mirror of
https://github.com/coder/coder.git
synced 2025-03-14 10:09:57 +00:00
9153 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| 2a5bc27353 | chore: update terraform to 1.11.0 (#16781) | |||
| 03b5012846 |
feat: update default audit log avatar (cherry-pick #16774) (#16805)
Cherry-picked feat: update default audit log avatar (#16774) After update:  Co-authored-by: Bruno Quaresma <bruno@coder.com>v2.20.0 |
|||
| a5eb06e3f4 |
fix: add org role read perm to site template admins and auditors (cherry-pick #16733) (#16787)
Some checks failed
Deploy PR / check_pr (push) Has been cancelled
Deploy PR / get_info (push) Has been cancelled
Deploy PR / comment-pr (push) Has been cancelled
Deploy PR / build (push) Has been cancelled
Deploy PR / deploy (push) Has been cancelled
Cherry-picked fix: add org role read permissions to site wide template admins and auditors (#16733) resolves coder/internal#388 Since site-wide admins and auditors are able to access the members page of any org, they should have read access to org roles Co-authored-by: Jaayden Halko <jaayden.halko@gmail.com> |
|||
| 8aec4f2c21 |
chore: create collapsible summary component (cherry-pick #16705) (#16794)
Cherry-picked chore: create collapsible summary component (#16705) This is based on the Figma designs here: https://www.figma.com/design/WfqIgsTFXN2BscBSSyXWF8/Coder-kit?node-id=507-1525&m=dev --------- Co-authored-by: Steven Masley <stevenmasley@gmail.com> Co-authored-by: Jaayden Halko <jaayden.halko@gmail.com> Co-authored-by: Steven Masley <stevenmasley@gmail.com> |
|||
| e54e31e9f4 |
chore: add an unassign action for roles (cherry-pick #16728) (#16791)
Cherry-picked chore: add an unassign action for roles (#16728) Co-authored-by: ケイラ <mckayla@hey.com> |
|||
| 32dc903d77 |
fix: allow viewOrgRoles for custom roles page (cherry-pick #16722) (#16789)
Cherry-picked fix: allow viewOrgRoles for custom roles page (#16722) Users with viewOrgRoles should be able to see customs roles page as this matches the left sidebar permissions. Co-authored-by: Jaayden Halko <jaayden.halko@gmail.com> |
|||
| 7381f9a6c4 |
chore: warn user without permissions to view org members (cherry-pick #16721) (#16788)
Some checks are pending
Deploy PR / check_pr (push) Waiting to run
Deploy PR / get_info (push) Blocked by required conditions
Deploy PR / comment-pr (push) Blocked by required conditions
Deploy PR / build (push) Blocked by required conditions
Deploy PR / deploy (push) Blocked by required conditions
Cherry-picked chore: warn user without permissions to view org members (#16721) resolves coder/internal#392 In situations where a user accesses the org members without any permissions beyond that of a normal member, they will only be able to see themselves in the list of members. This PR shows a warning to users who arrive at the members page in this situation. <img width="1145" alt="Screenshot 2025-02-26 at 18 36 59" src="https://github.com/user-attachments/assets/16ad6ce1-2aa9-4719-bdae-914aff0fcd52" /> Co-authored-by: Jaayden Halko <jaayden.halko@gmail.com> |
|||
| 4633658d59 |
feat: implement WorkspaceCreationBan org role (cherry-pick #16686) (#16786)
Cherry-picked feat: implement WorkspaceCreationBan org role (#16686) Using negative permissions, this role prevents a user's ability to create & delete a workspace within a given organization. Workspaces are uniquely owned by an org and a user, so the org has to supercede the user permission with a negative permission. # Use case Organizations must be able to restrict a member's ability to create a workspace. This permission is implicitly granted (see https://github.com/coder/coder/issues/16546#issuecomment-2655437860). To revoke this permission, the solution chosen was to use negative permissions in a built in role called `WorkspaceCreationBan`. # Rational Using negative permissions is new territory, and not ideal. However, workspaces are in a unique position. Workspaces have 2 owners. The organization and the user. To prevent users from creating a workspace in another organization, an [implied negative permission]( |
|||
| 6da3c9d48c |
fix: allow orgs with default github provider (cherry-pick #16755) (#16784)
Cherry-picked fix: allow orgs with default github provider (#16755) This PR fixes 2 bugs: ## Problem 1 The server would fail to start when the default github provider was configured and the flag `--oauth2-github-allowed-orgs` was set. The error was ``` error: configure github oauth2: allow everyone and allowed orgs cannot be used together ``` This PR fixes it by enabling "allow everone" with the default provider only if "allowed orgs" isn't set. ## Problem 2 The default github provider uses the device flow to authorize users, and that's handled differently by our web UI than the standard oauth flow. In particular, the web UI only handles JSON responses rather than HTTP redirects. There were 2 code paths that returned redirects, and the PR changes them to return JSON messages instead if the device flow is configured. Co-authored-by: Hugo Dutka <hugo@coder.com> |
|||
| 99a5d72a8d |
docs: suggest disabling the default GitHub OAuth2 provider on k8s (cherry-pick #16758) (#16783)
Cherry-picked docs: suggest disabling the default GitHub OAuth2 provider on k8s (#16758) For production deployments we recommend disabling the default GitHub OAuth2 app managed by Coder. This PR mentions it in k8s installation docs and the helm README so users can stumble upon it more easily. Co-authored-by: Hugo Dutka <hugo@coder.com> |
|||
| fc0db40791 |
docs: document default GitHub OAuth2 configuration and device flow (2.20) (#16782)
Cherry-picked docs: document default GitHub OAuth2 configuration and device flow (#16663) Document the changes made in https://github.com/coder/coder/pull/16629 and https://github.com/coder/coder/pull/16585. Co-authored-by: Hugo Dutka <hugo@coder.com> |
|||
| b7ea479de3 |
chore: track workspace resource monitors in telemetry (cherry-pick #16776) (#16779)
Cherry-picked chore: track workspace resource monitors in telemetry (#16776) Addresses https://github.com/coder/nexus/issues/195. Specifically, just the "tracking templates" requirement: > ## Tracking in templates > To enable resource alerts, a user must add the resource_monitoring block to a template's coder_agent resource. We'd like to track if customers have any resource monitoring enabled on a per-deployment basis. Even better, we could identify which templates are using resource monitoring. Co-authored-by: Hugo Dutka <hugo@coder.com> |
|||
| 735dc5d794 |
feat(agent): add second SSH listener on port 22 (cherry-pick #16627) (#16763)
Some checks are pending
Deploy PR / check_pr (push) Waiting to run
Deploy PR / get_info (push) Blocked by required conditions
Deploy PR / comment-pr (push) Blocked by required conditions
Deploy PR / build (push) Blocked by required conditions
Deploy PR / deploy (push) Blocked by required conditions
Cherry-picked feat(agent): add second SSH listener on port 22 (#16627) Fixes: https://github.com/coder/internal/issues/377 Added an additional SSH listener on port 22, so the agent now listens on both, port one and port 22. --- Change-Id: Ifd986b260f8ac317e37d65111cd4e0bd1dc38af8 Signed-off-by: Thomas Kosiewski <tk@coder.com> |
|||
| 114cf57580 |
fix: handle undefined job while updating build progress (cherry-pick #16732) (#16740)
Some checks failed
Deploy PR / check_pr (push) Has been cancelled
Deploy PR / get_info (push) Has been cancelled
Deploy PR / comment-pr (push) Has been cancelled
Deploy PR / build (push) Has been cancelled
Deploy PR / deploy (push) Has been cancelled
Cherry-picked fix: handle undefined job while updating build progress (#16732) Fixes: https://github.com/coder/coder/issues/15444 Co-authored-by: Marcin Tojek <mtojek@users.noreply.github.com> |
|||
| 36186bbb78 |
feat: include winres metadata in Windows binaries (cherry-pick #16706) (#16742)
cherry picks #16706 to `release/2.20` --------- Co-authored-by: Dean Sheather <dean@deansheather.com> |
|||
| 780b2714ff |
fix(vpn): fail early if wintun.dll is not present (cherry-pick #16707) (#16738)
Cherry-picked fix(vpn): fail early if wintun.dll is not present (#16707) Prevents the VPN startup from hanging for 5 minutes due to a startup backoff if `wintun.dll` cannot be loaded. Because the `wintun` package doesn't expose an easy `Load() error` method for us, the only way for us to force it to load (without unwanted side effects) is through `wintun.Version()` which doesn't return an error message. So, we call that function so the `wintun` package loads the DLL and configures the logging properly, then we try to load the DLL ourselves. `LoadLibraryEx` will not load the library multiple times and returns a reference to the existing library. Closes https://github.com/coder/coder-desktop-windows/issues/24 Co-authored-by: Dean Sheather <dean@deansheather.com> |
|||
| 34740bc242 |
chore: update tailscale (cherry-pick #16737) (#16739)
Cherry-picked chore: update tailscale (#16737) Co-authored-by: Dean Sheather <dean@deansheather.com> |
|||
| a3223397cb | chore: use tighter permissions in e2e workspace tests (#16687) | |||
| b5ff9faa34 |
fix: update create template button styling (#16701)
resolves #16697 Fix styling of create template button for non-premium users to match new template button for premium users. ## Previous behavior With premium license  Without license  |
|||
| 38ad8d1f3a |
feat: add provisioner tags field on template creation (#16656)
Close https://github.com/coder/coder/issues/15426 Demo: https://github.com/user-attachments/assets/a7901908-8714-4a55-8d4f-c27bf7743111 |
|||
| 64984648d3 |
refactor: rollback provisioners page to its previous version (#16699)
There is still some points to be aligned related to provisioners. I'm going to rollback the latest changes until we are more confident on the design changes so we don't block releases. <img width="1512" alt="Screenshot 2025-02-25 at 13 46 35" src="https://github.com/user-attachments/assets/4bb3719c-4659-4442-b7b7-b647a9c0a916" /> |
|||
| 33c9aa0703 |
fix: require permissions to view pages related to organization roles (#16688)
Closes [this issue](https://github.com/coder/internal/issues/393) This PR adds the`<RequirePermissions />` component to the following routes: - _/organizations/\<org\>/roles_ - _/organizations/\<org\>/roles/create_ |
|||
| 98dfc70f31 |
fix(coderd/database): remove linux build tags from db package (#16633)
Remove linux build tags from database package to make sure we can run tests on Mac OS. |
|||
| 763921bc61 | feat: extend OverrideVSCodeConfigs for additional VS Code IDEs (#16654) | |||
| 6acc3a9469 |
docs: update the quickstart page (#16666)
## Changes 1. Update the `0.0.0.0:3001` web UI address to `localhost:3000`. Coder starts on port 3000 by default. It'd use 3001 only if 3000 was already taken. 2. Update the screenshot of the `/setup` page to reflect how it will look like after merging https://github.com/coder/coder/pull/16662. Note: this PR should be merged only after the other one is. 3. Minor phrasing changes. --------- Co-authored-by: EdwardAngert <17991901+EdwardAngert@users.noreply.github.com> |
|||
| d3a56ae3ef |
feat: enable GitHub OAuth2 login by default on new deployments (#16662)
Third and final PR to address https://github.com/coder/coder/issues/16230. This PR enables GitHub OAuth2 login by default on new deployments. Combined with https://github.com/coder/coder/pull/16629, this will allow the first admin user to sign up with GitHub rather than email and password. We take care not to enable the default on deployments that would upgrade to a Coder version with this change. To disable the default provider an admin can set the `CODER_OAUTH2_GITHUB_DEFAULT_PROVIDER` env variable to false. |
