Skip to content
This repository has been archived by the owner on Mar 2, 2024. It is now read-only.

Bump github.com/containerd/containerd from 1.4.3 to 1.4.4 #372

Closed
wants to merge 1 commit into from
Closed

Bump github.com/containerd/containerd from 1.4.3 to 1.4.4 #372

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 8, 2021
edited
Loading

Bumps github.com/containerd/containerd from 1.4.3 to 1.4.4.

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.4.4

Welcome to the v1.4.4 release of containerd!

The fourth patch release for containerd 1.4 contains a fix for CVE-2021-21334 along with various other minor issues. See GHSA-6g2q-w5j3-fwh4 for more details related to CVE-2021-21334.

Notable Updates

  • Fix container create in CRI to prevent possible environment variable leak between containers #1628
  • Update shim server to return grpc NotFound error #4872
  • Add bounds on max oom_score_adj value for shim's AdjustOOMScore #4874
  • Update task manager to use fresh context when calling shim shutdown #4929
  • Update Docker resolver to avoid possible concurrent map access panic #4941
  • Update shim's log file open flags to avoid containerd hang on syscall open #4971
  • Fix incorrect usage calculation #5019

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Shengjing Zhu
  • Derek McGowan
  • Sebastiaan van Stijn
  • Phil Estes
  • Akihiro Suda
  • Wei Fu
  • Michael Crosby
  • Mike Brown
  • Phil Estes
  • Tõnis Tiigi
  • Danail Branekov
  • IceberGu
  • Maksym Pavlenko
  • Simon Kaegi
  • Zhiyu Li

Changes

... (truncated)

Changelog

Sourced from github.com/containerd/containerd's changelog.

Versioning and Release

This document details the versioning and release plan for containerd. Stability is a top goal for this project and we hope that this document and the processes it entails will help to achieve that. It covers the release process, versioning numbering, backporting, API stability and support horizons.

If you rely on containerd, it would be good to spend time understanding the areas of the API that are and are not supported and how they impact your project in the future.

This document will be considered a living document. Supported timelines, backport targets and API stability guarantees will be updated here as they change.

If there is something that you require or this document leaves out, please reach out by filing an issue.

Releases

Releases of containerd will be versioned using dotted triples, similar to Semantic Version. For the purposes of this document, we will refer to the respective components of this triple as <major>.<minor>.<patch>. The version number may have additional information, such as alpha, beta and release candidate qualifications. Such releases will be considered "pre-releases".

Major and Minor Releases

Major and minor releases of containerd will be made from master. Releases of containerd will be marked with GPG signed tags and announced at https://github.com/containerd/containerd/releases. The tag will be of the format v<major>.<minor>.<patch> and should be made with the command git tag -s v<major>.<minor>.<patch>.

After a minor release, a branch will be created, with the format release/<major>.<minor> from the minor tag. All further patch releases will be done from that branch. For example, once we release v1.0.0, a branch release/1.0 will be created from that tag. All future patch releases will be done against that branch.

Pre-releases

Pre-releases, such as alphas, betas and release candidates will be conducted from their source branch. For major and minor releases, these releases will be done from master. For patch releases, these pre-releases should be done within the corresponding release branch.

While pre-releases are done to assist in the stabilization process, no guarantees are provided.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/containerd/containerd from 1.4.3 to 1.4.4
beef749 
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/master/RELEASES.md)
- [Commits](containerd/containerd@v1.4.3...v1.4.4)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 8, 2021
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 8, 2021

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@codecov
Copy link

codecov bot commented Mar 8, 2021

Codecov Report

Merging #372 (beef749) into master (eadf345) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #372   +/-   ##
=======================================
  Coverage   29.27%   29.27%           
=======================================
  Files         140      140           
  Lines        4901     4901           
=======================================
  Hits         1435     1435           
  Misses       3466     3466

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 8, 2021

Looks like github.com/containerd/containerd is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Mar 8, 2021
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/containerd/containerd-1.4.4 branch March 8, 2021 16:59
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants