containerd

Author	SHA1	Message	Date
Jaroslav Jindrak	9d328410a5	shim: Create pid-file with 0644 permissions Fixes ae7021300 In ae7021300 the WritePidFile and WriteAddress functions were changed to use AtomicFile instead of os.CreateFile. However, AtomicFile creates a temporary file and then changes its permissions with os.Chmod which alters the previously observed behavior of os.CreateFile which takes the system's umask into account. This means that on Linux-based systems these files suddenly became world writable (#9363). The address file has since been removed, but pid-file was still created as world writable. This commit explicitly requests 0644 permissions as even on systems without default umask of 0022 there is no reason to have these two files world writable. Signed-off-by: Jaroslav Jindrak <dzejrou@gmail.com>	2023-12-23 21:42:51 +01:00
Phil Estes	e5e7f613cf	Merge pull request #9514 from containerd/dependabot/github_actions/actions/upload-artifact-3 build(deps): bump actions/upload-artifact from 1 to 3	2023-12-14 14:56:55 +00:00
Phil Estes	aaf41a827a	Merge pull request #9533 from containerd/dependabot/github_actions/docker/setup-buildx-action-3 build(deps): bump docker/setup-buildx-action from 2 to 3	2023-12-14 14:56:23 +00:00
Phil Estes	ee881146f0	Merge pull request #9534 from containerd/dependabot/github_actions/github/codeql-action-3 build(deps): bump github/codeql-action from 2 to 3	2023-12-14 14:55:52 +00:00
Phil Estes	14e851ecc7	Merge pull request #9538 from containerd/dependabot/go_modules/github.com/Microsoft/hcsshim-0.12.0-rc.1 build(deps): bump github.com/Microsoft/hcsshim from 0.12.0-rc.0 to 0.12.0-rc.1	2023-12-14 14:55:21 +00:00
dependabot[bot]	1c96087ce7	build(deps): bump github.com/Microsoft/hcsshim Bumps [github.com/Microsoft/hcsshim](https://github.com/Microsoft/hcsshim) from 0.12.0-rc.0 to 0.12.0-rc.1. - [Release notes](https://github.com/Microsoft/hcsshim/releases) - [Commits](https://github.com/Microsoft/hcsshim/compare/v0.12.0-rc.0...v0.12.0-rc.1) --- updated-dependencies: - dependency-name: github.com/Microsoft/hcsshim dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-14 03:37:06 +00:00
dependabot[bot]	f9303d04de	build(deps): bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-14 03:34:30 +00:00
dependabot[bot]	4c1ebe33bd	build(deps): bump docker/setup-buildx-action from 2 to 3 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-14 03:34:15 +00:00
Fu Wei	a901236bf0	Merge pull request #9532 from AkihiroSuda/dependabot dependabot: enable groups	2023-12-14 02:58:39 +00:00
Akihiro Suda	98796a4da8	Merge pull request #9526 from containerd/dependabot/go_modules/github.com/moby/sys/mountinfo-0.7.1 build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1	2023-12-14 00:52:13 +00:00
Akihiro Suda	51fd1d47e6	dependabot: enable groups See https://github.blog/changelog/2023-06-30-grouped-version-updates-for-dependabot-public-beta/ Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-12-14 09:38:44 +09:00
Akihiro Suda	2196327f55	Merge pull request #9525 from containerd/dependabot/go_modules/k8s.io/component-base-0.28.4 build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4	2023-12-13 22:59:43 +00:00
dependabot[bot]	4a71a93604	build(deps): bump github.com/moby/sys/mountinfo from 0.6.2 to 0.7.1 Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys) from 0.6.2 to 0.7.1. - [Release notes](https://github.com/moby/sys/releases) - [Commits](https://github.com/moby/sys/compare/mountinfo/v0.6.2...mountinfo/v0.7.1) --- updated-dependencies: - dependency-name: github.com/moby/sys/mountinfo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 17:40:31 +00:00
Akihiro Suda	ff6324c953	Merge pull request #9527 from containerd/dependabot/go_modules/golang.org/x/mod-0.14.0 build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0	2023-12-13 16:50:40 +00:00
Phil Estes	73167c07a7	Merge pull request #9523 from containerd/dependabot/go_modules/github.com/klauspost/compress-1.17.4 build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4	2023-12-13 16:42:38 +00:00
dependabot[bot]	344fe957f4	build(deps): bump golang.org/x/mod from 0.13.0 to 0.14.0 Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.13.0 to 0.14.0. - [Commits](https://github.com/golang/mod/compare/v0.13.0...v0.14.0) --- updated-dependencies: - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 16:14:48 +00:00
Akihiro Suda	308839d23a	Merge pull request #9521 from containerd/dependabot/go_modules/golang.org/x/sync-0.5.0 build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0	2023-12-13 15:07:04 +00:00
Phil Estes	565cc91657	Merge pull request #9494 from rumpl/fix-append-additonal-groups WithAppendAdditionalGroups: better /etc/group handling	2023-12-13 14:59:58 +00:00
Fu Wei	9f17ed6771	Merge pull request #9522 from containerd/dependabot/go_modules/go.etcd.io/bbolt-1.3.8 build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8	2023-12-13 13:50:01 +00:00
Akihiro Suda	614395ce65	Merge pull request #9513 from containerd/dependabot/github_actions/ossf/scorecard-action-2.3.1 build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1	2023-12-13 12:33:03 +00:00
Akihiro Suda	93e3a50420	Merge pull request #9511 from containerd/dependabot/github_actions/google-github-actions/auth-2 build(deps): bump google-github-actions/auth from 0 to 2	2023-12-13 05:52:48 +00:00
Akihiro Suda	47b18765b2	Merge pull request #9509 from containerd/dependabot/github_actions/google-github-actions/upload-cloud-storage-1.0.3 build(deps): bump google-github-actions/upload-cloud-storage from 0.10.4 to 1.0.3	2023-12-13 05:12:31 +00:00
Akihiro Suda	e66b912048	Merge pull request #9517 from containerd/dependabot/github_actions/actions/stale-9 build(deps): bump actions/stale from 8 to 9	2023-12-13 05:11:26 +00:00
Akihiro Suda	fd163893bc	Merge pull request #9512 from containerd/dependabot/github_actions/crazy-max/ghaction-github-runtime-3 build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3	2023-12-13 05:01:40 +00:00
Akihiro Suda	43bcea89a7	Merge pull request #9515 from containerd/dependabot/github_actions/actions/github-script-7 build(deps): bump actions/github-script from 6 to 7	2023-12-13 04:46:10 +00:00
Akihiro Suda	d9eeec3bd0	Merge pull request #9516 from containerd/dependabot/github_actions/docker/login-action-3 build(deps): bump docker/login-action from 2 to 3	2023-12-13 04:45:49 +00:00
Akihiro Suda	32ad372706	Merge pull request #9510 from containerd/dependabot/github_actions/actions/setup-go-5 build(deps): bump actions/setup-go from 3 to 5	2023-12-13 04:14:25 +00:00
Akihiro Suda	5f38d64f2a	Merge pull request #9508 from containerd/dependabot/github_actions/actions/checkout-4 build(deps): bump actions/checkout from 3 to 4	2023-12-13 03:52:59 +00:00
dependabot[bot]	6726a2aebf	build(deps): bump k8s.io/component-base from 0.28.2 to 0.28.4 Bumps [k8s.io/component-base](https://github.com/kubernetes/component-base) from 0.28.2 to 0.28.4. - [Commits](https://github.com/kubernetes/component-base/compare/v0.28.2...v0.28.4) --- updated-dependencies: - dependency-name: k8s.io/component-base dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:26:34 +00:00
dependabot[bot]	0c98f10631	build(deps): bump github.com/klauspost/compress from 1.17.2 to 1.17.4 Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.2 to 1.17.4. - [Release notes](https://github.com/klauspost/compress/releases) - [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml) - [Commits](https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4) --- updated-dependencies: - dependency-name: github.com/klauspost/compress dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:25:20 +00:00
dependabot[bot]	39ba0347ee	build(deps): bump go.etcd.io/bbolt from 1.3.7 to 1.3.8 Bumps [go.etcd.io/bbolt](https://github.com/etcd-io/bbolt) from 1.3.7 to 1.3.8. - [Release notes](https://github.com/etcd-io/bbolt/releases) - [Commits](https://github.com/etcd-io/bbolt/compare/v1.3.7...v1.3.8) --- updated-dependencies: - dependency-name: go.etcd.io/bbolt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:24:42 +00:00
dependabot[bot]	db43e3d1f7	build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0. - [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:24:20 +00:00
dependabot[bot]	4660090baf	build(deps): bump actions/stale from 8 to 9 Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:21:03 +00:00
dependabot[bot]	ace8ab1bd6	build(deps): bump docker/login-action from 2 to 3 Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:21:01 +00:00
dependabot[bot]	0b94716e82	build(deps): bump actions/github-script from 6 to 7 Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:55 +00:00
dependabot[bot]	9133ad811d	build(deps): bump actions/upload-artifact from 1 to 3 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 1 to 3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v1...v3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:47 +00:00
dependabot[bot]	c1823a7c6b	build(deps): bump ossf/scorecard-action from 2.0.3 to 2.3.1 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.3 to 2.3.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`865b409285...0864cf1902`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:41 +00:00
dependabot[bot]	36b12cbcbb	build(deps): bump crazy-max/ghaction-github-runtime from 2 to 3 Bumps [crazy-max/ghaction-github-runtime](https://github.com/crazy-max/ghaction-github-runtime) from 2 to 3. - [Release notes](https://github.com/crazy-max/ghaction-github-runtime/releases) - [Commits](https://github.com/crazy-max/ghaction-github-runtime/compare/v2...v3) --- updated-dependencies: - dependency-name: crazy-max/ghaction-github-runtime dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:36 +00:00
dependabot[bot]	dc5a6cfaef	build(deps): bump google-github-actions/auth from 0 to 2 Bumps [google-github-actions/auth](https://github.com/google-github-actions/auth) from 0 to 2. - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](https://github.com/google-github-actions/auth/compare/v0...v2) --- updated-dependencies: - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:31 +00:00
dependabot[bot]	f6a9c69665	build(deps): bump actions/setup-go from 3 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v3...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:26 +00:00
dependabot[bot]	e27ea7d1ad	build(deps): bump google-github-actions/upload-cloud-storage Bumps [google-github-actions/upload-cloud-storage](https://github.com/google-github-actions/upload-cloud-storage) from 0.10.4 to 1.0.3. - [Release notes](https://github.com/google-github-actions/upload-cloud-storage/releases) - [Changelog](https://github.com/google-github-actions/upload-cloud-storage/blob/main/CHANGELOG.md) - [Commits](https://github.com/google-github-actions/upload-cloud-storage/compare/v0.10.4...v1.0.3) --- updated-dependencies: - dependency-name: google-github-actions/upload-cloud-storage dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:20 +00:00
dependabot[bot]	3ca95282ea	build(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-12-13 00:20:14 +00:00
Derek McGowan	c0e94bc9a8	Merge pull request #9492 from kiashok/moveCriConfig Move GenerateRuntimeOptions() to pkg/cri/config	2023-12-13 00:13:46 +00:00
Maksym Pavlenko	8f1479132f	Merge pull request #9504 from AkihiroSuda/dependabot CI: enable dependabot	2023-12-12 23:41:52 +00:00
Samuel Karp	edcbc508b6	Merge pull request #9496 from mxpv/links Add nighly job to verify doc links (and fix broken links)	2023-12-12 23:04:50 +00:00
Phil Estes	35c125b2dd	Merge pull request #9503 from ktock/go-toml-2.1.1 go.mod: Bump up github.com/pelletier/go-toml to v2.1.1	2023-12-12 21:25:14 +00:00
Derek McGowan	1feb23465f	Merge pull request #9401 from fuweid/v2-mode *: introduce image_pull_with_sync_fs in CRI	2023-12-12 14:34:44 +00:00
Djordje Lukic	1398186ca7	WithAppendAdditionalGroups: better /etc/group handling Scratch images don't necessarily have the /etc/group file, so we shouldn't fail if opening/parsing it is not needed: if all the group to add are numeric. Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>	2023-12-12 15:24:41 +01:00
Akihiro Suda	5a140dca5e	CI: enable dependabot Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2023-12-12 18:46:07 +09:00
Kohei Tokunaga	c1197995b9	go.mod: Bump up github.com/pelletier/go-toml to v2.1.1 Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>	2023-12-12 14:28:55 +09:00

1 2 3 4 5 ...

13168 Commits