Bump github.com/moby/buildkit from 0.22.0 to 0.23.0 #255

dependabot · 2025-06-18T05:13:29Z

Bumps github.com/moby/buildkit from 0.22.0 to 0.23.0.

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.23.0

Welcome to the v0.23.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

Tõnis Tiigi

CrazyMax

Akihiro Suda

Anthony Nandaa

Austin Vazquez

Brian Goff

Dan Duvall

Jonathan A. Sternberg

Nicolas Schweitzer

Roberto Villarreal

Sebastiaan van Stijn

zfrank

Notable Changes

Add opt-in support for SLSA provenance v1. This is expected to become the default in a future release. #6005 docs

Allow duration based filters on diskusage requests. #5455

Allow authorization secrets to be set per hostname with HTTP_AUTH_HEADER_<host> or HTTP_AUTH_TOKEN_<host>. #6023

Add support for raw mode in the SSH agent provider. #6003

Improve URL joining to prevent malformed GitHub Cache service URLs. #6026 tonistiigi/go-actions-cache#38

Update Runc v1.3.0. #5977

Fix possible "unknown file mode" error when transferring files on Windows (previous fix did not work). #6025

Fix race condition when enabling and disabling privileges in WCOW. #5959

Fix unnecessary registry requests for local image lookups if reference contains a digest. #6029

Fix privileges error for local exporter in WCOW. #6007

Fix OCI export of multi-platform scratch result. #5996

Fix handle not found error during cache export. #5999

Fix type=local,platform-split=true for single platform build to work the same as it would with a multi-platform build. #6007

Fix some data races shown on the race detector. #6006

Dependency Changes

github.com/Microsoft/hcsshim v0.12.9 -> v0.13.0

github.com/containerd/accelerated-container-image v1.2.3 -> v1.3.0

github.com/containerd/console v1.0.4 -> v1.0.5

github.com/containerd/containerd/api v1.8.0 -> v1.9.0

github.com/containerd/containerd/v2 v2.0.5 -> v2.1.1

github.com/containerd/fuse-overlayfs-snapshotter/v2 v2.1.1 -> v2.1.6

github.com/containerd/nydus-snapshotter v0.15.0 -> v0.15.2

github.com/containernetworking/cni v1.2.3 -> v1.3.0

... (truncated)

Commits

cc8ff80 Merge pull request #6031 from tonistiigi/v0.23-rc2-picks
2a2ea09 resolver: allow reference matches for local image lookups
7fdda10 Merge pull request #6027 from crazy-max/fix-docs-provenance
e5faaa6 Merge pull request #6026 from crazy-max/vendor-go-actions-cache
9b8aded Merge pull request #6007 from tonistiigi/fix-platform-split-true
b1cff73 docs: fix heading levels in slsa-definitions page
a23bc16 vendor: github.com/tonistiigi/go-actions-cache 388a2ec8cdf8
5606f26 Merge pull request #6005 from crazy-max/slsa-v1
db03322 test: use platforms spec instead of runtime const
3eb4e72 client: add test for forcing platform-split=true on single-arch build
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.22.0 to 0.23.0. - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](moby/buildkit@v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: github.com/moby/buildkit dependency-version: 0.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

coveralls · 2025-06-18T05:15:42Z

coverage: 53.521%. remained the same
when pulling 34b7802 on dependabot/go_modules/github.com/moby/buildkit-0.23.0
into bfdd688 on main.

dependabot · 2025-06-23T05:50:26Z

Superseded by #256.

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 18, 2025

dependabot bot closed this Jun 23, 2025

dependabot bot deleted the dependabot/go_modules/github.com/moby/buildkit-0.23.0 branch June 23, 2025 05:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump github.com/moby/buildkit from 0.22.0 to 0.23.0 #255

Bump github.com/moby/buildkit from 0.22.0 to 0.23.0 #255

Uh oh!

dependabot bot commented on behalf of github Jun 18, 2025

Uh oh!

coveralls commented Jun 18, 2025

Uh oh!

dependabot bot commented on behalf of github Jun 23, 2025

Uh oh!

Uh oh!

Bump github.com/moby/buildkit from 0.22.0 to 0.23.0 #255

Bump github.com/moby/buildkit from 0.22.0 to 0.23.0 #255

Uh oh!

Conversation

dependabot bot commented on behalf of github Jun 18, 2025

v0.23.0

Contributors

Notable Changes

Dependency Changes

Uh oh!

coveralls commented Jun 18, 2025

Uh oh!

dependabot bot commented on behalf of github Jun 23, 2025

Uh oh!

Uh oh!