chore(deps): bump the common group across 1 directory with 7 updates

[dependabot]

Bumps the common group with 7 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2/service/ec2	1.218.0	1.224.0
github.com/aws/aws-sdk-go-v2/service/s3	1.79.3	1.79.4
github.com/docker/cli	28.1.1+incompatible	28.2.1+incompatible
github.com/docker/docker	28.1.1+incompatible	28.2.1+incompatible
github.com/moby/buildkit	0.21.1	0.22.0
helm.sh/helm/v3	3.17.3	3.18.1
modernc.org/sqlite	1.37.0	1.37.1

Updates github.com/aws/aws-sdk-go-v2/service/ec2 from 1.218.0 to 1.224.0

Commits

• f444129 Release 2025-05-28
• 4ba713d Regenerated Clients
• 9846278 Update endpoints model
• f1b0017 Update API model
• 223d488 Remove smoke tests on sunset service (#3098)
• 1cfa85a Release 2025-05-27
• d078e8a Regenerated Clients
• f89e2f7 Update API model
• 59537a3 Release 2025-05-23
• 666b6bc Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.79.3 to 1.79.4

Commits

• 8e8487a Release 2025-05-22
• 7c47834 Regenerated Clients
• b0394af Update API model
• 78e08c4 Handle checksum for unseekable 0-length s3 request body (#3086)
• 6a7e8b5 Release 2025-05-21
• 422e4b4 Regenerated Clients
• ff53c6a Update endpoints model
• 892de6f Update API model
• ec50368 Release 2025-05-20
• 16611cb Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/docker/cli from 28.1.1+incompatible to 28.2.1+incompatible

Commits

• 879ac3f Merge pull request #6110 from thaJeztah/bump_engine
• 92fa1e1 vendor: github.com/docker/docker 0e2cc22d36ae (v28.2-dev)
• 4bec3a6 Merge pull request #6114 from thaJeztah/deprecate_non_compliant_registries
• a007d1a Merge pull request #6113 from thaJeztah/config_suppress_err
• bbfbd54 docs: deprecated: fallback for non-OCI-compliant registries is removed
• 2d21e1f cli/config/configfile: explicitly ignore error
• bc9be0b Merge pull request #6112 from thaJeztah/bump_tools
• 3fe7dc5 Dockerfile: update compose to v2.36.2
• 9eae2a8 Dockerfile: update buildx to v0.24.0
• a29e53d Merge pull request #6111 from thaJeztah/update_deprecations
• Additional commits viewable in compare view

Updates github.com/docker/docker from 28.1.1+incompatible to 28.2.1+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

28.2.1

Packaging updates

• Fix packaging regression in v28.2.0 which broke creating the docker group/user on a fresh installations. docker-ce-packaging#1209

28.2.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.2.0 milestone
• moby/moby, 28.2.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

[!NOTE] RHEL packages are currently not available and will be released later.

New

• Add {{.Platform}} as formatting option for docker ps to show the platform of the image the container is running. docker/cli#6042
• Add support for relative parent paths (../) on bind mount sources when using docker run/create with -v/--volume or --mount type=bind options. docker/cli#4966
• CDI is now enabled by default. moby/moby#49963
• Show discovered CDI devices in docker info. docker/cli#6078
• docker image rm: add --platform option to remove a variant from multi-platform images. docker/cli#6109
• containerd image store: Initial BuildKit support for building Windows container images on Windows (requires an opt-in with DOCKER_BUILDKIT=1). moby/moby#49740

Bug fixes and enhancements

• Add a new log option for fluentd log driver (fluentd-write-timeout), which enables specifying write timeouts for fluentd connections. moby/moby#49911
• Add support for DOCKER_AUTH_CONFIG for the experimental --use-api-socket option. docker/cli#6019
• Fix docker exec waiting for 10 seconds if a non-existing user or group was specified. moby/moby#49868
• Fix docker swarm init ignoring cacert option of --external-ca. docker/cli#5995
• Fix an issue where the CLI would not correctly save the configuration file (~/.docker/config.json) if it was a relative symbolic link. docker/cli#5282
• Fix containers with --restart always policy using CDI devices failing to start on daemon restart. moby/moby#49990
• Fix shell-completion to only complete some flags once, even though they can be set multiple times. docker/cli#6030
• Fix the plugin does not implement PluginAddr interface error for Swarm CSI drivers. moby/moby#49961
• Improve docker login error messages for invalid options. docker/cli#6036
• Make sure the terminal state is restored if the CLI is forcefully terminated. docker/cli#6058
• Update the default seccomp profile to match the libseccomp v2.6.0. The new syscalls are: listmount, statmount, lsm_get_self_attr, lsm_list_modules, lsm_set_self_attr, mseal, uretprobe, riscv_hwprobe, getxattrat, listxattrat, removexattrat, and setxattrat. This prevents containers from receiving EPERM errors when using them. moby/moby#50077
• docker inspect: add shell completion, improve flag-description for --type and improve validation. docker/cli#6052
• containerd image store: Enable BuildKit garbage collector by default. moby/moby#49899
• containerd image store: Fix docker build not persisting overridden images as dangling. moby/moby#49702
• containerd image store: Fix docker system df reporting a negative reclaimable space amount. moby/moby#49707
• containerd image store: Fix duplicate PUT requests when pushing a multi-platform image. moby/moby#49949

Packaging updates

• Drop Ubuntu 20.04 "Focal" packages as it reached end of life. docker/docker-ce-packaging#1200
• Fix install location for RPM-based docker-ce man-pages. docker/docker-ce-packaging#1203

... (truncated)

Commits

• 0e2cc22 Merge pull request #50049 from robmry/nftables_env_var_enable
• e37efd4 Merge pull request #50068 from mmorel-35/github.com/containerd/errdefs
• 1d6b471 Merge pull request #50092 from thaJeztah/bump_dev_cli
• 5cc94a5 Merge pull request #50094 from thaJeztah/rm_non_compliant_registry_fallback
• 8330a08 Merge pull request #50097 from vvoland/seccomp-lsm
• 148a19b seccomp: Require CAP_SYS_ADMIN for lsm_* syscalls
• 0ab8108 seccomp: Fix typo in lsm_set_self_attr
• 21a165d Use env-var DOCKER_FIREWALL_BACKEND=nftables to enable nftables
• 637e814 clean up golangci-lint config for deprectated errdefs.*
• 37caf38 volume: replace uses of errdefs package
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.21.1 to 0.22.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.22.0

Welcome to the v0.22.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Akihiro Suda
• Sebastiaan van Stijn
• Alberto Garcia Hierro
• Anthony Nandaa
• Jonathan A. Sternberg
• Bertrand Paquet
• Gleb Nebolyubov
• Justin Chadwell
• liulanzheng

Notable Changes

• Add checksum support to Git source. #5975
• Allow duration based filters on diskusage requests. #5455
• Ignore Apple extended file attributes during copy. #5937 tonistiigi/fsutil#235
• Support for building overlaybd images. #3867 docs
• Improve error message for registry and local cache export when using image-manifest and oci-mediatypes options. #5966
• Fix supported platforms reported by the worker. #5968
• Fix CDI device request by class annotation. #5969
• Fix panic when using a tiny terminal. #5967
• CNI plugins have been updated to v1.7.1. #5533

Dependency Changes

• github.com/containerd/accelerated-container-image v1.2.3 new
• github.com/containerd/containerd/v2 v2.0.4 -> v2.0.5
• github.com/docker/cli v28.0.4 -> v28.1.1
• github.com/docker/docker v28.0.4 -> v28.1.1
• github.com/moby/go-archive 21f3f3385ab7 -> v0.1.0
• github.com/moby/sys/atomicwriter v0.1.0 new
• github.com/tonistiigi/fsutil 5b74a7ad7583 -> 3f76f8130144
• github.com/vbatts/tar-split v0.11.6 -> v0.12.1

Previous release can be found at v0.21.1

v0.22.0-rc2

Welcome to the v0.22.0-rc2 release of buildkit! This is a pre-release of buildkit

... (truncated)

Commits

• 13cf07c Merge pull request #5979 from crazy-max/v0.22-picks-0.22.0-rc2
• a3712e2 allow duration based filters on diskusage requests
• 93b71cd git: add testcase for checking that adding checksum doesn't break cache
• 17ae6d0 git: verify checksum early and more tests
• 13f36e6 dockerfile: implement ADD --checksum=COMMIT_HASH GIT_URL
• 8e1bbed git source: add AttrGitChecksum
• 141a4a6 Merge pull request #5533 from crazy-max/update-cni
• 40e8799 Merge pull request #5923 from crazy-max/run-device-docs
• 6b3c423 dockerfile: update cni to 1.7.1
• 4da8760 dockerfile: run device docs
• Additional commits viewable in compare view

Updates helm.sh/helm/v3 from 3.17.3 to 3.18.1

Release notes

Sourced from helm.sh/helm/v3's releases.

Helm v3.18.1

v3.18.1

Helm v3.18.1 is a patch release. Users are encouraged to upgrade for the best experience. Users are encouraged to upgrade for the best experience.

The community keeps growing, and we'd love to see you there!

• Join the discussion in Kubernetes Slack:
  • for questions and just to hang out
  • for discussing PRs, code, and bugs
• Hang out at the Public Developer Call: Thursday, 9:30 Pacific via Zoom
• Test, debug, and contribute charts: ArtifactHub/packages

Installation and Upgrading

Download Helm v3.18.1. The common platform binaries are here:

• MacOS amd64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:4f8453aa-001e-003c-5205-d0dcf3000000 Time:2025-05-28T19:20:05.5109560Z)
• MacOS arm64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:a900358b-401e-005f-2f05-d04108000000 Time:2025-05-28T19:20:07.2988256Z)
• Linux amd64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:986fe6a5-d01e-002f-8005-d0f8ff000000 Time:2025-05-28T19:20:08.7172759Z)
• Linux arm (checksum / BlobNotFoundThe specified blob does not exist. RequestId:2f981509-f01e-005a-6505-d093d3000000 Time:2025-05-28T19:20:11.8122083Z)
• Linux arm64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:b3650821-501e-0043-4705-d01368000000 Time:2025-05-28T19:20:13.2709106Z)
• Linux i386 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:5ed8caa4-501e-0053-1405-d0d600000000 Time:2025-05-28T19:20:10.2914063Z)
• Linux ppc64le (checksum / BlobNotFoundThe specified blob does not exist. RequestId:56ba38e6-601e-0067-2f05-d0e5c8000000 Time:2025-05-28T19:20:14.8541300Z)
• Linux s390x (checksum / BlobNotFoundThe specified blob does not exist. RequestId:be1aaddc-e01e-0034-0305-d0c6fc000000 Time:2025-05-28T19:20:16.2794423Z)
• Linux riscv64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:a677f8be-001e-0061-2505-d0d677000000 Time:2025-05-28T19:20:18.0550305Z)
• Windows amd64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:3626c97e-601e-0005-5805-d027ef000000 Time:2025-05-28T19:20:19.5433518Z)
• Windows arm64 (checksum / BlobNotFoundThe specified blob does not exist. RequestId:5ed92440-501e-0053-5705-d0d600000000 Time:2025-05-28T19:20:20.7596381Z)

... (truncated)

Commits

• f6f8700 fix(client): skipnode utilization for PreCopy
• 4da7015 fix(client): layers now returns manifest - remove duplicate from descriptors
• 1a8507f fix(client): return nil on non-allowed media types
• 015531c Prevent fetching newReference again as we have in calling method
• 9db1a12 Prevent failure when resolving version tags in oras memory store
• e8bfa0e Update pkg/plugin/plugin.go
• 24b4490 Update pkg/plugin/plugin.go
• 7e8f534 Wait for Helm v4 before raising when platformCommand and Command are set
• ea04cea Fix 3.18.0 regression: registry login with scheme
• bec6609 Revert "fix (helm) : toToml` renders int as float [ backport to v3 ]"
• Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.37.0 to 1.37.1

Commits

• 2b52dd0 unify bind_blob
• f8f328e vendor [email protected], updates #207
• 57a821e link to benchmarks
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[knqyf263]

If I understand correctly, Moby added a breaking change in https://github.com/moby/moby/pull/48457/files#diff-1f70f5aaa8e69e41c40be3547fec07069d43f3b8c0dfa4be9de8595e2f7c3372R88.

[knqyf263]

The Breaking Change

• Commit: d0ad1357a141c795e1e0490e3fed00ddabcb91b9
• Merged: May 26, 2025
• Change: ImageInspect.Config field type changed from *container.Config to *dockerspec.DockerOCIImageConfig

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.