murdoc/opencode-sandbox
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 11 Packages 1 Wiki Activity Actions

chore(deps): update dependency docker/buildx to v0.32.1 #36

Merged
murdoc merged 1 commit from renovate-docker-buildx-0-x into main 2026-03-06 05:32:05 +00:00
Conversation 0 Commits 1 Files changed 1 +1 -1
murdoc commented 2026-03-05 16:37:51 +00:00
Owner
Copy link

This PR contains the following updates:

Package Update Change OpenSSF
docker/buildx minor 0.31.10.32.1 OpenSSF Scorecard

Release Notes

docker/buildx (docker/buildx)

v0.32.1

Compare Source

buildx 0.32.1

Welcome to the v0.32.1 release of buildx!

Please try out the release binaries and report any issues at
https://github.com/docker/buildx/issues.

Contributors
  • CrazyMax
  • Tõnis Tiigi
Notable Changes
  • Fix possible error when building private Git repositories with secret credentials directly from remote source #​3694
Dependency Changes

This release has no dependency changes

Previous release can be found at v0.32.0

v0.32.0

Compare Source

buildx 0.32.0

Welcome to the v0.32.0 release of buildx!

Please try out the release binaries and report any issues at
https://github.com/docker/buildx/issues.

Contributors
  • Tõnis Tiigi
  • CrazyMax
  • Sebastiaan van Stijn
  • Jonathan A. Sternberg
  • Akhil Manoj
  • David Karlsson
  • yzewei
Notable Changes
  • Imagetools now supports --metadata-file flag to capture properties like descriptor/digest values for the new image. #​3638
  • Imagetools auth libraries have now been combined with the ones used in build commands, enabling previously missing support for scoped credentials and automatic fallbacks for Docker Hardened Image registries. #​3627
  • Many commands now support --timeout flag to configure the timeout for waiting for responses from remote builders. #​3665
  • Rego Policy now supports validating builds from remote sources (Git, HTTP) #​3661
  • Rego Policies now include new builtins for validating signed Sigstore bundle attestations of HTTP source artifacts. Attestations can also be automatically fetched from Github API #​3657
  • Rego policies can now use input.image.provenance to write rules validating specific provenance attestation fields. Materials of provenance can be accessed as policy secondary inputs. Requires BuildKit v0.28+ #​3652 #​3662
  • Builds failing due to policy violations now have better error messages with the failing step clearly marked and the last policy logs shown with the error. #​3656
  • Fix possible passing of incorrect Git auth token for Bake builds when multiple remotes with different hosts exist. #​3648
  • Fixed policy filesystem reference lifecycle handling to avoid stale policy filesystem state during builds. #​3674
  • Normalized default policy filename resolution from environment configuration for more consistent behavior. #​3675
  • Named contexts used in different projects now get unique "shared keys" (previously based on context name) to avoid overwriting destinations of other projects, with reduced performance. This feature requires Dockerfile 1.22+ #​3618
  • Fix local subdir named context copied with wrong parent directory for remote Bake builds #​3678
  • Bake builds now capture the original URL information of named contexts sent as inputs in request metadata #​3682 #​3462
