search

ossf / scorecard

OpenSSF Scorecard - Security health metrics for Open Source
https://scorecard.dev
Apache License 2.0
4.63k stars 504 forks source link

:seedling: Bump github.com/moby/buildkit from 0.15.0 to 0.15.1 #4265

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps github.com/moby/buildkit from 0.15.0 to 0.15.1.

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.15.1

Welcome to the v0.15.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • CrazyMax
  • Tõnis Tiigi

Notable Changes

  • Fix possible panic when importing build record external error #5181
  • Fix regression with flock module where read-write mode was not applied anymore #5183

Dependency Changes

  • github.com/gofrs/flock v0.12.0 -> v0.12.1
  • golang.org/x/sys v0.21.0 -> v0.22.0

Previous release can be found at v0.15.0

Commits
  • 979542e Merge pull request #5186 from crazy-max/v0.15.1_cherry-picks
  • 607455d vendor: bump github.com/gofrs/flock to v0.12.1
  • 4882c33 llbsolver: avoid nil releaser on error
  • See full diff in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @spencerschrock.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)