search

trustbloc / edv

Encrypted data vault implementation in Golang - https://identity.foundation/edv-spec/
Apache License 2.0
16 stars 17 forks source link

chore(deps): Bump github.com/containerd/containerd from 1.5.7 to 1.5.18 in /test/bdd #269

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/containerd/containerd from 1.5.7 to 1.5.18.

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.5.18

Welcome to the v1.5.18 release of containerd!

The eighteenth patch release for containerd 1.5 includes fixes for CVE-2023-25153 and CVE-2023-25173 along with a security update for Go.

Notable Updates

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Akihiro Suda
  • Derek McGowan
  • Ye Sijun
  • Samuel Karp
  • Phil Estes
  • Swagat Bora
  • Wei Fu

Changes

  • [release/1.5] Prepare release notes for v1.5.18 (#8117)
    • ddf9de6cb Prepare release notes for v1.5.18
  • Github Security Advisory GHSA-hmfx-3pcx-653p
    • a62c38bf2 oci: fix additional GIDs
    • 3b89da580 oci: fix loop iterator aliasing
    • b07ec6b25 oci: skip checking gid for WithAppendAdditionalGroups
    • 356672cb5 refactor: reduce duplicate code
    • 6a7b7617c add WithAdditionalGIDs test
    • 832bcf300 add WithAppendAdditionalGroups helper
  • Github Security Advisory GHSA-259w-8hf6-59c2
    • 19a347e45 importer: stream oci-layout and manifest.json
  • [release/1.5] Go 1.19.6 (#8112)
  • [release/1.5] Fix retry logic within devmapper device deactivation (#8089)
    • 0d16d045d Fix retry logic within devmapper device deactivation
  • [release/1.5] CI: skip some jobs when repo != containerd/containerd (#8084)
    • 34451bc66 CI: skip some jobs when repo != containerd/containerd

... (truncated)

Commits
  • 39bb06f Merge pull request #8117 from dmcgowan/prepare-v1.5.18
  • ddf9de6 Prepare release notes for v1.5.18
  • 28e4618 Merge pull request from GHSA-hmfx-3pcx-653p
  • 959e1cf Merge pull request from GHSA-259w-8hf6-59c2
  • b4538c2 Merge pull request #8112 from AkihiroSuda/cherrypick-8109-1.5
  • 4209dc2 Go 1.19.6
  • 7c3b243 Merge pull request #8089 from swagatbora90/backport-1.5
  • 0d16d04 Fix retry logic within devmapper device deactivation
  • 9e9f4c8 Merge pull request #8084 from AkihiroSuda/ci-skip-on-fork-1.5
  • a62c38b oci: fix additional GIDs
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/trustbloc/edv/network/alerts).
codecov[bot] commented 1 year ago

Codecov Report

Base: 85.34% // Head: 85.34% // No change to project coverage :thumbsup:

Coverage data is based on head (0a4af86) compared to base (b6fb190). Patch has no changes to coverable lines.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #269 +/- ## ======================================= Coverage 85.34% 85.34% ======================================= Files 13 13 Lines 1795 1795 ======================================= Hits 1532 1532 Misses 161 161 Partials 102 102 ``` Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=trustbloc). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=trustbloc)

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.