build(deps): bump the non-majors group with 16 updates

[dependabot]

Bumps the non-majors group with 16 updates:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.41.0	1.41.1
github.com/aws/aws-sdk-go-v2/config	1.32.6	1.32.7
github.com/aws/aws-sdk-go-v2/credentials	1.19.6	1.19.7
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.20.18	1.21.1
github.com/aws/aws-sdk-go-v2/service/s3	1.95.0	1.96.0
github.com/docker/cli	29.1.3+incompatible	29.2.0+incompatible
github.com/moby/buildkit	0.26.3	0.27.1
github.com/moby/moby/api	1.52.0	1.53.0
github.com/moby/moby/client	0.2.1	0.2.2
github.com/prometheus/common	0.67.4	0.67.5
github.com/tonistiigi/fsutil	0.0.0-20250605211040-586307ad452f	0.0.0-20251211185533-a2aa163d723f
github.com/traefik/traefik/v3	3.6.6	3.6.7
github.com/zeebo/xxh3	1.0.2	1.1.0
go.mongodb.org/mongo-driver	1.17.6	1.17.8
golang.org/x/crypto	0.46.0	0.47.0
golang.org/x/net	0.48.0	0.49.0

Updates github.com/aws/aws-sdk-go-v2 from 1.41.0 to 1.41.1

Commits

• dcbed91 Release 2026-01-09
• 08120e8 Regenerated Clients
• 1d7a925 Update endpoints model
• 482067d Update API model
• 4662404 remove example (#3282)
• c28a6f4 Release 2026-01-07
• 2fa7a72 Regenerated Clients
• 077cbaa Update endpoints model
• 3282dbc Update API model
• 3daa74a Release 2026-01-06
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.6 to 1.32.7

Commits

• 5a96470 Release 2024-12-19
• 653aa80 Regenerated Clients
• d02b239 Update endpoints model
• 698d709 Update API model
• 885de40 Fix improper use of Printf-style functions (#2934)
• 858298a Release 2024-12-18
• f58264a Regenerated Clients
• df31082 Update endpoints model
• 346690e Update API model
• 4515454 Release 2024-12-17
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.19.6 to 1.19.7

Commits

• e2e9697 Release 2025-01-31
• 6576a09 Regenerated Clients
• f762573 Update API model
• c94df29 add transfer manager doc header (#2990)
• 880543c revert the revert on the transfer manager beta (#2993)
• 8da49e5 switch to code-generated waiters for remaining services (#2994)
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.20.18 to 1.21.1

Commits

• e155bb7 Release 2023-10-06
• 9d342ba Regenerated Clients
• 1df9914 Update SDK's smithy-go dependency to v1.15.0
• 32ada3a Update API model
• 12ba4ac Release 2023-10-05
• be8a8e0 Regenerated Clients
• dc38adb Update endpoints model
• a52086e Update API model
• 1ed22c1 Release 2023-10-04
• e007bcd Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.95.0 to 1.96.0

Commits

• bdb98c5 Release 2026-01-28
• c878d57 Regenerated Clients
• 4f5d503 Update API model
• b7bf952 Feat release s3 transfer manager v2 (#3293)
• 0baa1dc Release 2026-01-27
• 11eae4b Regenerated Clients
• 297caa5 Update endpoints model
• 43d96e4 Update API model
• de58dc6 Release 2026-01-26
• dba39e6 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/docker/cli from 29.1.3+incompatible to 29.2.0+incompatible

Commits

• 0b9d198 Merge pull request #6764 from vvoland/update-docker
• 9c9ec73 vendor: github.com/moby/moby/client v0.2.2
• bab3e81 vendor: github.com/moby/moby/api v1.53.0
• 2e64fc1 Merge pull request #6367 from thaJeztah/template_slicejoin
• 1f2ba2a Merge pull request #6760 from thaJeztah/container_create_fix_error
• e34a342 templates: make "join" work with non-string slices and map values
• a86356d Merge pull request #6763 from thaJeztah/bump_mapstructure
• 771660a vendor: github.com/go-viper/mapstructure/v2 v2.5.0
• 9cff36b Merge pull request #6762 from thaJeztah/bump_x_deps
• 08ed2bc cli/command/container: make injecting config.json failures a warning
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.26.3 to 0.27.1

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.27.1

Welcome to the v0.27.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• CrazyMax
• Sebastiaan van Stijn
• Tõnis Tiigi

Notable Changes

• Fix possible panic when verifying signature of GitHub Actions cache moby/policy-helpers#21

Dependency Changes

• github.com/klauspost/compress v1.18.2 -> v1.18.3
• github.com/moby/policy-helpers 9fcc1a9ec5c9 -> eeebf1a0ab2b

Previous release can be found at v0.27.0

v0.27.0

buildkit 0.27.0

Welcome to the v0.27.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Akihiro Suda
• Sebastiaan van Stijn
• Justin Chadwell
• Jonathan A. Sternberg
• David Karlsson
• Dawei Wei
• Natnael Gebremariam
• Aleksandr Karpinskii
• Amr Mahdi
• Brian Goff
• Joyal George K J

... (truncated)

Commits

• 5fbebf9 Merge pull request #6497 from crazy-max/v0.27_picks_v0.27.1
• 6f52322 vendor: github.com/klauspost/compress v1.18.3
• 4651691 vendor: update moby/policy-helpers to eeebf1a
• 2bcd66d Merge pull request #6482 from tonistiigi/v0.27-picks-2
• 6c53e9e forwarder: fix concurrent map write panic in the gateway forwarder
• 64bc21a Merge pull request #6479 from tonistiigi/v0.27-picks
• 6f380e6 vendor: align google.golang.org/genproto/xxx versions
• a9c91f7 vendor: update go-actions-cache to 54bc28c2
• b2fc80e Merge pull request #6473 from tonistiigi/attestation-index-error
• a50e8a1 source: avoid error when attestation asked from non-index
• Additional commits viewable in compare view

Updates github.com/moby/moby/api from 1.52.0 to 1.53.0

Release notes

Sourced from github.com/moby/moby/api's releases.

api/v1.53.0

New

• GET /info now includes an NRI field. If the Node Resource Interface (NRI) is enabled, this field contains information describing it. moby/moby#51713
• New Identity field has been added to the inspect endpoint to show trusted origin information about the image. This includes build ref for locally built images, remote registry repository for pulled images, and verified signature information for images that contain a valid signed provenance attestation. moby/moby#51737

Bug fixes and enhancements

• GET /events now also supports application/jsonl when negotiating content-type. moby/moby#51668
• Explicitly reject multiple AuthConfig values being passed instead of ignoring them silently. moby/moby#51919
• Fix some empty fields not being omitted in API responses. moby/moby#51932
• Update MaxAPIVersion to 1.53. moby/moby#51725

Deprecations

• POST /grpc and POST /sessions are deprecated and will be removed in future. moby/moby#51721

Commits

• 15b87a4 Merge pull request #51936 from vvoland/drop-replace
• 4fa326f api: Cut v1.53
• f9ed31a Drop replace rules
• 2d8289c Merge pull request #51919 from htoyoda18/fix/decode
• ef6d8b0 Merge pull request #51910 from thaJeztah/refactor_listener_defaults
• 45aee52 Merge pull request #51862 from thaJeztah/identity_version_gate
• 31ffe93 Merge pull request #51932 from thaJeztah/api_omitzero
• a007682 Merge pull request #51931 from renovate-bot/renovate/actions-checkout-6.x
• 59abc76 daemon/pkg/opts: remove unused ParseHost
• 8afb45b loadDaemonCliConfig: explicitly set default host
• Additional commits viewable in compare view

Updates github.com/moby/moby/client from 0.2.1 to 0.2.2

Release notes

Sourced from github.com/moby/moby/client's releases.

client/v0.2.2

Bug fixes and enhancements

• GET /events now also supports application/jsonl when negotiating content-type. moby/moby#51668
• The http.Client value passed to client.WithHTTPClient() is now copied rather than mutated in-place. moby/moby#51817

API

• Update MaxAPIVersion to 1.53. moby/moby#51725

Deprecations

• client: ContainerListOptions: deprecate Since, Before, and Latest fields. moby/moby#51908

Changelog

Sourced from github.com/moby/moby/client's changelog.

