Merge pull request #404 from thaJeztah/rm_noninteractive

Dockerfile: remove redundant DEBIAN_FRONTEND=noninteractive
2026-06-28 15:21:29 +05:30 · 2026-01-08 17:44:32 +01:00 · 2026-01-08 13:06:40 +01:00 · 2026-01-08 13:06:09 +01:00 · 2026-01-08 12:40:22 +01:00 · 2026-01-08 11:59:16 +01:00
3 changed files with 14 additions and 21 deletions
@@ -15,11 +15,11 @@ on:

 env:
  DESTDIR: ./bin
-  GO_VERSION: 1.25.1
+  GO_VERSION: 1.25.5

 jobs:
  validate:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
    strategy:
      fail-fast: false
      matrix:
@@ -29,7 +29,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
@@ -53,7 +53,7 @@ jobs:
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
      -
        name: Set up Go
        uses: actions/setup-go@v6
@@ -114,7 +114,7 @@ jobs:
          token: ${{ secrets.CODECOV_TOKEN }}

  test-sandboxed:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
    steps:
      -
        name: Set up Docker Buildx
@@ -135,11 +135,11 @@ jobs:
          token: ${{ secrets.CODECOV_TOKEN }}

  build:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          fetch-depth: 0
      -
@@ -165,7 +165,7 @@ jobs:
          find ${{ env.DESTDIR }} -type f -exec file -e ascii -e text -- {} +
      -
        name: Upload artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
        with:
          name: docker-credential-helpers
          path: ${{ env.DESTDIR }}/*
@@ -173,7 +173,7 @@ jobs:
      -
        name: GitHub Release
        if: startsWith(github.ref, 'refs/tags/v')
-        uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836  # v2.3.3
+        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b  # v2.5.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
@@ -181,11 +181,11 @@ jobs:
          files: ${{ env.DESTDIR }}/*

  build-deb:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
        with:
          fetch-depth: 0
      -
@@ -1,12 +1,11 @@
 # syntax=docker/dockerfile:1

-ARG GO_VERSION=1.25.1
+ARG GO_VERSION=1.25.5
 ARG DEBIAN_VERSION=bookworm

 ARG XX_VERSION=1.7.0
 ARG OSXCROSS_VERSION=11.3-r8-debian
-ARG GOLANGCI_LINT_VERSION=v2.5
-ARG DEBIAN_FRONTEND=noninteractive
+ARG GOLANGCI_LINT_VERSION=v2.8

 ARG PACKAGE=github.com/docker/docker-credential-helpers

@@ -18,7 +17,6 @@ FROM crazymax/osxcross:${OSXCROSS_VERSION} AS osxcross

 FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-${DEBIAN_VERSION} AS gobase
 COPY --from=xx / /
-ARG DEBIAN_FRONTEND
 RUN apt-get update && apt-get install -y --no-install-recommends clang dpkg-dev file git lld llvm make pkg-config rsync
 ENV GOFLAGS="-mod=vendor"
 ENV CGO_ENABLED="1"
@@ -56,7 +54,6 @@ EOT

 FROM golangci/golangci-lint:${GOLANGCI_LINT_VERSION} AS golangci-lint
 FROM gobase AS lint
-ARG DEBIAN_FRONTEND
 RUN apt-get install -y binutils gcc libc6-dev libgcc-11-dev libsecret-1-dev pkg-config
 RUN --mount=type=bind,target=. \
    --mount=type=cache,target=/root/.cache \
@@ -65,11 +62,9 @@ RUN --mount=type=bind,target=. \

 FROM gobase AS base
 ARG TARGETPLATFORM
-ARG DEBIAN_FRONTEND
 RUN xx-apt-get install -y binutils gcc libc6-dev libgcc-11-dev libsecret-1-dev pkg-config

 FROM base AS test
-ARG DEBIAN_FRONTEND
 RUN xx-apt-get install -y dbus-x11 gnome-keyring gpg-agent gpgconf libsecret-1-dev pass
 RUN --mount=type=bind,target=. \
    --mount=type=cache,target=/root/.cache \
@@ -1,14 +1,12 @@
 # syntax=docker/dockerfile:1

-ARG GO_VERSION=1.25.1
+ARG GO_VERSION=1.25.5
 ARG DISTRO=ubuntu
 ARG SUITE=jammy

 FROM golang:${GO_VERSION}-bookworm AS golang

 FROM ${DISTRO}:${SUITE}
-
-ARG DEBIAN_FRONTEND=noninteractive
 RUN apt-get update && apt-get install -yy debhelper dh-make libsecret-1-dev
 RUN mkdir -p /build
Author	SHA1	Message	Date
Sebastiaan van Stijn	b871f76540	Merge pull request #404 from thaJeztah/rm_noninteractive Dockerfile: remove redundant DEBIAN_FRONTEND=noninteractive	2026-01-08 17:44:32 +01:00
Sebastiaan van Stijn	50c1460bf5	Dockerfile: remove redundant DEBIAN_FRONTEND=noninteractive This should no longer be needed for current versions of Debian and Ubuntu. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2026-01-08 13:06:40 +01:00
Sebastiaan van Stijn	aecf6e5780	Merge pull request #402 from thaJeztah/bump_golangci_lint Dockerfile: update golangci-lint to v2.8	2026-01-08 13:06:09 +01:00
Sebastiaan van Stijn	ecf6c1ccc7	Merge pull request #399 from ameya-keskar/bump_go_1.25.5 update to go1.25.5	2026-01-08 12:40:22 +01:00
Ameya Keskar	b844409a12	update to go1.25.5 - Update Go version to v1.25.5 in build workflow - Update GO_VERSION to 1.25.5 in Dockerfile - Update GO_VERSION to 1.25.5 Signed-off-by: Ameya Keskar <55844298+ameya-keskar@users.noreply.github.com>	2026-01-08 11:59:16 +01:00
Sebastiaan van Stijn	9df2c7782a	Merge pull request #401 from thaJeztah/bump_ubuntu gha: update some actions to ubuntu 24.04	2026-01-08 11:57:23 +01:00
Sebastiaan van Stijn	7a15b77bcb	Dockerfile: update golangci-lint to v2.8 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2026-01-08 11:55:17 +01:00
Sebastiaan van Stijn	81f7ebebfd	gha: update some actions to ubuntu 24.04 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2026-01-08 11:49:17 +01:00
Sebastiaan van Stijn	3f97cf3ce3	Merge pull request #398 from docker/dependabot/github_actions/actions/upload-artifact-6 build(deps): bump actions/upload-artifact from 4 to 6	2026-01-08 11:28:12 +01:00
Sebastiaan van Stijn	8b5e6dffc6	Merge pull request #397 from docker/dependabot/github_actions/softprops/action-gh-release-2.5.0 build(deps): bump softprops/action-gh-release from 2.4.1 to 2.5.0	2026-01-08 11:27:39 +01:00
Sebastiaan van Stijn	4741f33d28	Merge pull request #395 from docker/dependabot/github_actions/actions/checkout-6 build(deps): bump actions/checkout from 5 to 6	2026-01-08 11:25:55 +01:00
dependabot[bot]	78303955b8	build(deps): bump actions/upload-artifact from 4 to 6 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-12-15 09:09:36 +00:00
dependabot[bot]	9b0c242b5c	build(deps): bump softprops/action-gh-release from 2.4.1 to 2.5.0 Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.4.1 to 2.5.0. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/6da8fa9354ddfdc4aeace5fc48d7f679b5214090...a06a81a03ee405af7f2048a818ed3f03bbf83c7b) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-12-02 09:09:45 +00:00
dependabot[bot]	057ed818a9	build(deps): bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2025-11-21 09:09:36 +00:00
Sebastiaan van Stijn	b7a754b9ff	Merge pull request #392 from thaJeztah/bump_go_1.25.2 update to go1.25.2	2025-10-13 14:20:23 +02:00
Sebastiaan van Stijn	62777f0887	Merge pull request #391 from docker/dependabot/github_actions/softprops/action-gh-release-2.4.1 build(deps): bump softprops/action-gh-release from 2.3.3 to 2.4.1	2025-10-13 13:24:04 +02:00
Sebastiaan van Stijn	9d04e49561	update to go1.25.2 This minor release includes 10 security fixes following the security policy: - net/mail: excessive CPU consumption in ParseAddress The ParseAddress function constructed domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this could cause excessive CPU consumption. Thanks to Philippe Antoine (Catena cyber) for reporting this issue. This is CVE-2025-61725 and Go issue https://go.dev/issue/75680. - crypto/x509: quadratic complexity when checking name constraints Due to the design of the name constraint checking algorithm, the processing time of some inputs scales non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58187 and Go issue https://go.dev/issue/75681. - crypto/tls: ALPN negotiation errors can contain arbitrary text The crypto/tls conn.Handshake method returns an error on the server-side when ALPN negotation fails which can contain arbitrary attacker controlled information provided by the client-side of the connection which is not escaped. This affects programs which log these errors without any additional form of sanitization, and may allow injection of attacker controlled information into logs. Thanks to National Cyber Security Centre Finland for reporting this issue. This is CVE-2025-58189 and Go issue https://go.dev/issue/75652. - encoding/pem: quadratic complexity when parsing some invalid inputs Due to the design of the PEM parsing function, the processing time for some inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-61723 and Go issue https://go.dev/issue/75676. - net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://[::1]/". IPv4 addresses and hostnames must not appear within square brackets. Parse did not enforce this requirement. Thanks to Enze Wang, Jingcheng Yang and Zehui Miao of Tsinghua University for reporting this issue. This is CVE-2025-47912 and Go issue https://go.dev/issue/75678. - encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion When parsing DER payloads, memories were being allocated prior to fully validating the payloads. This permits an attacker to craft a big empty DER payload to cause memory exhaustion in functions such as asn1.Unmarshal, x509.ParseCertificateRequest, and ocsp.ParseResponse. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58185 and Go issue https://go.dev/issue/75671. - net/http: lack of limit when parsing cookies can cause memory exhaustion Despite HTTP headers having a default limit of 1 MB, the number of cookies that can be parsed did not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption. net/http now limits the number of cookies accepted to 3000, which can be adjusted using the httpcookiemaxnum GODEBUG option. Thanks to jub0bs for reporting this issue. This is CVE-2025-58186 and Go issue https://go.dev/issue/75672. - crypto/x509: panic when validating certificates with DSA public keys Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-58188 and Go issue https://go.dev/issue/75675. - archive/tar: unbounded allocation when parsing GNU sparse map tar.Reader did not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions could cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input could result in large allocations. Thanks to Harshit Gupta (Mr HAX) - https://www.linkedin.com/in/iam-harshit-gupta/ for reporting this issue. This is CVE-2025-58183 and Go issue https://go.dev/issue/75677. - net/textproto: excessive CPU consumption in Reader.ReadResponse The Reader.ReadResponse function constructed a response string through repeated string concatenation of lines. When the number of lines in a response is large, this could cause excessive CPU consumption. Thanks to Jakub Ciolek for reporting this issue. This is CVE-2025-61724 and Go issue https://go.dev/issue/75716. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2025-10-13 13:22:38 +02:00
dependabot[bot]	bc131d729d	build(deps): bump softprops/action-gh-release from 2.3.3 to 2.4.1 Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.3.3 to 2.4.1. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/6cbd405e2c4e67a21c47fa9e383d020e4e28b836...6da8fa9354ddfdc4aeace5fc48d7f679b5214090) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 2.4.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2025-10-13 09:27:58 +00:00