|||
| 67d89bb102 |
feat: implement sign up with GitHub for the first user (#16629)
Second PR to address https://github.com/coder/coder/issues/16230. See the issue for more context and discussion. It adds a "Continue with GitHub" button to the `/setup` page, so the deployment's admin can sign up with it. It also removes the "Username" and "Full Name" fields to make signing up with email faster. In the email flow, the username is now auto-generated based on the email, and full name is left empty. <img width="1512" alt="Screenshot 2025-02-21 at 17 51 22" src="https://github.com/user-attachments/assets/e7c6986b-c05e-458b-bb01-c3aea3b74c0e" /> There's a separate, follow up issue to visually align the `/setup` page with the new design system: https://github.com/coder/coder/issues/16653 |
|||
| b419b36ada |
fix: display banner when no matching templates found (#16696)
Fixes: https://github.com/coder/coder/issues/16077 |
|||
| 546d915d32 |
chore: install libgbm-dev to allow headless chrome e2e tests to run (#16695)
Without this lib, Chrome can’t set up its offscreen rendering buffers - apparently. I've validated this manually in my workspace. Signed-off-by: Danny Kopping <danny@coder.com> |
|||
| a2d4b9984e |
fix: hide app icon if not found (#16684)
Fixes: https://github.com/coder/coder/issues/14759 |
|||
| 6bdddd555f |
chore: show server install.sh on cli version mismatch (#16668)
This PR has the CLI show the server's own `install.sh` script if there's
a version mismatch, and if the deployment doesn't have an custom upgrade
message configured.
```
$ coder ls
version mismatch: client {version}, server {version}
download {server_version} with: 'curl -fsSL https://dev.coder.com/install.sh | sh'
[ ... ]
```
|
|||
| 754c5dbaa7 |
chore: bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 (#16690)
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.2 to 4.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-jose/go-jose/releases">github.com/go-jose/go-jose/v4's releases</a>.</em></p> <blockquote> <h2>v4.0.5</h2> <h2>What's Changed</h2> <ul> <li>Don't allow unbounded amounts of splits by <a href="https://github.com/mcpherrinm"><code>@mcpherrinm</code></a> in <a href="https://redirect.github.com/go-jose/go-jose/pull/167">go-jose/go-jose#167</a></li> </ul> <p>Fixes <a href="https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78">https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78</a></p> <p>Various other dependency updates, small fixes, and documentation updates in the full changelog</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/tgeoghegan"><code>@tgeoghegan</code></a> made their first contribution in <a href="https://redirect.github.com/go-jose/go-jose/pull/161">go-jose/go-jose#161</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-jose/go-jose/compare/v4.0.4...v4.0.5">https://github.com/go-jose/go-jose/compare/v4.0.4...v4.0.5</a></p> <h2>Version 4.0.4</h2> <h1>Fixed</h1> <ul> <li>Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See <a href="https://redirect.github.com/go-jose/go-jose/issues/136">#136</a> / <a href="https://redirect.github.com/go-jose/go-jose/issues/137">#137</a>.</li> </ul> <h2>Version 4.0.3</h2> <h2>Changed</h2> <ul> <li>Allow unmarshalling JSONWebKeySets with unsupported key types (<a href="https://redirect.github.com/go-jose/go-jose/issues/130">#130</a>)</li> <li>Document that OpaqueKeyEncrypter can't be implemented (for now) (<a href="https://redirect.github.com/go-jose/go-jose/issues/129">#129</a>)</li> <li>Dependency updates</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md">github.com/go-jose/go-jose/v4's changelog</a>.</em></p> <blockquote> <h1>v4.0.4</h1> <h2>Fixed</h2> <ul> <li>Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See <a href="https://redirect.github.com/go-jose/go-jose/issues/136">#136</a> / <a href="https://redirect.github.com/go-jose/go-jose/issues/137">#137</a>.</li> </ul> <h1>v4.0.3</h1> <h2>Changed</h2> <ul> <li>Allow unmarshalling JSONWebKeySets with unsupported key types (<a href="https://redirect.github.com/go-jose/go-jose/issues/130">#130</a>)</li> <li>Document that OpaqueKeyEncrypter can't be implemented (for now) (<a href="https://redirect.github.com/go-jose/go-jose/issues/129">#129</a>)</li> <li>Dependency updates</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| c8abf58e29 | chore: reduce prominence of Scratch starter and emphasize Docker in UI (#16665) | |||
| 658825cad2 |
feat: add sourcing secondary claims from access_token (#16517)
Niche edge case, assumes access_token is jwt. Some `access_token`s are JWT's with potential useful claims. These claims would be nearly equivalent to `user_info` claims. This is not apart of the oauth spec, so this feature should not be loudly advertised. If using this feature, alternate solutions are preferred. |
|||
| e005e4e51d |
chore: merge provisioner key and provisioner permissions (#16628)
Provisioner key permissions were never any different than provisioners. Merging them for a cleaner permission story until they are required (if ever) to be seperate. This removed `ResourceProvisionerKey` from RBAC and just uses the existing `ResourceProvisioner`. |
|||
| 8f33c6d8d1 |
chore: track users' login methods in telemetry (#16664)
Addresses https://github.com/coder/nexus/issues/191. |
|||
| 546a549dcf |
feat: enable soft delete for organizations (#16584)
- Add deleted column to organizations table - Add trigger to check for existing workspaces, templates, groups and members in a org before allowing the soft delete --------- Co-authored-by: Steven Masley <stevenmasley@gmail.com> Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com> |
|||
| dfa33b11d9 |
chore: run make clean on workspace startup (#16660)
|
|||
| 10326b458c | chore(dogfood): add validation on OOM OOD parameters (#16636) | |||
| 304007b5ea |
feat(agent/agentcontainers): add ContainerEnvInfoer (#16623)
This PR adds an alternative implementation of EnvInfo (https://github.com/coder/coder/pull/16603) that reads information from a running container. --------- Co-authored-by: Mathias Fredriksson <mafredri@gmail.com> |
|||
| ac88c9ba17 |
fix: ensure the web UI doesn't break when license telemetry required check fails (#16667)
Addresses https://github.com/coder/coder/issues/16455. ## Changes - Initialize default entitlements in a Set to include all features - Initialize entitlements' `Warnings` and `Errors` fields to arrays rather than `nil`s. - Minor changes in formatting on the frontend ## Reasoning I had to change how entitlements are initialized to match the `codersdk` [generated types]( |
|||
| bebf2d5eb8 |
docs: update Coder version in Kubernetes doc (#16658)
closes #16570 thanks @Cjkjvfnby ! @matifali I think there is/was an automation, but I'm not sure if it's been dropped. `kubernetes.md` has: ```md <!-- autoversion(mainline): "--version [version]" --> ... <!-- autoversion(stable): "--version [version]" --> ``` ~additionally, I removed the `## Prerequisites` section from `kubernetes-logs.md` because if it's only a requirement for Coder versions earlier than 0.28.0, it's probably more confusing than useful to the majority of readers.~ --------- Co-authored-by: M Atif Ali <atif@coder.com> |
|||
| 64cc193c8e |
chore: bump github.com/muesli/termenv to 0.16.0 (#16682)
Bumps [github.com/muesli/termenv](https://github.com/muesli/termenv) from 0.15.3-0.20240618155329-98d742f6907a to 0.16.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/muesli/termenv/releases">github.com/muesli/termenv's releases</a>.</em></p> <blockquote> <h2>v0.16.0</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump github.com/mattn/go-isatty from 0.0.18 to 0.0.19 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/137">muesli/termenv#137</a></li> <li>build(deps): bump golang.org/x/sys from 0.7.0 to 0.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/142">muesli/termenv#142</a></li> <li>fix(output): export output writer by <a href="https://github.com/aymanbagabas"><code>@aymanbagabas</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/122">muesli/termenv#122</a></li> <li>docs: update alacritty OSC 8 support documentation by <a href="https://github.com/Thesmader"><code>@Thesmader</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/157">muesli/termenv#157</a></li> <li>fix(termenv): prevent hang in Emacs shell by <a href="https://github.com/bard"><code>@bard</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/152">muesli/termenv#152</a></li> <li>feat: ghostty is truecolor by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/161">muesli/termenv#161</a></li> <li>fix: do not use ioutil and other fixes by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/162">muesli/termenv#162</a></li> <li>Use <code>uniseg.StringWidth</code> by <a href="https://github.com/maaslalani"><code>@maaslalani</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/164">muesli/termenv#164</a></li> <li>Add support for building on z/OS by <a href="https://github.com/dustin-ward"><code>@dustin-ward</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/165">muesli/termenv#165</a></li> <li>feat: Profile.Name() by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/163">muesli/termenv#163</a></li> <li>Fix lint comments (godot) by <a href="https://github.com/maaslalani"><code>@maaslalani</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/160">muesli/termenv#160</a></li> <li>feat: mark more term as truecolor by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/171">muesli/termenv#171</a></li> <li>feat: rio is truecolor, xterm is ansi by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/174">muesli/termenv#174</a></li> <li>build(deps): bump golang.org/x/crypto from 0.3.0 to 0.31.0 in /examples/ssh by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/175">muesli/termenv#175</a></li> <li>update deps, fixes lint issues by <a href="https://github.com/caarlos0"><code>@caarlos0</code></a> in <a href="https://redirect.github.com/muesli/termenv/pull/183">muesli/termenv#183</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Thesmader"><code>@Thesmader</code></a> made their first contribution in <a href="https://redirect.github.com/muesli/termenv/pull/157">muesli/termenv#157</a></li> <li><a href="https://github.com/bard"><code>@bard</code></a> made their first contribution in <a href="https://redirect.github.com/muesli/termenv/pull/152">muesli/termenv#152</a></li> <li><a href="https://github.com/maaslalani"><code>@maaslalani</code></a> made their first contribution in <a href="https://redirect.github.com/muesli/termenv/pull/164">muesli/termenv#164</a></li> <li><a href="https://github.com/dustin-ward"><code>@dustin-ward</code></a> made their first contribution in <a href="https://redirect.github.com/muesli/termenv/pull/165">muesli/termenv#165</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/muesli/termenv/compare/v0.15.2...v0.16.0">https://github.com/muesli/termenv/compare/v0.15.2...v0.16.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/muesli/termenv/commits/v0.16.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
|||
| 68c8354bfa |
chore: bump gopkg.in/DataDog/dd-trace-go.v1 from 1.71.0 to 1.72.1 (#16678)
Bumps gopkg.in/DataDog/dd-trace-go.v1 from 1.71.0 to 1.72.1. <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | gopkg.in/DataDog/dd-trace-go.v1 | [>= 1.58.a, < 1.59] | </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
|||
| 3913023692 |
chore: bump github.com/valyala/fasthttp from 1.58.0 to 1.59.0 (#16683)
Bumps [github.com/valyala/fasthttp](https://github.com/valyala/fasthttp) from 1.58.0 to 1.59.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/valyala/fasthttp/releases">github.com/valyala/fasthttp's releases</a>.</em></p> <blockquote> <h2>v1.59.0</h2> <h2>What's Changed</h2> <ul> <li>fix: Method-preserving doRequestFollowRedirects by <a href="https://github.com/prepaser"><code>@prepaser</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1920">valyala/fasthttp#1920</a></li> <li>fix: "identity" has been deprecated <a href="https://redirect.github.com/valyala/fasthttp/issues/1909">#1909</a> by <a href="https://github.com/ksw2000"><code>@ksw2000</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1919">valyala/fasthttp#1919</a></li> <li>Fix parsing of bad urls with # by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1915">valyala/fasthttp#1915</a></li> <li>docs: improve README formatting and section headers by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1925">valyala/fasthttp#1925</a></li> <li>perf: use buf in Args instead of bytebufferpool by <a href="https://github.com/ksw2000"><code>@ksw2000</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1931">valyala/fasthttp#1931</a></li> <li>client: Client {} supports custom Transport by <a href="https://github.com/zhangyongding"><code>@zhangyongding</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1935">valyala/fasthttp#1935</a></li> <li>Migrate valyala/tcplisten to this repo <a href="https://redirect.github.com/valyala/fasthttp/issues/1926">#1926</a> by <a href="https://github.com/ksw2000"><code>@ksw2000</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1929">valyala/fasthttp#1929</a></li> <li>client: Modify some interfaces to be exportable by <a href="https://github.com/zhangyongding"><code>@zhangyongding</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1936">valyala/fasthttp#1936</a></li> <li>Try to fix tests with dial timeouts by <a href="https://github.com/erikdubbelboer"><code>@erikdubbelboer</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1940">valyala/fasthttp#1940</a></li> <li>client: add interfaces for reading clientConn by <a href="https://github.com/zhangyongding"><code>@zhangyongding</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1941">valyala/fasthttp#1941</a></li> <li>Refactor trailer Field for Improved Memory Efficiency and Performance by <a href="https://github.com/ksw2000"><code>@ksw2000</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1928">valyala/fasthttp#1928</a></li> <li>fix: compression priority by <a href="https://github.com/inetol"><code>@inetol</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1950">valyala/fasthttp#1950</a></li> <li>add dummy support for js,wasm by <a href="https://github.com/pjebs"><code>@pjebs</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1955">valyala/fasthttp#1955</a></li> <li>chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1918">valyala/fasthttp#1918</a></li> <li>chore(deps): bump golang.org/x/net from 0.31.0 to 0.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1910">valyala/fasthttp#1910</a></li> <li>chore(deps): bump golang.org/x/net from 0.32.0 to 0.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1927">valyala/fasthttp#1927</a></li> <li>chore(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1932">valyala/fasthttp#1932</a></li> <li>chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.32.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1934">valyala/fasthttp#1934</a></li> <li>chore(deps): bump securego/gosec from 2.21.4 to 2.22.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1937">valyala/fasthttp#1937</a></li> <li>chore(deps): bump golang.org/x/net from 0.33.0 to 0.34.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1933">valyala/fasthttp#1933</a></li> <li>chore(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1947">valyala/fasthttp#1947</a></li> <li>chore(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1951">valyala/fasthttp#1951</a></li> <li>chore(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1952">valyala/fasthttp#1952</a></li> <li>chore(deps): bump securego/gosec from 2.22.0 to 2.22.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/valyala/fasthttp/pull/1956">valyala/fasthttp#1956</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/prepaser"><code>@prepaser</code></a> made their first contribution in <a href="https://redirect.github.com/valyala/fasthttp/pull/1920">valyala/fasthttp#1920</a></li> <li><a href="https://github.com/inetol"><code>@inetol</code></a> made their first contribution in <a href="https://redirect.github.com/valyala/fasthttp/pull/1950">valyala/fasthttp#1950</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/valyala/fasthttp/compare/v1.58.0...v1.59.0">https://github.com/valyala/fasthttp/compare/v1.58.0...v1.59.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 044fd212f5 |
chore: bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#16676)
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.5 to 1.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/releases">github.com/prometheus/client_golang's releases</a>.</em></p> <blockquote> <h2>v1.21.0 / 2025-02-19</h2> <p>⚠️ This release contains potential breaking change if you upgrade <code>github.com/prometheus/common</code> to 0.62+ together with client_golang (and depend on the strict, legacy validation for the label names). New common version <a href="https://redirect.github.com/prometheus/common/pull/724">changes <code>model.NameValidationScheme</code> global variable</a>, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change <code>model.NameValidationScheme</code> to old <code>model.LegacyValidation</code> value in your project <code>init</code> function. ⚠️</p> <ul> <li>[BUGFIX] gocollector: Fix help message for runtime/metric metrics. <a href="https://redirect.github.com/prometheus/client_golang/issues/1583">#1583</a></li> <li>[BUGFIX] prometheus: Fix <code>Desc.String()</code> method for no labels case. <a href="https://redirect.github.com/prometheus/client_golang/issues/1687">#1687</a></li> <li>[PERF] prometheus: Optimize popular <code>prometheus.BuildFQName</code> function; now up to 30% faster. <a href="https://redirect.github.com/prometheus/client_golang/issues/1665">#1665</a></li> <li>[PERF] prometheus: Optimize <code>Inc</code>, <code>Add</code> and <code>Observe</code> cumulative metrics; now up to 50% faster under high concurrent contention. <a href="https://redirect.github.com/prometheus/client_golang/issues/1661">#1661</a></li> <li>[CHANGE] Upgrade prometheus/common to 0.62.0 which changes <code>model.NameValidationScheme</code> global variable. <a href="https://redirect.github.com/prometheus/client_golang/issues/1712">#1712</a></li> <li>[CHANGE] Add support for Go 1.23. <a href="https://redirect.github.com/prometheus/client_golang/issues/1602">#1602</a></li> <li>[FEATURE] process_collector: Add support for Darwin systems. <a href="https://redirect.github.com/prometheus/client_golang/issues/1600">#1600</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1616">#1616</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1625">#1625</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1675">#1675</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1715">#1715</a></li> <li>[FEATURE] api: Add ability to invoke <code>CloseIdleConnections</code> on api.Client using <code>api.Client.(CloseIdler).CloseIdleConnections()</code> casting. <a href="https://redirect.github.com/prometheus/client_golang/issues/1513">#1513</a></li> <li>[FEATURE] promhttp: Add <code>promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples</code> option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). <a href="https://redirect.github.com/prometheus/client_golang/issues/1408">#1408</a></li> <li>[FEATURE] prometheus: Add <code>NewConstNativeHistogram</code> function. <a href="https://redirect.github.com/prometheus/client_golang/issues/1654">#1654</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md">github.com/prometheus/client_golang's changelog</a>.</em></p> <blockquote> <h2>1.21.0 / 2025-02-17</h2> <p>⚠️ This release contains potential breaking change if you upgrade <code>github.com/prometheus/common</code> to 0.62+ together with client_golang. ⚠️</p> <p>New common version <a href="https://redirect.github.com/prometheus/common/pull/724">changes <code>model.NameValidationScheme</code> global variable</a>, which relaxes the validation of label names and metric name, allowing all UTF-8 characters. Typically, this should not break any user, unless your test or usage expects strict certain names to panic/fail on client_golang metric registration, gathering or scrape. In case of problems change <code>model.NameValidationScheme</code> to old <code>model.LegacyValidation</code> value in your project <code>init</code> function.</p> <ul> <li>[BUGFIX] gocollector: Fix help message for runtime/metric metrics. <a href="https://redirect.github.com/prometheus/client_golang/issues/1583">#1583</a></li> <li>[BUGFIX] prometheus: Fix <code>Desc.String()</code> method for no labels case. <a href="https://redirect.github.com/prometheus/client_golang/issues/1687">#1687</a></li> <li>[ENHANCEMENT] prometheus: Optimize popular <code>prometheus.BuildFQName</code> function; now up to 30% faster. <a href="https://redirect.github.com/prometheus/client_golang/issues/1665">#1665</a></li> <li>[ENHANCEMENT] prometheus: Optimize <code>Inc</code>, <code>Add</code> and <code>Observe</code> cumulative metrics; now up to 50% faster under high concurrent contention. <a href="https://redirect.github.com/prometheus/client_golang/issues/1661">#1661</a></li> <li>[CHANGE] Upgrade prometheus/common to 0.62.0 which changes <code>model.NameValidationScheme</code> global variable. <a href="https://redirect.github.com/prometheus/client_golang/issues/1712">#1712</a></li> <li>[CHANGE] Add support for Go 1.23. <a href="https://redirect.github.com/prometheus/client_golang/issues/1602">#1602</a></li> <li>[FEATURE] process_collector: Add support for Darwin systems. <a href="https://redirect.github.com/prometheus/client_golang/issues/1600">#1600</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1616">#1616</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1625">#1625</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1675">#1675</a> <a href="https://redirect.github.com/prometheus/client_golang/issues/1715">#1715</a></li> <li>[FEATURE] api: Add ability to invoke <code>CloseIdleConnections</code> on api.Client using <code>api.Client.(CloseIdler).CloseIdleConnections()</code> casting. <a href="https://redirect.github.com/prometheus/client_golang/issues/1513">#1513</a></li> <li>[FEATURE] promhttp: Add <code>promhttp.HandlerOpts.EnableOpenMetricsTextCreatedSamples</code> option to create OpenMetrics _created lines. Not recommended unless you want to use opt-in Created Timestamp feature. Community works on OpenMetrics 2.0 format that should make those lines obsolete (they increase cardinality significantly). <a href="https://redirect.github.com/prometheus/client_golang/issues/1408">#1408</a></li> <li>[FEATURE] prometheus: Add <code>NewConstNativeHistogram</code> function. <a href="https://redirect.github.com/prometheus/client_golang/issues/1654">#1654</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| b66f3fe8cb |
