build(deps): bump the go-deps group across 1 directory with 21 updates

[dependabot]

Bumps the go-deps group with 12 updates in the / directory:

Package	From	To
github.com/cyphar/filepath-securejoin	0.2.4	0.3.1
github.com/fluxcd/pkg/apis/meta	1.5.0	1.6.0
github.com/fluxcd/pkg/git	0.19.0	0.20.0
github.com/fluxcd/pkg/git/gogit	0.19.0	0.20.0
github.com/fluxcd/pkg/helmtestserver	0.18.0	0.19.0
github.com/fluxcd/pkg/sourceignore	0.7.0	0.8.0
github.com/fluxcd/pkg/tar	0.7.0	0.8.0
github.com/minio/minio-go/v7	7.0.70	7.0.75
github.com/notaryproject/notation-core-go	1.0.2	1.0.3
github.com/notaryproject/notation-go	1.1.0	1.1.1
github.com/ory/dockertest/v3	3.10.0	3.11.0
github.com/sigstore/cosign/v2	2.2.4	2.4.0

Updates github.com/cyphar/filepath-securejoin from 0.2.4 to 0.3.1

Release notes

Sourced from github.com/cyphar/filepath-securejoin's releases.

v0.3.1

• By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

• We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

  Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

• Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

  These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

Signed-off-by: Aleksa Sarai [email protected]

v0.3.0

This release contains no changes to SecureJoin.

However, it does introduce a new *os.File-based API which is much safer to use for most usecases. These are adapted from [libpathrs][1] and are the bare minimum to be able to operate more safely on an untrusted rootfs where an attacker has write access (something that SecureJoin cannot protect against). The new APIs are:

• OpenInRoot, which resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the file handle returned by OpenInRoot is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- see open(2) for more details).

• Reopen, which takes an O_PATH file handle and safely re-opens it to "upgrade" it to a regular handle.

... (truncated)

Changelog

Sourced from github.com/cyphar/filepath-securejoin's changelog.

[0.3.1] - 2024-07-23

Changed

• By allowing Open(at)InRoot to opt-out of the extra work done by MkdirAll to do the necessary "partial lookups", Open(at)InRoot now does less work for both implementations (resulting in a many-fold decrease in the number of operations for openat2, and a modest improvement for non-openat2) and is far more guaranteed to match the correct openat2(RESOLVE_IN_ROOT) behaviour.

• We now use readlinkat(fd, "") where possible. For Open(at)InRoot this effectively just means that we no longer risk getting spurious errors during rename races. However, for our hardened procfs handler, this in theory should prevent mount attacks from tricking us when doing magic-link readlinks (even when using the unsafe host /proc handle). Unfortunately Reopen is still potentially vulnerable to those kinds of somewhat-esoteric attacks.

  Technically this will only work on post-2.6.39 kernels but it seems incredibly unlikely anyone is using filepath-securejoin on a pre-2011 kernel.

Fixed

• Several improvements were made to the errors returned by Open(at)InRoot and MkdirAll when dealing with invalid paths under the emulated (ie. non-openat2) implementation. Previously, some paths would return the wrong error (ENOENT when the last component was a non-directory), and other paths would be returned as though they were acceptable (trailing-slash components after a non-directory would be ignored by Open(at)InRoot).

  These changes were done to match openat2's behaviour and purely is a consistency fix (most users are going to be using openat2 anyway).

[0.3.0] - 2024-07-11

Added

• A new set of *os.File-based APIs have been added. These are adapted from [libpathrs][] and we strongly suggest using them if possible (as they provide far more protection against attacks than SecureJoin):

  • Open(at)InRoot resolves a path inside a rootfs and returns an *os.File handle to the path. Note that the handle returned is an O_PATH handle, which cannot be used for reading or writing (as well as some other operations -- [see open(2) for more details][open.2])

  • Reopen takes an O_PATH file handle and safely re-opens it to upgrade it to a regular handle. This can also be used with non-O_PATH handles, but O_PATH is the most obvious application.

  • MkdirAll is an implementation of os.MkdirAll that is safe to use to

... (truncated)

Commits

• ce7b28a VERSION: release v0.3.1
• a2c14f8 CHANGELOG: add readlinkat(fd, "") shout-out
• 4ea279f merge #22 into cyphar/filepath-securejoin:main
• 16e1bec CHANGELOG: add initial changelog with current history
• 2404ffb merge #21 into cyphar/filepath-securejoin:main
• f29b7a4 lookup: handle // and trailing slash components correctly
• ecd61ca merge #19 into cyphar/filepath-securejoin:main
• 38b1220 procfs: refactor statx mnt_id logic
• 45c4415 procfs: use readlink(fd, "") for magic-links
• edab538 merge #17 into cyphar/filepath-securejoin:main
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/apis/meta from 1.5.0 to 1.6.0

Commits

• be8df7e Merge pull request #801 from fluxcd/k8s-1.31
• 76035f8 Update Helm to v3.15.4
• 3f5cf4c Build with Go 1.23
• 4b90241 Update dependencies to Kubernetes v1.31.0
• 0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
• 6bf4bad build(deps): bump the ci group with 4 updates
• 968f190 Merge pull request #795 from fluxcd/dependabot/github_actions/ci-8fa51b1870
• bce8cab build(deps): bump the ci group across 1 directory with 8 updates
• 7d033c1 Merge pull request #798 from fluxcd/cleanup-aws-nuke
• e98ccfa workflow: Set aws-nuke region for cleanup
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git from 0.19.0 to 0.20.0

Commits

• be8df7e Merge pull request #801 from fluxcd/k8s-1.31
• 76035f8 Update Helm to v3.15.4
• 3f5cf4c Build with Go 1.23
• 4b90241 Update dependencies to Kubernetes v1.31.0
• 0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
• 6bf4bad build(deps): bump the ci group with 4 updates
• 968f190 Merge pull request #795 from fluxcd/dependabot/github_actions/ci-8fa51b1870
• bce8cab build(deps): bump the ci group across 1 directory with 8 updates
• 7d033c1 Merge pull request #798 from fluxcd/cleanup-aws-nuke
• e98ccfa workflow: Set aws-nuke region for cleanup
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/git/gogit from 0.19.0 to 0.20.0

Commits

• be8df7e Merge pull request #801 from fluxcd/k8s-1.31
• 76035f8 Update Helm to v3.15.4
• 3f5cf4c Build with Go 1.23
• 4b90241 Update dependencies to Kubernetes v1.31.0
• 0e61a3b Merge pull request #799 from fluxcd/dependabot/github_actions/ci-9f4b007c5b
• 6bf4bad build(deps): bump the ci group with 4 updates
• 968f190 Merge pull request #795 from fluxcd/dependabot/github_actions/ci-8fa51b1870
• bce8cab build(deps): bump the ci group across 1 directory with 8 updates
• 7d033c1 Merge pull request #798 from fluxcd/cleanup-aws-nuke
• e98ccfa workflow: Set aws-nuke region for cleanup
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/gittestserver from 0.12.0 to 0.13.0

Commits

• 04a0963 Merge pull request #597 from fluxcd/tag-verification
• 0f40956 git: add support for lightweight tags
• 320d78f git/gogit: add tag info to commit if refname points to an annotated tag
• 5658f3b git/gogit: add tag info to commit when checking out via semver
• 75c942d git/gogit: add tag info to commit when checking out via tag
• fba7100 git: add support for linking a parent tag to a commit
• 540f61e Merge pull request #631 from mihaiandreiratoiu/feature/gov-arm
• 174a5e9 Ops: Update azure cloud token auth
• 5eb935a Merge pull request #632 from fluxcd/disable-azure-ci-jobs
• 1330800 Disable azure CI jobs
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/helmtestserver from 0.18.0 to 0.19.0

Commits

• e32ccc2 Merge pull request #763 from fluxcd/kubernetes-1.30
• 2b974af Update sigs.k8s.io/controller-tools to v0.15.0
• 52c1fc5 Update sigs.k8s.io/controller-runtime to v0.18.0
• c906252 Update dependencies to Kubernetes 1.30
• 92c1348 Merge pull request #764 from fluxcd/dependabot/github_actions/ci-e44cfae560
• ccb916a build(deps): bump the ci group with 3 updates
• 6081556 Merge pull request #761 from fluxcd/kustomize-name-prefix-suffix
• abf5675 kustomize: Add support for namePrefix and nameSuffix
• 98d2522 Merge pull request #760 from fluxcd/dependabot/github_actions/ci-8f082d4f6d
• efcd824 build(deps): bump docker/setup-buildx-action in the ci group
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/sourceignore from 0.7.0 to 0.8.0

Commits

• 7ef01b0 Merge pull request #442 from blurpy/feature/git_bearer_token
• 659695f Add back support for passphrase protected ssh keys
• 767e771 Validate that basic auth and bearer token cannot be set at the same time
• cbf091c Add test to verify that username from Secret is preferred
• b6c6888 Refactor of NewAuthOptions to only fill the auth options that are relevant
• fef9d6a Add more test scenarios for NewAuthOptions
• 9b9b723 Validate that bearer token is not used over http
• 04d0d48 Add some quick tests of basic auth in client.validateUrl()
• a451505 Support specifying bearerToken for git http token authentication.
• bfb6385 Merge pull request #448 from fluxcd/e2e-ux
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/ssh from 0.13.0 to 0.14.0

Commits

• 909b315 Merge pull request #651 from fluxcd/git-upgrade-deps
• 3249e6d git: upgrade dependencies
• 6eae7b4 Merge pull request #650 from pjbgf/upstream-billy
• e8ee260 git/gogit: Replaces fs with upstream osfs.BoundOS
• 01981ea Merge pull request #649 from fluxcd/dependabot/github_actions/ci-915f3d3f9a
• c6bb1fa build(deps): bump the ci group with 2 updates
• eedb1a0 Merge pull request #646 from fluxcd/oci-cr-logger
• e6669d8 oci/auth: Add test to check for non-test flags
• f01d884 oci: Use controller-runtime pkg/log explicitly
• 488252e Merge pull request #643 from fluxcd/dependabot/github_actions/ci-81eb07bab1
• Additional commits viewable in compare view

Updates github.com/fluxcd/pkg/tar from 0.7.0 to 0.8.0

Commits

• 7ef01b0 Merge pull request #442 from blurpy/feature/git_bearer_token
• 659695f Add back support for passphrase protected ssh keys
• 767e771 Validate that basic auth and bearer token cannot be set at the same time
• cbf091c Add test to verify that username from Secret is preferred
• b6c6888 Refactor of NewAuthOptions to only fill the auth options that are relevant
• fef9d6a Add more test scenarios for NewAuthOptions
• 9b9b723 Validate that bearer token is not used over http
• 04d0d48 Add some quick tests of basic auth in client.validateUrl()
• a451505 Support specifying bearerToken for git http token authentication.
• bfb6385 Merge pull request #448 from fluxcd/e2e-ux
• Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.70 to 7.0.75

Release notes

Sourced from github.com/minio/minio-go/v7's releases.

Bugfix Release

What's Changed

• #1552 add functional tests for bucket tagging by @​romanchechyotkin in minio/minio-go#1986
• API methods and functional tests for bucket-level CORS configuration settings by @​marktheunissen in minio/minio-go#1987
• Add DisableContentSha256 to PutObjectPartOptions by @​klauspost in minio/minio-go#1988

New Contributors

• @​romanchechyotkin made their first contribution in minio/minio-go#1986

Full Changelog: minio/minio-go@v7.0.74...v7.0.75

Bugfix Release

What's Changed

• return appropriate error type for generic handling by @​harshavardhana in minio/minio-go#1981
• feat: add SetContentDisposition method for postPolicy Upload by @​lianggx6 in minio/minio-go#1982
• docs: fix doc about default alias by @​emil2k in minio/minio-go#1984
• fix: GCS endpoint validation to allow ports by @​ammarhusain-sol in minio/minio-go#1985

New Contributors

• @​lianggx6 made their first contribution in minio/minio-go#1982
• @​emil2k made their first contribution in minio/minio-go#1984
• @​ammarhusain-sol made their first contribution in minio/minio-go#1985

Full Changelog: minio/minio-go@v7.0.73...v7.0.74

Bugfix Release

What's Changed

• upgrade all deps and replace gopkg.in for ini with go module by @​marktheunissen in minio/minio-go#1977
• Add ca-west-1 endpoint by @​tjwallace in minio/minio-go#1971
• fix replication validation for Role ARN by @​poornas in minio/minio-go#1978
• Fix missing CompleteMultipartUpload SSE-C by @​klauspost in minio/minio-go#1980

New Contributors

• @​marktheunissen made their first contribution in minio/minio-go#1977
• @​tjwallace made their first contribution in minio/minio-go#1971

Full Changelog: minio/minio-go@v7.0.72...v7.0.73

Bugfix Release

What's Changed

• Keep all x-minio- headers as-is by @​klauspost in minio/minio-go#1970

Full Changelog: minio/minio-go@v7.0.71...v7.0.72

Bugfix Release

What's Changed

• Add support for DelMarkerExpiration element by @​krisis in minio/minio-go#1959
• feat: support tags for postPolicy Upload by @​jiuker in minio/minio-go#1967
• Add ListMultipartUploads mint test by @​klauspost in minio/minio-go#1963

... (truncated)

Commits

• fd0e507 Add DisableContentSha256 to PutObjectPartOptions (#1988)
• d80dc8b API methods for bucket-level CORS configuration settings (#1987)
• cc7769f #1552 add functional tests for bucket tagging (#1986)
• 89b4b99 Update version to next release
• a428198 fix: GCS endpoint validation to allow ports (#1985)
• 6c2c69f docs: fix doc about default alias (#1984)
• 66ba593 feat: add SetContentDisposition method for postPolicy Upload (#1982)
• 4742469 update govulncheck to 1.22.5
• 77fb078 return appropriate error type for generic handling (#1981)
• 1ff6b60 Update version to next release
• Additional commits viewable in compare view

Updates github.com/notaryproject/notation-core-go from 1.0.2 to 1.0.3

Release notes

Sourced from github.com/notaryproject/notation-core-go's releases.

v1.0.3

Vote PASSED [+4 -0]: #205

What's Changed

• build(deps): bump codecov/codecov-action from 3 to 4 by @​dependabot in notaryproject/notation-core-go#188
• build(deps): bump github.com/fxamacker/cbor/v2 from 2.5.0 to 2.6.0 by @​dependabot in notaryproject/notation-core-go#190
• build(deps): bump golang.org/x/crypto from 0.18.0 to 0.21.0 by @​dependabot in notaryproject/notation-core-go#193
• chore: add GitHub action for stale issues and PRs by @​yizha1 in notaryproject/notation-core-go#174
• bump: bump up golang version to v1.21 by @​Two-Hearts in notaryproject/notation-core-go#194
• chore: org maintainers update by @​toddysm in notaryproject/notation-core-go#196
• fix(ci): update codecov token by @​JeyJeyGao in notaryproject/notation-core-go#199
• fix: leaf certificate validation by @​Two-Hearts in notaryproject/notation-core-go#202
• build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @​dependabot in notaryproject/notation-core-go#200
• build(deps): bump apache/skywalking-eyes from a790ab8dd23a7f861c18bd6aaa9b012e3a234bce to cd7b195c51fd3d6ad52afceb760719ddc6b3ee91 by @​dependabot in notaryproject/notation-core-go#197
• build(deps): bump actions/stale from 8 to 9 by @​dependabot in notaryproject/notation-core-go#195
• build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @​dependabot in notaryproject/notation-core-go#204

Full Changelog: notaryproject/notation-core-go@v1.0.2...v1.0.3

Commits

• 4211b09 build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 (#204)
• 6f8b75c build(deps): bump actions/stale from 8 to 9 (#195)
• ff5e5b8 build(deps): bump apache/skywalking-eyes from a790ab8dd23a7f861c18bd6aaa9b012...
• f624dfd build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 (#200)
• 356b30e fix: leaf certificate validation (#202)
• 9f13c9e fix(ci): update codecov token (#199)
• 66ff8c2 chore: org maintainers update (#196)
• 807a338 bump: bump up golang version to v1.21 (#194)
• 9a2ff9e chore: add GitHub action for stale issues and PRs (#174)
• 93218d9 build(deps): bump golang.org/x/crypto from 0.18.0 to 0.21.0 (#193)
• Additional commits viewable in compare view

Updates github.com/notaryproject/notation-go from 1.1.0 to 1.1.1

Release notes

Sourced from github.com/notaryproject/notation-go's releases.

v1.1.1

Vote PASSED [+4 -0]: #412

What's Changed

• fix: update error message by @​JeyJeyGao in notaryproject/notation-go#380
• bump: bump up oras-go and image-spec by @​Two-Hearts in notaryproject/notation-go#381
• chore: start using plugin-framework package by @​priteshbandi in notaryproject/notation-go#372
• build(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 by @​dependabot in notaryproject/notation-go#383
• build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc6 to 1.1.0 by @​dependabot in notaryproject/notation-go#385
• build(deps): bump golang.org/x/mod from 0.14.0 to 0.15.0 by @​dependabot in notaryproject/notation-go#384
• chore: updated/added deprecation message by @​priteshbandi in notaryproject/notation-go#382
• build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @​dependabot in notaryproject/notation-go#387
• feat: add support for signing blob by @​priteshbandi in notaryproject/notation-go#379
• chore: add GitHub action for stale issues and PRs by @​yizha1 in notaryproject/notation-go#365
• build(deps): bump golang.org/x/crypto from 0.20.0 to 0.21.0 by @​dependabot in notaryproject/notation-go#389
• build(deps): bump golang.org/x/mod from 0.15.0 to 0.16.0 by @​dependabot in notaryproject/notation-go#388
• fix: Add contract version to plugin sign request and plugin verify request by @​priteshbandi in notaryproject/notation-go#390
• bump: bump golang and dependency versions by @​Two-Hearts in notaryproject/notation-go#392
• build(deps): bump actions/stale from 8 to 9 by @​dependabot in notaryproject/notation-go#391
• Moved org maintainers to emeritus by @​toddysm in notaryproject/notation-go#393
• build(deps): bump golang.org/x/mod from 0.16.0 to 0.17.0 by @​dependabot in notaryproject/notation-go#397
• build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 by @​dependabot in notaryproject/notation-go#395
• build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.7 to 3.4.8 by @​dependabot in notaryproject/notation-go#399
• build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @​dependabot in notaryproject/notation-go#396
• build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @​dependabot in notaryproject/notation-go#403
• test: improve test coverage to 80% by @​JeyJeyGao in notaryproject/notation-go#405
• fix: error message for dangling reference index by @​JeyJeyGao in notaryproject/notation-go#402
• bump: bump up notation-core-go v1.0.3 by @​JeyJeyGao in notaryproject/notation-go#407
• ci: enable ci for release branch by @​JeyJeyGao in notaryproject/notation-go#409
• revert: "feat: add support for signing blob (#379)" by @​JeyJeyGao in notaryproject/notation-go#411

Full Changelog: notaryproject/notation-go@v1.1.0...v1.1.1

Commits

• 94a0e13 revert: "feat: add support for signing blob (#379)" (#411)
• 1a5b3e3 ci: enable ci for release branch (#409)
• 254dfcd bump: bump up notation-core-go v1.0.3 (#407)
• b7fde51 fix: error message for dangling reference index (#402)
• b8508d0 test: improve test coverage to 80% (#405)
• 5e98995 build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 (#403)
• 378ee83 build(deps): bump golang.org/x/crypto from 0.21.0 to 0.22.0 (#396)
• a901939 build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.7 to 3.4.8 (#399)
• 97a5a86 build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.6 to 3.4.7 (#395)
• 442ece7 build(deps): bump golang.org/x/mod from 0.16.0 to 0.17.0 (#397)
• Additional commits viewable in compare view

Updates github.com/onsi/gomega from 1.33.1 to 1.34.1

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.1

1.34.1

Maintenance

• Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

v1.34.0

1.34.0

Features

• Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

• fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
• issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

• bump ginkgo [8af2ece]
• Fix typo in docs [123a071]
• Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
• Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
• Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
• Bump github-pages from 230 to 231 in /docs (#748) [892c303]

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.1

Maintenance

• Use slices from exp/slices to keep golang 1.20 compat [5e71dcd]

1.34.0

Features

• Add RoundTripper method to ghttp.Server [c549e0d]

Fixes

• fix incorrect handling of nil slices in HaveExactElements (fixes #771) [878940c]
• issue_765 - fixed bug in Hopcroft-Karp algorithm [ebadb67]

Maintenance

• bump ginkgo [8af2ece]
• Fix typo in docs [123a071]
• Bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#756) [0e69083]
• Bump google.golang.org/protobuf from 1.33.0 to 1.34.1 (#755) [2675796]
• Bump golang.org/x/net from 0.24.0 to 0.25.0 (#754) [4160c0f]
• Bump github-pages from 230 to 231 in /docs (#748) [892c303]

Commits

• fa057b8 v1.34.1
• 5e71dcd Use slices from exp/slices to keep golang 1.20 compat
• 32e5498 v1.34.0
• cb3fa6a run go mod tidy and wonder why go get doesnt just run it for me in the first ...
• 8af2ece bump ginkgo
• 878940c fix incorrect handling of nil slices in HaveExactElements (fixes #771)
• f5bec80 clean up bipartitegraph tests
• ebadb67 issue_765 - fixed bug in Hopcroft-Karp algorithm
• 123a071 Fix typo in docs
• c549e0d Add RoundTripper method to ghttp.Server
• Additional commits viewable in compare view

Updates github.com/ory/dockertest/v3 from 3.10.0 to 3.11.0

Release notes

Sourced from github.com/ory/dockertest/v3's releases.

v3.11.0

What's Changed

• chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.6 by @​dependabot in ory/dockertest#435
• chore(deps): bump github.com/Microsoft/go-winio from 0.6.0 to 0.6.1 by @​dependabot in ory/dockertest#437
• chore(deps): bump github.com/lib/pq from 0.0.0-20180327071824-d34b9ff171c2 to 1.10.8 by @​dependabot in ory/dockertest#438
• chore(deps): bump github.com/docker/docker from 20.10.7+incompatible to 20.10.24+incompatible by @​dependabot in ory/dockertest#426
• chore(deps): bump actions/checkout from 2 to 3 by @​dependabot in ory/dockertest#427
• chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by @​dependabot in ory/dockertest#450
• chore(deps): bump github.com/containerd/continuity from 0.3.0 to 0.4.1 by @​dependabot in ory/dockertest#451
• chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.3 by @​dependabot in ory/dockertest#449
• chore(deps): bump github.com/opencontainers/runc from 1.1.6 to 1.1.7 by @​dependabot in ory/dockertest#442
• chore(deps): bump golang.org/x/sys from 0.7.0 to 0.8.0 by @​dependabot in ory/dockertest#445
• chore(deps): bump github.com/moby/term from 0.0.0-20201216013528-df9cb8a40635 to 0.5.0 by @​dependabot in ory/dockertest#446
• chore(deps): bump github.com/docker/cli from 20.10.17+incompatible to 24.0.1+incompatible by @​dependabot in ory/dockertest#448
• chore: bump dependencies and fix some lint by @​alnr in ory/dockertest#499
• chore(deps): bump golang.org/x/sys from 0.19.0 to 0.21.0 by @​dependabot in ory/dockertest#501
• chore(deps): bump actions/checkout from 2 to 4 by @​dependabot in ory/dockertest#475
• feat: fall back to podman if available by @​SoMuchForSubtlety in ory/dockertest#452
• test: refactor asserts by @​alexandear in ory/dockertest#497
• use defer instead of os.Exit(m.Run()) by @​pmenglund in ory/dockertest#493
• docs: remove outdated dep install instruction by @​alexandear in ory/dockertest#505
• chore: remove direct dependency on gotest.tools/v3 by @​alexandear in ory/dockertest#504
• chore: replace deprecated ioutil.TempDir with os.MkdirTemp by @​alexandear in ory/dockertest#506
• chore(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 by @​dependabot in ory/dockertest#509
• move tests to dockertest_test package by @​siraj-mx51 in ory/dockertest#490
• chore(deps): bump github.com/opencontainers/image-spec from 1.0.2 to 1.1.0 by @​dependabot in ory/dockertest#510
• chore(deps): bump actions/setup-node from 2.pre.beta to 4.0.2 by @​dependabot in ory/dockertest#503
• chore(deps): bump actions/setup-go from 4 to 5 by @​dependabot in ory/dockertest#508
• chore(deps): bump actions/stale from 4 to 9 by @​dependabot in ory/dockertest#507
• feat: introduce cve scanners by @​Demonsthere in ory/dockertest#500
• chore: update docker to v27.1.1 by @​adamwalach in ory/dockertest#522

New Contributors

• @​alnr made their first contribution in ory/dockertest#499
• @​SoMuchForSubtlety made their first contribution in ory/dockertest#452
• @​siraj-mx51 made ...

  Description has been truncated

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.