Bump github.com/docker/docker from 25.0.5+incompatible to 26.1.0+inco…

…mpatible (#744)

Bumps [github.com/docker/docker](https://github.com/docker/docker) from
25.0.5+incompatible to 26.1.0+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v26.1.0</h2>
<h2>26.1.0</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.1.0">docker/cli,
26.1.0 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.1.0">moby/moby,
26.1.0 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v26.1.0/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v26.1.0/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>New</h3>
<ul>
<li>Add configurable OpenTelemetry utilities and basic instrumentation
to commands.
For more information, see <a
href="https://docs.docker.com/config/otel">OpenTelemetry for the Docker
CLI</a>. <a
href="https://redirect.github.com/docker/cli/pull/4889">docker/cli#4889</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Native Windows containers are configured with an internal DNS server
for container name resolution, and external DNS servers for other
lookups. Not all resolvers, including <code>nslookup</code>, fall back
to the external resolvers when they get a <code>SERVFAIL</code> answer
from the internal server. So, the internal DNS server can now be
configured to forward requests to the external resolvers, by setting
<code>&quot;features&quot;: {&quot;windows-dns-proxy&quot;: true
}</code> in the <code>daemon.json</code> file. <a
href="https://redirect.github.com/moby/moby/pull/47584">moby/moby#47584</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This will be the new default behavior in Docker Engine 27.0.</p>
</blockquote>
<blockquote>
<p>[!WARNING]
The <code>windows-dns-proxy</code> feature flag will be removed in a
future release.</p>
</blockquote>
<ul>
<li>Swarm: Fix <code>Subpath</code> not being passed to the container
config. <a
href="https://redirect.github.com/moby/moby/pull/47711">moby/moby#47711</a></li>
<li>Classic builder: Fix cache miss on <code>WORKDIR
&lt;directory&gt;/</code> build step (directory with a trailing slash).
<a
href="https://redirect.github.com/moby/moby/pull/47723">moby/moby#47723</a></li>
<li>containerd image store: Fix <code>docker images</code> failing when
any image in the store has unexpected target. <a
href="https://redirect.github.com/moby/moby/pull/47738">moby/moby#47738</a></li>
</ul>
<h2>v26.0.2</h2>
<h2>26.0.2</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.0.2">docker/cli,
26.0.2 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.0.2">moby/moby,
26.0.2 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v26.0.2/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v26.0.2/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release contains a security fix for <a
href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">CVE-2024-32473</a>,
an unexpected configuration of IPv6 on IPv4-only interfaces.</p>
<h3>Bug fixes and enhancements</h3>
<ul>
<li><a
href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">CVE-2024-32473</a>:
Ensure IPv6 is disabled on interfaces only allocated an IPv4 address by
the engine. <a
href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">moby#GHSA-x84c-p2g9-rqv9</a></li>
</ul>
<h2>v26.0.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/c8af8ebe4a8984d808f2071788dd1f00a4da78c5"><code>c8af8eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47738">#47738</a>
from vvoland/c8d-walk-image-badimagetarget</li>
<li><a
href="https://github.com/moby/moby/commit/7d95fe8db59ab6bb7c18e3179c6e54d2326e8e61"><code>7d95fe8</code></a>
c8d/list: Ignore unexpected image target</li>
<li><a
href="https://github.com/moby/moby/commit/801fd16e3e48b7638e6fee83facbb62de9a03cef"><code>801fd16</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47735">#47735</a>
from cpuguy83/better_walk_error</li>
<li><a
href="https://github.com/moby/moby/commit/6667e96dad672cd489d8ff258e4edc28317cbd09"><code>6667e96</code></a>
Include more details in errnotManifestOrIndex</li>
<li><a
href="https://github.com/moby/moby/commit/ee8b788538ea2c6d46d65f17be156de65bc21bb9"><code>ee8b788</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47734">#47734</a>
from krissetto/image-history-timestamp-dereference</li>
<li><a
href="https://github.com/moby/moby/commit/96c9353e9b6c101bac489e0386aab72ee20e7edb"><code>96c9353</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47723">#47723</a>
from vvoland/builder-fix-workdir-slash</li>
<li><a
href="https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4"><code>ab570ab</code></a>
nil dereference fix on image history Created value</li>
<li><a
href="https://github.com/moby/moby/commit/7532420f3b4f7c62fb6c0de3c92b24ad91c380a4"><code>7532420</code></a>
container/SetupWorkingDirectory: Don't mutate config</li>
<li><a
href="https://github.com/moby/moby/commit/a4d5b6b4d081fadfe933e49bd4d71d8c91ffa06f"><code>a4d5b6b</code></a>
builder/normalizeWorkdir: Always return cleaned path</li>
<li><a
href="https://github.com/moby/moby/commit/e829cca0eef5ef26fd77fec2a7a3827ab8cb72ef"><code>e829cca</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47584">#47584</a>
from robmry/upstream_dns_windows</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v25.0.5...v26.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=25.0.5+incompatible&new-version=26.1.0+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Hilmar Falkenberg <[email protected]>

go.mod

@@ -20,7 +20,7 @@ require (
 	github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f
 	github.com/distribution/reference v0.6.0
 	github.com/docker/cli v25.0.5+incompatible
-	github.com/docker/docker v25.0.5+incompatible
+	github.com/docker/docker v26.1.0+incompatible
 	github.com/docker/go-connections v0.5.0
 	github.com/drone/envsubst v1.0.3
 	github.com/fluxcd/cli-utils v0.36.0-flux.5
@@ -238,6 +238,7 @@ require (
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
+	github.com/moby/docker-image-spec v1.3.1 // indirect
 	github.com/moby/locker v1.0.1 // indirect
 	github.com/moby/spdystream v0.2.0 // indirect
 	github.com/moby/sys/sequential v0.5.0 // indirect

go.sum

@@ -314,8 +314,8 @@ github.com/docker/cli v25.0.5+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvM
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE=
-github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v26.1.0+incompatible h1:W1G9MPNbskA6VZWL7b3ZljTh0pXI68FpINx0GKaOdaM=
+github.com/docker/docker v26.1.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo=
 github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
 github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
@@ -711,6 +711,8 @@ github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zx
 github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
 github.com/mittwald/go-helm-client v0.12.9 h1:tfI5ECgrbfAolA9TnlCeA5F2TEIvdsOxVmoSyW80lCI=
 github.com/mittwald/go-helm-client v0.12.9/go.mod h1:ukR3Et5zbfBij7bFL1ZnLvPytsbBXCrI2qQYr2yVi9I=
+github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
+github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
 github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
 github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
 github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=

pkg/contexts/oci/repositories/docker/namespace.go

@@ -1,7 +1,3 @@
-// SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and Open Component Model contributors.
-//
-// SPDX-License-Identifier: Apache-2.0
-
 package docker
 
 import (
@@ -11,7 +7,7 @@ import (
 
 	"github.com/containers/image/v5/image"
 	"github.com/containers/image/v5/types"
-	dockertypes "github.com/docker/docker/api/types"
+	dockertypes "github.com/docker/docker/api/types/image"
 	"github.com/mandelsoft/logging"
 	"github.com/opencontainers/go-digest"
 
@@ -131,7 +127,7 @@ func (n *namespaceContainer) GetBlobDescriptor(digest digest.Digest) *cpi.Descri
 }
 
 func (n *namespaceHandler) ListTags() ([]string, error) {
-	opts := dockertypes.ImageListOptions{}
+	opts := dockertypes.ListOptions{}
 	list, err := n.repo.client.ImageList(dummyContext, opts)
 	if err != nil {
 		return nil, err

pkg/contexts/oci/repositories/docker/repository.go

@@ -1,14 +1,10 @@
-// SPDX-FileCopyrightText: 2022 SAP SE or an SAP affiliate company and Open Component Model contributors.
-//
-// SPDX-License-Identifier: Apache-2.0
-
 package docker
 
 import (
 	"strings"
 
 	"github.com/containers/image/v5/types"
-	dockertypes "github.com/docker/docker/api/types"
+	dockertypes "github.com/docker/docker/api/types/image"
 	"github.com/docker/docker/client"
 
 	"github.com/open-component-model/ocm/pkg/contexts/oci/cpi"
@@ -75,7 +71,7 @@ func (r *RepositoryImpl) GetNamespaces(prefix string, closure bool) ([]string, e
 }
 
 func (r *RepositoryImpl) GetRepositories() ([]string, error) {
-	opts := dockertypes.ImageListOptions{}
+	opts := dockertypes.ListOptions{}
 	list, err := r.client.ImageList(dummyContext, opts)
 	if err != nil {
 		return nil, err
@@ -103,7 +99,7 @@ func (r *RepositoryImpl) ExistsArtifact(name string, version string) (bool, erro
 	if err != nil {
 		return false, err
 	}
-	opts := dockertypes.ImageListOptions{}
+	opts := dockertypes.ListOptions{}
 	opts.Filters.Add("reference", ref.StringWithinTransport())
 	list, err := r.client.ImageList(dummyContext, opts)
 	if err != nil {

pkg/toi/drivers/docker/driver.go

@@ -15,6 +15,7 @@ import (
 	"github.com/docker/cli/cli/command"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/container"
+	"github.com/docker/docker/api/types/image"
 	registrytypes "github.com/docker/docker/api/types/registry"
 	"github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/jsonmessage"
@@ -152,8 +153,8 @@ func (d *Driver) SetContainerErr(w io.Writer) {
 	d.containerErr = w
 }
 
-func pullImage(ctx context.Context, cli command.Cli, image string) error {
-	ref, err := reference.ParseNormalizedNamed(image)
+func pullImage(ctx context.Context, cli command.Cli, imageName string) error {
+	ref, err := reference.ParseNormalizedNamed(imageName)
 	if err != nil {
 		return fmt.Errorf("unable to parse normalized name: %w", err)
 	}
@@ -171,11 +172,11 @@ func pullImage(ctx context.Context, cli command.Cli, image string) error {
 		return fmt.Errorf("unable encode auth: %w", err)
 	}
 
-	options := types.ImagePullOptions{
+	options := image.PullOptions{
 		RegistryAuth: encodedAuth,
 	}
 
-	responseBody, err := cli.Client().ImagePull(ctx, image, options)
+	responseBody, err := cli.Client().ImagePull(ctx, imageName, options)
 	if err != nil {
 		return fmt.Errorf("unable to pull image: %w", err)
 	}