deps(go): bump the go-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the go-dependencies group with 3 updates in the / directory: github.com/moby/moby/api, github.com/redis/go-redis/v9 and github.com/testcontainers/testcontainers-go.

Updates github.com/moby/moby/api from 1.54.1 to 1.55.0

Release notes

Sourced from github.com/moby/moby/api's releases.

api/v1.55.0

1.55.0

Changelog

• POST /containers/{id}/update now supports per-device blkio resource settingss. moby/moby#52651
• The new GET /images/{name}/attestations endpoint returns in-toto attestation statements (such as SLSA provenance and SPDX SBOM) attached to an image, with optional platform selection, predicate type filtering, and an opt-in statement query parameter for retrieving the verbatim statement bodies. Tools can now retrieve attestation metadata and content directly from the daemon instead of performing additional registry round-trips. moby/moby#52636
• docs: clarify swarm join required fields. moby/moby#52763

api/v1.55.0-rc.1

1.55.0-rc.1

Changelog

• POST /containers/{id}/update now supports per-device blkio resource settingss. moby/moby#52651
• The new GET /images/{name}/attestations endpoint returns in-toto attestation statements (such as SLSA provenance and SPDX SBOM) attached to an image, with optional platform selection, predicate type filtering, and an opt-in statement query parameter for retrieving the verbatim statement bodies. Tools can now retrieve attestation metadata and content directly from the daemon instead of performing additional registry round-trips. moby/moby#52636
• docs: clarify swarm join required fields. moby/moby#52763

api/v1.54.2

Changelog

• api/docs: cleanup changelog. moby/moby#52379
• api/docs: lower deprecation heading to a h4. moby/moby#52315
• api/docs: restore API docs and change-logs for API v1.0 - v1.23. moby/moby#52312
• api: align Topology swagger with Segments JSON shape. moby/moby#52358

Full Changelog: moby/moby@api/v1.54.1...api/v1.54.2

Commits

• b6c53c2 Merge pull request #52773 from vvoland/c8d-amd64-variants
• 01115e8 Merge pull request #52906 from vvoland/fix-TestContainerWithConflictingNoneNe...
• b36296f Merge pull request #52913 from thaJeztah/windows_does_stats
• a81aa78 TestContainerWithConflictingNoneNetwork: Extend Windows timeout
• 908a35a Merge pull request #52914 from thaJeztah/no_stderr
• 04d33b5 Merge pull request #52912 from thaJeztah/cleanup_GenerateRandomAlphaOnlyString
• 3b2f557 Merge pull request #52722 from notandruu/integration/migrate-TestInspectAPIIm...
• 62b3aae Merge pull request #52901 from vvoland/c8d-imageusage
• 11d3342 integration-cli: un-skip stats tests on Windows
• a47b1b2 Merge pull request #52891 from smerkviladze/attestations-clearer-blob-missing...
• Additional commits viewable in compare view

Updates github.com/redis/go-redis/v9 from 9.20.0 to 9.21.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.21.0

This is a minor release adding new features and bug fixes. There are no breaking changes; upgrading from 9.20.x is a drop-in replacement.

🚀 Highlights

Zero-copy GetToBuffer / SetFromBuffer

Two new StringCmdable methods let callers read and write Redis string values directly into and from pre-allocated byte buffers, eliminating the per-call payload allocation that Get/Set incur:

GetToBuffer(ctx, key, buf) *ZeroCopyStringCmd   // reads into buf; ZeroCopyStringCmd { Val() int; Bytes() []byte; Result() (int, error) }
SetFromBuffer(ctx, key, buf) *StatusCmd

GetToBuffer decodes the bulk reply straight into the caller-owned buf (no intermediate allocation); a buffer that is too small returns an error after draining the payload, so the connection stays aligned for the next reply. SetFromBuffer is provided for API symmetry — it dispatches to the same []byte writer path as Set(ctx, key, buf, 0) and produces byte-identical output on the wire. Available on *Client, *ClusterClient, *Ring, *Conn and Pipeliner.

(#3834) by @​ndyakov

Explicit LIMIT 0 for stream trimming

Redis treats XTRIM/XADD approximate-trim (~) LIMIT 0 as "disable the trimming effort cap entirely", which differs from omitting LIMIT (the implicit 100 * stream-node-max-entries default). The command builders previously only emitted LIMIT when limit > 0, so callers could never send an explicit LIMIT 0. Following the KeepTTL = -1 precedent, the new XTrimLimitDisabled = -1 sentinel now emits an explicit LIMIT 0; limit == 0 keeps the historical no-LIMIT behavior, so existing callers produce byte-identical commands.

(#3848) by @​TheRealMal

✨ New Features

• Zero-copy buffer string commands: new GetToBuffer / SetFromBuffer on StringCmdable and the ZeroCopyStringCmd result type, reading/writing string values into caller-owned buffers without per-call payload allocation (#3834) by @​ndyakov
• XTrimLimitDisabled sentinel: XTRIM/XADD approximate trimming can now send an explicit LIMIT 0 to disable the trim effort cap, via the new XTrimLimitDisabled = -1 sentinel (#3848) by @​TheRealMal
• PubSub health-check timeouts: channel.initHealthCheck now bounds the Ping it issues with a fresh per-check timeout context (the exported pingTimeout / reconnectTimeout) instead of context.TODO(), so a stuck health-check Ping can no longer block indefinitely (#3819) by @​abdellani
• Skip redundant UNWATCH in Tx.Close: a transaction now tracks whether a WATCH is still active (watchArmed) and only issues UNWATCH on Close when it is, removing an extra round trip on the common WATCH/.../EXEC and no-key Watch paths while never returning a connection to the pool with an active watch (#3854) by @​fcostaoliveira

🐛 Bug Fixes

• maintnotifications ModeAuto fail-open: ModeAuto now stays fail-open when the server does not support maintenance notifications — connections are retired and tracking is guarded during downgrade so the client keeps working instead of erroring (#3853) by @​terrorobe

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​abdellani, @​fcostaoliveira, @​ndyakov, @​terrorobe, @​TheRealMal

9.20.1

This is a patch release containing bug fixes only. There are no new features or breaking changes; upgrading from 9.20.0 is a drop-in replacement.

🚀 Highlights

RESP3 pub/sub message loss fixed

PeekPushNotificationName previously inspected only the bytes already buffered by bufio, so when a push frame header straddled a buffer fill boundary it could return a truncated notification name (e.g. "messa" instead of "message"). The push processor then mis-routed the frame and ReadReply silently dropped it, causing intermittent RESP3 pub/sub message loss. The peek now grows its window (36 bytes → up to 4 KiB) and reads more from the connection until the header is complete, cleanly separating incomplete prefixes from corrupt frames (including overflow-safe bulk-length handling). Fixes #3839.

... (truncated)

Changelog

Sourced from github.com/redis/go-redis/v9's changelog.

9.21.0 (2026-06-18)

This is a minor release adding new features and bug fixes. There are no breaking changes; upgrading from 9.20.x is a drop-in replacement.

🚀 Highlights

Zero-copy GetToBuffer / SetFromBuffer

Two new StringCmdable methods let callers read and write Redis string values directly into and from pre-allocated byte buffers, eliminating the per-call payload allocation that Get/Set incur:

GetToBuffer(ctx, key, buf) *ZeroCopyStringCmd   // reads into buf; ZeroCopyStringCmd { Val() int; Bytes() []byte; Result() (int, error) }
SetFromBuffer(ctx, key, buf) *StatusCmd

GetToBuffer decodes the bulk reply straight into the caller-owned buf (no intermediate allocation); a buffer that is too small returns an error after draining the payload, so the connection stays aligned for the next reply. SetFromBuffer is provided for API symmetry — it dispatches to the same []byte writer path as Set(ctx, key, buf, 0) and produces byte-identical output on the wire. Available on *Client, *ClusterClient, *Ring, *Conn and Pipeliner.

(#3834) by @​ndyakov

Explicit LIMIT 0 for stream trimming

Redis treats XTRIM/XADD approximate-trim (~) LIMIT 0 as "disable the trimming effort cap entirely", which differs from omitting LIMIT (the implicit 100 * stream-node-max-entries default). The command builders previously only emitted LIMIT when limit > 0, so callers could never send an explicit LIMIT 0. Following the KeepTTL = -1 precedent, the new XTrimLimitDisabled = -1 sentinel now emits an explicit LIMIT 0; limit == 0 keeps the historical no-LIMIT behavior, so existing callers produce byte-identical commands.

(#3848) by @​TheRealMal

✨ New Features

• Zero-copy buffer string commands: new GetToBuffer / SetFromBuffer on StringCmdable and the ZeroCopyStringCmd result type, reading/writing string values into caller-owned buffers without per-call payload allocation (#3834) by @​ndyakov
• XTrimLimitDisabled sentinel: XTRIM/XADD approximate trimming can now send an explicit LIMIT 0 to disable the trim effort cap, via the new XTrimLimitDisabled = -1 sentinel (#3848) by @​TheRealMal
• PubSub health-check timeouts: channel.initHealthCheck now bounds the Ping it issues with a fresh per-check timeout context (the exported pingTimeout / reconnectTimeout) instead of context.TODO(), so a stuck health-check Ping can no longer block indefinitely (#3819) by @​abdellani
• Skip redundant UNWATCH in Tx.Close: a transaction now tracks whether a WATCH is still active (watchArmed) and only issues UNWATCH on Close when it is, removing an extra round trip on the common WATCH/.../EXEC and no-key Watch paths while never returning a connection to the pool with an active watch (#3854) by @​fcostaoliveira

🐛 Bug Fixes

• maintnotifications ModeAuto fail-open: ModeAuto now stays fail-open when the server does not support maintenance notifications — connections are retired and tracking is guarded during downgrade so the client keeps working instead of erroring (#3853) by @​terrorobe

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​abdellani, @​fcostaoliveira, @​ndyakov, @​terrorobe, @​TheRealMal

---

Full Changelog: redis/go-redis@v9.20.1...v9.21.0

9.20.1 (2026-06-11)

This is a patch release containing bug fixes only. There are no new features or breaking changes; upgrading from 9.20.0 is a drop-in replacement.

... (truncated)

Commits

• 1551837 chore(release): 9.21.0 (#3857)
• 1cfa927 fix(maintnotifications): keep ModeAuto fail-open (#3853)
• 1f0ea0e feat(pubsub): introduce timeouts for Ping on channel.initHealthCheck (#3819)
• 5484b0b feat(tx): skip redundant UNWATCH in Tx.Close when no WATCH is active (#3854)
• bf57a51 chore(deps): bump rojopolis/spellcheck-github-actions (#3852)
• 641294c feat(streams): support explicit LIMIT 0 in XTRIM/XADD trimming via XTrimLimit...
• 74d9bb0 feat(command): add zero-copy GetToBuffer and SetFromBuffer (#3834)
• a13416b chore(release): 9.20.1 (#3847)
• 10dc44f fix(push): fix peeking when push name is truncated (#3842)
• e1a2d68 fix(ft.hybrid): Always generate vector param names if they are not provided b...
• Additional commits viewable in compare view

Updates github.com/testcontainers/testcontainers-go from 0.42.0 to 0.43.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.43.0

What's Changed

⚠️ Breaking Changes

• chore(wait)!: change url callback in wait.ForSQL to accept network.Port (#3650) @​thaJeztah

Users of wait.ForSQL need to follow the new API contract, using Moby's network.Port instead of string when building the callback function to check the URL. Please see https://golang.testcontainers.org/features/wait/sql/

• feat!: add PullImageWithPlatform to DockerProvider (#3710) @​blueprismo

Users implementing their own testcontainers.ImageProvider need to implement the new PullImageWithPlatform method introduced by this PR.

🚀 Features

• feat(k3s): pull image opts (#3716) @​blueprismo
• feat(wait): implement AnyMultiStrategy: ForAny equivalent to ForAll. (#3719) @​jeanbza
• feat(eventhubs): add WithAzuriteContainer and functional-options config builder (#3722) @​mdelapenya
• feat!: add PullImageWithPlatform to DockerProvider (#3710) @​blueprismo
• feat(modules/dex): add Dex OIDC provider module (#3659) @​guilycst

🐛 Bug Fixes

• fix(security): remove debug code that leaks Docker credentials (#3721) @​mdelapenya
• fix(ollama): align local exec test with Ollama 0.30.6 log format (#3715) @​mdelapenya
• fix: close temp file handle before removal (#3672) @​acouvreur
• fix(compose): close docker clients to prevent goroutine leaks (#3661) @​mdelapenya
• fix: wait for log production goroutine to drain on stop (#3660) @​mdelapenya

📖 Documentation

• chore: update usage metrics (2026-06) (#3714) @github-actions[bot]

🧹 Housekeeping

• chore(wait)!: change url callback in wait.ForSQL to accept network.Port (#3650) @​thaJeztah
• chore: update usage metrics (2026-05) (#3670) @github-actions[bot]
• chore: remove cgroupnsMode setting from K3s container configuration (#3653) @​lixin9311

📦 Dependency updates

• chore(deps): update dependencies to latest versions in go.mod and go.sum (#3729) @​Steven-Harris
• chore: bump sshd-docker image to 1.4.0 (#3727) @​mdelapenya
• chore(deps): bump Ryuk to v0.14.0 (#3313) @​mdelapenya
• chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.4 to 4.26.5 (#3713) @dependabot[bot]
• chore(deps): bump golang.org/x/sys from 0.44.0 to 0.45.0 (#3712) @dependabot[bot]
• chore(deps): bump mkdocs-include-markdown-plugin from 7.2.2 to 7.3.0 (#3711) @dependabot[bot]
• chore(deps): bump slackapi/slack-github-action from 2.1.1 to 3.0.3 (#3677) @dependabot[bot]
• chore(deps): bump idna from 3.11 to 3.15 (#3708) @dependabot[bot]
• chore(deps): bump github.com/containerd/containerd/v2 from 2.2.2 to 2.2.4 in /modules/compose (#3709) @dependabot[bot]
• chore(deps): bump urllib3 from 2.6.3 to 2.7.0 (#3704) @dependabot[bot]

... (truncated)

Commits

• 0835739 chore: use new version (v0.43.0) in modules and examples
• 85b6d70 chore(deps): update dependencies to latest versions in go.mod and go.sum (#3729)
• 8360f71 feat(k3s): pull image opts (#3716)
• b5e7022 chore: bump sshd-docker image to 1.4.0 (#3727)
• 1c05dd5 chore(deps): bump Ryuk to v0.14.0 (#3313)
• 96ab095 feat(wait): implement AnyMultiStrategy: ForAny equivalent to ForAll. (#3719)
• 42ac7d2 chore(wait)!: change url callback in wait.ForSQL to accept network.Port (#3650)
• ab312e0 chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.4 to 4.26.5 (#3713)
• c5c95e5 chore(deps): bump golang.org/x/sys from 0.44.0 to 0.45.0 (#3712)
• 465d002 chore(deps): bump mkdocs-include-markdown-plugin from 7.2.2 to 7.3.0 (#3711)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: release-note-none. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.