Bump github.com/containers/podman/v5 from 5.3.2 to 5.4.0 #558

dependabot · 2025-02-11T20:47:47Z

Bumps github.com/containers/podman/v5 from 5.3.2 to 5.4.0.

Release notes

Sourced from github.com/containers/podman/v5's releases.

v5.4.0

Features

A preview of Podman's support for OCI artifacts has been added through the podman artifact suite of commands, including add, inspect, ls, pull, push, and rm. This support is very early and not fully complete, and the command line interface for these tools has not been finalized. We welcome feedback on the new artifact experience through our issue tracker!

The podman update command now supports a wide variety of options related to healthchecks (including --health-cmd to define a new healthcheck and --no-healthcheck to disable an existing healthcheck), allowing healthchecks to be added to, removed from, and otherwise updated on existing containers. You can find full details on the 15 added options in the manpage.

The --mount type=volume option for the podman run, podman create, and podman volume create commands now supports a new option, subpath=, to make only a subset of the volume visible in the container (#20661).

The --userns=keep-id option for the podman run, podman create, and podman pod create commands now supports a new option, --userns=keep-id:size=, to configure the size of the user namespace (#24387).

The podman kube play command now supports Container Device Interface (CDI) devices (#17833).

The podman machine init command now supports a new option, --playbook, to run an Ansible playbook in the created VM on first boot for initial configuration.

Quadlet .pod files now support a new field, ShmSize, to specify the size of the pod's shared SHM (#22915).

The podman run, podman create, and podman pod create commands now support a new option, --hosts-file, to define the base file used for /etc/hosts in the container.

The podman run, podman create, and podman pod create commands now support a new option, --no-hostname, which disables the creation of /etc/hostname in the container (#25002).

The podman network create command now supports a new option for bridge networks, --opt mode=unmanaged, which allows Podman to use an existing network bridge on the system without changes.

The --network option to podman run, podman create, and podman pod create now accepts a new option for bridge networks, host_interface_name, which specifies a name for the network interface created outside the container.

The podman manifest rm command now supports a new option, --ignore, to not error when removing manifests that do not exist.

The podman system prune command now supports a new option, --build, to remove build containers leftover from prematurely terminated builds.

The podman events command now generates events for the creation and removal of networks (#24032).

Breaking Changes

Due to a lack of availability of hardware to test on, the Podman maintainers are no longer capable of providing full support for Podman on Intel Macs. Binaries and machine images will still be produced, and pull requests related to MacOS on Intel systems will still be merged, but bugs will be fixed on a best effort basis only. We welcome any potential new maintainers who would be able to assist in restoring full support.

Quadlet previously incorrectly allowed : as a character to define comments. This was a mistake; developer intent and documentation was that # and ; were to be used as comment characters instead, matching systemd. This has been corrected, and semicolons now define comments instead of colons.

Changes

Podman now passes container hostnames to Netavark, which will use them for any DHCP requests for the container.

Partial pulls of zstd:chunked images now only happen for images that have a RootFS.DiffID entry in the image's OCI config JSON, and require the layer contents to match. This resolves issues with image ID ambiguity when partial pulls were enabled.

Packagers can now set the BUILD_ORIGIN environment variable when building podman from the Makefile. This provides information on who built the Podman binary, and is displayed in podman version and podman info. This will help upstream bug reports, allowing maintainers to trace how and where the binary was built and installed from.

Bugfixes

Fixed a bug where podman machine VMs on WSL could fail to start when using usermode networking could fail to start due to a port conflict (#20327).

Fixed a bug where overlay mounts could not be made at paths where the image specifies a volume (#24555).

Fixed a bug where the podman build command did not honor the no_pivot_root setting from containers.conf (#24546).

Fixed a bug where volumes would have the wrong permissions if podman cp was used to copy into a fresh volume in a container that had never been started.

Fixed a bug where using podman cp to copy into a named volume requiring a mount (image volumes, volumes backed by a volume plugin, or other volumes with options) would fail when the container being copied into was stopped.

Fixed a bug where rlimits would be set incorrectly when Podman was run as root but without CAP_SYS_RESOURCE (#24692).

Fixed a bug where the podman stats --all command would fail if a container started with --cgroups=none was present (#24632).

Fixed a bug where the podman info command would only return details on one image store even if additional image stores were configured in storage.conf.

Fixed a bug where the podman update command could reset resource limits that were not being modified to default (#24610).

