Bump the go group with 11 updates

[dependabot]

Bumps the go group with 11 updates:

Package	From	To
github.com/Masterminds/semver/v3	3.2.1	3.3.0
github.com/aws/aws-sdk-go-v2/config	1.27.30	1.27.31
github.com/aws/aws-sdk-go-v2/credentials	1.17.29	1.17.30
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.17.14	1.17.16
github.com/aws/aws-sdk-go-v2/service/s3	1.60.1	1.61.0
github.com/containerd/containerd	1.7.20	1.7.21
github.com/docker/cli	27.1.2+incompatible	27.2.0+incompatible
github.com/docker/docker	27.1.2+incompatible	27.2.0+incompatible
github.com/mittwald/go-helm-client	0.12.12	0.12.13
github.com/onsi/ginkgo/v2	2.20.1	2.20.2
github.com/onsi/gomega	1.34.1	1.34.2

Updates github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0

Release notes

Sourced from github.com/Masterminds/semver/v3's releases.

v3.3.0

What's Changed

• Fix: bad package in README by @​sdelicata in Masterminds/semver#226
• Updating the GitHub Actions and versions of Go used by @​mattfarina in Masterminds/semver#229
• Fix spelling in README by @​robinschneider in Masterminds/semver#222
• Adding go build cache to fuzz output by @​mattfarina in Masterminds/semver#232
• Add caching to fuzz testing by @​mattfarina in Masterminds/semver#234
• updating github actions by @​mattfarina in Masterminds/semver#235
• feat: nil version equality by @​KnutZuidema in Masterminds/semver#213
• add >= and <= by @​grosser in Masterminds/semver#238
• doc: hyphen range constraint without whitespace by @​johnnychen94 in Masterminds/semver#216
• Removing reference to vert by @​mattfarina in Masterminds/semver#245
• simplify StrictNewVersion by @​grosser in Masterminds/semver#241
• Updating the testing version of Go used by @​mattfarina in Masterminds/semver#246
• bumping min version in go.mod based on what's tested by @​mattfarina in Masterminds/semver#248
• Updating changelog for 3.3.0 by @​mattfarina in Masterminds/semver#249

New Contributors

• @​sdelicata made their first contribution in Masterminds/semver#226
• @​robinschneider made their first contribution in Masterminds/semver#222
• @​KnutZuidema made their first contribution in Masterminds/semver#213
• @​grosser made their first contribution in Masterminds/semver#238
• @​johnnychen94 made their first contribution in Masterminds/semver#216

Full Changelog: Masterminds/semver@v3.2.1...v3.3.0

Changelog

Sourced from github.com/Masterminds/semver/v3's changelog.

3.3.0 (2024-08-27)

Added

• #238: Add LessThanEqual and GreaterThanEqual functions (thanks @​grosser)
• #213: nil version equality checking (thanks @​KnutZuidema)

Changed

• #241: Simplify StrictNewVersion parsing (thanks @​grosser)
• Testing support up through Go 1.23
• Minimum version set to 1.21 as this is what's tested now
• Fuzz testing now supports caching

Commits

• e6e3d4d Merge pull request #249 from mattfarina/update-changelog-3.3.0
• e80c4ea Updating changelog for 3.3.0
• 80427ad Merge pull request #248 from mattfarina/bump-min-version
• b610837 bumping min version in go.mod based on what's tested
• a4cccd8 Merge pull request #246 from mattfarina/bump-go-1.23
• 7c178cf Updating the testing version of Go used
• 29f94c1 Merge pull request #241 from grosser/grosser/validate
• 2cf1b16 Merge pull request #245 from mattfarina/remove-vert
• b55476a Removing reference to vert
• d07450b simplify StrictNewVersion
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.27.30 to 1.27.31

Commits

• a6e48ac Release 2024-08-26
• 7d62062 Regenerated Clients
• bdf2372 Update API model
• 84ca95e omitempty for NULL attribute values from custom marshalers (#2739)
• d7a7f5a save sso cache token expiresAt in UTC (#2709)
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.29 to 1.17.30

Commits

• a6e48ac Release 2024-08-26
• 7d62062 Regenerated Clients
• bdf2372 Update API model
• 84ca95e omitempty for NULL attribute values from custom marshalers (#2739)
• d7a7f5a save sso cache token expiresAt in UTC (#2709)
• 87cea8b Release 2024-08-23
• 93f8d22 Regenerated Clients
• bd44016 Update API model
• 097b04b Merge pull request #2761 from aws/fix-dont-fail-test-if-credentials-set
• c10d543 Don't fail credentials unit tests if credentials are found on a file
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.14 to 1.17.16

Commits

• 8abec4c Release 2024-05-23
• 70e7095 Regenerated Clients
• 0b2a340 Update partitions file
• c1eb2d9 Update endpoints model
• 4c990d1 Update API model
• c6c1626 s3: handle unrecognized values for Expires in responses (#2653)
• 8209abb Release 2024-05-22
• 81ad168 Regenerated Clients
• 5c92ae7 Update endpoints model
• 6eeecd9 Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.60.1 to 1.61.0

Commits

• b4c0124 Release 2024-08-28
• 1cd39e0 Regenerated Clients
• 854f863 Update endpoints model
• 77152bc Update API model
• 9c621d1 Add a PresignPostObject to the PresignClient for s3.PutObject operation...
• 7e17fb5 Release 2024-08-27
• 8906cd2 Regenerated Clients
• 4acfe2e Update API model
• a6e48ac Release 2024-08-26
• 7d62062 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.20 to 1.7.21

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.21

Welcome to the v1.7.21 release of containerd!

The twenty-first patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Regenerate introspection UUID if state is empty (#10510)
• Set stderr to empty string when using terminal on Windows (#10499)

Build and Release Toolchain

• Move builds to Go 1.22 and add support for testing with 1.23 (#10596)

Container Runtime Interface (CRI)

• Borrow latest wsstream from k8s v1.31.x to 1.7 (#10575)
• Ensure the CRIAPIV1Alpha2 warning's lastOccurrence is accurate (#10571)
• Make StopContainer idempotent (#10528)
• Make StopPodSandbox idempotent (#10527)

Go client

• Fix failed force deletion for tasks with PID 0 (#10523)

Runtime

• Fix packaged runc reporting incorrect version (#10559)
• Ensure /run/containerd gets created with correct perms (#10534)

Deprecations

• Ensure the CRIAPIV1Alpha2 warning's lastOccurrence is accurate (#10571)
• Update warnings for deprecated CRI config fields (#10512)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Davanum Srinivas
• Samuel Karp
• Sebastiaan van Stijn
• Phil Estes
• Maksym Pavlenko
• Akhil Mohan
• Chris Henzie
• Derek McGowan
• Kazuyoshi Kato

... (truncated)

Commits

• 4727319 Merge pull request #10632 from chrishenzie/prepare-1.7.21
• 975f279 Prepare release notes for v1.7.21
• ddb856b Merge pull request #10633 from thaJeztah/1.7_downgrade_go_mod
• d63bd84 go.mod: keep minimum go version at go1.21
• 69ae5c0 Merge pull request #10596 from akhilerm/add-go-1.23-1.7
• c760280 update golangci-lint to 1.60.1
• 3b263d0 add go1.23.0, drop go1.21.x
• ac7da2e Merge pull request #10590 from zhsj/bpo-10562-1.7
• 09ca004 Fix TestNewBinaryIOCleanup on Go 1.23 and Linux 5.4
• 716c7b7 Merge pull request #10575 from dims/borrow-latest-wsstream-from-k8s-v1.31.x-t...
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.1.2+incompatible to 27.2.0+incompatible

Commits

• 3ab4256 Merge pull request #5374 from vvoland/vendor-docker
• 88a49df vendor: github.com/docker/docker 3ab5c7d0036c (v27.2.0-dev)
• 5d17c29 Merge pull request #5372 from thaJeztah/27.x_backport_fix_linting_issues
• 64b9e4c cli: rename args that collided with builtins (predeclard)
• 4b71d0d e2e/global: fix n-constant format string in call (govet)
• 002cfcd cli/command: fix n-constant format string in call (govet)
• d8af781 cli/command/system: remove redundant nil-check (gosimple)
• f042ddb Merge pull request #5371 from vvoland/vendor-docker
• 8e94ed1 vendor: github.com/docker/docker b27de4ef1634 (v27.2.0-dev)
• 7a82aee Merge pull request #5368 from dvdksn/27x_5360
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.1.2+incompatible to 27.2.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.2.0

27.2.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.2.0 milestone
• moby/moby, 27.2.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• CLI: Add support for device-code flow login when authenticating to the official registry. docker/cli#5349
• containerd image store: docker image ls now supports --tree flag that shows a multiplatform-aware image list. This is experimental and may change at any time without any backwards compatibility. docker/cli#5353

API

• GET /images/json response now includes Manifests field, which contains information about the sub-manifests included in the image index. This includes things like platform-specific manifests and build attestations. The new field will only be populated if the request also sets the manifests query parameter to true.

[!WARNING]

This is experimental and may change at any time without any backward compatibility.

Bug fixes and enhancements

• CLI: Fix issue with remote contexts over SSH where the CLI would allocate a pseudoterminal when connecting to the remote host, which causes issues in rare situations. docker/cli#5351
• Fix an issue that prevented network creation with a --ip-range ending on a 64-bit boundary. moby/moby#48326
• CLI: IPv6 addresses shown by docker ps in port bindings are now bracketed. docker/cli#5365
• containerd image store: Fix early error exit from docker load in cases where unpacking the image would fail. moby/moby#48376
• containerd image store: Fix the previous image not being persisted as dangling after docker pull. moby/moby#48380

Packaging updates

• Update BuildKit to v0.15.2. moby/moby#48341
• Update Compose to v2.29.2. docker/docker-ce-packaging#1050
• The canonical source for the dockerd(8) man page has been moved back to the same source tree as dockerd itself. moby/moby#48378
• Update containerd to v1.7.21. moby/moby#48383, docker/containerd-packaging#389

v27.2.0-rc.1

27.2.0-rc.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.2.0 milestone
• moby/moby, 27.2.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

... (truncated)

Commits

• 3ab5c7d Merge pull request #48383 from vvoland/48382-27.x
• 875e8ae vendor: github.com/containerd/containerd v1.7.21
• 1900e4d Dockerfile: update containerd binary to v1.7.21 (static binaries and CI only)
• cd7746d Merge pull request #48380 from vvoland/48374-27.x
• 2a13a38 Merge pull request #48376 from vvoland/48293-27.x
• 9fd71f5 Merge pull request #48378 from corhere/backport-27.x/dockerd-manpage
• ecd2b6f c8d/image: Add hostPlatformMatcher
• d5b0342 man: support bringing your own go-md2man
• 56c5c23 man: build dockerd man pages using make
• 77b2eb5 Removed all mentions of "please" from docs and messages
• Additional commits viewable in compare view

Updates github.com/mittwald/go-helm-client from 0.12.12 to 0.12.13

Release notes

Sourced from github.com/mittwald/go-helm-client's releases.

v0.12.13

What's Changed

• bump helm dependency to v3.15.4 by @​tariq1890 in mittwald/go-helm-client#214

Full Changelog: mittwald/go-helm-client@v0.12.12...v0.12.13

Commits

• d0f42cc Merge pull request #214 from tariq1890/bump-helm-dep
• 64a9cd8 bump helm dependency to v3.15.4
• See full diff in compare view

Updates github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.20.2

2.20.2

Require Go 1.22+

Maintenance

• bump go to v1.22 [a671816]

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.20.2

Require Go 1.22+

Maintenance

• bump go to v1.22 [a671816]

Commits

• 104752f v2.20.2
• a671816 bump go to v1.22
• See full diff in compare view

Updates github.com/onsi/gomega from 1.34.1 to 1.34.2

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

• bump ginkgo as well [c59c6dc]
• bump to go 1.22 - remove x/exp dependency [8158b99]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

• bump ginkgo as well [c59c6dc]
• bump to go 1.22 - remove x/exp dependency [8158b99]

Commits

• 7cabed6 v1.34.2
• c59c6dc bump ginkgo as well
• 8158b99 bump to go 1.22 - remove x/exp dependency
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	4
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	3
HIGH RISK LICENSES	10
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

[ocmbot]

Integration Tests for 1682667 run with result: Success ✅!

[ocmbot]

Integration Tests for ca95e2f run with result: Success ✅!