0.2.2 (2012-05-03)

• Support for data volumes ('docker run -v=PATH')
• Share data volumes between containers ('docker run -volumes-from')
• Improved documentation

• Upgrade to Go 1.0.3
• Various upgrades to the dev environment for contributors

Commits

• 5ffd630 Bumped version to 0.2.2
• 7011322 + Documentation: new example: sharing data between 2 couchdb databases
• 18b8eeb + Support for data volumes
• a7c0e9a Fix a bug in the Makefile which caused dependency download to fail
• 19df5a7 Merge pull request #487 from brunoqc/patch-2
• 8ef72cb Merge pull request #508 from bdon/master
• 6cbe27b correct documentation for where images are stored on filesystem.
• a82b60b dockerbuilder: change order of dependencies
• c08d245 dockerbuilder: let the Makefile upload to s3 with 'make release'
• b6a5e60 Add s3 upload to 'make release'
• Additional commits viewable in compare view

Updates github.com/prometheus/common from 0.67.4 to 0.67.5

Release notes

Sourced from github.com/prometheus/common's releases.

v0.67.5

What's Changed

• build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 by @​dependabot[bot] in prometheus/common#871
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#866
• build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 by @​dependabot[bot] in prometheus/common#872
• build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 by @​dependabot[bot] in prometheus/common#870

Full Changelog: prometheus/common@v0.67.4...v0.67.5

Commits

• 934ff37 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 (#870)
• 1e29804 build(deps): bump golang.org/x/net from 0.46.0 to 0.48.0 (#872)
• 0bd1c40 Synchronize common files from prometheus/prometheus (#866)
• b644201 build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.34.0 (#871)
• See full diff in compare view

Updates github.com/tonistiigi/fsutil from 0.0.0-20250605211040-586307ad452f to 0.0.0-20251211185533-a2aa163d723f

Commits

• See full diff in compare view

Updates github.com/traefik/traefik/v3 from 3.6.6 to 3.6.7

Release notes

Sourced from github.com/traefik/traefik/v3's releases.

v3.6.7

⚠️ Breaking change ⚠️ As explained in the comment left on the CVE-2025-66490 fix, this new hotfix version makes the behavior opt-in. As a result, this release is breaking compared to the previous hotfix versions since v3.6.4, but it restores by default the behavior that existed before that hotfix. Please, read the migration guide to enable the feature.

CVE fixed:

• CVE-2026-22045 (Advisory GHSA-cwjm-3f7h-9hwqj)

Bug fixes:

• [acme] Bump github.com/go-acme/lego/v4 to v4.31.0 (#12529 by ldez)
• [acme] Add missing renew options (#12467 by ldez)
• [acme] Replace hardcoded references to LetsEncrypt in log messages (#12464 by schildbach)
• [k8s/ingress-nginx] Fix use-regex nginx annotation (#12531 by LBF38)
• [k8s/ingress-nginx] Prevent Ingress Nginx provider http router to attach to an entrypoint with TLS (#12528 by rtribotte)
• [k8s/ingress] Fix panic for empty defaultBackend and defaultBackend without resources (#12509 by gndz07)
• [k8s] Fix condition used for serving and fenced endpoints (#12521 by LBF38)
• [webui] Validate X-Forwarded-Prefix value for dashboard redirect (#12514 by LBF38)
• [acme] Add timeout to ACME-TLS/1 challenge handshake (#12516 by LBF38)
• [server] Make encoded character options opt-in (#12540 by gndz07)

