build(deps): bump github.com/cyphar/filepath-securejoin

dependabot[bot] · AkihiroSuda · commit 3c77b01014e8 · 2025-11-28T14:48:27.000+09:00
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.4.1 to 0.6.1. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](cyphar/filepath-securejoin@v0.4.1...v0.6.1) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-version: 0.6.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
diff --git a/.github/workflows/job-lint-project.yml b/.github/workflows/job-lint-project.yml
@@ -49,8 +49,11 @@ jobs:
           repo-access-token: ${{ secrets.GITHUB_TOKEN }}
           # go-licenses-ignore is set because go-licenses cannot detect the license of the following package:
           # * go-base36: Apache-2.0 OR MIT (https://github.com/multiformats/go-base36/blob/master/LICENSE.md)
+          # * filepath-securejoin: MPL-2.0 AND BSD-3-Clause, exceptionally approved by CNCF
+          #   (https://github.com/cncf/foundation/issues/1154#issuecomment-3562385979)
           #
           # The list of the CNCF-approved licenses can be found here:
           # https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md
           go-licenses-ignore: |
             github.com/multiformats/go-base36
+            github.com/cyphar/filepath-securejoin
diff --git a/go.mod b/go.mod
@@ -30,7 +30,7 @@ require (
 	github.com/containernetworking/plugins v1.8.0 //gomodjail:unconfined
 	github.com/coreos/go-iptables v0.8.0 //gomodjail:unconfined
 	github.com/coreos/go-systemd/v22 v22.6.0
-	github.com/cyphar/filepath-securejoin v0.4.1 //gomodjail:unconfined
+	github.com/cyphar/filepath-securejoin v0.6.1 //gomodjail:unconfined
 	github.com/distribution/reference v0.6.0
 	github.com/docker/cli v29.0.3+incompatible //gomodjail:unconfined
 	github.com/docker/docker v28.5.2+incompatible //gomodjail:unconfined
diff --git a/go.sum b/go.sum
@@ -76,8 +76,8 @@ github.com/coreos/go-systemd/v22 v22.6.0/go.mod h1:iG+pp635Fo7ZmV/j14KUcmEyWF+0X
 github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
 github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
 github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=
-github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
-github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
+github.com/cyphar/filepath-securejoin v0.6.1 h1:5CeZ1jPXEiYt3+Z6zqprSAgSWiggmpVyciv8syjIpVE=
+github.com/cyphar/filepath-securejoin v0.6.1/go.mod h1:A8hd4EnAeyujCJRrICiOWqjS1AX0a9kM5XL+NwKoYSc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
