podman

mirror of https://github.com/containers/podman.git synced 2025-11-30 01:58:46 +08:00

Author	SHA1	Message	Date
Nicola Sella	df4905d68b	Remove hardcoded refs from ociartifact code Fixes: https://issues.redhat.com/browse/RUN-3578 Signed-off-by: Nicola Sella <nsella@redhat.com>	2025-11-13 22:57:21 +01:00
Paul Holzinger	e0ef8362c0	update github.com/cyphar/filepath-securejoin to v0.5.1 Since this will be required by the runc security update I bump it hare already to make the runc bump easier. Note while there is 0.6.0 out we use 0.5.1 intentionally as 0.6 comes with breaking changes that won't build in our dependencies. Also note the lib now contains code licensed under MPL-2 which is not yet approved by the CNCF[1] but because the runc fix requires it we were advised to just go ahead and update it for now. [1] https://github.com/cncf/foundation/issues/1154 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-11-06 16:33:18 +01:00
renovate[bot]	f290149b70	fix(deps): update module github.com/opencontainers/runc to v1.2.5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-02-14 02:02:06 +00:00
Paul Holzinger	1dbd68f061	vendor latest c/common from main Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2025-01-07 13:35:43 +01:00
renovate[bot]	851ef2529f	fix(deps): update module github.com/opencontainers/runc to v1.2.3 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-12-11 04:35:13 +00:00
renovate[bot]	05a449c61e	fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.4 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-10-09 04:53:26 +00:00
renovate[bot]	ce9716ee41	fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.3 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-09-30 15:44:20 +00:00
renovate[bot]	fe08440ec3	fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.2 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-09-13 12:32:47 +00:00
renovate[bot]	eadfbbc809	Update module github.com/cyphar/filepath-securejoin to v0.3.1 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-07-24 14:40:02 +00:00
renovate[bot]	7c775a3f4c	Update module github.com/cyphar/filepath-securejoin to v0.3.0 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-07-11 15:41:50 +00:00
renovate[bot]	7f6108233f	Update module github.com/cyphar/filepath-securejoin to v0.2.5 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-05-03 09:51:56 +00:00
renovate[bot]	a5798e9f5a	fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2023-09-06 08:04:39 +00:00
dependabot[bot]	9457549fff	build(deps): bump github.com/vbauerster/mpb/v7 from 7.5.2 to 7.5.3 Bumps [github.com/vbauerster/mpb/v7](https://github.com/vbauerster/mpb) from 7.5.2 to 7.5.3. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v7.5.2...v7.5.3) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v7 dependency-type: direct:production update-type: version-update:semver-patch ... Also bump the go module to 1.17 to be able to compile the new code. Given containers/common and others already require go 1.17+ we're safe to go. Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>	2022-09-13 08:58:22 +02:00
dependabot[bot]	518457b354	Bump github.com/cyphar/filepath-securejoin from 0.2.2 to 0.2.3 Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.2 to 0.2.3. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.2...v0.2.3) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2021-07-05 12:20:31 +00:00
Valentin Rothberg	2388222e98	update dependencies Ran a `go get -u` and bumped K8s deps to 1.15.0. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2019-06-24 21:29:31 +02:00
Valentin Rothberg	d697456dc9	migrate to go-modules Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2019-06-24 13:20:59 +02:00
Valentin Rothberg	bd40dcfc2b	vendor: update everything * If possible, update each dependency to the latest available version. * Use releases over commit IDs and avoid vendoring branches. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>	2019-01-11 13:38:11 +01:00
baude	6246942d37	Increase security and performance when looking up groups We implement the securejoin method to make sure the paths to /etc/passwd and /etc/group are not symlinks to something naughty or outside the container image. And then instead of actually chrooting, we use the runc functions to get information about a user. The net result is increased security and a a performance gain from 41ms to 100us. Signed-off-by: baude <bbaude@redhat.com>	2018-10-25 06:42:43 -05:00
umohnani8	27107fdac1	Vendor in latest containers/image and contaners/storage Made necessary changes to functions to include contex.Context wherever needed Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #640 Approved by: baude	2018-04-19 14:08:47 +00:00
Daniel J Walsh	af64e10400	Vendor in lots of kubernetes stuff to shrink image size Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #554 Approved by: mheon	2018-03-27 18:09:12 +00:00
baude	be9ed1cfac	Privileged containers should inherit host devices When running a privileged container, it should inherit the same devices the host has. Signed-off-by: baude <bbaude@redhat.com> Closes: #330 Approved by: mheon	2018-02-15 00:20:47 +00:00

21 Commits