NO-ISSUE: Bump the go-security-dependencies group across 1 directory with 2 updates #1063

dependabot · 2025-07-15T16:41:08Z

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork
0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27
574a304 Merge pull request #11538 from dmcgowan/backport-11327
1be04be Prepare release notes for v1.7.27
82b5c43 core/remotes: Handle attestations in MakeRefKey
2c670e7 core/images: Ignore attestations when traversing children
11504c3 validate uid/gid
576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1
a39863c update build to go1.23.7, test go1.24.1
8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror
Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...
ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest
1f1fa29 publicsuffix: regenerate table
1215081 http2: improve error when server sends HTTP/1
312450e html: ensure <search> tag closes and update tests
09731f9 http2: improve handling of lost PING in Server
55989e2 http2/h2c: use ResponseController for hijacking connections
2914f46 websocket: re-recommend gorilla/websocket
99b3ae0 go.mod: update golang.org/x dependencies
85d1d54 go.mod: update golang.org/x dependencies
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

openshift-ci-robot · 2025-07-15T16:41:13Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-07-15T16:41:13Z

/test remaining-required

Scheduling tests matching the pipeline_run_if_changed parameter:
/test edge-e2e-ai-operator-ztp
/test edge-e2e-metal-assisted-4-19

openshift-ci-robot · 2025-07-15T16:41:14Z

/test remaining-required

Scheduling tests matching the pipeline_run_if_changed parameter:
/test edge-e2e-ai-operator-ztp
/test edge-e2e-metal-assisted-4-19

openshift-ci · 2025-07-15T16:42:56Z

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci · 2025-07-15T16:43:06Z

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci · 2025-07-15T16:43:07Z

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by: dependabot[bot]

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci-robot · 2025-07-15T16:51:35Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-15T16:59:37Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

codecov · 2025-07-15T17:24:03Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 56.54%. Comparing base (62dc63f) to head (c6da379).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1063      +/-   ##
==========================================
+ Coverage   56.49%   56.54%   +0.04%     
==========================================
  Files          88       88              
  Lines        4310     4310              
==========================================
+ Hits         2435     2437       +2     
+ Misses       1698     1697       -1     
+ Partials      177      176       -1

see 1 file with indirect coverage changes

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

openshift-ci-robot · 2025-07-16T06:55:42Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-16T11:30:35Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-16T16:41:25Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-07-16T23:46:42Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-17T00:40:17Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-17T01:28:15Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-17T04:32:12Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-17T14:17:30Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-17T16:22:18Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-07-17T18:27:50Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-18T16:09:31Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci-robot · 2025-07-18T23:41:43Z

/retest-required

Remaining retests: 0 against base HEAD 4ca4e09 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-19T02:45:40Z

/retest-required

Remaining retests: 0 against base HEAD 5b673d4 and 1 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-19T04:52:02Z

/retest-required

Remaining retests: 0 against base HEAD 5b673d4 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-21T10:13:02Z

/retest-required

Remaining retests: 0 against base HEAD 5b673d4 and 2 for PR HEAD aebab56 in total

openshift-ci-robot · 2025-07-21T18:19:56Z

@dependabot[bot]: This pull request explicitly references no jira issue.

In response to this:

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the go-security-dependencies group with 2 updates in the / directory: github.com/containerd/containerd and golang.org/x/net.

Updates github.com/containerd/containerd from 1.7.12 to 1.7.27

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.27

Welcome to the v1.7.27 release of containerd!

The twenty-seventh patch release for containerd 1.7 contains various fixes and updates.

Highlights

Fix integer overflow in User ID handling (GHSA-265r-hfxg-fhmg)

Update image type checks to avoid unnecessary logs for attestations (#11538)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Jin Dong

Akhil Mohan

Derek McGowan

Maksym Pavlenko

Paweł Gronowski

Phil Estes

Akihiro Suda

Craig Ingram

Krisztian Litkey

Samuel Karp

Changes

05044ec0a Merge commit from fork

11504c3fc validate uid/gid

Prepare release notes for v1.7.27 (#11540)

1be04be6c Prepare release notes for v1.7.27

Update image type checks to avoid unnecessary logs for attestations (#11538)

82b5c43fe core/remotes: Handle attestations in MakeRefKey

2c670e79b core/images: Ignore attestations when traversing children

update build to go1.23.7, test go1.24.1 (#11515)

a39863c9f update build to go1.23.7, test go1.24.1

Remove hashicorp/go-multierror dependency and fix CI (#11499)

49537b3a7 e2e: use the shim bundled with containerd artifact

fe490b76f Bump up github.com/intel/goresctrl to 0.5.0

13fc9d313 update containerd/project-checks to 1.2.1

585699c94 Remove unnecessary joinError unwrap

4b9df59be Remove hashicorp/go-multierror

go.{mod,sum}: bump CDI deps to v0.8.1. (#11422)

5ba28f8dc go.{mod,sum}: bump CDI deps to v0.8.1, re-vendor.

CI: arm64-8core-32gb -> ubuntu-24.04-arm (#11437)

85f10bd92 CI: arm64-8core-32gb -> ubuntu-24.04-arm

... (truncated)

Commits

05044ec Merge commit from fork

0b7f2a5 Merge pull request #11540 from dmcgowan/prepare-1.7.27

574a304 Merge pull request #11538 from dmcgowan/backport-11327

1be04be Prepare release notes for v1.7.27

82b5c43 core/remotes: Handle attestations in MakeRefKey

2c670e7 core/images: Ignore attestations when traversing children

11504c3 validate uid/gid

576178b Merge pull request #11515 from akhilerm/1.7-updatego1.24.1

a39863c update build to go1.23.7, test go1.24.1

8946aa0 Merge pull request #11499 from djdongjin/1-7-remove-hashi-multierror

Additional commits viewable in compare view

Updates golang.org/x/net from 0.33.0 to 0.38.0

Commits

e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...

ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest

1f1fa29 publicsuffix: regenerate table

1215081 http2: improve error when server sends HTTP/1

312450e html: ensure <search> tag closes and update tests

09731f9 http2: improve handling of lost PING in Server

55989e2 http2/h2c: use ResponseController for hijacking connections

2914f46 websocket: re-recommend gorilla/websocket

99b3ae0 go.mod: update golang.org/x dependencies

85d1d54 go.mod: update golang.org/x dependencies

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency

@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)

@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)

@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)

@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency

@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci · 2025-07-21T18:22:39Z

New changes are detected. LGTM label has been removed.

openshift-merge-robot · 2025-08-26T13:22:38Z

rebase

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

…with 2 updates Bumps the go-security-dependencies group with 2 updates in the / directory: [github.com/containerd/containerd](https://github.com/containerd/containerd) and [golang.org/x/net](https://github.com/golang/net). Updates `github.com/containerd/containerd` from 1.7.12 to 1.7.27 - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.12...v1.7.27) Updates `golang.org/x/net` from 0.33.0 to 0.38.0 - [Commits](golang/net@v0.33.0...v0.38.0) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-version: 1.7.27 dependency-type: indirect dependency-group: go-security-dependencies - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: indirect dependency-group: go-security-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

openshift-ci · 2025-08-26T19:31:55Z

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/edge-lint	`c6da379`	link	true	`/test edge-lint`

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

dependabot bot added approved Indicates a PR has been approved by an approver from all required OWNERS files. dependabot go Pull requests that update Go code lgtm Indicates that a PR is ready to be merged. labels Jul 15, 2025

openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jul 15, 2025

openshift-ci bot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Jul 15, 2025

openshift-ci bot requested review from carbonin and omertuc July 15, 2025 16:42

dependabot bot force-pushed the dependabot/go_modules/go-security-dependencies-aa6770f079 branch from aebab56 to 310f6d8 Compare July 21, 2025 18:22

openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Jul 21, 2025

dependabot bot force-pushed the dependabot/go_modules/go-security-dependencies-aa6770f079 branch from 310f6d8 to f95adb6 Compare July 23, 2025 16:45

dependabot bot force-pushed the dependabot/go_modules/go-security-dependencies-aa6770f079 branch 2 times, most recently from 3e25e02 to 6aac5c3 Compare August 18, 2025 19:38

openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 26, 2025

dependabot bot force-pushed the dependabot/go_modules/go-security-dependencies-aa6770f079 branch from 6aac5c3 to c6da379 Compare August 26, 2025 16:51

openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 26, 2025

NO-ISSUE: Bump the go-security-dependencies group across 1 directory with 2 updates #1063

Are you sure you want to change the base?

NO-ISSUE: Bump the go-security-dependencies group across 1 directory with 2 updates #1063

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

openshift-ci-robot commented Jul 15, 2025

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

openshift-ci-robot commented Jul 15, 2025

Uh oh!

openshift-ci-robot commented Jul 15, 2025

Uh oh!

openshift-ci bot commented Jul 15, 2025

Uh oh!

openshift-ci bot commented Jul 15, 2025

Uh oh!

openshift-ci bot commented Jul 15, 2025

Uh oh!

openshift-ci-robot commented Jul 15, 2025

Uh oh!

openshift-ci-robot commented Jul 15, 2025

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

codecov bot commented Jul 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

openshift-ci-robot commented Jul 16, 2025

Uh oh!

openshift-ci-robot commented Jul 16, 2025

Uh oh!

openshift-ci-robot commented Jul 16, 2025

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

openshift-ci-robot commented Jul 16, 2025

Uh oh!

openshift-ci-robot commented Jul 17, 2025

Uh oh!

openshift-ci-robot commented Jul 17, 2025

Uh oh!

openshift-ci-robot commented Jul 17, 2025

Uh oh!

openshift-ci-robot commented Jul 17, 2025

Uh oh!

openshift-ci-robot commented Jul 17, 2025

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

openshift-ci-robot commented Jul 17, 2025

Uh oh!

openshift-ci-robot commented Jul 18, 2025

containerd 1.7.27

Highlights

Contributors

Changes

Uh oh!

openshift-ci-robot commented Jul 18, 2025

Uh oh!

openshift-ci-robot commented Jul 19, 2025

Uh oh!

openshift-ci-robot commented Jul 19, 2025

Uh oh!

dependabot bot commented on behalf of github Jul 15, 2025 •

edited

Loading

codecov bot commented Jul 15, 2025 •

edited

Loading