github docker/docker-agent v1.55.0
on GitHub

latest release: v1.56.0
4 hours ago

This release introduces significant security hardening, attachment system foundations, and enhanced configuration capabilities.

What's New

  • Adds HCL configuration format support as an alternative to YAML for agent configurations
  • Adds /pause command to toggle the runtime loop at iteration boundaries
  • Adds turn_end hook that fires once per turn regardless of how the turn ended
  • Adds shadow snapshots and /undo command for restoring file changes without modifying session transcript
  • Adds Anthropic Workload Identity Federation support for OIDC-derived authentication
  • Adds attachment system foundations with chat.Document and per-provider document conversion
  • Adds JavaScript/WebAssembly browser build with OpenRouter PKCE support
  • Adds custom request headers support for the fetch toolset with environment variable expansion
  • Adds allow/deny lists for filesystem toolset to sandbox file access
  • Adds wildcard and CIDR pattern support in fetch toolset domain filtering
  • Adds input-shape repair layer for tool calls to handle common model mistakes
  • Adds MCP embedded resource content type support
  • Adds --hook-stop CLI flag for the existing stop event
  • Adds --tool-name flag to override MCP tool identifier
  • Adds --mcp-keepalive flag for MCP server connections

Improvements

  • Expands secret detection with additional patterns for OpenAI, Anthropic, Google, Stripe, Notion, GitLab, Vault, and Slack tokens
  • Speeds up secret redaction with aho-corasick keyword pre-filter
  • Improves markdown rendering performance with single-pass URL scanner optimizations
  • Enhances session ID and install UUID forwarding on gateway-bound requests for better tracing
  • Pauses animation ticks while terminal is blurred to reduce CPU usage
  • Propagates non-interactive mode to child sessions and declines elicitation automatically

Bug Fixes

  • Fixes crash on startup when configuration file is empty
  • Fixes environment variable race in script shell tool execution
  • Fixes data races on session token and message writes
  • Fixes lifecycle supervisor state race condition
  • Fixes infinite loop on hash-prefixed paragraphs in markdown renderer
  • Fixes tab switching and chat scroll functionality while prompts are open
  • Fixes compaction kept-tail mapping after prior summaries
  • Fixes IPv4-mapped IPv6 SSRF bypass in fetch domain matcher
  • Fixes finish_reason stop when tracking usage in OpenAI streams
  • Fixes comment-only SSE events that crash openai-go client

Technical Changes

  • Replaces mise with go-task as the project task runner
  • Splits builtin tools into individual sub-packages for better organization
  • Centralizes model-specific behavior in pkg/modelinfo package
  • Tightens file and directory permissions for per-user data to 0o700/0o600
  • Adds contextual logging throughout codebase for better trace correlation
  • Adds 7 new architectural-sync linting cops that caught 10 real bugs
  • Hardens OAuth with constant-time state comparison and SSRF protection
  • Blocks non-public IPs in API and OpenAPI tools by default
  • Updates jose2go to v1.7.0 to address security vulnerabilities
  • Bumps various Go dependencies including Anthropic SDK, Docker CLI, and OpenTelemetry packages

What's Changed

  • docs: document toon and per-toolset model routing by @dgageot in #2587
  • Bump direct Go dependencies by @dgageot in #2586
  • docs: update CHANGELOG.md for v1.54.0 by @docker-read-write[bot] in #2588
  • Finish secret redaction by @dgageot in #2589
  • simplify pkg/hooks: drop unused EventSpec abstraction by @dgageot in #2591
  • lint: add 7 architectural-sync cops (catches 10 real bugs) by @dgageot in #2593
  • Add turn_end hook by @rumpl in #2592
  • Bump direct Go dependencies by @dgageot in #2597
  • update PR review workflow with fork-supporting trigger by @derekmisler in #2596
  • Use the latest rubocop-go by @dgageot in #2594
  • Bump direct Go dependencies by @dgageot in #2599
  • docs: fix outdated content and document missing commands by @dgageot in #2600
  • Handle case when session started with Docker Desktop proxy available, and the Desktop is stopped by @gtardif in #2606
  • Add /pause command to toggle the runtime loop by @dgageot in #2605
  • harden docker agent serve api: warn on non-loopback, fix runtime race, block SSRF by @dgageot in #2604
  • Support HCL as an alternative agent config format by @dgageot in #2598
  • fetch: support wildcard and CIDR patterns in domain allow/deny lists by @dgageot in #2602
  • Add detection rules for more secret formats by @dgageot in #2603
  • docs: refresh outdated examples, missing env vars, and CLI options by @dgageot in #2610
  • feat(hooks): expose stop hook via CLI by @tdabasinskas in #2627
  • fix(session): close data races on session token and message writes by @tdabasinskas in #2622
  • fix(lifecycle): order state transition before waking restart waiters by @tdabasinskas in #2621
  • fix(security): bump jose2go to v1.7.0 (GO-2025-4123, GO-2023-2409) by @tdabasinskas in #2619
  • fix(runtime): add OpenTelemetry tracer to runtime initialization by @tdabasinskas in #2505
  • fix(tools): prevent environment variable race in script shell tool by @tdabasinskas in #2616
  • feat(mcp): add support for embedded resource content type by @tdabasinskas in #2612
  • docs: fix outdated and incorrect references by @dgageot in #2618
  • deps: bump direct Go dependencies by @dgageot in #2609
  • feat(filesystem): add allow_list / deny_list to sandbox the toolset by @dgageot in #2601
  • feat(gateway): add X-Cagent-Session-Id header to models gateway requests by @tdabasinskas in #2631
  • feat(mcp-server): add --tool-name flag to override the MCP tool identifier by @tdabasinskas in #2625
  • feat(runtime): propagate non-interactive mode to child sessions and decline elicitation by @tdabasinskas in #2623
  • feat(otel): configure W3C trace propagation for distributed tracing by @tdabasinskas in #2506
  • docs: fill in missing CLI flags and fix outdated content by @dgageot in #2633
  • bump direct Go dependencies by @dgageot in #2637
  • feat(mcp-server): add keep-alive support by @tdabasinskas in #2624
  • Fix perf regression urls by @dgageot in #2638
  • docs: add HCL configuration documentation by @rumpl in #2643
  • docs: fix broken links and outdated/incorrect snippets by @dgageot in #2650
  • Update pr-review.yml by @derekmisler in #2648
  • avoid duplicate compaction system prompt by @rumpl in #2647
  • HCL: add a file() function by @rumpl in #2642
  • docs(agents): expand AGENTS.md with guidelines and standards by @aheritier in #2644
  • docs(github): update issue templates and triage workflow by @aheritier in #2645
  • Fix finish_reason stop when tracking usage by @rumpl in #2641
  • feat(tools): generic input-shape repair for tool calls (validate-then-repair) by @trungutt in #2635
  • bump direct go dependencies by @dgageot in #2655
  • fix: keep tab switching and chat scroll working while a prompt is open by @dgageot in #2654
  • Add JS placeholders support in instructions by @dgageot in #2652
  • fetch: support custom request headers by @dgageot in #2651
  • feat(httpclient): forward cagent install UUID on gateway-bound requests by @dgageot in #2653
  • split builtin tools into individual sub-packages by @dgageot in #2661
  • chore: replace mise with go-task by @dgageot in #2659
  • docs: refresh examples README by @dgageot in #2665
  • tui: pause animation ticks while the terminal is blurred by @dgageot in #2668
  • refactor(logging): pass context to all slog calls for correlation by @tdabasinskas in #2669
  • redact_secrets: catch more token shapes and bare unquoted values by @dgageot in #2664
  • fix(httpclient): drop comment-only SSE events that crash openai-go by @dgageot in #2662
  • docs: refresh outdated model examples and add Chat Server page by @dgageot in #2656
  • perf(secretsscan): speed up secret redaction with an aho-corasick pre-filter by @dgageot in #2667
  • fix(shell): do not enforce "assisted-by" by default. by @maxcleme in #2671
  • fix: stop matching category in command palette filter by @dgageot in #2673
  • add js/wasm browser build with OpenRouter PKCE, agentic loop, and demo page by @dgageot in #2672
  • lint: add SlogContextual cop and fix remaining bare slog calls by @dgageot in #2674
  • fix(markdown): avoid infinite loop on hash-prefixed paragraphs; simplify renderer by @dgageot in #2675
  • chore(deps): bump github.com/anthropics/anthropic-sdk-go from v1.40.0 to v1.41.0 by @dgageot in #2676
  • Lint by @rumpl in #2678
  • update PR reviewer by @derekmisler in #2680
  • chore(deps): bump python-multipart from 0.0.22 to 0.0.27 in /examples/dhi/dhi_mcp_server in the pip group across 1 directory by @dependabot[bot] in #2679
  • fix compaction kept-tail mapping after prior summaries by @rumpl in #2646
  • use slices.Backward in CompactionInput by @dgageot in #2682
  • refactor: centralize model-specific behavior in pkg/modelinfo by @dgageot in #2666
  • bump github.com/docker/cli from v29.4.2 to v29.4.3 by @dgageot in #2681
  • chore: tighten file/directory permissions for per-user data by @dgageot in #2663
  • feat: Anthropic Workload Identity Federation by @dgageot in #2658
  • security: SSRF / TOCTOU / OAuth state hardening by @dgageot in #2670
  • feat: add shadow snapshots and undo by @rumpl in #2677
  • feat: Phase 1 attachment system – chat.Document, pkg/attachment, per-provider convertDocument by @simonferquel-clanker in #2639
  • feat: attach-time processing – transcode/resize images and resolve URLs at message add time by @simonferquel-clanker in #2685

Full Changelog: v1.54.0...v1.55.0

Check out latest releases or
releases around docker/docker-agent v1.55.0

Don't miss a new docker-agent release

NewReleases is sending notifications on new releases.

Get notifications