search

paketo-buildpacks / npm-install

A Cloud Native Buildpack for npm
Apache License 2.0
10 stars 17 forks source link

Bump github.com/docker/docker from 24.0.7+incompatible to 25.0.3+incompatible #622

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps github.com/docker/docker from 24.0.7+incompatible to 25.0.3+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.3

25.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

What's Changed

  • [25.0 backport] pkg/ioutils: Make subsequent Close attempts noop moby/moby#47222
  • [25.0 backport] Fix HasResource inverted boolean error - vendor swarmkit v2.0.0-20240125134710-dcda100a8261 moby/moby#47225
  • [25.0 backport] gha: update actions to account for node 16 deprecation moby/moby#47291
  • [25.0 backport] docs: remove dead links from api verison history moby/moby#47296
  • [25.0 backport] Assert temp output directory is not an empty string moby/moby#47298
  • [25.0 backport] api: Document version in /build moby/moby#47295
  • [25.0 backport] De-flake TestSwarmClusterRotateUnlockKey moby/moby#47201
  • [25.0 backport] Add internal n/w bridge to firewalld docker zone moby/moby#47303
  • [25.0 backport] Only restore a configured MAC addr on restart. moby/moby#47304
  • [25.0 backport] Revert "daemon: automatically set network EnableIPv6 if needed" moby/moby#47310
  • [25.0 backport] libnet: bridge: ignore EINVAL when configuring bridge MTU moby/moby#47311
  • [25.0 backport] logger/journald: fix tailing logs with systemd 255 moby/moby#47243
  • [25.0 backport] add more //go:build directives to prevent downgrading to go1.16 language moby/moby#47220
  • [25.0 backport] libcontainerd/supervisor: fix data race moby/moby#47313
  • [25.0 backport] plugins: Fix panic when fetching by digest moby/moby#47323
  • [25.0 backport] Dockerfile: update docker-cli to v25.0.2, docker compose v2.24.5 moby/moby#47316
  • [25.0 backport] image/save: Fix untagged images not present in index.json moby/moby#47294
  • [25.0 backport] Dockerfile: update RootlessKit to v2.0.1 moby/moby#47334
  • [25.0 backport] image/cache: Ignore Build and Revision on Windows moby/moby#47337
  • [25.0 backport] profiles/seccomp: add syscalls for kernel v5.17 - v6.6, match containerd's profile moby/moby#47344
  • [25.0 backport] c8d: Use the same logic to get the present images moby/moby#47348

Full Changelog: https://github.com/moby/moby/compare/v25.0.2...v25.0.3

v25.0.2

25.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains security fixes for the following CVEs affecting Docker Engine and its components.

CVE Component Fix version Severity

... (truncated)

Commits
  • f417435 Merge pull request #47348 from rumpl/25.0_backport-history-config
  • acd023d c8d: Use the same logic to get the present images
  • 7a075ca Merge pull request #47344 from thaJeztah/25.0_backport_seccomp_updates
  • aff7177 Merge pull request #47337 from vvoland/cache-fix-older-windows-25
  • ed7c263 seccomp: add futex_wake syscall (kernel v6.7, libseccomp v2.5.5)
  • 74e3b4f seccomp: add futex_wait syscall (kernel v6.7, libseccomp v2.5.5)
  • 4cc0416 seccomp: add futex_requeue syscall (kernel v6.7, libseccomp v2.5.5)
  • f9f9e7f seccomp: add map_shadow_stack syscall (kernel v6.6, libseccomp v2.5.5)
  • 5fb4eb9 seccomp: add fchmodat2 syscall (kernel v6.6, libseccomp v2.5.5)
  • 67e9aa6 seccomp: add cachestat syscall (kernel v6.5, libseccomp v2.5.5)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions