build(deps): bump the dependencies group with 5 updates

[dependabot]

Bumps the dependencies group with 5 updates:

Package	From	To
github.com/fsouza/go-dockerclient	1.9.8	1.10.0
github.com/containerd/containerd	1.7.6	1.7.8
github.com/klauspost/compress	1.17.0	1.17.2
golang.org/x/mod	0.12.0	0.13.0
golang.org/x/tools	0.13.0	0.14.0

Updates github.com/fsouza/go-dockerclient from 1.9.8 to 1.10.0

Release notes

Sourced from github.com/fsouza/go-dockerclient's releases.

Version compatible with Docker 1.9 and Go 1.4

This has a special tag name to make it clear that it was the latest version compatible with Docker 1.9 and Go 1.4.

Commits

• 928b5d0 feat: add platform parameter to container create (#1017)
• de9a655 build(deps): bump golang.org/x/term from 0.12.0 to 0.13.0 (#1016)
• 92ea21d build(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#1013)
• 2fd82ff build(deps): bump github.com/docker/docker (#1012)
• 96ef034 build(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#1011)
• 912ca4e build(deps): bump golang.org/x/term from 0.11.0 to 0.12.0 (#1010)
• 50bee9e build(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#1008)
• 5309a09 build(deps): bump github.com/moby/patternmatcher from 0.5.0 to 0.6.0 (#1007)
• 1f26ca9 build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1006)
• 118acac build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 (#1005)
• See full diff in compare view

Updates github.com/containerd/containerd from 1.7.6 to 1.7.8

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.8

Welcome to the v1.7.8 release of containerd!

The eighth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• Fix ambiguous TLS fallback (#9299)
• Update Go to 1.20.10 (#9265)
• Add a new image label on converted schema 1 images (#9252)
• Fix handling for missing basic auth credentials (#9235)
• Fix potential deadlock in create handler for containerd-shim-runc-v2 (#9209)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Sebastiaan van Stijn
• Derek McGowan
• Phil Estes
• Chen Yiyang
• Wei Fu
• Akihiro Suda
• Maksym Pavlenko
• Marat Radchenko
• Milas Bowman
• Qiutong Song
• Samuel Karp

Changes

• [release/1.7] Prepare release notes for v1.7.8 (#9278)
  • 48dbdf871 Prepare release notes for v1.7.8
• [release/1.7] Fix ambiguous tls fallback (#9299)
  • 68abc543b Check scheme and host of request on push redirect
  • 35c7634e3 Avoid TLS fallback when protocol is not ambiguous
• [release/1.7] vendor: google.golang.org/grpc v1.58.3 (#9281)
  • f36948cad vendor: gRPC v1.58.3
• [release/1.7 backport] vendor: golang.org/x/net v0.17.0 (#9276)
  • c67a53190 vendor: golang.org/x/net v0.17.0
  • 71f4b36ca vendor: golang.org/x/text v0.13.0
  • a7b3b7090 vendor: golang.org/x/sys v0.13.0
• [release/1.7] vendor: google.golang.org/grpc v1.56.3 (#9248)
  • 26736d6e1 vendor: google.golang.org/grpc v1.56.3
  • 54a69a6e4 vendor: golang.org/x/oauth2 v0.7.0

... (truncated)

Commits

• 8e4b0bd Merge pull request #9278 from dmcgowan/prepare-v1.7.8
• 48dbdf8 Prepare release notes for v1.7.8
• 6a9a187 Merge pull request #9299 from dmcgowan/1.7-fix-ambiguous-tls-fallback
• bb65a3a Merge pull request #9281 from milas/grpc-1.58.3-1.7
• 68abc54 Check scheme and host of request on push redirect
• 35c7634 Avoid TLS fallback when protocol is not ambiguous
• f36948c vendor: gRPC v1.58.3
• f118563 Merge pull request #9276 from thaJeztah/1.7_backport_bump_x_net
• c67a531 vendor: golang.org/x/net v0.17.0
• 71f4b36 vendor: golang.org/x/text v0.13.0
• Additional commits viewable in compare view

Updates github.com/klauspost/compress from 1.17.0 to 1.17.2

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.17.2

What's Changed

• zstd: Fix corrupted output in "best" by @​klauspost in klauspost/compress#876

Full Changelog: klauspost/compress@v1.17.1...v1.17.2

v1.17.1

What's Changed

• s2: Fix S2 "best" dictionary wrong encoding by @​klauspost in klauspost/compress#871
• flate: Reduce allocations in decompressor and minor code improvements by @​fakefloordiv in klauspost/compress#869
• s2: Fix EstimateBlockSize on 6&7 length input by @​klauspost in klauspost/compress#867
• tests: Fuzzing Coverage Expansion by @​viktoriia-lsg in klauspost/compress#866
• tests: Set FSE decompress fuzzer max limit by @​klauspost in klauspost/compress#868
• tests: Fuzzing Coverage Expansion (#2) by @​viktoriia-lsg in klauspost/compress#870

New Contributors

• @​viktoriia-lsg made their first contribution in klauspost/compress#866
• @​fakefloordiv made their first contribution in klauspost/compress#869

Full Changelog: klauspost/compress@v1.17.0...v1.17.1

Commits

• 8eb6542 zstd: Fix corrupted output in "best" (#876)
• 68eabfa s2: Fix S2 best dictionary wrong encoding (#871)
• 85bbf19 Update README.md
• 4af4344 Fuzzing Coverage Expansion (#2) (#870)
• c051ef1 Reduce allocations in flate decompressor and minor code improvements (#869)
• 2d59657 test: Set FSE decompress fuzzer max limit (#868)
• 0e1030c Fuzzing Coverage Expansion (#866)
• e670df9 s2: Fix EstimateBlockSize on 6&7 length input (#867)
• c634b49 Revert "zstd: Reject empty compressed blocks (#862)" (#865)
• 6125c11 zstd: Reject empty compressed blocks (#862)
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.12.0 to 0.13.0

Commits

• 5b69280 modfile: use new go version string format in error message
• 273ef6c go.mod: update to go 1.18 and x/tools v0.13.0
• See full diff in compare view

Updates golang.org/x/tools from 0.13.0 to 0.14.0

Release notes

Sourced from golang.org/x/tools's releases.

gopls/v0.14.0

These are release notes are identical to the v0.14.0-pre.4 prerelease notes. Thanks to all who tested the prerelease!

go install golang.org/x/tools/gopls@v0.14.0

This release includes initial support for the "inline call to function" refactoring, as well as a few other smaller features. It also includes several bug fixes, notably a fix for a performance regression in completion that may be significant in some environments.

The release also contains support for opt-in telemetry. If you want, you can enable the periodic uploading of telemetry data, including gopls stack traces and metrics, but never your source code, to telemetry.go.dev. See below for details.

New Features

Refactoring: inline call to function

This release includes a new code action to inline function calls:

While the outcome of this operation may be a simple replacement, there's a lot going on under the covers. For example, the new inliner checks whether changes to the order of argument evaluation could have unintended consequences. If so, it is careful to replicate the original behavior:

add preserves the order of effects	...but sub does not

The goal of the inliner is to rewrite your code idiomatically without introducing behavior changes. See the inlining documentation for more details.

When the call cannot be reduced to a simple expression, the inliner may fall back on an immediately invoked function literal (func() { statements }()) as this is often the only way to preserve the original behavior. As we continue to work on refactoring, we'll add additional rewriting strategies that avoid this fall-back in more cases.

Refactoring: removing unused parameters

The techniques described in the previous section serve as a foundation for other refactoring operations. As a proof of concept, this release also includes a code action to remove unused parameters. Since this operation uses inlining behind the scenes, it gets all of the related safety checks and rewriting strategies for free:

Improved support for go:embed directives

This release includes improved support for //go:embed directives, including hover and jump-to-definition.

New analyses

This release include three new static analyses, all of which are enabled by default.

"appends": reports calls to append that pass no values to be appended to the slice.

"defers": checks for common mistakes in defer statements.

... (truncated)

Commits

• 3f4194e go.mod: update golang.org/x dependencies
• 1e4ce7c internal/refactor/inline: yet more tweaks to everything test
• ee20ddf internal/refactor/inline: permit return conversions in tailcall
• db1d1e0 gopls/internal/lsp: go to definition from embed directive
• 2be977e internal/refactor/inline: work around channel type misformatting
• 0ba9c84 internal/fuzzy: several improvements for symbol matching
• c2725ad gopls: update x/telemetry dependency
• e8722c0 go/types/internal/play: show types.Selection information
• a819c61 internal/refactor/inline: eliminate unnecessary binding decl
• 102b64b internal/refactor/inline: tweak everything-test docs again
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions