Add beta banner

[stanislavHamara]

Add banner redirecting the user to the core product

[github-actions]

🔍 Vulnerabilities of docker/volumes-backup-extension:pr-129

📦 Image Reference docker/volumes-backup-extension:pr-129

digest	sha256:326c5137c35b462523e5c03dc4c1c513d828e4e2ce77c29e5983bb49c2d27d65
vulnerabilities
size	45 MB
packages	52

📦 Base Image busybox:1.35

also known as	1.35-uclibc 1.35.0 1.35.0-uclibc unstable unstable-uclibc
digest	sha256:505e5e20edbb5f2ac0abe3622358daf2f4a4c818eea0498445b7248e39db6728
vulnerabilities

golang.org/x/net 0.10.0 (golang) pkg:golang/golang.org/x/net@0.10.0 Uncontrolled Resource Consumption Affected range <0.17.0 Fixed version 0.17.0 CVSS Score 7.5 CVSS Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H EPSS Score 0.00152 EPSS Percentile 0.50855 Description A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.

[github-actions]

Docker image tag(s) pushed:

docker/volumes-backup-extension:pr-129

Labels added to images:

org.opencontainers.image.created=2024-04-17T10:29:59.120Z
org.opencontainers.image.description=Back up, clone, restore, and share Docker volumes effortlessly.
org.opencontainers.image.licenses=Apache-2.0
org.opencontainers.image.revision=
org.opencontainers.image.source=https://github.com/docker/volumes-backup-extension
org.opencontainers.image.title=volumes-backup-extension
org.opencontainers.image.url=https://github.com/docker/volumes-backup-extension
org.opencontainers.image.version=pr-129

[github-actions]

Overview

Image reference	docker/volumes-backup-extension:latest	docker/volumes-backup-extension:pr-129
- digest	251ef381e897	326c5137c35b
- provenance	https://github.com/docker/volumes-backup-extension.git#2f21a94840461fb9d41f67d906533ea6a19b66be/commit/2f21a94840461fb9d41f67d906533ea6a19b66be
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	40 MB	45 MB (+5.0 MB)
- packages	50	52 (+2)
Base Image	busybox:1.35.0 also known as: • 1.35 • 1.35-uclibc • 1.35.0-uclibc	busybox:1.35 also known as: • 1.35-uclibc • 1.35.0 • 1.35.0-uclibc
- vulnerabilities

Environment Variables (2 changes)

• ± 2 changed
• 1 unchanged

-BUGSNAG_APP_VERSION=
+BUGSNAG_APP_VERSION=latest
-BUGSNAG_RELEASE_STAGE=production
+BUGSNAG_RELEASE_STAGE=local
 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

Labels (2 changes)

• - 2 removed
• 11 unchanged

 com.docker.desktop.extension.api.version=>= 0.2.3
 com.docker.desktop.extension.icon=https://raw.githubusercontent.com/docker/volumes-backup-extension/main/icon.svg
 com.docker.extension.additional-urls=[     {"title":"Support", "url":"https://github.com/docker/volumes-backup-extension/issues"}     ]
 com.docker.extension.categories=volumes
 com.docker.extension.changelog=<ul>    <li>Fixed current image vulnerabilities (CVEs) using Docker Scout.</li>     </ul>
 com.docker.extension.detailed-description=<p>With Volumes Backup & Share you can easily create copies of your volumes and also share them with others through SSH or pushing them to a registry.</p>     <h2 id=-features>✨ What can you do with this extension?</h2>     <ul>     <li>Export a volume:</li>     <ul><li>To a compressed file in your local filesystem</li>     <li>To an existing local image</li>     <li>To a new local image</li>     <li>To a new image in Docker Hub (or another registry)</li></ul>     <li>Import data into a new container or into an existing container:</li>     <ul><li>From a compressed file in your local filesystem</li>     <li>From an existing image</li>     <li>From an existing image in Docker Hub (or another registry)</li></ul>     <li>Transfer a volume via SSH to another host that runs Docker Desktop or Docker engine.</li>     <li>Clone, empty or delete a volume</li>     </ul>     <h2>Acknowledgements</h2>     <ul>     <li><a href="https://github.com/BretFisher/docker-vackup">Vackup project by Bret Fisher</a></li>     <li><a href="https://www.youtube.com/watch?v=BHKp7Sc3VVc">Building Vackup - LiveStream on YouTube</a></li>     <ul>     
 com.docker.extension.publisher-url=https://www.docker.com/
 com.docker.extension.screenshots=[     {"alt": "Home page - list of volumes", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/1-table.png"},     {"alt": "Import data into a new volume", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/2-import-new.png"},     {"alt": "Export volume dialog", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/3-export.png"},     {"alt": "Transfer volume to another host", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/4-transfer.png"},     {"alt": "Clone volume dialog", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/5-clone.png"},     {"alt": "Delete volume dialog", "url": "https://raw.githubusercontent.com/docker/volumes-backup-extension/main/docs/images/6-delete.png"}     ]
 org.opencontainers.image.description=Backup, clone, restore, and share Docker volumes effortlessly.
-org.opencontainers.image.revision=2f21a94840461fb9d41f67d906533ea6a19b66be
-org.opencontainers.image.source=https://github.com/docker/volumes-backup-extension
 org.opencontainers.image.title=Volumes Backup & Share
 org.opencontainers.image.vendor=Docker Inc.

Policies (1 improved, 1 worsened, 1 missing data)

Policy Name	docker/volumes-backup-extension:latest	docker/volumes-backup-extension:pr-129	Change	Standing
Copyleft licenses	✅	✅		No Change
Default non-root user	⚠️	⚠️		No Change
Fixable critical and high vulnerabilities	⚠️ 1	⚠️ 1		No Change
High-profile vulnerabilities	⚠️ 1	✅	-1	Improved
Outdated base images	⚠️	❓ No data
Supply chain attestations	⚠️ 1	⚠️ 2	+1	Worsened

Packages and Vulnerabilities (14 package changes and 0 vulnerability changes)

• ➕ 7 packages added
• ➖ 6 packages removed
• ♾️ 1 packages changed
• 42 packages unchanged

Changes for packages of type generic (1 changes)

	Package	Version docker/volumes-backup-extension:latest	Version docker/volumes-backup-extension:pr-129
➕	busybox		1.35.0

Changes for packages of type golang (13 changes)

	Package	Version docker/volumes-backup-extension:latest	Version docker/volumes-backup-extension:pr-129
➖	github.com/bugsnag/bugsnag-go/v2	2.2.0
➕	github.com/bugsnag/bugsnag-go/v2		2.2.0
➕	github.com/cespare/xxhash/v2		2.2.0
➖	github.com/cespare/xxhash/v2	2.2.0
➖	github.com/cpuguy83/go-md2man/v2	2.0.2
➕	github.com/cpuguy83/go-md2man/v2		2.0.2
➖	github.com/labstack/echo/v4	4.10.2
➕	github.com/labstack/echo/v4		4.10.2
➕	github.com/russross/blackfriday/v2		2.1.0
➖	github.com/russross/blackfriday/v2	2.1.0
➕	github.com/urfave/cli/v2		2.25.5
➖	github.com/urfave/cli/v2	2.25.5
♾️	stdlib	1.21.6	go1.21.9

[benja-M-1]

LGTM

I am wondering if we should tell the users that the extension will be removed from the marketplace once the feature is not beta rather than saying we will deprecate it.

[benja-M-1]

question: Will we deprecate the image or remove it from the marketplace?