InTheForest/moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2026-01-11 18:51:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
55,292 Commits 21 Branches 532 Tags
71fd582aa2c33fabcddcf6037444c4a3009e243d
Commit Graph

166 Commits

Author SHA1 Message Date
Sebastiaan van Stijn
52f33797f3 vendor: github.com/opencontainers/runtime-tools v0.9.1-0.20251111083745-e5b454202754 
last commit before it updated to runtime-spec v1.3.0

full diff: 0ea5ed0382...e5b4542027

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 14:45:48 +01:00
Rob Murray
4384364748 Merge pull request #51702 from thaJeztah/bump_wazero 
vendor: github.com/tetratelabs/wazero v1.10.1
 2025-12-12 12:18:09 +00:00
Sebastiaan van Stijn
413b4afcba vendor: github.com/tetratelabs/wazero v1.10.1 
full diff: https://github.com/tetratelabs/wazero/compare/v0.9.0...v1.10.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 10:33:55 +01:00
Sebastiaan van Stijn
24bac4495e vendor: github.com/containernetworking/plugins v1.9.0 
no changes in vendored code

includes a fix for CVE-2025-67499

full diff: https://github.com/containernetworking/plugins/compare/v1.8.0...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-12 10:27:12 +01:00
Rob Murray
4941b36883 NRI: import containerd's NRI adaptation package 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-12-08 16:09:31 +00:00
Sebastiaan van Stijn
29560eacda go.mod: add back replace rules 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-05 16:10:28 +01:00
Sebastiaan van Stijn
4b8f9dd251 vendor: github.com/klauspost/compress v1.18.2 
No changes in vendored code

Fixes a regression in v1.18.1 that resulted in invalid flate/zip/gzip encoding.
The v1.18.1 tag has been retracted.

full diff: https://github.com/klauspost/compress/compare/v1.18.1...v1.18.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-12-02 16:45:38 +01:00
Rob Murray
4219768511 vendor: update to client 0.2.1 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 16:28:48 +00:00
Rob Murray
f745fe7f14 vendor: client/0.2.0 
Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 14:05:10 +00:00
Rob Murray
a60bea5412 Drop replace rules 
Prepare v29.1.0

Signed-off-by: Rob Murray <rob.murray@docker.com>
 2025-11-27 13:15:03 +00:00
Paweł Gronowski
c0c280ecf7 Merge pull request #51598 from thaJeztah/bump_zfs3 
vendor: github.com/mistifyio/go-zfs/v3 v3.1.0
 2025-11-26 21:46:38 +01:00
Paweł Gronowski
ea3011134b Merge pull request #51597 from vvoland/update-selinux 
vendor: github.com/opencontainers/selinux v1.13.1
 2025-11-26 21:43:45 +01:00
Sebastiaan van Stijn
e94ed33de1 vendor: github.com/mistifyio/go-zfs/v3 v3.1.0 
full diff: https://github.com/mistifyio/go-zfs/compare/v3.0.1...v3.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 17:45:58 +01:00
Paweł Gronowski
0389d3b13e vendor: github.com/opencontainers/selinux v1.13.1 
full diff: https://github.com/opencontainers/selinux/compare/v1.13.0...v1.13.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
 2025-11-26 17:36:40 +01:00
Sebastiaan van Stijn
bda87b7de8 vendor: golang.org/x/crypto v0.45.0 
full diff: https://github.com/golang/crypto/compare/v0.44.0...v0.45.0

Hello gophers,

We have tagged version v0.45.0 of golang.org/x/crypto in order to address two
security issues.

This version fixes a vulnerability in the golang.org/x/crypto/ssh package and a
vulnerability in the golang.org/x/crypto/ssh/agent package which could cause
programs to consume unbounded memory or panic respectively.

SSH servers parsing GSSAPI authentication requests don't validate the number of
mechanisms specified in the request, allowing an attacker to cause unbounded
memory consumption.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-58181 and Go issue https://go.dev/issue/76363.

SSH Agent servers do not validate the size of messages when processing new
identity requests, which may cause the program to panic if the message is
malformed due to an out of bounds read.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-47914 and Go issue https://go.dev/issue/76364.

Cheers, Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 17:33:39 +01:00
Paweł Gronowski
c592d02dfc Merge pull request #51594 from thaJeztah/bump_x_deps 
vendor: update various golang.org/x/xxx dependencies
 2025-11-26 17:28:55 +01:00
Sebastiaan van Stijn
a3916290da vendor: golang.org/x/mod v0.30.0 
full diff: https://github.com/golang/mod/compare/v0.29.0...v0.30.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:31:44 +01:00
Sebastiaan van Stijn
10d68d4399 vendor: golang.org/x/net v0.47.0 
full diff: https://github.com/golang/net/compare/v0.46.0...v0.47.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:15:14 +01:00
Sebastiaan van Stijn
633acaa5b3 vendor: golang.org/x/crypto v0.44.0 
full diff: https://github.com/golang/crypto/compare/v0.43.0...v0.44.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:14:35 +01:00
Sebastiaan van Stijn
e4900958c3 vendor: golang.org/x/text v0.31.0 
full diff: https://github.com/golang/text/compare/v0.30.0...v0.31.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:09:23 +01:00
Sebastiaan van Stijn
bd79eb0da5 vendor: golang.org/x/tools v0.38.0 
full diff: https://github.com/golang/tools/compare/v0.37.0...v0.38.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 14:08:41 +01:00
Sebastiaan van Stijn
421bda22d1 vendor: golang.org/x/sync v0.18.0 
full diff: https://github.com/golang/sync/compare/v0.17.0...v0.18.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 13:43:51 +01:00
Sebastiaan van Stijn
3054fdd8b2 vendor: golang.org/x/sys v0.38.0 
- cpu: add HPDS, LOR, PAN detection for arm64
- cpu: also use MRS instruction in getmmfr1
- cpu: use MRS instruction to read arm64 system registers
- unix: add consts for ELF handling
- unix: add SetMemPolicy and its mode/flag values
- unix: add SizeofNhmsg and SizeofNexthopGrp
- windows: add iphlpapi routing functions

full diff: https://github.com/golang/sys/compare/v0.37.0...v0.38.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 13:39:03 +01:00
Sebastiaan van Stijn
997837376a vendor: github.com/cloudflare/circl v1.6.1 
- fixes [GHSA-2x5j-vhc8-9cwm]: CIRCL-Fourq: Missing and wrong validation
  can lead to incorrect results

full diff: https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1

[GHSA-2x5j-vhc8-9cwm]: https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-26 13:30:29 +01:00
Brian Goff
6e52828ec3 Merge pull request #51517 from corhere/opencensus-bridge 
daemon: install OpenCensus-to-OTEL trace bridge
 2025-11-20 11:07:51 -08:00
Tonis Tiigi
54d269a3b4 vendor: update buildkit to v0.26.2 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2025-11-20 13:27:49 +00:00
Tonis Tiigi
774bb532f1 vendor: update buildkit to v0.26.1 
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2025-11-17 16:16:43 +00:00
Akihiro Suda
57e8ef9d30 Merge pull request #51484 from thaJeztah/vendor_oci_cgroups 
vendor: github.com/opencontainers/cgroups v0.0.6
 2025-11-14 11:32:06 -05:00
Albin Kerouanton
c151d52562 Merge pull request #51525 from akerouanton/revendor-ishidawataru-sctp 
vendor: github.com/ishidawataru/sctp v0.0.0-20251114114122-1
 2025-11-14 16:05:37 +01:00
Albin Kerouanton
49c8d77639 vendor: github.com/ishidawataru/sctp v0.0.0-20251114114122-1 
full diff: 4b890084db..19ddcbc6aa

Signed-off-by: Albin Kerouanton <albin.kerouanton@docker.com>
 2025-11-14 12:59:14 +01:00
Cory Snider
4535d63c91 daemon: install OpenCensus-to-OTEL trace bridge 
Export trace spans from the github.com/microsoft/hcsshim module, which
is instrumented with OpenCensus, to the daemon's OpenTelemetry exporter
to provide more visibility into Windows container lifecycle operations.

Signed-off-by: Cory Snider <csnider@mirantis.com>
 2025-11-13 15:00:05 -05:00
Jonathan A. Sternberg
17a3357e32 vendor: github.com/moby/buildkit v0.26.0 
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
 2025-11-12 15:53:45 -06:00
Sebastiaan van Stijn
9824080b57 Merge pull request #51012 from tonistiigi/attestation-signature-referrers 
image: pull/load/save attestation manifest and signatures with image
 2025-11-12 18:04:21 +01:00
Tonis Tiigi
47e852f061 image: pull/load/save attestation manifest and signatures with image 
Updates docker pull to pull related attestation manifest and
any signatures for that manifest in cosign referrer objects.

These objects are transferred with the image when running
docker save and docker load and can be used to identify
the image in future updates.

Push is not updated atm as the currect push semantics
in containerd mode do not have correct immutability
guaranteed and don't work with image indexes.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
 2025-11-12 07:53:46 -08:00
Sebastiaan van Stijn
16b95ba758 go.mod: add back replace rules 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-12 15:43:16 +01:00
Tonis Tiigi
3874ca5984 vendor: update buildkit to v0.26.0-rc2 
Currently requires replace rule for swarmkit etcd.

BuildKit itself doesn't use etcd but version gets bumped
via unused dependency.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:15:07 +01:00
Sebastiaan van Stijn
d558896fae vendor: github.com/secure-systems-lab/go-securesystemslib v0.9.1 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:54 +01:00
Sebastiaan van Stijn
bb07fdcd14 vendor: github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.2 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:54 +01:00
Sebastiaan van Stijn
f1d0fe47c9 vendor: github.com/golang-jwt/jwt/v5 v5.3.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:54 +01:00
Sebastiaan van Stijn
79344e1c9a vendor: github.com/gofrs/flock v0.13.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:53 +01:00
Sebastiaan van Stijn
d36617d2c1 vendor: github.com/containerd/nydus-snapshotter v0.15.4 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:53 +01:00
Sebastiaan van Stijn
1e48c34345 vendor: github.com/containerd/stargz-snapshotter/estargz v0.17.0 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:53 +01:00
Sebastiaan van Stijn
c169cc9629 vendor: github.com/google/certificate-transparency-go v1.3.2 
full diff: https://github.com/google/certificate-transparency-go/compare/v1.1.4...v1.3.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:53 +01:00
Sebastiaan van Stijn
940c8d6b71 vendor: cloud.google.com/go v0.121.6 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 23:14:52 +01:00
Sebastiaan van Stijn
ce739870fb vendor: github.com/opencontainers/cgroups v0.0.6 
- config: switch PidsLimit to *int64
- fs2: add iocost statistics
- systemd: retry when the dbus connection returns EAGAIN
- fs: fix/improve cpuacct.usage_all parsing

full diff: https://github.com/opencontainers/cgroups/compare/v0.0.5...v0.0.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 19:23:01 +01:00
Sebastiaan van Stijn
f740e0fefa vendor: github.com/containerd/containerd/v2 v2.2.0 
full diff: https://github.com/containerd/containerd/compare/v2.1.5...v2.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 16:13:34 +01:00
Sebastiaan van Stijn
1639703e56 vendor: github.com/containernetworking/plugins v1.8.0 
full diff: https://github.com/containernetworking/plugins/compare/v1.7.1...v1.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 16:13:31 +01:00
Sebastiaan van Stijn
e4278c4c54 vendor: github.com/containerd/go-cni v1.1.13 
full diff: https://ithub.com/containerd/go-cni/compare/v1.1.12...v1.1.13

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 16:12:25 +01:00
Sebastiaan van Stijn
7c798d012a vendor: sigs.k8s.io/yaml v1.6.0 
full diff: https://github.com/kubernetes-sigs/yaml/compare/v1.4.0...v1.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 16:12:25 +01:00
Sebastiaan van Stijn
d8f2aa4e3b vendor: github.com/containerd/containerd/api v1.10.0 
full diff: https://github.com/containerd/containerd/compare/api/v1.9.0...api/v1.10.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2025-11-11 16:12:24 +01:00