  • Additional metrics associated with DAP debugger have been added #​3633
  • DAP file explorer now gets a more accurate state of the file system via updated BuildKit API #​3450
  • DAP file explorer source names have been improved #​3631
  • Improve the output of -q used with --call #​3655
Dependency Changes
  • github.com/aws/aws-sdk-go-v2 v1.39.6 -> v1.41.1
  • github.com/aws/aws-sdk-go-v2/config v1.31.20 -> v1.32.7
  • github.com/aws/aws-sdk-go-v2/credentials v1.18.24 -> v1.19.7
  • github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.13 -> v1.18.17
  • github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.13 -> v1.4.17
  • github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.13 -> v2.7.17
  • github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.3 -> v1.13.4
  • github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.13 -> v1.13.17
  • github.com/aws/aws-sdk-go-v2/service/signin v1.0.5 new
  • github.com/aws/aws-sdk-go-v2/service/sso v1.30.3 -> v1.30.9
  • github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.7 -> v1.35.13
  • github.com/aws/aws-sdk-go-v2/service/sts v1.40.2 -> v1.41.6
  • github.com/aws/smithy-go v1.23.2 -> v1.24.0
  • github.com/cloudflare/circl v1.6.1 -> v1.6.3
  • github.com/docker/cli v29.1.5 -> v29.2.1
  • github.com/go-openapi/errors v0.22.4 -> v0.22.6
  • github.com/go-openapi/jsonpointer v0.22.1 -> v0.22.4
  • github.com/go-openapi/jsonreference v0.21.3 -> v0.21.4
  • github.com/go-openapi/spec v0.22.1 -> v0.22.3
  • github.com/go-openapi/swag v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/cmdutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/conv v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/fileutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/jsonname v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/jsonutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/loading v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/mangling v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/netutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/stringutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/typeutils v0.25.3 -> v0.25.4
  • github.com/go-openapi/swag/yamlutils v0.25.3 -> v0.25.4
  • github.com/go-viper/mapstructure/v2 v2.4.0 -> v2.5.0
  • github.com/golang/snappy v1.0.0 new
  • github.com/google/go-containerregistry v0.20.6 -> v0.20.7
  • github.com/in-toto/in-toto-golang v0.9.0 -> v0.10.0
  • github.com/klauspost/compress v1.18.2 -> v1.18.4
  • github.com/moby/buildkit v0.27.0 -> v0.28.0
  • github.com/moby/moby/api v1.52.0 -> v1.53.0
  • github.com/moby/moby/client v0.2.1 -> v0.2.2
  • github.com/moby/policy-helpers 9fcc1a9 -> 824747b
  • github.com/package-url/packageurl-go v0.1.1 new
  • github.com/pelletier/go-toml/v2 v2.2.4 new
  • github.com/secure-systems-lab/go-securesystemslib v0.9.1 -> v0.10.0
  • github.com/sigstore/rekor v1.4.3 -> v1.5.0
  • github.com/sigstore/sigstore v1.10.0 -> v1.10.4
  • github.com/sigstore/sigstore-go b5fe07a -> v1.1.4
  • github.com/sigstore/timestamp-authority/v2 v2.0.2 -> v2.0.3
  • github.com/theupdateframework/go-tuf/v2 v2.3.0 -> v2.4.1
  • google.golang.org/genproto/googleapis/api f26f940 -> ff82c1b
  • google.golang.org/genproto/googleapis/rpc f26f940 -> 0a764e5
  • google.golang.org/grpc v1.76.0 -> v1.78.0

Previous release can be found at v0.31.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | OpenSSF | |---|---|---|---| | [docker/buildx](https://github.com/docker/buildx) | minor | `0.31.1` → `0.32.1` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/docker/buildx/badge)](https://securityscorecards.dev/viewer/?uri=github.com/docker/buildx) | --- ### Release Notes <details> <summary>docker/buildx (docker/buildx)</summary> ### [`v0.32.1`](https://github.com/docker/buildx/releases/tag/v0.32.1) [Compare Source](https://github.com/docker/buildx/compare/v0.32.0...v0.32.1) buildx 0.32.1 Welcome to the v0.32.1 release of buildx! Please try out the release binaries and report any issues at <https://github.com/docker/buildx/issues>. ##### Contributors - CrazyMax - Tõnis Tiigi ##### Notable Changes - Fix possible error when building private Git repositories with secret credentials directly from remote source [#&#8203;3694](https://github.com/docker/buildx/issues/3694) ##### Dependency Changes This release has no dependency changes Previous release can be found at [v0.32.0](https://github.com/docker/buildx/releases/tag/v0.32.0) ### [`v0.32.0`](https://github.com/docker/buildx/releases/tag/v0.32.0) [Compare Source](https://github.com/docker/buildx/compare/v0.31.1...v0.32.0) buildx 0.32.0 Welcome to the v0.32.0 release of buildx! Please try out the release binaries and report any issues at <https://github.com/docker/buildx/issues>. ##### Contributors - Tõnis Tiigi - CrazyMax - Sebastiaan van Stijn - Jonathan A. Sternberg - Akhil Manoj - David Karlsson - yzewei ##### Notable Changes - Imagetools now supports `--metadata-file` flag to capture properties like descriptor/digest values for the new image. [#&#8203;3638](https://github.com/docker/buildx/issues/3638) - Imagetools auth libraries have now been combined with the ones used in `build` commands, enabling previously missing support for scoped credentials and automatic fallbacks for Docker Hardened Image registries. [#&#8203;3627](https://github.com/docker/buildx/issues/3627) - Many commands now support `--timeout` flag to configure the timeout for waiting for responses from remote builders. [#&#8203;3665](https://github.com/docker/buildx/issues/3665) - Rego Policy now supports validating builds from remote sources (Git, HTTP) [#&#8203;3661](https://github.com/docker/buildx/issues/3661) - Rego Policies now include new builtins for validating signed Sigstore bundle attestations of HTTP source artifacts. Attestations can also be automatically fetched from Github API [#&#8203;3657](https://github.com/docker/buildx/issues/3657) - Rego policies can now use `input.image.provenance` to write rules validating specific provenance attestation fields. Materials of provenance can be accessed as policy secondary inputs. Requires BuildKit v0.28+ [#&#8203;3652](https://github.com/docker/buildx/issues/3652) [#&#8203;3662](https://github.com/docker/buildx/issues/3662) - Builds failing due to policy violations now have better error messages with the failing step clearly marked and the last policy logs shown with the error. [#&#8203;3656](https://github.com/docker/buildx/issues/3656) - Fix possible passing of incorrect Git auth token for Bake builds when multiple remotes with different hosts exist. [#&#8203;3648](https://github.com/docker/buildx/issues/3648) - Fixed policy filesystem reference lifecycle handling to avoid stale policy filesystem state during builds. [#&#8203;3674](https://github.com/docker/buildx/issues/3674) - Normalized default policy filename resolution from environment configuration for more consistent behavior. [#&#8203;3675](https://github.com/docker/buildx/issues/3675) - Named contexts used in different projects now get unique "shared keys" (previously based on context name) to avoid overwriting destinations of other projects, with reduced performance. This feature requires Dockerfile 1.22+ [#&#8203;3618](https://github.com/docker/buildx/issues/3618) - Fix local subdir named context copied with wrong parent directory for remote Bake builds [#&#8203;3678](https://github.com/docker/buildx/issues/3678) - Bake builds now capture the original URL information of named contexts sent as inputs in request metadata [#&#8203;3682](https://github.com/docker/buildx/issues/3682) [#&#8203;3462](https://github.com/docker/buildx/issues/3462) - Additional metrics associated with DAP debugger have been added [#&#8203;3633](https://github.com/docker/buildx/issues/3633) - DAP file explorer now gets a more accurate state of the file system via updated BuildKit API [#&#8203;3450](https://github.com/docker/buildx/issues/3450) - DAP file explorer source names have been improved [#&#8203;3631](https://github.com/docker/buildx/issues/3631) - Improve the output of `-q` used with `--call` [#&#8203;3655](https://github.com/docker/buildx/issues/3655) ##### Dependency Changes - **github.com/aws/aws-sdk-go-v2** v1.39.6 -> v1.41.1 - **github.com/aws/aws-sdk-go-v2/config** v1.31.20 -> v1.32.7 - **github.com/aws/aws-sdk-go-v2/credentials** v1.18.24 -> v1.19.7 - **github.com/aws/aws-sdk-go-v2/feature/ec2/imds** v1.18.13 -> v1.18.17 - **github.com/aws/aws-sdk-go-v2/internal/configsources** v1.4.13 -> v1.4.17 - **github.com/aws/aws-sdk-go-v2/internal/endpoints/v2** v2.7.13 -> v2.7.17 - **github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding** v1.13.3 -> v1.13.4 - **github.com/aws/aws-sdk-go-v2/service/internal/presigned-url** v1.13.13 -> v1.13.17 - **github.com/aws/aws-sdk-go-v2/service/signin** v1.0.5 ***new*** - **github.com/aws/aws-sdk-go-v2/service/sso** v1.30.3 -> v1.30.9 - **github.com/aws/aws-sdk-go-v2/service/ssooidc** v1.35.7 -> v1.35.13 - **github.com/aws/aws-sdk-go-v2/service/sts** v1.40.2 -> v1.41.6 - **github.com/aws/smithy-go** v1.23.2 -> v1.24.0 - **github.com/cloudflare/circl** v1.6.1 -> v1.6.3 - **github.com/docker/cli** v29.1.5 -> v29.2.1 - **github.com/go-openapi/errors** v0.22.4 -> v0.22.6 - **github.com/go-openapi/jsonpointer** v0.22.1 -> v0.22.4 - **github.com/go-openapi/jsonreference** v0.21.3 -> v0.21.4 - **github.com/go-openapi/spec** v0.22.1 -> v0.22.3 - **github.com/go-openapi/swag** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/cmdutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/conv** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/fileutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/jsonname** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/jsonutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/loading** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/mangling** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/netutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/stringutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/typeutils** v0.25.3 -> v0.25.4 - **github.com/go-openapi/swag/yamlutils** v0.25.3 -> v0.25.4 - **github.com/go-viper/mapstructure/v2** v2.4.0 -> v2.5.0 - **github.com/golang/snappy** v1.0.0 ***new*** - **github.com/google/go-containerregistry** v0.20.6 -> v0.20.7 - **github.com/in-toto/in-toto-golang** v0.9.0 -> v0.10.0 - **github.com/klauspost/compress** v1.18.2 -> v1.18.4 - **github.com/moby/buildkit** v0.27.0 -> v0.28.0 - **github.com/moby/moby/api** v1.52.0 -> v1.53.0 - **github.com/moby/moby/client** v0.2.1 -> v0.2.2 - **github.com/moby/policy-helpers** [`9fcc1a9`](https://github.com/docker/buildx/commit/9fcc1a9ec5c9) -> [`824747b`](https://github.com/docker/buildx/commit/824747bfdd3c) - **github.com/package-url/packageurl-go** v0.1.1 ***new*** - **github.com/pelletier/go-toml/v2** v2.2.4 ***new*** - **github.com/secure-systems-lab/go-securesystemslib** v0.9.1 -> v0.10.0 - **github.com/sigstore/rekor** v1.4.3 -> v1.5.0 - **github.com/sigstore/sigstore** v1.10.0 -> v1.10.4 - **github.com/sigstore/sigstore-go** [`b5fe07a`](https://github.com/docker/buildx/commit/b5fe07a5a7d7) -> v1.1.4 - **github.com/sigstore/timestamp-authority/v2** v2.0.2 -> v2.0.3 - **github.com/theupdateframework/go-tuf/v2** v2.3.0 -> v2.4.1 - **google.golang.org/genproto/googleapis/api** [`f26f940`](https://github.com/docker/buildx/commit/f26f9409b101) -> [`ff82c1b`](https://github.com/docker/buildx/commit/ff82c1b0f217) - **google.golang.org/genproto/googleapis/rpc** [`f26f940`](https://github.com/docker/buildx/commit/f26f9409b101) -> [`0a764e5`](https://github.com/docker/buildx/commit/0a764e51fe1b) - **google.golang.org/grpc** v1.76.0 -> v1.78.0 Previous release can be found at [v0.31.1](https://github.com/docker/buildx/releases/tag/v0.31.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My40Ni42IiwidXBkYXRlZEluVmVyIjoiNDMuNDYuNiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZ2l0aHViLXJlbGVhc2VzIiwibWlub3IiLCJyZW5vdmF0ZSJdfQ==-->
chore(deps): update dependency docker/buildx to v0.32.1
Some checks failed
CI Pipeline for building and pushing Docker images (staging and latest) / build_and_push_temp (pull_request) Failing after 19m59s
Details
CI Pipeline for building and pushing Docker images (staging and latest) / trivy_scan (pull_request) Has been cancelled
Details
CI Pipeline for building and pushing Docker images (staging and latest) / push_final (pull_request) Has been cancelled
Details
d467cb13ca
murdoc scheduled this pull request to auto merge when all checks succeed 2026-03-05 16:37:51 +00:00
murdoc self-assigned this 2026-03-05 19:53:36 +00:00
murdoc merged commit b08e60bea3 into main 2026-03-06 05:32:05 +00:00
murdoc deleted branch renovate-docker-buildx-0-x 2026-03-06 05:32:05 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
murdoc
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
murdoc/opencode-sandbox!36
No description provided.