chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 #2060

dependabot · 2024-04-25T19:56:00Z

Bumps github.com/containerd/containerd from 1.7.13 to 1.7.16.

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.16

Welcome to the v1.7.16 release of containerd!

The sixteenth patch release for containerd 1.7 contains various fixes and updates.

Highlights

Update AppArmor template to allow confined runc to kill containers (#10129)

Fix config import relative path glob (#9834)

Update AppArmor template to better support rootlesskit (#10116)

Update HTTP fallback to better account for TLS timeout and previous attempts (#10112)

Add support for HPC port forwarding (#10008)

Prevent GC from schedule itself with 0 period. (#10102)

Fix issue with using invalid token to retry fetching layer (#10065)

Automatically decompress archives for transfer service import (#9989)

Fix HTTPFallback fails when pushing manifest (#10044)

Add support for configuring otel from env and config deprecation notice (#9992)

Fix deadlock during NRI plugin registration (containerd/nri#79)

Build and Release Toolchain

Update Go to 1.21.9 and 1.22.2 with net/http security fix (#10115)

Container Runtime Interface (CRI)

Fix CRI snapshotter root path when not under containerd root (#10096)

Fix network creation failure from CreatedAt time as 269 years ago (#10122)

Include userns info in PodSandboxStatus (#9865)

Fix default working directory Windows HostProcess containers (#10071)

Fix ListPodSandboxStats to skip sandboxes with missing tasks (#10042)

Deprecations

Add support for configuring otel from env and config deprecation notice (#9992)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

Derek McGowan

Samuel Karp

Wei Fu

Danny Canter

Kazuyoshi Kato

Kirtana Ashok

Maksym Pavlenko

Phil Estes

Sebastiaan van Stijn

Brian Goff

... (truncated)

Commits

8303183 Merge pull request #10124 from kiashok/new-1.7.16-tag
fb2d43a Merge pull request #10129 from k8s-infra-cherrypick-robot/cherry-pick-10123-t...
1c62308 Add release notes for v1.7.16
18a2c36 apparmor: Allow confined runc to kill containers
ae97657 Merge pull request #9834 from neoaggelos/fix/config-relative
c4a8642 Merge pull request #10096 from Kern--/cri-remote-snapshotter-stats
733d456 Merge pull request #10122 from AkihiroSuda/cherrypick-9673-1.7
293f515 pod: CreatedAt time will be 269 years ago while creating cri network failed.
e412ca7 Merge pull request #10116 from AkihiroSuda/cherrypick-10111-1.7
d8acdaf Merge pull request #10115 from thaJeztah/1.7_backport_go1.21.9
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.13 to 1.7.16. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.13...v1.7.16) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…t#2060) Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.13 to 1.7.16. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.13...v1.7.16) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(dependabot): bump k8s.io/api from 0.29.1 to 0.29.2 (#1955) Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.29.1 to 0.29.2. - [Commits](kubernetes/api@v0.29.1...v0.29.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/opencontainers/image-spec (#1954) Bumps [github.com/opencontainers/image-spec](https://github.com/opencontainers/image-spec) from 1.1.0-rc6 to 1.1.0. - [Release notes](https://github.com/opencontainers/image-spec/releases) - [Changelog](https://github.com/opencontainers/image-spec/blob/main/RELEASES.md) - [Commits](opencontainers/image-spec@v1.1.0-rc6...v1.1.0) --- updated-dependencies: - dependency-name: github.com/opencontainers/image-spec dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump the go_modules group across 1 directories with 1 update (#1950) Bumps the go_modules group with 1 update in the /. directory: [helm.sh/helm/v3](https://github.com/helm/helm). Updates `helm.sh/helm/v3` from 3.14.0 to 3.14.1 - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.0...v3.14.1) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump k8s.io/cli-runtime from 0.29.1 to 0.29.2 (#1953) Bumps [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) from 0.29.1 to 0.29.2. - [Commits](kubernetes/cli-runtime@v0.29.1...v0.29.2) --- updated-dependencies: - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump sigs.k8s.io/controller-runtime (#1952) Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.17.0 to 0.17.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](kubernetes-sigs/controller-runtime@v0.17.0...v0.17.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/mandelsoft/vfs from 0.4.0 to 0.4.1 (#1956) Bumps [github.com/mandelsoft/vfs](https://github.com/mandelsoft/vfs) from 0.4.0 to 0.4.1. - [Release notes](https://github.com/mandelsoft/vfs/releases) - [Commits](mandelsoft/vfs@v0.4...v0.4.1) --- updated-dependencies: - dependency-name: github.com/mandelsoft/vfs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump k8s.io/apiextensions-apiserver (#1957) Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.29.1 to 0.29.2. - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](kubernetes/apiextensions-apiserver@v0.29.1...v0.29.2) --- updated-dependencies: - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#1961) Bumps [go.uber.org/zap](https://github.com/uber-go/zap) from 1.26.0 to 1.27.0. - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.26.0...v1.27.0) --- updated-dependencies: - dependency-name: go.uber.org/zap dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 (#1965) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.1 to 3.14.2. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.1...v3.14.2) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/mandelsoft/vfs from 0.4.1 to 0.4.3 (#1968) Bumps [github.com/mandelsoft/vfs](https://github.com/mandelsoft/vfs) from 0.4.1 to 0.4.3. - [Release notes](https://github.com/mandelsoft/vfs/releases) - [Commits](mandelsoft/vfs@v0.4.1...v0.4.3) --- updated-dependencies: - dependency-name: github.com/mandelsoft/vfs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Bump `ocm` dependency to `v0.7.0` (#1971) * chore: Bump 'ocm' dependency to 0.7.0 * revert isEquivalent undo * Update CODEOWNERS (#1974) * chore: Add Python 3.12 environment (#1976) * Add Python 3.12 * docs: fix identation * chore: Deprecate Python39 environment (#1983) * chore: Remove Nodejs16 environment (#1985) * chore: Add Nodejs20 environment (#1982) * Bump hydroform (#1998) * Bump Hydroform functions (#2000) * chore: Deprecate Nodejs18 environment (#2005) * fix: Security config ignored (#2003) * Make security config from config file work * Make security config from config file work * Make security config from config file work * review fix * chore: Make Nodejs20 default runtime (#2006) * chore: Make Nodejs20 default runtime * use non-default runtime in tests * chore(dependabot): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1978) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.4...v1.9.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.17.1 (#2015) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.15.0 to 2.17.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.15.0...v2.17.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump helm.sh/helm/v3 from 3.14.2 to 3.14.4 (#2038) Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.2 to 3.14.4. - [Release notes](https://github.com/helm/helm/releases) - [Commits](helm/helm@v3.14.2...v3.14.4) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/containerd/containerd (#2060) Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.13 to 1.7.16. - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.13...v1.7.16) --- updated-dependencies: - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump the go_modules group across 1 directory with 5 updates (#2064) Bumps the go_modules group with 3 updates in the / directory: [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose), [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) and google.golang.org/protobuf. Updates `github.com/go-jose/go-jose/v3` from 3.0.1 to 3.0.3 - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md) - [Commits](go-jose/go-jose@v3.0.1...v3.0.3) Updates `github.com/sigstore/cosign/v2` from 2.2.2 to 2.2.4 - [Release notes](https://github.com/sigstore/cosign/releases) - [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md) - [Commits](sigstore/cosign@v2.2.2...v2.2.4) Updates `golang.org/x/net` from 0.20.0 to 0.22.0 - [Commits](golang/net@v0.20.0...v0.22.0) Updates `google.golang.org/protobuf` from 1.33.0 to 1.34.0 Updates `gopkg.in/go-jose/go-jose.v2` from 2.6.2 to 2.6.3 --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/sigstore/cosign/v2 dependency-type: indirect dependency-group: go_modules - dependency-name: golang.org/x/net dependency-type: indirect dependency-group: go_modules - dependency-name: google.golang.org/protobuf dependency-type: indirect dependency-group: go_modules - dependency-name: gopkg.in/go-jose/go-jose.v2 dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump istio.io/client-go from 1.20.2 to 1.21.2 (#2077) Bumps [istio.io/client-go](https://github.com/istio/client-go) from 1.20.2 to 1.21.2. - [Commits](istio/client-go@1.20.2...1.21.2) --- updated-dependencies: - dependency-name: istio.io/client-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/onsi/gomega from 1.31.1 to 1.33.1 (#2078) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.31.1 to 1.33.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.31.1...v1.33.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump sigs.k8s.io/kustomize/kyaml (#2081) Bumps [sigs.k8s.io/kustomize/kyaml](https://github.com/kubernetes-sigs/kustomize) from 0.16.0 to 0.17.0. - [Release notes](https://github.com/kubernetes-sigs/kustomize/releases) - [Commits](kubernetes-sigs/kustomize@api/v0.16.0...api/v0.17.0) --- updated-dependencies: - dependency-name: sigs.k8s.io/kustomize/kyaml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.3 (#2079) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.17.1 to 2.17.3. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.17.1...v2.17.3) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/go-git/go-git/v5 (#2088) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.11.0 to 5.12.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christoph Schwägerl <acc.pius@mailbox.org> Co-authored-by: Jan Mędrek <jan.medrek@sap.com> Co-authored-by: Piotr Halama <piotr.halama@sap.com> Co-authored-by: Michał Kalke <56382792+MichalKalke@users.noreply.github.com> Co-authored-by: Krzysztof Kwiatosz <krzysztof.kwiatosz@sap.com> Co-authored-by: Tomasz Smelcerz <tomasz.smelcerz@sap.com>

dependabot bot requested a review from a team as a code owner April 25, 2024 19:56

dependabot bot added area/dependency Issues or PRs related to dependency changes go Pull requests that update Go code labels Apr 25, 2024

dependabot bot mentioned this pull request Apr 25, 2024

chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.15 #2035

Closed

kyma-bot added cla: yes Indicates the PR's author has signed the CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Apr 25, 2024

jeremyharisch approved these changes May 2, 2024

View reviewed changes

kyma-bot assigned jeremyharisch May 2, 2024

kyma-bot added the lgtm Looks good to me! label May 2, 2024

halamix2 approved these changes May 2, 2024

View reviewed changes

kyma-bot assigned halamix2 May 2, 2024

halamix2 merged commit 38ddaa3 into main May 2, 2024
14 checks passed

dependabot bot deleted the dependabot/go_modules/github.com/containerd/containerd-1.7.16 branch May 2, 2024 11:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 #2060

chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 #2060

dependabot bot commented on behalf of github Apr 25, 2024

chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 #2060

chore(dependabot): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 #2060

Conversation

dependabot bot commented on behalf of github Apr 25, 2024

containerd 1.7.16

Highlights

Build and Release Toolchain

Container Runtime Interface (CRI)

Deprecations

Contributors