chore(deps): bump github.com/moby/buildkit from 0.29.0 to 0.30.0

[dependabot]

Bumps github.com/moby/buildkit from 0.29.0 to 0.30.0.

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.30.0

Welcome to the v0.30.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Sebastiaan van Stijn
• Jonathan A. Sternberg
• Natnael Gebremariam
• Akihiro Suda
• Dawei Wei
• Dmitrii Kostyrev
• Jiří Moravčík
• Vladimir Kuznichenkov

Notable Changes

• Builtin Dockerfile frontend has been updated to v1.24.0 changelog
• BuildKit now supports the concept of "compatibility version" for improved reproducible builds support across different BuildKit versions. This allows users to specify a version for which the build should be compatible with, and BuildKit will attempt to maintain compatibility with that version when possible. Compatibility version will be stored in the provenance attestation of the build and can be used to independently verify the artifacts of the build on other BuildKit versions. The current compatibility version and backward compatibility with old versions are defined in Build reproducibility docs #6681
• Git sources now support fetch-by-commit option where commit is fetched by the SHA and then associated with the reference. This is useful when checking out mutable references refs/NR/merge where the commit SHA may change during invocation and cause checksum mismatch error #6708
• The LLB API now supports Git bundle format. Git bundles can be loaded from registry or OCI layout blobs and Git sources can be checked out into bundle format for snapshotting #6711
• Provenance attestations for multi-pass or chained builds now include request details for root requests and individual input requests, allowing full reconstruction of such complex builds #6739
• The version of the built-in Dockerfile frontend that was used is now included in the provenance metadata and reported via worker info APIs. #6705
• Improve error reporting for registry errors on cache export #6762
• S3 cache now supports additional options retry_mode and retry_max_attempts to configure retry behavior of S3 client #6657
• S3 cache now supports disable_accept_encoding option for GCS interoperability #6642
• Reduce potential lock contention in gateway forwarder for improved performance on parallel builds #6741
• A new log level option has been added to the buildkitd TOML configuration; previous "debug" and "trace" options have been deprecated #6732
• Allow gateway frontend requests to forward to the built-in Dockerfile frontend the same way as to external frontends #6643
• Session connection health checks have been improved to better detect loss of connectivity and avoid stuck builds #6649
• Fix issue with Git subdirectory value not being included in ConfigSource section of SLSA provenance for builds from Git sources #6724
• Avoid potential deadlock if the credential helper in the client is misbehaving and never returns credentials #6709
• Fix possible data race in provenance computation on parallel builds #6758
• Fix possible provenance capture race in concurrent no-cache builds that could leave source pins empty and fail with an invalid checksum digest error #6764
• Fix possible data race in progress writer #6679
• Fix data race in S3 cache reader #6675
• Fix possible Git config lookup errors on Windows #6639
• Fix build cancellation not working properly when blocked on credential callback #6641

Dependency Changes

• github.com/Azure/azure-sdk-for-go/sdk/azcore v1.20.0 -> v1.21.0
• github.com/Microsoft/hcsshim v0.14.0-rc.1 -> v0.14.1
• github.com/aws/aws-sdk-go-v2 v1.41.4 -> v1.41.7

... (truncated)

Commits

• dd2170e Merge pull request #6770 from crazy-max/v0.30-picks-0.30.0
• e4b9769 test: gate merge diff tests through worker capabilities
• d5956a1 skip pin race test on workers without merge diff support
• 505ab37 solver: fix race in walkProvenance
• f2e48d2 Merge pull request #6762 from jsternberg/add-error-details
• f7a40a0 Merge pull request #6758 from tonistiigi/fix-provenance-data-race
• 80e934d remotecache: propagate details field from registry when included
• a7c8749 Merge pull request #6761 from moby/dependabot/github_actions/github/codeql-ac...
• df37b67 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4
• c7ba941 Merge pull request #6759 from moby/dependabot/github_actions/docker/github-bu...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)