Bump the go group with 13 updates

[dependabot]

Bumps the go group with 13 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2/service/ecr	1.32.4	1.33.0
github.com/containerd/containerd	1.7.21	1.7.22
github.com/containerd/errdefs	0.1.0	0.2.0
github.com/docker/cli	27.2.0+incompatible	27.2.1+incompatible
github.com/docker/docker	27.2.0+incompatible	27.2.1+incompatible
github.com/fluxcd/pkg/ssa	0.41.0	0.41.1
golang.org/x/exp	0.0.0-20240719175910-8a7402abbf56	0.0.0-20240909161429-701f63a606c0
helm.sh/helm/v3	3.15.4	3.16.1
k8s.io/api	0.31.0	0.31.1
k8s.io/apiextensions-apiserver	0.31.0	0.31.1
k8s.io/apimachinery	0.31.0	0.31.1
k8s.io/cli-runtime	0.31.0	0.31.1
k8s.io/client-go	0.31.0	0.31.1

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.32.4 to 1.33.0

Changelog

Sourced from github.com/aws/aws-sdk-go-v2/service/ecr's changelog.

Release (2023-04-24)

General Highlights

• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2: v1.18.0
  • Feature: add recursion detection middleware to all SDK requests to avoid recursion invocation in Lambda
• github.com/aws/aws-sdk-go-v2/service/appflow: v1.27.0
  • Feature: Increased the max length for RefreshToken and AuthCode from 2048 to 4096.
• github.com/aws/aws-sdk-go-v2/service/codecatalyst: v1.2.5
  • Documentation: Documentation updates for Amazon CodeCatalyst.
• github.com/aws/aws-sdk-go-v2/service/ec2: v1.94.0
  • Feature: API changes to AWS Verified Access related to identity providers' information.
• github.com/aws/aws-sdk-go-v2/service/mediaconvert: v1.36.0
  • Feature: This release introduces a noise reduction pre-filter, linear interpolation deinterlace mode, video pass-through, updated default job settings, and expanded LC-AAC Stereo audio bitrate ranges.
• github.com/aws/aws-sdk-go-v2/service/rekognition: v1.25.0
  • Feature: Added new status result to Liveness session status.
• github.com/aws/aws-sdk-go-v2/service/route53: v1.28.0
  • Feature: added paginator for listResourceRecordSets
• github.com/aws/aws-sdk-go-v2/service/s3: v1.33.0
  • Feature: added custom paginators for listMultipartUploads and ListObjectVersions

Release (2023-04-21)

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/connect: v1.52.0
  • Feature: This release adds a new API CreateParticipant. For Amazon Connect Chat, you can use this new API to customize chat flow experiences.
• github.com/aws/aws-sdk-go-v2/service/ecs: v1.26.1
  • Documentation: Documentation update to address various Amazon ECS tickets.
• github.com/aws/aws-sdk-go-v2/service/fms: v1.23.0
  • Feature: AWS Firewall Manager adds support for multiple administrators. You can now delegate more than one administrator per organization.

Release (2023-04-20)

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/chime: v1.23.0
  • Feature: Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API.
• github.com/aws/aws-sdk-go-v2/service/chimesdkmediapipelines: v1.4.0
  • Feature: This release adds support for specifying the recording file format in an S3 recording sink configuration.
• github.com/aws/aws-sdk-go-v2/service/chimesdkmeetings: v1.15.0
  • Feature: Adds support for Hindi and Thai languages and additional Amazon Transcribe parameters to the StartMeetingTranscription API.
• github.com/aws/aws-sdk-go-v2/service/gamelift: v1.18.0
  • Feature: Amazon GameLift supports creating Builds for Windows 2016 operating system.
• github.com/aws/aws-sdk-go-v2/service/guardduty: v1.21.0
  • Feature: This release adds support for the new Lambda Protection feature.
• github.com/aws/aws-sdk-go-v2/service/iot: v1.36.0
  • Feature: Support additional OTA states in GetOTAUpdate API
• github.com/aws/aws-sdk-go-v2/service/sagemaker: v1.74.0
  • Feature: Amazon SageMaker Canvas adds ModelRegisterSettings support for CanvasAppSettings.

... (truncated)

Commits

• 60a0ef0 Release 2023-04-24
• 08a6461 Regenerated Clients
• 31f1bda Update endpoints model
• c9ad0d0 Update API model
• aadb5c6 Merge pull request #2106 from syall/apigw-exports-nullability-mediaconvert-fix
• 44acf0c Merge pull request #2105 from aws/recursion-detection
• 6c0e937 add runtime checks
• 6c2cf2a Fix APIGW exports
• 75061a4 capitalize recursion detection trace ID var name
• 6f80948 modify recursion detection and test
• Additional commits viewable in compare view

Updates github.com/containerd/containerd from 1.7.21 to 1.7.22

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.22

Welcome to the v1.7.22 release of containerd!

The twenty-second patch release for containerd 1.7 contains various fixes and updates.

Highlights

Build and Release Toolchain

• Update to go1.22.7, go1.23.1 (#10679)

Container Runtime Interface (CRI)

• Cumulative stats can't decrease (#10670)

Runtime

• Fix bug where init exits were being dropped (#10675)
• Update runc binary to 1.1.14 (#10668)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Samuel Karp
• James Sturtevant
• Laura Brehm
• Maksym Pavlenko
• Akhil Mohan
• Akihiro Suda
• Cory Snider
• Derek McGowan
• Sebastiaan van Stijn

Changes

• Prepare release notes for v1.7.22 (#10684)
  • 43174ee6a Prepare release notes for v1.7.22
• integration: regression test for issue 10589 (#10682)
  • 0c4ba21d8 integration: regression test for issue 10589
  • 1cc2cfa4b fifosync: cross-process synchronization
• Fix bug where init exits were being dropped (#10675)
  • f338717ed runc-shim: handle pending execs as running
  • 686c69490 runc-shim: refuse to start execs after init exits
  • 760935e52 runc-shim: remove misleading comment
• Update to go1.22.7, go1.23.1 (#10679)

... (truncated)

Commits

• 7f7fdf5 Merge pull request #10684 from samuelkarp/release-1.7.22
• 43174ee Prepare release notes for v1.7.22
• c10e4a6 Merge pull request #10682 from samuelkarp/shim-exec-fp-test-1.7
• 0c4ba21 integration: regression test for issue 10589
• 1cc2cfa fifosync: cross-process synchronization
• b19be30 Merge pull request #10675 from laurazard/1.7-backport-shim-dropped-init-exits
• c62aa06 Merge pull request #10679 from thaJeztah/1.7_update_go1.22.7
• 19d678f update to go1.22.7, go1.23.1
• f338717 runc-shim: handle pending execs as running
• 686c694 runc-shim: refuse to start execs after init exits
• Additional commits viewable in compare view

Updates github.com/containerd/errdefs from 0.1.0 to 0.2.0

Release notes

Sourced from github.com/containerd/errdefs's releases.

v0.2.0

What's Changed

• Add more grpc types by @​dmcgowan in containerd/errdefs#3
• Split gRPC and HTTP error utility into seperate packages by @​austinvazquez in containerd/errdefs#5
• Fix Cancelled interface typo by @​dmcgowan in containerd/errdefs#6
• Add stack support by @​dmcgowan in containerd/errdefs#8
• Add a resolve error function to return first error by @​dmcgowan in containerd/errdefs#9
• Add support for custom error messages by @​dmcgowan in containerd/errdefs#10
• Add support for grpc error details and multiple errors by @​dmcgowan in containerd/errdefs#7
• Complete interface definitions for errors by @​dmcgowan in containerd/errdefs#18

New Contributors

• @​austinvazquez made their first contribution in containerd/errdefs#5

Full Changelog: containerd/errdefs@v0.1.0...v0.2.0

Commits

• 02b65bc Merge pull request #18 from dmcgowan/add-missing-interfaces
• 41d12e1 Complete interface definitions for errors
• 70440b8 Merge pull request #7 from dmcgowan/grpc-error-details
• b9dce4d Add support for grpc error details
• ffb0349 Update Resolve function to support Is interface
• 124d0dc Merge pull request #10 from dmcgowan/custom-error-messages
• dc9b20e Add support for custom error messages
• 6c7f402 Merge pull request #9 from dmcgowan/resolve-error
• 9f87502 Add a resolve error function to return first error
• 6fb6cf0 Merge pull request #8 from dmcgowan/add-stack-support
• Additional commits viewable in compare view

Updates github.com/docker/cli from 27.2.0+incompatible to 27.2.1+incompatible

Commits

• 9e34c9b Merge pull request #5414 from vvoland/vendor-docker
• 324cdbc vendor: github.com/docker/docker v27.2.1-dev (8b539b8df240)
• b5290d4 Merge pull request #5411 from vvoland/5410-27.x
• 3db9538 update to go1.22.7
• 1ab89e7 Merge pull request #5409 from thaJeztah/27.x_update_docker
• 667d9fd Merge pull request #5408 from thaJeztah/27.x_backport_mod_tidy
• 41e61c4 [27.x] vendor: github.com/docker/docker v27.2.0
• 869df10 vendor.mod: put github.com/pkg/browser in the right group
• 6feee4a Merge pull request #5402 from laurazard/backport-27.x-login-not-interactive
• d0c1a80 login: handle non-tty scenario consistently
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.2.0+incompatible to 27.2.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.2.1

27.2.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.2.1 milestone
• moby/moby, 27.2.1 milestone

Bug fixes and enhancements

• containerd image store: Fix non-container images being hidden in the docker image ls output. moby/moby#48402
• containerd image store: Improve docker pull error message when the image platform doesn't match. moby/moby#48415
• CLI: Fix issue causing docker login to not remove repository names from passed in registry addresses, resulting in credentials being stored under the wrong key. docker/cli#5385
• CLI: Fix issue that will sometimes cause the browser-login flow to fail if the CLI process is suspended and then resumed while waiting for the user to authenticate. docker/cli#5376
• CLI: docker login now returns an error instead of hanging if called non-interactively with --password or --password-stdin but without --user. docker/cli#5402

Packaging updates

• Update runc to v1.1.14, which contains a fix for CVE-2024-45310. moby/moby#48426
• Update Go runtime to 1.22.7. moby/moby#48433, docker/cli#5411, docker/docker-ce-packaging#1068

Commits

• 8b539b8 Merge pull request #48433 from vvoland/48432-27.x
• 37bf6e8 update to go1.22.7
• fefdb1b Merge pull request #48430 from vvoland/48425-27.x
• 3a4c589 vendor: github.com/opencontainers/runc v1.1.14
• 6eeb414 Merge pull request #48426 from thaJeztah/27.x_backport_bump_runc_1.1.14
• 54af846 Merge pull request #48416 from thaJeztah/27.x_backport_update_go_1.22
• 10cf2d6 update runc binary to 1.1.14
• 7b86f40 Merge pull request #48423 from vvoland/48422-27.x
• 84cfcb0 docs/api: add documentation for API v1.47
• edeb6ba golangci-lint: temporarily disable G115: integer overflow conversion
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/ssa from 0.41.0 to 0.41.1

Commits

• 7fe9789 Merge pull request #810 from fluxcd/up-int-deps
• f674386 Update internal dependencies
• c8165af Merge pull request #809 from fluxcd/k8s-1.31.1
• 18924bf Update controller-gen to v0.16.1
• 735a85b Update dependencies
• 62475f1 Merge pull request #789 from dipti-pai/pkg-azure-git-wi-auth
• 1686996 Support Azure OIDC authentication
• See full diff in compare view

Updates golang.org/x/exp from 0.0.0-20240719175910-8a7402abbf56 to 0.0.0-20240909161429-701f63a606c0

Commits

• See full diff in compare view

Updates helm.sh/helm/v3 from 3.15.4 to 3.16.1

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm 3.16.1

Helm v3.16.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

This release fixes a regression that is in 3.16.0.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.16.1. The common platform binaries are here:

• MacOS amd64 (checksum / 1b194824e36da3e3889920960a93868b541c7888c905a06757e88666cfb562c9)
• MacOS arm64 (checksum / 405a3b13f0e194180f7b84010dfe86689d7703e80612729882ad71e2a4ef3504)
• Linux amd64 (checksum / e57e826410269d72be3113333dbfaac0d8dfdd1b0cc4e9cb08bdf97722731ca9)
• Linux arm (checksum / a15a8ddfc373628b13cd2a987206756004091a1f6a91c3b9ee8de6f0b1e2ce90)
• Linux arm64 (checksum / 780b5b86f0db5546769b3e9f0204713bbdd2f6696dfdaac122fbe7f2f31541d2)
• Linux i386 (checksum / 92d7a47a90734b50528ffffc99cd1b2d4b9fc0f4291bac92c87ef03406a5a7b2)
• Linux ppc64le (checksum / 9f0178957c94516eff9a3897778edb93d78fab1f76751bd282883f584ea81c23)
• Linux s390x (checksum / 357f8b441cc535240f1b0ba30a42b44571d4c303dab004c9e013697b97160360)
• Linux riscv64 (checksum / 9a2cab45b7d9282e9be7b42f86d8034dcaa2e81ab338642884843676c2f6929f)
• Windows amd64 (checksum / 89952ea1bace0a9498053606296ea03cf743c48294969dfc731e7f78d1dc809a)
• Windows arm64 (checksum / fc370a291ed926da5e77acf42006de48e7fd5ff94d20c3f6aa10c04fea66e53c)

This release was signed with 672C 657B E06B 4B30 969C 4A57 4614 49C2 5E36 B98E and can be found at @​mattfarina keybase account. Please use the attached signatures for verifying this release using gpg.

The Quickstart Guide will get you going from there. For upgrade instructions or detailed installation notes, check the install guide. You can also use a script to install on any system with bash.

What's Next

• 3.16.2 is the next patch release and will be on October 09, 2024
• 3.17.0 is the next feature release and will be on January 15, 2025

Changelog

• bumping version to 1.22.7 5a5449dc42be07001fd5771d56429132984ab3ab (Robert Sirchia)
• Merge pull request #13327 from mattfarina/revert-11726 2cbf7fc005885cb46b60ebfcd03ff09890e43be1 (Joe Julian)

Helm v3.16.0 is a feature release. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs

... (truncated)

Commits

• 5a5449d bumping version to 1.22.7
• 2cbf7fc Merge pull request #13327 from mattfarina/revert-11726
• 0d439e1 bump version to v3.16.0
• 1ac6fce Merge pull request #13290 from helm/dependabot/go_modules/github.com/rubenv/s...
• a585fdb Merge pull request #13291 from helm/dependabot/go_modules/github.com/cyphar/f...
• 0d12150 Bump github.com/cyphar/filepath-securejoin from 0.2.5 to 0.3.1
• b1f9f0c Bump github.com/rubenv/sql-migrate from 1.6.1 to 1.7.0
• d66d435 Merge pull request #13276 from helm/dependabot/go_modules/github.com/evanphx/...
• c1ed2e2 Merge pull request #13286 from mattfarina/bump-sprig
• 2dc73d8 Merge pull request #13281 from giuliocalzolari/timestamp
• Additional commits viewable in compare view

Updates k8s.io/api from 0.31.0 to 0.31.1

Commits

• eb5129b Update dependencies to v0.31.1 tag
• 46f6230 Merge pull request #126761thockin/automated-cherry-pick-of-#126749
• 1857695 fix v1a3 ResourceSliceList metadata field name
• See full diff in compare view

Updates k8s.io/apiextensions-apiserver from 0.31.0 to 0.31.1

Commits

• b68c0dd Update dependencies to v0.31.1 tag
• See full diff in compare view

Updates k8s.io/apimachinery from 0.31.0 to 0.31.1

Commits

• See full diff in compare view

Updates k8s.io/cli-runtime from 0.31.0 to 0.31.1

Commits

• 754d15f Update dependencies to v0.31.1 tag
• See full diff in compare view

Updates k8s.io/client-go from 0.31.0 to 0.31.1

Commits

• c5196eb Update dependencies to v0.31.1 tag
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/ocm

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	4
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	2
HIGH RISK LICENSES	10
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI

[ocmbot]

Integration Tests for 956a84c run with result: Success ✅!

[ocmbot]

Integration Tests for 488e030 run with result: Success ✅!