build(deps): bump the dependencies group across 1 directory with 16 updates by dependabot[bot] · Pull Request #6084 · nektos/act

dependabot · 2026-05-01T02:11:40Z

Bumps the dependencies group with 15 updates in the / directory:

Package	From	To
github.com/docker/cli	`29.3.0+incompatible`	`29.4.1+incompatible`
github.com/docker/go-connections	`0.6.0`	`0.7.0`
github.com/go-git/go-billy/v5	`5.6.2`	`5.8.0`
github.com/go-git/go-git/v5	`5.16.5`	`5.18.0`
github.com/mattn/go-isatty	`0.0.20`	`0.0.22`
github.com/moby/patternmatcher	`0.6.0`	`0.6.1`
github.com/rhysd/actionlint	`1.7.7`	`1.7.12`
github.com/sirupsen/logrus	`1.9.3`	`1.9.4`
github.com/spf13/cobra	`1.10.1`	`1.10.2`
github.com/spf13/pflag	`1.0.9`	`1.0.10`
github.com/golang-jwt/jwt/v5	`5.3.0`	`5.3.1`
github.com/moby/go-archive	`0.1.0`	`0.2.0`
github.com/moby/moby/api	`1.54.0`	`1.54.2`
github.com/moby/moby/client	`0.3.0`	`0.4.1`
google.golang.org/protobuf	`1.36.9`	`1.36.11`

Updates github.com/docker/cli from 29.3.0+incompatible to 29.4.1+incompatible

Commits

055a478 Merge pull request #6945 from thaJeztah/bump_moby
d0f5b27 cmd/docker-trust: bump moby/client v0.4.1, moby/api v1.54.2
b7f37e8 vendor: github.com/moby/moby/client v0.4.1, moby/api v1.54.2
c93d892 Merge pull request #6949 from thaJeztah/bump_utils
3553caf Merge pull request #6948 from thaJeztah/bump_trust_deps
266f039 Dockerfile: update compose to v5.1.3
d74d3c3 Dockerfile: update buildx to v0.33.0
134c2a0 Merge pull request #6826 from thaJeztah/bump_golangci_lint2
58a7c31 golangci-lint: fix lint failures from v2.10.1 upgrade
f37a9e6 Dockerfile: update golangci-lint to v2.10.1
Additional commits viewable in compare view

Updates github.com/docker/go-connections from 0.6.0 to 0.7.0

Commits

7997b0f Merge pull request #156 from thaJeztah/bump_go_winio
329724a chore(deps): bump github.com/Microsoft/go-winio v0.6.2
161dc9b Merge pull request #155 from thaJeztah/pin_actions
b115e42 Merge pull request #154 from thaJeztah/fix_non_linux_tests
4c35b2a ci: pin actions to sha
b4454a6 tlsconfig: make root pool tests deterministic across platforms
0819711 tlsconfig: certPool: pass options as argument
0329635 tlsconfig: rename some vars that shadowed
894d811 Merge pull request #150 from thaJeztah/deprecate_SystemCertPool
0a1293a Merge pull request #153 from thaJeztah/chachacha
Additional commits viewable in compare view

Updates github.com/go-git/go-billy/v5 from 5.6.2 to 5.8.0

Release notes

Sourced from github.com/go-git/go-billy/v5's releases.

v5.8.0

What's Changed

build: Update module golang.org/x/net to v0.45.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-billy#183

v5: Ensure Chmod behaviour across BoundOS and ChrootOS by @pjbgf in go-git/go-billy#187

Full Changelog: go-git/go-billy@v5.7.0...v5.8.0

v5.7.0

What's Changed

Add support for Chmod on billy.Filesystem by @bitfehler in go-git/go-billy#171

build: Update module golang.org/x/net to v0.38.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-billy#177

Full Changelog: go-git/go-billy@v5.6.2...v5.7.0

Commits

8662784 Merge pull request #187 from pjbgf/windows-rename
f387d62 build: Update test workflow to rely on oldstable/stable
915dae9 polyfill: Add support for Chmod
f3d5600 osfs: Create dir for BoundOS Tempfiles
247a741 Merge pull request #183 from go-git/renovate/releases/v5.x-go-golang.org-x-ne...
1c0c9d5 build: Update module golang.org/x/net to v0.45.0 [SECURITY]
cc50ee7 Merge pull request #177 from go-git/renovate/releases/v5.x-go-golang.org-x-ne...
c3a9003 build: Update module golang.org/x/net to v0.38.0 [SECURITY]
9263834 Merge pull request #171 from bitfehler/releases/v5.x
94b84fc Add support for Chmod on billy.Filesystem
See full diff in compare view

Updates github.com/go-git/go-git/v5 from 5.16.5 to 5.18.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.18.0

What's Changed

plumbing: transport/http, Add support for followRedirects policy by @pjbgf in go-git/go-git#2004

Full Changelog: go-git/go-git@v5.17.2...v5.18.0

v5.17.2

What's Changed

build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1941

dotgit: skip writing pack files that already exist on disk by @pjbgf in go-git/go-git#1944

⚠️ This release fixes a bug (go-git/go-git#1942) that blocked some users from upgrading to v5.17.1. Thanks @pskrbasu for reporting it. 🙇

Full Changelog: go-git/go-git@v5.17.1...v5.17.2

v5.17.1

What's Changed

build: Update module github.com/cloudflare/circl to v1.6.3 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1930

[v5] plumbing: format/index, Improve v4 entry name validation by @pjbgf in go-git/go-git#1935

[v5] plumbing: format/idxfile, Fix version and fanout checks by @pjbgf in go-git/go-git#1937

Full Changelog: go-git/go-git@v5.17.0...v5.17.1

v5.17.0

What's Changed

build: Update module github.com/go-git/go-git/v5 to v5.16.5 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1839

git: worktree, optimize infiles function for very large repos by @k-anshul in go-git/go-git#1853

git: Add strict checks for supported extensions by @pjbgf in go-git/go-git#1861

backport, git: Improve Status() speed with new index.ModTime check by @cedric-appdirect in go-git/go-git#1862

storage: filesystem, Avoid overwriting loose obj files by @pjbgf in go-git/go-git#1864

Full Changelog: go-git/go-git@v5.16.5...v5.17.0

Commits

ea3e7ec Merge pull request #2004 from go-git/v5-http-hardening
bcd20a9 plumbing: transport/http, Add support for followRedirects policy
45ae193 Merge pull request #1944 from go-git/fix-perms
fda4f74 storage: filesystem/dotgit, Skip writing pack files that already exist on disk
2212dc7 Merge pull request #1941 from go-git/renovate/releases/v5.x-go-github.com-go-...
ebb2d7d build: Update module github.com/go-git/go-git/v5 to v5.17.1 [SECURITY]
5e23dfd Merge pull request #1937 from pjbgf/idx-v5
6b38a32 Merge pull request #1935 from pjbgf/index-v5
cd757fc plumbing: format/idxfile, Fix version and fanout checks
3ec0d70 plumbing: format/index, Fix tree extension invalidated entry parsing
Additional commits viewable in compare view

Updates github.com/mattn/go-isatty from 0.0.20 to 0.0.22

Commits

9a68506 Fix isCygwinPipeName to accept Windows 7 trailing suffix (#90)
4237fb1 Update Go test matrix to current versions (1.24-1.26)
433c12b Update GitHub Actions to latest versions
1cf5589 Add wasip1 and wasip2 to build constraints in isatty_others.go
1237245 Update dependencies: go 1.15 -> 1.21, golang.org/x/sys v0.6.0 -> v0.28.0
ac9c88d Fix typo in comment: undocomented -> undocumented
8b7124e Add availability check for NtQueryObject in init
08d0313 Fix isCygwinPipeName to reject names with extra trailing tokens
See full diff in compare view

Updates github.com/moby/patternmatcher from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/moby/patternmatcher's releases.

