Skip to content

build(deps): bump the go_modules group across 1 directory with 5 updates #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

build(deps): bump the go_modules group across 1 directory with 5 updates #5

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Aug 14, 2025

Bumps the go_modules group with 5 updates in the / directory:

Package From To
github.com/docker/docker 27.1.2+incompatible 28.0.0+incompatible
golang.org/x/net 0.42.0 0.43.0
github.com/golang-jwt/jwt/v5 5.2.2 5.3.0
go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful 0.42.0 0.44.0
golang.org/x/image 0.11.0 0.18.0

Updates github.com/docker/docker from 27.1.2+incompatible to 28.0.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.0.0

28.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

New

  • Add ability to mount an image inside a container via --mount type=image. moby/moby#48798
    • You can also specify --mount type=image,image-subpath=[subpath],... option to mount a specific path from the image. docker/cli#5755
  • docker images --tree now shows metadata badges. docker/cli#5744
  • docker load, docker save, and docker history now support a --platform flag allowing you to choose a specific platform for single-platform operations on multi-platform images. docker/cli#5331
  • Add OOMScoreAdj to docker service create and docker stack. docker/cli#5145
  • docker buildx prune now supports reserved-space, max-used-space, min-free-space and keep-bytes filters. moby/moby#48720
  • Windows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. moby/moby#47955

Networking

  • The docker-proxy binary has been updated, older versions will not work with the updated dockerd. moby/moby#48132
    • Close a window in which the userland proxy (docker-proxy) could accept TCP connections, that would then fail after iptables NAT rules were set up.
    • The executable rootlesskit-docker-proxy is no longer used, it has been removed from the build and distribution.
  • DNS nameservers read from the host's /etc/resolv.conf are now always accessed from the host's network namespace. moby/moby#48290
    • When the host's /etc/resolv.conf contains no nameservers and there are no --dns overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.
  • Container interfaces in bridge and macvlan networks now use randomly generated MAC addresses. moby/moby#48808
    • Gratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.
    • IPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.
  • The deprecated OCI prestart hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. moby/moby#47406
  • Add a new gw-priority option to docker run, docker container create, and docker network connect. This option will be used by the Engine to determine which network provides the default gateway for a container. On docker run, this option is only available through the extended --network syntax. docker/cli#5664
  • Add a new netlabel com.docker.network.endpoint.ifname to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. moby/moby#49155
    • When a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example eth, the container might fail to start.
    • The recommended practice is to use a different prefix, for example en0, or a numerical suffix high enough to never collide, for example eth100.
    • This label can be specified on docker network connect via the --driver-opt flag, for example docker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar ….
    • Or via the long-form --network flag on docker run, for example docker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …
  • If a custom network driver reports capability GwAllocChecker then, before a network is created, it will get a GwAllocCheckerRequest with the network's options. The custom driver may then reply that no gateway IP address should be allocated. moby/moby#49372

Port publishing in bridge networks

  • dockerd now requires ipset support in the Linux kernel. moby/moby#48596
    • The iptables and ip6tables rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native nftables support in a future release. moby/moby#48815
    • If it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use iptables -F and ip6tables -F to flush all existing iptables rules from the filter table before starting the older version of the daemon. When that is not possible, run the following commands as root:
      • iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
      • iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER
      • If you were previously running with the iptables filter-FORWARD policy set to ACCEPT and need to restore access to unpublished ports, also delete per-bridge-network rules from the DOCKER chains. For example, iptables -D DOCKER ! -i docker0 -o docker0 -j DROP.
  • Fix a security issue that was allowing remote hosts to connect directly to a container on its published ports. moby/moby#49325
  • Fix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. moby/moby#49325

... (truncated)

Commits
  • af898ab Merge pull request #49495 from vvoland/update-buildkit
  • d67f035 vendor: github.com/moby/buildkit v0.20.0
  • 00ab386 Merge pull request #49491 from vvoland/update-buildkit
  • 1fde8c4 builder-next: fix cdi manager
  • cde9f07 vendor: github.com/moby/buildkit v0.20.0-rc3
  • 89e1429 Merge pull request #49490 from thaJeztah/dockerfile_linting
  • b2b5590 Dockerfile: fix linting warnings
  • 62bc597 Merge pull request #49480 from thaJeztah/docs_api_1.48
  • 670cd81 Merge pull request #49485 from vvoland/c8d-list-panic
  • a3628f3 docs/api: add documentation for API v1.48
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.42.0 to 0.43.0

Commits
  • e74bc31 go.mod: update golang.org/x dependencies
  • af6926e http2: remove references to defunct http2.golang.org test server
  • See full diff in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.3.0

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.0

This release is almost identical to to v5.2.3 but now correctly indicates Go 1.21 as minimum requirement.

What's Changed

Full Changelog: golang-jwt/jwt@v5.2.3...v5.3.0

v5.2.3

What's Changed

New Contributors

Full Changelog: golang-jwt/jwt@v5.2.2...v5.2.3

Commits

Updates go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful from 0.42.0 to 0.44.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful's releases.

Release 1.37.0/0.62.0/0.31.0/0.17.0/0.12.0/0.10.0/0.9.0

Added

  • Add the WithPublicEndpoint and WithPublicEndpointFn options to go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#7407)

Changed

  • go.opentelemetry.io/contrib/instrumentation/runtime now produces the new metrics by default. Set OTEL_GO_X_DEPRECATED_RUNTIME_METRICS=true environment variable to additionally produce the deprecated metrics. (#7418)
  • The semantic conventions have been upgraded from v1.30.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#7361)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/aws/ec2. (#7373, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/aws/eks. (#7375, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/aws/ecs. (#7374, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/aws/lambda. (#7376, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/azure/azurevm. (#7377, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/bridges/otelslog. (#7361, #7484)
  • The semantic conventions have been upgraded from v1.27.0 to v1.34.0 in go.opentelemetry.io/contrib/bridges/otellogr. (#7387, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/bridges/otelzap. (#7389, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/detectors/gcp. (#7378, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful. (#7383, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin. (#7383, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#7383, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace. (#7383, #7484)
  • The semantic conventions have been upgraded from v1.26.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#7383, #7484)
  • The semantic conventions have been upgraded in go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver/mongo/otelmongo to v1.34.0. (#7393, #7484)
  • The semantic conventions have been upgraded in go.opentelemetry.io/contrib/instrumentation/go.mongodb.org/mongo-driver/v2/mongo/otelmongo to v1.34.0. (#7393, #7484)
  • The semantic conventions have been upgraded in go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws to v1.34.0. (#7394, #7484)
    • The messaging.system=AmazonSQS attribute has been corrected to messaging.system=aws.sqs.
    • The net.peer.addr attribute key has been upgraded to server.address.
    • The http.status_code attribute key has been upgraded to http.response.status_code.
    • The db.system=dynamodb attribute has been corrected to db.system.name=aws.dynamodb.
    • The deprecated messaging.operation.type=publish attribute has been corrected to messaging.operation.type=send.
  • The semantic conventions have been upgraded from v1.21.0 to v1.34.0 in go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda. (#7400, #7484)
  • The semantic conventions in go.opentelemetry.io/contrib/instrumentation/host have been upgraded to v1.34.0. (#7390, #7484)
    • The description of process.cpu.time is updated to comply with semantic conventions.
    • process.cpu.time now uses the state attribute instead of cpu.mode.
    • The system.cpu.time metric is renamed to cpu.time.
    • cpu.time now uses the state attribute instead of cpu.mode.
    • system.memory.usage now uses the state attribute instead of system.memory.state.
    • system.memory.utilization now uses the state attribute instead of system.memory.state.
    • The system.memory.state attribute (now state) value of available is now free instead.

Deprecated

  • AttributeCPUTimeUser in go.opentelemetry.io/contrib/instrumentation/host is deprecated. Use go.opentelemetry.io/otel/semconv instead. (#7390)
  • AttributeCPUTimeSystem in go.opentelemetry.io/contrib/instrumentation/host is deprecated. Use go.opentelemetry.io/otel/semconv instead. (#7390)
  • AttributeCPUTimeOther in go.opentelemetry.io/contrib/instrumentation/host is deprecated. Use go.opentelemetry.io/otel/semconv instead. (#7390)
  • AttributeCPUTimeIdle in go.opentelemetry.io/contrib/instrumentation/host is deprecated.

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful's changelog.

