Skip to content

chore(deps): bump the all-dependencies group across 1 directory with 13 updates#2080

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-dependencies-4782522d2a
Open

chore(deps): bump the all-dependencies group across 1 directory with 13 updates#2080
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-dependencies-4782522d2a

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026
edited
Loading

Bumps the all-dependencies group with 8 updates in the / directory:

Package From To
github.com/docker/cli 28.5.1+incompatible 29.2.0+incompatible
github.com/docker/docker 28.5.1+incompatible 28.5.2+incompatible
github.com/hashicorp/go-getter 1.8.3 1.8.4
github.com/moby/buildkit 0.25.1 0.27.1
github.com/morikuni/aec 1.0.0 1.1.0
github.com/olekukonko/tablewriter 1.1.0 1.1.3
github.com/onsi/ginkgo/v2 2.27.2 2.28.1
github.com/schollz/progressbar/v3 3.18.0 3.19.0

Updates github.com/docker/cli from 28.5.1+incompatible to 29.2.0+incompatible

Commits
  • 0b9d198 Merge pull request #6764 from vvoland/update-docker
  • 9c9ec73 vendor: github.com/moby/moby/client v0.2.2
  • bab3e81 vendor: github.com/moby/moby/api v1.53.0
  • 2e64fc1 Merge pull request #6367 from thaJeztah/template_slicejoin
  • 1f2ba2a Merge pull request #6760 from thaJeztah/container_create_fix_error
  • e34a342 templates: make "join" work with non-string slices and map values
  • a86356d Merge pull request #6763 from thaJeztah/bump_mapstructure
  • 771660a vendor: github.com/go-viper/mapstructure/v2 v2.5.0
  • 9cff36b Merge pull request #6762 from thaJeztah/bump_x_deps
  • 08ed2bc cli/command/container: make injecting config.json failures a warning
  • Additional commits viewable in compare view

Updates github.com/docker/docker from 28.5.1+incompatible to 28.5.2+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.5.2

28.5.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

[!CAUTION] This release contains fixes for three high-severity security vulnerabilities in runc:

All three vulnerabilities ultimately allow (through different methods) for full container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files.

Packaging updates

Bug fixes and enhancements

Deprecations

  • Go-SDK: cli/command/image/build: deprecate DefaultDockerfileName, DetectArchiveReader, WriteTempDockerfile, ResolveAndValidateContextPath. These utilities were only used internally and will be removed in the next release. docker/cli#6610
  • Go-SDK: cli/command/image/build: deprecate IsArchive utility. docker/cli#6560
  • Go-SDK: opts: deprecate ValidateMACAddress. docker/cli#6560
  • Go-SDK: opts: deprecate ListOpts.Delete(). docker/cli#6560
Commits
  • 89c5e8f Merge pull request #51396 from thaJeztah/28.x_backport_api_docs
  • 9b93878 Merge pull request #51395 from thaJeztah/28.x_backport_rootless_reject
  • 6178456 Merge pull request #51398 from vvoland/51397-28.x
  • 0cae4e5 vendor: github.com/moby/buildkit v0.25.2
  • 33cc06f Merge pull request #51394 from vvoland/51393-28.x
  • d525277 api/docs: remove BuildCache.Parent field for API v1.42 and up
  • 2fbc51b dockerd-rootless.sh: reject DOCKERD_ROOTLESS_ROOTLESSKIT_NET=host
  • bd98008 integration-cli: Adjust nofile limits
  • 1967515 Dockerfile: update runc binary to v1.3.3
  • 4489660 Merge pull request #51387 from thaJeztah/28.x_bump_go
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.8.3 to 1.8.4

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.8.4

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.8.3...v1.8.4

Commits
  • 576ab86 [chore] : Bump the go group across 1 directory with 12 updates (#575)
  • efec2db Merge pull request #574 from hashicorp/dependabot/github_actions/actions-36c6...
  • 7ccb947 [chore] : Bump the actions group across 1 directory with 6 updates
  • 228ad65 fix: allow downloading S3 files from MinIO over http (#570)
  • 5cb8b18 Merge pull request #567 from hashicorp/dependabot/github_actions/actions-92ca...
  • f358fa6 Merge pull request #571 from hashicorp/compliance/update-headers
  • 376d40c [COMPLIANCE] Update Copyright and License Headers
  • 9d34fba [chore] : Bump the actions group across 1 directory with 3 updates
  • fd63a33 Merge pull request #566 from hashicorp/compliance/update-headers
  • ac8218d [COMPLIANCE] Update Copyright and License Headers
  • Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.25.1 to 0.27.1

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.27.1

Welcome to the v0.27.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • CrazyMax
  • Sebastiaan van Stijn
  • Tõnis Tiigi

Notable Changes

Dependency Changes

  • github.com/klauspost/compress v1.18.2 -> v1.18.3
  • github.com/moby/policy-helpers 9fcc1a9ec5c9 -> eeebf1a0ab2b

Previous release can be found at v0.27.0

v0.27.0

buildkit 0.27.0

Welcome to the v0.27.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi
  • CrazyMax
  • Akihiro Suda
  • Sebastiaan van Stijn
  • Justin Chadwell
  • Jonathan A. Sternberg
  • David Karlsson
  • Dawei Wei
  • Natnael Gebremariam
  • Aleksandr Karpinskii
  • Amr Mahdi
  • Brian Goff
  • Joyal George K J

... (truncated)

Commits
  • 5fbebf9 Merge pull request #6497 from crazy-max/v0.27_picks_v0.27.1
  • 6f52322 vendor: github.com/klauspost/compress v1.18.3
  • 4651691 vendor: update moby/policy-helpers to eeebf1a
  • 2bcd66d Merge pull request #6482 from tonistiigi/v0.27-picks-2
  • 6c53e9e forwarder: fix concurrent map write panic in the gateway forwarder
  • 64bc21a Merge pull request #6479 from tonistiigi/v0.27-picks
  • 6f380e6 vendor: align google.golang.org/genproto/xxx versions
  • a9c91f7 vendor: update go-actions-cache to 54bc28c2
  • b2fc80e Merge pull request #6473 from tonistiigi/attestation-index-error
  • a50e8a1 source: avoid error when attestation asked from non-index
  • Additional commits viewable in compare view

Updates github.com/morikuni/aec from 1.0.0 to 1.1.0

Release notes

Sourced from github.com/morikuni/aec's releases.

v1.1.0

What's Changed

New Contributors

Full Changelog: morikuni/aec@v1.0.0...v1.1.0

Commits
  • ea8ec34 Merge pull request #6 from morikuni/add-go-mod
  • 8c1fc2a Add go.mod
  • b7ec452 Merge pull request #5 from ndeloof/sco_dec
  • ef8a0ba send both SCO and DEC proprietary sequence for terminal compatibility
  • See full diff in compare view

Updates github.com/olekukonko/tablewriter from 1.1.0 to 1.1.3

Commits
  • ce018e6 fix read me update version
  • e3130fb Merge pull request #309 from olekukonko/narrow
  • 975f050 update ll
  • d4923d8 add more emoji & unicode test #308
  • c8c2b21 separate tint
  • 7097b13 Fix ForceNarrowBorders for generates long strings of border characters - Upda...
  • d02c460 revert go mod to go 1.21 and update dependencies to avoid breaking changes
  • dd95aca add clarity
  • ca4e3ac clearer environment debugging information
  • b31b038 use auto detection as default
  • Additional commits viewable in compare view

Updates github.com/onsi/ginkgo/v2 from 2.27.2 to 2.28.1

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.1

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

v2.27.3

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

2.27.3

Fixes

report exit result in case of failure [1c9f356] fix data race [ece19c8]

Commits

Updates github.com/onsi/gomega from 1.38.2 to 1.39.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits
  • 49561ad v1.39.0
  • 8f7f425 document MatchErrorStrictly
  • bae643d add matcher relecting errors.Is behavior
  • a3ca2ca v1.38.3
  • 4dada36 fix failing have http tests
  • d40c691 make string formatitng more consistent for users who use format.Object directly
  • 2a37b46 doc: fix typos
  • ee26170 docs: fix HaveValue example
  • cc85c05 Bump actions/setup-go from 5 to 6 (#866)
  • 8905788 Bump github.com/onsi/ginkgo/v2 from 2.25.1 to 2.25.3 (#865)
  • Additional commits viewable in compare view

Updates github.com/schollz/progressbar/v3 from 3.18.0 to 3.19.0

Release notes

Sourced from github.com/schollz/progressbar/v3's releases.

v3.19.0

What's Changed

New Contributors

Full Changelog: schollz/progressbar@v3.18.0...v3.19.0

Commits
  • 56ad4a7 Merge pull request #216 from goncalogdomingo/main
  • dae95ef Merge pull request #226 from polymorcodeus/mart1082/optsetcustomcolor
  • 0ec6061 Merge pull request #223 from bitlux/bitlux/unused
  • f13fb15 Merge pull request #218 from mrkbac/fix-reader-close
  • 472b188 Merge pull request #221 from yevk/main
  • 57f6968 Added OptionSetCustomColorCodes to pass in custom color codes.
  • 655d41e Merge pull request #220 from mengshengwu/fix-windows-progressbar-flickering
  • 533e284 Merge pull request #225 from schollz/fix/describe
  • 914e511 fix: add describe solution
  • 5692e00 fix: allow progressbar to be updated afterwards
  • Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits
  • b61f268 Merge pull request #1472 from goldlinker/master
  • 15c29db refactor: replace the deprecated function in the ioutil package
  • cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
  • 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
  • d916819 Merge pull request #1427 from dolmen/fix-testify-usage
  • 135e482 README: small touch-ups
  • 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
  • 877ecec README: remove travis badge
  • 55cf256 Merge pull request #1393 from jsoref/grammar
  • 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.45.0 to 0.47.0

Commits
  • 506e022 go.mod: update golang.org/x dependencies
  • 7dacc38 chacha20poly1305: error out in fips140=only mode
  • 19acf81 go.mod: update golang.org/x dependencies
  • 3a1c6b4 x509roots/fallback: update bundle
  • f4602e4 ssh/agent: fix flaky test by ensuring a writeable home directory
  • See full diff in compare view

Updates golang.org/x/sync from 0.18.0 to 0.19.0

Commits

Updates golang.org/x/term from 0.37.0 to 0.39.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 1, 2026
@dependabot dependabot bot requested a review from gaocegege as a code owner February 1, 2026 03:22
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 1, 2026
@dependabot dependabot bot force-pushed the dependabot/go_modules/all-dependencies-4782522d2a branch from 0e89b1a to 62c6bc0 Compare February 26, 2026 02:31
@dependabot
chore(deps): bump the all-dependencies group across 1 directory with …
4dfdbc9 
…13 updates

Bumps the all-dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/cli](https://github.com/docker/cli) | `28.5.1+incompatible` | `29.2.0+incompatible` |
| [github.com/docker/docker](https://github.com/docker/docker) | `28.5.1+incompatible` | `28.5.2+incompatible` |
| [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) | `1.8.3` | `1.8.4` |
| [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.25.1` | `0.27.1` |
| [github.com/morikuni/aec](https://github.com/morikuni/aec) | `1.0.0` | `1.1.0` |
| [github.com/olekukonko/tablewriter](https://github.com/olekukonko/tablewriter) | `1.1.0` | `1.1.3` |
| [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) | `2.27.2` | `2.28.1` |
| [github.com/schollz/progressbar/v3](https://github.com/schollz/progressbar) | `3.18.0` | `3.19.0` |



Updates `github.com/docker/cli` from 28.5.1+incompatible to 29.2.0+incompatible
- [Commits](docker/cli@v28.5.1...v29.2.0)

Updates `github.com/docker/docker` from 28.5.1+incompatible to 28.5.2+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v28.5.1...v28.5.2)

Updates `github.com/hashicorp/go-getter` from 1.8.3 to 1.8.4
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Commits](hashicorp/go-getter@v1.8.3...v1.8.4)

Updates `github.com/moby/buildkit` from 0.25.1 to 0.27.1
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](moby/buildkit@v0.25.1...v0.27.1)

Updates `github.com/morikuni/aec` from 1.0.0 to 1.1.0
- [Release notes](https://github.com/morikuni/aec/releases)
- [Commits](morikuni/aec@v1.0.0...v1.1.0)

Updates `github.com/olekukonko/tablewriter` from 1.1.0 to 1.1.3
- [Release notes](https://github.com/olekukonko/tablewriter/releases)
- [Commits](olekukonko/tablewriter@v1.1.0...v1.1.3)

Updates `github.com/onsi/ginkgo/v2` from 2.27.2 to 2.28.1
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.27.2...v2.28.1)

Updates `github.com/onsi/gomega` from 1.38.2 to 1.39.0
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](onsi/gomega@v1.38.2...v1.39.0)

Updates `github.com/schollz/progressbar/v3` from 3.18.0 to 3.19.0
- [Release notes](https://github.com/schollz/progressbar/releases)
- [Commits](schollz/progressbar@v3.18.0...v3.19.0)

Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](sirupsen/logrus@v1.9.3...v1.9.4)

Updates `golang.org/x/crypto` from 0.45.0 to 0.47.0
- [Commits](golang/crypto@v0.45.0...v0.47.0)

Updates `golang.org/x/sync` from 0.18.0 to 0.19.0
- [Commits](golang/sync@v0.18.0...v0.19.0)

Updates `golang.org/x/term` from 0.37.0 to 0.39.0
- [Commits](golang/term@v0.37.0...v0.39.0)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-version: 29.2.0+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: github.com/docker/docker
  dependency-version: 28.5.2+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: github.com/moby/buildkit
  dependency-version: 0.27.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/morikuni/aec
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/olekukonko/tablewriter
  dependency-version: 1.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/onsi/gomega
  dependency-version: 1.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/schollz/progressbar/v3
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: golang.org/x/sync
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: golang.org/x/term
  dependency-version: 0.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/all-dependencies-4782522d2a branch from 62c6bc0 to 4dfdbc9 Compare March 2, 2026 02:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gaocegege gaocegege Awaiting requested review from gaocegege gaocegege is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants