search

rootless-containers / bypass4netns

[Experimental] Accelerates slirp4netns using SECCOMP_IOCTL_NOTIF_ADDFD. As fast as `--net=host`.
https://medium.com/nttlabs/accelerating-rootless-container-network-29d0e908dda4
Apache License 2.0
130 stars 6 forks source link

Bump github.com/opencontainers/runtime-spec from 1.0.3-0.20220809190508-9ee22abf867e to 1.2.0 #54

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 8 months ago

Bumps github.com/opencontainers/runtime-spec from 1.0.3-0.20220809190508-9ee22abf867e to 1.2.0.

Release notes

Sourced from github.com/opencontainers/runtime-spec's releases.

v1.2.0

Votes: #1242

Additions

  • config: add idmap and ridmap mount options (#1222)
  • config.md: allow empty mappings for [r]idmap (#1224)
  • features-linux: Expose idmap information (#1219)
  • mount: Allow relative mount destinations on Linux (#1225)
  • features: add potentiallyUnsafeConfigAnnotations (#1205)
  • config: add support for org.opencontainers.image annotations #1197

Minor fixes:

  • config: improve bind mount and propagation doc (#1228)

Documentation, CI & Governance:

  • fix link to hooks in features (#1226)
  • specs-go: add missing deprecation comment for Hooks.Prestart (#1232)
  • specs-go: mark LinuxMemory.Kernel as deprecated ()#1233)

v1.1.0

Vote: opencontainers/runtime-spec#1213

Blog: https://opencontainers.org/posts/blog/2023-07-21-oci-runtime-spec-v1-1/

Breaking changes (but rather conforms to the existing runc implementation)

  • config: change prestart hook spec to match reality (#1169)

Deprecations

  • config-linux: mark memory.kernel[TCP] as NOT RECOMMENDED (#1093)

Additions

  • cgroup: add cgroup v2 support (#1040)
  • seccomp: allow to override errno return code (#1041)
  • seccomp: Add support for SCMP_ACT_KILL_PROCESS (#1044)
  • Update seccomp architectures to support RISCV64 (#1059)
  • Add support for SCMP_ACT_KILL_THREAD (#1064)
  • Add Seccomp Notify support using UNIX sockets and container metadata (#1074)
  • config-linux: Add Intel RDT CMT and MBM Linux support (#1076)
  • seccomp: allow to override default errno return code (#1087)
  • Introduce zos as platform (#1095)
  • config-linux: add idle option for container cgroup (#1136)
  • config-linux: add CFS bandwidth burst (#1120)
  • IDMapping field for mount point (#1143)
  • schema: add cpu idle (#1145)
  • add domainname spec entity (#1156)
  • config-linux: add memory.checkBeforeUpdate (#1158)
  • seccomp: Add flag SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV (#1161)

... (truncated)

Changelog

Sourced from github.com/opencontainers/runtime-spec's changelog.

OpenContainers Specifications

Changes with v1.2.0:

Additions:

  • config: add idmap and ridmap mount options (#1222)
  • config.md: allow empty mappings for [r]idmap (#1224)
  • features-linux: Expose idmap information (#1219)
  • mount: Allow relative mount destinations on Linux (#1225)
  • features: add potentiallyUnsafeConfigAnnotations (#1205)
  • config: add support for org.opencontainers.image annotations #1197

Minor fixes:

  • config: improve bind mount and propagation doc (#1228)

Documentation, CI & Governance:

  • fix link to hooks in features (#1226)
  • specs-go: add missing deprecation comment for Hooks.Prestart (#1232)
  • specs-go: mark LinuxMemory.Kernel as deprecated ()#1233)

Changes with v1.1.0:

Breaking changes (but rather conforms to the existing runc implementation):

  • config: change prestart hook spec to match reality (#1169)

Deprecations:

  • config-linux: mark memory.kernel[TCP] as NOT RECOMMENDED (#1093)

Additions:

  • cgroup: add cgroup v2 support (#1040)
  • seccomp: allow to override errno return code (#1041)
  • seccomp: Add support for SCMP_ACT_KILL_PROCESS (#1044)
  • Update seccomp architectures to support RISCV64 (#1059)
  • Add support for SCMP_ACT_KILL_THREAD (#1064)
  • Add Seccomp Notify support using UNIX sockets and container metadata (#1074)
  • config-linux: Add Intel RDT CMT and MBM Linux support (#1076)
  • seccomp: allow to override default errno return code (#1087)
  • Introduce zos as platform (#1095)
  • config-linux: add idle option for container cgroup (#1136)
  • config-linux: add CFS bandwidth burst (#1120)
  • IDMapping field for mount point (#1143)
  • schema: add cpu idle (#1145)
  • add domainname spec entity (#1156)
  • config-linux: add memory.checkBeforeUpdate (#1158)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
AkihiroSuda commented 8 months ago

@dependabot recreate

AkihiroSuda commented 8 months ago

@dependabot recreate