chore(deps): Bump the backend group across 1 directory with 5 updates

.github/contributors.yaml

@@ -83,3 +83,6 @@ users:
   jim-junior:
     name: Beingana Jim Junior
     email: jimjunior854@gmail.com
+  charma7:
+    name: A test user
+    email: test@mail.com

.github/workflows/add-git-trailers.yml

@@ -1,71 +1,53 @@
 name: Add Git Trailers to PR commits
 
 on:
-  workflow_call:
-    secrets:
-      GIT_CLONE_PAT:
-        required: false
-      URUNC_BOT_PRIVATE_KEY:
-        required: true
+  pull_request_review:
+    types: [submitted]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
 
 permissions:
   contents: read
 
 jobs:
   git-trailers:
     name: Add Git Trailers
-    runs-on: ${{ matrix.runner }}
-    strategy:
-      matrix:
-        include:
-          - arch: amd64
-            runner: ubuntu-22.04
-    continue-on-error: true
-    permissions:
-      contents: write
-      pull-requests: write
+    if: >-
+      github.event.pull_request.base.ref == 'main' &&
+      github.event.review.state == 'approved' &&
+      (github.event.pull_request.rebaseable == null ||
+      github.event.pull_request.rebaseable == true)
+    runs-on: ubuntu-22.04
     steps:
       - name: Harden the runner (Audit all outbound calls)
         uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           egress-policy: audit
 
-      - name: Exit if PR is not rebaseable
-        if: ${{ github.event.pull_request.rebaseable != null && github.event.pull_request.rebaseable == false }}
-        run: exit 1
-
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          fetch-depth: 0
-          ref: ${{ github.event.pull_request.head.sha }}
-
-      - name: Append git trailers
-        uses: nubificus/git-trailers@8e08c91bb4c1fd9cb1ccbd9cc8029c31acf8da66 # feat_use_rebase
-        with:
-          user_info: .github/contributors.yaml
-
       - name: Generate urunc-bot token
         id: generate-token
         uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
         with:
           app-id: ${{ vars.URUNC_BOT_APP_ID }}
           private-key: ${{ secrets.URUNC_BOT_PRIVATE_KEY }}
 
-      - name: Set up Git
-        run: |
-          git config --global user.name "urunc-bot[bot]"
-          git config --global user.email "urunc-bot[bot]@users.noreply.github.com"
+      - name: Checkout code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          token: ${{ steps.generate-token.outputs.token }}
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
 
       - name: Append git trailers
-        uses: nubificus/git-trailers@18fd322f3fbfd505b4de728974a4ac1f32f758a7 # feat_auto_merge
+        uses: nubificus/git-trailers@e3cefe03237a8a33f12ee41a8194bfb03a4d179b # fix_auto_merge
         with:
           user_info: .github/contributors.yaml
 
       - name: Merge PR
         env:
           GH_TOKEN: ${{ steps.generate-token.outputs.token }}
+          PR_URL: ${{ github.event.pull_request.html_url }}
         run: |
-          PR_URL=${{ github.event.pull_request.html_url }}
-
           gh pr merge "$PR_URL" --rebase --admin

.github/workflows/pr-merge.yml

@@ -4,6 +4,8 @@ on:
   pull_request_target:
     types:
       - closed
+    branches:
+      - 'main-pr*'
 
 permissions:
   contents: read
@@ -23,11 +25,6 @@ jobs:
         with:
           egress-policy: audit
 
-      - name: Set up Git
-        run: |
-          git config --global user.name "urunc-bot[bot]"
-          git config --global user.email "urunc-bot[bot]@users.noreply.github.com"
-
       - name: Check out repo
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
@@ -42,21 +39,33 @@ jobs:
           private-key: ${{ secrets.URUNC_BOT_PRIVATE_KEY }}
 
       - name: Append git trailers
-        uses: nubificus/git-trailers@18fd322f3fbfd505b4de728974a4ac1f32f758a7 # feat_auto_merge
+        uses: nubificus/git-trailers@e3cefe03237a8a33f12ee41a8194bfb03a4d179b # fix_auto_merge
         with:
           user_info: .github/contributors.yaml
 
       - name: Create a Pull Request from PR_BRANCH to main and merge it
         env:
           GH_TOKEN: ${{ steps.generate-token.outputs.token }}
+          PR_BRANCH: ${{ github.event.pull_request.base.ref }}
         run: |
-          PR_BRANCH=${{ github.event.pull_request.base.ref }}
-
+          PR_NUMBER=${PR_BRANCH#main-pr}
+
+          # Use GitHub's API to get issues referenced with closing keywords
+          CLOSING_ISSUES=$(gh pr view "$PR_NUMBER" --json closingIssuesReferences \
+            --jq '.closingIssuesReferences[].number' || true)
+
+          BODY="This PR was automatically created by GitHub Actions to merge changes from $PR_BRANCH into main."
+          if [ -n "$CLOSING_ISSUES" ]; then
+            while IFS= read -r issue; do
+              BODY="$BODY"$'\n'"Closes #$issue"
+            done <<< "$CLOSING_ISSUES"
+          fi
+
           # Create the pull request
           PR_URL=$(gh pr create \
             --head "$PR_BRANCH" \
             --base main \
             --title "Merge External PR: Merge $PR_BRANCH into main" \
-            --body "This PR was automatically created by GitHub Actions to merge changes from $PR_BRANCH into main.")
+            --body "$BODY")
 
           gh pr merge "$PR_URL" --rebase --admin --delete-branch

README.md

@@ -145,7 +145,7 @@ supported VM/Sandbox monitors and unikernels:
 | Unikraft  | QEMU, Firecracker          | x86         | Initrd, 9pfs                            |
 | MirageOS  | QEMU, Solo5-hvt, Solo5-spt | x86,aarch64 | Block/Devmapper                         |
 | Mewz      | QEMU                       | x86         | In-memory                               |
-| Linux     | QEMU, Firecracker          | x86         | Initrd, Block/Devmapper, 9pfs, Virtiofs |
+| Linux     | QEMU, Firecracker, clh     | x86         | Initrd, Block/Devmapper, 9pfs, Virtiofs |
 | Hermit    | QEMU                       | x86         | Initrd                                  |
 
 We plan to add support for more unikernel frameworks and other platforms too.

go.mod

@@ -1,6 +1,6 @@
 module github.com/urunc-dev/urunc
 
-go 1.25.0
+go 1.26.2
 
 require (
 	github.com/BurntSushi/toml v1.6.0
@@ -10,14 +10,14 @@ require (
 	github.com/creack/pty v1.1.24
 	github.com/elastic/go-seccomp-bpf v1.6.0
 	github.com/hashicorp/go-version v1.9.0
-	github.com/jackpal/gateway v1.1.1
+	github.com/jackpal/gateway v1.2.0
 	github.com/moby/sys/mount v0.3.4
 	github.com/moby/sys/userns v0.1.0
 	github.com/nubificus/hedge_cli v0.0.3
-	github.com/onsi/ginkgo/v2 v2.28.1
-	github.com/onsi/gomega v1.39.1
+	github.com/onsi/ginkgo/v2 v2.28.3
+	github.com/onsi/gomega v1.40.0
 	github.com/opencontainers/runc v1.3.4
-	github.com/opencontainers/runtime-spec v1.2.1
+	github.com/opencontainers/runtime-spec v1.3.0
 	github.com/prometheus-community/pro-bing v0.8.0
 	github.com/rs/zerolog v1.35.1
 	github.com/sirupsen/logrus v1.9.4
@@ -26,7 +26,7 @@ require (
 	github.com/vishvananda/netlink v1.3.1
 	github.com/vishvananda/netns v0.0.5
 	golang.org/x/sys v0.43.0
-	k8s.io/cri-api v0.35.4
+	k8s.io/cri-api v0.36.0
 )
 
 require (
@@ -56,7 +56,7 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/google/go-cmp v0.7.0 // indirect
-	github.com/google/pprof v0.0.0-20260115054156-294ebfa9ad83 // indirect
+	github.com/google/pprof v0.0.0-20260402051712-545e8a4df936 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/klauspost/compress v1.18.3 // indirect
 	github.com/mattn/go-colorable v0.1.14 // indirect
@@ -69,17 +69,16 @@ require (
 	github.com/opencontainers/image-spec v1.1.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/stretchr/objx v0.5.3 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/mod v0.32.0 // indirect
-	golang.org/x/net v0.49.0 // indirect
-	golang.org/x/sync v0.19.0 // indirect
-	golang.org/x/text v0.33.0 // indirect
-	golang.org/x/tools v0.41.0 // indirect
+	golang.org/x/mod v0.35.0 // indirect
+	golang.org/x/net v0.53.0 // indirect
+	golang.org/x/sync v0.20.0 // indirect
+	golang.org/x/text v0.36.0 // indirect
+	golang.org/x/tools v0.44.0 // indirect
 	google.golang.org/genproto v0.0.0-20260128011058-8636f8732409 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20260128011058-8636f8732409 // indirect
 	google.golang.org/grpc v1.79.3 // indirect
-	google.golang.org/protobuf v1.36.11 // indirect
+	google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )