The Docker CLI
Go to file
Sebastiaan van Stijn 0389090aeb
update golang to 1.18.3
go1.18.3 (released 2022-06-01) includes security fixes to the crypto/rand,
crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the
compiler, and the crypto/tls and text/template/parse packages. See the Go
1.18.3 milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.18.3+label%3ACherryPickApproved

Hello gophers,

We have just released Go versions 1.18.3 and 1.17.11, minor point releases.

These minor releases include 4 security fixes following the security policy:

- crypto/rand: rand.Read hangs with extremely large buffers
  On Windows, rand.Read will hang indefinitely if passed a buffer larger than
  1 << 32 - 1 bytes.

  Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset,
  for reporting this issue.

  This is [CVE-2022-30634][CVE-2022-30634] and Go issue https://go.dev/issue/52561.
- crypto/tls: session tickets lack random ticket_age_add
  Session tickets generated by crypto/tls did not contain a randomly generated
  ticket_age_add. This allows an attacker that can observe TLS handshakes to
  correlate successive connections by comparing ticket ages during session
  resumption.

  Thanks to GitHub user nervuri for reporting this.

  This is [CVE-2022-30629][CVE-2022-30629] and Go issue https://go.dev/issue/52814.
- `os/exec`: empty `Cmd.Path` can result in running unintended binary on Windows

  If, on Windows, `Cmd.Run`, `cmd.Start`, `cmd.Output`, or `cmd.CombinedOutput`
  are executed when Cmd.Path is unset and, in the working directory, there are
  binaries named either "..com" or "..exe", they will be executed.

  Thanks to Chris Darroch, brian m. carlson, and Mikhail Shcherbakov for reporting
  this.

  This is [CVE-2022-30580][CVE-2022-30580] and Go issue https://go.dev/issue/52574.
- `path/filepath`: Clean(`.\c:`) returns `c:` on Windows

  On Windows, the `filepath.Clean` function could convert an invalid path to a
  valid, absolute path. For example, Clean(`.\c:`) returned `c:`.

  Thanks to Unrud for reporting this issue.

  This is [CVE-2022-29804][CVE-2022-29804] and Go issue https://go.dev/issue/52476.

[CVE-2022-30634]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30634
[CVE-2022-30629]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30629
[CVE-2022-30580]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30580
[CVE-2022-29804]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29804

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit aa720f154a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-19 16:58:28 +02:00
.circleci [20.10] circleci: update buildx to v0.8.2 2022-04-04 10:37:24 +02:00
.github GH Actions: run CodeQL only on cron-job, not on pull requests 2020-10-01 16:51:28 +02:00
cli linting: fix incorrectly formatted errors (revive) 2022-08-18 19:16:48 +02:00
cli-plugins gofmt with go1.17 2022-04-14 16:40:46 +02:00
cmd/docker config: print deprecation warning when falling back to ~/.dockercfg 2021-03-08 17:21:15 +01:00
contrib/completion fix: remove asterisk from docker command suggestions 2022-06-02 10:07:57 +02:00
dockerfiles update golang to 1.18.3 2022-08-19 16:58:28 +02:00
docs Fix dead external link 2022-06-06 23:15:19 +02:00
e2e change TestNewAPIClientFromFlagsWithHttpProxyEnv to an e2e test 2021-07-29 12:11:10 +02:00
experimental experimental: fix broken link to "checkpoint and restore" page 2021-10-06 16:48:18 +02:00
internal/test Fix container creation time in test/builders 2020-12-16 08:55:29 +07:00
kubernetes Always enable experimental features 2020-10-02 15:59:42 +02:00
man docs: rewrite reference docs for --stop-signal and --stop-timeout 2021-10-06 16:48:50 +02:00
opts gofmt with go1.17 2022-04-14 16:40:46 +02:00
scripts [20.10] use GO_LDFLAGS instead of LDFLAGS to prevent inheriting unrelated options 2022-03-31 14:12:25 +02:00
service/logs bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-23 00:28:55 +01:00
templates staticcheck: ignore SA1019: strings.Title is deprecated 2022-08-19 16:58:21 +02:00
vendor [20.10] vendor: github.com/json-iterator/go v1.1.12 for Go 1.18 compatibility 2022-08-19 16:12:25 +02:00
.dockerignore dockerfile based binary building 2021-04-06 19:53:48 +00:00
.gitignore update windows resources generation 2021-04-06 19:53:48 +00:00
.golangci.yml lint: update golangci-lint to v1.45.2 2022-08-18 19:19:06 +02:00
.mailmap Update authors and mailmap 2020-08-06 01:58:32 +02:00
AUTHORS Update authors and mailmap 2020-08-06 01:58:32 +02:00
CONTRIBUTING.md Fix broken link in CONTRIBUTING 2020-03-19 15:03:59 +01:00
Dockerfile update golang to 1.18.3 2022-08-19 16:58:28 +02:00
Jenkinsfile Jenkinsfile: update old engine version to 19.03 2021-07-02 16:53:13 +02:00
LICENSE Add project files 2017-04-17 17:49:33 -04:00
MAINTAINERS Maintainers: remove Justin and Aaron 2019-12-04 13:08:15 +01:00
Makefile Makefile: have binary, cross, dynbinary targets not use docker for backwards compat 2021-04-06 19:53:48 +00:00
NOTICE switch kr/pty to creack/pty v1.1.7 2019-07-29 16:45:41 -07:00
README.md update readme with new examples 2021-04-06 19:53:48 +00:00
TESTING.md Update TESTING.md to replace testify by gotest.tools 2018-07-02 09:24:28 +02:00
VERSION Update version to 20.10-dev 2020-10-13 09:37:17 +02:00
appveyor.yml update golang to 1.18.3 2022-08-19 16:58:28 +02:00
codecov.yml Fix PR comments 2018-01-03 10:23:32 +01:00
docker-bake.hcl update golang to 1.18.3 2022-08-19 16:58:28 +02:00
docker.Makefile remove unused targets 2021-04-06 19:53:48 +00:00
poule.yml Add github templates and initial poule configuration 2017-05-09 16:57:46 +02:00
vendor.conf [20.10] vendor: github.com/json-iterator/go v1.1.12 for Go 1.18 compatibility 2022-08-19 16:12:25 +02:00

README.md

build status Build Status

docker/cli

This repository is the home of the cli used in the Docker CE and Docker EE products.

Development

docker/cli is developed using Docker.

Build CLI from source:

$ docker buildx bake

Build binaries for all supported platforms:

$ docker buildx bake cross

Build for a specific platform:

$ docker buildx bake --set binary.platform=linux/arm64 

Build dynamic binary for glibc or musl:

$ USE_GLIBC=1 docker buildx bake dynbinary 

Run all linting:

$ make -f docker.Makefile lint

List all the available targets:

$ make help

In-container development environment

Start an interactive development environment:

$ make -f docker.Makefile shell

Legal

Brought to you courtesy of our legal counsel. For more context, please see the NOTICE document in this repo.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.

It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, please see https://www.bis.doc.gov

Licensing

docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.