[pull] master from moby:master #179
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Tonis Tiigi <[email protected]>
dockerfile: enable gitquerystring frontend capability
Signed-off-by: CrazyMax <[email protected]>
- Align record selected for export with the record used for alternatives - Add integration test for ExportTo ErrNotFound Signed-off-by: Sam Oluwalana <[email protected]>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/labeler](https://github.com/actions/labeler) from 5 to 6. - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@v5...v6) --- updated-dependencies: - dependency-name: actions/labeler dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 8. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v7...v8) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
solver: Resolve infinite loop when record is ErrNotFound
…setup-go-6 build(deps): bump actions/setup-go from 5 to 6
…labeler-6 build(deps): bump actions/labeler from 5 to 6
…github-script-8 build(deps): bump actions/github-script from 7 to 8
dockerfile: update cni to 1.8.0
The `iter.Seq` returned from `maps.Keys` does not print properly with `%+v` so it prints the pointer location instead of the contents. Use `slices.Collect` to collect the iterator into a slice so it can be printed properly into the error message. Signed-off-by: Jonathan A. Sternberg <[email protected]>
gateway: no such ref now prints the all refs properly
This fails in `gitSourceHandler` because it can't handle *both* SHA-1 and SHA-256 before Git 2.45 (see PR comments), and there's not a simple way to fix that without newer Git or larger refactoring. Signed-off-by: Tianon Gravi <[email protected]> Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
full diff: docker/cli@v28.3.3...v28.4.0 Signed-off-by: Sebastiaan van Stijn <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.3.2 to 2.3.3. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@72f2c25...6cbd405) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 2.3.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
git: add sha256 commit support
vendor: github.com/docker/cli v28.4.0
…s/action-gh-release-2.3.3 build(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3
fix subject for oci artifact of attestation manifest
Signed-off-by: Søren Hansen <[email protected]>
Signed-off-by: Søren Hansen <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Jonathan A. Sternberg <[email protected]>
Based on the Referrers handler definition in Containerd 2.2 Signed-off-by: Tonis Tiigi <[email protected]>
dockerfile: promote --parents flag from labs
contentutil: allow referrers objects to be moved with CopyChain
Signed-off-by: Jonathan A. Sternberg <[email protected]>
Signed-off-by: CrazyMax <[email protected]> Signed-off-by: Tonis Tiigi <[email protected]>
dockerfile: promote RUN --security flag from labs
contrib(nvidia): match right apt repo based on os release
ResolveImageConfig was changed to ResolveSourceMetadata long time ago for cross-source implementation but the worker implementation was still using old method name with conversions. Signed-off-by: Tonis Tiigi <[email protected]>
Attestation chain can be used by the client to verify signature identity of the image. Signed-off-by: Tonis Tiigi <[email protected]>
Image manifest content is not needed for signature verification as the verification is against the top index root. Still report image manifest digest for more info about the reported attestation subject but clients need to re-resolve it from the root manifest for signature verification. Signed-off-by: Tonis Tiigi <[email protected]>
image: move image source resolver away from old interface
Add support for dynamic source policies via client session. Client session can allow or deny specific source or ask additional metadata information via sourcemetaresolver if that is needed to make the decision. Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
policysession: dynamic source policy support
Signed-off-by: Akihiro Suda <[email protected]>
go.mod: github.com/containerd/containerd/v2 v2.2.0
SelectorCache only stores the identifier and type. Constraints need to be passed directly outside of cache. Signed-off-by: Tonis Tiigi <[email protected]>
Connecurrent writes became possible when policy evaluation was made to run in parallel recently. Signed-off-by: Tonis Tiigi <[email protected]>
Add cleaner way for client to detect the daemon has session policy support. Signed-off-by: Tonis Tiigi <[email protected]>
Signed-off-by: Tonis Tiigi <[email protected]>
sourcepolicy: concurrency and cache fixes
client: enable git signature checks via policy
solver: add cap for source policy session
Signed-off-by: Tonis Tiigi <[email protected]>
- archive/tar: set a limit on the size of GNU sparse file 1.0 regions - fixes CVE-2025-58183 full diff: vbatts/tar-split@v0.12.1...v0.12.2 Signed-off-by: Sebastiaan van Stijn <[email protected]>
[v0.26] test: test updates for dockerd
vendor: github.com/vbatts/tar-split v0.12.2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
18 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )