Bump the go-modules group with 4 updates

[dependabot[bot]]

Bumps the go-modules group with 4 updates: github.com/google/go-containerregistry, github.com/sylabs/sif/v2, golang.org/x/mod and golang.org/x/net.

Updates github.com/google/go-containerregistry from 0.19.1 to 0.19.2

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.19.2

What's Changed

• Add JSON marshalling funcs for Digest. by @​wlynch in google/go-containerregistry#1915
• registry: Implement Range requests for blobs by @​jonjohnsonjr in google/go-containerregistry#1917
• Support podman auth file REGISTRY_AUTH_FILE. by @​zhaoyonghe in google/go-containerregistry#1914
• feat: crane mutate platform by @​joshwlewis in google/go-containerregistry#1919
• Add Context support to auth methods by @​jonjohnsonjr in google/go-containerregistry#1949
• Fix windows race condition when writing image with duplicate layers by @​dgannon991 in google/go-containerregistry#1921
• Add -O shorthand for --omit-digest-tags to crane. by @​smoser in google/go-containerregistry#1958

New Contributors

• @​wlynch made their first contribution in google/go-containerregistry#1915
• @​zhaoyonghe made their first contribution in google/go-containerregistry#1914
• @​joshwlewis made their first contribution in google/go-containerregistry#1919
• @​dgannon991 made their first contribution in google/go-containerregistry#1921
• @​smoser made their first contribution in google/go-containerregistry#1958

Full Changelog: https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2

Commits

• 1b4e407 Add -O shorthand for --omit-digest-tags to crane. (#1958)
• 3764db2 Fix windows race condition when writing image with duplicate layers (#1921)
• 39d1148 Add Context support to auth methods (#1949)
• ff385a9 feat: mutate platform (#1919)
• 98dd3e9 Support podman auth file REGISTRY_AUTH_FILE. (#1914)
• 051d642 registry: Implement Range requests for blobs (#1917)
• 0309184 Add JSON marshalling funcs for Digest. (#1915)
• See full diff in compare view

Updates github.com/sylabs/sif/v2 from 2.16.0 to 2.17.0

Release notes

Sourced from github.com/sylabs/sif/v2's releases.

v2.17.0

This release adds support for updating the digest of an OCI blob within a SIF.

Specifically, the following API has been added:

• func (*FileImage) SetOCIBlobDigest: updates the digest of the OCI blob object with id to h, according to opts.

What's Changed

• chore: bump golangci-lint to v1.57 by @​tri-adam in sylabs/sif#357
• build(deps): bump github.com/sigstore/sigstore from 1.8.2 to 1.8.3 by @​dependabot in sylabs/sif#358
• build(deps): bump github.com/sigstore/sigstore from 1.8.3 to 1.8.4 by @​dependabot in sylabs/sif#359
• ci: bump golangci-lint to v1.59 by @​tri-adam in sylabs/sif#360
• ci: update to use goreleaser v2 by @​tri-adam in sylabs/sif#361
• build(deps): bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 by @​dependabot in sylabs/sif#362
• build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 by @​dependabot in sylabs/sif#363
• refactor: split add/del/set code into files by @​tri-adam in sylabs/sif#364
• feat: add SetOCIBlobDigest by @​tri-adam in sylabs/sif#365

Full Changelog: https://github.com/sylabs/sif/compare/v2.16.0...v2.17.0

Commits

• d63ee14 Merge pull request #365 from tri-adam/set-blob-digest
• b85400b feat: add SetOCIBlobDigest
• 3c091b8 Merge pull request #364 from tri-adam/file-refactor
• 84ca397 refactor: split add/del/set code into files
• f2f07f5 build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 (#363)
• e9991e0 build(deps): bump github.com/google/go-containerregistry (#362)
• d2e4b56 Merge pull request #361 from tri-adam/bump-goreleaser
• c1a8618 ci: update to use goreleaser v2
• 30fa42b Merge pull request #360 from tri-adam/ci-updates
• f63936f ci: bump node to v22
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.17.0 to 0.18.0

Commits

• c0bdc7b modfile: add API for godebug lines
• 6686f41 module: add COM0 and LPT0 to badWindowsNames
• See full diff in compare view

Updates golang.org/x/net from 0.25.0 to 0.26.0

Commits

• 66e838c go.mod: update golang.org/x dependencies
• 6249541 http2: avoid race in server handler SetReadDeadine/SetWriteDeadline
• 603e3e6 quic: disable X25519Kyber768Draft00 in tests
• 67e8d0c http2: report an error if goroutines outlive serverTester tests
• 5608279 http2: avoid corruption in priority write scheduler
• 0d515a5 http2: factor out frame read/write test functions
• 9f5b79b http2: drop unused retry function
• 03c24c2 http2: use synthetic time in server tests
• 022530c http2: add a more full-featured test net.Conn
• 410d19e http2: avoid racy access to clientStream.requestedGzip
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions