Bump the go group across 1 directory with 14 updates

[dependabot[bot]]

Bumps the go group with 12 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.30.0	1.30.1
github.com/aws/aws-sdk-go-v2/config	1.27.21	1.27.24
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.17.1	1.17.5
github.com/aws/aws-sdk-go-v2/service/ecr	1.29.1	1.30.1
github.com/containerd/containerd	1.7.18	1.7.19
github.com/docker/cli	27.0.1+incompatible	27.0.3+incompatible
github.com/docker/docker	27.0.1+incompatible	27.0.3+incompatible
github.com/go-test/deep	1.1.0	1.1.1
github.com/mittwald/go-helm-client	0.12.9	0.12.10
github.com/sigstore/sigstore	1.8.4	1.8.6
golang.org/x/mod	0.18.0	0.19.0
golang.org/x/net	0.26.0	0.27.0

Updates github.com/aws/aws-sdk-go-v2 from 1.30.0 to 1.30.1

Commits

• 4509a60 Release 2024-06-28
• 0c61504 Regenerated Clients
• 7ca59bf Update SDK's smithy-go dependency to v1.20.3
• fe1af5b Update endpoints model
• b76404f Update API model
• 8ca412d Release 2024-06-27
• 6505a14 Regenerated Clients
• 66e5439 Update endpoints model
• 590c9db Update API model
• 7c25c21 Release 2024-06-26
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.21 to 1.27.24

Commits

• 9005edf Release 2024-07-03
• 4d2473c Regenerated Clients
• a04e146 Update endpoints model
• 1dfec25 Update API model
• 66f75b6 Release 2024-07-02
• 607ebbf Regenerated Clients
• 2307971 Update API model
• 59bb031 Release 2024-07-01
• bdced9d Regenerated Clients
• ee8f044 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.21 to 1.17.24

Commits

• 9005edf Release 2024-07-03
• 4d2473c Regenerated Clients
• a04e146 Update endpoints model
• 1dfec25 Update API model
• 66f75b6 Release 2024-07-02
• 607ebbf Regenerated Clients
• 2307971 Update API model
• 59bb031 Release 2024-07-01
• bdced9d Regenerated Clients
• ee8f044 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.1 to 1.17.5

Changelog

Sourced from github.com/aws/aws-sdk-go-v2/feature/s3/manager's changelog.

Release (2023-02-20)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2: v1.17.5
  • Bug Fix: fix int overflow bug on 32 bit architecture
• github.com/aws/aws-sdk-go-v2/service/auditmanager: v1.24.0
  • Feature: This release introduces a ServiceQuotaExceededException to the UpdateAssessmentFrameworkShare API operation.
• github.com/aws/aws-sdk-go-v2/service/connect: v1.47.0
  • Feature: Reasons for failed diff has been approved by SDK Reviewer

Release (2023-02-17)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/apprunner: v1.17.0
  • Feature: This release supports removing MaxSize limit for AutoScalingConfiguration.
• github.com/aws/aws-sdk-go-v2/service/glue: v1.43.0
  • Feature: Release of Delta Lake Data Lake Format for Glue Studio Service

Release (2023-02-16)

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/emr: v1.23.0
  • Feature: This release provides customers the ability to define a timeout period for procuring capacity during a resize operation for Instance Fleet clusters. Customers can specify this timeout using the ResizeSpecifications parameter supported by RunJobFlow, ModifyInstanceFleet and AddInstanceFleet APIs.
• github.com/aws/aws-sdk-go-v2/service/grafana: v1.12.0
  • Feature: With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces
• github.com/aws/aws-sdk-go-v2/service/ivs: v1.20.3
  • Documentation: Doc-only update. Updated text description in DeleteChannel, Stream, and StreamSummary.
• github.com/aws/aws-sdk-go-v2/service/wafv2: v1.25.1
  • Documentation: Added a notice for account takeover prevention (ATP). The interface incorrectly lets you to configure ATP response inspection in regional web ACLs in Region US East (N. Virginia), without returning an error. ATP response inspection is only available in web ACLs that protect CloudFront distributions.

Release (2023-02-15)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/accessanalyzer: v1.19.3
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.
  • Bug Fix: Correct error type parsing for restJson services.
• github.com/aws/aws-sdk-go-v2/service/account: v1.9.1
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.
  • Bug Fix: Correct error type parsing for restJson services.
• github.com/aws/aws-sdk-go-v2/service/acm: v1.17.3
  • Announcement: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910.

... (truncated)

Commits

• b1af56e Release 2023-02-20
• 4f504d9 Regenerated Clients
• c6191ff Update API model
• 8e6fa27 Merge pull request #2026 from aws/firstissue
• 9af2842 Don't skip anonymous (embedded) fields with named tags (#2022)
• 1ca1e18 add changelog entry
• b19c337 fix int overflow on 32 bit architecture
• 50d82a9 Release 2023-02-17
• 19dc375 Regenerated Clients
• 8fe3523 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.29.1 to 1.30.1

Commits

• 4509a60 Release 2024-06-28
• 0c61504 Regenerated Clients
• 7ca59bf Update SDK's smithy-go dependency to v1.20.3
• fe1af5b Update endpoints model
• b76404f Update API model
• 8ca412d Release 2024-06-27
• 6505a14 Regenerated Clients
• 66e5439 Update endpoints model
• 590c9db Update API model
• 7c25c21 Release 2024-06-26
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.56.1 to 1.58.0

Commits

• 66f75b6 Release 2024-07-02
• 607ebbf Regenerated Clients
• 2307971 Update API model
• 59bb031 Release 2024-07-01
• bdced9d Regenerated Clients
• ee8f044 Update endpoints model
• 0eeba41 Update API model
• 4509a60 Release 2024-06-28
• 0c61504 Regenerated Clients
• 7ca59bf Update SDK's smithy-go dependency to v1.20.3
• Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.18 to 1.7.19

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd API 1.7.19

Welcome to the api/v1.7.19 release of containerd!

The first dedicated release for the containerd 1.7 API. This release is separately tagged from the main 1.7.x releases after the v1.7.18 release but follows the versioning.

Highlights

• Add API go module (#10189)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Akhil Mohan
• Phil Estes
• Sebastiaan van Stijn

Changes

• Prepare release notes for api v1.7.19 (#10386)
  • 436feeb0d Prepare api release for v1.7.19
• : api: update github.com/containerd/ttrpc v1.2.5 to align with containerd 1.7 module (#10364)
  • 2a6aa6ddf [release/1.7] api: update github.com/containerd/ttrpc v1.2.5
• Add API go module (#10189)
  • 3be919f3c Add support for 1.8 interfaces
  • a3a7431bc Add api go submodule
  • 4b82470f6 refactor: move plugin/fieldpath to api/types/

Dependency Changes

• github.com/containerd/ttrpc v1.2.4 -> v1.2.5
• github.com/golang/protobuf v1.5.4 -> v1.5.3
• google.golang.org/genproto/googleapis/rpc d307bd883b97 -> b8732ec3820d

Previous release can be found at v1.7.18

containerd 1.7.19

Welcome to the v1.7.19 release of containerd!

The nineteenth patch release for containerd 1.7 contains various updates and splits the main module from the api module in preparation for the same change in containerd 2.0. Splitting the modules will allow 1.7 and 2.x to both exist

... (truncated)

Commits

• 2bf793e Merge pull request #10391 from dmcgowan/prepare-v1.7.19
• 74a3d29 Prepare release notes for v1.7.19
• 043c712 Merge pull request #10406 from samuelkarp/nri-panic-1.7
• 5a587e8 Merge pull request #10403 from thaJeztah/1.7_backport_hcsshim_version
• 7f5d3c5 cri: ensure NRI API never has nil CRI
• aea977f Merge pull request #10397 from thaJeztah/1.7_backport_deprecate_reference_Spl...
• 6efc5bb update runhcs binary to v0.11.7
• 945ae09 Windows: Supply windows shim version via file
• bb84d90 Merge pull request #10396 from yyatmsft/updatehcsshim-release17
• dba5357 pkg/reference: deprecate SplitObject
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.0.1+incompatible to 27.0.3+incompatible

Commits

• 7d4bcd8 Merge pull request #5206 from thaJeztah/27.0_backport_docker_27.0.2
• 3134d55 vendor: github.com/docker/docker v27.0.2
• 912c1dd Merge pull request #5202 from vvoland/vendor-docker
• c97e809 vendor: github.com/docker/docker v27.0.2-dev (e953d76450b6)
• 82bd815 Merge pull request #5201 from vvoland/vendor-docker
• 8945848 vendor: github.com/docker/docker v27.0.2-dev (861fde8cc974)
• b54897b Merge pull request #5199 from vvoland/v27.0-5191
• cd56091 gha/e2e: Update latest version to 27.0
• 9a101a9 Merge pull request #5198 from thaJeztah/27.0_backport_carry_fix_custom_ports
• 50fae20 cli/config/credentials: ConvertToHostname: handle IP-addresses
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.0.1+incompatible to 27.0.3+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.0.3

27.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.0.3 milestone
• moby/moby, 27.0.3 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix a regression that incorrectly reported a port mapping from a host IPv6 address to an IPv4-only container as an error. moby/moby#48090
• Fix a regression that caused duplicate subnet allocations when creating networks. moby/moby#48089
• Fix a regression resulting in "fail to register layer: failed to Lchown" errors when trying to pull an image with rootless enabled on a system that supports native overlay with user-namespaces. moby/moby#48086

v27.0.2

27.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.0.2 milestone
• moby/moby, 27.0.2 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix a regression that caused port numbers to be ignored when parsing a Docker registry URL. docker/cli#5197, docker/cli#5198

Removed

• api/types: deprecate ContainerJSONBase.Node field and ContainerNode type. These definitions were used by the standalone ("classic") Swarm API, but never implemented in the Docker Engine itself. moby/moby#48055

Commits

• 662f78c Merge pull request #48090 from thaJeztah/27.0_backport_48067_fix_specific_ipv...
• b86d9bd Merge pull request #48086 from thaJeztah/27.0_backport_fix_rootless_pull
• 0dbc3ac Merge pull request #48087 from thaJeztah/27.0_backport_gofmt
• 276a648 Fix incorrect validation of port mapping
• 22aa07b Merge pull request #48089 from robmry/backport-27.0/48069_fix_overlapping_sub...
• 23b8b02 Fix duplicate subnet allocations
• bf222d6 fix some gofmt issues reported by goreportcard
• f8231b5 daemon/graphdriver/overlay2: set TarOptions.InUserNS for native differ
• b951474 pkg/archive: createTarFile: consistently use the same value for userns
• c5794e2 pkg/archive: handleTarTypeBlockCharFifo: don't discard EPERM errors
• Additional commits viewable in compare view

Updates github.com/go-test/deep from 1.1.0 to 1.1.1

Release notes

Sourced from github.com/go-test/deep's releases.

v1.1.1

What's Changed

• Fix copy pasta error in TestNilMapsAreEmpty by @​bartleyg in go-test/deep#58
• Add an option to consider nil pointers to be equivalent to zero values by @​seveas in go-test/deep#61

New Contributors

• @​bartleyg made their first contribution in go-test/deep#58
• @​seveas made their first contribution in go-test/deep#61

Full Changelog: https://github.com/go-test/deep/compare/v1.1.0...v1.1.1

Changelog

Sourced from github.com/go-test/deep's changelog.

v1.1.1 released 2024-06-23

• Added NilPointersAreZero option: causes a nil pointer to be equal to a zero value (PR #61) (@​seveas)
• Updated test matrix to go1.22, go1.21, and go1.20

Commits

• 9e863ff Release v1.1.1
• dc5b2f6 Update SECURITY.md
• 185886d Restore 100% test coverage (NilPointersAreZero case)
• 47ae1b8 Merge pull request #61 from seveas/nil-pointers-are-zero
• 93c35ac Merge branch 'master' into nil-pointers-are-zero
• 2982c5c Update test matrix to latest 3 Go versions
• 2b8252e Add an option to consider nil pointers to be equivalent to zero values
• 95fb3b1 Merge pull request #58 from bartleyg/patch-1
• 1127c84 fix copy pasta test
• 7ff4e92 Update changelog for v1.1.0
• See full diff in compare view

Updates github.com/mittwald/go-helm-client from 0.12.9 to 0.12.10

Release notes

Sourced from github.com/mittwald/go-helm-client's releases.

v0.12.10

What's Changed

• lable releases when installing/upgrading charts by @​yulin-li in mittwald/go-helm-client#196
• bump helm.sh/helm/v3 version to v3.15.2 by @​tariq1890 in mittwald/go-helm-client#210

Full Changelog: https://github.com/mittwald/go-helm-client/compare/v0.12.9...v0.12.10

Commits

• e7c4238 Merge pull request #210 from tariq1890/bump-helm-import
• 1b3237a bump helm.sh/helm/v3 version to v3.15.2
• 6cb8534 lable releases when installing/upgrading charts (#196)
• See full diff in compare view

