diff --git a/_vendor/modules.txt b/_vendor/modules.txt index ae4caa515541..24989ba511d1 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -2,5 +2,5 @@ # github.com/moby/buildkit v0.19.0 # github.com/docker/buildx v0.20.1 # github.com/docker/cli v27.5.1+incompatible -# github.com/docker/compose/v2 v2.32.4 +# github.com/docker/compose/v2 v2.33.0 # github.com/docker/scout-cli v1.15.0 diff --git a/content/manuals/accounts/deactivate-user-account.md b/content/manuals/accounts/deactivate-user-account.md index 8639c5c43c58..887f83f86bfa 100644 --- a/content/manuals/accounts/deactivate-user-account.md +++ b/content/manuals/accounts/deactivate-user-account.md @@ -41,5 +41,6 @@ Once you have completed all the previous steps, you can deactivate your account. 1. Sign in to [Docker Home](https://app.docker.com/login). 2. Select your avatar to open the drop-down menu. 3. Select **Account settings**. -4. In the **Account management** section, select **Deactivate account**. -5. To confirm, select **Deactivate account**. +4. Select **Deactivate**. +5. Select **Deactivate account**. +6. To confirm, select **Deactivate account**. diff --git a/content/manuals/accounts/manage-account.md b/content/manuals/accounts/manage-account.md index 316a8d654e3b..0372d3f54a9e 100644 --- a/content/manuals/accounts/manage-account.md +++ b/content/manuals/accounts/manage-account.md @@ -17,7 +17,7 @@ You can centrally manage the settings for your Docker account using Docker Home. 2. In Docker Home, select your avatar in the top-right corner to open the drop-down. 3. Select **Account settings**. -From the Account settings page, you can take any of the following actions. +From the Account Center page, you can take any of the following actions. ### Update account information @@ -35,7 +35,7 @@ Make your changes here, then select **Save** to save your settings. ### Update email address -To update your email address, select the arrow icon. +To update your email address, select **Email**. 1. Enter your new email address. 2. Enter your password to confirm the change. @@ -47,22 +47,22 @@ Once you verify your email address, your account information will update. You can change your password by initiating a password reset via email. -To change your password, select **Reset password**. +To change your password, select **Password** and then **Reset password**. Follow the instructions in the password reset email. ## Manage security settings -You can manage the security settings for your account in Docker Home. - +To update your two-factor authentication (2FA) settings, select **2FA**. For information on two-factor authentication (2FA) for your account, see [Enable two-factor authentication](../security/for-developers/2fa/_index.md) to get started. +To manage personal access tokens, select **Personal access tokens**. For information on personal access tokens, see [Create and manage access tokens](../security/for-developers/access-tokens.md). ## Account management -You can take administrative actions for your account in Docker Home. - +To convert your account into an organization, select **Convert**. For more information on converting your account, see [Convert an account into an organization](../admin/organization/convert-account.md). +To deactivate your account, select **Deactivate**. For information on deactivating your account, see [Deactivating a user account](./deactivate-user-account.md). diff --git a/content/manuals/admin/organization/convert-account.md b/content/manuals/admin/organization/convert-account.md index da6eaada9b3f..3ac7f86f965e 100644 --- a/content/manuals/admin/organization/convert-account.md +++ b/content/manuals/admin/organization/convert-account.md @@ -60,10 +60,10 @@ Consider the following effects of converting your account: 4. Select **Account settings**. -5. In the **Account management** section, select **Convert account**. +5. Select **Convert**. 6. Review the warning displayed about converting a user account. This action cannot be undone and has considerable implications for your assets and the account. -7. Enter a **Docker ID** to set an organization owner. This is the user account that will manage the organization, and the only way to access the organization settings after conversion. You cannot use the same Docker ID as the account you are trying to convert. +7. Enter a **Username of new owner** to set an organization owner. This is the user account that will manage the organization, and the only way to access the organization settings after conversion. You cannot use the same Docker ID as the account you are trying to convert. -8. Select **Confirm and purchase** to confirm. The new owner receives a notification email. Use that owner account to sign in and manage the new organization. +8. Select **Confirm**. The new owner receives a notification email. Use that owner account to sign in and manage the new organization. diff --git a/content/manuals/admin/organization/members.md b/content/manuals/admin/organization/members.md index 8b589eac3959..822c4f195fa1 100644 --- a/content/manuals/admin/organization/members.md +++ b/content/manuals/admin/organization/members.md @@ -141,6 +141,10 @@ To add a member to a team with the Admin Console: ### Remove a member from a team +> [!NOTE] +> +> If your organization uses single sign-on (SSO) with [SCIM](/manuals/security/for-admins/provisioning/scim.md) enabled, you should remove members from your identity provider (IdP). This will automatically remove members from Docker. If SCIM is disabled, you must manually manage members in Docker. + Organization owners can remove a member from a team in Docker Hub or Admin Console. Removing the member from the team will revoke their access to the permitted resources. {{< tabs >}} diff --git a/content/manuals/build/bake/overrides.md b/content/manuals/build/bake/overrides.md index c3b9f501a126..1d6bd60b7274 100644 --- a/content/manuals/build/bake/overrides.md +++ b/content/manuals/build/bake/overrides.md @@ -55,8 +55,8 @@ If you don't specify any files, Bake will use the following lookup order: 3. `docker-compose.yml` 4. `docker-compose.yaml` 5. `docker-bake.json` -6. `docker-bake.override.json` -7. `docker-bake.hcl` +6. `docker-bake.hcl` +7. `docker-bake.override.json` 8. `docker-bake.override.hcl` If more than one Bake file is found, all files are loaded and merged into a diff --git a/content/manuals/compose/releases/release-notes.md b/content/manuals/compose/releases/release-notes.md index 3cf8874e34f4..4a93a7da337e 100644 --- a/content/manuals/compose/releases/release-notes.md +++ b/content/manuals/compose/releases/release-notes.md @@ -13,6 +13,45 @@ aliases: For more detailed information, see the [release notes in the Compose repo](https://github.com/docker/compose/releases/). +## 2.33.0 + +{{< release-date date="2025-02-13" >}} + +### Bug fixes and enhancements + +- Introduced a hint to promote the use of [Bake](/build/bake/) +- Introduced support for the `additional_context` attribute referencing another service +- Added support for `BUILDKIT_PROGRESS` +- Compose now warns you when a published Compose application includes environment variables +- Added a `--with-env` flag to publish a Compose application with environment variables +- Updated `ls --quiet` help description +- Fixed multiple issues delegating build to Bake +- Updated help in `stats` command +- Fixed support for "builtin" seccomp profile +- Fixed support for `watch` with multiple services +- Removed exit code per error type used by legacy metrics system +- Fixed test coverage for `compatibility` +- Removed raw os.Args sent to OpenTelemetry +- Enabled copyloopvar linter +- Fixed provenance for binaries and generate SBOM +- Main branch for docs upstream validation is now used +- Added codeowners file +- Added Docker Engine v28.x to the test-matrix + +### Update + +- Dependencies upgrade: Bump compose-go v2.4.8 +- Dependencies upgrade: Bump buildx v0.20.1 +- Dependencies upgrade: Bump docker to v27.5.1 +- Dependencies upgrade: Bump golangci-lint to v1.63.4 +- Dependencies upgrade: Bump golang.org/x/sys from 0.28.0 to 0.30.0 +- Dependencies upgrade: Bump github.com/moby/term v0.5.2 +- Dependencies upgrade: Bump github.com/otiai10/copy from 1.14.0 to 1.14.1 +- Dependencies upgrade: Bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0 +- Dependencies upgrade: Bump github.com/spf13/pflag from 1.0.5 to 1.0.6 +- Dependencies upgrade: Bump golang.org/x/sync from 0.10.0 to 0.11.0 +- Dependencies upgrade: Bump gotest.tools/v3 from 3.5.1 to 3.5.2 + ## 2.32.4 {{< release-date date="2025-01-16" >}} diff --git a/content/manuals/desktop/features/wsl/_index.md b/content/manuals/desktop/features/wsl/_index.md index d0eadf5526d0..cf84a0e65cc7 100644 --- a/content/manuals/desktop/features/wsl/_index.md +++ b/content/manuals/desktop/features/wsl/_index.md @@ -103,6 +103,15 @@ Docker Desktop does not require any particular Linux distributions to be install > > Note that Docker Desktop version 4.30 and later keeps using the `docker-desktop-data` distribution if it was already created by an earlier version of Docker Desktop and has not been freshly installed or factory reset. +## WSL 2 security in Docker Desktop + +Docker Desktop’s WSL 2 integration operates within the existing security model of WSL and does not introduce additional security risks beyond standard WSL behavior. + +Docker Desktop runs within its own dedicated WSL distribution, `docker-desktop`, which follows the same isolation properties as any other WSL distribution. The only interaction between Docker Desktop and other installed WSL distributions occurs when the Docker Desktop **WSL integration** feature is enabled in settings. This feature allows easy access to the Docker CLI from integrated distributions. + +WSL is designed to facilitate interoperability between Windows and Linux environments. Its file system is accessible from the Windows host `\\wsl$`, meaning Windows processes can read and modify files within WSL. This behavior is not specific to Docker Desktop, but rather a core aspect of WSL itself. + +For organizations concerned about security risks related to WSL and want stricter isolation and security controls, run Docker Desktop in Hyper-V mode instead of WSL 2. ## Additional resources diff --git a/content/manuals/security/faqs/single-sign-on/users-faqs.md b/content/manuals/security/faqs/single-sign-on/users-faqs.md index 64a9c62ec45a..5488e1fa4485 100644 --- a/content/manuals/security/faqs/single-sign-on/users-faqs.md +++ b/content/manuals/security/faqs/single-sign-on/users-faqs.md @@ -100,3 +100,7 @@ No, we don't differentiate the two in product. ### Is user information visible in Docker Hub? All Docker accounts have a public profile associated with their namespace. If you don't want user information (for example, full name) to be visible, you can remove those attributes from your SSO and SCIM mappings. Alternatively, you can use a different identifier to replace a user's full name. + +### What happens to existing licensed users when SCIM is enabled? + +Enabling SCIM does not immediately remove or modify existing licensed users in your Docker organization. They retain their current access and roles, but after enabling SCIM, you will manage them in your identity provider (IdP). If SCIM is later disabled, previously SCIM-managed users remain in Docker but are no longer automatically updated or removed based on your IdP. \ No newline at end of file diff --git a/content/manuals/security/for-developers/2fa/_index.md b/content/manuals/security/for-developers/2fa/_index.md index 70c17401f3b5..89ba99f6a42e 100644 --- a/content/manuals/security/for-developers/2fa/_index.md +++ b/content/manuals/security/for-developers/2fa/_index.md @@ -27,7 +27,7 @@ Authenticator with a registered YubiKey. 1. Sign in to your [Docker account](https://app.docker.com/login). 2. Select your avatar and then from the drop-down menu, select **Account settings**. -3. Navigate to the **Security** section, then select **Two-factor authentication**. +3. Select **2FA**. 4. Enter your account password, then select **Confirm**. 5. Save your recovery code and store it somewhere safe. You can use your recovery code to recover your account in the event you lose access to your authenticator app. 6. Use a Time-based One-time password (TOTP) mobile app to scan the QR code or enter the text code. diff --git a/content/manuals/security/for-developers/2fa/disable-2fa.md b/content/manuals/security/for-developers/2fa/disable-2fa.md index a0fbb74027a9..213e1f679d28 100644 --- a/content/manuals/security/for-developers/2fa/disable-2fa.md +++ b/content/manuals/security/for-developers/2fa/disable-2fa.md @@ -16,6 +16,6 @@ weight: 30 1. Sign in to your [Docker account](https://app.docker.com/login). 2. Select your avatar and then from the drop-down menu, select **Account settings**. -3. Navigate to the **Security** section, then select **Two-factor authentication**. +3. Select **2FA**. 4. Enter your password, then select **Confirm**. 5. Select **Disable 2FA**. diff --git a/content/manuals/security/for-developers/2fa/new-recovery-code.md b/content/manuals/security/for-developers/2fa/new-recovery-code.md index e608ff55147b..5c19cda2258a 100644 --- a/content/manuals/security/for-developers/2fa/new-recovery-code.md +++ b/content/manuals/security/for-developers/2fa/new-recovery-code.md @@ -13,7 +13,7 @@ access to your Docker Hub account, you can generate a new recovery code. 1. Sign in to your [Docker account](https://app.docker.com/login). 2. Select your avatar and then from the drop-down menu, select **Account settings**. -3. Navigate to the **Security** section, then select **Manage Two-Factor Authentication**. +3. Select **2FA**. 4. Enter your password, then select **Confirm**. 5. Select **Generate new code**. diff --git a/content/manuals/security/for-developers/access-tokens.md b/content/manuals/security/for-developers/access-tokens.md index bda7607ba60f..1c61509edfda 100644 --- a/content/manuals/security/for-developers/access-tokens.md +++ b/content/manuals/security/for-developers/access-tokens.md @@ -29,7 +29,7 @@ Use the Docker Admin Console to create an access token. 2. Select your avatar in the top-right corner and from the drop-down menu select **Account settings**. -3. In the **Security** section, select **Personal access tokens**. +3. Select **Personal access tokens**. 4. Select **Generate new token**. @@ -79,13 +79,17 @@ You can rename, activate, deactivate, or delete a token as needed. You can manag 2. Select your avatar in the top-right corner and from the drop-down menu select **Account settings**. -3. In the **Security** section, select **Personal access tokens**. - This page shows an overview of all your tokens, and lists if the token was generated manually or if it was [auto-generated](#auto-generated-tokens). You can also view the number - of tokens that are activated and deactivated in the toolbar. +3. Select **Personal access tokens**. -4. Select the actions menu on the far right of a token row, then select **Deactivate**, **Edit**, or **Delete** to modify the token. + This page shows an overview of all your + tokens, and lists if the token was generated manually or if it was + [auto-generated](#auto-generated-tokens). You can also view the scope of the + tokens, which tokens are activate and inactive, when they were created, when + they were last used, and their expiration date. -5. After modifying the token, select **Save token**. +4. Select the actions menu on the far right of a token row, then select **Deactivate** or **Activate**, **Edit**, or **Delete** to modify the token. + +5. After editing the token, select **Save token**. ## Auto-generated tokens diff --git a/go.mod b/go.mod index fc8141cfeb4b..01444cbfba7a 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.23.1 require ( github.com/docker/buildx v0.20.1 // indirect github.com/docker/cli v27.5.1+incompatible // indirect - github.com/docker/compose/v2 v2.32.4 // indirect + github.com/docker/compose/v2 v2.33.0 // indirect github.com/docker/scout-cli v1.15.0 // indirect github.com/moby/buildkit v0.19.0 // indirect github.com/moby/moby v27.5.1+incompatible // indirect diff --git a/hugo.yaml b/hugo.yaml index f82c878f764e..8a0fae47d5a5 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -118,7 +118,7 @@ params: # (Used to show e.g., "latest" and "latest"-1 in engine install examples docker_ce_version_prev: "27.5.0" # Latest Docker Compose version - compose_version: "v2.32.4" + compose_version: "v2.33.0" # Latest BuildKit version buildkit_version: "0.16.0"