Fixed a bug where the remote Podman client's podman update command could not update resource limits on devices mounted into the container (#24734).

Fixed a bug where the podman manifest annotate command could panic when the --index option was used (#24750).

Fixed a bug where a Quadlet container reusing another container's network could cause errors if the second container was not already running.

Fixed a bug where Quadlet files containing lines with a trailing backslash could cause an infinite loop during parsing (#24810).

Fixed a bug where Quadlet would, when run as a non-root user, not generate for files in subfolders of /etc/containers/systemd/users/ (#24783).

Fixed a bug where values in Quadlet files containing octal escape sequences were incorrectly unescaped.

Fixed a bug where podman generate kube could generate persistent volumes with mixed-case names or names containing an underscore, which are not supported by Kubernetes (#16542).

Fixed a bug where the ptmxmode option to --mount type=devpts did not function.

Fixed a bug where shell completion on Windows would include .exe in the executable name, breaking completion on some shells.

Fixed a bug where the output of podman inspect on containers did not include the ID of the network the container was joined to, improving Docker compatibility (#24910).

Fixed a bug where containers created with the remote API incorrectly included a create command (#25026).

Fixed a bug where it was possible to specify the libkrun backend for VMs on Intel Macs (libkrun only supports Arm systems).

Fixed a bug where libkrun and applehv VMs from podman machine could be started at the same time on Macs (#25112).

Fixed a bug where podman exec commands could not detach from the exec session using the detach keys (#24895).

... (truncated)

Changelog

Sourced from github.com/containers/podman/v5's changelog.

5.4.0

Features

A preview of Podman's support for OCI artifacts has been added through the podman artifact suite of commands, including add, inspect, ls, pull, push, and rm. This support is very early and not fully complete, and the command line interface for these tools has not been finalized. We welcome feedback on the new artifact experience through our issue tracker!

The podman update command now supports a wide variety of options related to healthchecks (including --health-cmd to define a new healthcheck and --no-healthcheck to disable an existing healthcheck), allowing healthchecks to be added to, removed from, and otherwise updated on existing containers. You can find full details on the 15 added options in the manpage.

The --mount type=volume option for the podman run, podman create, and podman volume create commands now supports a new option, subpath=, to make only a subset of the volume visible in the container (#20661).

The --userns=keep-id option for the podman run, podman create, and podman pod create commands now supports a new option, --userns=keep-id:size=, to configure the size of the user namespace (#24387).

The podman kube play command now supports Container Device Interface (CDI) devices (#17833).

The podman machine init command now supports a new option, --playbook, to run an Ansible playbook in the created VM on first boot for initial configuration.

Quadlet .pod files now support a new field, ShmSize, to specify the size of the pod's shared SHM (#22915).

The podman run, podman create, and podman pod create commands now support a new option, --hosts-file, to define the base file used for /etc/hosts in the container.

The podman run, podman create, and podman pod create commands now support a new option, --no-hostname, which disables the creation of /etc/hostname in the container (#25002).

The podman network create command now supports a new option for bridge networks, --opt mode=unmanaged, which allows Podman to use an existing network bridge on the system without changes.

The --network option to podman run, podman create, and podman pod create now accepts a new option for bridge networks, host_interface_name, which specifies a name for the network interface created outside the container.

The podman manifest rm command now supports a new option, --ignore, to not error when removing manifests that do not exist.

The podman system prune command now supports a new option, --build, to remove build containers leftover from prematurely terminated builds.

The podman events command now generates events for the creation and removal of networks (#24032).

Breaking Changes

Due to a lack of availability of hardware to test on, the Podman maintainers are no longer capable of providing full support for Podman on Intel Macs. Binaries and machine images will still be produced, and pull requests related to MacOS on Intel systems will still be merged, but bugs will be fixed on a best effort basis only. We welcome any potential new maintainers who would be able to assist in restoring full support.

Quadlet previously incorrectly allowed : as a character to define comments. This was a mistake; developer intent and documentation was that # and ; were to be used as comment characters instead, matching systemd. This has been corrected, and semicolons now define comments instead of colons.

Changes

Podman now passes container hostnames to Netavark, which will use them for any DHCP requests for the container.

Partial pulls of zstd:chunked images now only happen for images that have a RootFS.DiffID entry in the image's OCI config JSON, and require the layer contents to match. This resolves issues with image ID ambiguity when partial pulls were enabled.

Packagers can now set the BUILD_ORIGIN environment variable when building podman from the Makefile. This provides information on who built the Podman binary, and is displayed in podman version and podman info. This will help upstream bug reports, allowing maintainers to trace how and where the binary was built and installed from.

Bugfixes

Fixed a bug where podman machine VMs on WSL could fail to start when using usermode networking could fail to start due to a port conflict (#20327).

Fixed a bug where overlay mounts could not be made at paths where the image specifies a volume (#24555).

Fixed a bug where the podman build command did not honor the no_pivot_root setting from containers.conf (#24546).

Fixed a bug where volumes would have the wrong permissions if podman cp was used to copy into a fresh volume in a container that had never been started.

Fixed a bug where using podman cp to copy into a named volume requiring a mount (image volumes, volumes backed by a volume plugin, or other volumes with options) would fail when the container being copied into was stopped.

Fixed a bug where rlimits would be set incorrectly when Podman was run as root but without CAP_SYS_RESOURCE (#24692).

Fixed a bug where the podman stats --all command would fail if a container started with --cgroups=none was present (#24632).

Fixed a bug where the podman info command would only return details on one image store even if additional image stores were configured in storage.conf.

Fixed a bug where the podman update command could reset resource limits that were not being modified to default (#24610).

Fixed a bug where the remote Podman client's podman update command could not update resource limits on devices mounted into the container (#24734).

Fixed a bug where the podman manifest annotate command could panic when the --index option was used (#24750).

Fixed a bug where a Quadlet container reusing another container's network could cause errors if the second container was not already running.

Fixed a bug where Quadlet files containing lines with a trailing backslash could cause an infinite loop during parsing (#24810).

Fixed a bug where Quadlet would, when run as a non-root user, not generate for files in subfolders of /etc/containers/systemd/users/ (#24783).

Fixed a bug where values in Quadlet files containing octal escape sequences were incorrectly unescaped.

Fixed a bug where podman generate kube could generate persistent volumes with mixed-case names or names containing an underscore, which are not supported by Kubernetes (#16542).

Fixed a bug where the ptmxmode option to --mount type=devpts did not function.

Fixed a bug where shell completion on Windows would include .exe in the executable name, breaking completion on some shells.

Fixed a bug where the output of podman inspect on containers did not include the ID of the network the container was joined to, improving Docker compatibility (#24910).

Fixed a bug where containers created with the remote API incorrectly included a create command (#25026).

Fixed a bug where it was possible to specify the libkrun backend for VMs on Intel Macs (libkrun only supports Arm systems).

Fixed a bug where libkrun and applehv VMs from podman machine could be started at the same time on Macs (#25112).

Fixed a bug where podman exec commands could not detach from the exec session using the detach keys (#24895).

... (truncated)

Commits

f9f7d48 Bump to v5.4.0
2460114 Update release notes for v5.4.0 final
3d344ff In SQLite state, use defaults for empty-string checks
2612e3c Bump FreeBSD version to 13.4
3d917a3 docs: add v5.4 to API reference
a8a01ca Merge pull request #25287 from openshift-cherrypick-robot/cherry-pick-25235-t...
13ebc58 Update rpm/podman.spec
f34d6c7 RPM: set buildOrigin in LDFLAG
7839a1c Merge pull request #25274 from openshift-cherrypick-robot/cherry-pick-24864-t...
6218d42 RPM: cleanup macro defs
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/containers/podman/v5](https://github.com/containers/podman) from 5.3.2 to 5.4.0. - [Release notes](https://github.com/containers/podman/releases) - [Changelog](https://github.com/containers/podman/blob/v5.4.0/RELEASE_NOTES.md) - [Commits](containers/podman@v5.3.2...v5.4.0) --- updated-dependencies: - dependency-name: github.com/containers/podman/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 11, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/containers/podman/v5 from 5.3.2 to 5.4.0 #558

Bump github.com/containers/podman/v5 from 5.3.2 to 5.4.0 #558

dependabot bot commented on behalf of github Feb 11, 2025

Bump github.com/containers/podman/v5 from 5.3.2 to 5.4.0 #558

Are you sure you want to change the base?

Bump github.com/containers/podman/v5 from 5.3.2 to 5.4.0 #558

Conversation

dependabot bot commented on behalf of github Feb 11, 2025

v5.4.0

Features

Breaking Changes

Changes

Bugfixes

5.4.0

Features

Breaking Changes

Changes

Bugfixes