Aleksa Sarai
b9df996b68
deps: update to github.com/opencontainers/selinux@v0.13.0
...
This new version includes the fixes for CVE-2025-52881, so we can remove
the internal/third_party copy of the library we added in commit
ed6b1693b8 ("selinux: use safe procfs API for labels") as well as the
"replace" directive in go.mod (which is problematic for "go get"
installs).
Fixes: ed6b1693b8 ("selinux: use safe procfs API for labels")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
(cherry picked from commit 96f1962f91 )
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-08 02:18:50 +11:00
Aleksa Sarai
aca52c4690
openat2: improve resilience on busy systems
...
Previously, we would see a ~3% failure rate when starting containers
with mounts that contain ".." (which can trigger -EAGAIN). To counteract
this, filepath-securejoin v0.5.1 includes a bump of the internal retry
limit from 32 to 128, which lowers the failure rate to 0.12%.
However, there is still a risk of spurious failure on regular systems.
In order to try to provide more resilience (while avoiding DoS attacks),
this patch also includes an additional retry loop that terminates based
on a deadline rather than retry count. The deadline is 2ms, as my
testing found that ~800us for a single pathrs operation was the longest
latency due to -EAGAIN retries, and that was an outlier compared to the
more common ~400us latencies -- so 2ms should be more than enough for
any real system.
The failure rates above were based on more 50k runs of runc with an
attack script (from libpathrs) running a rename attack on all cores of a
16-core system, which is arguably a worst-case but heavily utilised
servers could likely approach similar results.
Tested-by: Phil Estes <estesp@gmail.com >
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-11-05 19:54:30 +11:00
Aleksa Sarai
2c5356e73f
selinux: use safe procfs API for labels
...
Due to the sensitive nature of these fixes, it was not possible to
submit these upstream and vendor the upstream library. Instead, this
patch uses a fork of github.com/opencontainers/selinux, branched at
commit opencontainers/selinux@879a755db5 .
In order to permit downstreams to build with this patched version, a
snapshot of the forked version has been included in
internal/third_party/selinux. Note that since we use "go mod vendor",
the patched code is usable even without being "go get"-able. Once the
embargo for this issue is lifted we can submit the patches upstream and
switch back to a proper upstream go.mod entry.
Also, this requires us to temporarily disable the CI job we have that
disallows "replace" directives.
Fixes: GHSA-cgrx-mc8f-2prm CVE-2025-52881
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-10-16 11:29:35 +11:00
Aleksa Sarai
ed55d5b5bf
go.mod: update to github.com/cyphar/filepath-securejoin@v0.5.0
...
In order to avoid lint errors due to the deprecation of the top-level
securejoin methods ported from libpathrs, we need to adjust
internal/pathrs to use the new pathrs-lite subpackage instead.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-10-16 11:29:32 +11:00
Aleksa Sarai
e34a0a0936
console: verify /dev/pts/ptmx before use
...
This is primarily done out of an abudance of caution against runc exec
being attacked by a container where /dev/pts/ptmx has been replaced with
some other bad inode (a disconnected NFS handle, a symlink that goes
through a leaked runc file descriptor to reference a host ptmx, etc).
Unfortunately, we cannot trivially verify that /dev/pts/ptmx is actually
the /dev/pts from the container without storing stuff like the fsid in
the runc state.json, which is probably not worth the extra effort. This
should at least avoid the most concerning cases.
Reported-by: Aleksa Sarai <cyphar@cyphar.com >
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-10-16 11:29:32 +11:00
dependabot[bot]
2845c532f9
build(deps): bump github.com/opencontainers/cgroups from 0.0.3 to 0.0.4
...
Bumps [github.com/opencontainers/cgroups](https://github.com/opencontainers/cgroups ) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/opencontainers/cgroups/releases )
- [Changelog](https://github.com/opencontainers/cgroups/blob/main/RELEASES.md )
- [Commits](https://github.com/opencontainers/cgroups/compare/v0.0.3...v0.0.4 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/cgroups
dependency-version: 0.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-09-24 17:04:09 -04:00
Kir Kolyshkin
3764d6e888
deps: bump cgroups to v0.0.3, fix tests
...
For changelog, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.3
This fixes two runc issues:
1. JSON incompatibility introduced in cgroups v0.0.2 (see
https://github.com/opencontainers/cgroups/pull/22 ).
2. Bad CPU shares to CPU weight conversion (see
https://github.com/opencontainers/runc/issues/4772 ).
Due to item 2, modify some tests accordingly.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-09-23 13:12:41 -04:00
Kir Kolyshkin
f5e8c63fdc
deps: bump opencontainers/cgroups to v0.0.2
...
For changes, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.2
Fix integration tests according to changes in [1] (now the CPU quota value set
is rounded the same way systemd does it).
[1]: https://github.com/opencontainers/cgroups/pull/4
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-09-23 13:11:26 -04:00
Kir Kolyshkin
a75076b4a4
Switch to opencontainers/cgroups
...
This removes libcontainer/cgroups packages and starts
using those from github.com/opencontainers/cgroups repo.
Mostly generated by:
git rm -f libcontainer/cgroups
find . -type f -name "*.go" -exec sed -i \
's|github.com/opencontainers/runc/libcontainer/cgroups|github.com/opencontainers/cgroups|g' \
{} +
go get github.com/opencontainers/cgroups@v0.0.1
make vendor
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-02-28 15:20:33 -08:00
dependabot[bot]
537a2276bb
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-28 04:52:38 +00:00
Kir Kolyshkin
79a4ac0553
deps: bump cilium/ebpf to v0.17.3
...
It has a fix for runc issue 4594.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-02-13 00:07:01 -08:00
Kir Kolyshkin
8e5bb0d8c4
deps: roll back to cilium/ebpf v0.16.0
...
Also, exclude v0.17.x until there is a fix for runc issue 4594.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-01-31 16:59:54 -08:00
Aleksa Sarai
70e500e7d1
deps: update to github.com/cyphar/filepath-securejoin@v0.4.1
...
This release includes a minor breaking API change that requires us to
rework the types of our wrappers, but there is no practical behaviour
change.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-01-28 22:33:16 +11:00
dependabot[bot]
5855ba5303
build(deps): bump github.com/cilium/ebpf from 0.17.0 to 0.17.1
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.17.0...v0.17.1 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-20 04:10:23 +00:00
dependabot[bot]
e809db842f
build(deps): bump github.com/cilium/ebpf from 0.16.0 to 0.17.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-20 00:07:03 +00:00
dependabot[bot]
71327d7fcd
build(deps): bump github.com/cyphar/filepath-securejoin
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.3.5 to 0.3.6.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...v0.3.6 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-19 01:42:44 +00:00
Aleksa Sarai
2f1b6626f3
deps: update to github.com/cyphar/filepath-securejoin@v0.3.5
...
This fixes a regression in use of securejoin.MkdirAll, where multiple
runc processes racing to create the same mountpoint in a shared rootfs
would result in spurious EEXIST errors. In particular, this regression
caused issues with BuildKit.
Fixes: dd827f7b71 ("utils: switch to securejoin.MkdirAllHandle")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-12-06 19:38:46 +11:00
Kir Kolyshkin
66969827c0
Switch to github.com/moby/sys/capability v0.4.0
...
This removes the last unversioned package in runc's direct dependencies.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2024-12-02 13:18:10 -08:00
dependabot[bot]
69b3be763a
build(deps): bump github.com/vishvananda/netlink from 1.1.0 to 1.3.0
...
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink ) from 1.1.0 to 1.3.0.
- [Release notes](https://github.com/vishvananda/netlink/releases )
- [Commits](https://github.com/vishvananda/netlink/compare/v1.1.0...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-23 06:49:47 +00:00
dependabot[bot]
f20f273aff
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.11.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-23 04:20:54 +00:00
Akihiro Suda
e98851de36
Merge pull request #4464 from opencontainers/dependabot/go_modules/github.com/urfave/cli-1.22.16
...
build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
2024-10-23 10:46:42 +09:00
dependabot[bot]
93db63ab52
build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.14 to 1.22.16.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.14...v1.22.16 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-22 13:23:32 +00:00
dependabot[bot]
af024b6c2b
build(deps): bump github.com/moby/sys/mountinfo from 0.7.1 to 0.7.2
...
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys ) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/moby/sys/releases )
- [Commits](https://github.com/moby/sys/compare/signal/v0.7.1...mountinfo/v0.7.2 )
---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-22 13:23:25 +00:00
Sebastiaan van Stijn
9b60a93cf3
libcontainer/userns: migrate to github.com/moby/sys/userns
...
The userns package was moved to the moby/sys/userns module
at commit 3778ae603c .
This patch deprecates the old location, and adds it as an alias
for the moby/sys/userns package.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2024-10-09 22:20:25 +08:00
Aleksa Sarai
1623cde125
go: update github.com/cyphar/filepath-securejoin to v0.3.4
...
This includes a fix to avoid doing import "testing" in non-_test.go
code.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-10-09 15:13:28 +11:00
Aleksa Sarai
b096459a07
vendor: update github.com/cyphar/filepath-securejoin to v0.3.3
...
This fixes issues we had with spurious MkdirAll failures.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-30 16:26:42 +02:00
Kir Kolyshkin
15904913c2
Merge pull request #4397 from rafaelroquetto/main
...
Upgrade Cilium's eBPF library version to 0.16
2024-09-13 18:22:49 -07:00
Aleksa Sarai
066b109e99
vendor: update to github.com/cyphar/filepath-securejoin@v0.3.2
...
This includes a fix for the handling of S_ISGID directories.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-13 23:34:33 +10:00
Rafael Roquetto
216175a9ca
Upgrade Cilium's eBPF library version to 0.16
...
Signed-off-by: Rafael Roquetto <rafael.roquetto@grafana.com >
2024-09-12 11:13:21 -06:00
Aleksa Sarai
1d308c7da4
vendor: update to github.com/cyphar/filepath-securejoin@v0.3.1
...
This includes the MkdirAll and OpenInRoot implementations which are
actually secure against races.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-03 23:05:59 +10:00
dependabot[bot]
606251ab33
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.1.1-0.20230823135140-4fec88fd00a4 to 1.2.0.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/commits/v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2024-03-07 14:43:33 +09:00
dependabot[bot]
97632a6d1b
build(deps): bump github.com/containerd/console from 1.0.3 to 1.0.4
...
Bumps [github.com/containerd/console](https://github.com/containerd/console ) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/containerd/console/releases )
- [Commits](https://github.com/containerd/console/compare/v1.0.3...v1.0.4 )
---
updated-dependencies:
- dependency-name: github.com/containerd/console
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-02-09 15:20:19 +00:00
Aleksa Sarai
a04d88ec73
vendor: update to github.com/moby/sys/mountinfo@v0.7.1
...
The primary change is a switch to using /proc/thread-self, which is
needed for when we add a CLONE_FS thread to runc.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2023-12-14 11:36:41 +11:00
lfbzhm
b2f7614afc
bump github.com/cilium/ebpf from 0.12.2 to 0.12.3
...
Signed-off-by: lfbzhm <lifubang@acmcoder.com >
2023-11-10 13:48:36 +00:00
dependabot[bot]
d60d17a6ec
build(deps): bump github.com/cilium/ebpf from 0.12.1 to 0.12.2
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.1...v0.12.2 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-23 04:08:30 +00:00
dependabot[bot]
54d38c6143
build(deps): bump github.com/cilium/ebpf from 0.12.0 to 0.12.1
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.0...v0.12.1 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-20 15:03:40 +08:00
dependabot[bot]
aec0dc7dcd
build(deps): bump github.com/cilium/ebpf from 0.11.0 to 0.12.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-12 04:42:12 +00:00
Kir Kolyshkin
730bc84418
Fix directory perms vs umask for tmpcopyup
...
Bump fileutils to v0.5.1, which fixes permissions of newly created directories
to not depend on the value of umask.
Add a test case which fails like this before the fix:
mounts.bats
✗ runc run [tmpcopyup]
(in test file tests/integration/mounts.bats, line 28)
`[[ "${lines[0]}" == *'drwxrwxrwx'* ]]' failed
runc spec (status=0):
runc run test_busybox (status=0):
drwxr-xr-x 2 root root 40 Oct 4 22:35 /dir1/dir2
Fixes 3991.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2023-10-04 15:35:44 -07:00
Sebastiaan van Stijn
ca32014adb
migrate libcontainer/user to github.com/moby/sys/user
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2023-09-19 10:22:23 +02:00
dependabot[bot]
c7ad2749fd
build(deps): bump github.com/cyphar/filepath-securejoin
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-09-07 04:30:28 +00:00
Rodrigo Campos
671e211ef8
vendor: Update runtime-spec to expose mountExtensions
...
Future commits will expose this info in the features sub-command.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com >
2023-08-23 16:17:02 +02:00
dependabot[bot]
11b6c9b638
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.1.0-rc.3 to 1.1.0.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.1.0-rc.3...v1.1.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-07-22 13:03:35 +09:00
dependabot[bot]
83418f8878
build(deps): bump github.com/cilium/ebpf from 0.10.0 to 0.11.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-07-11 01:40:04 +00:00
Akihiro Suda
0ac3376c20
go.mod: runtime-spec v1.1.0-rc.3
...
https://github.com/opencontainers/runtime-spec/releases/tag/v1.1.0-rc.3
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-06-10 17:19:11 +09:00
dependabot[bot]
31e3c229ac
build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-06-08 17:23:42 +00:00
dependabot[bot]
b9d2d8d8a6
build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.0 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.2 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-05-18 05:00:24 +00:00
Akihiro Suda
6beb3c6a3e
go.mod: runtime-spec v1.1.0-rc.2
...
See https://github.com/opencontainers/runtime-spec/releases/tag/v1.1.0-rc.2
for the spec changes.
The `runc features` json is now defined in
https://github.com/opencontainers/runtime-spec/blob/v1.1.0-rc.2/specs-go/features/features.go
Replaces PR 3829
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-05-10 22:23:29 +09:00
Kir Kolyshkin
5a17746302
deps: bump urfave/cli
...
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2023-04-28 12:43:08 -07:00
Akihiro Suda
787fcf09e7
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-02-10 12:10:14 +09:00
dependabot[bot]
bc8d6e3b1f
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.10.2 to 1.11.0.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.10.2...v1.11.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-10 00:34:56 +00:00