Updates github.com/sigstore/sigstore from 1.8.4 to 1.8.6

Release notes

Sourced from github.com/sigstore/sigstore's releases.

v1.8.6

What's Changed

• Bump goodkey, fix breakage by @​jonjohnsonjr in sigstore/sigstore#1761

New Contributors

• @​jonjohnsonjr made their first contribution in sigstore/sigstore#1761

Full Changelog: https://github.com/sigstore/sigstore/compare/v1.8.5...v1.8.6

v1.8.5

Major are dependencies updates

What's Changed

• build(deps): Bump google.golang.org/api from 0.181.0 to 0.182.0 in /pkg/signature/kms/gcp in the all group by @​dependabot in sigstore/sigstore#1741
• build(deps): Bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 in /test/fuzz in the all group by @​dependabot in sigstore/sigstore#1743
• build(deps): Bump hashicorp/vault from 1.16.2 to 1.16.3 in /test/e2e in the all group by @​dependabot in sigstore/sigstore#1742
• build(deps): Bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 in /pkg/signature/kms/aws in the all group by @​dependabot in sigstore/sigstore#1740
• build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.3 in the all group by @​dependabot in sigstore/sigstore#1746
• build(deps): Bump the all group in /pkg/signature/kms/azure with 2 updates by @​dependabot in sigstore/sigstore#1744
• build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @​dependabot in sigstore/sigstore#1745
• build(deps): Bump dexidp/dex from v2.39.1 to v2.40.0 in /test/e2e in the all group by @​dependabot in sigstore/sigstore#1748
• build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @​dependabot in sigstore/sigstore#1749
• Update to latest letsencrypt/boulder. by @​kommendorkapten in sigstore/sigstore#1753
• build(deps): Bump actions/checkout from 4.1.6 to 4.1.7 in the all group by @​dependabot in sigstore/sigstore#1760
• build(deps): Bump the all group in /pkg/signature/kms/aws with 2 updates by @​dependabot in sigstore/sigstore#1759
• build(deps): Bump the all group in /test/e2e with 2 updates by @​dependabot in sigstore/sigstore#1758
• build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @​dependabot in sigstore/sigstore#1756
• build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 in /pkg/signature/kms/azure in the all group by @​dependabot in sigstore/sigstore#1755
• build(deps): Bump github.com/hashicorp/go-retryablehttp from 0.7.6 to 0.7.7 in /pkg/signature/kms/hashivault by @​dependabot in sigstore/sigstore#1766
• build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates by @​dependabot in sigstore/sigstore#1765
• build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates by @​dependabot in sigstore/sigstore#1764
• build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.6.0 to 1.7.0 in /pkg/signature/kms/azure in the all group by @​dependabot in sigstore/sigstore#1762
• build(deps): Bump the all group across 1 directory with 6 updates by @​dependabot in sigstore/sigstore#1763

Full Changelog: https://github.com/sigstore/sigstore/compare/v1.8.4...v1.8.5

Commits

• 5d4e11e Bump goodkey, fix breakage (#1761)
• 63cab17 sync go mod
• 115c2b2 build(deps): Bump the all group across 1 directory with 6 updates
• 8503e22 build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
• 39973a8 build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
• 58a8301 build(deps): Bump the all group in /pkg/signature/kms/aws with 4 updates
• 71ace11 build(deps): Bump github.com/hashicorp/go-retryablehttp
• b777e4b build(deps): Bump github.com/Azure/azure-sdk-for-go/sdk/azidentity
• 5ea648c build(deps): Bump the all group in /pkg/signature/kms/gcp with 2 updates
• a3666d9 build(deps): Bump the all group in /test/e2e with 2 updates
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.18.0 to 0.19.0

Commits

• d58be1c sumdb/tlog: set the hash of the empty tree according to RFC 6962
• 232e49f Revert "module: add COM0 and LPT0 to badWindowsNames"
• See full diff in compare view

Updates golang.org/x/net from 0.26.0 to 0.27.0

Commits

• e2310ae go.mod: update golang.org/x dependencies
• 77708f7 quic: skip tests which depend on unimplemented UDP functions on Plan 9
• 9617c63 http2: avoid Transport hang with Connection: close and AllowHTTP
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[github-actions[bot]]

Mend Scan Summary: :x:

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	3
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	1
HIGH RISK LICENSES	10
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report Mend UI

[ocmbot[bot]]

Integration Tests for 58304543654219e16b46ca283b661fed4b5b1ba5 run with result: Success ✅!

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.