build(deps): bump the gomod group across 2 directories with 4 updates by dependabot[bot] · Pull Request #2240 · containerd/stargz-snapshotter

dependabot · 2026-02-09T23:45:18Z

Bumps the gomod group with 2 updates in the / directory: github.com/docker/cli and github.com/klauspost/compress.
Bumps the gomod group with 3 updates in the /cmd directory: github.com/klauspost/compress, github.com/bmatcuk/doublestar/v4 and github.com/coreos/go-systemd/v22.

Updates github.com/docker/cli from 29.1.5+incompatible to 29.2.1+incompatible

Commits

a5c7197 Merge pull request #6772 from thaJeztah/cleanup_testfile
435384f Merge pull request #6773 from thaJeztah/improve_mountopts
df3e923 opts: MountOpt: extract utility functions and don't set empty values
d781df8 opts: MountOpt: extract validation to a separate function
f35fb0f cli/command: TestGetDefaultAuthConfig: cleanup test file
fe1af92 opts: MountOpt: improve validation of boolean values
5de99e6 opts: MountOpt: improve validation for whitespace in values
9620e41 opts: MountOpt: improve validation for whitespace in options
e888a6e opts: remove outdated comment
b22f1ae Merge pull request #6771 from thaJeztah/allow_empty_target
Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.4

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.4

What's Changed

gzhttp: Add zstandard to server handler wrapper by @klauspost in klauspost/compress#1121

zstd: Add ResetWithOptions to encoder/decoder by @klauspost in klauspost/compress#1122

gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @analytically in klauspost/compress#1116

New Contributors

@analytically made their first contribution in klauspost/compress#1116

@ethaizone made their first contribution in klauspost/compress#1124

@zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
4a36836 doc: Clarify documentation in readme (#1125)
4309644 zstd: document concurrency option handling in encoder (#1124)
c262ec6 Update README.md
861ca97 Downstream CVE-2025-61728 (#1123)
03de960 gzhttp: Add zstandard to server handler wrapper (#1121)
bb1ab3b build(deps): bump the github-actions group with 2 updates (#1120)
986a51e fix(gzhttp): preserve qvalue when extra parameters follow in Accept-Encoding ...
fbe3b12 build(deps): bump the github-actions group with 3 updates (#1118)
Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.4

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.4

What's Changed

gzhttp: Add zstandard to server handler wrapper by @klauspost in klauspost/compress#1121

zstd: Add ResetWithOptions to encoder/decoder by @klauspost in klauspost/compress#1122

gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @analytically in klauspost/compress#1116

New Contributors

@analytically made their first contribution in klauspost/compress#1116

@ethaizone made their first contribution in klauspost/compress#1124

@zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
4a36836 doc: Clarify documentation in readme (#1125)
4309644 zstd: document concurrency option handling in encoder (#1124)
c262ec6 Update README.md
861ca97 Downstream CVE-2025-61728 (#1123)
03de960 gzhttp: Add zstandard to server handler wrapper (#1121)
bb1ab3b build(deps): bump the github-actions group with 2 updates (#1120)
986a51e fix(gzhttp): preserve qvalue when extra parameters follow in Accept-Encoding ...
fbe3b12 build(deps): bump the github-actions group with 3 updates (#1118)
Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.4

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.4

What's Changed

gzhttp: Add zstandard to server handler wrapper by @klauspost in klauspost/compress#1121

zstd: Add ResetWithOptions to encoder/decoder by @klauspost in klauspost/compress#1122

gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @analytically in klauspost/compress#1116

New Contributors

@analytically made their first contribution in klauspost/compress#1116

@ethaizone made their first contribution in klauspost/compress#1124

@zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
4a36836 doc: Clarify documentation in readme (#1125)
4309644 zstd: document concurrency option handling in encoder (#1124)
c262ec6 Update README.md
861ca97 Downstream CVE-2025-61728 (#1123)
03de960 gzhttp: Add zstandard to server handler wrapper (#1121)
bb1ab3b build(deps): bump the github-actions group with 2 updates (#1120)
986a51e fix(gzhttp): preserve qvalue when extra parameters follow in Accept-Encoding ...
fbe3b12 build(deps): bump the github-actions group with 3 updates (#1118)
Additional commits viewable in compare view

Updates github.com/bmatcuk/doublestar/v4 from 4.9.2 to 4.10.0

Release notes

Sourced from github.com/bmatcuk/doublestar/v4's releases.

Added WithNoHidden option

Added support for a WithNoHidden option to ignore hidden files in patterns that might unintentionally match them. For example, a .config directory would not be matched by * or recursed into by **, but would be matched by .* or recursed by .config/**.

Thanks to @lukasngl for the initial PR and idea!

What's Changed

feat: add WithNoHidden option to skip hidden files by @lukasngl in bmatcuk/doublestar#109

New Contributors

@lukasngl made their first contribution in bmatcuk/doublestar#109

Full Changelog: bmatcuk/doublestar@v4.9.2...v4.10.0

Commits

a9ad9e0 allow starting test manually
9987c0c update docs
d3b2184 windows support for WithNoHidden; better tests
5d6a6cd Merge branch 'lukasngl-feat/no-hidden'
e8319d2 run tests when a branch/tag is created
614b331 run tests when a branch/tag is created
df2e03f feat: add WithNoHidden option to skip hidden files
See full diff in compare view

Updates github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0

Release notes

Sourced from github.com/coreos/go-systemd/v22's releases.

v22.7.0

This release fixes an issue with multiple calls to (e.g.) StopUnit, simplifies and improves code and documentation, and adds a few new methods.

What's Changed

build(deps): bump actions/setup-go from 5 to 6 by @dependabot[bot] in coreos/go-systemd#473

Fixing error on negative value of LISTEN_FDS by @vporoshok in coreos/go-systemd#472

Misc error reporting improvements by @kolyshkin in coreos/go-systemd#475

daemon: add SdNotifyMonotonicUsec helper function by @corhere in coreos/go-systemd#435

build(deps): bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in coreos/go-systemd#481

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in coreos/go-systemd#483

dbus: fix TestSetUnitProperties wrt systemd >= 252 by @kolyshkin in coreos/go-systemd#489

Sync repo templates ⚙ by @coreosbot-releng in coreos/go-systemd#486

unit: simplify escape character by @huww98 in coreos/go-systemd#485

machine1: add missing close method to conn. by @maartensson in coreos/go-systemd#487

subscription: Added context cancellation and sync to subscription set by @NotSoFancyName in coreos/go-systemd#480

ci: improvements by @kolyshkin in coreos/go-systemd#490

import1: add missing close method to conn by @maartensson in coreos/go-systemd#492

sdjournal: fix copyrights by @kolyshkin in coreos/go-systemd#499

activation: simplify ListenersWithNames by @kolyshkin in coreos/go-systemd#498

dbus: allow multiple calls for the same unit to *Unit by @haircommander in coreos/go-systemd#496

Documentation nits by @kolyshkin in coreos/go-systemd#500

dbus: dedup result conversion code by @kolyshkin in coreos/go-systemd#493

add FilesWithNames() to activation by @MayCXC in coreos/go-systemd#497

Add support for transient units with auxiliary units by @gwenya in coreos/go-systemd#495

activation: stub out for plan9 by @flokli in coreos/go-systemd#440

New Contributors

@vporoshok made their first contribution in coreos/go-systemd#472

@corhere made their first contribution in coreos/go-systemd#435

@huww98 made their first contribution in coreos/go-systemd#485

@maartensson made their first contribution in coreos/go-systemd#487

@haircommander made their first contribution in coreos/go-systemd#496

@MayCXC made their first contribution in coreos/go-systemd#497

@gwenya made their first contribution in coreos/go-systemd#495

@flokli made their first contribution in coreos/go-systemd#440

Full Changelog: coreos/go-systemd@v22.6.0...v22.7.0

Commits

4dc4ee6 activation: stub out for plan9
8f5a75c dbus: add StartTransientUnitAux for starting transient units with auxiliary u...
9211a7b activation: add FilesWithNames()
2c3ebed dbus: dedup result conversion code
aac8e00 unit: fix Deserialize deprecation notice
d4795ce Fix doc references
abb50b3 dbus: allow multiple calls for the same unit to *Unit
27f6bea activation: simplify ListenersWithNames
e615438 sdjournal: fix copyrights
d25876d import1: add missing close method to conn
Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.4

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.4

What's Changed

gzhttp: Add zstandard to server handler wrapper by @klauspost in klauspost/compress#1121

zstd: Add ResetWithOptions to encoder/decoder by @klauspost in klauspost/compress#1122

gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @analytically in klauspost/compress#1116

New Contributors

@analytically made their first contribution in klauspost/compress#1116

@ethaizone made their first contribution in klauspost/compress#1124

@zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
4a36836 doc: Clarify documentation in readme (#1125)
4309644 zstd: document concurrency option handling in encoder (#1124)
c262ec6 Update README.md
861ca97 Downstream CVE-2025-61728 (#1123)
03de960 gzhttp: Add zstandard to server handler wrapper (#1121)
bb1ab3b build(deps): bump the github-actions group with 2 updates (#1120)
986a51e fix(gzhttp): preserve qvalue when extra parameters follow in Accept-Encoding ...
fbe3b12 build(deps): bump the github-actions group with 3 updates (#1118)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gomod group with 2 updates in the / directory: [github.com/docker/cli](https://github.com/docker/cli) and [github.com/klauspost/compress](https://github.com/klauspost/compress). Bumps the gomod group with 3 updates in the /cmd directory: [github.com/klauspost/compress](https://github.com/klauspost/compress), [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) and [github.com/coreos/go-systemd/v22](https://github.com/coreos/go-systemd). Updates `github.com/docker/cli` from 29.1.5+incompatible to 29.2.1+incompatible - [Commits](docker/cli@v29.1.5...v29.2.1) Updates `github.com/klauspost/compress` from 1.18.3 to 1.18.4 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.3...v1.18.4) Updates `github.com/klauspost/compress` from 1.18.3 to 1.18.4 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.3...v1.18.4) Updates `github.com/klauspost/compress` from 1.18.3 to 1.18.4 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.3...v1.18.4) Updates `github.com/bmatcuk/doublestar/v4` from 4.9.2 to 4.10.0 - [Release notes](https://github.com/bmatcuk/doublestar/releases) - [Commits](bmatcuk/doublestar@v4.9.2...v4.10.0) Updates `github.com/coreos/go-systemd/v22` from 22.6.0 to 22.7.0 - [Release notes](https://github.com/coreos/go-systemd/releases) - [Commits](coreos/go-systemd@v22.6.0...v22.7.0) Updates `github.com/klauspost/compress` from 1.18.3 to 1.18.4 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.3...v1.18.4) --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.2.1+incompatible dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/klauspost/compress dependency-version: 1.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/klauspost/compress dependency-version: 1.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/klauspost/compress dependency-version: 1.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/bmatcuk/doublestar/v4 dependency-version: 4.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/coreos/go-systemd/v22 dependency-version: 22.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/klauspost/compress dependency-version: 1.18.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 9, 2026

dependabot bot force-pushed the dependabot/go_modules/gomod-ee7b54dcca branch from 3cba126 to e18ba3f Compare February 16, 2026 20:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the gomod group across 2 directories with 4 updates#2240

build(deps): bump the gomod group across 2 directories with 4 updates#2240
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/gomod-ee7b54dcca

dependabot bot commented on behalf of github Feb 9, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Feb 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v1.18.4

What's Changed

New Contributors

v1.18.4

What's Changed

New Contributors

v1.18.4

What's Changed

New Contributors

Added WithNoHidden option

What's Changed

New Contributors

v22.7.0

What's Changed

New Contributors

v1.18.4

What's Changed

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Feb 9, 2026 •

edited

Loading