Skip to content

build(deps): bump github.com/containerd/containerd/v2 from 2.2.3 to 2.2.4 in the go_modules group across 1 directory#13804

Merged
glours merged 1 commit into
mainfrom
dependabot/go_modules/go_modules-fcafd93c54
Jun 15, 2026
Merged

build(deps): bump github.com/containerd/containerd/v2 from 2.2.3 to 2.2.4 in the go_modules group across 1 directory#13804
glours merged 1 commit into
mainfrom
dependabot/go_modules/go_modules-fcafd93c54

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 21, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the go_modules group with 1 update in the / directory: github.com/containerd/containerd/v2.

Updates github.com/containerd/containerd/v2 from 2.2.3 to 2.2.4

Release notes

Sourced from github.com/containerd/containerd/v2's releases.

containerd 2.2.4

Welcome to the v2.2.4 release of containerd!

The fourth patch release for containerd 2.2 contains various fixes and updates including security patches.

  • containerd

  • go-jose

  • Use mount manager during image volume processing to support snapshotters that require writable block volumes (e.g., EROFS) (#13242)

  • Fix handling of out-of-range USER values in OCI spec to avoid unexpected username/group lookups (#13448)

  • Apply hardening to block AF_ALG in default socket policy (#13408)

  • Fix bugs in sandbox service affecting sandbox creation configuration and event publishing (#13266)

  • Set AppArmor abi conditionally to support versions < 3.0 (#13275)

  • Disable overlay "rebase" capability when running in a user namespace to fix layer extraction failures (#13393)

  • Support both "volatile" and "fsync=volatile" mount options for volatile snapshotter (#13296)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

  • Wei Fu
  • Akihiro Suda
  • Chris Henzie
  • Paweł Gronowski
  • Samuel Karp
  • Brian Goff
  • Champ-Goblem
  • Chris Chang
  • LEI WANG
  • Phil Estes
  • William Myers
  • oci: return explicit error for out-of-range USER values (#13448)
    • d20c6267b oci: return explicit error for out-of-range USER values
  • seccomp: Block AF_ALG in default socket policy (#13408)
    • db34dc4b4 seccomp: Block AF_ALG in default socket policy
    • 214b141ee seccomp: Document socket rule scope and socketcall limitation
  • update Go to 1.25.10, 1.26.3 (#13375)
  • overlay: disable "rebase" capability when running in UserNS (#13393)
    • 63874d262 overlay: disable "rebase" capability when running in UserNS
  • Support both styles of volatile mount option (#13296)

... (truncated)

Commits
  • 193637f Merge pull request #13457 from samuelkarp/prepare-release-2.2.4
  • 05e97b4 Prepare release notes for v2.2.4
  • 0a8f65b Merge pull request #13448 from samuelkarp/oci-withuser-errrange-2.2
  • 7287de2 Merge pull request #13408 from k8s-infra-cherrypick-robot/cherry-pick-13327-t...
  • db34dc4 seccomp: Block AF_ALG in default socket policy
  • 214b141 seccomp: Document socket rule scope and socketcall limitation
  • 105ca97 Merge pull request #13375 from AkihiroSuda/release-2.2-go-1.25.10
  • ba7b585 Merge pull request #13393 from k8s-infra-cherrypick-robot/cherry-pick-13389-t...
  • 63874d2 overlay: disable "rebase" capability when running in UserNS
  • c2b1856 update Go to 1.25.10, 1.26.3
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 21, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 21, 2026 22:01
@dependabot dependabot Bot requested review from glours and ndeloof May 21, 2026 22:02
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 21, 2026
thaJeztah
thaJeztah approved these changes May 22, 2026
View reviewed changes

@thaJeztah thaJeztah left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@thaJeztah

thaJeztah commented Jun 15, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot
build(deps): bump github.com/containerd/containerd/v2
53ca8d0 
Bumps the go_modules group with 1 update in the / directory: [github.com/containerd/containerd/v2](https://github.com/containerd/containerd).


Updates `github.com/containerd/containerd/v2` from 2.2.3 to 2.2.4
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v2.2.3...v2.2.4)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd/v2
  dependency-version: 2.2.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go_modules-fcafd93c54 branch from 5cd2f80 to 53ca8d0 Compare June 15, 2026 12:05
thaJeztah
thaJeztah approved these changes Jun 15, 2026
View reviewed changes

@thaJeztah thaJeztah left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@thaJeztah

thaJeztah commented Jun 15, 2026

Copy link
Copy Markdown
Member

@glours probably want this one as well to avoid some (false) positives

The fourth patch release for containerd 2.2 contains various fixes and updates including security patches.

containerd

go-jose

@glours glours merged commit f82a213 into main Jun 15, 2026
40 checks passed
@glours glours deleted the dependabot/go_modules/go_modules-fcafd93c54 branch June 15, 2026 12:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@glours glours glours approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

@ndeloof ndeloof Awaiting requested review from ndeloof ndeloof is a code owner automatically assigned from docker/compose-maintainers

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thaJeztah @glours