Skip to content

[pull] main from containerd:main#409

Merged
pull[bot] merged 10 commits into
meonBot:mainfrom
containerd:main
Jul 13, 2026
Merged

[pull] main from containerd:main#409
pull[bot] merged 10 commits into
meonBot:mainfrom
containerd:main

Conversation

@pull

@pull pull Bot commented Jul 13, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

a7i and others added 10 commits June 25, 2026 09:26
introspectRuntimeFeatures returned an error for any runtime type other
than io.containerd.runc.v2, so non-runc shims such as
containerd-shim-runsc-v1 never had their OCI features surfaced to the
CRI RuntimeHandlerFeatures, even though they implement the shim "-info"
command.

The runc-only guard worked around a nil-pointer panic when marshalling
nil runtime options. That case is already covered by the "if options !=
nil" check, making the guard redundant. Dropping it lets all runtimes be
introspected; shims that do not implement "-info" still fail gracefully
and are logged at debug level, so behavior for those is unchanged.

Guard against nil plugin info Extra, nil runtime Features, and nil
features.Linux before unmarshalling or evaluating CRI user namespace
support.

Signed-off-by: Amir Alavi <amiralavi7@gmail.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Go can report context deadline exceeded when a duration-based fuzz limit
expires (https://go.dev/issue/75804).

Use a 50,000-execution limit based on the roughly 47,000 executions
FuzzImageStore completed in 30 seconds in CI. This keeps work stable
across runners and avoids the duration issue.

Assisted-by: Codex
Signed-off-by: Chris Henzie <chrishenzie@gmail.com>
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.18.6 to 1.19.0.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](klauspost/compress@v1.18.6...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.81.1 to 1.82.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.81.1...v1.82.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps the golang-x group with 2 updates in the / directory: [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sync` from 0.21.0 to 0.22.0
- [Commits](golang/sync@v0.21.0...v0.22.0)

Updates `golang.org/x/sys` from 0.46.0 to 0.47.0
- [Commits](golang/sys@v0.46.0...v0.47.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
…e.golang.org/grpc-1.82.0

build(deps): bump google.golang.org/grpc from 1.81.1 to 1.82.0
…g-x-c40dbcb055

build(deps): bump the golang-x group across 1 directory with 2 updates
…b.com/klauspost/compress-1.19.0

build(deps): bump github.com/klauspost/compress from 1.18.6 to 1.19.0
fix(cri): introspect OCI runtime features for non-runc runtimes
ci: bound Go fuzzing by execution count
@pull pull Bot locked and limited conversation to collaborators Jul 13, 2026
@pull pull Bot added the ⤵️ pull label Jul 13, 2026
@pull
pull Bot merged commit ba01536 into meonBot:main Jul 13, 2026
2 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants