Bump the go-modules group across 1 directory with 5 updates by dependabot[bot] · Pull Request #1243 · paketo-buildpacks/python

dependabot · 2026-03-24T07:52:55Z

Bumps the go-modules group with 2 updates in the / directory: github.com/paketo-buildpacks/occam and github.com/klauspost/compress.

Updates github.com/paketo-buildpacks/occam from 0.31.1 to 0.31.3

Release notes

Sourced from github.com/paketo-buildpacks/occam's releases.

v0.31.3

What's Changed

chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25.2 to v2.25.5 by @paketo-bot in paketo-buildpacks/occam#445

chore(deps): updated module github.com/google/go-containerregistry from v0.21.1 to v0.21.3 by @paketo-bot in paketo-buildpacks/occam#457

Full Changelog: paketo-buildpacks/occam@v0.31.2...v0.31.3

v0.31.2

What's Changed

chore(deps): updated module github.com/testcontainers/testcontainers-go from v0.39.0 to v0.40.0 by @paketo-bot in paketo-buildpacks/occam#441

chore(deps): updated module github.com/docker/docker from v28.5.1+incompatible to v28.5.2+incompatible by @paketo-bot in paketo-buildpacks/occam#440

chore(deps): updated module github.com/onsi/gomega from v1.38.3 to v1.39.1 by @paketo-bot in paketo-buildpacks/occam#452

Updates github-config by @paketo-bot in paketo-buildpacks/occam#446

Updates go mod version to 1.26.1 by @paketo-bot in paketo-buildpacks/occam#455

Full Changelog: paketo-buildpacks/occam@v0.31.1...v0.31.2

Commits

0a7c1ac chore(deps): updated module github.com/google/go-containerregistry from v0.21...
e3a5bde chore(deps): updated module github.com/paketo-buildpacks/packit/v2 from v2.25...
6914d4b Updates go mod version to 1.26.1
a2ee454 Fix linter issues (#456)
99c82d2 Updating github-config
0277272 Updating github-config
cdd83bd Updating github-config
f46bf41 chore(deps): updated module github.com/onsi/gomega from v1.38.3 to v1.39.1 (#...
1c6c42d chore(deps): updated module github.com/docker/docker from v28.5.1+incompatibl...
7162009 chore(deps): updated module github.com/testcontainers/testcontainers-go from ...
See full diff in compare view

Updates github.com/containerd/platforms from 0.2.1 to 1.0.0-rc.2

Release notes

Sourced from github.com/containerd/platforms's releases.

v1.0.0-rc.2

What's Changed

Add WS2025 to Windows matcher and code optimizations by @kiashok in containerd/platforms#24

use windowsMatchComparer for OSVersion match order by @mweibel in containerd/platforms#25

New Contributors

@mweibel made their first contribution in containerd/platforms#25

Full Changelog: containerd/platforms@v1.0.0-rc.1...v1.0.0-rc.2

v1.0.0-rc.1

What's Changed

Replace arm64 minor variant logic with lookup table by @harryzcy in containerd/platforms#18

replace testify with stdlib in tests by @thaJeztah in containerd/platforms#21

Move windows matcher logic so all platforms can use by @cpuguy83 in containerd/platforms#22

New Contributors

@cpuguy83 made their first contribution in containerd/platforms#22

Full Changelog: containerd/platforms@v1.0.0-rc.0...v1.0.0-rc.1

v1.0.0-rc.0

First release candidate for platforms to stabilize the interface. This release also brings in support for arm64/v9 and arm64

What's Changed

Update GitHub Actions packages and runners for deprecations by @austinvazquez in containerd/platforms#14

go.mod: github.com/opencontainers/image-spec v1.1.0, golang.org/x/sys v0.26.0 by @AkihiroSuda in containerd/platforms#15

Support arm64/v9 and minor variants by @harryzcy in containerd/platforms#8

New Contributors

@austinvazquez made their first contribution in containerd/platforms#14

@AkihiroSuda made their first contribution in containerd/platforms#15

@harryzcy made their first contribution in containerd/platforms#8

Full Changelog: containerd/platforms@v0.2.1...v1.0.0-rc.0

Commits

2e51fd9 Merge pull request #25 from helio/windows-os-version-sort
8c0d9f9 use windowsMatchComparer for OSVersion match order
2fec6c4 Merge pull request #24 from kiashok/add-ws2025
8447b0a Update ci.yml
4549974 Add WS2025 to Windows matcher and code optimizations
e3566b8 Merge pull request #22 from cpuguy83/windows_everywhere
7c58292 Move windows matcher logic so all platforms can use
9ada2e3 Merge pull request #21 from thaJeztah/stdlib_testing
458d3b7 Merge pull request #18 from harryzcy/arm64-lookup
86a86b7 replace testify with stdlib in tests
Additional commits viewable in compare view

