Bump the misc-dependencies group with 6 updates

[dependabot]

Bumps the misc-dependencies group with 6 updates:

Package	From	To
github.com/onsi/ginkgo/v2	2.22.1	2.22.2
github.com/containerd/containerd/api	1.7.19	1.8.0
github.com/containerd/errdefs	0.1.0	1.0.0
github.com/containerd/ttrpc	1.2.5	1.2.7
github.com/cyphar/filepath-securejoin	0.3.5	0.3.6
github.com/google/btree	1.0.1	1.1.3

Updates github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.22.2

What's Changed

• Bump golang.org/x/net from 0.32.0 to 0.33.0 by @​dependabot in onsi/ginkgo#1496
• Bump golang.org/x/crypto from 0.17.0 to 0.31.0 in /ginkgo/performance/_fixtures/performance_fixture by @​dependabot in onsi/ginkgo#1498
• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 by @​dependabot in onsi/ginkgo#1499

Full Changelog: onsi/ginkgo@v2.22.1...v2.22.2

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.22.2

Maintenance

• Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 (#1499) [cc553ce]
• Bump golang.org/x/crypto (#1498) [2170370]
• Bump golang.org/x/net from 0.32.0 to 0.33.0 (#1496) [a96c44f]

Commits

• f65e80b v2.22.2
• cc553ce Bump github.com/onsi/gomega from 1.36.1 to 1.36.2 (#1499)
• 2170370 Bump golang.org/x/crypto (#1498)
• a96c44f Bump golang.org/x/net from 0.32.0 to 0.33.0 (#1496)
• See full diff in compare view

Updates github.com/containerd/containerd/api from 1.7.19 to 1.8.0

Release notes

Sourced from github.com/containerd/containerd/api's releases.

containerd API 1.8.0

Welcome to the api/v1.8.0 release of containerd!

The first dedicated release for the containerd API. This release continues the 1.x line of API compatibility with the 9th minor release of the 1.x API.

Highlights

• Add Update API for sandbox controller (#9903)
• Add PluginInfo to introspection API (#9442)
• Expose usage of deprecated features (#9258)
• Add image delete target (#8989)

Go client

• Add api Go module and move all protos under api (#10151)

Image Distribution

• Enable Transfer service API to support plain HTTP (#10024)
• Enable Transfer service to use registry configuration directory (#9908)
• Update Transfer service to add OCI descriptors to Progress structure (#9630)
• Add option to perform syncfs after pull (#9401)

Runtime

• Store bootstrap parameters in sandbox metadata (#9736)
• Add sandboxer configuration and move sandbox controllers to plugins (#8268)
• Add annotations to CreateSandbox request (#8960)
• Add SandboxMetrics (#8680)
• Publish sandbox events (#8602)

Deprecations

• Add type alias for event Envelope (#10279)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Maksym Pavlenko
• Wei Fu
• Abel Feng
• Akihiro Suda
• Phil Estes
• Danny Canter
• Samuel Karp
• Kohei Tokunaga

... (truncated)

Commits

• cf36acf Merge pull request #10935 from dmcgowan/prepare-api-v1.8.0
• c017828 Merge pull request #10877 from AkihiroSuda/runc-1.2.0
• 716445a Merge pull request #10933 from dmcgowan/test-container-resilience
• b6d1178 Merge pull request #10934 from dmcgowan/update-errdefs-1.0
• 481692a Merge pull request #10926 from AkihiroSuda/docs-2.0
• d389118 Prepare release notes for api/v1.8.0
• 93f9db2 Update errdefs tag to v1.0.0
• bddeba8 Make TestContainerPids more resilient
• ada2fa1 Merge pull request #10927 from AkihiroSuda/fix-removal-criv1alpha2
• cb4ce9a Merge pull request #10886 from thaJeztah/fix_retry_logs
• Additional commits viewable in compare view

Updates github.com/containerd/errdefs from 0.1.0 to 1.0.0

Release notes

Sourced from github.com/containerd/errdefs's releases.

v1.0.0

The first major release of errdefs brings a guarantee of stability with the error types and interface. Additional functions for grpc and http error translation and stacktraces can be found in the separate github.com/containerd/errdefs/pkg module.

v0.3.0

This release splits the errdefs package into the github.com/containerd/errdefs package which only contains error definitions as well as basic functions to check for those definitions and the github.com/containerd/errdefs/pkg package which containers functionality for using the errdefs, such as error serialization and adding more data to errors.

What's Changed

• Update GitHub Actions packages and runners by @​austinvazquez in containerd/errdefs#20
• Add errdefs/pkg package by @​dmcgowan in containerd/errdefs#19

Full Changelog: containerd/errdefs@v0.2.0...v0.3.0

pkg/v0.3.0

What's Changed

• Update pkg errodefs to v0.3.0 by @​dmcgowan in containerd/errdefs#21

Full Changelog: containerd/errdefs@v0.3.0...pkg/v0.3.0

v0.2.0

What's Changed

• Add more grpc types by @​dmcgowan in containerd/errdefs#3
• Split gRPC and HTTP error utility into seperate packages by @​austinvazquez in containerd/errdefs#5
• Fix Cancelled interface typo by @​dmcgowan in containerd/errdefs#6
• Add stack support by @​dmcgowan in containerd/errdefs#8
• Add a resolve error function to return first error by @​dmcgowan in containerd/errdefs#9
• Add support for custom error messages by @​dmcgowan in containerd/errdefs#10
• Add support for grpc error details and multiple errors by @​dmcgowan in containerd/errdefs#7
• Complete interface definitions for errors by @​dmcgowan in containerd/errdefs#18

New Contributors

• @​austinvazquez made their first contribution in containerd/errdefs#5

Full Changelog: containerd/errdefs@v0.1.0...v0.2.0

Commits

• 4817405 Merge pull request #21 from dmcgowan/pkg-update-errdefs
• 3ce6af5 Update pkg errodefs to v0.3.0
• 9fd32fc Merge pull request #19 from dmcgowan/pkg-package
• 3dabb2b Merge pull request #20 from austinvazquez/upgrade-ci
• 303a6ea Update to Go 1.22.8 in CI
• e70104e Upgrade to [email protected]
• ffe5586 Upgrade to golangci/golangci-lint-action@v6
• 908b04b Upgrade to actions/checkout@v4
• 608b83c Upgrade to actions/setup-go@v5
• 8e82ae4 Upgrade macOS runner image to macOS 13
• Additional commits viewable in compare view

Updates github.com/containerd/ttrpc from 1.2.5 to 1.2.7

Release notes

Sourced from github.com/containerd/ttrpc's releases.

v1.2.7

What's Changed

• server: fix a Serve() vs. (immediate) Shutdown() race by @​klihub in containerd/ttrpc#175
• Add MD.Clone function by @​djdongjin in containerd/ttrpc#177

New Contributors

• @​djdongjin made their first contribution in containerd/ttrpc#177

Full Changelog: containerd/ttrpc@v1.2.6...v1.2.7

v1.2.6

What's Changed

• server_test: fix error message in TestOversizeCall. by @​klihub in containerd/ttrpc#170
• channel: reject oversized messages on the sender side too. by @​klihub in containerd/ttrpc#171

Full Changelog: containerd/ttrpc@v1.2.5...v1.2.6

Commits

• 3b8c8b7 Merge pull request #177 from djdongjin/metadata-clone
• 430f734 Add MD.Clone
• b71d9de Merge pull request #175 from klihub/fixes/serve-listen-shutdown-race
• bcc40a4 Merge pull request #171 from klihub/devel/sender-side-oversize-rejection
• c4d96d5 server: fix Serve() vs. immediate Shutdown() race.
• ed6c3ba server_test: add Serve()/Shutdown() race test.
• b5cd6e4 channel: allow discovery of overflown message size.
• d8c00df channel_test: update oversize message test.
• de273bf channel: reject oversized messages on the sender side.
• 3f02183 Merge pull request #170 from klihub/fixes/oversized-call-test-errmsg
• Additional commits viewable in compare view

Updates github.com/cyphar/filepath-securejoin from 0.3.5 to 0.3.6

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.6

This release lowers the minimum Go version to Go 1.18 as well as some library dependencies, in order to make it easier for folks that need to backport patches using the new filepath-securejoin API onto branches that are stuck using old Go compilers. For users using Go >= 1.21, this release contains no functional changes.

• The minimum Go version requirement for filepath-securejoin is now Go 1.18 (we use generics internally).

  For reference, [email protected] somewhat-arbitrarily bumped the Go version requirement to 1.21.

  While we did make some use of Go 1.21 stdlib features (and in principle Go versions <= 1.21 are no longer even supported by upstream anymore), some downstreams have complained that the version bump has meant that they have to do workarounds when backporting fixes that use the new filepath-securejoin API onto old branches. This is not an ideal situation, but since using this library is probably better for most downstreams than a hand-rolled workaround, we now have compatibility shims that allow us to build on older Go versions.

• Lower minimum version requirement for golang.org/x/sys to v0.18.0 (we need the wrappers for fsconfig(2)), which should also make backporting patches to older branches easier.

Signed-off-by: Aleksa Sarai [email protected]

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.6] - 2024-12-17

Compatibility

• The minimum Go version requirement for filepath-securejoin is now Go 1.18 (we use generics internally).

  For reference, [email protected] somewhat-arbitrarily bumped the Go version requirement to 1.21.

  While we did make some use of Go 1.21 stdlib features (and in principle Go versions <= 1.21 are no longer even supported by upstream anymore), some downstreams have complained that the version bump has meant that they have to do workarounds when backporting fixes that use the new filepath-securejoin API onto old branches. This is not an ideal situation, but since using this library is probably better for most downstreams than a hand-rolled workaround, we now have compatibility shims that allow us to build on older Go versions.

• Lower minimum version requirement for golang.org/x/sys to v0.18.0 (we need the wrappers for fsconfig(2)), which should also make backporting patches to older branches easier.

Commits

• 200008e VERSION: release v0.3.6
• 43784dc tests: lower github.com/stretchr/testify requirement to v1.7.1
• 2ec07d2 merge #37 into cyphar/filepath-securejoin:main
• d17d372 gha: use stable/oldstable go versions
• 2d9831f gha: compile-test for all supported Go versions
• 31bfec2 gha: test older Go versions in CI
• e11873c deps: downgrade golang.org/x/sys requirement
• 6ef6896 go: lower Go requirement to Go 1.18
• a06a225 tests: don't call testing.Testing() in mocks
• 07ceaf0 merge #36 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/google/btree from 1.0.1 to 1.1.3

Commits

• aeba20f fix: remove item may changed clone btree; (i+1) children has new cow, but do ...
• 8e29150 Add coverage of Has in test.
• 3f48535 fix: add Has method for a BTreeG[Item]
• e5eabf3 ci: use github actions matrix
• 770c3d8 Use ~string for Ordered.
• be61f00 Test across many Go versions.
• 1257d40 Create a generic BTreeG for Go 1.18 and beyond.
• ac7cc57 Merge pull request #39 from google/actions
• b5a6bf7 Remove travis badge
• cc35b3d Add verbose flag
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign jsafrane for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[k8s-ci-robot]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[github-actions]

Code Coverage Diff

This PR does not change the code coverage

[AndrewSirenko]

FYI looks like v1.0.0 of containderd/errdefs is the culprit of these CI failures:

../../../../pkg/mod/github.com/google/[email protected]/container/containerd/client.go:117:23: undefined: errdefs.FromGRPC

[k8s-ci-robot]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-aws-ebs-csi-driver-verify	df36e43	link	true	/test pull-aws-ebs-csi-driver-verify
pull-aws-ebs-csi-driver-e2e-single-az	df36e43	link	true	/test pull-aws-ebs-csi-driver-e2e-single-az
pull-aws-ebs-csi-driver-e2e-multi-az	df36e43	link	true	/test pull-aws-ebs-csi-driver-e2e-multi-az

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[AndrewSirenko]

For posterity:

running go get -u ./... locally also leads to this diff, and make verify failing:

❯ make verify
go vet $(go list ./...)
# github.com/google/cadvisor/container/containerd
../../go/pkg/mod/github.com/google/[email protected]/container/containerd/client.go:117:23: undefined: errdefs.FromGRPC
../../go/pkg/mod/github.com/google/[email protected]/container/containerd/client.go:127:21: undefined: errdefs.FromGRPC
../../go/pkg/mod/github.com/google/[email protected]/container/containerd/client.go:138:22: undefined: errdefs.FromGRPC
make: *** [verify/govet] Error 1
~/workplace/aws-ebs-csi-driver master

Therefore not a dependabot bug.