build(deps): bump github.com/containers/buildah from 1.41.4 to 1.42.0

[dependabot]

Bumps github.com/containers/buildah from 1.41.4 to 1.42.0.

Release notes

Sourced from github.com/containers/buildah's releases.

v1.42.0

What's Changed

Notable changes

• Bump c/storage to v1.59.0, c/image v5.36.0, c/common v0.64.0, Buildah to v1.41.0, then v1.42.0-dev by @​TomSweeneyRedHat in containers/buildah#6293
• CI: make runc tests non-blocking by @​nalind in containers/buildah#6286
• Restore the default meaning of --pull (should be always). by @​Romain-Geissler-1A in containers/buildah#6300
• Exclude pulled up parent directories at commit-time by @​nalind in containers/buildah#6296
• Only suppress "noted" items when not squashing by @​nalind in containers/buildah#6302
• History should note unset-label, timestamp, and rewrite-timestamp by @​nalind in containers/buildah#6315
• build: --mount=type=bind ignore modTime for cache candidates by @​flouthoc in containers/buildah#6311
• copy: assume a destination with basename "." is a directory by @​nalind in containers/buildah#6310
• Run: reap stray processes by @​nalind in containers/buildah#6307
• imagebuildah.StageExecutor.Execute: commit more "no instructions" cases by @​nalind in containers/buildah#6314
• Rework how we decide what to filter out of layer diffs by @​nalind in containers/buildah#6332
• Adding mohanboddu as community manager to MAINTAINERS.md by @​mohanboddu in containers/buildah#6339
• Mount image fails with imagestores by @​nalind in containers/buildah#6340
• Losen the dependency on go-connections/tlsconfig by @​mtrmac in containers/buildah#6328
• Support "--imagestore" global flags by @​nalind in containers/buildah#6341
• Add --transient-store global option by @​nalind in containers/buildah#6346
• Handle tagged+digested references when processing --all-platforms by @​nalind in containers/buildah#6353
• Switch common, storage and image to monorepo. by @​jankaluza in containers/buildah#6356
• chroot: use $PATH when finding commands by @​nalind in containers/buildah#6378
• Update to Go 1.24 by @​nalind in containers/buildah#6380
• Run: create parent directories of mount targets with mode 0755 by @​nalind in containers/buildah#6381
• .cirrus.yml: Test Vendoring bump golang by @​flouthoc in containers/buildah#6386
• Revert "fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0" by @​Luap99 in containers/buildah#6403
• Make some test files different from each other by @​nalind in containers/buildah#6405
• commit: always return the config digest as the image ID by @​nalind in containers/buildah#6426
• copier: ignore user.overlay.* xattrs by @​nalind in containers/buildah#6429
• Include the Sequoia crypto backend, and run integration tests with it by @​mtrmac in containers/buildah#6390
• build,add: add support for corporate proxies by @​userid0x0 in containers/buildah#6274

Dependency updates

• fix(deps): update module github.com/spf13/pflag to v1.0.7 by @​renovate[bot] in containers/buildah#6292
• fix(deps): update module github.com/containers/common to v0.64.0 by @​renovate[bot] in containers/buildah#6294
• fix(deps): update module github.com/docker/docker to v28.3.3+incompatible by @​renovate[bot] in containers/buildah#6303
• fix(deps): update github.com/containers/luksy digest to 8fccf78 by @​renovate[bot] in containers/buildah#6309
• fix(deps): update module github.com/containers/storage to v1.59.1 by @​renovate[bot] in containers/buildah#6312
• fix(deps): update module github.com/containers/image/v5 to v5.36.1 by @​renovate[bot] in containers/buildah#6316
• fix(deps): update module github.com/containers/common to v0.64.1 by @​renovate[bot] in containers/buildah#6318
• fix(deps): update module github.com/seccomp/libseccomp-golang to v0.11.1 by @​renovate[bot] in containers/buildah#6320
• fix(deps): update module golang.org/x/sys to v0.35.0 by @​renovate[bot] in containers/buildah#6323
• fix(deps): update module golang.org/x/term to v0.34.0 by @​renovate[bot] in containers/buildah#6325
• fix(deps): update module github.com/docker/go-connections to v0.6.0 by @​renovate[bot] in containers/buildah#6324
• fix(deps): update module golang.org/x/crypto to v0.41.0 by @​renovate[bot] in containers/buildah#6326
• Update module github.com/stretchr/testify to v1.11.0 by @​renovate[bot] in containers/buildah#6350
• Update module go.etcd.io/bbolt to v1.4.3 by @​renovate[bot] in containers/buildah#6347
• Update module github.com/stretchr/testify to v1.11.1 by @​renovate[bot] in containers/buildah#6355
• Update module github.com/spf13/cobra to v1.10.1 by @​renovate[bot] in containers/buildah#6363

... (truncated)

Changelog

Sourced from github.com/containers/buildah's changelog.

v1.42.0 (2025-10-17)

Bump to storage v1.61.0, image v5.38.0, common v0.66.0
fix(deps): update module github.com/openshift/imagebuilder to v1.2.19
fix(deps): update module github.com/openshift/imagebuilder to v1.2.18
copier: ignore user.overlay.* xattrs
commit: always return the config digest as the image ID
fix(deps): update module golang.org/x/crypto to v0.43.0
fix(deps): update module golang.org/x/sys to v0.37.0
fix(deps): update module github.com/docker/docker to v28.5.1+incompatible
fix(deps): update module github.com/moby/buildkit to v0.25.1
fix(deps): update module github.com/opencontainers/runc to v1.3.2
fix(deps): update module github.com/docker/docker to v28.5.0+incompatible
fix(deps): update module github.com/moby/buildkit to v0.25.0
fix(deps): update github.com/containers/luksy digest to 2cf5bc9
Make some test files different from each other
Revert "fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0"
Also run integration tests with the Sequoia backend
Allow users to build against podman-sequoia in non-default locations
fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0
.cirrus.yml: Test Vendoring bump golang
vendor: bump go.podman.io/{common,image,storage} to main
fix(deps): update module golang.org/x/crypto to v0.42.0
fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
fix(deps): update module github.com/moby/buildkit to v0.24.0
fix(deps): update module github.com/spf13/pflag to v1.0.10
fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.2
fix(deps): update module github.com/opencontainers/runc to v1.3.1
fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
fix(deps): update module golang.org/x/sync to v0.17.0
tests/run.bats: "run masks" test: accept "unreadable" masked directories
Run: create parent directories of mount targets with mode 0755
tests/run.bats: "run masks" test: accept "unreadable" masked directories
New VM images
Suppress a linter warning
modernize: JSON doesn't do "omitempty" structs, so stop asking
modernize: use maps.Copy() instead of iterating over a map to copy it
modernize: use strings.CutPrefix/SplitSeq/FieldsSeq
Update expected/minimum version of Go to 1.24
chroot: use $PATH when finding commands
[skip-ci] Update actions/stale action to v10
Update module github.com/ulikunitz/xz to v0.5.15 [SECURITY]
Update go.sum
New VM images
Update module github.com/openshift/imagebuilder to v1
Update module github.com/spf13/cobra to v1.10.1
Switch common, storage and image to monorepo.
Update module github.com/stretchr/testify to v1.11.1
Update module go.etcd.io/bbolt to v1.4.3
Handle tagged+digested references when processing --all-platforms

... (truncated)

Commits

• 1ba41f0 Bump to Buildah v1.42.0
• c23bf6b Bump to storage v1.61.0, image v5.38.0, common v0.66.0
• 991a731 Merge pull request #6274 from userid0x0/cmdAdd_proxyFix
• 91e289c Merge pull request #6369 from containers/renovate/actions-stale-10.x
• 1ba3ba2 Merge pull request #6433 from containers/renovate/github.com-openshift-imageb...
• 858a514 fix(deps): update module github.com/openshift/imagebuilder to v1.2.19
• fee9c4d Merge pull request #6390 from mtrmac/sequoia
• c777bae Merge pull request #6431 from containers/renovate/github.com-openshift-imageb...
• a0bc525 fix(deps): update module github.com/openshift/imagebuilder to v1.2.18
• 8e12e11 Merge pull request #6429 from nalind/ignore-user-overlay
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

[taukakao]

This is failing because it needs to be upgraded in Prometheus first I think.

[mirkobrombin]

Could be