Bump github.com/containers/image/v5 from 5.10.1 to 5.25.0 #76

dependabot · 2023-04-10T16:58:05Z

Bumps github.com/containers/image/v5 from 5.10.1 to 5.25.0.

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.25.0

What's Changed

Release v5.24.0 by @mtrmac in containers/image#1814

fix(deps): update module github.com/theupdateframework/go-tuf to v0.5.2 by @renovate in containers/image#1815

Migrate from ghodss/yaml to gopkg.in/yaml.v3 by @mtrmac in containers/image#1818

build(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 by @dependabot in containers/image#1820

Add a more specific error message on invalid docker-config-in-OCI-image images by @mtrmac in containers/image#1822

Update to github.com/vbauerster/mpb/v8 by @mtrmac in containers/image#1821

Cirrus: Use human-readable CI VM Images by @cevich in containers/image#1817

Update to docker/docker v23.0.0 by @mtrmac in containers/image#1825

Update to Go 1.18 by @mtrmac in containers/image#1827

Update to golangci-lint 1.51.0 by @mtrmac in containers/image#1824

Update golang.org/x/exp digest to 46f607a by @renovate in containers/image#1829

Update module github.com/sylabs/sif/v2 to v2.9.1 by @renovate in containers/image#1830

Update module github.com/vbauerster/mpb/v8 to v8.1.6 by @renovate in containers/image#1831

Reconnecting blob reader by @mtrmac in containers/image#1816

manifest: introduce internal/manifest with private types and freeze public manifest.List by @flouthoc in containers/image#1791

fix(deps): update module golang.org/x/term to v0.5.0 by @renovate in containers/image#1833

fix(deps): update module github.com/opencontainers/selinux to v1.11.0 by @renovate in containers/image#1835

[CI:DOCS] Disable dependabot by @cevich in containers/image#1837

fix(deps): update module golang.org/x/crypto to v0.6.0 by @renovate in containers/image#1838

Run codespell on codebase by @rhatdan in containers/image#1841

fix(deps): update module golang.org/x/oauth2 to v0.5.0 by @renovate in containers/image#1840

fix(deps): update module github.com/docker/docker to v23.0.1+incompatible by @renovate in containers/image#1823

Remove a direct use of golang.org/x/net/http2 by @mtrmac in containers/image#1843

Merge pullSource tests as table driven format by @QiWang19 in containers/image#1826

Relax retry heuristics by @mtrmac in containers/image#1847

Simplify bodyReader.errorIfNotReconnecting by @mtrmac in containers/image#1850

Update letsencrypt/boulder after letsencrypt/boulder#6651 by @mtrmac in containers/image#1849

More warning fixes by @mtrmac in containers/image#1846

Merge release branch into main by @mtrmac in containers/image#1842

Update module github.com/sigstore/fulcio to v1.1.0 by @renovate in containers/image#1853

Make it clear that cleartext signatures are not accepted in simple signing by @mtrmac in containers/image#1854

Make some symbols in internal packages package-private by @mtrmac in containers/image#1855

distribution: remove use of deprecated dial.DualStack by @giuseppe in containers/image#1856

fix(deps): update module github.com/sylabs/sif/v2 to v2.9.2 by @renovate in containers/image#1857

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.2.0 by @renovate in containers/image#1858

Fix builds of the ostree transport by @mtrmac in containers/image#1860

[release-5.24] Backport retries heuristics updates by @mtrmac in containers/image#1859

Merge release branch into main by @mtrmac in containers/image#1861

fix(deps): update module github.com/sigstore/sigstore to v1.5.2 by @renovate in containers/image#1862

fix(deps): update module github.com/containers/storage to v1.45.4 by @renovate in containers/image#1863

fix(deps): update module github.com/stretchr/testify to v1.8.2 by @renovate in containers/image#1865

fix(deps): update module github.com/sylabs/sif/v2 to v2.10.0 by @renovate in containers/image#1864

fix(deps): update module github.com/klauspost/compress to v1.16.0 by @renovate in containers/image#1866

fix(deps): update module github.com/vbauerster/mpb/v8 to v8.2.1 by @renovate in containers/image#1868

manifest,zstd: give priority to zstd compressed images when pulling image from a manifest list by @flouthoc in containers/image#1789

client: enable HTTP(S) keep-alive by @giuseppe in containers/image#1867

fix(deps): update module github.com/sigstore/sigstore to v1.6.0 by @renovate in containers/image#1870

fix(deps): update module golang.org/x/term to v0.6.0 by @renovate in containers/image#1871

... (truncated)

Commits

b890221 Release v5.25.0
172b917 Merge pull request #1908 from rhatdan/VENDOR
7540fe9 Vendor in latest containers/storage
9ce8277 Merge pull request #1894 from mtrmac/drop-annotations
73dc790 Add FIXMEs about handling of zstd:chunked blob annotations on blob changes
94fecf6 Fix a repeated typo
f2575e0 Merge pull request #1903 from mtrmac/fulcio-issuer-v2
e3437f2 Merge pull request #1906 from containers/renovate/golang.org-x-exp-digest
848b5a4 fix(deps): update golang.org/x/exp digest to 10a5072
36736c1 Merge pull request #1904 from Jamstah/verify-with-multiple-fingerprints
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.10.1 to 5.25.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.10.1...v5.25.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 10, 2023

dependabot bot mentioned this pull request Apr 10, 2023

Bump github.com/containers/image/v5 from 5.10.1 to 5.24.2 #71

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/containers/image/v5 from 5.10.1 to 5.25.0 #76

Bump github.com/containers/image/v5 from 5.10.1 to 5.25.0 #76

dependabot bot commented on behalf of github Apr 10, 2023

Bump github.com/containers/image/v5 from 5.10.1 to 5.25.0 #76

Are you sure you want to change the base?

Bump github.com/containers/image/v5 from 5.10.1 to 5.25.0 #76

Conversation

dependabot bot commented on behalf of github Apr 10, 2023

v5.25.0

What's Changed