search

vmware-archive / octant

Highly extensible platform for developers to better understand the complexity of Kubernetes clusters.
https://octant.dev
Apache License 2.0
6.28k stars 486 forks source link

Bump github.com/containers/image/v5 from 5.16.1 to 5.23.0 #3347

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps github.com/containers/image/v5 from 5.16.1 to 5.23.0.

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.23.0

Image.Inspect now provides more information.

Improved support for registries that require authentication, notably for the search operation.

  • Cirrus: Use the latest imgts container
  • Cirrus: Update CI VM images
  • Replace use of deprecated io/ioutil
  • Reformat with Go 1.19's gofmt
  • Use c/image's reference package
  • Rename archiveImageDestination.writer to file
  • Introduce archiveImageDestination.closeWriter
  • Use an *archive.Writer in dockerArchiveReference and dockerArchiveDestination
  • Inline openArchiveForWriting into archive.Writer
  • Automaticaly delete a docker-archive if we didn't write a complete image
  • Update a test dependency to avoid override problems
  • docker_client: Handle "invalid_scope" errors
  • Document limitations of transports for remote podman client
  • Remove github.com/docker/distribution/registry/client package
  • Log invalid and empty credential helper entries

v5.22.0

copy.Image can now copy non-image OCI artifacts.

Added support for sigstore signatures: they (and related cosign attachments) can be copied along with images after opt-in in registries.d. Signatures can be created by copy.Image and enforced via policy.json (currently with public/private key pairs only).

Now requires Go 1.17. GPGME now must be new enough to be visible via pkg-config.

github.com/pkg/errors is no longer used; that might affect caller-observable error types (in particular, errors.{As,Is} might need to be used instead of pkg/errors.Cause).

Changes default paths on FreeBSD.

  • Remove unused Makefile variables
  • Config files should live in /usr/local on FreeBSD
  • docker: validate received parts
  • Use go env to fetch the go path
  • docker: add workaround for CloudFront
  • Improve errors messages when image missing from list
  • Stop calling gpgme-config
  • Fix codespell errors
  • Make sure github.com/opencontainers/runc >= 1.1.2 is used
  • Cirrus: use Ubuntu 22.04 LTS
  • Merge pull request containers/image#1576 from mtrmac/private-image
  • Merge pull request containers/image#1577 from mtrmac/mocks
  • Merge pull request containers/image#1571 from mtrmac/go1.17
  • Merge pull request containers/image#1578 from mtrmac/sourced-image-struct
  • Fix error on parallel multiple image pullings with additionallayerstore
  • Merge pull request containers/image#1579 from mtrmac/copy-layers-refactor

... (truncated)

Commits
  • 3443821 Release v5.23.0
  • b5f2544 Update to github.com/opencontainers/image-spec@v1.1.0-rc1
  • 3a6e77d Merge pull request #1665 from containers/dependabot/go_modules/github.com/ope...
  • daa38a3 Merge pull request #1666 from containers/dependabot/go_modules/github.com/con...
  • f80ddc4 build(deps): bump github.com/containers/storage from 1.42.0 to 1.43.0
  • 739cef8 build(deps): bump github.com/opencontainers/selinux
  • 2c6464d Merge pull request #1664 from containers/dependabot/go_modules/github.com/kla...
  • 815b014 build(deps): bump github.com/klauspost/compress from 1.15.10 to 1.15.11
  • 62be088 Merge pull request #1662 from containers/dependabot/go_modules/github.com/doc...
  • a095a86 build(deps): bump github.com/docker/docker-credential-helpers
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #3360.