v0.6.1

What's Changed

fix panic / nil pointer dereference on invalid patterns moby/patternmatcher#9

ci: update actions and test against "oldest", "oldstable" and "stable" moby/patternmatcher#8

Full Changelog: moby/patternmatcher@v0.6.0...v0.6.1

Commits

5a6d842 Merge pull request #9 from thaJeztah/fix_panic
e5d80c7 fix panic / nil pointer dereference on invalid patterns
7f236f5 Merge pull request #8 from thaJeztah/update_ci
a95e09c ci: update actions and test against "oldest", "oldstable" and "stable"
See full diff in compare view

Updates github.com/rhysd/actionlint from 1.7.7 to 1.7.12

Release notes

Sourced from github.com/rhysd/actionlint's releases.

v1.7.12
Support the timezone configuration in on.schedule with checks for IANA timezone string. See the documentation for more details. Note that actionlint starts to embed the timezone database in the executables from this version so the binary sizes slightly increase. (#641, thanks @martincostello)
on:
  schedule:
    # ERROR: The timezone is not a valid IANA timezone string
    - cron: '*/5 * * * *'
      timezone: 'Asia/Somewhere'
Support the jobs.<job_name>.environment.deployment configuration. (#639, thanks @springmeyer)

Support the macos-26-intel runner label. (#629, thanks @hugovk)

Fix the outdated table of webhook activity types by rebuilding the script to scrape the table from scratch.

Support Go 1.26 and drop the support for Go 1.24. Now supported versions are 1.25 and 1.26.

Tests are run on arm64 Windows in CI.

Update the popular actions data set to the latest.
v1.7.11
Support the case() function in ${{ }} expressions which was recently added to GitHub Actions. (#612, #614, thanks @heppu)
env:
  # ERROR: case() requires an odd number of arguments
  ENVIRONMENT: |-
    ${{ case(
      github.ref == 'refs/heads/main', 'production',
      github.ref == 'refs/heads/staging', 'staging'
    ) }}
Support new macos-26-large and windows-2025-vs2026 runner labels. See the GitHub's announce for more details. (#615, thanks @hugovk and @muzimuzhi)
Enable Artifact attestations for the released binaries. From v1.7.11 gh command can verify the integrity of the downloaded binaries as follows. The verification is highly recommended in terms of supply chain security. (#608, thanks @takaram)
$ gh release download --repo rhysd/actionlint --pattern '*_darwin_amd64.tar.gz' v1.7.11
$ gh attestation verify --repo rhysd/actionlint actionlint_1.7.11_darwin_amd64.tar.gz
Loaded digest sha256:17ffc17fed8f0258ef6ad4aed932d3272464c7ef7d64e1cb0d65aa97c9752107 for file://actionlint_1.7.11_darwin_amd64.tar.gz
Loaded 1 attestation from GitHub API
The following policy criteria will be enforced:

Predicate type must match:................ https://slsa.dev/provenance/v1
Source Repository Owner URI must match:... https://github.com/rhysd
Source Repository URI must match:......... https://github.com/rhysd/actionlint
Subject Alternative Name must match regex: (?i)^https://github.com/rhysd/actionlint/
OIDC Issuer must match:................... https://token.actions.githubusercontent.com

✓ Verification succeeded!
The following 1 attestation matched the policy criteria

Attestation #1

Build repo:..... rhysd/actionlint
Build workflow:. .github/workflows/release.yaml@refs/tags/v1.7.11
Signer repo:.... rhysd/actionlint

... (truncated)

Changelog

Sourced from github.com/rhysd/actionlint's changelog.

v1.7.12 - 2026-03-30
Support the timezone configuration in on.schedule with checks for IANA timezone string. See the documentation for more details. Note that actionlint starts to embed the timezone database in the executables from this version so the binary sizes slightly increase. (#641, thanks @martincostello)
on:
  schedule:
    # ERROR: The timezone is not a valid IANA timezone string
    - cron: '*/5 * * * *'
      timezone: 'Asia/Somewhere'
Support the jobs.<job_name>.environment.deployment configuration. (#639, thanks @springmeyer)

Support the macos-26-intel runner label. (#629, thanks @hugovk)

Fix the table of webhook activity types are outdated by rebuilding the script to scrape the table from scratch.

Support Go 1.26 and drop the support for Go 1.24. Now supported versions are 1.25 and 1.26.

Tests are run on arm64 Windows in CI.

Update the popular actions data set to the latest.
[Changes][v1.7.12]

v1.7.11 - 2026-02-14
Support the case() function in ${{ }} expressions which was recently added to GitHub Actions. (#612, #614, thanks @heppu)
env:
  # ERROR: case() requires an odd number of arguments
  ENVIRONMENT: |-
    ${{ case(
      github.ref == 'refs/heads/main', 'production',
      github.ref == 'refs/heads/staging', 'staging'
    ) }}
Support new macos-26-large and windows-2025-vs2026 runner labels. See the GitHub's announce for more details. (#615, thanks @hugovk and @muzimuzhi)
Enable Artifact attestations for the released binaries. From v1.7.11 gh command can verify the integrity of the downloaded binaries as follows. The verification is highly recommended in terms of supply chain security. (#608, thanks @takaram)
$ gh release download --repo rhysd/actionlint --pattern '*_darwin_amd64.tar.gz' v1.7.11
$ gh attestation verify --repo rhysd/actionlint actionlint_1.7.11_darwin_amd64.tar.gz
Loaded digest sha256:17ffc17fed8f0258ef6ad4aed932d3272464c7ef7d64e1cb0d65aa97c9752107 for file://actionlint_1.7.11_darwin_amd64.tar.gz
Loaded 1 attestation from GitHub API
The following policy criteria will be enforced:

Predicate type must match:................ https://slsa.dev/provenance/v1
Source Repository Owner URI must match:... https://github.com/rhysd
Source Repository URI must match:......... https://github.com/rhysd/actionlint
Subject Alternative Name must match regex: (?i)^https://github.com/rhysd/actionlint/
OIDC Issuer must match:................... https://token.actions.githubusercontent.com

✓ Verification succeeded!

... (truncated)

Commits

914e7df bump up version to v1.7.12
f1fe8a1 update popular actions data set to the latest
0ef3e18 add support for https://github.blog/changelog/2026-03-19-github-actions-late-...
d2f9e65 update document to describe the timezone check in on.schedule
c03b271 Merge branch 'followup-issue641' (#641)
c9efd91 fix staticcheck checks files inside ./playground/node_modules
08e2336 include timezone database in executable statically
f48c0a4 fix timezone check is incomplete
6b811d3 fix problem matcher test fails due to line ending in test data
4897c1d Merge pull request #641 from martincostello/gh-638
Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460

go.mod: bump up dependencies sirupsen/logrus#1460

Touch-up godoc and add "doc" links.

README: fix links, grammar, and update examples.

Add GNU/Hurd support sirupsen/logrus#1364

Add WASI wasip1 support sirupsen/logrus#1388

Remove uses of deprecated ioutil package sirupsen/logrus#1472

CI: update actions and golangci-lint sirupsen/logrus#1459

CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.9.4

Fixes:

Remove uses of deprecated ioutil package

Features:

Add GNU/Hurd support

Add WASI wasip1 support

Code quality:

Update minimum supported Go version to 1.17

Documentation updates

Commits

b61f268 Merge pull request #1472 from goldlinker/master
15c29db refactor: replace the deprecated function in the ioutil package
cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
d916819 Merge pull request #1427 from dolmen/fix-testify-usage
135e482 README: small touch-ups
2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
877ecec README: remove travis badge
55cf256 Merge pull request #1393 from jsoref/grammar
21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

Fix linter and allow CI to pass by @marckhouzam in spf13/cobra#2327

fix: actions/setup-go v6 by @jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

Add documentation for repeated flags functionality by @rvergis in spf13/cobra#2316

🍂 Refactors

refactor: replace several vars with consts by @htoyoda18 in spf13/cobra#2328

refactor: change minUsagePadding from var to const by @ssam18 in spf13/cobra#2325

🤗 New Contributors

@rvergis made their first contribution in spf13/cobra#2316

@htoyoda18 made their first contribution in spf13/cobra#2328

@ssam18 made their first contribution in spf13/cobra#2325

@dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
346d408 fix: actions/setup-go v6 (#2337)
fc81d20 refactor: change minUsagePadding from var to const (#2325)
117698a refactor: replace several vars with consts (#2328)
e2dd29d Add documentation for repeated flags functionality (#2316)
0629892 Fix linter (#2327)
See full diff in compare view

Updates github.com/spf13/pflag from 1.0.9 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

fix deprecation comment for (FlagSet.)ParseErrorsWhitelist by @thaJeztah in spf13/pflag#447

remove uses of errors.Is, which requires go1.13, move go1.16/go1.21 tests to separate file by @thaJeztah in spf13/pflag#448

New Contributors

@thaJeztah made their first contribution in spf13/pflag#447

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

Commits

0491e57 Merge pull request #448 from thaJeztah/fix_go_version
72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
7e4dfb1 Test on Go 1.12
18a9d17 move Func, BoolFunc, tests as they require go1.21
c5b9e98 remove uses of errors.Is, which requires go1.13
45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
See full diff in compare view

Updates golang.org/x/term from 0.38.0 to 0.41.0

Commits

9d2dc07 go.mod: update golang.org/x dependencies
d954e03 all: upgrade go directive to at least 1.25.0 [generated]
3aff304 go.mod: update golang.org/x dependencies
a7e5b04 go.mod: update golang.org/x dependencies
943f25d x/term: handle transpose
9b991dd x/term: handle delete key
See full diff in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.3.0 to 5.3.1

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.1

What's Changed

🔐 Features

Add spellcheck Github action to catch common spelling mistakes by @equalsgibson in golang-jwt/jwt#458

Add WithNotBeforeRequired parser option and add test coverage by @equalsgibson in golang-jwt/jwt#456

Update godoc example func to properly refer to NewWithClaims() by @equalsgibson in golang-jwt/jwt#459

Update github workflows by @mfridman in golang-jwt/jwt#462

Additional test for CustomClaims that validates unmarshalling behaviour by @equalsgibson in golang-jwt/jwt#457

Fix early file close in jwt cli by @mfridman in golang-jwt/jwt#472

Add TPM signature reference by @salrashid123 in golang-jwt/jwt#473

Remove misleading ParserOptions documentation in golang-jwt/jwt#484

Save signature to Token struct after successful signing by @EgorSheff in golang-jwt/jwt#417

Set token.Signature in ParseUnverified by @slickwilli in golang-jwt/jwt#414

👒 Dependencies

Bump crate-ci/typos from 1.34.0 to 1.35.3 by @dependabot[bot] in golang-jwt/jwt#461

Bump crate-ci/typos from 1.35.4 to 1.36.2 by @dependabot[bot] in golang-jwt/jwt#470

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in golang-jwt/jwt#478

Bump crate-ci/typos from 1.36.2 to 1.39.0 by @dependabot[bot] in golang-jwt/jwt#480

Bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in golang-jwt/jwt#481

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#469

Bump crate-ci/typos from 1.39.0 to 1.40.0 by @dependabot[bot] in golang-jwt/jwt#488

Bump actions/checkout from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#487

Bump crate-ci/typos from 1.40.0 to 1.41.0 by @dependabot[bot] in golang-jwt/jwt#490

Bump crate-ci/typos from 1.41.0 to 1.42.1 by @dependabot[bot] in golang-jwt/jwt#492

New Contributors

@equalsgibson made their first contribution in golang-jwt/jwt#458

@salrashid123 made their first contribution in golang-jwt/jwt#473

@EgorSheff made their first contribution in golang-jwt/jwt#417

@slickwilli made their first contribution in golang-jwt/jwt#414

Full Changelog: golang-jwt/jwt@v5.3.0...v5.3.1

Commits

7ceae61 Add release.yml for changelog configuration
dce8e4d Set token.Signature in ParseUnverified (#414)
8889e20 Save signature to Token struct after successful signing (#417)
d237f82 ci: update github-actions schedule interval to monthly
d8dce95 Bump crate-ci/typos from 1.41.0 to 1.42.1 (#492)
e931803 Bump crate-ci/typos from 1.40.0 to 1.41.0 (#490)
e6a0afa Bump actions/checkout from 5 to 6 (#487)
9f85c9e Bump crate-ci/typos from 1.39.0 to 1.40.0 (#488)
60a8669 Bump actions/setup-go from 5 to 6 (#469)
76f5828 Remove misleading ParserOptions documentation (#484)
Additional commits viewable in compare view

Updates github.com/moby/go-archive from 0.1.0 to 0.2.0

Release notes

Sourced from github.com/moby/go-archive's releases.

v0.2.0

What's Changed

remove aliases for deprecated types and functions moby/go-archive#10

chrootarchive: remove redundant "init" mitigation for CVE-2019-14271 moby/go-archive#11

xattr: Fix OS matching moby/go-archive#20

TestOverlayTarUntar: remove redundant cmpopts.EquateEmpty moby/go-archive#9

go.mod: bump github.com/klauspost/compress v1.18.2 moby/go-archive#19

gha: update actions moby/go-archive#18

Full Changelog: moby/go-archive@v0.1.0...v0.2.0

Commits

263611f Merge pull request #20 from thaJeztah/carry_17
a1d4e73 Merge pull request #18 from thaJeztah/bump_gha
da4e566 xattr: Fix OS matching.
df87f45 Merge pull request #19 from thaJeztah/bump_deps
8996f22 gha: update CodeQL Action to v4
985c60f gha: codeql: use go stable
4752b25 gha: update actions/setup-go@v6
280f775 gha: update actions/checkout@v6
4c912d3 gha: update golangci/golangci-lint-action@v9
2cd730e go.mod: bump github.com/klauspost/compress v1.18.2
Additional commits viewable in compare view

Updates github.com/moby/moby/api from 1.54.0 to 1.54.2

Release notes

Sourced from github.com/moby/moby/api's releases.

api/v1.54.2

Changelog

api/docs: cleanup changelog. moby/moby#52379

api/docs: lower deprecation heading to a h4. moby/moby#52315

api/docs: restore API docs and change-logs for API v1.0 - v1.23. moby/moby#52312

api: align Topology swagger with Segments JSON shape. moby/moby#52358

Full Changelog: moby/moby@api/v1.54.1...api/v1.54.2

api/v1.54.1

Changelog

api/types/network: add Port.Port() method to return the port-number as a string. moby/moby#52165

api, client: add //go:fix inline directives to deprecated functions. moby/moby#52178

api, client: go.mod: remove patch version. moby/moby#52174

api/types/network: fix handling of unmapped ports (ephemeral ports). moby/moby#52288

Full Changelog: moby/moby@api/v1.54.0...api/v1.54.1

Commits

6cbde19 Merge pull request #52387 from renovate-bot/renovate/golang-x
b602ac9 Merge pull request #52413 from justincormack/update-justin
d1a966e Merge pull request #51049 from thaJeztah/bump_memberlist_serf
463f4c0 No longer a reviewer; update email address
3ede246 Merge pull request #52410 from renovate-bot/renovate/github.com-aws-smithy-go...
179985c Merge pull request #52358 from geekcoderr/52355-topology-swagger
98c7106 vendor: github.com/hashicorp/memberlist v0.5.4, hashicorp/serf v0.10.2
b29d903 Merge pull request #52405 from renovate-bot/renovate/actions-github-script-9.x
f69fed1 fix(deps): update module github.com/aws/smithy-go to v1.25.0
2a18e3d Merge pull request #52401 from renovate-bot/renovate/opentelemetry-go-contrib...
Additional commits viewable in compare view

