build(deps): bump github.com/docker/docker from 27.3.1+incompatible to 28.0.3+incompatible

[dependabot]

Bumps github.com/docker/docker from 27.3.1+incompatible to 28.0.3+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v28.0.3

28.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.0.3 milestone
• moby/moby, 28.0.3 milestone

Bug fixes and enhancements

• Fix docker run truncating the STDOUT/STDERR prematurely when the container exits before the data is consumed. docker/cli#5957

Packaging updates

• Update BuildKit to v0.20.2. moby/moby#49698
• Update runc to v1.2.6 (static packages only). moby/moby#49682
• Update containerd to v1.7.26. docker/containerd-packaging#409

v28.0.2

28.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 28.0.2 milestone
• moby/moby, 28.0.2 milestone

Bug fixes and enhancements

• Fix CLI-specific attributes (docker.cli.*) being unintentionally passed to downstream OTel services. docker/cli#5842
• Fix an issue where user-specified OTEL_RESOURCE_ATTRIBUTES were being overridden by CLI's internal telemetry attributes. The CLI now properly merges user-specified attributes with internal ones, allowing both to coexist. docker/cli#5842
• Fix daemon failing to start on Windows when a container created before v28.0.0 was present. moby/moby#49626
• Fix possible error on docker buildx prune with the --min-free-space. moby/moby#49623
• Fix spurious io: read/write on closed pipe error in the daemon log when closing container. moby/moby#49590
• Fix the Docker daemon failing too early if the containerd socket isn't immediately available. moby/moby#49603
• Mask Linux thermal interrupt info in a container's /proc and /sys by default. moby/moby#49560
• Update contrib/check-config.sh to check for more kernel modules related to iptables. moby/moby#49622
• containerd image store: Fix integer overflow in User ID handling passed via --user. moby/moby#49652
• containerd image store: Fix spurious reference for unknown type: application/vnd.in-toto+json warning being logged to the daemon's log. moby/moby#49652
• containerd image store: Improve performance of docker ps when running large number of containers. moby/moby#49365

Packaging updates

• Update BuildKit to v0.20.1. moby/moby#49587
• Update Buildx to v0.22.0. docker/docker-ce-packaging#1175
• Update Compose to v2.34.0. docker/docker-ce-packaging#1172
• Update Go runtime to 1.23.7. docker/cli#5890, docker/docker-ce-packaging#1171, moby/moby#49580
• Update RootlessKit to v2.3.4. moby/moby#49614
• Update containerd (static binaries only) to v1.7.27. moby/moby#49656

Networking

... (truncated)

Commits

• 330857a Merge pull request #49698 from jsternberg/buildkit-0.20.2
• 2fce935 vendor: github.com/moby/buildkit v0.20.2
• ecb03c4 Merge pull request #49691 from thaJeztah/bump_selinux
• accda31 Merge pull request #49562 from thaJeztah/switch_cgroups
• 6a0f71c Merge pull request #49686 from thaJeztah/attach_nits
• e2011af Merge pull request #49692 from thaJeztah/rm_aliases
• 3e957c6 remove some redundant import-aliases
• 4db84b1 switch to github.com/opencontainers/cgroups
• 697956a vendor: github.com/opencontainers/selinux v1.12.0
• c1cd4e5 Merge pull request #49683 from thaJeztah/vendor_ebpf
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #309.