Bump the go-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the go-dependencies group with 5 updates in the / directory:

Package	From	To
github.com/containerd/containerd	1.7.23	1.7.24
github.com/docker/docker	27.0.3+incompatible	27.4.0+incompatible
github.com/moby/buildkit	0.14.1	0.18.1
golang.org/x/sync	0.8.0	0.10.0
golang.org/x/sys	0.26.0	0.28.0

Updates github.com/containerd/containerd from 1.7.23 to 1.7.24

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.24

Welcome to the v1.7.24 release of containerd!

The twenty-fourth patch release for containerd 1.7 contains various fixes and updates.

Highlights

• Update runc binary to 1.2.2 (#11027)
• Fix "invalid metric type" error message for cgroup v1 (#10814)

Container Runtime Interface (CRI)

• Update the container exit log to info level (#11007)

Image Distribution

• Fix retry logic and concurrency issue with http fallback (#11032)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Phil Estes
• Akhil Mohan
• Akihiro Suda
• Maksym Pavlenko
• Austin Vazquez
• Samuel Karp
• Benjamin Peterson
• Davanum Srinivas
• Iceber Gu
• Mike Brown
• Sebastiaan van Stijn
• Tõnis Tiigi
• ningmingxiao

Changes

• Prepare release notes for v1.7.24 (#11036)
  • 936f8e2de Prepare release notes for v1.7.24
• Update the container exit log to info level (#11007)
  • 47ff8e2b6 add info of exited event
• Fix retry logic and concurrency issue with http fallback (#11032)
  • 10af0d60f Adds a mutex to protect fallback host
  • e426ec51b Use unix and windows specific connection error checks

... (truncated)

Commits

• 88bf19b Merge pull request #11036 from samuelkarp/prepare-1.7.24
• 8170354 Merge pull request #11007 from ningmingxiao/1.7.x
• 47ff8e2 add info of exited event
• 936f8e2 Prepare release notes for v1.7.24
• 80fda60 Merge pull request #11032 from vvoland/httpfallback-backports-1.7
• 921b05c Merge pull request #10913 from austinvazquez/cherry-pick-3cc2343de020fa448138...
• b47e5e0 Merge pull request #11027 from k8s-infra-cherrypick-robot/cherry-pick-11022-t...
• 10af0d6 Adds a mutex to protect fallback host
• e426ec5 Use unix and windows specific connection error checks
• 49c9f30 Allow fallback across default ports
• Additional commits viewable in compare view

Updates github.com/docker/docker from 27.0.3+incompatible to 27.4.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v27.4.0

27.4.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 27.4.0 milestone
• moby/moby, 27.4.0 milestone

API

• GET /images/json with the manifests option enabled now preserves the original order in which manifests appeared in the manifest-index. moby/moby#48712

Bug fixes and enhancements

• When reading logs with the jsonfile or local log drivers, any errors while trying to read or parse underlying log files will cause the rest of the file to be skipped and move to the next log file (if one exists) rather than returning an error to the client and closing the stream. The errors are viewable in the Docker Daemon logs and exported to traces when tracing is configured. moby/moby#48842
• When reading log files, compressed log files are now only decompressed when needed rather than decompressing all files before starting the log stream. moby/moby#48842
• Fix an issue that meant published ports from one container on a bridge network were not accessible from another container on the same network with userland-proxy disabled, if the kernel's br_netfilter module was not loaded and enabled. The daemon will now attempt to load the module and enable bridge-nf-call-iptables or bridge-nf-call-ip6tables when creating a network with the userland proxy disabled. moby/moby#48685
• Fix loading of bridge and br_netfilter kernel modules. moby/moby#48966
• containerd image store: Fix Docker daemon failing to fully start with a "context deadline exceeded error" with containerd snapshotter and many builds/images. moby/moby#48954
• containerd image-store: Fix partially pulled images not being garbage-collected. moby#48910, moby/moby#48957
• containerd image store: Fix docker image inspect outputting duplicate references in RepoDigests. moby/moby#48785
• containerd image store: Fix not being able to connect to some insecure registries in cases where the HTTPS request failed due to a non-TLS related error. moby/moby#48758
• containerd image store: Remove a confusing warning log when tagging a non-dangling image. moby/moby#49010
• dockerd-rootless-setuptool.sh: let --force ignore smoke test errors moby/moby#48695
• Disable IPv6 Duplicate Address Detection (DAD) for addresses assigned to the bridges belonging to bridge networks. moby/moby#48684
• Remove BuildKit init timeout. moby/moby#48963
• Ignore "dataset does not exist" error when removing dataset on ZFS. moby/moby#48968
• Client: Prevent idle connections leaking FDs. moby/moby#48764
• Fix anonymous volumes being created through the --mount option not being marked as anonymous. moby/moby#48755
• After a daemon restart with live-restore, ensure an iptables jump to the DOCKER-USER chain is placed before other rules. moby/moby#48714
• Fix a possible memory leak caused by OTel meters. moby/moby#48693
• Create distinct build history db for each store. moby/moby#48688
• Fix an issue that caused excessive memory usage when DNS resolution was made in a tight loop. moby/moby#48840
• containerd image store: Do not underline names in docker image ls --tree. docker/cli#5519
• containerd image store: Change name of USED column in docker image ls --tree to IN USE. docker/cli#5518
• Fix a bug preventing image pulls from being cancelled during docker run. docker/cli#5654
• Port some completions from the bash completion to the new cobra based completion. docker/cli#5618
• The docker login and docker logout command no longer update the configuration file if the credentials didn't change. docker/cli#5569
• Optimise docker stats to reduce flickering issues. docker/cli#5588, docker/cli#5635
• Fix inaccessible plugins paths preventing plugins from being detected. docker/cli#5652
• Add support for events --filter in cobra generated shell completions. docker/cli#5614
• Fix bash completion for events --filter daemon=. docker/cli#5563
• Improve shell-completion of containers for docker rm. docker/cli#5540
• Add shell-completion for --platform flags. docker/cli#5540
• rootless: Make /etc/cdi and /var/run/cdi accessible by the Container Device Interface (CDI) integration. moby/moby#49027

Removed

• Deprecate Daemon.Exists() and Daemon.IsPaused(). These functions are no longer used and will be removed in the next release. moby/moby#48719
• Deprecate container.ErrNameReserved and container.ErrNameNotReserved. moby/moby#48697

... (truncated)

Commits

• 92a8393 Merge pull request #49027 from thaJeztah/27.x_backport_cdi-rootless
• 9163aa3 Merge pull request #49026 from thaJeztah/27.x_update_go_1.22.10
• 4775621 Dockerd rootless: make {/etc,/var/run}/cdi available
• 0176f4a Merge pull request #49024 from thaJeztah/27.x_vendor_buildkit_0.17.3
• 0e34b39 update to go1.22.10
• 7919b80 [27.x] vendor: github.com/moby/buildkit v0.17.3
• a92d4c5 Merge pull request #49013 from vvoland/49006-27.x
• 1cc1274 Merge pull request #49010 from vvoland/49009-27.x
• 525b929 registry: deprecate RepositoryInfo.Class
• d6d43b2 c8d/tag: Don't log a warning if the source image is not dangling
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.14.1 to 0.18.1

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.18.1

Welcome to the v0.18.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Notable Changes

• Fix issue where builds from older versions of clients/frontends could result in missing "no-cache" behavior or original Dockerfile commands could be missing in progress output #5563

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.18.0

v0.18.0

Welcome to the v0.18.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Akihiro Suda
• Sebastiaan van Stijn
• David Karlsson
• Jonathan A. Sternberg
• Anthony Nandaa
• Austin Vazquez
• Erik Sipsma
• Marat Radchenko
• Brian Goff
• Erik Sjölund
• Justin Chadwell
• Shaun Thompson
• Tianon Gravi

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.12.0 changelog
• Runc container runtime has been updated to v1.2.2 #5532
• Allow graceful daemon stop while there are active history event requests #5522
• Improve performance of booting BuildKit with many local cache records (regression v0.16.0+) #5550

... (truncated)

Commits

• eb68885 Merge pull request #5564 from tonistiigi/v0.18.1-picks
• ec39add llbsolver: fix recompute test and avoid struct copy
• 64293f9 llbsolver: tie op metadata to the op before recomputing digests
• 95d190e Merge pull request #5549 from tonistiigi/etag-cache-fix
• 3b38a1e Merge pull request #5550 from cpuguy83/metadata_view
• de14049 Use view transaction for metadata read
• 06ff841 http: fix etag cache scoping
• 51fbdf3 Merge pull request #5548 from crazy-max/containerd-lld
• 787d9d0 ci: test sandbox build with multiple platforms
• af2d65b dockerfile: use lld linker for containerd build
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.8.0 to 0.10.0

Commits

• 913fb63 singleflight: fix typo in singleflight_test.go
• 151027e README: don't recommend go get
• See full diff in compare view

Updates golang.org/x/sys from 0.26.0 to 0.28.0

Commits

• fe16172 unix: define IfMsghdr2, IfData64, and RtMsghdr2 on darwin
• 0a57dbc unix: update to kernel Linux 6.12
• 3cf1e67 unix: don't fail TestPpoll on EINTR
• d2cea70 windows: add functions to get named pipe process IDs
• a13946c windows: regenerate zsyscall_windows.go
• e0753d4 Revert "windows/mkwinsyscall: use syscall.SyscallN instead of syscall.Syscall...
• c29efe3 windows: add iphlpapi functions for change notifications
• 8f2aa9f cpu: conditionally re-enable AVX512 support on darwin/amd64
• 054f1fc README: don't recommend go get
• ca04041 unix: extend z/OS support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.