build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 #691

dependabot · 2025-04-21T21:30:21Z

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps github.com/containers/image/v5 from 5.24.2 to 5.35.0.

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.35.0

What's Changed

Bump c/storage to v1.57.1, c/image to v5.34.0, then to v5.35.0-dev by @TomSweeneyRedHat in containers/image#2700

Update module github.com/vbatts/tar-split to v0.12.1 by @renovate in containers/image#2699

Update dependency containers/automation_images to v20250131 by @renovate in containers/image#2703

Update module golang.org/x/oauth2 to v0.26.0 by @renovate in containers/image#2705

Update module golang.org/x/sync to v0.11.0 by @renovate in containers/image#2706

Update module golang.org/x/sys to v0.30.0 by @renovate in containers/image#2707

Update module golang.org/x/term to v0.29.0 by @renovate in containers/image#2708

Add docker media types in OCI formats by @brbayes-msft in containers/image#2695

use new ReflinkOrCopy() from c/storage by @Luap99 in containers/image#2714

Update module golang.org/x/crypto to v0.33.0 by @renovate in containers/image#2712

Update module github.com/vbauerster/mpb/v8 to v8.9.2 by @renovate in containers/image#2711

Update module github.com/sigstore/rekor to v1.3.9 by @renovate in containers/image#2697

Update dependency golangci/golangci-lint to v1.64.3 by @renovate in containers/image#2715

Update dependency golangci/golangci-lint to v1.64.4 by @renovate in containers/image#2716

Update module github.com/sigstore/sigstore to v1.8.14 by @renovate in containers/image#2720

Update dependency golangci/golangci-lint to v1.64.5 by @renovate in containers/image#2719

policy.json BYOPKI signature verification API by @QiWang19 in containers/image#2579

Update module github.com/klauspost/compress to v1.18.0 by @renovate in containers/image#2722

Update module github.com/sigstore/sigstore to v1.8.15 by @renovate in containers/image#2723

Small cleanups + one bug fix by @mtrmac in containers/image#2718

oci/layout: add GetLocalBlobPath() by @Luap99 in containers/image#2728

Update module github.com/docker/docker to v28 by @renovate in containers/image#2727

Update module github.com/docker/cli to v28 by @renovate in containers/image#2726

OCPBUGS-51217: CVE-2025-27144: Bump go-jose to v4.0.5 by @sherine-k in containers/image#2738

Update module github.com/vbauerster/mpb/v8 to v8.9.3 by @renovate in containers/image#2735

Update module github.com/go-jose/go-jose/v3 to v3.0.4 [SECURITY] by @renovate in containers/image#2739

Update module github.com/docker/docker to v28.0.1+incompatible by @renovate in containers/image#2737

Update module github.com/docker/cli to v28.0.1+incompatible by @renovate in containers/image#2736

feat: add DestinationTimestamp to copy options by @aeijdenberg in containers/image#2730

fix(deps): update module github.com/docker/docker-credential-helpers to v0.9.1 by @renovate in containers/image#2740

Fix omitempty for PKI struct by @QiWang19 in containers/image#2746

fix: handle error on Close() of writable objects by @aeijdenberg in containers/image#2731

fix(deps): update github.com/containers/storage digest to 700b765 by @renovate in containers/image#2748

fix(deps): update github.com/cyberphone/json-canonicalization digest to 19d51d7 by @renovate in containers/image#2749

chore(deps): update dependency golangci/golangci-lint to v1.64.6 by @renovate in containers/image#2751

Merge back v5.34.1 into main by @Luap99 in containers/image#2755

fix(deps): update module github.com/opencontainers/image-spec to v1.1.1 by @renovate in containers/image#2752

Microoptimize an API use per gopls modernize by @mtrmac in containers/image#2732

Misc small nits to CI and build by @kolyshkin in containers/image#2573

fix(deps): update module github.com/docker/docker-credential-helpers to v0.9.2 by @renovate in containers/image#2757

fix: typo err and grammar err by @warjiang in containers/image#2758

Update c/storage after containers/storage#2276 by @mtrmac in containers/image#2769

Improve handling and documentation of various transport reference corner cases by @mtrmac in containers/image#2767

Migrate from github.com/xeipuuv/gojsonschema to github.com/santhosh-tekuri/jsonschema/v5 by @mtrmac in containers/image#2756

Don't silently ignore errors determining size in TryReuseBlob by @mtrmac in containers/image#2709

Add proxy for dockerClient by @warjiang in containers/image#2764

chore(deps): update dependency golangci/golangci-lint to v1.64.7 by @renovate in containers/image#2773

Update to Go 1.23 by @mtrmac in containers/image#2774

... (truncated)

Commits

617c288 Bump to c/image v5.35.0
1b83b3a Bump to c/storage v1.58.0
4279b17 Merge pull request #2826 from containers/renovate/golangci-golangci-lint-2.x
1d14076 chore(deps): update dependency golangci/golangci-lint to v2.1.1
12c8495 Merge pull request #2824 from containers/renovate/github.com-sigstore-rekor-1.x
010f504 fix(deps): update module github.com/sigstore/rekor to v1.3.10
9b83c49 Merge pull request #2823 from Luap99/github
a4b363d .github: check_cirrus_cron work around github bug
37150b4 .github: remove cirrus rerun action
6116c41 Merge pull request #2822 from containers/renovate/github.com-sigstore-sigstor...
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

hallyn · 2025-07-09T01:05:20Z

How about v5.35 ?

hallyn · 2025-07-09T01:13:18Z

@dependabot recreate

Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.24.2 to 5.35.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.24.2...v5.35.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-version: 5.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

…to 5.35.0 (project-stacker#691)" This reverts commit 049224b.

* Revert "build(deps): Bump the go_modules group across 1 directory with 5 updates (#701)" This reverts commit b892200. * Revert "build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 (#691)" This reverts commit 049224b. * Revert "build(deps): Bump github.com/cheggaaa/pb/v3 from 3.1.2 to 3.1.7 (#700)" This reverts commit 335b3cd. * Revert "build(deps): Bump benjlevesque/short-sha from 2.1 to 3.0 (#683)" This reverts commit 82da84f. * Revert "build(deps): Bump github.com/moby/buildkit from 0.11.4 to 0.23.2 (#699)" This reverts commit d6c7079.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 21, 2025

dependabot bot requested review from rchincha, smoser and hallyn as code owners April 21, 2025 21:30

dependabot bot mentioned this pull request Apr 21, 2025

build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.34.3 #686

Closed

dependabot bot force-pushed the dependabot/go_modules/github.com/containers/image/v5-5.35.0 branch from 384f6df to 6bfd7dc Compare July 9, 2025 01:14

hallyn approved these changes Jul 9, 2025

View reviewed changes

hallyn merged commit 049224b into main Jul 9, 2025
3 of 12 checks passed

dependabot bot deleted the dependabot/go_modules/github.com/containers/image/v5-5.35.0 branch July 9, 2025 01:15

hallyn added a commit to hallyn/stacker-1 that referenced this pull request Jul 24, 2025

Revert "build(deps): Bump github.com/containers/image/v5 from 5.24.2 …

5e8ca5b

…to 5.35.0 (project-stacker#691)" This reverts commit 049224b.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 #691

build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 #691

Uh oh!

dependabot bot commented on behalf of github Apr 21, 2025 •

edited

Loading

Uh oh!

hallyn commented Jul 9, 2025

Uh oh!

hallyn commented Jul 9, 2025

Uh oh!

Uh oh!

Uh oh!

build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 #691

build(deps): Bump github.com/containers/image/v5 from 5.24.2 to 5.35.0 #691

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 21, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.35.0

What's Changed

Uh oh!

hallyn commented Jul 9, 2025

Uh oh!

hallyn commented Jul 9, 2025

Uh oh!

Uh oh!

Uh oh!

dependabot bot commented on behalf of github Apr 21, 2025 •

edited

Loading