chore(deps): bump github.com/moby/buildkit from 0.28.1 to 0.29.0 in the moby group

[dependabot]

Bumps the moby group with 1 update: github.com/moby/buildkit.

Updates github.com/moby/buildkit from 0.28.1 to 0.29.0

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.29.0

Welcome to the v0.29.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• David Karlsson
• Akihiro Suda
• Sebastiaan van Stijn
• Brian Ristuccia
• Jonathan A. Sternberg
• Mateusz Gozdek
• Natnael Gebremariam

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.23.0 changelog
• Git sources can now initialize all files from a Git checkout with commit time in the LLB API for better reproducibility. See Dockerfile changelog for how to enable this in the Dockerfile frontend #6600
• Various file access operations in Git and HTTP sources have been hardened for improved security #6613
• Frontends can now report updated SOURCE_DATE_EPOCH with result metadata that can be used by exporters #6601
• Fix possible panic when listing build history after recent deletions #6614
• Fix possible issue where builds from Git repositories could start to fail after submodule rename #6563
• Fix possible process lifecycle event ordering issue in interactive container API that could cause deadlocks in the client #6531
• Fix regression where build progress skipped the message about layers being pushed to the registry #6587
• Fix possible cgroup initialization failure in BuildKit container image entrypoint on some environments #6585
• Fix issue with resolving symlinks via file access methods of the Gateway API #6559
• Fix possible "parent snapshot does not exist" error when exporting images in parallel #6558
• Fix possible panic from zstd compression #6599
• Fix issue where cache imports from an uninitialized local cache tag could fail the build #6554
• Included CNI plugins have been updated to v1.9.1 #6583
• Included QEMU emulator support has been updated to v10.2.1 #6580
• Runc container runtime has been updated to v1.3.5 #6625

Dependency Changes

• github.com/aws/aws-sdk-go-v2 v1.41.1 -> v1.41.4
• github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 -> v1.7.5
• github.com/aws/aws-sdk-go-v2/config v1.32.7 -> v1.32.12
• github.com/aws/aws-sdk-go-v2/credentials v1.19.7 -> v1.19.12
• github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 -> v1.18.20
• github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 -> v1.4.20
• github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 -> v2.7.20
• github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 -> v1.8.6
• github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 -> v1.13.7

... (truncated)

Commits

• 8543ce4 Merge pull request #6634 from moby/dependabot/github_actions/crazy-max-dot-gi...
• 1154c7e Merge pull request #6635 from moby/dependabot/github_actions/codecov/codecov-...
• 326e4d1 Merge pull request #6637 from moby/dependabot/github_actions/github/codeql-ac...
• 676cdfa Merge pull request #6636 from moby/dependabot/github_actions/actions/setup-go...
• 1dd2e50 build(deps): bump github/codeql-action from 4.34.1 to 4.35.1
• 21fb771 build(deps): bump actions/setup-go from 6.3.0 to 6.4.0
• 06b36e5 build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0
• 969f5e4 build(deps): bump the crazy-max-dot-github group with 2 updates
• f8fd302 Merge pull request #6623 from crazy-max/zizmor
• a103fb6 Merge pull request #6625 from thaJeztah/bump_runc_1.3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions