Skip to content

chore(deps): bump the go_modules group across 1 directory with 3 updates #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the go_modules group across 1 directory with 3 updates #132

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 12, 2026

Bumps the go_modules group with 2 updates in the / directory: github.com/containerd/containerd and github.com/opencontainers/selinux.

Updates github.com/containerd/containerd from 1.7.23 to 1.7.29

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.29

Welcome to the v1.7.29 release of containerd!

The twenty-ninth patch release for containerd 1.7 contains various fixes and updates including security patches.

Security Updates

Highlights

Image Distribution

  • Update differ to handle zstd media types (#12018)

Runtime

  • Update runc binary to v1.3.3 (#12480)
  • Fix lost container logs from quickly closing io (#12375)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Phil Estes
  • Austin Vazquez
  • Sebastiaan van Stijn
  • ningmingxiao
  • Maksym Pavlenko
  • StepSecurity Bot
  • wheat2018

Changes

... (truncated)

Commits
  • 442cb34 Merge commit from fork
  • e5cb6dd Merge commit from fork
  • 9772966 Merge pull request #12486 from dmcgowan/prepare-v1.7.29
  • 1fc2daa Prepare release notes for v1.7.29
  • 93f710a Merge pull request #12480 from k8s-infra-cherrypick-robot/cherry-pick-12475-t...
  • 68d04be Merge pull request #12471 from austinvazquez/1_7_update_ci_go_and_images
  • 3f5f9f8 runc: Update runc binary to v1.3.3
  • 667409f ci: bump Go 1.24.9, 1.25.3
  • 294f8c0 Update GHA runners to use latest images for basic binaries build
  • cf66b41 Update GHA runners to use latest image for most jobs
  • Additional commits viewable in compare view

Updates github.com/opencontainers/selinux from 1.12.0 to 1.13.0

Release notes

Sourced from github.com/opencontainers/selinux's releases.

v1.13.0

What's Changed

Full Changelog: opencontainers/selinux@v1.12.0...v1.13.0

Commits
  • 4be9937 Merge pull request #237 from cyphar/selinux-safe-procfs
  • c8cfa6f selinux: migrate to pathrs-lite procfs API
  • f2424d8 Merge pull request #236 from kolyshkin/modernize-ci
  • 648ce7f ci: add go 1.25
  • 916cab9 ci: bump golangci-lint to v2.5
  • b42e5c8 all: format sources with latest gofumpt
  • 74393ea Merge pull request #235 from cyphar/fix-keyring-err-check
  • 6ec194b keyring: fix typo in EACCES check
  • 879a755 Merge pull request #234 from opencontainers/dependabot/github_actions/actions...
  • 3c1bd9a build(deps): bump actions/setup-go from 5 to 6
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.38.0 to 0.40.0

Commits
  • 459a9db go.mod: update golang.org/x dependencies
  • 74e709a ssh: add AlgorithmNegotiationError
  • b3790b8 acme: fix TLSALPN01ChallengeCert for IP address identifiers
  • 1dc4269 acme: add Pebble integration testing
  • 97bf787 blake2b: implement hash.XOF
  • 952517d x509roots/fallback: update bundle
  • c6fce02 ssh: refuse to parse certificates that use a certificate as signing key
  • 0ae49b8 ssh: reject certificate keys used as signature keys for SSH certs
  • 3bf9d2a ssh/test: skip KEX test if unsupported by system SSH client
  • 9bab967 go.mod: update golang.org/x dependencies
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the go_modules group across 1 directory with 3 updates
84fcbda 
Bumps the go_modules group with 2 updates in the / directory: [github.com/containerd/containerd](https://github.com/containerd/containerd) and [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux).


Updates `github.com/containerd/containerd` from 1.7.23 to 1.7.29
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.7.23...v1.7.29)

Updates `github.com/opencontainers/selinux` from 1.12.0 to 1.13.0
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](opencontainers/selinux@v1.12.0...v1.13.0)

Updates `golang.org/x/crypto` from 0.38.0 to 0.40.0
- [Commits](golang/crypto@v0.38.0...v0.40.0)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-version: 1.7.29
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/opencontainers/selinux
  dependency-version: 1.13.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.40.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jan 12, 2026
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jan 12, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant