Bump the go-modules group with 27 updates

Bumps the go-modules group with 27 updates:

Package	From	To
github.com/onsi/gomega	`1.28.0`	`1.29.0`
github.com/paketo-buildpacks/packit/v2	`2.11.0`	`2.12.0`
github.com/CycloneDX/cyclonedx-go	`0.7.1`	`0.7.2`
github.com/andybalholm/brotli	`1.0.5`	`1.0.6`
github.com/bmatcuk/doublestar/v4	`4.6.0`	`4.6.1`
github.com/cenkalti/backoff/v4	`4.2.0`	`4.2.1`
github.com/cloudflare/circl	`1.3.3`	`1.3.5`
github.com/containerd/containerd	`1.7.0`	`1.7.7`
github.com/docker/distribution	`2.8.2+incompatible`	`2.8.3+incompatible`
github.com/docker/docker-credential-helpers	`0.7.0`	`0.8.0`
github.com/go-git/go-billy/v5	`5.4.1`	`5.5.0`
github.com/go-git/go-git/v5	`5.6.1`	`5.10.0`
github.com/google/go-containerregistry	`0.15.1`	`0.16.1`
github.com/jinzhu/copier	`0.3.5`	`0.4.0`
github.com/klauspost/compress	`1.16.5`	`1.17.2`
github.com/mattn/go-runewidth	`0.0.14`	`0.0.15`
github.com/moby/patternmatcher	`0.5.0`	`0.6.0`
github.com/opencontainers/runc	`1.1.5`	`1.1.9`
github.com/pierrec/lz4/v4	`4.1.17`	`4.1.18`
github.com/skeema/knownhosts	`1.2.0`	`1.2.1`
github.com/spdx/tools-golang	`0.5.0`	`0.5.3`
github.com/spf13/afero	`1.9.5`	`1.10.0`
github.com/spf13/cast	`1.5.0`	`1.5.1`
github.com/sylabs/sif/v2	`2.11.3`	`2.15.0`
github.com/testcontainers/testcontainers-go	`0.21.0`	`0.25.0`
github.com/vbatts/tar-split	`0.11.3`	`0.11.5`
google.golang.org/grpc	`1.57.0`	`1.59.0`

Updates github.com/onsi/gomega from 1.28.0 to 1.29.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.29.0

1.29.0

Features

MatchError can now take an optional func(error) bool + description [2b39142]

v1.28.1

1.28.1

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0 [635d196]

Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 [14f8859]

Bump golang.org/x/net from 0.14.0 to 0.17.0 [d8a6508]

#703 doc(matchers): HaveEach() doc comment updated [2705bdb]

Minor typos (#699) [375648c]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.29.0

Features

MatchError can now take an optional func(error) bool + description [2b39142]

1.28.1

Maintenance

Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0 [635d196]

Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 [14f8859]

Bump golang.org/x/net from 0.14.0 to 0.17.0 [d8a6508]

#703 doc(matchers): HaveEach() doc comment updated [2705bdb]

Minor typos (#699) [375648c]

Commits

b94b195 v1.29.0
2b39142 MatchError can now take an optional func(error) bool + description
ab6045c v1.28.1
635d196 Bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.13.0
14f8859 Bump github.com/google/go-cmp from 0.5.9 to 0.6.0
d8a6508 Bump golang.org/x/net from 0.14.0 to 0.17.0
2705bdb #703 doc(matchers): HaveEach() doc comment updated
375648c Minor typos (#699)
See full diff in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.11.0 to 2.12.0

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.12.0

What's Changed

Bump github.com/onsi/gomega from 1.27.6 to 1.27.7 by @dependabot in paketo-buildpacks/packit#493

Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in paketo-buildpacks/packit#494

Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in paketo-buildpacks/packit#498

Bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 by @dependabot in paketo-buildpacks/packit#499

Bump github.com/onsi/gomega from 1.27.7 to 1.27.8 by @dependabot in paketo-buildpacks/packit#502

Bump github.com/BurntSushi/toml from 1.3.0 to 1.3.1 by @dependabot in paketo-buildpacks/packit#504

Bump github.com/BurntSushi/toml from 1.3.1 to 1.3.2 by @dependabot in paketo-buildpacks/packit#506

Bump github.com/onsi/gomega from 1.27.8 to 1.27.9 by @dependabot in paketo-buildpacks/packit#511

Bump github.com/onsi/gomega from 1.27.9 to 1.27.10 by @dependabot in paketo-buildpacks/packit#512

Bump github.com/google/uuid from 1.3.0 to 1.3.1 by @dependabot in paketo-buildpacks/packit#517

Bump github.com/onsi/gomega from 1.27.10 to 1.28.0 by @dependabot in paketo-buildpacks/packit#524

Updates github-config by @paketo-bot in paketo-buildpacks/packit#525

Bump github.com/gabriel-vasile/mimetype from 1.4.2 to 1.4.3 by @dependabot in paketo-buildpacks/packit#528

Bump github.com/onsi/gomega from 1.28.0 to 1.28.1 by @dependabot in paketo-buildpacks/packit#530

Enable Alternative Checksum format of algorithm_hash by @ChuckQuinnIV in paketo-buildpacks/packit#526

New Contributors

@ChuckQuinnIV made their first contribution in paketo-buildpacks/packit#526

Full Changelog: https://github.com/paketo-buildpacks/packit/compare/v2.11.0...v2.12.0

Commits

fb332c0 Enable Alternative Checksum format of algorithm_hash (#526)
14ebfa0 Bump github.com/onsi/gomega from 1.28.0 to 1.28.1
0ce6d54 Bump github.com/gabriel-vasile/mimetype from 1.4.2 to 1.4.3
7893a5c Updating github-config
8a7cf8f Bump github.com/onsi/gomega from 1.27.10 to 1.28.0
de0f00f Bump github.com/google/uuid from 1.3.0 to 1.3.1
abeb000 Bump github.com/onsi/gomega from 1.27.9 to 1.27.10
2ef9116 Bump github.com/onsi/gomega from 1.27.8 to 1.27.9
65e47b8 Bump github.com/BurntSushi/toml from 1.3.1 to 1.3.2
6c889fc Bump github.com/BurntSushi/toml from 1.3.0 to 1.3.1
Additional commits viewable in compare view

Updates github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.7.2

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.7.2

This is a bugfix release that ships with minimal support for the CycloneDX v1.5 specification.

Full support is being worked on and planned to be released soon. The progress may be tracked in #90.

The reason for publishing partial support like this is to allow the consumption of v1.5 BOMs, which fails with cyclonedx-go <= v0.7.1.

Warning
The default SpecVersion has been updated to SpecVersion1_5. If your application generates BOMs, and you're not ready (or willing) to distribute BOMs following the v1.5 specification yet, consider using EncodeVersion to generate output for an older version of the spec.

Changelog

Features

7128a921f3e83a43feef75bc8ab95642c236ef82: feat: raise baseline go version to 1.18 (@nscuro)

Fixes

ff719b64835af6e75dcfd6e7ff90d070f271ae07: fix: unmarshal bom on v1.5 return invalid specification version (@chen-keinan)

Building and Packaging

966c223154527621395473cc045a7672609c879f: build(deps): bump CycloneDX/gh-gomod-generate-sbom from 1.1.0 to 2.0.0 (@dependabot[bot])

1e83e8598d07b6303522cb63458be2577223f8d3: build(deps): bump actions/checkout from 3.5.0 to 3.5.1 (@dependabot[bot])

78f6593ed81da036aec671c19ea937b3a80586bf: build(deps): bump actions/checkout from 3.5.1 to 3.5.2 (@dependabot[bot])

868f6db7d03da581dbe9b6d283acd6c477529c0a: build(deps): bump actions/checkout from 3.5.2 to 3.5.3 (@dependabot[bot])

5885827e4246b82e08d37f6f0b95c6c0a4ef821b: build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (@dependabot[bot])

d772b5438430be7879f3a4e7064c1ccbdbf153a1: build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 (@dependabot[bot])

578e8621c93869b9e0368eebb619cd96c7e9e2bb: build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.4 (@dependabot[bot])

f83e6a7c9d196eff9f99ecf8291cd4adeabce31a: build(deps): bump gitpod/workspace-go from 2be827f to 910daeb (@dependabot[bot])

cd7b23a68ff1c7467e211c9c69f9fb67c2244043: build(deps): bump gitpod/workspace-go from 910daeb to d7a41f5 (@dependabot[bot])

668553d1667110b8b34c7a4a954c3ac4707816ba: build(deps): bump gitpod/workspace-go from d7a41f5 to f37c673 (@dependabot[bot])

d9a5f8cf07fa834c02969fba2128bdb14c0865ff: build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (@dependabot[bot])

66f96dfacf866f8d2ca686659e964fc535c72f92: build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (@dependabot[bot])

8b51c39974573c22ba0a14ba1d5a0cd5b50c68fa: build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (@dependabot[bot])

e44f7de374a51cd1228117d43ccedfdcbe50cd73: build(deps): bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0 (@dependabot[bot])

6360fe1474853e461a6af83fc6214882b4647f09: build(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 (@dependabot[bot])

Others

a06990657b338db19fec11a677ea915eea2b5c74: feat(spec1-5): add initial support for spec v1.5 (@nscuro)

67a7567143eb3373099f100bbe17143239cf5d4e: feat(spec1-5): add licensing, license properties, and license bom-ref (@nscuro)

d2f3bb95bf740da7a6d36c6a1c324356afed5356: feat(spec1-5): add lifecycle support (@nscuro)

eb041b55b2eb8685a37be6f7a9c265fb6528377b: feat(spec1-5): add new component types (@nscuro)

c45ba618028d9f0cb593784e6483f4392a78ff3b: feat(spec1-5): add new external reference types (@nscuro)

d84947d74d7df97f851211bf7b72786e3583b9e3: feat(spec1-5): add support for annotations (@nscuro)

0ba04965ce8c5df710eb2a1cae1e7546ffb6321b: feat(spec1-5): bump schema to 1.5 for round-trip tests (@nscuro)

4e20914ebfc2aa80fbe0fa32650567554ebaaf49: misc(dx): add project icon for intellij and goland (@nscuro)

Commits

83031d6 Merge pull request #117 from CycloneDX/dependabot/github_actions/golangci/gol...
8b51c39 build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0
0ed4535 Merge pull request #114 from CycloneDX/dependabot/github_actions/goreleaser/g...
6360fe1 build(deps): bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0
5c1db8e Merge pull request #113 from CycloneDX/dependabot/github_actions/actions/setu...
d772b54 build(deps): bump actions/setup-go from 4.0.1 to 4.1.0
3d592d2 Merge pull request #112 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
668553d build(deps): bump gitpod/workspace-go from d7a41f5 to f37c673
fdeec7e Merge pull request #111 from CycloneDX/idea-project-icon
4e20914 misc(dx): add project icon for intellij and goland
Additional commits viewable in compare view

Updates github.com/andybalholm/brotli from 1.0.5 to 1.0.6

Commits

b7a4cf9 remove Content-Type requirement
See full diff in compare view

Updates github.com/bmatcuk/doublestar/v4 from 4.6.0 to 4.6.1

Release notes

Sourced from github.com/bmatcuk/doublestar/v4's releases.

Fixed Match bug with patterns like a/**/

Thanks @mmxmb for submitting the bug and opening a PR in #89!

Commits

180028b remove sponsor image =(
a1f32e3 don't run FilepathGlob tests on patterns ending in a slash
5df0d9d Globstar matches zero directories
See full diff in compare view

Updates github.com/cenkalti/backoff/v4 from 4.2.0 to 4.2.1

Commits

a04a6fe set minimum permissions for go.yaml
a214dad spelling: interval
af9bd1c spelling: found
See full diff in compare view

Updates github.com/cloudflare/circl from 1.3.3 to 1.3.5

Commits

13e767c Proof encoding and decoding
5007a76 Start filling out high-level API
a00adb5 Add multi-message test
96f8dfe Fix test vector bugs
5f6d639 Add initial BBS implementation sketch
44133f7 spelling: tripped
c2076d6 spelling: transposes
dad2166 spelling: title
171c418 spelling: threshold
82b7495 spelling: the
Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.0 to 1.7.7

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.7

Welcome to the v1.7.7 release of containerd!

The seventh patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

Require plugins to succeed after registering readiness (#9165)

Handle unexpected shim kill events (#9132)

Build binaries with Go 1.21.1 (#9167)

cri: Stop recommending disable_cgroup (#9168)

remotes/docker: Fix MountedFrom prefixed with target repository (#9193)

remotes: always try to establish tls connection when tls configured (#9188)

NRI: Add support for rlimits (#48)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Derek McGowan

Samuel Karp

Krisztian Litkey

Wei Fu

Phil Estes

Sebastiaan van Stijn

Iceber Gu

Mike Brown

Akihiro Suda

Paweł Gronowski

Steve Griffith

Aditya Ramani

Austin Vazquez

Danny Canter

James Sturtevant

Kern Walster

ZP-AlwaysWin

Changes

[release/1.7] Prepare release notes for v1.7.7 (#9194)

a34fa5681 Prepare release notes for v1.7.7

[release/1.7] Allow for images with artifacts to pull (#9149)

6ca0aebf0 Allow for images with artifacts to pull

[release 1.7] remotes/docker: Fix MountedFrom prefixed with target repository (#9193)

7df492a95 remotes/docker: Fix MountedFrom prefixed with target repository

... (truncated)

Commits

8c08766 Merge pull request #9194 from dcantah/release-notes-1.7.7
a34fa56 Prepare release notes for v1.7.7
8664fca Merge pull request #9149 from jsturtevant/cherry-pick-9142-on-1-7
6ca0aeb Allow for images with artifacts to pull
72e0200 Merge pull request #9193 from vvoland/remotes-docker-mounted-fix-1.7
814f6c2 Merge pull request #9134 from Kern--/release/1.7
781d395 Merge pull request #9188 from dmcgowan/backport-1.7-localhost-http-fallback
7df492a remotes/docker: Fix MountedFrom prefixed with target repository
7779ce6 remotes: always try to establish tls connection when tls configured
b3db314 Bump x/net to 0.13
Additional commits viewable in compare view

Updates github.com/docker/distribution from 2.8.2+incompatible to 2.8.3+incompatible

Release notes

Sourced from github.com/docker/distribution's releases.

v2.8.3

What's Changed

Pass BUILDTAGS argument to go build by @marcusirgens in distribution/distribution#3926

Enable Go build tags by @thaJeztah in distribution/distribution#4009

reference: replace deprecated function SplitHostname by @thaJeztah in distribution/distribution#4032

Dont parse errors as JSON unless Content-Type is set to JSON by @thaJeztah in distribution/distribution#4054

update to go 1.20.8 by @thaJeztah in distribution/distribution#4056

Set Content-Type header in registry client ReadFrom by @thaJeztah in distribution/distribution#4053

deprecate reference package, migrate to github.com/distribution/reference by @thaJeztah in distribution/distribution#4063

digestset: deprecate package in favor of go-digest/digestset by @thaJeztah in distribution/distribution#4064

Do not close HTTP request body in HTTP handler by @milosgajdos in distribution/distribution#4068

Add v2.8.3 release notes by @milosgajdos in distribution/distribution#4088

New Contributors

@marcusirgens made their first contribution in distribution/distribution#3926

Full Changelog: https://github.com/distribution/distribution/compare/v2.8.2...v2.8.3

Commits

4772604 Merge pull request #4088 from distribution/2.8.3-release-notes
a4fa699 Add v2.8.3 release notes
1eb2c30 Merge pull request #4068 from milosgajdos/2_8-dont-close-request-body
5e6b1b5 Do not close HTTP request body in HTTP handler
2b76378 Merge pull request #4064 from thaJeztah/2.8_backport_nodigestset
29b00e8 digestset: deprecate package in favor of go-digest/digestset
d1ab243 [release/2.8] vendor: github.com/opencontainers/go-digest v1.0.0
11eb419 Merge pull request #4063 from thaJeztah/2.8_backport_switch_reference
3dda067 deprecate reference package, migrate to github.com/distribution/reference
da05539 Merge pull request #4053 from thaJeztah/2.8_backport_set-content-type-client-...
Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.7.0 to 0.8.0

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.8.0

What's Changed

wincred: windows/arm64 support by @crazy-max in docker/docker-credential-helpers#279

osxkeychain: Delete(): return typed errors by @thaJeztah in docker/docker-credential-helpers#278

osxkeychain: match min macos version for xx by @crazy-max in docker/docker-credential-helpers#283

pass: fix interpolation of $PASSWORD_STORE_DIR, and use os.UserHomeDir() by @thaJeztah in docker/docker-credential-helpers#287

cli: assorted improvements, and add --version, -v, and --help, -h flags by @thaJeztah in docker/docker-credential-helpers#284

vendor: github.com/danieljoos/wincred v1.2.0 by @thaJeztah in docker/docker-credential-helpers#271

vendor: golang.org/x/sys v0.7.0 by @crazy-max in docker/docker-credential-helpers#265

chore: update go to 1.20.6 by @crazy-max @thaJeztah in docker/docker-credential-helpers#297 docker/docker-credential-helpers#293 docker/docker-credential-helpers#281 docker/docker-credential-helpers#263

chore: use go build constraint by @crazy-max in docker/docker-credential-helpers#289

credentials: fix minor nits in tests for credentials by @thaJeztah in docker/docker-credential-helpers#291

credentials: improve errors and error-handling by @thaJeztah in docker/docker-credential-helpers#292

chore: remove uses of golang.org/x/sys/execabs by @thaJeztah in docker/docker-credential-helpers#270

chore: format code with gofumpt by @thaJeztah in docker/docker-credential-helpers#273

chore: rewrite tests to use sub-tests, improve error-handling in tests, and use t.Cleanup() by @thaJeztah in docker/docker-credential-helpers#275

chore: use designated domains in tests (RFC2606) (step 1) by @thaJeztah in docker/docker-credential-helpers#294

chore: fix vendor validation by @crazy-max in docker/docker-credential-helpers#253

chore: update xx to 1.2.1 by @crazy-max in docker/docker-credential-helpers#264

chore: use same target for sandboxed and native tests by @crazy-max in docker/docker-credential-helpers#285

ci: bump runners to ubuntu-22.04 by @crazy-max in docker/docker-credential-helpers#276

chore: add CONTRIBUTING.md, CODE_OF_CONDUCT.md, SECURITY.md by @thaJeztah in docker/docker-credential-helpers#272

chore: fix build status badge being broken by @okrc in docker/docker-credential-helpers#252

docs: install emulators when building with docker by @crazy-max in docker/docker-credential-helpers#286

New Contributors

@okrc made their first contribution in docker/docker-credential-helpers#252

Full Changelog: https://github.com/docker/docker-credential-helpers/compare/v0.7.0...v0.8.0

Commits

8396edb Merge pull request #297 from thaJeztah/update_go_1.20.6
a3d1ffc update go to go1.20.6
c03d56c deb: update to golang bullseye
7f48455 Merge pull request #294 from thaJeztah/use_designated_domains_step1
a90e3fa secretservice: use designated domains in tests (RFC2606)
ffb3232 pass: use designated domains in tests (RFC2606)
1050848 client: use designated domains in tests (RFC2606)
7d66ae0 osxkeychain: use designated domains in tests (RFC2606)
13475b4 credentials: use designated domains in tests (RFC2606)
91af1de registryurl: use designated domains in tests (RFC2606)
Additional commits viewable in compare view

Updates github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0

Release notes

Sourced from github.com/go-git/go-billy/v5's releases.

v5.5.0

What's Changed

*: Bump dependencies and go.mod to Go 1.18. Add codeQL workflow. by @pjbgf in go-git/go-billy#30

osfs: Add new BoundOS type by @pjbgf in go-git/go-billy#31

Re-introduce osfs.Default by @pjbgf in go-git/go-billy#33

Revert back to upstream github.com/cyphar/filepath-securejoin by @pjbgf in go-git/go-billy#34

Full Changelog: https://github.com/go-git/go-billy/compare/v5.4.1...v5.5.0

Commits

5c1dfec Merge pull request #34 from pjbgf/bump-scj
3994cd7 osfs: Add WithDeduplicatePath
e223a66 Bump github.com/cyphar/filepath-securejoin
ca80085 Merge pull request #33 from pjbgf/default
74a6e60 Re-introduce osfs.Default
1d4d3d3 Merge pull request #31 from pjbgf/new-osfs
3c59de8 osfs: Add new BoundOS type
dafe8bc build: Bump Go to 1.19
326c59f Merge pull request #30 from pjbgf/updates
c88853b *: Add CodeQL workflow
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.6.1 to 5.10.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.10.0

What's Changed

PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by @ThinkChaos in go-git/go-git#782

Worktree, apply ProxyOption on Pull by @nodivbyzero in go-git/go-git#840

Repository: add clone --shared feature by @enverbisevac in go-git/go-git#860

build: Add github workflow to check commit message format by @pjbgf in go-git/go-git#867

Improve handling of remote errors by @makkes in go-git/go-git#866

build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @dependabot in go-git/go-git#873

plumbing: commitgraph, Add generation v2 support by @zeripath in go-git/go-git#869

plumbing: protocol/packp, Add validation for decodeLine by @pjbgf in go-git/go-git#868

plumbing: parse the encoding header of the commit object by @liwenqiu in go-git/go-git#761

plumbing: commitgraph, allow SHA256 commit-graphs by @zeripath in go-git/go-git#853

plumbing: commitgraph, Allow reading commit-graph chains by @zeripath in go-git/go-git#854

plumbing/object: Support mergetag in merge commits by @adityasaky in go-git/go-git#847

New Contributors

@nodivbyzero made their first contribution in go-git/go-git#840

@adityasaky made their first contribution in go-git/go-git#847

@hezhizhen made their first contribution in go-git/go-git#836

@0x34d made their first contribution in go-git/go-git#855

@liwenqiu made their first contribution in go-git/go-git#761

@enverbisevac made their first contribution in go-git/go-git#860

@makkes made their first contribution in go-git/go-git#866

Full Changelog: https://github.com/go-git/go-git/compare/v5.9.0...v5.10.0

v5.9.0

What's Changed

git: worktree: add Amend option to CommitOptions by @john-cai in go-git/go-git#438

git: worktree, reset ignored files that are part of the worktree: Fixes #819 by @daolis in go-git/go-git#821

plumbing: Do not swallow http message coming from VCS providers by @matejrisek in go-git/go-git#835

plumbing: transport, handle IPv6 while parsing endpoint. Fixes #740 by @ninedraft in go-git/go-git#820

*: update goproxy dependency to fix CVE-2023-37788 vulnerability by @svghadi in go-git/go-git#832

*: bump dependencies and Go to 1.19 by @pjbgf in go-git/go-git#837

New Contributors

@svghadi made their first contribution in go-git/go-git#832

@daolis made their first contribution in go-git/go-git#821

Full Changelog: https://github.com/go-git/go-git/compare/v5.8.1...v5.9.0

v5.8.1

What's Changed

*: Bump dependencies by @pjbgf in go-git/go-git#815

Full Changelog: https://github.com/go-git/go-git/compare/v5.8.0...v5.8.1

v5.8.0

... (truncated)

Commits

72ce996 Merge pull request #869 from zeripath/graph-generation-2
24261e8 Merge pull request #873 from go-git/dependabot/go_modules/golang.org/x/net-0....
3ee0288 build: bump golang.org/x/net from 0.15.0 to 0.17.0
69b88d9 plumbing: commitgraph, Add generation v2 support
623c6df Merge pull request #866 from makkes/better-error-handling
129b709 plumbing: transport/common, Improve handling of remote errors
e61537e Merge pull request #867 from pjbgf/commit-checker
1a73661 build: Add github workflow to check commit message format
771a3eb Merge pull request #868 from pjbgf/fix-fuzz
7ef7dc7 Merge pull request #860 from enverbisevac/master
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.15.1 to 0.16.1

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.16.1

Release is broken due to goreleaser error, 0.16.1 has the fix

What's Changed

bump deps using ./hack/bump-deps.sh by @imjasonh in google/go-containerregistry#1702

Allow crane to export schema 1 images by @jonjohnsonjr in google/go-containerregistry#1704

fixed a goroutine leak by @ktarplee in google/go-containerregistry#1705

retry HTTP 522 errors by default by @imjasonh in google/go-containerregistry#1707

Limit size of manifest by @AdamKorcz in google/go-containerregistry#1711

Add crane auth token by @jonjohnsonjr in google/go-containerregistry#1709

Bump codecov/codecov-action from 3.1.3 to 3.1.4 by @dependabot in google/go-containerregistry#1710

Pass scopes through crane auth token by @jonjohnsonjr in google/go-containerregistry#1713

fix: add bounds checking to addendum layer mutations to prevent panic by @aaron-prindle in google/go-containerregistry#1715

Surface better error messages in crane index by @jonjohnsonjr in google/go-containerregistry#1722

crane: add missing name option in crane index commands by @HubertZhang in google/go-containerregistry#1723

crane: Respect cmd.OutOrStdout by @kyleconroy in google/go-containerregistry#1728

Make ErrSchema1 checkable via errors.Is() by @Laitr0n in google/go-containerregistry#1721

Don't load into daemon if the image already exists by @jonjohnsonjr in google/go-containerregistry#1724

add --blobs-to-disk to 'crane registry serve' by @imjasonh in google/go-containerregistry#1731

Correct crane registry help text by @jonjohnsonjr in google/go-containerregistry#1732

Allow concurrent blob Sets, use RWMutex by @mattmoor in google/go-containerregistry#1733

Use RWLock, limit scope of locking, write digest first by @mattmoor in google/go-containerregistry#1734

Let the filesystem handle atomicity by @mattmoor in google/go-containerregistry#1735

Don't try cross-origin mounting against dockerhub by @jonjohnsonjr in google/go-containerregistry#1743

Drop localhost to support crane registry serve in a container by @mattmoor in google/go-containerregistry#1746

Return OCI Index content-type for referrers response by @jdolitsky in google/go-containerregistry#1762

New Contributors

@AdamKorcz made their first contribution in google/go-containerregistry#1711

@HubertZhang made their first contribution in google/go-containerregistry#1723

@kyleconroy made their first contribution in google/go-containerregistry#1728

@Laitr0n

paketo-buildpacks / npm-install

Bump the go-modules group with 27 updates #564

v1.29.0

1.29.0

Features

v1.28.1

1.28.1

Maintenance

1.29.0

Features

1.28.1

Maintenance

v2.12.0

What's Changed

New Contributors

v0.7.2

Changelog

Features

Fixes

Building and Packaging

Others

Fixed Match bug with patterns like a/**/

containerd 1.7.7

Notable Updates

Contributors

Changes

v2.8.3

What's Changed

New Contributors

v0.8.0

What's Changed

New Contributors

v5.5.0

What's Changed

v5.10.0

What's Changed

New Contributors

v5.9.0

What's Changed

New Contributors

v5.8.1

What's Changed

v5.8.0

v0.16.1

What's Changed

New Contributors

Fixed Match bug with patterns like `a/**/`