corresponding PR for containerd/cri: containerd/cri#1189 (I assumed it was OK to bump this separate from a revendor of containerd/cri).

should this be marked for cherry-picking?

@Random-Liu @justincormack ptal

Build succeeded.

• containerd-build-arm64 : SUCCESS in 8m 14s (non-voting)

Failure is https://travis-ci.org/containerd/containerd/jobs/550175559/config

Test Suite Failed
--- FAIL: TestCRISuite (60.80s)
    cri_test.go:121: Failed to run tests in paralllel: exit status 1
FAIL

LGTM

@crosbymichael @thaJeztah just curious, have you folks tried out using dependabot (or similar) for automating PRs like these?

I've discussed using it in some other contexts; it could help with some of these (not sure if it would help for all, as we sometimes have to curate/coordinate what version to pin to). Switching to Go Mod also could help for some cases (but brings a lot of problems with it as well)

seccomp_version is added in libseccomp 2.3.0 seccomp/libseccomp@58a7c20.

This change increases libseccomp requirement to 2.3.0, NOT "Minimum supported version of libseccomp bumped to v2.2.0 (seccomp/libseccomp-golang@fc02980"

I've tried with libseccomp 2.2.3, and got error undefined symbol: seccomp_version.

Is this what we expected? If it is, I'll update one of our test image; if not, we may want to fix it.

Yes that commit was confusing as it mentioned both 2.2.0 and 2.3.0

Hmm, I had forgotten about that incompatibility. That basically means having to drop support for older distros which is probably not what we want.