build(deps): bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible

[dependabot]

Bumps github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.7

24.0.7

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.7 milestone
• moby/moby, 24.0.7 milestone

Bug fixes and enhancements

• Write overlay2 layer metadata atomically. moby/moby#46703
• Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. moby/moby#46626
• Fix dockerd-rootless-setuptools.sh when username contains a backslash. moby/moby#46407
• Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when dockerd --bridge=none is used. moby/moby#46702
• Fix a bug where cancelling an API request could interrupt container restart. moby/moby#46697
• Fix an issue where containers would fail to start when providing --ip-range with a range larger than the subnet. docker/for-mac#6870
• Fix data corruption with zstd output. moby/moby#46709
• Fix the conditions under which the container's MAC address is applied. moby/moby#46478
• Improve the performance of the stats collector. moby/moby#46448
• Fix an issue with source policy rules ending up in the wrong order. moby/moby#46441

Packaging updates

• Add support for Fedora 39 and Ubuntu 23.10. docker/docker-ce-packaging#940, docker/docker-ce-packaging#955
• Fix docker.socket not getting disabled when uninstalling the docker-ce RPM package. docker/docker-ce-packaging#852
• Upgrade Go to go1.20.10. docker/docker-ce-packaging#951
• Upgrade containerd to v1.7.6 (static binaries only). moby/moby#46103
• Upgrade the containerd.io package to v1.6.24.

Security

• Deny containers access to /sys/devices/virtual/powercap by default. This change hardens against CVE-2020-8694, CVE-2020-8695, and CVE-2020-12912, and an attack known as the PLATYPUS attack. For more details, see advisory, commit.

Commits

• 311b9ff Merge pull request #46697 from thaJeztah/24.0_backport_restart_nocancel
• af60804 Merge pull request from GHSA-jq35-85cj-fj4p
• 3cf363e Merge pull request #46709 from thaJeztah/24.0_backport_bump_compress
• 05d7386 daemon: daemon.containerRestart: don't cancel restart on context cancel
• 649c944 Merge pull request #46703 from thaJeztah/24.0_backport_atomic-layer-data-write
• 9b20b1a Merge pull request #46702 from thaJeztah/24.0_backport_releaseNetwork_Network...
• dd37b0b vendor: github.com/klauspost/compress v1.17.2
• 7058c0d vendor: github.com/klauspost/compress v1.16.5
• 57bd388 daemon: overlay2: Write layer metadata atomically
• 05d95fd daemon: release sandbox even when NetworkDisabled
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #2067 (af4a479) into master (4989f44) will increase coverage by 0.23%.
Report is 262 commits behind head on master.
The diff coverage is 59.71%.

@@            Coverage Diff             @@
##           master    #2067      +/-   ##
==========================================
+ Coverage   61.22%   61.45%   +0.23%     
==========================================
  Files          46       53       +7     
  Lines        7141     8774    +1633     
==========================================
+ Hits         4372     5392    +1020     
- Misses       2462     2953     +491     
- Partials      307      429     +122     

Files	Coverage Δ
pkg/common/executor.go	51.69% <100.00%> (+1.69%)	⬆️
pkg/container/docker_cli.go	82.23% <ø> (ø)
pkg/container/docker_logger.go	52.08% <ø> (ø)
pkg/runner/step_action_local.go	93.54% <100.00%> (ø)
pkg/runner/step_action_remote.go	91.56% <100.00%> (+0.65%)	⬆️
pkg/runner/step_docker.go	93.18% <100.00%> (ø)
pkg/container/file_collector.go	37.30% <0.00%> (ø)
pkg/container/util.go	0.00% <0.00%> (ø)
pkg/container/docker_build.go	60.00% <80.00%> (+1.02%)	⬆️
...ontainer/linux_container_environment_extensions.go	23.07% <0.00%> (-1.25%)	⬇️
... and 31 more

... and 2 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ EDITORCONFIG	editorconfig-checker	2		0	0.02s
✅ REPOSITORY	gitleaks	yes		no	3.31s
✅ REPOSITORY	git_diff	yes		no	0.23s
✅ REPOSITORY	grype	yes		no	11.04s
✅ REPOSITORY	secretlint	yes		no	1.57s
✅ REPOSITORY	trivy-sbom	yes		no	0.83s
✅ REPOSITORY	trufflehog	yes		no	19.11s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by