The Docker CLI
Go to file
Sebastiaan van Stijn aa720f154a
update golang to 1.18.3
go1.18.3 (released 2022-06-01) includes security fixes to the crypto/rand,
crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the
compiler, and the crypto/tls and text/template/parse packages. See the Go
1.18.3 milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.18.3+label%3ACherryPickApproved

Hello gophers,

We have just released Go versions 1.18.3 and 1.17.11, minor point releases.

These minor releases include 4 security fixes following the security policy:

- crypto/rand: rand.Read hangs with extremely large buffers
  On Windows, rand.Read will hang indefinitely if passed a buffer larger than
  1 << 32 - 1 bytes.

  Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset,
  for reporting this issue.

  This is [CVE-2022-30634][CVE-2022-30634] and Go issue https://go.dev/issue/52561.
- crypto/tls: session tickets lack random ticket_age_add
  Session tickets generated by crypto/tls did not contain a randomly generated
  ticket_age_add. This allows an attacker that can observe TLS handshakes to
  correlate successive connections by comparing ticket ages during session
  resumption.

  Thanks to GitHub user nervuri for reporting this.

  This is [CVE-2022-30629][CVE-2022-30629] and Go issue https://go.dev/issue/52814.
- `os/exec`: empty `Cmd.Path` can result in running unintended binary on Windows

  If, on Windows, `Cmd.Run`, `cmd.Start`, `cmd.Output`, or `cmd.CombinedOutput`
  are executed when Cmd.Path is unset and, in the working directory, there are
  binaries named either "..com" or "..exe", they will be executed.

  Thanks to Chris Darroch, brian m. carlson, and Mikhail Shcherbakov for reporting
  this.

  This is [CVE-2022-30580][CVE-2022-30580] and Go issue https://go.dev/issue/52574.
- `path/filepath`: Clean(`.\c:`) returns `c:` on Windows

  On Windows, the `filepath.Clean` function could convert an invalid path to a
  valid, absolute path. For example, Clean(`.\c:`) returned `c:`.

  Thanks to Unrud for reporting this issue.

  This is [CVE-2022-29804][CVE-2022-29804] and Go issue https://go.dev/issue/52476.

[CVE-2022-30634]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30634
[CVE-2022-30629]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30629
[CVE-2022-30580]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30580
[CVE-2022-29804]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29804

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-06-02 09:22:18 +02:00
.circleci dummy circleci config 2022-02-25 21:15:39 +01:00
.github update golang to 1.18.3 2022-06-02 09:22:18 +02:00
cli info: update plugin section to show installed path 2022-06-01 12:46:07 +02:00
cli-plugins Adopt Cobra completion v2 to support completion by CLI plugins 2022-05-12 12:59:10 +02:00
cmd/docker Adopt Cobra completion v2 to support completion by CLI plugins 2022-05-12 12:59:10 +02:00
contrib/completion completion: remove options related to deprecated cluster-store 2022-05-17 11:03:25 +02:00
dockerfiles update golang to 1.18.3 2022-06-02 09:22:18 +02:00
docs Merge pull request #3614 from thaJeztah/signal_options 2022-05-17 14:31:26 +02:00
e2e Adopt Cobra completion v2 to support completion by CLI plugins 2022-05-12 12:59:10 +02:00
experimental experimental: fix broken link to "checkpoint and restore" page 2021-09-07 13:30:48 +02:00
internal/test vendor: github.com/docker/docker 2ed904cad7055847796433cc56ef1d1de0da868c 2022-04-30 12:01:37 +02:00
man docs: remove documentation about deprecated cluster-store 2022-05-17 11:00:51 +02:00
opts gofmt with go1.17 2022-03-26 20:21:00 +01:00
scripts Makefile: don't warn "outside container" for some targets 2022-04-06 19:10:53 +02:00
service/logs bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-23 00:28:55 +01:00
templates staticcheck: ignore SA1019: strings.Title is deprecated 2022-03-28 17:23:06 +02:00
vendor vendor: github.com/docker/docker 3e32104e0e39af9019a3ea9aa7093bb7c97fcf05 2022-06-01 11:15:00 +02:00
.dockerignore validate manpages target 2022-02-25 17:11:17 +01:00
.gitattributes fix linguist with .gitattributes 2021-12-16 21:16:02 +01:00
.gitignore validate manpages target 2022-02-25 17:11:17 +01:00
.golangci.yml lint: update golangci-lint to v1.45.2 2022-03-28 10:37:27 +02:00
.mailmap update mailmap and authors 2022-04-06 18:32:04 +02:00
AUTHORS update mailmap and authors 2022-04-06 18:32:04 +02:00
CONTRIBUTING.md Fix broken link in CONTRIBUTING 2020-03-19 15:03:59 +01:00
Dockerfile update golang to 1.18.3 2022-06-02 09:22:18 +02:00
LICENSE Add project files 2017-04-17 17:49:33 -04:00
MAINTAINERS Add Djordje Lukic to maintainers 2022-04-19 10:44:12 +02:00
Makefile Makefile: don't warn "outside container" for some targets 2022-04-06 19:10:53 +02:00
NOTICE switch kr/pty to creack/pty v1.1.7 2019-07-29 16:45:41 -07:00
README.md remove circleci 2022-02-25 17:11:17 +01:00
TESTING.md tweak description of login/logout 2022-04-04 10:44:11 +02:00
VERSION Update version to 22.06.0-dev 2022-05-17 11:41:40 +02:00
codecov.yml Drop support for (archived) Compose-on-Kubernetes 2022-02-22 13:47:34 +01:00
docker-bake.hcl update golang to 1.18.3 2022-06-02 09:22:18 +02:00
docker.Makefile Makefile: add missing help messages for some targets 2022-04-06 18:34:51 +02:00
vendor.mod vendor: github.com/docker/docker 3e32104e0e39af9019a3ea9aa7093bb7c97fcf05 2022-06-01 11:15:00 +02:00
vendor.sum vendor: github.com/docker/docker 3e32104e0e39af9019a3ea9aa7093bb7c97fcf05 2022-06-01 11:15:00 +02:00

README.md

Docker CLI

PkgGoDev Build Status Test Status Go Report Card Codecov

About

This repository is the home of the cli used in the Docker CE and Docker EE products.

Development

docker/cli is developed using Docker.

Build CLI from source:

docker buildx bake

Build binaries for all supported platforms:

docker buildx bake cross

Build for a specific platform:

docker buildx bake --set binary.platform=linux/arm64 

Build dynamic binary for glibc or musl:

USE_GLIBC=1 docker buildx bake dynbinary 

Run all linting:

docker buildx bake lint shellcheck

Run test:

docker buildx bake test

List all the available targets:

make help

In-container development environment

Start an interactive development environment:

make -f docker.Makefile shell

Brought to you courtesy of our legal counsel. For more context, please see the NOTICE document in this repo.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.

It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, please see https://www.bis.doc.gov

Licensing

docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.