Bump the go-dependencies group with 2 updates

[dependabot]

Bumps the go-dependencies group with 2 updates: github.com/docker/docker and github.com/moby/buildkit.

Updates github.com/docker/docker from 28.4.0+incompatible to 28.5.0+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v28.5.0

28.5.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.5.0 milestone
• moby/moby, 28.5.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Don't print warnings in docker info for broken symlinks in CLI-plugin directories. docker/cli#6476
• Fix a panic during stats on empty event Actor.ID. docker/cli#6471

Packaging updates

• Remove support for legacy CBC cipher suites. docker/cli#6474
• Update Buildkit to v0.25.0. moby/moby#51075
• Update Dockerfile syntax to v1.19.0. moby/moby#51075

Networking

• Eliminated harmless warning about deletion of endpoint_count from the data store. moby/moby#51064
• Fix a bug causing IPAM plugins to not be loaded on Windows. moby/moby#51035

API

• Deprecate support for kernel memory TCP accounting (KernelMemoryTCP). moby/moby#51067
• Fix GET containers/{name}/checkpoints returning null instead of empty JSON array when there are no checkpoints. moby/moby#51052

Go SDK

• cli-plugins/plugin: Run: allow customizing the CLI. docker/cli#6481
• cli/command: add WithUserAgent option. docker/cli#6477

Deprecations

• Go-SDK: cli/command: deprecate DockerCli.Apply. This method is no longer used and will be removed in the next release if there are no remaining uses. docker/cli#6497
• Go-SDK: cli/command: deprecate DockerCli.ContentTrustEnabled. This method is no longer used and will be removed in the next release. docker/cli#6495
• Go-SDK: cli/command: deprecate DockerCli.DefaultVersion. This method is no longer used and will be removed in the next release. docker/cli#6491
• Go-SDK: cli/command: deprecate ResolveDefaultContext utility. docker/cli#6529
• Go-SDK: cli/command: deprecate WithContentTrustFromEnv, WithContentTrust options. These options were used internally, and will be removed in the next release.. docker/cli#6489
• Go-SDK: cli/manifest/store: deprecate IsNotFound(). docker/cli#6514
• Go-SDK: templates: deprecate NewParse() function. docker/cli#6469

v28.5.0-rc.1

28.5.0-rc.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

... (truncated)

Commits

• cd04830 Merge pull request #51075 from vvoland/51074-28.x
• e29d6be vendor: github.com/moby/buildkit v0.25.0
• 9b43690 Merge pull request #51069 from thaJeztah/28.x_backport_docs_rm_deprecated_vir...
• 4f35725 api: swagger: remove VirtualSize fields for API > v1.43
• 79f310d Merge pull request #51067 from austinvazquez/cherry-pick-deprecate-kernel-mem...
• deb4bbb api: deprecate KernelMemoryTCP support
• 423a7fd Merge pull request #51064 from thaJeztah/28.x_backport_fix_epcnt_warning
• fbf2fe8 Eliminate warning about endpoint count store delete
• 252a1eb Merge pull request #51061 from thaJeztah/28.x_backport_rm_email_example
• 2c15eb6 api/docs: remove email field from example auth
• Additional commits viewable in compare view

Updates github.com/moby/buildkit from 0.24.0 to 0.25.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.25.0

buildkit 0.25.0

Welcome to the v0.25.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Jonathan A. Sternberg
• Akihiro Suda
• Brian Goff
• greggu
• Sebastiaan van Stijn
• Søren Hansen
• Vigilans
• Sam Oluwalana
• Shivam
• Tianon Gravi
• nikelborm

Notable Changes

• Git sources now support working with SHA-256 based code repositories. #6194
• New Checksum has been added to llb.Image to specify verification digest of the image. Unlike the existing digest in the image reference, where digest overrides the tag if both are set, in this mode, the image is resolved by the tag and only verified by checksum. #6234
• The remote cache exporter (also used in provenance creation) has been completely rewritten to solve various concurrency and loop issues. There should be no user-visible changes in the cache format itself. #6129
• BuildKit daemon now supports a way to add custom fields to the provenance attestation to specify the environment BuildKit is running in. Additional field are picked up from config files in /etc/buildkitd/provenance.d directory. #6210
• Containerd executor on Windows now supports HyperVIsolation option. #6224
• Included runc container runtime has been updated to v1.3.1 #6236
• CNI plugins have been updated to v1.8.0 #6185
• Qemu emulation binaries have been updated to v10.0.4. #6215
• Fix possible infinite loop when exporting cache #6186
• Fix issue where some errors could lose their source or stack information when wrapped with errors.Join. #6226
• Multiple fixes to how the builds from Git context are recorded in provenance. #6213
• Fix issue where build arguments could be missing in the history record's provenance attestation. #6221
• Fix issue where materials=false could be incorrectly set in provenance attestation for a build that used frontend inputs. #6203
• Fix not setting the platform in the subject descriptor of the OCI artifact-style attestation manifest. This confused some registries. #6191
• Fix some improper formatting in error messages. #6192
• Fix issue with checking out annotated tags by full reference. #6244

Dependency Changes

• github.com/docker/cli v28.3.3 -> v28.4.0
• google.golang.org/protobuf v1.36.6 -> v1.36.9

... (truncated)

Commits

• 14d1ccb Merge pull request #6255 from jsternberg/v0.25-picks-0.25.0
• 9558f8a git: fix issue with checking out annotated tags by full ref
• f2a7ec9 Fix grpcerrors.AsGRPCStatus to ignore OK and Unknown status codes for
• 8b248a9 alpine: fix issue with openssh pkg in 3.22
• d369dc1 dockerfile: skip customenv tests in dockerd worker
• c8fad61 Merge pull request #6237 from jsternberg/hack-compose
• 2777c1b Merge pull request #6236 from tonistiigi/runc-v1.3.1
• 916074c hack: update hack/compose with newer otel collector
• eb49527 Merge pull request #6234 from tonistiigi/llb-image-checksum
• b7176d5 update runc to v1.3.1
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/moby/buildkit	[>= 0.20.a, < 0.21]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions