Skip to content

Commit 46cdb8b

Browse files
another-rexanother-rex
authored
build: update osv-scalibr and buildkit to latest versions (#2814)
Updates osv-scalibr to the latest commit (migrated to containerd v2) and updates buildkit to v0.30.0.
1 parent bea4a3e commit 46cdb8b

2 files changed

Lines changed: 32 additions & 130 deletions

File tree

go.mod

Lines changed: 3 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ require (
1313
github.com/go-git/go-git/v5 v5.19.0
1414
github.com/gobwas/glob v0.2.3
1515
github.com/google/go-cmp v0.7.0
16-
github.com/google/osv-scalibr v0.4.6-0.20260514035136-d13148df68e0
16+
github.com/google/osv-scalibr v0.4.6-0.20260518013446-9bc6c845124a
1717
github.com/ianlancetaylor/demangle v0.0.0-20260505044615-1ff4bf46051f
1818
github.com/jedib0t/go-pretty/v6 v6.7.9
1919
github.com/modelcontextprotocol/go-sdk v1.5.0
@@ -39,18 +39,14 @@ require (
3939
require (
4040
bitbucket.org/creachadair/stringset v0.0.14 // indirect
4141
cloud.google.com/go/compute/metadata v0.9.0 // indirect
42-
cyphar.com/go-pathrs v0.2.4 // indirect
4342
dario.cat/mergo v1.0.2 // indirect
4443
deps.dev/util/maven v0.0.0-20260422013440-90c27f84dd6f // indirect
4544
deps.dev/util/pypi v0.0.0-20260422013440-90c27f84dd6f // indirect
4645
deps.dev/util/resolve v0.0.0-20260422013440-90c27f84dd6f // indirect
4746
deps.dev/util/semver v0.0.0-20260422013440-90c27f84dd6f // indirect
48-
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
49-
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20250520111509-a70c2aa677fa // indirect
5047
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
5148
github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 // indirect
5249
github.com/Microsoft/go-winio v0.6.2 // indirect
53-
github.com/Microsoft/hcsshim v0.14.1 // indirect
5450
github.com/ProtonMail/go-crypto v1.3.0 // indirect
5551
github.com/aead/serpent v0.0.0-20160714141033-fba169763ea6 // indirect
5652
github.com/agext/levenshtein v1.2.3 // indirect
@@ -79,17 +75,9 @@ require (
7975
github.com/clipperhouse/uax29/v2 v2.7.0 // indirect
8076
github.com/cloudflare/circl v1.6.3 // indirect
8177
github.com/compose-spec/compose-go/v2 v2.10.2 // indirect
82-
github.com/containerd/cgroups/v3 v3.1.0 // indirect
83-
github.com/containerd/containerd v1.7.29 // indirect
84-
github.com/containerd/containerd/api v1.10.0 // indirect
85-
github.com/containerd/continuity v0.4.5 // indirect
8678
github.com/containerd/errdefs v1.0.0 // indirect
8779
github.com/containerd/errdefs/pkg v0.3.0 // indirect
88-
github.com/containerd/fifo v1.1.0 // indirect
89-
github.com/containerd/log v0.1.0 // indirect
90-
github.com/containerd/platforms v1.0.0-rc.2 // indirect
9180
github.com/containerd/stargz-snapshotter/estargz v0.18.2 // indirect
92-
github.com/containerd/ttrpc v1.2.7 // indirect
9381
github.com/containerd/typeurl/v2 v2.2.3 // indirect
9482
github.com/cyphar/filepath-securejoin v0.6.1 // indirect
9583
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
@@ -98,12 +86,11 @@ require (
9886
github.com/distribution/reference v0.6.0 // indirect
9987
github.com/djherbis/times v1.6.0 // indirect
10088
github.com/dlclark/regexp2 v1.11.5 // indirect
101-
github.com/docker/cli v29.2.1+incompatible // indirect
89+
github.com/docker/cli v29.4.3+incompatible // indirect
10290
github.com/docker/distribution v2.8.3+incompatible // indirect
10391
github.com/docker/docker v28.5.2+incompatible // indirect
10492
github.com/docker/docker-credential-helpers v0.9.5 // indirect
10593
github.com/docker/go-connections v0.5.0 // indirect
106-
github.com/docker/go-events v0.0.0-20250114142523-c867878c5e32 // indirect
10794
github.com/docker/go-units v0.5.0 // indirect
10895
github.com/dsoprea/go-exfat v0.0.0-20190906070738-5e932fbdb589 // indirect
10996
github.com/dsoprea/go-logging v0.0.0-20200710184922-b02d349568dd // indirect
@@ -149,22 +136,14 @@ require (
149136
github.com/microcosm-cc/bluemonday v1.0.27 // indirect
150137
github.com/micromdm/plist v0.2.2 // indirect
151138
github.com/mitchellh/go-homedir v1.1.0 // indirect
152-
github.com/moby/buildkit v0.26.3 // indirect
139+
github.com/moby/buildkit v0.30.0 // indirect
153140
github.com/moby/docker-image-spec v1.3.1 // indirect
154-
github.com/moby/locker v1.0.1 // indirect
155-
github.com/moby/sys/mountinfo v0.7.2 // indirect
156-
github.com/moby/sys/sequential v0.6.0 // indirect
157-
github.com/moby/sys/signal v0.7.1 // indirect
158-
github.com/moby/sys/user v0.4.0 // indirect
159-
github.com/moby/sys/userns v0.1.0 // indirect
160141
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
161142
github.com/muesli/cancelreader v0.2.2 // indirect
162143
github.com/muesli/reflow v0.3.0 // indirect
163144
github.com/muesli/termenv v0.16.0 // indirect
164145
github.com/ncruces/go-strftime v1.0.0 // indirect
165146
github.com/opencontainers/image-spec v1.1.1 // indirect
166-
github.com/opencontainers/runtime-spec v1.2.1 // indirect
167-
github.com/opencontainers/selinux v1.14.1 // indirect
168147
github.com/pierrec/lz4/v4 v4.1.26 // indirect
169148
github.com/pjbgf/sha1cd v0.6.0 // indirect
170149
github.com/pkg/errors v0.9.1 // indirect
@@ -205,7 +184,6 @@ require (
205184
github.com/yuin/goldmark-emoji v1.0.6 // indirect
206185
github.com/yusufpapurcu/wmi v1.2.4 // indirect
207186
go.etcd.io/bbolt v1.4.3 // indirect
208-
go.opencensus.io v0.24.0 // indirect
209187
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
210188
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.68.0 // indirect
211189
go.opentelemetry.io/otel v1.43.0 // indirect
@@ -223,7 +201,6 @@ require (
223201
golang.org/x/text v0.37.0 // indirect
224202
golang.org/x/tools v0.45.0 // indirect
225203
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
226-
google.golang.org/genproto v0.0.0-20260511170946-3700d4141b60 // indirect
227204
google.golang.org/genproto/googleapis/api v0.0.0-20260511170946-3700d4141b60 // indirect
228205
google.golang.org/genproto/googleapis/rpc v0.0.0-20260511170946-3700d4141b60 // indirect
229206
gopkg.in/ini.v1 v1.67.2 // indirect

0 commit comments

Comments
 (0)