Overview
Release 1.16.0 introduces new advanced features, a number of bug and security-related fixes, and several dependency updates.
You are highly encouraged to review Watchtower's documentation if you are utilizing advanced features, such as the HTTP API, and/or are interested in using new, experimental features, such as the ephemeral self-updates or image cooldowns.
Important
- Watchtower's HTTP API now explicitly requires using
POSTrequests for the/v1/updateendpoint andGETrequests for the/v1/metricsendpoint. - Rate limiting has also been introduced and can be configured to better fit your use case.
Bug fixes include, but aren't limited to, improvements to error handling, race conditions, retry logic for Docker daemon connection issues, port conflicts, and self-update cleanup. In the event of authentication failures during image pulls, warnings will be propagated to users via notifications. This may potentially result in increased noise in the event of misconfigured registries.
If you're using Watchtower without any advanced features, then you should see a slight performance improvement when Watchtower is checking images and a deduplication of "Found new image" and "Removing image" notification entries.
Note
Given the nature of the new features and number of changes being released, please reference the Discussion's Support section for v1.16.0 support before creating new bug reports.
Features
- feat: add ephemeral self-update capability by @nicholas-fedor in #1491
- feat: add image cooldown supply-chain defense mechanism by @nicholas-fedor in #1495
- feat: add HTTP API rate limiting and security improvements by @nicholas-fedor in #1505
Bug Fixes
- fix: handle container removed between check and stop by @nicholas-fedor in #1475
- fix: replace fragile string-based error checking with typed errors by @nicholas-fedor in #1476
- fix: differentiate auth, not-found, and transient errors during image pull by @nicholas-fedor in #1477
- fix(container): validate port bindings before ContainerCreate by @nicholas-fedor in #1478
- fix: replace global image inspect mutex with per-image keyed mutex by @nicholas-fedor in #1479
- fix: prefer Watchtower-labeled container when multiple share hostname by @nicholas-fedor in #1480
- fix: skip self-update when exposed ports would cause conflict by @nicholas-fedor in #1481
- fix: make excess Watchtower cleanup non-fatal with increased retry window by @nicholas-fedor in #1482
- fix: deduplicate image removal and grouped notification entries by @nicholas-fedor in #1483
- fix: retry transient Docker daemon connection failures during container listing by @nicholas-fedor in #1492
- fix(api): correct self-update and add skipped container tracking in HTTP API by @nicholas-fedor in #1506
Dependency Updates
- chore(deps): update module github.com/docker/cli to v29.3.1+incompatible by @renovate[bot] in #1472
- chore(deps): update google.golang.org/genproto/googleapis/api digest to d5a96ad by @renovate[bot] in #1497
- chore(deps): update google.golang.org/genproto/googleapis/rpc digest to d5a96ad by @renovate[bot] in #1498
- chore(deps): update module github.com/nicholas-fedor/shoutrrr to v0.14.2 by @renovate[bot] in #1504
Full Changelog: v1.15.0...v1.16.0