zishuo/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-12-24 11:50:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
7,829 Commits 7 Branches 73 Tags
dependabot/go_modules/github.com/godbus/dbus/v5-5.2.1
Commit Graph

7829 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
46beddc97d build(deps): bump github.com/godbus/dbus/v5 from 5.2.0 to 5.2.1 
Bumps [github.com/godbus/dbus/v5](https://github.com/godbus/dbus) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/godbus/dbus/releases)
- [Commits](https://github.com/godbus/dbus/compare/v5.2.0...v5.2.1)

---
updated-dependencies:
- dependency-name: github.com/godbus/dbus/v5
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 04:02:28 +00:00
lfbzhm
4246d6a078 Merge pull request #5076 from rata/main 
Update rata's email address
 2025-12-21 13:05:05 +08:00
Rodrigo Campos
a4b2adc566 Merge pull request #5075 from kolyshkin/fix-modernize-url 
ci: fix modernize URL
 2025-12-20 01:23:04 -03:00
Rodrigo Campos
cf9076db56 Update rata's email address 
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2025-12-19 15:01:45 -03:00
Kir Kolyshkin
0d788db46d Merge pull request #5068 from opencontainers/dependabot/github_actions/actions/upload-artifact-6 
build(deps): bump actions/upload-artifact from 5 to 6
 2025-12-17 19:33:19 -08:00
Kir Kolyshkin
a431b11529 Merge pull request #5069 from opencontainers/dependabot/go_modules/google.golang.org/protobuf-1.36.11 
build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11
 2025-12-17 19:32:27 -08:00
Kir Kolyshkin
428043bcf2 ci: fix modernize URL 
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-17 11:57:00 -08:00
dependabot[bot]
b4887cec32 build(deps): bump google.golang.org/protobuf from 1.36.10 to 1.36.11 
Bumps google.golang.org/protobuf from 1.36.10 to 1.36.11.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.36.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-17 01:30:19 +00:00
Kir Kolyshkin
ef5e8a5505 Merge pull request #5064 from opencontainers/dependabot/go_modules/golang.org/x/net-0.48.0 
build(deps): bump golang.org/x/net from 0.47.0 to 0.48.0
 2025-12-16 17:29:13 -08:00
dependabot[bot]
65fe59d01d build(deps): bump golang.org/x/net from 0.47.0 to 0.48.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.47.0 to 0.48.0.
- [Commits](https://github.com/golang/net/compare/v0.47.0...v0.48.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-17 00:54:36 +00:00
Kir Kolyshkin
7658403efc Merge pull request #5050 from cyphar/release-policy-finalised 
RELEASES: finalise policy
 2025-12-16 16:54:27 -08:00
dependabot[bot]
3be9a054e7 build(deps): bump actions/upload-artifact from 5 to 6 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-17 00:53:57 +00:00
Rodrigo Campos
58c2e4aca7 Merge pull request #5072 from kolyshkin/ci-125 
CI: fix modernize job failure
 2025-12-17 01:40:56 +01:00
Kir Kolyshkin
20bdd0b537 ci: use Go 1.25 for validate jobs 
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-16 15:05:01 -08:00
Kir Kolyshkin
dbc4234607 ci: drop -test from modernize run 
The modernize documentation used to suggest -test flag but it's not
needed as it is enabled by default. Drop it.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-16 15:05:01 -08:00
Kir Kolyshkin
16ee2bbf4c ci: use latest Go for modernize job 
Since we use modernize@latest, it may require latest Go as well (and now it does),
so use "go-version: stable" explicitly (which resolves to latest Go).

This fixes the issue with CI:

> go: golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize@latest: golang.org/x/tools/gopls@v0.21.0 requires go >= 1.25 (running go 1.24.11; GOTOOLCHAIN=local)

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-16 15:04:58 -08:00
Kir Kolyshkin
652269729d libc/int: use strings.Builder 
Generated by modernize@latest (v0.21.0).

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-16 15:04:04 -08:00
Akihiro Suda
4dcda051da Merge pull request #5055 from kolyshkin/mpol-2 
libct/configs: mark MPOL_* constants as deprecated
 2025-12-16 10:39:09 +09:00
Akihiro Suda
f38b1cef24 Merge pull request #5061 from curdbecker/fix/missing-error-unwrapping-in-init-container 
Handle os.Is* wrapped errors correctly
 2025-12-16 10:26:56 +09:00
Kir Kolyshkin
d978dd2f14 Merge pull request #5057 from kolyshkin/sd-act 
Copy go-systemd/activation.Files code to avoid bringing in crypto/tls
 2025-12-15 13:36:42 -08:00
Akihiro Suda
f29c4df140 Merge pull request #5067 from opencontainers/dependabot/github_actions/actions/cache-5 
build(deps): bump actions/cache from 4 to 5
 2025-12-15 15:01:18 +09:00
dependabot[bot]
18c3adb8dc build(deps): bump actions/cache from 4 to 5 
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-12 04:02:43 +00:00
Curd Becker
58d24d2dfb Add linter rule to guard against use of os.Is* error functions 
Signed-off-by: Curd Becker <me@curd-becker.de>
 2025-12-11 03:16:11 +01:00
Curd Becker
536e183451 Replace os.Is* error checking functions with their errors.Is counterpart 
Signed-off-by: Curd Becker <me@curd-becker.de>
 2025-12-11 03:16:02 +01:00
Kir Kolyshkin
3741f9186d libct/configs: mark MPOL_* constants as deprecated 
Alas, these new constants are already in v1.4.0 release so we can't
remove those right away, but we can mark them as deprecated now
and target removal for v1.5.0.

So,
 - mark them as deprecated;
 - redefine via unix.MPOL_* counterparts;
 - fix the validator code to use unix.MPOL_* directly.

This amends commit a0e809a8.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-08 15:36:29 -08:00
Kir Kolyshkin
6ede591761 internal/systemd: simplify 
Remove unused code and argument from the ActivationFiles,
and simplify its usage.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-08 15:34:58 -08:00
Kir Kolyshkin
ba9e60f7a8 Remove crypto/tls dependency 
It appears that when we import github.com/coreos/go-systemd/activation,
it brings in the whole crypto/tls package (which is not used by runc
directly or indirectly), making the runc binary size larger and
potentially creating issues with FIPS compliance.

Let's copy the code of function we use from go-systemd/activation
to avoid that.

The space savings are:

$ size runc.before runc.after
   text	   data	    bss	    dec	    hex	filename
7101084	5049593	 271560	12422237	 bd8c5d	runc.before
6508796	4623281	 229128	11361205	 ad5bb5	runc.after

Reported-by: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-08 15:31:42 -08:00
lfbzhm
e0adafb4ca Merge pull request #5054 from kolyshkin/alma10 
Add EL10 to CI
 2025-12-05 11:43:58 +08:00
Rodrigo Campos
ee8f6b61be Merge pull request #5012 from kolyshkin/criu-dev-ignore-fails 
ci: don't fail CI if criu-dev test fails
 2025-12-05 04:15:31 +01:00
Kir Kolyshkin
5407cfe4a1 ci: don't fail CI if criu-dev test fails 
In view of recent criu-dev failure, let's not fail the
required "all-done" job when criu-dev tests fail.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-05 10:54:00 +08:00
Kir Kolyshkin
4f93f06fb7 ci: add centos-cloud-10 run 
Alas there's no almalinux-10 so we use centos-stream-10.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 23:16:29 -08:00
Kir Kolyshkin
94167dae29 .cirrus.yml: use dnf not yum 
Since we dropped EL7, we can use dnf everywhere.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 23:16:29 -08:00
Akihiro Suda
14cc644c33 Merge pull request #5053 from kolyshkin/misc-bumps 
Various version bumps (mostly CI)
 2025-12-04 08:19:30 +09:00
Kir Kolyshkin
68771cfe51 ci: bump shellcheck to v0.11.0 
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 10:22:14 -08:00
Kir Kolyshkin
79b97d4642 Use Go 1.25 for official builds 
(as well as for testing on Cirrus CI)

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 10:22:14 -08:00
Kir Kolyshkin
f4710e5023 Bump seccomp to v2.6.0 
This version was released almost a year ago.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 10:22:14 -08:00
Kir Kolyshkin
f128234354 ci: bump bats to 1.12.0 
This which is already using in CI on Fedora.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-03 10:22:14 -08:00
Kir Kolyshkin
54d8257ec1 Merge pull request #5052 from cyphar/release-tarball 
release: use runc-$version.tar.xz as archive name
 2025-12-03 09:13:15 -08:00
Kir Kolyshkin
fd185882e5 Merge pull request #5009 from kolyshkin/defer-close-init 
Close fds on error
 2025-12-02 17:35:12 -08:00
Kir Kolyshkin
93792e6c13 notify_socket: close fds on error 
Reported in issue 5008.

Reported-by: Arina Cherednik <arinacherednik034@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-02 15:15:23 -08:00
Kir Kolyshkin
8a9b4dcda6 libct: mountFd: close mountFile on error 
Reported in issue 5008.

Reported-by: Arina Cherednik <arinacherednik034@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-02 15:15:23 -08:00
Kir Kolyshkin
c24965b742 libct: newProcessComm: close fds on error 
Reported in issue 5008.

Reported-by: Arina Cherednik <arinacherednik034@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-02 15:15:23 -08:00
Kir Kolyshkin
88f897160c libct: startInitialization: add defer close 
This function calls Init what normally never returns, so the defer only
works if there is an error and we can safely use it to close those fds
we opened. This was done for most but not all fds.

Reported in issue 5008.

Reported-by: Arina Cherednik <arinacherednik034@gmail.com>
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
 2025-12-02 15:15:23 -08:00
Kir Kolyshkin
1f1ff4be06 Merge pull request #5051 from cyphar/libct-utils-deprecated 
libct/utils: remove Deprecated functions
 2025-12-02 15:06:01 -08:00
Aleksa Sarai
7c8fccd646 release: use runc-$version.tar.xz as archive name 
Because we add the runc-$version/ prefix to the archive we generate,
including the version in the name makes it easier for some tools to
operate on as it matches most other projects (for openSUSE we rename the
archive file to this format in order for the automated RPM scripts to
work properly).

Also, when doing several releases at the same time, being able to
double-check that the correct artefact versions were uploaded for each
release can be quite handy.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
 2025-11-30 15:10:36 +11:00
Rodrigo Campos
20a9532fd0 Merge pull request #5049 from cyphar/changelog-update 
CHANGELOG: forward-port changelog entries
 2025-11-28 08:34:57 -03:00
Akihiro Suda
64c3c8eea6 Merge pull request #4994 from kolyshkin/gofumpt-extra 
Enable gofumpt extra rules
 2025-11-28 09:30:57 +09:00
Aleksa Sarai
a412bd93e9 libct/utils: remove Deprecated functions 
These were all marked for deprecation in runc 1.5.0, so remove them now
to make sure we don't forget.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
 2025-11-28 11:11:11 +11:00
Aleksa Sarai
bf258ce163 RELEASES: remove <= 1.1.x special casing 
Now that runc 1.4.0 has been released, there is no need to single out
1.1.x and earlier as no longer being supported, as latest-2 is now 1.2.x
and thus 1.1.x would no longer be supported even with the new support
model.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
 2025-11-28 11:07:47 +11:00
Aleksa Sarai
0c150f4c3a RELEASES: remove 'draft' section of policy 
We have used this release policy for a year and it seems to work well
for everyone and we haven't received much feedback, so it seems
reasonable to say that we are committed to this policy now.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
 2025-11-28 11:06:41 +11:00