Updates github.com/moby/moby/client from 0.3.0 to 0.4.1

Release notes

Sourced from github.com/moby/moby/client's releases.

client/v0.4.1

Bug fixes

client: fix ImagePullResponse.Wait, ImagePushResponse.Wait not returning an error if pull/push errors happend during the pull operation. moby/moby#52305

Other

daemon, client: diskUsage: explicitly exclude "-1" for containers. moby/moby#52309

go.mod: add back replace rules. moby/moby#52325

vendor: github.com/docker/go-connections v0.7.0. moby/moby#51311

vendor: github.com/moby/moby/api v1.54.2. moby/moby#52416

client/v0.4.0

v0.4.0

Bug fixes and enhancements

api, client: add //go:fix inline directives to deprecated functions to help automatically migrating using go fix. moby/moby#52178

client/pkg/jsonmessage: add DisplayStream and DisplayMessages utils. moby/moby#52273

client/pkg/jsonmessage: use functional options for display funcs. moby/moby#52285

client: prevent panic when passing nil Opts to client.New. moby/moby#52184

client: the client now sets a default User-Agent if none was set, to prevent Go's default (Go-http-client/1.1) from being used. moby/moby#52167

Fix /system/df reporting in-use images as reclaimable. moby/moby#51778

Go SDK: client.WithHTTPHeaders now detects if duplicate headers are set, and produces an error. Previously, duplicate errors would be randomized, resulting in undefined behavior. moby/moby#52204

Full Changelog: moby/moby@client/v0.3.0...client/v0.4.0

Changelog

Sourced from github.com/moby/moby/client's changelog.

0.4.1 (2013-06-17)

Remote Api: Add flag to enable cross d...
Description has been truncated

…pdates Bumps the dependencies group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/docker/cli](https://github.com/docker/cli) | `29.3.0+incompatible` | `29.4.1+incompatible` | | [github.com/docker/go-connections](https://github.com/docker/go-connections) | `0.6.0` | `0.7.0` | | [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy) | `5.6.2` | `5.8.0` | | [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.5` | `5.18.0` | | [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) | `0.0.20` | `0.0.22` | | [github.com/moby/patternmatcher](https://github.com/moby/patternmatcher) | `0.6.0` | `0.6.1` | | [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint) | `1.7.7` | `1.7.12` | | [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.3` | `1.9.4` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.10.1` | `1.10.2` | | [github.com/spf13/pflag](https://github.com/spf13/pflag) | `1.0.9` | `1.0.10` | | [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) | `5.3.0` | `5.3.1` | | [github.com/moby/go-archive](https://github.com/moby/go-archive) | `0.1.0` | `0.2.0` | | [github.com/moby/moby/api](https://github.com/moby/moby) | `1.54.0` | `1.54.2` | | [github.com/moby/moby/client](https://github.com/moby/moby) | `0.3.0` | `0.4.1` | | google.golang.org/protobuf | `1.36.9` | `1.36.11` | Updates `github.com/docker/cli` from 29.3.0+incompatible to 29.4.1+incompatible - [Commits](docker/cli@v29.3.0...v29.4.1) Updates `github.com/docker/go-connections` from 0.6.0 to 0.7.0 - [Commits](docker/go-connections@v0.6.0...v0.7.0) Updates `github.com/go-git/go-billy/v5` from 5.6.2 to 5.8.0 - [Release notes](https://github.com/go-git/go-billy/releases) - [Commits](go-git/go-billy@v5.6.2...v5.8.0) Updates `github.com/go-git/go-git/v5` from 5.16.5 to 5.18.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Changelog](https://github.com/go-git/go-git/blob/main/HISTORY.md) - [Commits](go-git/go-git@v5.16.5...v5.18.0) Updates `github.com/mattn/go-isatty` from 0.0.20 to 0.0.22 - [Commits](mattn/go-isatty@v0.0.20...v0.0.22) Updates `github.com/moby/patternmatcher` from 0.6.0 to 0.6.1 - [Release notes](https://github.com/moby/patternmatcher/releases) - [Commits](moby/patternmatcher@v0.6.0...v0.6.1) Updates `github.com/rhysd/actionlint` from 1.7.7 to 1.7.12 - [Release notes](https://github.com/rhysd/actionlint/releases) - [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md) - [Commits](rhysd/actionlint@v1.7.7...v1.7.12) Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4 - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](sirupsen/logrus@v1.9.3...v1.9.4) Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.10.1...v1.10.2) Updates `github.com/spf13/pflag` from 1.0.9 to 1.0.10 - [Release notes](https://github.com/spf13/pflag/releases) - [Commits](spf13/pflag@v1.0.9...v1.0.10) Updates `golang.org/x/term` from 0.38.0 to 0.41.0 - [Commits](golang/term@v0.38.0...v0.41.0) Updates `github.com/golang-jwt/jwt/v5` from 5.3.0 to 5.3.1 - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Commits](golang-jwt/jwt@v5.3.0...v5.3.1) Updates `github.com/moby/go-archive` from 0.1.0 to 0.2.0 - [Release notes](https://github.com/moby/go-archive/releases) - [Changelog](https://github.com/moby/go-archive/blob/main/changes_test.go) - [Commits](moby/go-archive@v0.1.0...v0.2.0) Updates `github.com/moby/moby/api` from 1.54.0 to 1.54.2 - [Release notes](https://github.com/moby/moby/releases) - [Commits](moby/moby@api/v1.54.0...api/v1.54.2) Updates `github.com/moby/moby/client` from 0.3.0 to 0.4.1 - [Release notes](https://github.com/moby/moby/releases) - [Changelog](https://github.com/moby/moby/blob/v0.4.1/CHANGELOG.md) - [Commits](moby/moby@v0.3.0...v0.4.1) Updates `google.golang.org/protobuf` from 1.36.9 to 1.36.11 --- updated-dependencies: - dependency-name: github.com/docker/cli dependency-version: 29.4.1+incompatible dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/docker/go-connections dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/go-git/go-billy/v5 dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/mattn/go-isatty dependency-version: 0.0.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/moby/patternmatcher dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/rhysd/actionlint dependency-version: 1.7.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/sirupsen/logrus dependency-version: 1.9.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/spf13/pflag dependency-version: 1.0.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: golang.org/x/term dependency-version: 0.41.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/golang-jwt/jwt/v5 dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/moby/go-archive dependency-version: 0.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github.com/moby/moby/api dependency-version: 1.54.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github.com/moby/moby/client dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: google.golang.org/protobuf dependency-version: 1.36.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 1, 2026

pull-request-size Bot added the size/M label May 1, 2026

mergify Bot added the needs-work Extra attention is needed label May 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the dependencies group across 1 directory with 16 updates#6084

build(deps): bump the dependencies group across 1 directory with 16 updates#6084
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/dependencies-bed3c258ac

dependabot Bot commented on behalf of github May 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 1, 2026

v5.8.0

What's Changed

v5.7.0

What's Changed

v5.18.0

What's Changed

v5.17.2

What's Changed

v5.17.1

What's Changed

v5.17.0

What's Changed

v0.6.1

What's Changed

v1.7.12

v1.7.11

v1.7.12 - 2026-03-30

v1.7.11 - 2026-02-14

v1.9.4

Notable changes

1.9.4

v1.10.2

🔧 Dependencies

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

v1.0.10

What's Changed

New Contributors

v5.3.1

What's Changed

🔐 Features

👒 Dependencies

New Contributors

v0.2.0

What's Changed

api/v1.54.2

Changelog

api/v1.54.1

Changelog

client/v0.4.1

Bug fixes

Other

client/v0.4.0

v0.4.0

Bug fixes and enhancements

0.4.1 (2013-06-17)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants