Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the go-modules group with 2 updates #571

Merged
merged 1 commit into from
Nov 1, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2023

Bumps the go-modules group with 2 updates: github.com/opencontainers/runc and github.com/shirou/gopsutil/v3.

Updates github.com/opencontainers/runc from 1.1.9 to 1.1.10

Changelog

Sourced from github.com/opencontainers/runc's changelog.

[1.1.10] - 2023-10-31

Śruba, przykręcona we śnie, nie zmieni sytuacji, jaka panuje na jawie.

Added

  • Support for hugetlb.<pagesize>.rsvd limiting and accounting. Fixes the issue of postres failing when hugepage limits are set. (#3859, #4077)

Fixed

  • Fixed permissions of a newly created directories to not depend on the value of umask in tmpcopyup feature implementation. (#3991, #4060)
  • libcontainer: cgroup v1 GetStats now ignores missing kmem.limit_in_bytes (fixes the compatibility with Linux kernel 6.1+). (#4028)
  • Fix a semi-arbitrary cgroup write bug when given a malicious hugetlb configuration. This issue is not a security issue because it requires a malicious config.json, which is outside of our threat model. (#4103)
  • Various CI fixes. (#4081, #4055)
Commits
  • 18a0cb0 VERSION: release 1.1.10
  • 7b469c9 Merge pull request from GHSA-5g49-rx9x-qfc6
  • b426e9b libct/cgroups.OpenFile: clean "file" argument
  • e1adc7f Merge pull request #4077 from kolyshkin/1.1-4073
  • 8214e63 libct/cg: support hugetlb rsvd
  • f8be700 [1.1] tests/int/helpers: add get_cgroup_path
  • 5ba0e01 merge #4081 into opencontainers/runc:release-1.1
  • 1f66027 ci/gha: fix downloading Release.key
  • 42acc58 Merge pull request #4060 from kolyshkin/1.1-4056
  • 5a5b2cc Fix directory perms vs umask for tmpcopyup
  • Additional commits viewable in compare view

Updates github.com/shirou/gopsutil/v3 from 3.23.9 to 3.23.10

Release notes

Sourced from github.com/shirou/gopsutil/v3's releases.

v3.23.10

What's Changed

cpu

host

process

Full Changelog: shirou/gopsutil@v3.23.9...v3.23.10

Commits
  • a7e2bdf Merge pull request #1544 from JanDeDobbeleer/master
  • ac63a56 fix(windows): remove log statement
  • a1eedca fix(linux): validate cpu fields length before accessing index
  • c020a08 Merge pull request #1537 from shirou/feat/fix_darwin_host_users
  • 4ad4406 Merge pull request #1542 from shirou/dependabot/github_actions/actions/checko...
  • be90da9 chore(deps): bump actions/checkout from 4.1.0 to 4.1.1
  • 9c1cf1c Merge pull request #1538 from shirou/dependabot/go_modules/github.com/google/...
  • 2121939 chore(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0
  • 4b46f2b [host][darwin]: fix Users
  • 5ee64c6 Merge pull request #1531 from shirou/dependabot/github_actions/actions/checko...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-modules group with 2 updates: [github.com/opencontainers/runc](https://github.com/opencontainers/runc) and [github.com/shirou/gopsutil/v3](https://github.com/shirou/gopsutil).


Updates `github.com/opencontainers/runc` from 1.1.9 to 1.1.10
- [Release notes](https://github.com/opencontainers/runc/releases)
- [Changelog](https://github.com/opencontainers/runc/blob/v1.1.10/CHANGELOG.md)
- [Commits](opencontainers/runc@v1.1.9...v1.1.10)

Updates `github.com/shirou/gopsutil/v3` from 3.23.9 to 3.23.10
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](shirou/gopsutil@v3.23.9...v3.23.10)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runc
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
- dependency-name: github.com/shirou/gopsutil/v3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner November 1, 2023 20:11
@dependabot dependabot bot added the failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow label Nov 1, 2023
@dependabot dependabot bot requested review from ryanmoran and TisVictress November 1, 2023 20:11
@paketo-bot paketo-bot added the semver:patch A change requiring a patch version bump label Nov 1, 2023
@paketo-bot paketo-bot merged commit 2ed93a8 into main Nov 1, 2023
8 of 9 checks passed
@paketo-bot paketo-bot deleted the dependabot/go_modules/go-modules-b1206dd723 branch November 1, 2023 20:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
failure:update-dependencies An issue filed automatically when updating buildpack.toml dependencies fails in a workflow semver:patch A change requiring a patch version bump
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants