kjuulh/dagger
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

fix(deps): update module github.com/moby/buildkit to v0.10.5 - autoclosed #13

Closed
kjuulh wants to merge 1 commits from renovate/github.com-moby-buildkit-0.x into main
pull from: renovate/github.com-moby-buildkit-0.x
merge into: kjuulh:main
Conversation 0 Commits 1 Files Changed 2 +18 -2
kjuulh commented 2022-10-26 16:33:10 +02:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
github.com/moby/buildkit require patch v0.10.1 -> v0.10.5

Release Notes

moby/buildkit

v0.10.5

Compare Source

https://hub.docker.com/r/moby/buildkit

Notable changes:
This release contains two security fixes.
  • Provide mitigation for Git vulnerability CVE-2022-39253. In systems with Git version lower than 2.38.1 invoking a build of a maliciously crafted Git repository with BUILDKIT_CONTEXT_KEEP_GIT_DIR=1 build-arg could lead to copying arbitrary file system paths into resulting containers/images.
  • Add additional validation when loading content for image@digest references from the local build cache. The new validation makes sure that the same repository name populated the local data and invalid name and digest combinations are detected.

v0.10.4

Compare Source

https://hub.docker.com/r/moby/buildkit

Notable changes:
  • Default Dockerfile frontend has been updated to v1.4.3 with fixes to handling platforms and timestamps for named image contexts. changelog
  • Fix cancellation error not being detected and erroneously cached #​2926
  • Fix interactive containers not releasing resources when client doesn't gracefully disconnect them https://github.com/moby/buildkit/pull/3025
  • Fix possible panic on handling nil results https://github.com/moby/buildkit/pull/3043
  • Add logging to healthcheck monitoring and mitigate possibility of healthcheck failing under load2998
  • Add fallback when rootless buildkitd cannot access containerd socket #​2968

v0.10.3

Compare Source

https://hub.docker.com/r/moby/buildkit

Notable changes:
  • Update the builtin Dockerfile frontend to 1.4.2 including a fix for image build contexts
  • Fix performance regression in builtin Dockerfile frontend on accessing build options #​2850

v0.10.2

Compare Source

https://hub.docker.com/r/moby/buildkit

Notable changes:

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/moby/buildkit](https://github.com/moby/buildkit) | require | patch | `v0.10.1` -> `v0.10.5` | --- ### Release Notes <details> <summary>moby/buildkit</summary> ### [`v0.10.5`](https://github.com/moby/buildkit/releases/tag/v0.10.5) [Compare Source](https://github.com/moby/buildkit/compare/v0.10.4...v0.10.5) https://hub.docker.com/r/moby/buildkit ##### Notable changes: ##### This release contains two security fixes. - Provide mitigation for Git vulnerability [CVE-2022-39253](https://github.blog/2022-10-18-git-security-vulnerabilities-announced/#cve-2022-39253). In systems with Git version lower than 2.38.1 invoking a build of a maliciously crafted Git repository with `BUILDKIT_CONTEXT_KEEP_GIT_DIR=1` build-arg could lead to copying arbitrary file system paths into resulting containers/images. - Add additional validation when loading content for `image@digest` references from the local build cache. The new validation makes sure that the same repository name populated the local data and invalid name and digest combinations are detected. ### [`v0.10.4`](https://github.com/moby/buildkit/releases/tag/v0.10.4) [Compare Source](https://github.com/moby/buildkit/compare/v0.10.3...v0.10.4) https://hub.docker.com/r/moby/buildkit ##### Notable changes: - Default Dockerfile frontend has been updated to v1.4.3 with fixes to handling platforms and timestamps for named image contexts. [changelog](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.4.3) - Fix cancellation error not being detected and erroneously cached [#&#8203;2926](https://github.com/moby/buildkit/issues/2926) - Fix interactive containers not releasing resources when client doesn't gracefully disconnect them https://github.com/moby/buildkit/pull/3025 - Fix possible panic on handling nil results https://github.com/moby/buildkit/pull/3043 - Add logging to healthcheck monitoring and mitigate possibility of healthcheck failing under load2998 - Add fallback when rootless buildkitd cannot access containerd socket [#&#8203;2968](https://github.com/moby/buildkit/issues/2968) ### [`v0.10.3`](https://github.com/moby/buildkit/releases/tag/v0.10.3) [Compare Source](https://github.com/moby/buildkit/compare/v0.10.2...v0.10.3) https://hub.docker.com/r/moby/buildkit ##### Notable changes: - Update the builtin Dockerfile frontend to [1.4.2](https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.4.2) including a fix for image build contexts - Fix performance regression in builtin Dockerfile frontend on accessing build options [#&#8203;2850](https://github.com/moby/buildkit/issues/2850) ### [`v0.10.2`](https://github.com/moby/buildkit/releases/tag/v0.10.2) [Compare Source](https://github.com/moby/buildkit/compare/v0.10.1...v0.10.2) https://hub.docker.com/r/moby/buildkit ##### Notable changes: - Fix possible corruption of records created by Merge and Diff steps after a daemon restart https://github.com/moby/buildkit/pull/2796 </details> --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
kjuulh added 1 commit 2022-10-26 16:33:11 +02:00
fix(deps): update module github.com/moby/buildkit to v0.10.5
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
7751c4331d
kjuulh changed title from fix(deps): update module github.com/moby/buildkit to v0.10.5 to fix(deps): update module github.com/moby/buildkit to v0.10.5 - autoclosed 2022-10-26 16:59:45 +02:00
kjuulh closed this pull request 2022-10-26 16:59:45 +02:00
This repo is archived. You cannot comment on pull requests.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: kjuulh/dagger#13
No description provided.
Delete Branch "renovate/github.com-moby-buildkit-0.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?