Updates github.com/google/go-containerregistry from 0.21.2 to 0.21.3

Release notes

Sourced from github.com/google/go-containerregistry's releases.

v0.21.3

What's Changed

Adds local file support to the crane index subcommand by @edwardthiele in google/go-containerregistry#2223

migrate to github.com/moby/moby modules by @thaJeztah in google/go-containerregistry#2228

Bump the go-deps group across 4 directories with 7 updates by @dependabot[bot] in google/go-containerregistry#2233

Bump goreleaser/goreleaser-action from 6.4.0 to 7.0.0 in the actions group by @dependabot[bot] in google/go-containerregistry#2220

mutate: reject path traversal and symlink escape in Extract by @KevinZhao in google/go-containerregistry#2227

tarball: detect symlink cycles in extractFileFromTar by @vnykmshr in google/go-containerregistry#2232

bump golang to 1.25.7 by @Subserial in google/go-containerregistry#2236

New Contributors

@edwardthiele made their first contribution in google/go-containerregistry#2223

@thaJeztah made their first contribution in google/go-containerregistry#2228

@KevinZhao made their first contribution in google/go-containerregistry#2227

@vnykmshr made their first contribution in google/go-containerregistry#2232

Full Changelog: google/go-containerregistry@v0.21.2...v0.21.3

Commits

3888fb8 bump golang to 1.25.7 (#2236)
f439624 tarball: detect symlink cycles in extractFileFromTar (#2232)
400c263 mutate: reject path traversal and symlink escape in Extract (#2227)
47eedc9 Bump goreleaser/goreleaser-action in the actions group (#2220)
be0a845 Bump the go-deps group across 4 directories with 7 updates (#2233)
e916301 migrate to github.com/moby/moby modules (#2228)
8b2478e Adds local file support to the crane index subcommand (#2223)
See full diff in compare view

Updates github.com/klauspost/compress from 1.18.4 to 1.18.5

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.5

What's Changed

zstd: Fix crash when changing encoder dictionary with same ID by @klauspost in klauspost/compress#1135

zstd: Default to full zero frames by @klauspost in klauspost/compress#1134

flate: Clean up histogram order by @klauspost in klauspost/compress#1133

Full Changelog: klauspost/compress@v1.18.4...v1.18.5

Commits

c5e0077 zstd: Fix encoder changing dictionary with same ID (#1135)
fd3f23e zstd: Default to full zero frames (#1134)
8233c58 flate: Clean up histogram order (#1133)
bcf0d12 build(deps): bump the github-actions group with 3 updates (#1132)
cf758fe ci: Upgrade Go versions, clean up (#1130)
77cc520 Add v1.18.4
See full diff in compare view

Updates github.com/paketo-buildpacks/packit/v2 from 2.25.4 to 2.25.5

Release notes

Sourced from github.com/paketo-buildpacks/packit/v2's releases.

v2.25.5

What's Changed

Bump github.com/anchore/syft from 1.40.0 to 1.40.1 by @dependabot[bot] in paketo-buildpacks/packit#729

Bump modernc.org/sqlite from 1.44.0 to 1.44.1 by @dependabot[bot] in paketo-buildpacks/packit#730

Bump modernc.org/sqlite from 1.44.1 to 1.44.2 by @dependabot[bot] in paketo-buildpacks/packit#732

Updates go mod version to 1.25.6 by @paketo-bot in paketo-buildpacks/packit#731

Bump modernc.org/sqlite from 1.44.2 to 1.44.3 by @dependabot[bot] in paketo-buildpacks/packit#733

Bump github.com/anchore/syft from 1.40.1 to 1.41.0 by @dependabot[bot] in paketo-buildpacks/packit#734

Bump github.com/onsi/gomega from 1.39.0 to 1.39.1 by @dependabot[bot] in paketo-buildpacks/packit#735

Bump github.com/anchore/syft from 1.41.0 to 1.41.1 by @dependabot[bot] in paketo-buildpacks/packit#736

Bump github.com/gabriel-vasile/mimetype from 1.4.12 to 1.4.13 by @dependabot[bot] in paketo-buildpacks/packit#737

Updates go mod version to 1.25.7 by @paketo-bot in paketo-buildpacks/packit#739

Bump github.com/anchore/syft from 1.41.1 to 1.41.2 by @dependabot[bot] in paketo-buildpacks/packit#738

Bump modernc.org/sqlite from 1.44.3 to 1.45.0 by @dependabot[bot] in paketo-buildpacks/packit#741

Bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 by @dependabot[bot] in paketo-buildpacks/packit#740

Bump github.com/anchore/syft from 1.41.2 to 1.42.0 by @dependabot[bot] in paketo-buildpacks/packit#742

Updates go mod version to 1.26.0 by @paketo-bot in paketo-buildpacks/packit#743

Bump modernc.org/sqlite from 1.45.0 to 1.46.0 by @dependabot[bot] in paketo-buildpacks/packit#744

Bump modernc.org/sqlite from 1.46.0 to 1.46.1 by @dependabot[bot] in paketo-buildpacks/packit#745

Bump github.com/anchore/syft from 1.42.0 to 1.42.1 by @dependabot[bot] in paketo-buildpacks/packit#746

Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 by @dependabot[bot] in paketo-buildpacks/packit#747

Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 by @dependabot[bot] in paketo-buildpacks/packit#748

Bump github.com/anchore/syft from 1.42.1 to 1.42.2 by @dependabot[bot] in paketo-buildpacks/packit#751

Bump modernc.org/sqlite from 1.46.1 to 1.46.2 by @dependabot[bot] in paketo-buildpacks/packit#752

Bump modernc.org/sqlite from 1.46.2 to 1.47.0 by @dependabot[bot] in paketo-buildpacks/packit#753

Structure re-usability for the extension by @pacostas in paketo-buildpacks/packit#754

Updates github-config by @paketo-bot in paketo-buildpacks/packit#749

Updates go mod version to 1.26.1 by @paketo-bot in paketo-buildpacks/packit#750

Full Changelog: paketo-buildpacks/packit@v2.25.4...v2.25.5

Commits

388f655 Updates go mod version to 1.26.1
ec5163e Updating github-config
1ed4352 Structure re-usability for the extension (#754)
1178810 Bump modernc.org/sqlite from 1.46.2 to 1.47.0
dc41ad0 Bump modernc.org/sqlite from 1.46.1 to 1.46.2
66b11fa Bump github.com/anchore/syft from 1.42.1 to 1.42.2
0172ef8 Bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0
f3c1964 Bump github.com/cloudflare/circl from 1.6.1 to 1.6.3
82aea99 Bump github.com/anchore/syft from 1.42.0 to 1.42.1
e16f8b8 Bump modernc.org/sqlite from 1.46.0 to 1.46.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-modules group with 2 updates in the / directory: [github.com/paketo-buildpacks/occam](https://github.com/paketo-buildpacks/occam) and [github.com/klauspost/compress](https://github.com/klauspost/compress). Updates `github.com/paketo-buildpacks/occam` from 0.31.1 to 0.31.3 - [Release notes](https://github.com/paketo-buildpacks/occam/releases) - [Commits](paketo-buildpacks/occam@v0.31.1...v0.31.3) Updates `github.com/containerd/platforms` from 0.2.1 to 1.0.0-rc.2 - [Release notes](https://github.com/containerd/platforms/releases) - [Commits](containerd/platforms@v0.2.1...v1.0.0-rc.2) Updates `github.com/google/go-containerregistry` from 0.21.2 to 0.21.3 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Commits](google/go-containerregistry@v0.21.2...v0.21.3) Updates `github.com/klauspost/compress` from 1.18.4 to 1.18.5 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.4...v1.18.5) Updates `github.com/paketo-buildpacks/packit/v2` from 2.25.4 to 2.25.5 - [Release notes](https://github.com/paketo-buildpacks/packit/releases) - [Commits](paketo-buildpacks/packit@v2.25.4...v2.25.5) --- updated-dependencies: - dependency-name: github.com/paketo-buildpacks/occam dependency-version: 0.31.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/containerd/platforms dependency-version: 1.0.0-rc.2 dependency-type: indirect update-type: version-update:semver-major dependency-group: go-modules - dependency-name: github.com/google/go-containerregistry dependency-version: 0.21.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/klauspost/compress dependency-version: 1.18.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules - dependency-name: github.com/paketo-buildpacks/packit/v2 dependency-version: 2.25.5 dependency-type: indirect update-type: version-update:semver-patch dependency-group: go-modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 24, 2026

dependabot bot requested review from a team as code owners March 24, 2026 07:52

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 24, 2026

paketo-bot added the semver:patch A change requiring a patch version bump label Mar 24, 2026

paketo-bot-reviewer approved these changes Mar 24, 2026

View reviewed changes

paketo-bot merged commit f06f4a5 into main Mar 24, 2026
9 of 10 checks passed

paketo-bot deleted the dependabot/go_modules/go-modules-ac9c2708e4 branch March 24, 2026 08:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go-modules group across 1 directory with 5 updates#1243

Bump the go-modules group across 1 directory with 5 updates#1243
paketo-bot merged 1 commit intomainfrom
dependabot/go_modules/go-modules-ac9c2708e4

dependabot bot commented on behalf of github Mar 24, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Mar 24, 2026

v0.31.3

What's Changed

v0.31.2

What's Changed

v1.0.0-rc.2

What's Changed

New Contributors

v1.0.0-rc.1

What's Changed

New Contributors

v1.0.0-rc.0

What's Changed

New Contributors

v0.21.3

What's Changed

New Contributors

v1.18.5

What's Changed

v2.25.5

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants