Skip to content

Comments

Bump github.com/moby/buildkit from 0.19.0 to 0.21.1#149

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/github.com/moby/buildkit-0.21.1
Open

Bump github.com/moby/buildkit from 0.19.0 to 0.21.1#149
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/github.com/moby/buildkit-0.21.1

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 29, 2025

Bumps github.com/moby/buildkit from 0.19.0 to 0.21.1.

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.21.0

Welcome to the v0.21.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi
  • CrazyMax
  • Akihiro Suda
  • Jonathan A. Sternberg
  • Anthony Nandaa
  • Sebastiaan van Stijn
  • Dan Duvall
  • Austin Vazquez
  • Billy Owire
  • Derek McGowan
  • Gleb Nebolyubov
  • Michael Korn

Notable Changes

  • Builtin Dockerfile frontend has been updated to v1.15.0. changelog
  • Runc container runtime has been updated to v1.2.6. #5845
  • The cache manifest created by --cache-to now defaults to OCI artifact manifest (instead of OCI image index). For old behavior, set image-manifest=false. #5864
  • The cache timeout for registry credentials has been reduced from 10 min to 5 min. #5859
  • Buildctl --tlsdir option now allows filenames compatible with cert-manager.io. #5886
  • Update free-space filter GC/prune filter to not remove all data when no max-space value is set. #5827
  • Mitigate GitHub Actions cache v2 flakiness. #5805
  • Add autoallow and entitlements support to CDI devices. #5742
  • Support authentication in LLB for Git and HTTP. #5733
  • Support for adding additional request header fields for HTTP sources. #5732
  • OpenTelemetry traces now contain spans for layer extraction. #5831
  • containerd image exporter creates dangling images by default. #5858
  • Add support for bind and cache mounts for WCOW. #5708
  • Add session exporter capability. #5907 #5908
  • Add metadata-only transfer option for local source. #5897
  • Fix X mode to be Linux-compatible for file operations using chmod. #5850
  • Fix --chmod when applied to parent directories. #5788
  • Fix missing user-agent when buildkit requests layers from the registry. #5834
  • Fix missing user-agent for GitHub Actions importer. #5759 #5760
  • Fix reading secrets from any session on parallel build requests. #5833
  • Fix race condition causing "file used by another process" errors with WCOW. #5885

Dependency Changes

  • github.com/docker/cli v27.5.1 -> v28.0.4

... (truncated)

Commits
  • 66735c6 Merge pull request #5952 from jsternberg/v0.21.1-picks
  • 73bda6d buildctl: fix tlsdir handling logic for cert-manager.io
  • f0c85bf dockerui: update platforms key calculation
  • 869d97b frontend/dockerui/build: fix "no scan targets for linux/arm64/v8"
  • ebd9734 frontend/dockerui/build.go: split normalizePlatform()
  • 0ded51e control: make sure sending nil cache options does not panic
  • 52b004d Merge pull request #5909 from crazy-max/v0.21-picks-rc2
  • a55f22d source: add metadata-only transfer option for local source
  • c27d431 exporter: allow session exporter to access refs
  • 571d411 exporter: add session exporter capability
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/moby/buildkit from 0.19.0 to 0.21.1
0115fe7 
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.19.0 to 0.21.1.
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](moby/buildkit@v0.19.0...v0.21.1)

---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 29, 2025
@dependabot dependabot bot mentioned this pull request Apr 29, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants