search

xeol-io / xeol

A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
https://www.xeol.io/
Apache License 2.0
348 stars 21 forks source link

Bump github.com/docker/docker from 27.1.1+incompatible to 27.3.1+incompatible #426

Closed dependabot[bot] closed 1 week ago

dependabot[bot] commented 2 weeks ago

Bumps github.com/docker/docker from 27.1.1+incompatible to 27.3.1+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v27.3.1

27.3.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • CLI: Fix issue with command execution metrics not being exported due to the CLI MeterProvider being shutdown too early. docker/cli#5457

Packaging updates

v27.3.0

27.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • containerd image store: Fix docker image prune -a untagging images used by containers started from images referenced by a digested reference. moby/moby#48488
  • Add a --feature flag to the daemon options. moby/moby#48487
  • Updated the handling of the --gpus=0 flag to be consistent with the NVIDIA Container Runtime. moby/moby#48483 (docker/cli#5432)
  • Support WSL2 mirrored-mode networking's use of interface loopback0 for packets from the Windows host. moby/moby#48514
  • Fix an issue that prevented communication between containers on an IPv4 bridge network when running with --iptables=false, --ip6tables=true (the default), a firewall with a DROP rule for forwarded packets on hosts where the br_netfilter kernel module was not normally loaded. moby/moby#48511
  • CLI: Fix issue where docker volume update command would cause the CLI to panic if no argument/volume was passed. docker/cli#5426
  • docker/cli#5432

Packaging updates

v27.3.0-rc.2

27.3.0-rc.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

... (truncated)

Commits
  • 41ca978 Merge pull request #48525 from thaJeztah/27.x_backport_govulncheck_permissions
  • a6b772b gha: govulncheck: make sure read permissions are set
  • 856359c Merge pull request #48514 from robmry/backport-27.x/wsl2_mirrored_loopback0_w...
  • cd21af7 Do not DNAT packets from WSL2's loopback0
  • 8516f3b Merge pull request #48510 from thaJeztah/27.x_backport_bump_buildx_compose
  • 3a7779a Merge pull request #48511 from robmry/backport-27.x/48375_bridge_netfiltering
  • 5c499fc Only enable bridge netfiltering when needed
  • 98f24aa Merge pull request #48506 from thaJeztah/27.x_backport_man_dockerd_logformat
  • 8adc8e4 Dockerfile: update compose to v2.29.4
  • 576fc88 Dockerfile: update buildx to v0.17.1
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 week ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.