Commit 03544bc
authored
build(deps): bump github.com/cyphar/filepath-securejoin from 0.3.4 to 0.3.5 (#27)
Bumps
[github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin)
from 0.3.4 to 0.3.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cyphar/filepath-securejoin/releases">github.com/cyphar/filepath-securejoin's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.5</h2>
<p>This release primarily includes a fix for an issue involving two
programs racing to MkdirAll the same directory, which caused a
regression with BuildKit.</p>
<ul>
<li><code>MkdirAll</code> will now no longer return an
<code>EEXIST</code> error if two racing
processes are creating the same directory. We will still verify that the
path
is a directory, but this will avoid spurious errors when multiple
threads or
programs are trying to <code>MkdirAll</code> the same path. <a
href="https://redirect.github.com/opencontainers/runc/issues/4543">opencontainers/runc#4543</a></li>
</ul>
<p>Signed-off-by: Aleksa Sarai <a
href="mailto:[email protected]">[email protected]</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md">github.com/cyphar/filepath-securejoin's
changelog</a>.</em></p>
<blockquote>
<h2>[0.3.5] - 2024-12-06</h2>
<h3>Fixed</h3>
<ul>
<li><code>MkdirAll</code> will now no longer return an
<code>EEXIST</code> error if two racing
processes are creating the same directory. We will still verify that the
path
is a directory, but this will avoid spurious errors when multiple
threads or
programs are trying to <code>MkdirAll</code> the same path. <a
href="https://redirect.github.com/opencontainers/runc/issues/4543">opencontainers/runc#4543</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/e60739b5beec9fd7914beb37ec37436341b45d44"><code>e60739b</code></a>
VERSION: release v0.3.5</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/bf13132ee0c45881d80c626572198e35d29ed3aa"><code>bf13132</code></a>
deps: update to golang.org/x/[email protected]</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/d9a53cf081876410214a9dafc4734b11d7c73f77"><code>d9a53cf</code></a>
merge <a
href="https://redirect.github.com/cyphar/filepath-securejoin/issues/35">#35</a>
into cyphar/filepath-securejoin:main</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/31cb517221071c5d279457456abee145f5836c89"><code>31cb517</code></a>
mkdir: add racing MkdirAll test</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/72283a06ea338e4fc42a83999928f15890c346b7"><code>72283a0</code></a>
mkdir: do not error out with -EEXIST for racing MkdirAlls</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/f5bd631d0c26aa017e57a05d0638390b7b6d3abf"><code>f5bd631</code></a>
gha: bump go test timeout to 30m</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/17264db7e6783eaabdddc20d34bf5293b38ba48f"><code>17264db</code></a>
merge <a
href="https://redirect.github.com/cyphar/filepath-securejoin/issues/33">#33</a>
into cyphar/filepath-securejoin:main</li>
<li><a
href="https://github.com/cyphar/filepath-securejoin/commit/fb7116a30e4ca31b9c9596478f21a10800583bca"><code>fb7116a</code></a>
VERSION: back to development</li>
<li>See full diff in <a
href="https://github.com/cyphar/filepath-securejoin/compare/v0.3.4...v0.3.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>2 files changed
+6
-6
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
3 | 3 | | |
4 | 4 | | |
5 | 5 | | |
6 | | - | |
| 6 | + | |
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
10 | 10 | | |
11 | | - | |
| 11 | + | |
12 | 12 | | |
13 | 13 | | |
14 | 14 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
11 | 11 | | |
12 | 12 | | |
13 | 13 | | |
14 | | - | |
15 | | - | |
| 14 | + | |
| 15 | + | |
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
| |||
87 | 87 | | |
88 | 88 | | |
89 | 89 | | |
90 | | - | |
91 | | - | |
| 90 | + | |
| 91 | + | |
92 | 92 | | |
93 | 93 | | |
94 | 94 | | |
| |||
0 commit comments