51913b2debca40685113d489f0894472fda
Commit Graph

196 Commits

Author SHA1 Message Date
Sebastiaan van Stijn
9176746aba vendor: github.com/tetratelabs/wazero v1.11.0 
- Streamline build tags: remove tinygo, cgo
- Fix race condition in refCount initialization
- Simplify utimens. Use `syscall.UtimesNano` to avoid a macOS `go:linkname`.
- Change version policy to two versions.
- Update Wasm 2.0 spec tests.
- Use golang.org/x/sys

full diff: https://github.com/tetratelabs/wazero/compare/v1.10.1...v1.11.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-22 15:06:09 +01:00
Sebastiaan van Stijn
2a9eb66ddc vendor: github.com/moby/go-archive v0.2.0 
- remove aliases for deprecated types and functions
- chrootarchive: remove redundant "init" mitigation for CVE-2019-14271
- xattr: Fix OS matching

full diff: https://github.com/moby/go-archive/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 19:18:51 +01:00
Sebastiaan van Stijn
1a12717766 vendor: golang.org/x/oauth2 v0.34.0 
x/oauth2: populate RetrieveError from DeviceAuth

Endpoints may return errors when attempting to request device
authorization. Currently, these error codes are ignored and an
otherwise empty RetrieveError returned. This change populates
the RetrieveError similar to the oauth2 token exchange.

full diff: https://github.com/golang/oauth2/compare/v0.30.0...v0.34.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:59:18 +01:00
Sebastiaan van Stijn
595d00cb49 vendor: golang.org/x/tools v0.40.0 
full diff: https://github.com/golang/tools/compare/v0.39.0...v0.40.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:55:02 +01:00
Sebastiaan van Stijn
d9fa84260a vendor: golang.org/x/mod v0.31.0 
full diff: https://github.com/golang/mod/compare/v0.30.0...v0.31.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:47:36 +01:00
Sebastiaan van Stijn
98ec249d2b vendor: golang.org/x/net v0.48.0 
- trace: fix data race in RenderEvents
- http2, webdav, websocket: fix %q verb uses with wrong type
- http2: don't PING a responsive server when resetting a stream
- http2: support net/http.Transport.NewClientConn

full diff: https://github.com/golang/net/compare/v0.47.0...v0.48.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:46:10 +01:00
Sebastiaan van Stijn
e229e91247 vendor: golang.org/x/crypto v0.45.0 
- x509roots/fallback: update bundle

full diff: https://github.com/golang/crypto/compare/v0.45.0...v0.46.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:42:52 +01:00
Sebastiaan van Stijn
1a4e4dafe9 vendor: golang.org/x/text v0.32.0 
full diff: https://github.com/golang/text/compare/v0.31.0...v0.32.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:39:09 +01:00
Sebastiaan van Stijn
e0795ef3ab vendor: golang.org/x/tools v0.39.0 
full diff: https://github.com/golang/tools/compare/v0.38.0...v0.39.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:36:54 +01:00
Sebastiaan van Stijn
48e96d4353 vendor: golang.org/x/sync v0.19.0 
- errgroup: use consistent read for SetLimit panic

full diff: https://github.com/golang/sync/compare/v0.18.0...v0.19.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:33:45 +01:00
Sebastiaan van Stijn
dccdb1b618 vendor: golang.org/x/sys v0.39.0 
- Revert "cpu: add HPDS, LOR, PAN detection for arm64"
- unix: add IOCTL_MEI_* constants
- unix: fix definition of Statvfs_t for netbsd-arm

full diff: https://github.com/golang/sys/compare/v0.38.0...v0.39.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 15:31:38 +01:00
Sebastiaan van Stijn
fae334b4c0 vendor: google.golang.org/protobuf v1.36.11 
full diff: https://github.com/protocolbuffers/protobuf-go/compare/v1.36.10...v1.36.11

User-visible changes:
CL/726780: encoding/prototext: Support URL chars in type URLs in text-format.

Bug fixes:
CL/728680: internal/impl: check recursion limit in lazy decoding validation
CL/711015: reflect/protodesc: fix handling of import options in dynamic builds

Maintenance:
CL/728681: reflect/protodesc: add support for edition unstable
CL/727960: all: add EDITION_UNSTABLE support
CL/727940: types: regenerate using latest protobuf v33.2 release
CL/727140: internal/testprotos/lazy: convert .proto files to editions
CL/723440: cmd/protoc-gen-go: add missing annotations for few generated protobuf symbols.
CL/720980: internal/filedesc: remove duplicative Message.unmarshalOptions
CL/716360: internal/encoding/tag: use proto3 defaults if proto3
CL/716520: proto: un-flake TestHasExtensionNoAlloc
CL/713342: compiler/protogen: properly filter option dependencies in go-protobuf plugin.
CL/711200: proto: add test for oneofs containing messages with required fields
CL/710855: proto: add explicit test for a non-nil but empty byte slice

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-19 10:11:42 +01:00
Sebastiaan van Stijn
b293e73bdb vendor: github.com/containerd/containerd/v2 v2.2.1 
adds compatibility with runtime-spec v1.3.0

full diff: https://github.com/containerd/containerd/compare/v2.2.0...v2.2.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:59:07 +01:00
Sebastiaan van Stijn
01440122f2 vendor: github.com/containerd/nri v0.11.0 
- adds compatibility with runtime-spec v1.3.0
- adds `nri_no_wasm` build-tag to compile without wasm support
- adds `ErrWasmDisabled` error

full diff: https://github.com/containerd/nri/compare/v0.10.0...v0.11.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:55:59 +01:00
Sebastiaan van Stijn
32d4f64a65 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251114084447-edf4cb3d2116 
adds compatibility with runtime-spec v1.3.0

full diff: e5b4542027...edf4cb3d21

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:55:59 +01:00
Sebastiaan van Stijn
6766ce7be2 vendor: tags.cncf.io/container-device-interface v1.1.0 
adds compatibility with runtime-spec v1.3.0

full diff: https://github.com/cncf-tags/container-device-interface/compare/v1.0.1...v1.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:55:59 +01:00
Sebastiaan van Stijn
2c533f9327 vendor: github.com/containerd/cgroup/v3 v3.1.2 
- hugetlb: correctly parse hugetlb.<size>.events files
- go.mod: github.com/opencontainers/runtime-spec v1.3.0

full diff: https://github.com/containerd/cgroups/compare/v3.1.0...v3.1.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:55:58 +01:00
Sebastiaan van Stijn
4b4223a8d4 vendor: github.com/opencontainers/runtime-spec v1.3.0 
This includes a breaking change in pids.Limit changing to a pointer.

full diff: https://github.com/opencontainers/runtime-spec/compare/v1.2.1...v1.3.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 19:55:56 +01:00
Sebastiaan van Stijn
faf002f421 Merge pull request #51751 from vvoland/replace-vendor 
Re-add replace rules
 2025-12-18 15:02:49 +01:00
Sebastiaan van Stijn
c9ca5187d0 Merge pull request #51759 from thaJeztah/bump_otel_contrib 
vendor: go.opentelemetry.io/contrib/* v0.63.0
 2025-12-18 14:00:18 +01:00
Sebastiaan van Stijn
8c0e404f6f vendor: go.opentelemetry.io/contrib/* v0.63.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-18 11:27:21 +01:00
Akihiro Suda
307bcec726 vendor: github.com/rootless-containers/rootlesskit/v2 v2.3.6 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2025-12-18 11:03:18 +09:00
Paweł Gronowski
4b9e56156d Re-add replace rules 
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-12-17 16:34:13 +01:00
Paweł Gronowski
1acc9d3739 vendor: github.com/moby/moby/client v0.2.2-rc.1 
full diff: https://github.com/moby/moby/client/compare/b59b571efe73...api/v0.2.2-rc.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-12-17 16:21:11 +01:00
Paweł Gronowski
3cee1aad22 vendor: github.com/moby/moby/api v1.53.0-rc.1 
full diff: https://github.com/moby/moby/api/compare/8b3dd2d280d7...v1.53.0-rc.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-12-17 16:05:16 +01:00
Paweł Gronowski
5070ad8dc1 Drop replace rules 
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-12-17 15:45:55 +01:00
Jonathan A. Sternberg
c63bf203bf vendor: github.com/moby/buildkit v0.26.3 
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
 2025-12-16 14:21:57 -06:00
Paweł Gronowski
8316b79e04 Merge pull request #51735 from thaJeztah/bump_cobra 
vendor: github.com/spf13/cobra v1.10.2
 2025-12-16 18:30:07 +00:00
Sebastiaan van Stijn
366044fc20 vendor: github.com/spf13/cobra v1.10.2 
Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3

full diff: https://github.com/spf13/cobra/compare/v1.10.1...v1.10.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-16 16:12:07 +01:00
Sebastiaan van Stijn
c2073cc7e2 vendor: go.etcd.io/etcd/* v3.6.6 
No changes in vendored code

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-16 15:25:03 +01:00
Sebastiaan van Stijn
52f33797f3 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251111083745-e5b454202754 
last commit before it updated to runtime-spec v1.3.0

full diff: 0ea5ed0382...e5b4542027

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 14:45:48 +01:00
Rob Murray
4384364748 Merge pull request #51702 from thaJeztah/bump_wazero 
vendor: github.com/tetratelabs/wazero v1.10.1
 2025-12-12 12:18:09 +00:00
Sebastiaan van Stijn
413b4afcba vendor: github.com/tetratelabs/wazero v1.10.1 
full diff: https://github.com/tetratelabs/wazero/compare/v0.9.0...v1.10.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 10:33:55 +01:00
Sebastiaan van Stijn
24bac4495e vendor: github.com/containernetworking/plugins v1.9.0 
no changes in vendored code

includes a fix for CVE-2025-67499

full diff: https://github.com/containernetworking/plugins/compare/v1.8.0...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 10:27:12 +01:00
Rob Murray
4941b36883 NRI: import containerd's NRI adaptation package 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-12-08 16:09:31 +00:00
Sebastiaan van Stijn
29560eacda go.mod: add back replace rules 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-05 16:10:28 +01:00
Sebastiaan van Stijn
4b8f9dd251 vendor: github.com/klauspost/compress v1.18.2 
No changes in vendored code

Fixes a regression in v1.18.1 that resulted in invalid flate/zip/gzip encoding.
The v1.18.1 tag has been retracted.

full diff: https://github.com/klauspost/compress/compare/v1.18.1...v1.18.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-02 16:45:38 +01:00
Rob Murray
4219768511 vendor: update to client 0.2.1 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 16:28:48 +00:00
Rob Murray
f745fe7f14 vendor: client/0.2.0 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 14:05:10 +00:00
Rob Murray
a60bea5412 Drop replace rules 
Prepare v29.1.0

Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 13:15:03 +00:00
Paweł Gronowski
c0c280ecf7 Merge pull request #51598 from thaJeztah/bump_zfs3 
vendor: github.com/mistifyio/go-zfs/v3 v3.1.0
 2025-11-26 21:46:38 +01:00
Paweł Gronowski
ea3011134b Merge pull request #51597 from vvoland/update-selinux 
vendor: github.com/opencontainers/selinux v1.13.1
 2025-11-26 21:43:45 +01:00
Sebastiaan van Stijn
e94ed33de1 vendor: github.com/mistifyio/go-zfs/v3 v3.1.0 
full diff: https://github.com/mistifyio/go-zfs/compare/v3.0.1...v3.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 17:45:58 +01:00
Paweł Gronowski
0389d3b13e vendor: github.com/opencontainers/selinux v1.13.1 
full diff: https://github.com/opencontainers/selinux/compare/v1.13.0...v1.13.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-11-26 17:36:40 +01:00
Sebastiaan van Stijn
bda87b7de8 vendor: golang.org/x/crypto v0.45.0 
full diff: https://github.com/golang/crypto/compare/v0.44.0...v0.45.0

Hello gophers,

We have tagged version v0.45.0 of golang.org/x/crypto in order to address two
security issues.

This version fixes a vulnerability in the golang.org/x/crypto/ssh package and a
vulnerability in the golang.org/x/crypto/ssh/agent package which could cause
programs to consume unbounded memory or panic respectively.

SSH servers parsing GSSAPI authentication requests don't validate the number of
mechanisms specified in the request, allowing an attacker to cause unbounded
memory consumption.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-58181 and Go issue https://go.dev/issue/76363.

SSH Agent servers do not validate the size of messages when processing new
identity requests, which may cause the program to panic if the message is
malformed due to an out of bounds read.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-47914 and Go issue https://go.dev/issue/76364.

Cheers, Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 17:33:39 +01:00
Paweł Gronowski
c592d02dfc Merge pull request #51594 from thaJeztah/bump_x_deps 
vendor: update various golang.org/x/xxx dependencies
 2025-11-26 17:28:55 +01:00
Sebastiaan van Stijn
a3916290da vendor: golang.org/x/mod v0.30.0 
full diff: https://github.com/golang/mod/compare/v0.29.0...v0.30.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:31:44 +01:00
Sebastiaan van Stijn
10d68d4399 vendor: golang.org/x/net v0.47.0 
full diff: https://github.com/golang/net/compare/v0.46.0...v0.47.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:15:14 +01:00
Sebastiaan van Stijn
633acaa5b3 vendor: golang.org/x/crypto v0.44.0 
full diff: https://github.com/golang/crypto/compare/v0.43.0...v0.44.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:14:35 +01:00
Sebastiaan van Stijn
e4900958c3 vendor: golang.org/x/text v0.31.0 
full diff: https://github.com/golang/text/compare/v0.30.0...v0.31.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:09:23 +01:00