Documentation:

• [docker/swarm] Update swarm.md traefik version (#12508 by DBouraoui)
• [k8s/ingress-nginx] Fix ingress-nginx annotations documentation (#12510 by nmengin)
• [k8s] Fix Kubernetes reference yml file (#12406 by mmatur)
• Fix code copy button positioning (#12520 by AnuragEkkati)
• Fix typo in kubernetes.md (#12515 by EdwardSalkeld)
• Bring back security section on API & Dashboard documentation page (#12507 by gndz07)
• Fix link description in Traefik Proxy documentation (#12488 by schaerfo)
• Add product comparison matrix and features page (#12037 by sheddy-traefik)

Misc:

• Merge branch v2.11 into v3.6 (#12552 by rtribotte)
• Merge branch v2.11 into v3.6 (#12533 by mmatur)
• Merge branch v2.11 into v3.6 (#12497 by mmatur)

Changelog

Sourced from github.com/traefik/traefik/v3's changelog.

v3.6.7 (2026-01-14)

All Commits

Bug fixes:

• [acme] Bump github.com/go-acme/lego/v4 to v4.31.0 (#12529 by ldez)
• [acme] Add missing renew options (#12467 by ldez)
• [acme] Replace hardcoded references to LetsEncrypt in log messages (#12464 by schildbach)
• [k8s/ingress-nginx] Fix use-regex nginx annotation (#12531 by LBF38)
• [k8s/ingress-nginx] Prevent Ingress Nginx provider http router to attach to an entrypoint with TLS (#12528 by rtribotte)
• [k8s/ingress] Fix panic for empty defaultBackend and defaultBackend without resources (#12509 by gndz07)
• [k8s] Fix condition used for serving and fenced endpoints (#12521 by LBF38)
• [webui] Validate X-Forwarded-Prefix value for dashboard redirect (#12514 by LBF38)
• [acme] Add timeout to ACME-TLS/1 challenge handshake (#12516 by LBF38)
• [server] Make encoded character options opt-in (#12540 by gndz07)

Documentation:

• [docker/swarm] Update swarm.md traefik version (#12508 by DBouraoui)
• [k8s/ingress-nginx] Fix ingress-nginx annotations documentation (#12510 by nmengin)
• [k8s] Fix Kubernetes reference yml file (#12406 by mmatur)
• Fix code copy button positioning (#12520 by AnuragEkkati)
• Fix typo in kubernetes.md (#12515 by EdwardSalkeld)
• Bring back security section on API & Dashboard documentation page (#12507 by gndz07)
• Fix link description in Traefik Proxy documentation (#12488 by schaerfo)
• Add product comparison matrix and features page (#12037 by sheddy-traefik)

Misc:

• Merge branch v2.11 into v3.6 (#12552 by rtribotte)
• Merge branch v2.11 into v3.6 (#12533 by mmatur)
• Merge branch v2.11 into v3.6 (#12497 by mmatur)

v2.11.35 (2026-01-14)

All Commits

Bug fixes:

• [acme] Add timeout to ACME-TLS/1 challenge handshake (#12516 by LBF38)
• [server] Make encoded character options opt-in (#12540 by gndz07)

Commits

• 1728364 Prepare release v3.6.7
• 8479d66 Merge branch v2.11 into v3.6
• 9e5d4ba Prepare release v2.11.35
• adf47fb Make encoded character options opt-in
• 794916a Update code generator
• 2e6dfba Fix condition used for serving and fenced endpoints
• ee265a8 Add Scarf Analytics to documentation
• 5a9f3e6 Replace markdown-include dependency with mkdocs-include-markdown-plugin
• fc67185 Replace markdown-include dependency with mkdocs-include-markdown-plugin
• d054299 Bump github.com/go-acme/lego/v4 to v4.31.0
• Additional commits viewable in compare view

