Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

build(deps): bump github.com/containerd/containerd/v2 from 2.2.2 to 2.2.3#13737

Merged
glours merged 1 commit intomaindocker/compose:mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.2.3docker/compose:dependabot/go_modules/github.com/containerd/containerd/v2-2.2.3Copy head branch name to clipboard
Apr 15, 2026
Merged

build(deps): bump github.com/containerd/containerd/v2 from 2.2.2 to 2.2.3#13737
glours merged 1 commit intomaindocker/compose:mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.2.3docker/compose:dependabot/go_modules/github.com/containerd/containerd/v2-2.2.3Copy head branch name to clipboard

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 15, 2026

Bumps github.com/containerd/containerd/v2 from 2.2.2 to 2.2.3.

Release notes

Sourced from github.com/containerd/containerd/v2's releases.

containerd 2.2.3

Welcome to the v2.2.3 release of containerd!

The third patch release for containerd 2.2 contains various fixes and updates including a security patch.

Security Updates

Highlights

Container Runtime Interface (CRI)

  • Preserve cgroup mount options for privileged containers (#13120)
  • Ensure UpdatePodSandbox returns Unimplemented instead of a generic error (#13023)

Go client

  • Handle absolute symlinks in rootfs user lookup to fix regressions when using Go 1.24 (#13015)

Image Distribution

  • Enable mount manager in diff walking to fix layer extraction errors with some snapshotters (e.g., EROFS) (#13198)
  • Apply hardening to prevent TOCTOU race during tar extraction (#12971)

Runtime

  • Restore support for client-mounted roots in Windows containers using process isolation (#13195)
  • Update runc to v1.3.5 (#13061)
  • Apply absolute symlink resolution to /etc/group in OCI spec to fix lookups on NixOS-style systems (#13019)
  • Handle absolute symlinks in rootfs user lookup to fix regressions when using Go 1.24 (#13015)

Snapshotters

  • Fix bug that caused whiteouts to be ignored when parallel unpack was used (#13125)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Samuel Karp
  • Sebastiaan van Stijn
  • Maksym Pavlenko
  • Chris Henzie
  • Derek McGowan
  • Paulo Oliveira
  • Henry Wang

... (truncated)

Commits
  • 77c8424 Merge pull request #13224 from samuelkarp/prepare-release-2.2.3
  • 8a0f4ed Prepare release notes for v2.2.3
  • 1383828 Merge pull request #13217 from samuelkarp/update-spdystream-2.2
  • 31bd34a update github.com/moby/spdystream v0.5.1
  • d2c2fc3 Merge pull request #13197 from thaJeztah/2.2_bump_compress
  • 6b3c2de Merge pull request #13198 from k8s-infra-cherrypick-robot/cherry-pick-13186-t...
  • 409f75b diff/walking: enable mount manager
  • 1336f6c vendor: github.com/klauspost/compress v1.18.5
  • 33e9334 Merge pull request #13195 from thaJeztah/2.2_bump_runhcs
  • 0d85aef Merge pull request #13196 from thaJeztah/2.2_bump_hcsshim
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github.com/containerd/containerd/v2
ab78b06 
Bumps [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v2.2.2...v2.2.3)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd/v2
  dependency-version: 2.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 15, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 15, 2026 09:03
@dependabot dependabot Bot requested review from glours and ndeloof April 15, 2026 09:03
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 15, 2026
thaJeztah
thaJeztah approved these changes Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

cc @glours - fyi the containerd release contains a security fix (through "spdystream"); only impacts the binaries, but could trigger security scanners - as they tend to do 😞

@glours
Copy link
Copy Markdown
Contributor

glours commented Apr 15, 2026

@thaJeztah ACK, I'll do a release soon

@glours glours merged commit 6ed7625 into main Apr 15, 2026
41 checks passed
@glours glours deleted the dependabot/go_modules/github.com/containerd/containerd/v2-2.2.3 branch April 15, 2026 09:36
@thaJeztah
Copy link
Copy Markdown
Member

thaJeztah commented Apr 15, 2026

Yeah, probably not super-urgent, but just a "FYI" in case people start to get stressed 😂

@BrewTestBot BrewTestBot mentioned this pull request Apr 15, 2026
Merged
tmeijn pushed a commit to tmeijn/dotfiles that referenced this pull request Apr 16, 2026
build(deps): update docker/compose to v5.1.3
effb167 
This MR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker/compose](https://github.com/docker/compose) | patch | `v5.1.2` → `v5.1.3` |

MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot).

**Proposed changes to behavior should be submitted there as MRs.**

---

### Release Notes

<details>
<summary>docker/compose (docker/compose)</summary>

### [`v5.1.3`](https://github.com/docker/compose/releases/tag/v5.1.3)

[Compare Source](docker/compose@v5.1.2...v5.1.3)

#### What's Changed

##### 🐛 Fixes

- fix: provider output handling and watch rebuild re-invocation by [@&#8203;glours](https://github.com/glours) in [#&#8203;13732](docker/compose#13732)

##### 🔧  Internal

- Add Docker Desktop Logs view hints and navigation shortcut by [@&#8203;glours](https://github.com/glours) in [#&#8203;13721](docker/compose#13721)
- Build and push Docker Desktop module image on release by [@&#8203;glours](https://github.com/glours) in [#&#8203;13726](docker/compose#13726)
- Fix typo in SECURITY.md by [@&#8203;glours](https://github.com/glours) in [#&#8203;13730](docker/compose#13730)
- Make hook hint deep links clickable using OSC 8 terminal hyperlinks by [@&#8203;glours](https://github.com/glours) in [#&#8203;13734](docker/compose#13734)
- Remove 'provenance' attribute' by [@&#8203;glours](https://github.com/glours) in [#&#8203;13738](docker/compose#13738)

##### ⚙️ Dependencies

- build(deps): bump github.com/containerd/containerd/v2 from 2.2.2 to 2.2.3 by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;13737](docker/compose#13737)

**Full Changelog**: <docker/compose@v5.1.2...v5.1.3>

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this MR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box

---

This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiLCJhdXRvbWF0aW9uOmJvdC1hdXRob3JlZCIsImRlcGVuZGVuY3ktdHlwZTo6cGF0Y2giXX0=-->
@rancherbot rancherbot mentioned this pull request Apr 16, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glours glours glours approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

@ndeloof ndeloof Awaiting requested review from ndeloof ndeloof is a code owner automatically assigned from docker/compose-maintainers

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@glours @thaJeztah
Morty Proxy This is a proxified and sanitized view of the page, visit original site.