What's changed
Security
- CVE-2025-54388: bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3+incompatible: #152
Standardization
FF_KANIKO_COPY_AS_ROOT=falseCOPY from context should always default to root:root: #145 #166- COPY --from preserves mtime: #161
Usability
- kaniko learned
--credential-helpersto select credential helpers: #135
Maintenance
- chore(deps): bump cloud.google.com/go/storage from 1.55.0 to 1.56.0: #144
- chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.36.5 to 1.37.2: #131 #150 #159 #163
- chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.29.17 to 1.30.3: #132 #149 #163
- chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.17.84 to 1.18.3: #133 #148 #153 #158 #163
- chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.84.0 to 1.86.0: #134 #147 #157 #163
- chore(deps): bump github.com/awslabs/amazon-ecr-credential-helper/ecr-login from 0.9.1 to 0.10.1: #151
- chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/storage/azblob from 1.6.1 to 1.6.2: #143
- chore(deps): bump github.com/containerd/containerd from 1.7.27 to 1.7.28: #146
- chore(deps): bump golang from 1.24.5 to 1.24.6: #169
- chore(deps): bump golang.org/x/net from 0.42.0 to 0.43.0: #170
- chore(deps): bump golang.org/x/sys from 0.34.0 to 0.35.0: #168
- chore(deps): bump google.golang.org/api from 0.242.0 to 0.246.0: #140 #156 #165 #167