Updates github.com/zeebo/xxh3 from 1.0.2 to 1.1.0

Commits

• 84cc04f Just run gofmt -w .
• d67f069 Add arm64 NEON path
• 77e65e1 Improve AVX512 hashing
• 4b2280e Add 128 bit hasher
• 3808c70 Upgrade CI versions
• 7a4a65f Small speedup in AVX2/AVX512
• 8b1e819 Improve pure Go speed up to 45%
• 44d8fda Make LICENSE recognized by GitHub. Add test coverage output files to gitignor...
• See full diff in compare view

Updates go.mongodb.org/mongo-driver from 1.17.6 to 1.17.8

Release notes

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.17.8

The MongoDB Go Driver Team is pleased to release version 1.17.8 of the official MongoDB Go Driver.

Release Highlights

This release adds a deprecation notice to go.mongodb.org/mongo-driver, indicating users should migrate to go.mongodb.org/mongo-driver/v2. See the V2 migration guide for more information.

What's Changed

✨ New Features

• GODRIVER-3773 Deprecate v1 by @​prestonvasquez in mongodb/mongo-go-driver#2312

Full Changelog: mongodb/mongo-go-driver@v1.17.7...v1.17.8

For a full list of tickets included in this release, please see the list of fixed issues.

Documentation for the Go Driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go Driver is greatly appreciated!

MongoDB Go Driver 1.17.7

The MongoDB Go Driver Team is pleased to release version 1.17.7 of the official MongoDB Go Driver.

Release Highlights

This release removes the deprecation notice from options.MergeClientOptions and fixes buffer handling in GSSAPI error description and username functions.

What's Changed

🐛 Fixed

• GODRIVER-3770 Fix buffer handling in GSSAPI error description and username functions by @​prestonvasquez in mongodb/mongo-go-driver#2291

📝 Other Changes

• Add more visible deprecation banner to the 1.17 readme by @​alcaeus in mongodb/mongo-go-driver#2233
• GODRIVER-3770 Remove libasan from gssapi tests in CI by @​prestonvasquez in mongodb/mongo-go-driver#2293
• GODRIVER-3766 Remove deprecation notice for MergeClientOptions by @​tadjik1 in mongodb/mongo-go-driver#2294

Full Changelog: mongodb/mongo-go-driver@v1.17.6...v1.17.7

For a full list of tickets included in this release, please see the list of fixed issues.

Documentation for the Go Driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go Driver is greatly appreciated!

Commits

• 5ac5a1e BUMP v1.17.8
• f378649 Revert dry-run release bump
• 08c2b98 BUMP v1.17.8
• fafe527 GODRIVER-3773 Deprecate v1 (#2312)
• eb01e7e BUMP v1.17.7
• 3c55093 GODRIVER-3766 Remove deprecation notice for MergeClientOptions (#2294)
• f6163bf GODRIVER-3770 Remove libasan from gssapi tests in CI (#2293)
• 6798963 GODRIVER-3770 Fix buffer handling in GSSAPI error description and username fu...
• c1e9575 Add more visible deprecation banner to the 1.17 readme (#2233)
• See full diff in compare view

Updates golang.org/x/crypto from 0.46.0 to 0.47.0

Commits

• 506e022 go.mod: update golang.org/x dependencies
• 7dacc38 chacha20poly1305: error out in fips140=only mode
• See full diff in compare view

Updates golang.org/x/net from 0.48.0 to 0.49.0

Commits

• d977772 go.mod: update golang.org/x dependencies
• eea413e internal/http3: use go1.25 synctest.Test instead of go1.24 synctest.Run
• 9ace223 websocket: add missing call to resp.Body.Close
• 7d3dbb0 http2: buffer the most recently received PRIORITY_UPDATE frame
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Preview (prod backend + PR dashboard) → https://1154.ns-preview.trapti.tech/