[1.19.0/0.44.0/0.13.0] - 2023-09-12

Added

  • Add gcp.gce.instance.name and gcp.gce.instance.hostname resource attributes to go.opentelemetry.io/contrib/detectors/gcp. (#4263)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ec2 have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/ecs have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/eks have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/detectors/aws/lambda have been upgraded to v1.21.0. (#4265)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda have been upgraded to v1.21.0. (#4265)
    • The faas.execution attribute is now faas.invocation_id.
    • The faas.id attribute is now aws.lambda.invoked_arn.
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws have been upgraded to v1.21.0. (#4265)
  • The http.request.method attribute will only allow known HTTP methods from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)

Removed

  • The high cardinality attributes net.sock.peer.addr, net.sock.peer.port, http.user_agent, enduser.id, and http.client_ip were removed from the metrics generated by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4277)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache module is removed. (#4295)
  • The deprecated go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql module is removed. (#4295)

[1.18.0/0.43.0/0.12.0] - 2023-08-28

Added

  • Add NewMiddleware function in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#2964)
  • The go.opentelemetry.io/contrib/exporters/autoexport package to provide configuration of trace exporters with useful defaults and environment variable support. (#2753, #4100, #4130, #4132, #4134)
  • WithRouteTag in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp adds HTTP route attribute to metrics. (#615)
  • Add WithSpanOptions option in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#3768)
  • Add testing support for Go 1.21. (#4233)
  • Add WithFilter option to go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux. (#4230)

Changed

  • Change interceptors in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to disable SENT/RECEIVED events. Use WithMessageEvents() to turn back on. (#3964)
  • go.opentelemetry.io/contrib/detectors/gcp: Detect faas.instance instead of faas.id, since faas.id is being removed. (#4198)

Fixed

  • AWS XRay Remote Sampling to cap quotaBalance to 1x quota in go.opentelemetry.io/contrib/samplers/aws/xray. (#3651, #3652)
  • Do not panic when the HTTP request has the "Expect: 100-continue" header in go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace. (#3892)
  • Fix span status value set for non-standard HTTP status codes in modules listed below. (#3966)
    • go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful

... (truncated)

Commits

Updates golang.org/x/image from 0.11.0 to 0.18.0

Commits
  • 3bbf4a6 tiff: Validate palette indices when parsing palette-color images
  • 6c5fa46 go.mod: update golang.org/x dependencies
  • 55c4ab6 go.mod: update golang.org/x dependencies
  • 0057a93 tiff: fix function name in comment
  • 9e190ae webp: disallow multiple VP8X chunks
  • 445ab0e go.mod: update golang.org/x dependencies
  • 240a51a font/sfnt: support early version 0 OS/2 tables
  • c20bbc3 draw: simplify some calls to fmt.Fprintf
  • 491771c draw: merge draw_go117.go into draw.go
  • 4aa0222 go.mod: update go directive to 1.18
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the go_modules group across 1 directory with 5 updates
68280c6 
Bumps the go_modules group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/docker](https://github.com/docker/docker) | `27.1.2+incompatible` | `28.0.0+incompatible` |
| [golang.org/x/net](https://github.com/golang/net) | `0.42.0` | `0.43.0` |
| [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) | `5.2.2` | `5.3.0` |
| [go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.42.0` | `0.44.0` |
| [golang.org/x/image](https://github.com/golang/image) | `0.11.0` | `0.18.0` |



Updates `github.com/docker/docker` from 27.1.2+incompatible to 28.0.0+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v27.1.2...v28.0.0)

Updates `golang.org/x/net` from 0.42.0 to 0.43.0
- [Commits](golang/net@v0.42.0...v0.43.0)

Updates `github.com/golang-jwt/jwt/v5` from 5.2.2 to 5.3.0
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](golang-jwt/jwt@v5.2.2...v5.3.0)

Updates `go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful` from 0.42.0 to 0.44.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.42.0...zpages/v0.44.0)

Updates `golang.org/x/image` from 0.11.0 to 0.18.0
- [Commits](golang/image@v0.11.0...v0.18.0)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-version: 28.0.0+incompatible
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.43.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-version: 5.3.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful
  dependency-version: 0.44.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/image
  dependency-version: 0.18.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Aug 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant