chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
github.com/opencontainers/runc	v1.1.13 -> v1.1.14					replace	patch
go (source)	1.23.0 -> 1.23.1					toolchain	patch
kubewarden/github-actions	v3.3.3 -> v3.3.4					action	patch

---

Release Notes

opencontainers/runc (github.com/opencontainers/runc)

v1.1.14: runc v1.1.14 -- "年を取っていいことは、驚かなくなることね。"

Compare Source

This is the fourteenth patch release in the 1.1.z release branch of
runc. It includes a fix for a low severity security issue
(CVE-2024-45310) as well as some minor build-related fixes (including Go
1.23 support).

• Fix CVE-2024-45310, a low-severity attack that allowed
  maliciously configured containers to create empty files and directories on
  the host.
• Add support for Go 1.23. (#​4360, #​4372)
• Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
  (#​4370, #​4382)
• rootfs: consolidate mountpoint creation logic. (#​4359)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to all of the contributors who made this release possible:

• Akihiro Suda [email protected]
• Aleksa Sarai [email protected]
• Kir Kolyshkin [email protected]
• Rodrigo Campos [email protected]
• Sebastiaan van Stijn [email protected]
• lifubang [email protected]

Signed-off-by: Aleksa Sarai [email protected]

golang/go (go)

v1.23.1

kubewarden/github-actions (kubewarden/github-actions)

v3.3.4

Compare Source

• use kwctl 1.16.1 (#​135)

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 70.06%. Comparing base (1c8b55e) to head (f77900b).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #875      +/-   ##
==========================================
+ Coverage   70.03%   70.06%   +0.03%     
==========================================
  Files          29       29              
  Lines        2596     2596              
==========================================
+ Hits         1818     1819       +1     
  Misses        601      601              
+ Partials      177      176       -1     

Flag	Coverage Δ
integration-tests	60.96% <ø> (+0.03%)	⬆️
unit-tests	36.21% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.