Bump github.com/containers/image/v5 from 5.34.0 to 5.36.0 #2687

dependabot · 2025-07-21T01:51:14Z

Bumps github.com/containers/image/v5 from 5.34.0 to 5.36.0.

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.36.0

What's Changed

Bump c/storage to v1.58.0, c/image to v5.35.0 by @TomSweeneyRedHat in containers/image#2828

chore(deps): update dependency golangci/golangci-lint to v2.1.2 by @renovate[bot] in containers/image#2827

fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.28 by @renovate[bot] in containers/image#2829

fix(deps): update module github.com/docker/docker to v28.1.0+incompatible by @renovate[bot] in containers/image#2834

fix(deps): update module github.com/docker/cli to v28.1.0+incompatible by @renovate[bot] in containers/image#2833

fix(deps): update module github.com/docker/cli to v28.1.1+incompatible by @renovate[bot] in containers/image#2836

fix(deps): update module github.com/docker/docker to v28.1.1+incompatible by @renovate[bot] in containers/image#2835

chore(deps): update dependency containers/automation_images to v20250422 by @renovate[bot] in containers/image#2839

chore(deps): update dependency golangci/golangci-lint to v2.1.5 by @renovate[bot] in containers/image#2840

fix(deps): update module github.com/sigstore/sigstore to v1.9.4 by @renovate[bot] in containers/image#2842

chore(deps): update dependency golangci/golangci-lint to v2.1.6 by @renovate[bot] in containers/image#2846

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.0 by @renovate[bot] in containers/image#2845

fix(deps): update module golang.org/x/oauth2 to v0.30.0 by @renovate[bot] in containers/image#2847

fix(deps): update module golang.org/x/sync to v0.14.0 by @renovate[bot] in containers/image#2848

fix(deps): update module golang.org/x/term to v0.32.0 by @renovate[bot] in containers/image#2850

fix(deps): update module golang.org/x/crypto to v0.38.0 by @renovate[bot] in containers/image#2849

fix(deps): update module dario.cat/mergo to v1.0.2 by @renovate[bot] in containers/image#2851

vendor: update c/storage by @giuseppe in containers/image#2844

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.1 by @renovate[bot] in containers/image#2853

Update old indirect dependencies by @mtrmac in containers/image#2787

Stop setting the btrfs_noversion build tag by @mtrmac in containers/image#2831

fix(deps): update module github.com/santhosh-tekuri/jsonschema/v6 to v6.0.2 by @renovate[bot] in containers/image#2855

fix(deps): update module github.com/docker/docker to v28.2.1+incompatible by @renovate[bot] in containers/image#2859

fix(deps): update module github.com/docker/cli to v28.2.1+incompatible by @renovate[bot] in containers/image#2858

fix(deps): update module github.com/docker/docker to v28.2.2+incompatible by @renovate[bot] in containers/image#2862

fix(deps): update module github.com/docker/cli to v28.2.2+incompatible by @renovate[bot] in containers/image#2861

INCOMPATIBLE: Remove the implementation of the ostree transport by @mtrmac in containers/image#2821

Only upload sigstore signatures to the sigstore tag schema by @mtrmac in containers/image#2717

Update old dependencies by @mtrmac in containers/image#2863

fix(deps): update github.com/containers/storage digest to 78f4258 by @renovate[bot] in containers/image#2864

Queue a partially-pulled layer for commit immediately after staging it by @mtrmac in containers/image#2799

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.10.2 by @renovate[bot] in containers/image#2865

fix(deps): update module golang.org/x/sync to v0.15.0 by @renovate[bot] in containers/image#2866

fix(deps): update module golang.org/x/crypto to v0.39.0 by @renovate[bot] in containers/image#2867

fix(deps): update module github.com/sigstore/sigstore to v1.9.5 by @renovate[bot] in containers/image#2871

fix(deps): update module go.etcd.io/bbolt to v1.4.1 by @renovate[bot] in containers/image#2870

fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.8 by @renovate[bot] in containers/image#2872

Regenerate keys TestKeyFingerprintWithPassphrase and TestKeyFingerprint by @mtrmac in containers/image#2875

fix(deps): update module github.com/docker/docker to v28.3.0+incompatible by @renovate[bot] in containers/image#2880

fix(deps): update module github.com/docker/cli to v28.3.0+incompatible by @renovate[bot] in containers/image#2879

CI: run tests that need root as root by @Luap99 in containers/image#2878

remove containers_image_{fulcio_stub,rekor_stub} build tags by @Luap99 in containers/image#2881

Replace sigstore/rekor/pkg/client with a manually-created client by @Luap99 in containers/image#2873

Update module go.etcd.io/bbolt to v1.4.2 by @renovate[bot] in containers/image#2882

Update the Rekor client to match Rekor 1.3.10 by @mtrmac in containers/image#2884

Update dependency golangci/golangci-lint to v2.2.1 by @renovate[bot] in containers/image#2885

Update github.com/containers/storage digest to 83650ab by @renovate[bot] in containers/image#2886

Update module github.com/docker/docker to v28.3.1+incompatible by @renovate[bot] in containers/image#2889

... (truncated)

Commits

08ce6b4 Bump to c/image v5.36.0
b5e2b66 Bump to c/storage v1.59.0
9e95082 Merge pull request #2898 from containers/renovate/golangci-golangci-lint-2.x
70d266a Update dependency golangci/golangci-lint to v2.2.2
ccfad4e Merge pull request #2897 from containers/renovate/golang.org-x-crypto-0.x
2b0ee9e Update module golang.org/x/crypto to v0.40.0
e412678 Merge pull request #2896 from mtrmac/simplesequoia-stub
6b65ae3 Add a new Signer API for creating simple signing signatures with Sequoia-PGP
d9a97d8 Merge pull request #2894 from containers/renovate/github.com-docker-docker-28.x
8a4cfcb Update module github.com/docker/docker to v28.3.2+incompatible
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

hellt · 2025-07-23T07:48:57Z

@dependabot rebase

Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.34.0 to 5.36.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.34.0...v5.36.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-version: 5.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-08-11T02:12:03Z

Superseded by #2754.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 21, 2025

dependabot bot mentioned this pull request Jul 21, 2025

Bump github.com/containers/image/v5 from 5.34.0 to 5.35.0 #2557

Closed

dependabot bot force-pushed the dependabot/go_modules/github.com/containers/image/v5-5.36.0 branch from 82eb651 to fa2cf7e Compare July 22, 2025 08:03

dependabot bot force-pushed the dependabot/go_modules/github.com/containers/image/v5-5.36.0 branch 3 times, most recently from 6f5845c to 8c54625 Compare July 23, 2025 09:00

dependabot bot force-pushed the dependabot/go_modules/github.com/containers/image/v5-5.36.0 branch from 8c54625 to 0fb173e Compare July 28, 2025 14:22

dependabot bot closed this Aug 11, 2025

dependabot bot deleted the dependabot/go_modules/github.com/containers/image/v5-5.36.0 branch August 11, 2025 02:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump github.com/containers/image/v5 from 5.34.0 to 5.36.0 #2687

Bump github.com/containers/image/v5 from 5.34.0 to 5.36.0 #2687

Uh oh!

dependabot bot commented on behalf of github Jul 21, 2025 •

edited

Loading

Uh oh!

hellt commented Jul 23, 2025

Uh oh!

dependabot bot commented on behalf of github Aug 11, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump github.com/containers/image/v5 from 5.34.0 to 5.36.0 #2687

Bump github.com/containers/image/v5 from 5.34.0 to 5.36.0 #2687

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 21, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.36.0

What's Changed

Uh oh!

hellt commented Jul 23, 2025

Uh oh!

dependabot bot commented on behalf of github Aug 11, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Jul 21, 2025 •

edited

Loading