Skip to content

Bump the docker group across 1 directory with 6 updates#637

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/docker-ec54e1ce94
Open

Bump the docker group across 1 directory with 6 updates#637
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/docker-ec54e1ce94

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps the docker group with 6 updates in the / directory:

Package From To
github.com/docker/cli 29.3.0+incompatible 29.6.1+incompatible
github.com/docker/docker-credential-helpers 0.9.5 0.9.8
github.com/docker/go-connections 0.6.0 0.7.0
github.com/moby/patternmatcher 0.6.0 0.6.1
github.com/moby/sys/sequential 0.6.0 0.7.0
github.com/moby/sys/user 0.4.0 0.4.1

Updates github.com/docker/cli from 29.3.0+incompatible to 29.6.1+incompatible

Commits
  • 8900f1d Merge pull request #7074 from thaJeztah/version
  • 22b8f13 Merge pull request #7069 from docker-agent/auto/migrate-to-docker-agent-action
  • d9c59c9 version 29.6.1
  • 6430751 Merge pull request #7073 from thaJeztah/bump_moby_user
  • 8fda97b vendor: github.com/moby/sys/user v0.4.1
  • f9dc4e4 chore: bump docker-agent-action to v2.0.1
  • f8a2d2b Merge pull request #7070 from docker/dependabot/github_actions/actions/checko...
  • 7eb15d3 build(deps): bump actions/checkout from 6.0.3 to 7.0.0
  • 033b0ff Merge pull request #7063 from docker/dependabot/github_actions/crazy-max/dot-...
  • 317bfd1 Merge pull request #7067 from docker/dependabot/github_actions/docker/cagent-...
  • Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.9.5 to 0.9.8

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.9.8

What's Changed

  • update to go1.26.4
  • wincred: inline label, and append to existing
  • build(deps): bump actions/checkout from 6.0.2 to 6.0.3
  • build(deps): bump codecov/codecov-action from 6.0.0 to 6.0.1
  • build(deps): bump crazy-max/.github/.github/workflows/zizmor.yml from 1.7.1 to 1.10.0
  • build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
  • build(deps): bump docker/setup-buildx-action from 4.0.0 to 4.1.0
  • build(deps): bump docker/setup-qemu-action from 4.0.0 to 4.1.0

Full Changelog: docker/docker-credential-helpers@v0.9.7...v0.9.8

v0.9.7

What's Changed

  • update to go1.26.3
  • ci: update zizmore action to v1.7.1

Full Changelog: docker/docker-credential-helpers@v0.9.6...v0.9.7

v0.9.6

What's Changed

  • update to go1.25.9
  • secretservice: allow building on openbsd
  • wincred: minor cleanups
  • Dockerfile: document build-args
  • Dockerfile: update golangci-lint to v2.11
  • Dockerfile: update xx to v1.9.0
  • ci: set default permissions and timeouts
  • ci: update actions
  • ci: pin actions by sha
  • ci: add zizmor workflow

Full Changelog: docker/docker-credential-helpers@v0.9.5...v0.9.6

Commits
  • 4f6bc8a Merge pull request #433 from thaJeztah/wincred_inline
  • b0820e3 Merge pull request #441 from docker/dependabot/github_actions/actions/checkou...
  • f84e991 Merge pull request #445 from thaJeztah/bump_go_1.26.4
  • 65d1391 update to go1.26.4
  • d21de35 Merge pull request #444 from docker/dependabot/github_actions/crazy-max/dot-g...
  • c6ca626 build(deps): bump actions/checkout from 6.0.2 to 6.0.3
  • 1d2dd3d Merge pull request #440 from docker/dependabot/github_actions/docker/setup-qe...
  • 3a54b5c Merge pull request #439 from docker/dependabot/github_actions/docker/bake-act...
  • b68f2ec Merge pull request #438 from docker/dependabot/github_actions/docker/setup-bu...
  • 6107240 build(deps): bump crazy-max/.github/.github/workflows/zizmor.yml
  • Additional commits viewable in compare view

Updates github.com/docker/go-connections from 0.6.0 to 0.7.0

Commits
  • 7997b0f Merge pull request #156 from thaJeztah/bump_go_winio
  • 329724a chore(deps): bump github.com/Microsoft/go-winio v0.6.2
  • 161dc9b Merge pull request #155 from thaJeztah/pin_actions
  • b115e42 Merge pull request #154 from thaJeztah/fix_non_linux_tests
  • 4c35b2a ci: pin actions to sha
  • b4454a6 tlsconfig: make root pool tests deterministic across platforms
  • 0819711 tlsconfig: certPool: pass options as argument
  • 0329635 tlsconfig: rename some vars that shadowed
  • 894d811 Merge pull request #150 from thaJeztah/deprecate_SystemCertPool
  • 0a1293a Merge pull request #153 from thaJeztah/chachacha
  • Additional commits viewable in compare view

Updates github.com/moby/patternmatcher from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/moby/patternmatcher's releases.

v0.6.1

What's Changed

Full Changelog: moby/patternmatcher@v0.6.0...v0.6.1

Commits
  • 5a6d842 Merge pull request #9 from thaJeztah/fix_panic
  • e5d80c7 fix panic / nil pointer dereference on invalid patterns
  • 7f236f5 Merge pull request #8 from thaJeztah/update_ci
  • a95e09c ci: update actions and test against "oldest", "oldstable" and "stable"
  • See full diff in compare view

Updates github.com/moby/sys/sequential from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/moby/sys/sequential's releases.

signal/v0.7.0

What's Changed

Full Changelog: moby/sys@signal/v0.6.0...signal/v0.7.0

mountinfo v0.7.0

What's Changed

sequential v0.7.0

What's Changed

  • update minimum go version to 1.24
  • use os.OpenFile with O_FILE_FLAG_SEQUENTIAL_SCAN on Go 1.26+

Full Changelog: moby/sys@sequential/v0.6.0...sequential/v0.7.0

mountinfo v0.6.2

What's Changed

New Contributors

Full Changelog: moby/sys@mountinfo/v0.6.1...mountinfo/v0.6.2

mountinfo v0.6.1

What's Changed

New Contributors

Full Changelog: moby/sys@mountinfo/v0.6.0...mountinfo/v0.6.1

Commits
  • b8d8fab Merge pull request #105 from kolyshkin/fix-mac-ci
  • b128335 Makefile: rm .SHELLFLAGS, add set -e
  • d4611de Merge pull request #103 from kolyshkin/mount-bump-mountinfo-0.6
  • e1c5b38 mount: bump mountinfo to v0.6.0
  • d01e595 Merge pull request #100 from kolyshkin/mounted-fast
  • 5d09d69 mountinfo: add TestMountedRoot
  • 303f101 mountinfo: add tests for MountedFast
  • 9742587 mountinfo: TestMountedBy: rm exp
  • 3494465 mountinfo: mounted_linux_test: nits
  • 88ece65 mountinfo: add MountedFast
  • Additional commits viewable in compare view

Updates github.com/moby/sys/user from 0.4.0 to 0.4.1

Release notes

Sourced from github.com/moby/sys/user's releases.

mountinfo v0.4.1

Fixes and improvements:

  • Fix PrefixFilter() being too greedy (#61)
  • TestMountedBy*: add missing pre-checks (ce8f425e79a74602c4055fb1776f38043d56827b)
  • Documentation improvements (#52)

user/v0.4.1

What's Changed

  • user: prevent possible DoS via unbounded parsing of user and group database files in GHSA-mjcv-p78q-w5fw. This fixes a similar issue as CVE-2026-47262 in containerd.
  • user: prevent falling back to looking up numeric usernames and improve handling of numeric user/group to prevent looking up numeric values as usernames. This fixes a similar issue as CVE-2026-46680 in containerd. moby/sys#221
  • user: prevent falling back to looking up numeric usernames
  • user: bump Go to 1.18, modernize moby/sys#198
  • user: make code a bit more DRY moby/sys#225
  • user: test cleanups moby/sys#226

Full Changelog: moby/sys@user/v0.4.0...user/v0.4.1

Commits
  • 85a71bb Merge commit from fork
  • 2c56c3d user: limit line length in ParseGroupFilter
  • bba2f13 user: limit reads from user database files
  • ee79b0e Merge pull request #221 from thaJeztah/limit_uidgid
  • 6eb9f15 user: GetAdditionalGroups: treat numeric group arguments as GIDs only
  • c66bd2d user: prevent falling back to looking up numeric usernames
  • c873359 Merge pull request #226 from thaJeztah/user_test_cleanups
  • f41a5ef Merge pull request #225 from thaJeztah/user_dry
  • 5c2e8a0 user: add test-cases for maxID (math.MaxInt32)
  • e001aea user: use sub-tests
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 28, 2026
@dependabot dependabot Bot requested review from a team as code owners June 28, 2026 16:02
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 28, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/docker-ec54e1ce94 branch from a4b5cbb to 43b1612 Compare July 5, 2026 16:02
Bumps the docker group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/docker/cli](https://github.com/docker/cli) | `29.3.0+incompatible` | `29.6.1+incompatible` |
| [github.com/docker/docker-credential-helpers](https://github.com/docker/docker-credential-helpers) | `0.9.5` | `0.9.8` |
| [github.com/docker/go-connections](https://github.com/docker/go-connections) | `0.6.0` | `0.7.0` |
| [github.com/moby/patternmatcher](https://github.com/moby/patternmatcher) | `0.6.0` | `0.6.1` |
| [github.com/moby/sys/sequential](https://github.com/moby/sys) | `0.6.0` | `0.7.0` |
| [github.com/moby/sys/user](https://github.com/moby/sys) | `0.4.0` | `0.4.1` |



Updates `github.com/docker/cli` from 29.3.0+incompatible to 29.6.1+incompatible
- [Commits](docker/cli@v29.3.0...v29.6.1)

Updates `github.com/docker/docker-credential-helpers` from 0.9.5 to 0.9.8
- [Release notes](https://github.com/docker/docker-credential-helpers/releases)
- [Commits](docker/docker-credential-helpers@v0.9.5...v0.9.8)

Updates `github.com/docker/go-connections` from 0.6.0 to 0.7.0
- [Commits](docker/go-connections@v0.6.0...v0.7.0)

Updates `github.com/moby/patternmatcher` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/moby/patternmatcher/releases)
- [Commits](moby/patternmatcher@v0.6.0...v0.6.1)

Updates `github.com/moby/sys/sequential` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](moby/sys@signal/v0.6.0...signal/v0.7.0)

Updates `github.com/moby/sys/user` from 0.4.0 to 0.4.1
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](moby/sys@user/v0.4.0...user/v0.4.1)

---
updated-dependencies:
- dependency-name: github.com/docker/cli
  dependency-version: 29.6.1+incompatible
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: github.com/docker/docker-credential-helpers
  dependency-version: 0.9.8
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: github.com/docker/go-connections
  dependency-version: 0.7.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: github.com/moby/patternmatcher
  dependency-version: 0.6.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: github.com/moby/sys/sequential
  dependency-version: 0.7.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: docker
- dependency-name: github.com/moby/sys/user
  dependency-version: 0.4.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/docker-ec54e1ce94 branch from 43b1612 to f13130f Compare July 12, 2026 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants