Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.
Maintenance
Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
v1.32.0
1.32.0
Maintenance
Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]
This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @jbduncan !). Please open an issue if you run into one.
Receive not accepts Receive(<POINTER>, MATCHER>), allowing you to pick out a specific value on the channel that satisfies the provided matcher and is stored in the provided pointer.
Maintenance
Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745) [9999deb]
Bump github-pages from 229 to 230 in /docs (#735) [cb5ff21]
Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746) [bac6596]
1.32.0
Maintenance
Migrate github.com/golang/protobuf to google.golang.org/protobuf [436a197]
This release drops the deprecated github.com/golang/protobuf and adopts google.golang.org/protobuf. Care was taken to ensure the release is backwards compatible (thanks @jbduncan !). Please open an issue if you run into one.
Unfortunately, there are also breaking changes in this release:
The type of Metadata.Tools has changed from *[]Tool to *ToolsChoice, to facilitate the deprecation of Tool in the spec
ToolsChoice holds both legacy *[]Tool, as well as the new *[]Component and *[]Service fields
The Tool type, as well as the ToolsChoice.Tools field are marked as deprecated
During encoding and decoding, it is asserted that only one of both options can be present, in accordance with the "One of" constraint of the spec
When encoding to lower spec versions than v1.5 (using EncodeVersion), Components and Services are automatically converted to legacy Tools
It is strongly recommended to use Components and Services. However, when consuming BOMs, applications should still expect legacy Tools to be present, and handle them accordingly.
Changelog
Fixes
64eb0c84b3d909db47c5154c17d075f68b0c85ae: fix: remove format linters that require extra tooling (@nscuro)
Building and Packaging
696aa66151e800a672c9ec860f30d8716ae6a025: build(deps): bump actions/checkout from 3.5.3 to 4.1.0 (@dependabot[bot])
b50b319d1580d5b624cfc866bc108b589b328157: build(deps): bump actions/checkout from 4.1.0 to 4.1.1 (@dependabot[bot])
5cad1b0a7dad106950790fad960be5f7e62b2110: build(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (@dependabot[bot])
b0910619560e5b0b0fae51dc97c4a343983873fb: build(deps): bump gitpod/workspace-go from d3603c7 to 94ae638 (@dependabot[bot])
9e310b6d641245c89aa01f07a21b50c38f04b087: build(deps): bump gitpod/workspace-go from f37c673 to d3603c7 (@dependabot[bot])
89494fd98291ca8115e02cab78e2e47360352f00: build(deps): bump goreleaser/goreleaser-action from 4.4.0 to 5.0.0 (@dependabot[bot])
Others
61dd91e0bbe730454bef42bc0c1b0a3f97411c02: feat(spec1-5): add support for machine learning (@nscuro)
f831960f0887c1f60681924e4d4382cd4bb52ff0: feat(spec1-5): update valid-vulnerability test snapshots (@nscuro)
ffc9a4eb9204f5a31b7fb1d6cd907e6cc3e93578: ci: enable more linters (@mmorel-35)
This release contains a security fix for [CVE-2024-29018], a potential data exfiltration from 'internal' networks via authoritative DNS servers.
New
Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume. moby/moby#45687
Add volume-subpath support to the mount flag (--mount type=volume,...,volume-subpath=<subpath>). docker/cli#4331
Accept = separators and [ipv6] in compose files for docker stack deploy. docker/cli#4860
rootless: Add support for enabling host loopback by setting the DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK environment variable to false (defaults to true). This lets containers connect to the host by using IP address 10.0.2.2. moby/moby#47352
containerd image store: docker image ls no longer creates duplicates entries for multi-platform images. moby/moby#45967
[CVE-2024-29018]: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
Ensure that a generated MAC address is not restored when a container is restarted, but a configured MAC address is preserved. moby/moby#47233
... (truncated)
Commits
60b9add Merge pull request #47705 from robmry/backport-26.0/47662_ipvlan_l3_dns
8ad7f86 Run ipvlan tests even if 'modprobe ipvlan' fails
dc27552 Stop macvlan with no parent from using ext-dns
Bumps the go-modules group with 21 updates in the / directory:
1.30.0
1.33.0
0.18.0
0.18.5
2.12.0
2.13.0
0.7.2
0.8.0
0.6.1
0.6.2
0.11.4
0.12.3
1.0.6
1.1.0
4.2.1
4.3.0
0.5.0
0.6.0
0.8.0
0.8.1
5.11.0
5.12.0
1.5.3
1.5.4
1.17.4
1.17.8
0.0.0-20230301153543-ba94b245509b
0.1.0
4.1.19
4.1.21
0.4.4
0.4.7
0.2.0
0.3.0
1.3.1
1.4.0
0.5.3
0.5.4
2.15.0
2.16.0
1.2.3
1.2.4
Updates
github.com/onsi/gomega
from 1.30.0 to 1.33.0Release notes
Sourced from github.com/onsi/gomega's releases.
... (truncated)
Changelog
Sourced from github.com/onsi/gomega's changelog.
Commits
f2e65fc
v1.33.002e8706
docs: Receive(POINTER, MATCHER)ec1f186
feat: receiver matcher accepting (POINTER, MATCHER), includes unit tests9999deb
Bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#745)cb5ff21
Bump github-pages from 229 to 230 in /docs (#735)bac6596
Bump golang.org/x/net from 0.20.0 to 0.23.0 (#746)4379951
v1.32.0a350b95
Maintain source backwards compatibilitya6c8875
Fix failing test436a197
Migrate github.com/golang/protobuf to google.golang.org/protobufUpdates
github.com/paketo-buildpacks/occam
from 0.18.0 to 0.18.5Release notes
Sourced from github.com/paketo-buildpacks/occam's releases.
Commits
f23ed80
use go 1.20 (#288)4e0efea
remove toolchain from go.modea10e39
update fakes059d6bc
Bump github.com/google/go-containerregistry from 0.14.0 to 0.19.11f22679
Bump github.com/docker/docker37cf400
Bump github.com/onsi/gomega from 1.30.0 to 1.32.0122482e
Bump github.com/testcontainers/testcontainers-go from 0.26.0 to 0.30.0 (#285)393f58f
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0f37d228
Bump github.com/opencontainers/runc from 1.1.5 to 1.1.121d68391
tests: adding tests for NewContainerFromInspectOutput functionUpdates
github.com/paketo-buildpacks/packit/v2
from 2.12.0 to 2.13.0Release notes
Sourced from github.com/paketo-buildpacks/packit/v2's releases.
Commits
4c9f338
Allows users to set a dependency mirror (#563)4e9c21d
Bump github.com/onsi/gomega from 1.32.0 to 1.33.0dd77ec5
Bump github.com/ulikunitz/xz from 0.5.11 to 0.5.1295b8056
Bump github.com/onsi/gomega from 1.31.1 to 1.32.0777a503
Bump github.com/stretchr/testify from 1.8.4 to 1.9.0c1b785b
Bump github.com/google/uuid from 1.5.0 to 1.6.0b31dc83
Bump github.com/onsi/gomega from 1.31.0 to 1.31.1dbbbbc5
Bump github.com/onsi/gomega from 1.30.0 to 1.31.0703e4fb
Bump github.com/google/uuid from 1.4.0 to 1.5.0c10f263
Updating github-configUpdates
github.com/CycloneDX/cyclonedx-go
from 0.7.2 to 0.8.0Release notes
Sourced from github.com/CycloneDX/cyclonedx-go's releases.
Commits
b9654ae
Merge pull request #90 from CycloneDX/spec-v1.564eb0c8
fix: remove format linters that require extra toolingc7a84ac
feat(spec1-5): handle deprecation of toolsf856daa
feat(spec1-5): add support for formulation2fbde0e
feat(spec1-5): add support for identity, occurrences, and callstack evidence61dd91e
feat(spec1-5): add support for machine learningf831960
feat(spec1-5): updatevalid-vulnerability
test snapshotsfe3a904
feat(spec1-5): add support for ssvc scoring method7d2713f
feat(spec1-5): add support for vulnerability proof of concept2ae5445
feat(spec1-5): add support for additional compositions and composition identityUpdates
github.com/Microsoft/go-winio
from 0.6.1 to 0.6.2Release notes
Sourced from github.com/Microsoft/go-winio's releases.
Commits
3c9576c
Update go1.21 and CI (#315)008bc6e
fileinfo: internally fix FileBasicInfo memory alignment (#312)bc421d9
Bug: Close hvsock handle on listen error; fix tests (#310)553a715
Merge pull request #302 from dblohm7/implevel21963303
pipe.go: add DialPipeAccessImpLevele6aebd6
fix: already typo (#303)eb5b095
sd.go: fix calculation of security descriptor length in SddlToSecurityDescrip...87c84cf
[lint] Remove deprecated tar.TypeRegA (#300)9f0d5dc
Switch from sycall to windows (#295)fec52bd
[lint] Fix errors from #276 (#296)Updates
github.com/Microsoft/hcsshim
from 0.11.4 to 0.12.3Release notes
Sourced from github.com/Microsoft/hcsshim's releases.
... (truncated)
Commits
c950974
Update go-winio to v0.6.2 & fix lint errorsad1ccf5
fix: move permissions to the correct job (#2080) (#2081)6588c1c
Updating permissions and github release action versions (#2078) (#2079)202f90a
Add spans and drop large size high volume trace logsfe8c673
updatenewBinaryCmd
URL path handling (#2041)85086d7
Upgrade to go1.21 + fix lint errors8039310
[deps] Omni-bus dependency update (#2039)7458e58
Update Cmd IO handling (#1937)5f9910a
Fix CodeQL pipeline failure (#2032)c56a09c
Merge pull request #1998 from yyatmsft/removeInternalTests2Updates
github.com/andybalholm/brotli
from 1.0.6 to 1.1.0Commits
17e5901
Make my matchfinder work more accessible.cf812c0
matchfinder: add M01b6cf36
matchfinder: remove MultiHash265f3af
matchfinder: penalize score for overlapping matchesa8d524a
matchfinder: replace Score function with DistanceBitCost578645e
matchfinder: add MultiHash24b2bfa
matchfinder.M4: add Score function4a024e3
matchfinder.M4: add match chain3a1c5cd
Fix typo in comment.0d2aef3
matchfinder.M4: factor out extendMatch2Updates
github.com/cenkalti/backoff/v4
from 4.2.1 to 4.3.0Commits
720b789
remove travis badge from readmea83af7f
feat(backoff): Add functional options for ExponentialBackOff Closes #136Updates
github.com/containerd/containerd
from 1.7.10 to 1.7.12Release notes
Sourced from github.com/containerd/containerd's releases.
... (truncated)
Commits
71909c1
Merge pull request #9632 from dmcgowan/prepare-v1.7.12775d544
Prepare release notes for v1.7.124ebe8e2
Merge pull request #9624 from thaJeztah/1.7_update_golang_1.20.13a5dc5b8
update to go1.20.13, test go1.21.650e7359
Merge pull request #9548 from Dzejrou/1.7_fix_ignoring_umask5a675f2
Merge pull request #9602 from thaJeztah/1.7_backport_no_execabsccca466
Merge pull request #9605 from thaJeztah/1.7_backport_switch_moby_user9251072
remove github.com/opencontainers/runc dependency4e67213
vendor: github.com/cncf-tags/container-device-interface v0.6.1e0ee0be
go.mod: github.com/opencontainers/runtime-spec v1.1.0Updates
github.com/distribution/reference
from 0.5.0 to 0.6.0Release notes
Sourced from github.com/distribution/reference's releases.
Commits
ff14faf
Merge pull request #9 from ozairasim/exclude-domain-from-name-length-validation2a66312
Merge pull request #10 from xrstf/patch-1094e717
fix typo in readmeaaca75e
Exclude domain from name length check8507c7f
Merge pull request #7 from thaJeztah/cleanup_splitDockerDomain89ee7ec
refactor splitDockerDomain to include more documentationa3fb784
Merge pull request #5 from thaJeztah/rm_deprecated4894124
remove deprecated SplitHostnameUpdates
github.com/docker/docker
from 24.0.7+incompatible to 26.0.1+incompatibleRelease notes
Sourced from github.com/docker/docker's releases.
... (truncated)
Commits
60b9add
Merge pull request #47705 from robmry/backport-26.0/47662_ipvlan_l3_dns8ad7f86
Run ipvlan tests even if 'modprobe ipvlan' failsdc27552
Stop macvlan with no parent from using ext-dns7b570f0
Enable DNS proxying for ipvlan-l38cdcc4f
Move dummy DNS server to integration/internal/networked752f6
Merge pull request ... _Description has been truncated_