Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
build(deps): bump github.com/docker/docker from 26.1.4+incompatible t…
…o 27.0.1+incompatible (#996) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.4+incompatible to 27.0.1+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v27.0.1</h2> <h2>27.0.1</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A27.0.0">docker/cli, 27.0.0 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A27.0.0">moby/moby, 27.0.0 milestone</a></li> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v27.0.1/docs/deprecated.md">Deprecated Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v27.0.1/docs/api/version-history.md">API version history</a>.</li> </ul> <h3>New</h3> <ul> <li>containerd image store: Add <code>--platform</code> flag to <code>docker image push</code> and improve the default behavior when not all platforms of the multi-platform image are available locally. <a href="https://redirect.github.com/docker/cli/pull/4984">docker/cli#4984</a>, <a href="https://redirect.github.com/moby/moby/pull/47679">moby/moby#47679</a></li> <li>Add support to <code>docker stack deploy</code> for <code>driver_opts</code> in a service's networks. <a href="https://redirect.github.com/docker/cli/pull/5125">docker/cli#5125</a></li> <li>Consider additional <code>/usr/local/libexec</code> and <code>/usr/libexec</code> paths when looking up the userland proxy binaries by a name with a <code>docker-</code> prefix. <a href="https://redirect.github.com/moby/moby/pull/47804">moby/moby#47804</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li><code>*client.Client</code> instances are now always safe for concurrent use by multiple goroutines. Previously, this could lead to data races when the <code>WithAPIVersionNegotiation()</code> option is used. <a href="https://redirect.github.com/moby/moby/pull/47961">moby/moby#47961</a></li> <li>Fix a bug causing the Docker CLI to leak Unix sockets in <code>$TMPDIR</code> in some cases. <a href="https://redirect.github.com/docker/cli/pull/5146">docker/cli#5146</a></li> <li>Don't ignore a custom seccomp profile when used in conjunction with <code>--privileged</code>. <a href="https://redirect.github.com/moby/moby/pull/47500">moby/moby#47500</a></li> <li>rootless: overlay2: support native overlay diff when using rootless-mode with Linux kernel version 5.11 and later. <a href="https://redirect.github.com/moby/moby/pull/47605">moby/moby#47605</a></li> <li>Fix the <code>StartInterval</code> default value of healthcheck to reflect the documented value of 5s. <a href="https://redirect.github.com/moby/moby/pull/47799">moby/moby#47799</a></li> <li>Fix <code>docker save</code> and <code>docker load</code> not ending on the daemon side when the operation was cancelled by the user, for example with <!-- raw HTML omitted -->Ctrl+C<!-- raw HTML omitted -->. <a href="https://redirect.github.com/moby/moby/pull/47629">moby/moby#47629</a></li> <li>The <code>StartedAt</code> property of containers is now recorded before container startup, guaranteeing that the <code>StartedAt</code> is always before <code>FinishedAt</code>. <a href="https://redirect.github.com/moby/moby/pull/47003">moby/moby#47003</a></li> <li>The internal DNS resolver used by Windows containers on Windows now forwards requests to external DNS servers by default. This enables <code>nslookup</code> to resolve external hostnames. This behaviour can be disabled via <code>daemon.json</code>, using <code>"features": { "windows-dns-proxy": false }</code>. The configuration option will be removed in a future release. <a href="https://redirect.github.com/moby/moby/pull/47826">moby/moby#47826</a></li> <li>Print a warning when the CLI does not have permissions to read the configuration file. <a href="https://redirect.github.com/docker/cli/pull/5077">docker/cli#5077</a></li> <li>Fix a goroutine and file-descriptor leak on container attach. <a href="https://redirect.github.com/moby/moby/pull/45052">moby/moby#45052</a></li> <li>Clear the networking state of all stopped or dead containers during daemon start-up. <a href="https://redirect.github.com/moby/moby/pull/47984">moby/moby#47984</a></li> <li>Write volume options JSON atomically to avoid "invalid JSON" errors after system crash. <a href="https://redirect.github.com/moby/moby/pull/48034">moby/moby#48034</a></li> <li>Allow multiple macvlan networks with the same parent. <a href="https://redirect.github.com/moby/moby/pull/47318">moby/moby#47318</a></li> <li>Allow BuildKit to be used on Windows daemons that advertise it. <a href="https://redirect.github.com/docker/cli/pull/5178">docker/cli#5178</a></li> </ul> <h3>Networking</h3> <ul> <li>Allow sysctls to be set per-interface during container creation and network connection. <a href="https://redirect.github.com/moby/moby/pull/47686">moby/moby#47686</a> <ul> <li>In a future release, this will be the only way to set per-interface sysctl options. For example, on the command line in a <code>docker run</code> command,<code>--network mynet --sysctl net.ipv4.conf.eth0.log_martians=1</code> will be rejected. Instead, you must use <code>--network name=mynet,driver-opt=com.docker.network.endpoint.sysctls=net.ipv4.conf.IFNAME.log_martians=1</code>.</li> </ul> </li> </ul> <h4>IPv6</h4> <ul> <li><code>ip6tables</code> is no longer experimental. You may remove the <code>experimental</code> configuration option and continue to use IPv6, if it is not required by any other features.</li> <li><code>ip6tables</code> is now enabled for Linux bridge networks by default. <a href="https://redirect.github.com/moby/moby/pull/47747">moby/moby#47747</a> <ul> <li>This makes IPv4 and IPv6 behaviors consistent with each other, and reduces the risk that IPv6-enabled containers are inadvertently exposed to the network.</li> <li>There is no impact if you are running Docker Engine with <code>ip6tables</code> enabled (new default).</li> <li>If you are using an IPv6-enabled bridge network without <code>ip6tables</code>, this is likely a breaking change. Only published container ports (<code>-p</code> or <code>--publish</code>) are accessible from outside the Docker bridge network, and outgoing connections masquerade as the host.</li> <li>To restore the behavior of earlier releases, no <code>ip6tables</code> at all, set <code>"ip6tables": false</code> in <code>daemon.json</code>, or use the CLI option <code>--ip6tables=false</code>. Alternatively, leave <code>ip6tables</code> enabled, publish ports, and enable direct routing.</li> <li>With <code>ip6tables</code> enabled, if <code>ip6tables</code> is not functional on your host, Docker Engine will start but it will not be possible to create an IPv6-enabled network.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/ff1e2c0de72a1bbbe4cdbe1558da57d327899df5"><code>ff1e2c0</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/48050">#48050</a> from thaJeztah/deprecate_graphdriver_plugins</li> <li><a href="https://github.com/moby/moby/commit/6da604aa6a74ab770207932b3cbc3d009c3ae25f"><code>6da604a</code></a> deprecate experimental Graphdriver plugins, and disable by default</li> <li><a href="https://github.com/moby/moby/commit/81b202797920d5b52ffd960f344f62cb25ebab71"><code>81b2027</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/48049">#48049</a> from thaJeztah/fix_swagger_tmpfsopts</li> <li><a href="https://github.com/moby/moby/commit/97f6a9d005fa3389ae2cea198fa2f4c850876a95"><code>97f6a9d</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/48045">#48045</a> from thaJeztah/bump_ttrpc_1.2.5</li> <li><a href="https://github.com/moby/moby/commit/3aace758b92ac82313dacd4c5270057544f1c938"><code>3aace75</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/48046">#48046</a> from thaJeztah/daemon_no_logrus</li> <li><a href="https://github.com/moby/moby/commit/ce5571f343d89c9338d4dd589b16d7cfd4ff0df0"><code>ce5571f</code></a> api: swagger: fix definition of TmpFsOptions (API v1.46)</li> <li><a href="https://github.com/moby/moby/commit/a9ab04603ea0271d0faf0a25de3a6357c68d3002"><code>a9ab046</code></a> cmd/dockerd: initMiddlewares: use containerd/logs</li> <li><a href="https://github.com/moby/moby/commit/418eed6e4e1a453f9779ad5407b26dbedace83be"><code>418eed6</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/47804">#47804</a> from cpuguy83/more_paths_docker_proxy</li> <li><a href="https://github.com/moby/moby/commit/e355e1001111ae4681efa2188a3fc1f9653d90fb"><code>e355e10</code></a> vendor: github.com/containerd/ttrpc v1.2.5</li> <li><a href="https://github.com/moby/moby/commit/f8c088be055b72e58005ef9e56cf4f4008bbc5dd"><code>f8c088b</code></a> Lookup docker-proxy in libexec paths</li> <li>Additional commits viewable in <a href="https://github.com/docker/docker/compare/v26.1.4...v27.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
94b24d6
commit 1f68260