build(deps): bump github.com/containers/image/v5 from 5.34.2 to 5.35.0 #4732

dependabot · 2025-04-17T17:12:37Z

Bumps github.com/containers/image/v5 from 5.34.2 to 5.35.0.

Release notes

Sourced from github.com/containers/image/v5's releases.

v5.35.0

What's Changed

Bump c/storage to v1.57.1, c/image to v5.34.0, then to v5.35.0-dev by @TomSweeneyRedHat in containers/image#2700

Update module github.com/vbatts/tar-split to v0.12.1 by @renovate in containers/image#2699

Update dependency containers/automation_images to v20250131 by @renovate in containers/image#2703

Update module golang.org/x/oauth2 to v0.26.0 by @renovate in containers/image#2705

Update module golang.org/x/sync to v0.11.0 by @renovate in containers/image#2706

Update module golang.org/x/sys to v0.30.0 by @renovate in containers/image#2707

Update module golang.org/x/term to v0.29.0 by @renovate in containers/image#2708

Add docker media types in OCI formats by @brbayes-msft in containers/image#2695

use new ReflinkOrCopy() from c/storage by @Luap99 in containers/image#2714

Update module golang.org/x/crypto to v0.33.0 by @renovate in containers/image#2712

Update module github.com/vbauerster/mpb/v8 to v8.9.2 by @renovate in containers/image#2711

Update module github.com/sigstore/rekor to v1.3.9 by @renovate in containers/image#2697

Update dependency golangci/golangci-lint to v1.64.3 by @renovate in containers/image#2715

Update dependency golangci/golangci-lint to v1.64.4 by @renovate in containers/image#2716

Update module github.com/sigstore/sigstore to v1.8.14 by @renovate in containers/image#2720

Update dependency golangci/golangci-lint to v1.64.5 by @renovate in containers/image#2719

policy.json BYOPKI signature verification API by @QiWang19 in containers/image#2579

Update module github.com/klauspost/compress to v1.18.0 by @renovate in containers/image#2722

Update module github.com/sigstore/sigstore to v1.8.15 by @renovate in containers/image#2723

Small cleanups + one bug fix by @mtrmac in containers/image#2718

oci/layout: add GetLocalBlobPath() by @Luap99 in containers/image#2728

Update module github.com/docker/docker to v28 by @renovate in containers/image#2727

Update module github.com/docker/cli to v28 by @renovate in containers/image#2726

OCPBUGS-51217: CVE-2025-27144: Bump go-jose to v4.0.5 by @sherine-k in containers/image#2738

Update module github.com/vbauerster/mpb/v8 to v8.9.3 by @renovate in containers/image#2735

Update module github.com/go-jose/go-jose/v3 to v3.0.4 [SECURITY] by @renovate in containers/image#2739

Update module github.com/docker/docker to v28.0.1+incompatible by @renovate in containers/image#2737

Update module github.com/docker/cli to v28.0.1+incompatible by @renovate in containers/image#2736

feat: add DestinationTimestamp to copy options by @aeijdenberg in containers/image#2730

fix(deps): update module github.com/docker/docker-credential-helpers to v0.9.1 by @renovate in containers/image#2740

Fix omitempty for PKI struct by @QiWang19 in containers/image#2746

fix: handle error on Close() of writable objects by @aeijdenberg in containers/image#2731

fix(deps): update github.com/containers/storage digest to 700b765 by @renovate in containers/image#2748

fix(deps): update github.com/cyberphone/json-canonicalization digest to 19d51d7 by @renovate in containers/image#2749

chore(deps): update dependency golangci/golangci-lint to v1.64.6 by @renovate in containers/image#2751

Merge back v5.34.1 into main by @Luap99 in containers/image#2755

fix(deps): update module github.com/opencontainers/image-spec to v1.1.1 by @renovate in containers/image#2752

Microoptimize an API use per gopls modernize by @mtrmac in containers/image#2732

Misc small nits to CI and build by @kolyshkin in containers/image#2573

fix(deps): update module github.com/docker/docker-credential-helpers to v0.9.2 by @renovate in containers/image#2757

fix: typo err and grammar err by @warjiang in containers/image#2758

Update c/storage after containers/storage#2276 by @mtrmac in containers/image#2769

