Skip to content

Bump github.com/containerd/containerd/v2 from 2.2.3 to 2.3.1#430

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.3.0
Closed

Bump github.com/containerd/containerd/v2 from 2.2.3 to 2.3.1#430
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.3.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps github.com/containerd/containerd/v2 from 2.2.3 to 2.3.1.

Release notes

Sourced from github.com/containerd/containerd/v2's releases.

containerd 2.3.1

Welcome to the v2.3.1 release of containerd!

The first patch release for containerd 2.3 contains various fixes and improvements.

Security Updates

Highlights

  • Fix bug where failed gRPC plugins were not tolerated when starting listeners (#13390)

Image Storage

  • Ensure metadata and mount plugin boltdb files are closed on server shutdown (#13379)

Runtime

  • Fix handling of out-of-range USER values in OCI spec to avoid unexpected username/group lookups (#13447)
  • Fix sandbox task API endpoints for non-runc runtimes and deprecate task fields in Runc options (#13422)
  • Apply hardening to default seccomp socket policy by blocking AF_ALG (#13409)

Snapshotters

  • Disable overlayfs "rebase" capability when running in user namespace (#13394)
  • Fix transfer plugin error when EROFS differ is configured but mkfs.erofs is unavailable (#13364)

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Maksym Pavlenko
  • Akihiro Suda
  • Derek McGowan
  • Paweł Gronowski
  • Brian Goff
  • Austin Vazquez
  • LEI WANG
  • Samuel Karp

Changes

  • Prepare release notes for v2.3.1 (#13405)
  • oci: return explicit error for out-of-range USER values (#13447)

... (truncated)

Commits
  • 64b425c Merge pull request #13405 from AkihiroSuda/prepare-release-2.3.1
  • 58af965 Prepare release notes for v2.3.1
  • 8f0b3ca Update api to v1.11.1
  • 9f8f453 Merge pull request #13447 from samuelkarp/oci-withuser-errrange-2.3
  • f822a91 Merge pull request #13444 from dmcgowan/prepare-api-v1.11.1
  • da7aef2 Prepare release notes for api/v1.11.1
  • a50a704 Merge pull request #13422 from k8s-infra-cherrypick-robot/cherry-pick-13360-t...
  • 5282d4e Wire task address and version fields
  • e44f5f9 protos: include task API address to CreateTaskRequest
  • 85f22f7 Merge pull request #13409 from k8s-infra-cherrypick-robot/cherry-pick-13327-t...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependencies Updating external dependencies label May 4, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 4, 2026 17:18
@dependabot dependabot Bot added the dependencies Updating external dependencies label May 4, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/containerd/containerd/v2-2.3.0 branch from a5c7b21 to 2e6c8ab Compare May 18, 2026 08:15
@dharmit
Copy link
Copy Markdown
Contributor

dharmit commented May 19, 2026

This one's also updating Go version in go.mod to 1.26. I recently saw a dependabot PR where @dirkmueller mentioned we don't want to do upgrade Go right now. Should we close this PR or something else?

@dependabot
Bump github.com/containerd/containerd/v2 from 2.2.3 to 2.3.1
4517bde 
Bumps [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) from 2.2.3 to 2.3.1.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v2.2.3...v2.3.1)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd/v2
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump github.com/containerd/containerd/v2 from 2.2.3 to 2.3.0 Bump github.com/containerd/containerd/v2 from 2.2.3 to 2.3.1 May 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/containerd/containerd/v2-2.3.0 branch from 2e6c8ab to 4517bde Compare May 22, 2026 07:33
@dirkmueller
Copy link
Copy Markdown
Member

dirkmueller commented May 22, 2026

This one's also updating Go version in go.mod to 1.26. I recently saw a dependabot PR where @dirkmueller mentioned we don't want to do upgrade Go right now. Should we close this PR or something else?

I'm okay with updating go 1.26. what I commented on somewhere I think was on k8s 1.36

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 25, 2026

Superseded by #458.

@dependabot dependabot Bot closed this May 25, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/containerd/containerd/v2-2.3.0 branch May 25, 2026 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Updating external dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dharmit @dirkmueller