starred/shiori
1
0
Fork 0
mirror of https://github.com/go-shiori/shiori.git synced 2026-04-24 22:15:52 +03:00
Code Issues 103 Projects Releases 10 Packages Wiki Activity

[PR #1168] chore(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible #1021

New issue
Open
opened 2026-02-25 23:36:14 +03:00 by kerem · 0 comments
kerem commented 2026-02-25 23:36:14 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/go-shiori/shiori/pull/1168
Author: @dependabot[bot]
Created: 11/20/2025
Status: 🔄 Open

Base: masterHead: dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

📝 Commits (1)

  • 319fcb9 chore(deps): bump github.com/docker/docker

📊 Changes

2 files changed (+3 additions, -3 deletions)

View changed files

📝 go.mod (+1 -1)
📝 go.sum (+2 -2)

📄 Description

Bumps github.com/docker/docker from 28.2.2+incompatible to 28.3.3+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v28.3.3

28.3.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release fixes an issue where, after a firewalld reload, published container ports could be accessed directly from the local network, even when they were intended to be accessible only via a loopback address. CVE-2025-54388 / GHSA-x4rx-4gw3-53p4 / moby/moby#50506.

Packaging updates

Go SDK

  • cli/command/formatter: add TrunateID() utility as alternative for github.com/docker/docker/pkg/stringid.TrunateID(). docker/cli#6180

28.3.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

  • Fix --use-api-socket not working correctly when targeting a remote daemon. docker/cli#6157
  • Fix stray "otel error" logs being printed if debug logging is enabled. docker/cli#6160
  • Quote SSH arguments when connecting to a remote daemon over an SSH connection to avoid unexpected expansion. docker/cli#6147
  • Warn when DOCKER_AUTH_CONFIG is set during docker login and docker logout. docker/cli#6163

Packaging updates

28.3.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

... (truncated)

Commits
  • bea959c Merge pull request #50506 from robmry/backport-28.x/fix_firewalld_reload
  • 3e9ff78 bridge: Reapply endpoint iptables rules on firewalld reload
  • 29ed80a bridge: Trigger firewalld reload during bridge integration tests
  • da489a1 Merge pull request #50478 from thaJeztah/28.x_backport_gha_bump_bk
  • f173e45 Merge pull request #50480 from austinvazquez/cherry-pick-ea29dffaa541289591aa...
  • e4b1f89 daemon/server: remove compatibility with API v1.4 auth-config on push
  • 0c9e14d hack/buildkit-ref: temporarily bump BuildKit to head of v0.23 branch
  • bf6d688 Merge pull request #50471 from austinvazquez/cherry-pick-b1ce0c89f0214cc6711c...
  • 4205776 client: always send (empty) body on push
  • e77ff99 Merge pull request #50354 from vvoland/50353-28.x
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/go-shiori/shiori/pull/1168 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 11/20/2025 **Status:** 🔄 Open **Base:** `master` ← **Head:** `dependabot/go_modules/github.com/docker/docker-28.3.3incompatible` --- ### 📝 Commits (1) - [`319fcb9`](https://github.com/go-shiori/shiori/commit/319fcb90f625053c3fb2c08134b154631fef2be5) chore(deps): bump github.com/docker/docker ### 📊 Changes **2 files changed** (+3 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+1 -1) 📝 `go.sum` (+2 -2) </details> ### 📄 Description Bumps [github.com/docker/docker](https://github.com/docker/docker) from 28.2.2+incompatible to 28.3.3+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v28.3.3</h2> <h2>28.3.3</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.3.3">docker/cli, 28.3.3 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.3.3">moby/moby, 28.3.3 milestone</a></li> </ul> <h3>Security</h3> <p>This release fixes an issue where, after a firewalld reload, published container ports could be accessed directly from the local network, even when they were intended to be accessible only via a loopback address. <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54388">CVE-2025-54388</a> / <a href="https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4">GHSA-x4rx-4gw3-53p4</a> / <a href="https://redirect.github.com/moby/moby/pull/50506">moby/moby#50506</a>.</p> <h3>Packaging updates</h3> <ul> <li>Update Buildx to <a href="https://github.com/docker/buildx/releases/tag/v0.26.1">v0.26.1</a>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1230">docker/docker-ce-packaging#1230</a></li> <li>Update Compose to <a href="https://github.com/docker/compose/releases/tag/v2.39.1">v2.39.1</a>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1234">docker/docker-ce-packaging#1234</a></li> <li>Update Docker Model CLI plugin to <a href="https://github.com/docker/model-cli/releases/tag/v0.1.36">v0.1.36</a>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1233">docker/docker-ce-packaging#1233</a></li> </ul> <h3>Go SDK</h3> <ul> <li>cli/command/formatter: add <code>TrunateID()</code> utility as alternative for <code>github.com/docker/docker/pkg/stringid.TrunateID()</code>. <a href="https://redirect.github.com/docker/cli/pull/6180">docker/cli#6180</a></li> </ul> <h2>28.3.2</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.3.2">docker/cli, 28.3.2 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.3.2">moby/moby, 28.3.2 milestone</a></li> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v28.3.2/docs/deprecated.md">Deprecated Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v28.3.2/docs/api/version-history.md">API version history</a>.</li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Fix <code>--use-api-socket</code> not working correctly when targeting a remote daemon. <a href="https://redirect.github.com/docker/cli/pull/6157">docker/cli#6157</a></li> <li>Fix stray &quot;otel error&quot; logs being printed if debug logging is enabled. <a href="https://redirect.github.com/docker/cli/pull/6160">docker/cli#6160</a></li> <li>Quote SSH arguments when connecting to a remote daemon over an SSH connection to avoid unexpected expansion. <a href="https://redirect.github.com/docker/cli/pull/6147">docker/cli#6147</a></li> <li>Warn when <code>DOCKER_AUTH_CONFIG</code> is set during <code>docker login</code> and <code>docker logout</code>. <a href="https://redirect.github.com/docker/cli/pull/6163">docker/cli#6163</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Update Compose to <a href="https://github.com/docker/compose/releases/tag/v2.38.2">v2.38.2</a>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1225">docker/docker-ce-packaging#1225</a></li> <li>Update Docker Model CLI plugin to <a href="https://github.com/docker/model-cli/releases/tag/v0.1.33">v0.1.33</a>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1227">docker/docker-ce-packaging#1227</a></li> <li>Update Go runtime to 1.24.5. <a href="https://redirect.github.com/moby/moby/pull/50354">moby/moby#50354</a></li> </ul> <h2>28.3.1</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.3.1">docker/cli, 28.3.1 milestone</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0"><code>bea959c</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/50506">#50506</a> from robmry/backport-28.x/fix_firewalld_reload</li> <li><a href="https://github.com/moby/moby/commit/3e9ff78b94efdd73bbccb13fe781b79ce7ca8cf1"><code>3e9ff78</code></a> bridge: Reapply endpoint iptables rules on firewalld reload</li> <li><a href="https://github.com/moby/moby/commit/29ed80aa867e93b5f5134b053325d01fb6528da7"><code>29ed80a</code></a> bridge: Trigger firewalld reload during bridge integration tests</li> <li><a href="https://github.com/moby/moby/commit/da489a11d4055fa01eeffa5a016cb03250733257"><code>da489a1</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/50478">#50478</a> from thaJeztah/28.x_backport_gha_bump_bk</li> <li><a href="https://github.com/moby/moby/commit/f173e45ae9bf199d1f3334d2fd5c4079c8d6daec"><code>f173e45</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/50480">#50480</a> from austinvazquez/cherry-pick-ea29dffaa541289591aa...</li> <li><a href="https://github.com/moby/moby/commit/e4b1f899962f287dee2291d387f04dde4b5c7e1a"><code>e4b1f89</code></a> daemon/server: remove compatibility with API v1.4 auth-config on push</li> <li><a href="https://github.com/moby/moby/commit/0c9e14dcce15b163dd1f655f9fdd33a1e71b0408"><code>0c9e14d</code></a> hack/buildkit-ref: temporarily bump BuildKit to head of v0.23 branch</li> <li><a href="https://github.com/moby/moby/commit/bf6d688157b015ac1f018367c5d8fa5fa47af6fb"><code>bf6d688</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/50471">#50471</a> from austinvazquez/cherry-pick-b1ce0c89f0214cc6711c...</li> <li><a href="https://github.com/moby/moby/commit/4205776b8538e11805bf5bdb6ff2e356d4ee358f"><code>4205776</code></a> client: always send (empty) body on push</li> <li><a href="https://github.com/moby/moby/commit/e77ff99ede5ee5952b3a9227863552ae6e5b6fb1"><code>e77ff99</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/50354">#50354</a> from vvoland/50353-28.x</li> <li>Additional commits viewable in <a href="https://github.com/docker/docker/compare/v28.2.2...v28.3.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=28.2.2+incompatible&new-version=28.3.3+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/go-shiori/shiori/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dependabot/go_modules/all-ad9dc7761f
dependabot/github_actions/all-7ab03d418b
dependabot/go_modules/golang.org/x/crypto-0.45.0
dependabot/go_modules/github.com/docker/docker-28.3.3incompatible
feat/bookmarks-api-v1
dependabot/npm_and_yarn/webapp/npm_and_yarn-7372c7abf2
deps/update202509
feat/pdf-archiver
feat/apiv1/tags
release/v1.7
fix/thumbnail-cache
gh-pages
fix/openbsd-test-speed
release/v1.6.1
release/v1.6.0
fmartingr/windows-tests
afero-removal
ci/windows-macos
feat/cookie-auth
webroot-support-new-server
fix/secret-key-makefile
frontend-jwt-auth
fmartingr/issue663
fix/remove-tag-package-name
fmartingr/issue455
fix/delete-pr-tags
feat/cross-api-authentication
feat/api-v1-to-master
release/v1.5.5
feat/api-next
release/v1.5.5-rc.2
deps/go-1.20
fix/bookmark-update
draft/gorm
v1.8.0
v1.8.0-rc.1
v1.7.4
v1.7.3
v1.7.2
v1.7.2-rc.1
v1.7.1
v1.7.0
v1.7.0-rc.3
v1.7.0-rc.2
v1.7.0-rc.1
v1.6.3
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc.7
v1.6.0-rc.6
v1.6.0-rc.5
v1.6.0-rc.4
v1.6.0-rc.3
v1.6.0-rc.2
v1.6.0-rc.1
v1.5.5
v1.5.5-rc.2
v1.5.5-rc.1
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.0
v0.9
Labels
Clear labels   
component:backend

   
component:builds

   
component:builds

   
component:extension

   
component:frontend

   
component:readability

   
database

   
database:mysql

   
database:postgres

   
database:sqlite

   
feature:ebooks

   
github_actions

   
good first issue

   
hacktoberfest

   
note:duplicate?

   
note:fixed?

   
note:out-of-scope?

   
os:windows

   
priority:high

   
priority:low

   
pull-request

Mirrored from GitHub Pull Request

  
resolution:as-intended

   
resolution:cant-reproduce

   
resolution:duplicate

   
resolution:fixed

   
resolution:wontfix

   
tag:TBD

   
tag:big-task

   
tag:help-wanted

   
tag:huge-data

   
tag:meta

   
tag:more-info

   
tag:next

   
tag:no-stale

   
tag:requires-migrations

   
tag:research

   
tag:security 🛡️

   
tag:stale

   
tag:waiting-for-assignee

   
type:bug

   
type:documentation

   
type:enhancement

   
type:meta

   
type:ux

   
user:cli

   
user:web
No labels
component:backend
component:builds
component:builds
component:extension
component:frontend
component:readability
database
database:mysql
database:postgres
database:sqlite
feature:ebooks
github_actions
good first issue
hacktoberfest
note:duplicate?
note:fixed?
note:out-of-scope?
os:windows
priority:high
priority:low
pull-request
resolution:as-intended
resolution:cant-reproduce
resolution:duplicate
resolution:fixed
resolution:wontfix
tag:TBD
tag:big-task
tag:help-wanted
tag:huge-data
tag:meta
tag:more-info
tag:next
tag:no-stale
tag:requires-migrations
tag:research
tag:security 🛡️
tag:stale
tag:waiting-for-assignee
type:bug
type:documentation
type:enhancement
type:meta
type:ux
user:cli
user:web
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/shiori#1021
No description provided.