Bump the go group with 15 updates

[dependabot[bot]]

Bumps the go group with 15 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.26.1	1.27.0
github.com/aws/aws-sdk-go-v2/config	1.27.13	1.27.15
github.com/aws/aws-sdk-go-v2/credentials	1.17.13	1.17.15
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.16.17	1.16.20
github.com/aws/aws-sdk-go-v2/service/ecr	1.28.0	1.28.2
github.com/aws/aws-sdk-go-v2/service/s3	1.53.2	1.54.2
github.com/containerd/containerd	1.7.16	1.7.17
github.com/docker/cli	26.1.2+incompatible	26.1.3+incompatible
github.com/docker/docker	26.1.2+incompatible	26.1.3+incompatible
helm.sh/helm/v3	3.14.4	3.15.0
k8s.io/api	0.30.0	0.30.1
k8s.io/apiextensions-apiserver	0.30.0	0.30.1
k8s.io/apimachinery	0.30.0	0.30.1
k8s.io/cli-runtime	0.30.0	0.30.1
k8s.io/client-go	0.30.0	0.30.1

Updates github.com/aws/aws-sdk-go-v2 from 1.26.1 to 1.27.0

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.13 to 1.27.15

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.13 to 1.17.15

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.16.17 to 1.16.20

Commits

• 9c92421 Release 2022-09-20
• 389c50b Regenerated Clients
• 834dd34 Update endpoints model
• d8d5446 Update API model
• 4c9dc4d Merge pull request #1847 from RanVaknin/documentation-update-config
• 72c90fe updated linting ignore
• 3f34bd0 added changelog statment
• 3938bb7 Release 2022-09-19
• c547650 Regenerated Clients
• 2d3bbde Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.28.0 to 1.28.2

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.53.2 to 1.54.2

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.16 to 1.7.17

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.17

Welcome to the v1.7.17 release of containerd!

The seventeenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Use LOOP_CONFIGURE when creating loop devices (#10209)
• Update unpacker to fetch all provided content (#10233)
• Preserve CL_UNPRIVILEGED locked flags during remount of bind mounts (#10210)
• Update metadata snapshotter to lease on already exists (#10198)
• Handle unsupported config versions (#10165)
• Fix deadlock when writing to pipe blocks (containerd/ttrpc#168)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Stefan Berger
• Derek McGowan
• Austin Vazquez
• Alexandru Matei
• Maksym Pavlenko
• Akihiro Suda
• Bryant Biggs
• Kevin Parsons
• Kirtana Ashok
• Phil Estes
• Kazuyoshi Kato
• Kohei Tokunaga
• Swagat Bora

Changes

• Prepare release notes for v1.7.17 (#10235)
  • 114b07b97 Prepare release notes for v1.7.17
• Use LOOP_CONFIGURE when creating loop devices (#10209)
  • 803aaa680 Remove internal LoopConfig struct
  • 7bd3be948 Swap internal ioctl implementation with golang.org/x/sys
  • a0739dc0e Use LOOP_CONFIGURE when creating loop devices
• Update unpacker to fetch all provided content (#10233)
  • 1573ea598 Update ctr image pull all platforms
  • 32b594f1b Update unpacker to always fetch all
• Update hcsshim tag to v0.11.5 (#10232)
  • 5a03a3aee Update hcsshim tag to v0.11.5
• Update ttrpc tag to 1.2.4 (#10221)
  • 9a1eda40f update ttrpc tag to 1.2.4

... (truncated)

Commits

• 3a4de45 Merge pull request #10235 from dmcgowan/prepare-v1.7.17
• 114b07b Prepare release notes for v1.7.17
• 2441c2d Merge pull request #10209 from austinvazquez/cherry-pick-a782fd6da2fa9fa350ef...
• 62af107 Merge pull request #10233 from dmcgowan/1.7-unpack-fetch-all
• a3c0f2f Merge pull request #10232 from kiashok/update-shim-0.11.4
• 1573ea5 Update ctr image pull all platforms
• 32b594f Update unpacker to always fetch all
• 5a03a3a Update hcsshim tag to v0.11.5
• b5aec32 Merge pull request #10221 from kiashok/update-ttrpc-release-1.7
• 36bbb4d Merge pull request #10210 from swagatbora90/preserve-flags-cherry-pick-1.7
• Additional commits viewable in compare view

Updates github.com/docker/cli from 26.1.2+incompatible to 26.1.3+incompatible

Commits

• b72abbb Merge pull request #5073 from vvoland/vendor-docker
• 26e9ff4 vendor: github.com/docker/docker v26.1.3-dev (8e96db1c328d)
• 4021ee9 Merge pull request #5071 from laurazard/backport/5051-26.1
• 326c713 OTel: implement missing MeterProvider ForceFlush
• ee359a3 OTel: add command.time metric to plugin commands
• 004e292 Merge pull request #5070 from laurazard/backport/5067-26.1
• 6691085 Use funcs on DockerCli to return Meter/TracerProviders, not initialize them. ...
• 60f2d38 Merge pull request #5068 from dvdksn/26.1_backport_doc-vxlan-listen-addr
• 81b482e docs: clarify that --data-path-addr doesn't restrict access
• See full diff in compare view

Updates github.com/docker/docker from 26.1.2+incompatible to 26.1.3+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v26.1.3

26.1.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.1.3 milestone
• moby/moby, 26.1.3 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix a regression that prevented the use of DNS servers within a --internal network. moby/moby#47832
• When the internal DNS server's own address is supplied as an external server address, ignore it to avoid unproductive recursion. moby/moby#47833

Packaging updates

• Allow runc to kill containers when confined to the runc profile in AppArmor version 4.0.0 and later. moby/moby#47829

Commits

• 8e96db1 Merge pull request #47832 from vvoland/v26.1-47821
• c21fe3e Forward DNS requests into --internal networks
• 86af4ed Merge pull request #47833 from vvoland/v26.1-47744
• 73511cd Merge pull request #47829 from vvoland/v26.1-47749
• 9326cda Do not forward DNS requests to self.
• 76fcf9a apparmor: Allow confined runc to kill containers
• See full diff in compare view

Updates helm.sh/helm/v3 from 3.14.4 to 3.15.0

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.15.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Notable Changes

• Opt-in to hiding secrets when running dry-run for install and upgrade
• Added robustness to wait checks

Installation and Upgrading

Download Helm v3.15.0. The common platform binaries are here:

• MacOS amd64 (checksum / ccaee03af72e5dc168ae9b9e3267e2b461b0ebb7a77849048f4567286158777d)
• MacOS arm64 (checksum / 020df10fd29b0791f39aa5719d2926a995f78c1a2a7487923ca26485a0565909)
• Linux amd64 (checksum / a74747ac40777b86d3ff6f1be201504bba65ca46cd68b5fe25d3c394d0dcf745)
• Linux arm (checksum / 614d53ab1192667facce7e8d4e884ff067e5684199a7e5223e8808abc43e927f)
• Linux arm64 (checksum / c3b0281fca4c030548211dd6e9b032ee0a9fc53eab614f6acbaff631682ce808)
• Linux i386 (checksum / 8a267c7527e3c13602feea7432209c8931f6eecd4bff5ded398d70791c74a5b7)
• Linux ppc64le (checksum / bcec19cdad95cae99edce046ccd8090f275e63381ccb6accb4304819fc26e004)
• Linux s390x (checksum / a3030533cceedaca4af8fb7661c7154c578ad770279bb6003e1ecd810c72077a)
• Linux riscv64 (checksum / 468dc90d119b2faa91036747c559285a744ed7beb8b7d74b83878da6c13e0560)
• Windows amd64 (checksum / 23f0ee9fc93d325ddbc4dfdac97c83bc00c7784016541045756cf9abb36f21dc) This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.15.1 is the next patch release and will be on June 12, 2024.
• 3.16.0 is the next feature release and will be on September 11, 2024.

Changelog

• Updating to k8s 1.30 c4e37b39dbb341cb3f716220df9f9d306d123a58 (Matt Farina)
• bump version to v3.15.0 d7afa3b6b432c09a02cd07342e908ba5bed34940 (Matt Farina)
• bump version to 774346777c5b311251d8252cd470d56bdd23a403 (Matt Farina)
• Fix namespace on kubeconfig error 214fb6eff393f1c17890d45e9eaee86f6b37ea17 (Calvin Krist)
• Update testdata PKI with keys that have validity until 3393 (Fixes #12880) 1b75d48189c2484cb5904f7996933d8d85315adb (Dirk Müller)
• chore(deps): bump golang.org/x/net from 0.17.0 to 0.23.0 dac23c82ce3bc05b6e72a1571bea48e424494fb0 (dependabot[bot])
• chore(deps): bump github/codeql-action from 3.24.7 to 3.24.10 167d57676d22ea10fa7869e6f85c6fe2e46b3292 (dependabot[bot])
• chore: remove repetitive words dd37787ffd25419cf5f76222e682fbba47d289eb (deterclosed)
• Modified how created annotation is populated based on package creation time 0a69a0dea6b1dcebaaf5d5b67c9a56eade463a71 (Andrew Block)
• chore(deps): bump github.com/docker/docker aaaf1128d2dd2ce3e119472cae0bd9da3d62eb89 (dependabot[bot])

... (truncated)

Commits

• c4e37b3 Updating to k8s 1.30
• d7afa3b bump version to v3.15.0
• 7743467 bump version to
• cf823d4 Merge pull request #12971 from dirkmueller/cert_extended_range
• 1df0064 Merge pull request #12966 from helm/dependabot/go_modules/golang.org/x/net-0....
• c6beb16 Merge pull request #12979 from CalvinKrist/fix-namespace-on-kube-error
• 214fb6e Fix namespace on kubeconfig error
• 1b75d48 Update testdata PKI with keys that have validity until 3393 (Fixes #12880)
• dac23c8 chore(deps): bump golang.org/x/net from 0.17.0 to 0.23.0
• 14d0c13 Merge pull request #11569 from alex-petrov-vt/iss-11553
• Additional commits viewable in compare view

Updates k8s.io/api from 0.30.0 to 0.30.1

Commits

• 41b1806 Update dependencies to v0.30.1 tag
• 0fd470c Merge pull request #124702aojea/automated-cherry-pick-of-#124572
• a669f18 Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
• 15001b5 fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
• d9a08c5 tag service.spec.TrafficDistribution field as alpha
• See full diff in compare view

Updates k8s.io/apiextensions-apiserver from 0.30.0 to 0.30.1

Commits

• 3fb7350 Update dependencies to v0.30.1 tag
• See full diff in compare view

Updates k8s.io/apimachinery from 0.30.0 to 0.30.1

Commits

• See full diff in compare view

Updates k8s.io/cli-runtime from 0.30.0 to 0.30.1

Commits

• 8fb26d7 Update dependencies to v0.30.1 tag
• See full diff in compare view

Updates k8s.io/client-go from 0.30.0 to 0.30.1

Commits

• 8e3349b Update dependencies to v0.30.1 tag
• 4e1652b Merge pull request #124694 from pmalek/backport-124553-to-release-1.30
• 2daa31e fix(api): make LocalObjectReference.Name and HostAlias.IP required (#124553)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[github-actions[bot]]

Mend Scan Summary: :x:

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	1
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	4
HIGH RISK LICENSES	9
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report Mend UI

[ocmbot[bot]]

Integration Tests for 70f15885bc1539aeb185af5aa24f11938385201d run with result: Success ✅!

[ocmbot[bot]]

Integration Tests for 93412ff3e1b601c9feb4ebb33f006c944281538a run with result: Success ✅!