Improve handling and documentation of various transport reference corner cases by @mtrmac in containers/image#2767

Migrate from github.com/xeipuuv/gojsonschema to github.com/santhosh-tekuri/jsonschema/v5 by @mtrmac in containers/image#2756

Don't silently ignore errors determining size in TryReuseBlob by @mtrmac in containers/image#2709

Add proxy for dockerClient by @warjiang in containers/image#2764

chore(deps): update dependency golangci/golangci-lint to v1.64.7 by @renovate in containers/image#2773

Update to Go 1.23 by @mtrmac in containers/image#2774

... (truncated)

Commits

617c288 Bump to c/image v5.35.0
1b83b3a Bump to c/storage v1.58.0
4279b17 Merge pull request #2826 from containers/renovate/golangci-golangci-lint-2.x
1d14076 chore(deps): update dependency golangci/golangci-lint to v2.1.1
12c8495 Merge pull request #2824 from containers/renovate/github.com-sigstore-rekor-1.x
010f504 fix(deps): update module github.com/sigstore/rekor to v1.3.10
9b83c49 Merge pull request #2823 from Luap99/github
a4b363d .github: check_cirrus_cron work around github bug
37150b4 .github: remove cirrus rerun action
6116c41 Merge pull request #2822 from containers/renovate/github.com-sigstore-sigstor...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by Sourcery

Update dependencies for github.com/containers/image/v5 from version 5.34.2 to 5.35.0

Enhancements:

Updated Go toolchain to support Go 1.24.1
Updated various Go module dependencies to their latest versions

Build:

Bump project dependencies to their latest versions, including containers/image, storage, and various Go modules

sourcery-ai · 2025-04-17T17:12:42Z

Reviewer's Guide by Sourcery

This pull request bumps the github.com/containers/image/v5 dependency from v5.34.2 to v5.35.0. It also updates other dependencies such as github.com/opencontainers/image-spec, github.com/BurntSushi/toml, github.com/cyberphone/json-canonicalization, github.com/docker/docker, github.com/docker/docker-credential-helpers, github.com/go-openapi/errors, github.com/go-openapi/swag, github.com/google/go-containerregistry, github.com/mattn/go-sqlite3, github.com/sigstore/rekor, github.com/sigstore/sigstore, github.com/vbauerster/mpb/v8, golang.org/x/oauth2, golang.org/x/time, google.golang.org/genproto/googleapis/rpc and google.golang.org/protobuf. The go.mod and go.sum files were updated to reflect these changes, and vendored dependencies were updated.

Updated class diagram for PolicyContext in github.com/containers/image/v5

classDiagram
    class PolicyContext {
        +SignaturePolicy *SignaturePolicy
        +DockerReference *string
        +Architecture *string
        +OS *string
        +Variant *string
        +Features *[]string
        +InsecureSkipTLSVerify *bool
        +InsecureAcceptAnything *bool
        +RegistryCertificatePath *string
        +GlobalRegistries *[]string
        +OverrideArchitecture *string
        +OverrideOS *string
        +OverrideVariant *string
        +AuthFilePath *string
        +OCICreds *string
        +DockerAuthConfig *string
        +BlobInfoCache *BlobInfoCache
        +DirPolicyContext *DirPolicyContext
        +ImageMetadata *ImageMetadata
        +ImageID *string
        +ImageDigest *string
        +ImageSizeBytes *int64
        +ImageCreatedAt *time.Time
        +ImageUpdatedAt *time.Time
    }
    note for PolicyContext "This class represents the context in which a signature policy is evaluated."

File-Level Changes

Change	Details	Files
Bumped github.com/containers/image/v5 from 5.34.2 to 5.35.0.	Updated the github.com/containers/image/v5 module version in go.mod. Updated the github.com/containers/image/v5 module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/BurntSushi/toml/README.md` `vendor/github.com/BurntSushi/toml/decode.go` `vendor/github.com/BurntSushi/toml/encode.go` `vendor/github.com/BurntSushi/toml/error.go` `vendor/github.com/BurntSushi/toml/lex.go` `vendor/github.com/BurntSushi/toml/meta.go` `vendor/github.com/BurntSushi/toml/parse.go` `vendor/github.com/containers/image/v5/copy/copy.go` `vendor/github.com/containers/image/v5/copy/multiple.go` `vendor/github.com/containers/image/v5/copy/single.go` `vendor/github.com/containers/image/v5/docker/body_reader.go` `vendor/github.com/containers/image/v5/docker/distribution_error.go` `vendor/github.com/containers/image/v5/docker/docker_client.go` `vendor/github.com/containers/image/v5/docker/docker_image_dest.go` `vendor/github.com/containers/image/v5/docker/docker_image_src.go` `vendor/github.com/containers/image/v5/docker/errors.go` `vendor/github.com/containers/image/v5/docker/paths_common.go` `vendor/github.com/containers/image/v5/docker/paths_freebsd.go` `vendor/github.com/containers/image/v5/docker/wwwauthenticate.go` `vendor/github.com/containers/image/v5/internal/image/unparsed.go` `vendor/github.com/containers/image/v5/internal/manifest/oci_index.go` `vendor/github.com/containers/image/v5/internal/private/private.go` `vendor/github.com/containers/image/v5/internal/set/set.go` `vendor/github.com/containers/image/v5/manifest/docker_schema1.go` `vendor/github.com/containers/image/v5/manifest/oci.go` `vendor/github.com/containers/image/v5/pkg/blobinfocache/memory/memory.go` `vendor/github.com/containers/image/v5/pkg/blobinfocache/sqlite/sqlite.go` `vendor/github.com/containers/image/v5/pkg/docker/config/config.go` `vendor/github.com/containers/image/v5/pkg/sysregistriesv2/paths_common.go` `vendor/github.com/containers/image/v5/pkg/sysregistriesv2/paths_freebsd.go` `vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go` `vendor/github.com/containers/image/v5/pkg/sysregistriesv2/system_registries_v2.go` `vendor/github.com/containers/image/v5/signature/fulcio_cert.go` `vendor/github.com/containers/image/v5/signature/fulcio_cert_stub.go` `vendor/github.com/containers/image/v5/signature/internal/rekor_set.go` `vendor/github.com/containers/image/v5/signature/internal/rekor_set_stub.go` `vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go` `vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go` `vendor/github.com/containers/image/v5/signature/policy_paths_common.go` `vendor/github.com/containers/image/v5/signature/policy_paths_freebsd.go` `vendor/github.com/containers/image/v5/signature/policy_types.go` `vendor/github.com/containers/image/v5/types/types.go` `vendor/github.com/containers/image/v5/version/version.go` `vendor/github.com/containers/storage/pkg/archive/archive.go` `vendor/github.com/containers/storage/pkg/archive/archive_linux.go` `vendor/github.com/containers/storage/pkg/archive/archive_unix.go` `vendor/github.com/containers/storage/pkg/archive/changes.go` `vendor/github.com/containers/storage/pkg/archive/changes_linux.go` `vendor/github.com/containers/storage/pkg/archive/diff.go` `vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go` `vendor/github.com/containers/storage/pkg/chunked/internal/minimal/compression.go` `vendor/github.com/containers/storage/pkg/fileutils/exists_unix.go` `vendor/github.com/containers/storage/pkg/idtools/idtools.go` `vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go` `vendor/github.com/containers/storage/pkg/ioutils/bytespipe.go` `vendor/github.com/containers/storage/pkg/pools/pools.go` `vendor/github.com/containers/storage/pkg/reexec/reexec.go` `vendor/github.com/containers/storage/pkg/system/stat_linux.go` `vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go` `vendor/github.com/docker/docker-credential-helpers/client/command.go` `vendor/github.com/docker/docker/AUTHORS` `vendor/github.com/go-openapi/errors/.golangci.yml` `vendor/github.com/go-openapi/errors/api.go` `vendor/github.com/go-openapi/errors/headers.go` `vendor/github.com/go-openapi/errors/middleware.go` `vendor/github.com/go-openapi/errors/parsing.go` `vendor/github.com/go-openapi/errors/schema.go` `vendor/github.com/go-openapi/swag/.golangci.yml` `vendor/github.com/go-openapi/swag/json.go` `vendor/github.com/go-openapi/swag/loading.go` `vendor/github.com/go-openapi/swag/yaml.go` `vendor/github.com/google/go-containerregistry/pkg/name/ref.go` `vendor/github.com/mailru/easyjson/jlexer/bytestostr.go` `vendor/github.com/mailru/easyjson/jlexer/lexer.go` `vendor/github.com/mailru/easyjson/jwriter/writer.go` `vendor/github.com/mattn/go-sqlite3/README.md` `vendor/github.com/mattn/go-sqlite3/callback.go` `vendor/github.com/mattn/go-sqlite3/sqlite3.go` `vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.c` `vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go` `vendor/github.com/opencontainers/image-spec/specs-go/version.go` `vendor/github.com/opencontainers/runtime-spec/specs-go/config.go` `vendor/github.com/opencontainers/runtime-spec/specs-go/version.go` `vendor/github.com/sigstore/sigstore/pkg/signature/ecdsa.go` `vendor/github.com/sigstore/sigstore/pkg/signature/signer.go` `vendor/github.com/sigstore/sigstore/pkg/signature/signerverifier.go` `vendor/github.com/sigstore/sigstore/pkg/signature/util.go` `vendor/github.com/sigstore/sigstore/pkg/signature/verifier.go` `vendor/github.com/vbatts/tar-split/archive/tar/writer.go` `vendor/github.com/vbauerster/mpb/v8/bar.go` `vendor/github.com/vbauerster/mpb/v8/bar_option.go` `vendor/github.com/vbauerster/mpb/v8/decor/eta.go` `vendor/github.com/vbauerster/mpb/v8/decor/size_type.go` `vendor/github.com/vbauerster/mpb/v8/progress.go` `vendor/golang.org/x/oauth2/oauth2.go` `vendor/golang.org/x/oauth2/pkce.go` `vendor/golang.org/x/oauth2/token.go` `vendor/golang.org/x/time/rate/rate.go` `vendor/google.golang.org/genproto/googleapis/rpc/status/status.pb.go` `vendor/google.golang.org/grpc/balancer/balancer.go` `vendor/google.golang.org/grpc/balancer/pickfirst/pickfirstleaf/pickfirstleaf.go` `vendor/google.golang.org/grpc/balancer/roundrobin/roundrobin.go` `vendor/google.golang.org/grpc/balancer/subconn.go` `vendor/google.golang.org/grpc/balancer_wrapper.go` `vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go` `vendor/google.golang.org/grpc/clientconn.go` `vendor/google.golang.org/grpc/credentials/tls.go` `vendor/google.golang.org/grpc/dialoptions.go` `vendor/google.golang.org/grpc/internal/balancer/gracefulswitch/gracefulswitch.go` `vendor/google.golang.org/grpc/internal/envconfig/envconfig.go` `vendor/google.golang.org/grpc/internal/envconfig/xds.go` `vendor/google.golang.org/grpc/internal/internal.go` `vendor/google.golang.org/grpc/internal/transport/handler_server.go` `vendor/google.golang.org/grpc/internal/transport/http2_client.go` `vendor/google.golang.org/grpc/internal/transport/http2_server.go` `vendor/google.golang.org/grpc/internal/transport/proxy.go` `vendor/google.golang.org/grpc/internal/transport/transport.go` `vendor/google.golang.org/grpc/picker_wrapper.go` `vendor/google.golang.org/grpc/resolver/resolver.go` `vendor/google.golang.org/grpc/resolver_wrapper.go` `vendor/google.golang.org/grpc/rpc_util.go` `vendor/google.golang.org/grpc/server.go` `vendor/google.golang.org/grpc/service_config.go` `vendor/google.golang.org/grpc/stream.go` `vendor/google.golang.org/grpc/version.go` `vendor/google.golang.org/protobuf/internal/filedesc/editions.go` `vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go` `vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go` `vendor/google.golang.org/protobuf/internal/version/version.go` `vendor/google.golang.org/protobuf/proto/merge.go` `vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go` `vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go` `vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go` `vendor/google.golang.org/protobuf/types/gofeaturespb/go_features.pb.go` `vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go` `vendor/google.golang.org/protobuf/types/known/durationpb/duration.pb.go` `vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go` `vendor/modules.txt` `vendor/github.com/containers/storage/pkg/fileutils/reflink_linux.go` `vendor/github.com/containers/storage/pkg/fileutils/reflink_unsupported.go` `vendor/github.com/go-openapi/swag/errors.go` `vendor/github.com/moby/sys/user/idtools.go` `vendor/github.com/moby/sys/user/idtools_unix.go` `vendor/github.com/moby/sys/user/idtools_windows.go` `vendor/github.com/sigstore/protobuf-specs/COPYRIGHT.txt` `vendor/github.com/sigstore/protobuf-specs/LICENSE` `vendor/github.com/sigstore/protobuf-specs/gen/pb-go/common/v1/sigstore_common.pb.go` `vendor/github.com/sigstore/sigstore/pkg/signature/algorithm_registry.go` `vendor/google.golang.org/genproto/googleapis/api/LICENSE` `vendor/google.golang.org/genproto/googleapis/api/annotations/annotations.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/client.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/field_behavior.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/field_info.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/http.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/resource.pb.go` `vendor/google.golang.org/genproto/googleapis/api/annotations/routing.pb.go` `vendor/google.golang.org/genproto/googleapis/api/launch_stage.pb.go` `vendor/google.golang.org/grpc/balancer/endpointsharding/endpointsharding.go` `vendor/google.golang.org/grpc/internal/proxyattributes/proxyattributes.go` `vendor/google.golang.org/grpc/internal/resolver/delegatingresolver/delegatingresolver.go` `vendor/google.golang.org/grpc/internal/grpcsync/oncefunc.go`
Bumped github.com/opencontainers/image-spec from 1.1.0 to 1.1.1.	Updated the github.com/opencontainers/image-spec module version in go.mod. Updated the github.com/opencontainers/image-spec module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/opencontainers/image-spec/specs-go/version.go`
Bumped github.com/BurntSushi/toml from 1.4.0 to 1.5.0.	Updated the github.com/BurntSushi/toml module version in go.mod. Updated the github.com/BurntSushi/toml module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/BurntSushi/toml/README.md` `vendor/github.com/BurntSushi/toml/decode.go` `vendor/github.com/BurntSushi/toml/encode.go` `vendor/github.com/BurntSushi/toml/error.go` `vendor/github.com/BurntSushi/toml/lex.go` `vendor/github.com/BurntSushi/toml/meta.go` `vendor/github.com/BurntSushi/toml/parse.go`
Bumped github.com/cyberphone/json-canonicalization.	Updated the github.com/cyberphone/json-canonicalization module version in go.mod. Updated the github.com/cyberphone/json-canonicalization module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/cyberphone/json-canonicalization/jlexer/bytestostr.go` `vendor/github.com/cyberphone/json-canonicalization/jlexer/lexer.go` `vendor/github.com/cyberphone/json-canonicalization/jwriter/writer.go`
Bumped github.com/docker/docker.	Updated the github.com/docker/docker module version in go.mod. Updated the github.com/docker/docker module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/docker/docker/AUTHORS`
Bumped github.com/docker/docker-credential-helpers.	Updated the github.com/docker/docker-credential-helpers module version in go.mod. Updated the github.com/docker/docker-credential-helpers module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/docker/docker-credential-helpers/client/command.go`
Bumped github.com/go-openapi/errors.	Updated the github.com/go-openapi/errors module version in go.mod. Updated the github.com/go-openapi/errors module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/go-openapi/errors/.golangci.yml` `vendor/github.com/go-openapi/errors/api.go` `vendor/github.com/go-openapi/errors/headers.go` `vendor/github.com/go-openapi/errors/middleware.go` `vendor/github.com/go-openapi/errors/parsing.go` `vendor/github.com/go-openapi/errors/schema.go`
Bumped github.com/go-openapi/swag.	Updated the github.com/go-openapi/swag module version in go.mod. Updated the github.com/go-openapi/swag module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/go-openapi/swag/.golangci.yml` `vendor/github.com/go-openapi/swag/json.go` `vendor/github.com/go-openapi/swag/loading.go` `vendor/github.com/go-openapi/swag/yaml.go`
Bumped github.com/google/go-containerregistry.	Updated the github.com/google/go-containerregistry module version in go.mod. Updated the github.com/google/go-containerregistry module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/google/go-containerregistry/pkg/name/ref.go`
Bumped github.com/mattn/go-sqlite3.	Updated the github.com/mattn/go-sqlite3 module version in go.mod. Updated the github.com/mattn/go-sqlite3 module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/mattn/go-sqlite3/README.md` `vendor/github.com/mattn/go-sqlite3/callback.go` `vendor/github.com/mattn/go-sqlite3/sqlite3.go` `vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.c` `vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go`
Bumped github.com/sigstore/rekor.	Updated the github.com/sigstore/rekor module version in go.mod. Updated the github.com/sigstore/rekor module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum`
Bumped github.com/sigstore/sigstore.	Updated the github.com/sigstore/sigstore module version in go.mod. Updated the github.com/sigstore/sigstore module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum`
Bumped github.com/vbauerster/mpb/v8.	Updated the github.com/vbauerster/mpb/v8 module version in go.mod. Updated the github.com/vbauerster/mpb/v8 module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/github.com/vbauerster/mpb/v8/bar.go` `vendor/github.com/vbauerster/mpb/v8/bar_option.go` `vendor/github.com/vbauerster/mpb/v8/decor/eta.go` `vendor/github.com/vbauerster/mpb/v8/decor/size_type.go` `vendor/github.com/vbauerster/mpb/v8/progress.go`
Bumped golang.org/x/oauth2.	Updated the golang.org/x/oauth2 module version in go.mod. Updated the golang.org/x/oauth2 module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/golang.org/x/oauth2/oauth2.go` `vendor/golang.org/x/oauth2/pkce.go` `vendor/golang.org/x/oauth2/token.go`
Bumped golang.org/x/time.	Updated the golang.org/x/time module version in go.mod. Updated the golang.org/x/time module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/golang.org/x/time/rate/rate.go`
Bumped google.golang.org/genproto/googleapis/rpc.	Updated the google.golang.org/genproto/googleapis/rpc module version in go.mod. Updated the google.golang.org/genproto/googleapis/rpc module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/google.golang.org/genproto/googleapis/rpc/status/status.pb.go`
Bumped google.golang.org/grpc.	Updated the google.golang.org/grpc module version in go.mod. Updated the google.golang.org/grpc module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/google.golang.org/grpc/balancer/balancer.go` `vendor/google.golang.org/grpc/balancer/pickfirst/pickfirstleaf/pickfirstleaf.go` `vendor/google.golang.org/grpc/balancer/roundrobin/roundrobin.go` `vendor/google.golang.org/grpc/balancer/subconn.go` `vendor/google.golang.org/grpc/balancer_wrapper.go` `vendor/google.golang.org/grpc/binarylog/grpc_binarylog_v1/binarylog.pb.go` `vendor/google.golang.org/grpc/clientconn.go` `vendor/google.golang.org/grpc/credentials/tls.go` `vendor/google.golang.org/grpc/dialoptions.go` `vendor/google.golang.org/grpc/internal/balancer/gracefulswitch/gracefulswitch.go` `vendor/google.golang.org/grpc/internal/envconfig/envconfig.go` `vendor/google.golang.org/grpc/internal/envconfig/xds.go` `vendor/google.golang.org/grpc/internal/internal.go` `vendor/google.golang.org/grpc/internal/transport/handler_server.go` `vendor/google.golang.org/grpc/internal/transport/http2_client.go` `vendor/google.golang.org/grpc/internal/transport/http2_server.go` `vendor/google.golang.org/grpc/internal/transport/proxy.go` `vendor/google.golang.org/grpc/internal/transport/transport.go` `vendor/google.golang.org/grpc/picker_wrapper.go` `vendor/google.golang.org/grpc/resolver/resolver.go` `vendor/google.golang.org/grpc/resolver_wrapper.go` `vendor/google.golang.org/grpc/rpc_util.go` `vendor/google.golang.org/grpc/server.go` `vendor/google.golang.org/grpc/service_config.go` `vendor/google.golang.org/grpc/stream.go` `vendor/google.golang.org/grpc/version.go`
Bumped google.golang.org/protobuf.	Updated the google.golang.org/protobuf module version in go.mod. Updated the google.golang.org/protobuf module version in go.sum. Updated vendored dependencies.	`go.mod` `go.sum` `vendor/google.golang.org/protobuf/internal/filedesc/editions.go` `vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go` `vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go` `vendor/google.golang.org/protobuf/internal/version/version.go` `vendor/google.golang.org/protobuf/proto/merge.go` `vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go` `vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go` `vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go` `vendor/google.golang.org/protobuf/types/gofeaturespb/go_features.pb.go` `vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go` `vendor/google.golang.org/protobuf/types/known/durationpb/duration.pb.go` `vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!
Generate a plan of action for an issue: Comment @sourcery-ai plan on
an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

openshift-ci · 2025-04-17T17:12:43Z

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign praveenkumar for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci · 2025-04-17T17:12:48Z

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a crc-org member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

sourcery-ai

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.34.2 to 5.35.0. - [Release notes](https://github.com/containers/image/releases) - [Commits](containers/image@v5.34.2...v5.35.0) --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-version: 5.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 17, 2025

openshift-ci bot requested a review from anjannath April 17, 2025 17:12

openshift-ci bot requested a review from praveenkumar April 17, 2025 17:12

openshift-ci bot added the needs-ok-to-test label Apr 17, 2025

sourcery-ai bot reviewed Apr 17, 2025

View reviewed changes

dependabot bot force-pushed the dependabot/go_modules/github.com/containers/image/v5-5.35.0 branch from b0070ec to b802438 Compare May 16, 2025 04:22

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github.com/containers/image/v5 from 5.34.2 to 5.35.0 #4732

build(deps): bump github.com/containers/image/v5 from 5.34.2 to 5.35.0 #4732

dependabot bot commented on behalf of github Apr 17, 2025 •

edited

Loading

sourcery-ai bot commented Apr 17, 2025 •

edited

Loading

Interacting with Sourcery

Customizing Your Experience

Getting Help

openshift-ci bot commented Apr 17, 2025

openshift-ci bot commented Apr 17, 2025

sourcery-ai bot left a comment

build(deps): bump github.com/containers/image/v5 from 5.34.2 to 5.35.0 #4732

Are you sure you want to change the base?

build(deps): bump github.com/containers/image/v5 from 5.34.2 to 5.35.0 #4732

Conversation

dependabot bot commented on behalf of github Apr 17, 2025 • edited Loading

v5.35.0

What's Changed

Summary by Sourcery

sourcery-ai bot commented Apr 17, 2025 • edited Loading

Reviewer's Guide by Sourcery

Updated class diagram for PolicyContext in github.com/containers/image/v5

File-Level Changes

Interacting with Sourcery

Customizing Your Experience

Getting Help

openshift-ci bot commented Apr 17, 2025

openshift-ci bot commented Apr 17, 2025

sourcery-ai bot left a comment

Choose a reason for hiding this comment

dependabot bot commented on behalf of github Apr 17, 2025 •

edited

Loading

sourcery-ai bot commented Apr 17, 2025 •

edited

Loading