What's Changed
๐ช Improvements
- add support exec-cpu-affinity by @saku3 in #3164
- fix: allow duplicate additionalGids by @saku3 in #3189
๐ Bug Fixes
- use additional gids,user,group in exec, inject path iif not given by @YJDoc2 in #3131
- fix: mount retry and logging by @z63d in #3157
- fix: Gracefully terminate processes after successful execution of Wasm executors by @z63d in #3099
- fix: Running create_runtime hook after container is set to created. by @CheatCodeSam in #3181
- fix: Ignoring CPU realtime on cgroupsv2 if set to zero by @CheatCodeSam in #3180
๐ Documentation improvements
- Add the CNCF footer in README.md by @utam0k in #3140
- chore(docs): Fix codecov link in README by @khanhtc1202 in #3129
- Fixed grammatical error in README by @CheatCodeSam in #3160
- fix: protobuf bug on docs rs by @mdaffad in #3159
- docs: clarify reviewer qualification and self-nomination process by @utam0k in #3175
๐งช Test improvements and Misc Fixes
- bump nix to 0.29.0 by @kemingy in #3123
- update rust version to 1.85.0 by @YJDoc2 in #3085
- add-test-linux_rootfs_propagation by @saku3 in #3024
- Add a relative_network_cgroups test as one of the integration tests by @moz-sec in #2986
- Refactor init process by @utam0k in #3158
- add kill test by @YamasouA in #2996
- allow running selected tests in contest.sh and justfile by @saku3 in #3165
- fix: capet Ambient log level by @z63d in #3150
- add test process_capabilities_fail by @kazmsk in #3010
- fix typos and outdated typos ci action by @howjmay in #3168
- add a system call mock for uid/gid. by @nayuta-ai in #3173
- fix: remove println statements from contest tests by @YJDoc2 in #3167
- Installing kubectl in dev container. by @CheatCodeSam in #3177
- Add uid_mappings test by @moz-sec in #3161
- fix: update devcontainer.json by @AobaIwaki123 in #3172
- Remove oci tests that are duplicates of contest by @utam0k in #3042
- Remove oci tests that are duplicates of contest by @saku3 in #3184
- Fix debug logging for CPU affinity bitmask by @saku3 in #3191
- [DNM] ci: temp disable workflows by @YJDoc2 in #3192
Other Changes
- chore(deps): bump uuid from 1.15.1 to 1.16.0 by @dependabot[bot] in #3113
- (auto merged) chore(deps): bump once_cell from 1.21.1 to 1.21.2 in the patch group by @dependabot[bot] in #3126
- (auto merged) chore(deps): bump once_cell from 1.21.2 to 1.21.3 in the patch group by @dependabot[bot] in #3128
- (auto merged) chore(deps): bump the patch group with 2 updates by @dependabot[bot] in #3133
- (auto merged) chore(deps): bump errno from 0.3.10 to 0.3.11 in the patch group by @dependabot[bot] in #3135
- (auto merged) chore(deps): bump openssl from 0.10.70 to 0.10.72 by @dependabot[bot] in #3134
- chore(deps): bump wasmtime from 29.0.1 to 31.0.0 by @dependabot[bot] in #3121
- (auto merged) chore(deps): bump vergen-gitcl from 1.0.5 to 1.0.7 in the patch group by @dependabot[bot] in #3142
- (auto merged) chore(deps): bump crossbeam-channel from 0.5.12 to 0.5.15 by @dependabot[bot] in #3143
- (auto merged) chore(deps): bump vergen-gitcl from 1.0.7 to 1.0.8 in the patch group by @dependabot[bot] in #3145
- (auto merged) chore(deps): bump anyhow from 1.0.97 to 1.0.98 in the patch group by @dependabot[bot] in #3147
- (auto merged) chore(deps): bump libc from 0.2.171 to 0.2.172 in the patch group by @dependabot[bot] in #3148
- (auto merged) chore(deps): bump rand from 0.9.0 to 0.9.1 in the patch group by @dependabot[bot] in #3149
- chore(deps): bump tokio from 1.37.0 to 1.44.2 by @dependabot[bot] in #3137
- Bump oci-spec.rs to v0.8.1 by @saku3 in #3154
- (auto merged) chore(deps): bump chrono from 0.4.40 to 0.4.41 in the patch group by @dependabot[bot] in #3156
- (auto merged) chore(deps): bump errno from 0.3.11 to 0.3.12 in the patch group by @dependabot[bot] in #3169
- selinux: lima vm by @utam0k in #3162
- chore(deps): bump tokio from 1.37.0 to 1.38.2 in /experiment/seccomp by @dependabot[bot] in #3138
- (auto merged) chore(deps): bump libbpf-sys from 1.5.0+v1.5.0 to 1.5.1+v1.5.1 in the patch group by @dependabot[bot] in #3171
- chore(deps): bump num_cpus from 1.16.0 to 1.17.0 by @dependabot[bot] in #3176
- chore(deps): bump tempfile from 3.19.1 to 3.20.0 by @dependabot[bot] in #3166
- (auto merged) chore(deps): bump flate2 from 1.1.1 to 1.1.2 in the patch group by @dependabot[bot] in #3183
- chore(deps): bump libc from 0.2.172 to 0.2.173 in the patch group by @dependabot[bot] in #3185
- (auto merged) chore(deps): bump libc from 0.2.173 to 0.2.174 in the patch group by @dependabot[bot] in #3187
- (auto merged) chore(deps): bump errno from 0.3.12 to 0.3.13 in the patch group by @dependabot[bot] in #3188
- (auto merged) chore(deps): bump libbpf-sys from 1.5.1+v1.5.1 to 1.5.2+v1.5.1 in the patch group by @dependabot[bot] in #3190
- Release for v0.5.4 by @github-actions[bot] in #3124
New Contributors
- @kemingy made their first contribution in #3123
- @khanhtc1202 made their first contribution in #3129
- @moz-sec made their first contribution in #2986
- @CheatCodeSam made their first contribution in #3160
- @YamasouA made their first contribution in #2996
- @z63d made their first contribution in #3150
- @kazmsk made their first contribution in #3010
- @howjmay made their first contribution in #3168
- @AobaIwaki123 made their first contribution in #3172
- @mdaffad made their first contribution in #3159
Full Changelog: v0.5.3...v0.5.4