chore: bump github.com/google/go-cmp from 0.6.0 to 0.7.0 (#16677)
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.6.0 to 0.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/go-cmp/releases">github.com/google/go-cmp's releases</a>.</em></p> <blockquote> <h2>v0.7.0</h2> <p>New API:</p> <ul> <li>(<a href="https://redirect.github.com/google/go-cmp/issues/367">#367</a>) Support compare functions with SortSlices and SortMaps</li> </ul> <p>Panic messaging:</p> <ul> <li>(<a href="https://redirect.github.com/google/go-cmp/issues/370">#370</a>) Detect proto.Message types when failing to export a field</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| fd8aa4f565 |
chore: bump github.com/klauspost/compress from 1.17.11 to 1.18.0 (#16675)
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.11 to 1.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/klauspost/compress/releases">github.com/klauspost/compress's releases</a>.</em></p> <blockquote> <h2>v1.18.0</h2> <h2>What's Changed</h2> <ul> <li>Deprecate Go 1.21 and add 1.24 by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1055">klauspost/compress#1055</a></li> <li>Add unsafe little endian loaders by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1036">klauspost/compress#1036</a></li> <li>fix: check <code>r.err != nil</code> but return a nil value error <code>err</code> by <a href="https://github.com/alingse"><code>@alingse</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1028">klauspost/compress#1028</a></li> <li>refactor: use built-in <code>min</code> function by <a href="https://github.com/Juneezee"><code>@Juneezee</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1038">klauspost/compress#1038</a></li> <li>zstd: use <code>slices.Max</code> for max value in slice by <a href="https://github.com/Juneezee"><code>@Juneezee</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1041">klauspost/compress#1041</a></li> <li>flate: Simplify L4-6 loading by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1043">klauspost/compress#1043</a></li> <li>flate: Simplify matchlen (remove asm) by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1045">klauspost/compress#1045</a></li> <li>s2: Add block decode fuzzer by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1044">klauspost/compress#1044</a></li> <li>s2: Improve small block compression speed w/o asm by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1048">klauspost/compress#1048</a></li> <li>flate: Fix matchlen L5+L6 by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1049">klauspost/compress#1049</a></li> <li>flate: Cleanup & reduce casts by <a href="https://github.com/klauspost"><code>@klauspost</code></a> in <a href="https://redirect.github.com/klauspost/compress/pull/1050">klauspost/compress#1050</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/tcpdumppy"><code>@tcpdumppy</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1021">klauspost/compress#1021</a></li> <li><a href="https://github.com/sam9291"><code>@sam9291</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1022">klauspost/compress#1022</a></li> <li><a href="https://github.com/dezza"><code>@dezza</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1023">klauspost/compress#1023</a></li> <li><a href="https://github.com/alingse"><code>@alingse</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1028">klauspost/compress#1028</a></li> <li><a href="https://github.com/hyunsooda"><code>@hyunsooda</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1031">klauspost/compress#1031</a></li> <li><a href="https://github.com/Juneezee"><code>@Juneezee</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1038">klauspost/compress#1038</a></li> <li><a href="https://github.com/Bbulatov"><code>@Bbulatov</code></a> made their first contribution in <a href="https://redirect.github.com/klauspost/compress/pull/1052">klauspost/compress#1052</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/klauspost/compress/compare/v1.17.11...v1.18.0">https://github.com/klauspost/compress/compare/v1.17.11...v1.18.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| 4842bed0b7 |
chore: bump github.com/moby/moby from 27.5.0+incompatible to 28.0.0+incompatible (#16674)
Bumps [github.com/moby/moby](https://github.com/moby/moby) from 27.5.0+incompatible to 28.0.0+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/moby/moby/releases">github.com/moby/moby's releases</a>.</em></p> <blockquote> <h2>v28.0.0</h2> <h1>28.0.0</h1> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.0.0">docker/cli, 28.0.0 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.0.0">moby/moby, 28.0.0 milestone</a></li> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v28.0.0/docs/deprecated.md">Deprecated Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v28.0.0/docs/api/version-history.md">API version history</a>.</li> </ul> <h2>New</h2> <ul> <li>Add ability to mount an image inside a container via <code>--mount type=image</code>. <a href="https://redirect.github.com/moby/moby/pull/48798">moby/moby#48798</a> <ul> <li>You can also specify <code>--mount type=image,image-subpath=[subpath],...</code> option to mount a specific path from the image. <a href="https://redirect.github.com/docker/cli/pull/5755">docker/cli#5755</a></li> </ul> </li> <li><code>docker images --tree</code> now shows metadata badges. <a href="https://redirect.github.com/docker/cli/pull/5744">docker/cli#5744</a></li> <li><code>docker load</code>, <code>docker save</code>, and <code>docker history</code> now support a <code>--platform</code> flag allowing you to choose a specific platform for single-platform operations on multi-platform images. <a href="https://redirect.github.com/docker/cli/pull/5331">docker/cli#5331</a></li> <li>Add <code>OOMScoreAdj</code> to <code>docker service create</code> and <code>docker stack</code>. <a href="https://redirect.github.com/docker/cli/pull/5145">docker/cli#5145</a></li> <li><code>docker buildx prune</code> now supports <code>reserved-space</code>, <code>max-used-space</code>, <code>min-free-space</code> and <code>keep-bytes</code> filters. <a href="https://redirect.github.com/moby/moby/pull/48720">moby/moby#48720</a></li> <li>Windows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. <a href="https://redirect.github.com/moby/moby/pull/47955">moby/moby#47955</a></li> </ul> <h2>Networking</h2> <ul> <li>The <code>docker-proxy</code> binary has been updated, older versions will not work with the updated <code>dockerd</code>. <a href="https://redirect.github.com/moby/moby/pull/48132">moby/moby#48132</a> <ul> <li>Close a window in which the userland proxy (<code>docker-proxy</code>) could accept TCP connections, that would then fail after <code>iptables</code> NAT rules were set up.</li> <li>The executable <code>rootlesskit-docker-proxy</code> is no longer used, it has been removed from the build and distribution.</li> </ul> </li> <li>DNS nameservers read from the host's <code>/etc/resolv.conf</code> are now always accessed from the host's network namespace. <a href="https://redirect.github.com/moby/moby/pull/48290">moby/moby#48290</a> <ul> <li>When the host's <code>/etc/resolv.conf</code> contains no nameservers and there are no <code>--dns</code> overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.</li> </ul> </li> <li>Container interfaces in bridge and macvlan networks now use randomly generated MAC addresses. <a href="https://redirect.github.com/moby/moby/pull/48808">moby/moby#48808</a> <ul> <li>Gratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.</li> <li>IPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.</li> </ul> </li> <li>The deprecated OCI <code>prestart</code> hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. <a href="https://redirect.github.com/moby/moby/pull/47406">moby/moby#47406</a></li> <li>Add a new <code>gw-priority</code> option to <code>docker run</code>, <code>docker container create</code>, and <code>docker network connect</code>. This option will be used by the Engine to determine which network provides the default gateway for a container. On <code>docker run</code>, this option is only available through the extended <code>--network</code> syntax. <a href="https://redirect.github.com/docker/cli/pull/5664">docker/cli#5664</a></li> <li>Add a new netlabel <code>com.docker.network.endpoint.ifname</code> to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. <a href="https://redirect.github.com/moby/moby/pull/49155">moby/moby#49155</a> <ul> <li>When a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example <code>eth</code>, the container might fail to start.</li> <li>The recommended practice is to use a different prefix, for example <code>en0</code>, or a numerical suffix high enough to never collide, for example <code>eth100</code>.</li> <li>This label can be specified on <code>docker network connect</code> via the <code>--driver-opt</code> flag, for example <code>docker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar …</code>.</li> <li>Or via the long-form <code>--network</code> flag on <code>docker run</code>, for example <code>docker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …</code></li> </ul> </li> <li>If a custom network driver reports capability <code>GwAllocChecker</code> then, before a network is created, it will get a <code>GwAllocCheckerRequest</code> with the network's options. The custom driver may then reply that no gateway IP address should be allocated. <a href="https://redirect.github.com/moby/moby/pull/49372">moby/moby#49372</a></li> </ul> <h2>Port publishing in bridge networks</h2> <ul> <li><code>dockerd</code> now requires <code>ipset</code> support in the Linux kernel. <a href="https://redirect.github.com/moby/moby/pull/48596">moby/moby#48596</a> <ul> <li>The <code>iptables</code> and <code>ip6tables</code> rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native <code>nftables</code> support in a future release. <a href="https://redirect.github.com/moby/moby/issues/48815">moby/moby#48815</a></li> <li>If it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use <code>iptables -F</code> and <code>ip6tables -F</code> to flush all existing <code>iptables</code> rules from the <code>filter</code> table before starting the older version of the daemon. When that is not possible, run the following commands as root: <ul> <li><code>iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT</code></li> <li><code>iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER</code></li> <li>If you were previously running with the iptables filter-FORWARD policy set to <code>ACCEPT</code> and need to restore access to unpublished ports, also delete per-bridge-network rules from the <code>DOCKER</code> chains. For example, <code>iptables -D DOCKER ! -i docker0 -o docker0 -j DROP</code>.</li> </ul> </li> </ul> </li> <li>Fix a security issue that was allowing remote hosts to connect directly to a container on its published ports. <a href="https://redirect.github.com/moby/moby/pull/49325">moby/moby#49325</a></li> <li>Fix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. <a href="https://redirect.github.com/moby/moby/pull/49325">moby/moby#49325</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|||
| ab5c9f7e0c |
fix: display notification on schedule update (#16672)
Fixes: https://github.com/coder/coder/issues/15214 |
