Bump the docker group across 1 directory with 6 updates

[dependabot]

Bumps the docker group with 6 updates in the / directory:

Package	From	To
github.com/docker/cli	29.3.0+incompatible	29.6.1+incompatible
github.com/docker/docker-credential-helpers	0.9.5	0.9.8
github.com/docker/go-connections	0.6.0	0.7.0
github.com/moby/patternmatcher	0.6.0	0.6.1
github.com/moby/sys/sequential	0.6.0	0.7.0
github.com/moby/sys/user	0.4.0	0.4.1

Updates github.com/docker/cli from 29.3.0+incompatible to 29.6.1+incompatible

Commits

• 8900f1d Merge pull request #7074 from thaJeztah/version
• 22b8f13 Merge pull request #7069 from docker-agent/auto/migrate-to-docker-agent-action
• d9c59c9 version 29.6.1
• 6430751 Merge pull request #7073 from thaJeztah/bump_moby_user
• 8fda97b vendor: github.com/moby/sys/user v0.4.1
• f9dc4e4 chore: bump docker-agent-action to v2.0.1
• f8a2d2b Merge pull request #7070 from docker/dependabot/github_actions/actions/checko...
• 7eb15d3 build(deps): bump actions/checkout from 6.0.3 to 7.0.0
• 033b0ff Merge pull request #7063 from docker/dependabot/github_actions/crazy-max/dot-...
• 317bfd1 Merge pull request #7067 from docker/dependabot/github_actions/docker/cagent-...
• Additional commits viewable in compare view

Updates github.com/docker/docker-credential-helpers from 0.9.5 to 0.9.8

Release notes

Sourced from github.com/docker/docker-credential-helpers's releases.

v0.9.8

What's Changed

• update to go1.26.4
• wincred: inline label, and append to existing
• build(deps): bump actions/checkout from 6.0.2 to 6.0.3
• build(deps): bump codecov/codecov-action from 6.0.0 to 6.0.1
• build(deps): bump crazy-max/.github/.github/workflows/zizmor.yml from 1.7.1 to 1.10.0
• build(deps): bump docker/bake-action from 7.1.0 to 7.2.0
• build(deps): bump docker/setup-buildx-action from 4.0.0 to 4.1.0
• build(deps): bump docker/setup-qemu-action from 4.0.0 to 4.1.0

Full Changelog: docker/docker-credential-helpers@v0.9.7...v0.9.8

v0.9.7

What's Changed

• update to go1.26.3
• ci: update zizmore action to v1.7.1

Full Changelog: docker/docker-credential-helpers@v0.9.6...v0.9.7

v0.9.6

What's Changed

• update to go1.25.9
• secretservice: allow building on openbsd
• wincred: minor cleanups
• Dockerfile: document build-args
• Dockerfile: update golangci-lint to v2.11
• Dockerfile: update xx to v1.9.0
• ci: set default permissions and timeouts
• ci: update actions
• ci: pin actions by sha
• ci: add zizmor workflow

Full Changelog: docker/docker-credential-helpers@v0.9.5...v0.9.6

Commits

• 4f6bc8a Merge pull request #433 from thaJeztah/wincred_inline
• b0820e3 Merge pull request #441 from docker/dependabot/github_actions/actions/checkou...
• f84e991 Merge pull request #445 from thaJeztah/bump_go_1.26.4
• 65d1391 update to go1.26.4
• d21de35 Merge pull request #444 from docker/dependabot/github_actions/crazy-max/dot-g...
• c6ca626 build(deps): bump actions/checkout from 6.0.2 to 6.0.3
• 1d2dd3d Merge pull request #440 from docker/dependabot/github_actions/docker/setup-qe...
• 3a54b5c Merge pull request #439 from docker/dependabot/github_actions/docker/bake-act...
• b68f2ec Merge pull request #438 from docker/dependabot/github_actions/docker/setup-bu...
• 6107240 build(deps): bump crazy-max/.github/.github/workflows/zizmor.yml
• Additional commits viewable in compare view

Updates github.com/docker/go-connections from 0.6.0 to 0.7.0

Commits

• 7997b0f Merge pull request #156 from thaJeztah/bump_go_winio
• 329724a chore(deps): bump github.com/Microsoft/go-winio v0.6.2
• 161dc9b Merge pull request #155 from thaJeztah/pin_actions
• b115e42 Merge pull request #154 from thaJeztah/fix_non_linux_tests
• 4c35b2a ci: pin actions to sha
• b4454a6 tlsconfig: make root pool tests deterministic across platforms
• 0819711 tlsconfig: certPool: pass options as argument
• 0329635 tlsconfig: rename some vars that shadowed
• 894d811 Merge pull request #150 from thaJeztah/deprecate_SystemCertPool
• 0a1293a Merge pull request #153 from thaJeztah/chachacha
• Additional commits viewable in compare view

Updates github.com/moby/patternmatcher from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/moby/patternmatcher's releases.

v0.6.1

What's Changed

• fix panic / nil pointer dereference on invalid patterns moby/patternmatcher#9
• ci: update actions and test against "oldest", "oldstable" and "stable" moby/patternmatcher#8

Full Changelog: moby/patternmatcher@v0.6.0...v0.6.1

Commits

• 5a6d842 Merge pull request #9 from thaJeztah/fix_panic
• e5d80c7 fix panic / nil pointer dereference on invalid patterns
• 7f236f5 Merge pull request #8 from thaJeztah/update_ci
• a95e09c ci: update actions and test against "oldest", "oldstable" and "stable"
• See full diff in compare view

Updates github.com/moby/sys/sequential from 0.6.0 to 0.7.0

Release notes

Sourced from github.com/moby/sys/sequential's releases.

signal/v0.7.0

What's Changed

• Add lcow supported signals to windows signal map by @​katiewasnothere in moby/sys#98
• Makefile: rm .SHELLFLAGS, add set -e by @​kolyshkin in moby/sys#105

Full Changelog: moby/sys@signal/v0.6.0...signal/v0.7.0

mountinfo v0.7.0

What's Changed

• mountinfo: linux: use /proc/thread-self/mountinfo by @​cyphar in moby/sys#128

sequential v0.7.0

What's Changed

• update minimum go version to 1.24
• use os.OpenFile with O_FILE_FLAG_SEQUENTIAL_SCAN on Go 1.26+

Full Changelog: moby/sys@sequential/v0.6.0...sequential/v0.7.0

mountinfo v0.6.2

What's Changed

• update golang.org/x/sys v0.0.0-20220412211240-33da011f77ad by @​thaJeztah in moby/sys#116
• mountinfo: BSDs no longer need cgo nor reflect by @​Red54 in moby/sys#114
• mountinfo: update doc to use fs.ErrNotExist by @​manugupt1 in moby/sys#115
• Bump x/sys/unix by @​akhramov in moby/sys#118

New Contributors

• @​Red54 made their first contribution in moby/sys#114
• @​akhramov made their first contribution in moby/sys#118

Full Changelog: moby/sys@mountinfo/v0.6.1...mountinfo/v0.6.2

mountinfo v0.6.1

What's Changed

• Do not wrap errors from filepath / os as they are already wrapped. by @​manugupt1 in moby/sys#109
• ci: add go 1.18, drop 1.16 by @​kolyshkin in moby/sys#106

New Contributors

• @​manugupt1 made their first contribution in moby/sys#109

Full Changelog: moby/sys@mountinfo/v0.6.0...mountinfo/v0.6.1

Commits

• b8d8fab Merge pull request #105 from kolyshkin/fix-mac-ci
• b128335 Makefile: rm .SHELLFLAGS, add set -e
• d4611de Merge pull request #103 from kolyshkin/mount-bump-mountinfo-0.6
• e1c5b38 mount: bump mountinfo to v0.6.0
• d01e595 Merge pull request #100 from kolyshkin/mounted-fast
• 5d09d69 mountinfo: add TestMountedRoot
• 303f101 mountinfo: add tests for MountedFast
• 9742587 mountinfo: TestMountedBy: rm exp
• 3494465 mountinfo: mounted_linux_test: nits
• 88ece65 mountinfo: add MountedFast
• Additional commits viewable in compare view

Updates github.com/moby/sys/user from 0.4.0 to 0.4.1

Release notes

Sourced from github.com/moby/sys/user's releases.

mountinfo v0.4.1

Fixes and improvements:

• Fix PrefixFilter() being too greedy (#61)
• TestMountedBy*: add missing pre-checks (ce8f425e79a74602c4055fb1776f38043d56827b)
• Documentation improvements (#52)

user/v0.4.1

What's Changed

• user: prevent possible DoS via unbounded parsing of user and group database files in GHSA-mjcv-p78q-w5fw. This fixes a similar issue as CVE-2026-47262 in containerd.
• user: prevent falling back to looking up numeric usernames and improve handling of numeric user/group to prevent looking up numeric values as usernames. This fixes a similar issue as CVE-2026-46680 in containerd. moby/sys#221
• user: prevent falling back to looking up numeric usernames
• user: bump Go to 1.18, modernize moby/sys#198
• user: make code a bit more DRY moby/sys#225
• user: test cleanups moby/sys#226

Full Changelog: moby/sys@user/v0.4.0...user/v0.4.1

Commits

• 85a71bb Merge commit from fork
• 2c56c3d user: limit line length in ParseGroupFilter
• bba2f13 user: limit reads from user database files
• ee79b0e Merge pull request #221 from thaJeztah/limit_uidgid
• 6eb9f15 user: GetAdditionalGroups: treat numeric group arguments as GIDs only
• c66bd2d user: prevent falling back to looking up numeric usernames
• c873359 Merge pull request #226 from thaJeztah/user_test_cleanups
• f41a5ef Merge pull request #225 from thaJeztah/user_dry
• 5c2e8a0 user: add test-cases for maxID (math.MaxInt32)
• e001aea user: use sub-tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions