Bump the go-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the go-dependencies group with 5 updates in the / directory:

Package	From	To
github.com/containerd/containerd	1.7.23	1.7.24
github.com/docker/docker	27.0.3+incompatible	27.3.1+incompatible
github.com/moby/buildkit	0.14.1	0.18.0
golang.org/x/sync	0.8.0	0.9.0
golang.org/x/sys	0.26.0	0.27.0

Updates github.com/containerd/containerd from 1.7.23 to 1.7.24

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.24

Welcome to the v1.7.24 release of containerd!

The twenty-fourth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Update runc binary to 1.2.2 (#11027)
• Fix "invalid metric type" error message for cgroup v1 (#10814)

Container Runtime Interface (CRI)

• Update the container exit log to info level (#11007)

Image Distribution

• Fix retry logic and concurrency issue with http fallback (#11032)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Phil Estes
• Akhil Mohan
• Akihiro Suda
• Maksym Pavlenko
• Austin Vazquez
• Samuel Karp
• Benjamin Peterson
• Davanum Srinivas
• Iceber Gu
• Mike Brown
• Sebastiaan van Stijn
• Tõnis Tiigi
• ningmingxiao

Changes

• Prepare release notes for v1.7.24 (#11036)
  • 936f8e2de Prepare release notes for v1.7.24
• Update the container exit log to info level (#11007)
  • 47ff8e2b6 add info of exited event
• Fix retry logic and concurrency issue with http fallback (#11032)
  • 10af0d60f Adds a mutex to protect fallback host
  • e426ec51b Use unix and windows specific connection error checks

... (truncated)

Commits

• 88bf19b Merge pull request #11036 from samuelkarp/prepare-1.7.24
• 8170354 Merge pull request #11007 from ningmingxiao/1.7.x
• 47ff8e2 add info of exited event
• 936f8e2 Prepare release notes for v1.7.24
• 80fda60 Merge pull request #11032 from vvoland/httpfallback-backports-1.7
• 921b05c Merge pull request #10913 from austinvazquez/cherry-pick-3cc2343de020fa448138...
• b47e5e0 Merge pull request #11027 from k8s-infra-cherrypick-robot/cherry-pick-11022-t...
• 10af0d6 Adds a mutex to protect fallback host
• e426ec5 Use unix and windows specific connection error checks
• 49c9f30 Allow fallback across default ports
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.0.3+incompatible to 27.3.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.3.1

27.3.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.3.1 milestone
• moby/moby, 27.3.1 milestone

Bug fixes and enhancements

• CLI: Fix issue with command execution metrics not being exported due to the CLI MeterProvider being shutdown too early. docker/cli#5457

Packaging updates

• Update Compose to v2.29.7

v27.3.0

27.3.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.3.0 milestone
• moby/moby, 27.3.0 milestone

Bug fixes and enhancements

• containerd image store: Fix docker image prune -a untagging images used by containers started from images referenced by a digested reference. moby/moby#48488
• Add a --feature flag to the daemon options. moby/moby#48487
• Updated the handling of the --gpus=0 flag to be consistent with the NVIDIA Container Runtime. moby/moby#48483 (docker/cli#5432)
• Support WSL2 mirrored-mode networking's use of interface loopback0 for packets from the Windows host. moby/moby#48514
• Fix an issue that prevented communication between containers on an IPv4 bridge network when running with --iptables=false, --ip6tables=true (the default), a firewall with a DROP rule for forwarded packets on hosts where the br_netfilter kernel module was not normally loaded. moby/moby#48511
• CLI: Fix issue where docker volume update command would cause the CLI to panic if no argument/volume was passed. docker/cli#5426
• docker/cli#5432

Packaging updates

• Update containerd (static binaries only) to v1.7.22 moby/moby#48468
• Updated Buildkit to v0.16.0
• Update Compose to v2.29.6
• Update Buildx to v0.17.1

v27.3.0-rc.2

27.3.0-rc.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.3.0 milestone
• moby/moby, 27.3.0 milestone

... (truncated)

Commits

• 41ca978 Merge pull request #48525 from thaJeztah/27.x_backport_govulncheck_permissions
• a6b772b gha: govulncheck: make sure read permissions are set
• 856359c Merge pull request #48514 from robmry/backport-27.x/wsl2_mirrored_loopback0_w...
• cd21af7 Do not DNAT packets from WSL2's loopback0
• 8516f3b Merge pull request #48510 from thaJeztah/27.x_backport_bump_buildx_compose
• 3a7779a Merge pull request #48511 from robmry/backport-27.x/48375_bridge_netfiltering
• 5c499fc Only enable bridge netfiltering when needed
• 98f24aa Merge pull request #48506 from thaJeztah/27.x_backport_man_dockerd_logformat
• 8adc8e4 Dockerfile: update compose to v2.29.4
• 576fc88 Dockerfile: update buildx to v0.17.1
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.14.1 to 0.18.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.18.0

buildkit 0.18.0

Welcome to the v0.18.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Akihiro Suda
• Sebastiaan van Stijn
• David Karlsson
• Jonathan A. Sternberg
• Anthony Nandaa
• Austin Vazquez
• Erik Sipsma
• Marat Radchenko
• Brian Goff
• Erik Sjölund
• Justin Chadwell
• Shaun Thompson
• Tianon Gravi

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.12.0 changelog
• Runc container runtime has been updated to v1.2.2 #5532
• Allow graceful daemon stop while there are active history event requests #5522
• Improve performance of booting BuildKit with many local cache records (regression v0.16.0+) #5550
• Improve stacktraces on cancellation errors #5536
• Improve performance of recalculating content checksums after incremental context upload #5521
• Fix leaving unreleased references behind after SBOM generation #5511
• Make sure blob data is immediately released after deleting build history records #5515
• Fix caching HTTP resources from servers that report the same ETag for different URLs #5549
• Fix possible issue with uploaded build context when using old clients #5517
• Fix old cache keys not being cleaned up by background garbage collection (worked for manual prune) #5540
• Fix possible incorrect casing in provenance JSON #5524
• Fix possible intermittent cancellation error when building from big build context due to internal gRPC bug #5530
• Fix build errors on OpenBSD #5542
• Fix possible issue when building from tarball URL on WCOW #5523
• Fix warning of incompatible semconv configuration in OpenTelemetry #5503 #5501

Dependency Changes

... (truncated)

Commits

• 95d190e Merge pull request #5549 from tonistiigi/etag-cache-fix
• 3b38a1e Merge pull request #5550 from cpuguy83/metadata_view
• de14049 Use view transaction for metadata read
• 06ff841 http: fix etag cache scoping
• 51fbdf3 Merge pull request #5548 from crazy-max/containerd-lld
• 787d9d0 ci: test sandbox build with multiple platforms
• af2d65b dockerfile: use lld linker for containerd build
• 94d0f6e Merge pull request #5547 from crazy-max/fix-content-check-test
• 0145090 dockerd: skip content check with containerd snapshotter
• db6989a Merge pull request #5543 from tonistiigi/vendor-containerd-v1.7.24
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.8.0 to 0.9.0

Commits

• 151027e README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/sys from 0.26.0 to 0.27.0

Commits

• e0753d4 Revert "windows/mkwinsyscall: use syscall.SyscallN instead of syscall.Syscall...
• c29efe3 windows: add iphlpapi functions for change notifications
• 8f2aa9f cpu: conditionally re-enable AVX512 support on darwin/amd64
• 054f1fc README: don't recommend go get
• ca04041 unix: extend z/OS support
• 18e038c unix: move NETLINK_* consts to own section
• d045236 windows: implement Ftruncate using a single syscall on Windows
• cff53d5 unix: gofmt after CL 610296
• 123459f unix: update z/OS implementation of fcntl and mmap
• df4a4da unix/linux: adjust Dockerfile ENV key value format
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #1440.