build(deps): bump github.com/docker/buildx from 0.8.2 to 0.10.3

[dependabot]

Bumps github.com/docker/buildx from 0.8.2 to 0.10.3.

Release notes

Sourced from github.com/docker/buildx's releases.

v0.10.3

Welcome to the 0.10.3 release of buildx!

Please try out the release binaries and report any issues at https://github.com/docker/buildx/issues.

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and Lambda). You can optionally disable the default provenance attestation functionality using --provenance=false.

Notable changes

• Fix reachable commit and warnings on collecting Git provenance info #1592 #1634
• Fix a regression where docker context was not being validated #1596
• Fix function resolution with JSON bake definition #1605
• Fix case where original HCL bake diagnostic is discarded #1607
• Fix labels not correctly set with bake and compose file #1631

v0.10.2

Welcome to the 0.10.2 release of buildx!

Please try out the release binaries and report any issues at https://github.com/docker/buildx/issues.

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and Lambda). You can optionally disable the default provenance attestation functionality using --provenance=false.

Notable changes

• Fix preferred platforms order not taken into account in multi-node builds #1561
• Fix possible panic on handling SOURCE_DATE_EPOCH environment variable #1564
• Fix possible push error on multi-node manifest merge since BuildKit v0.11 on some registries #1566
• Improve warnings on collecting Git provenance info #1568

v0.10.1

Welcome to the 0.10.1 release of buildx!

Please try out the release binaries and report any issues at https://github.com/docker/buildx/issues.

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and Lambda). You can optionally disable the default provenance attestation functionality using --provenance=false.

Notable changes

• Fix sending the correct origin URL as vsc:source metadata #1548
• Fix possible panic from data-race #1504
• Fix regression with rm --all-inactive #1547

... (truncated)

Commits

• 79e156b Merge pull request #1636 from crazy-max/v0.10_backport_ci-update-ver
• c960d16 ci: update buildx and buildkit to latest
• b5b9de6 Merge pull request #1635 from crazy-max/v0.10_backport_fix-git-ambiguous
• 45863c4 Remove git warning: buildx/1633
• f2feea8 Merge pull request #1609 from crazy-max/0.10.3_cherry_picks
• a73d07f imagetools: process com.docker.reference.* annotations
• 0fad89c bake: avoid nesting error diagnostics
• 661af29 build: check reachable git commits
• 02cf539 gitutil: override the locale to ensure consistent output
• cc87bd1 bake: avoid early-exit for resolution failures
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)