Bump github.com/containerd/containerd/api from 1.7.19 to 1.8.0 in /cmd

[dependabot]

Bumps github.com/containerd/containerd/api from 1.7.19 to 1.8.0.

Release notes

Sourced from github.com/containerd/containerd/api's releases.

containerd API 1.8.0

Welcome to the api/v1.8.0 release of containerd!

The first dedicated release for the containerd API. This release continues the 1.x line of API compatibility with the 9th minor release of the 1.x API.

Highlights

• Add Update API for sandbox controller (#9903)
• Add PluginInfo to introspection API (#9442)
• Expose usage of deprecated features (#9258)
• Add image delete target (#8989)

Go client

• Add api Go module and move all protos under api (#10151)

Image Distribution

• Enable Transfer service API to support plain HTTP (#10024)
• Enable Transfer service to use registry configuration directory (#9908)
• Update Transfer service to add OCI descriptors to Progress structure (#9630)
• Add option to perform syncfs after pull (#9401)

Runtime

• Store bootstrap parameters in sandbox metadata (#9736)
• Add sandboxer configuration and move sandbox controllers to plugins (#8268)
• Add annotations to CreateSandbox request (#8960)
• Add SandboxMetrics (#8680)
• Publish sandbox events (#8602)

Deprecations

• Add type alias for event Envelope (#10279)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Derek McGowan
• Maksym Pavlenko
• Wei Fu
• Abel Feng
• Akihiro Suda
• Phil Estes
• Danny Canter
• Samuel Karp
• Kohei Tokunaga

... (truncated)

Commits

• cf36acf Merge pull request #10935 from dmcgowan/prepare-api-v1.8.0
• c017828 Merge pull request #10877 from AkihiroSuda/runc-1.2.0
• 716445a Merge pull request #10933 from dmcgowan/test-container-resilience
• b6d1178 Merge pull request #10934 from dmcgowan/update-errdefs-1.0
• 481692a Merge pull request #10926 from AkihiroSuda/docs-2.0
• d389118 Prepare release notes for api/v1.8.0
• 93f9db2 Update errdefs tag to v1.0.0
• bddeba8 Make TestContainerPids more resilient
• ada2fa1 Merge pull request #10927 from AkihiroSuda/fix-removal-criv1alpha2
• cb4ce9a Merge pull request #10886 from thaJeztah/fix_retry_logs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
gomod/github.com/containerd/containerd/api	1.8.0	🟢 8.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Fuzzing 🟢 10 project is fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6
gomod/google.golang.org/genproto/googleapis/rpc	0.0.0-20240401170217-c3f982113cda	🟢 5.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 17 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2 Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Files

• cmd/go.mod

[dependabot]

Looks like github.com/containerd/containerd/api is up-to-date now, so this is no longer needed.