feat: switch base container to Ubuntu 26.04

[Ron (rjaegers)]

🚀 Hey, I have created a Pull Request

Description of changes

This pull request updates the development container configurations for C++, Rust, and base images to use newer Ubuntu and toolchain versions, modernizes package versions, and improves locale and compiler setup. These changes ensure compatibility with the latest toolchains and enhance the development environment's consistency across languages.

Base image and locale improvements:

• Updated the base image in .devcontainer/base/Dockerfile from Ubuntu 24.04 to 26.04, added locales package, generated the C.UTF-8 locale, and set LANG to C.UTF-8 for better locale handling. [1] [2] [3] [4]
• Modernized core packages in .devcontainer/base/apt-requirements.json, updating versions for tools like git, bash-completion, and adding locales.

C++ toolchain and package updates:

• Upgraded GCC/G++ from version 14 to 15 in .devcontainer/cpp/Dockerfile and .devcontainer/cpp/apt-requirements-base.json, and updated related tool alternatives. [1] [2]
• Updated ARM GNU Toolchain to version 15.2 and corresponding SHA256 checksums.
• Updated Clang/LLVM packages to official Ubuntu 26.04 versions in .devcontainer/cpp/apt-requirements-clang.json and commented out a custom LLVM repo line. [1] [2]

Rust toolchain and package updates:

• Updated Rust toolchain to 1.94.1 and cargo-binstall to 1.17.9 in .devcontainer/rust/Dockerfile.
• Added g++-15 to Rust devcontainer requirements and updated rustup version.
• Ensured C/C++ compiler alternatives point to GCC/G++ 15 in the Rust devcontainer.

Other changes:

• Removed the privileged flag from .devcontainer/rust/devcontainer.json to reduce container permissions.
• Minor code change in asan.cpp to use a pointer for out-of-bounds access, likely for sanitizer testing.

✔️ Checklist

• I have followed the contribution guidelines for this repository
• I have added tests for new behavior, and have not broken any existing tests
• I have added or updated relevant documentation
• I have verified that all added components are accounted for in the SBOM

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	23		0	0	0.24s
✅ DOCKERFILE	hadolint	3		0	0	0.22s
✅ JSON	npm-package-json-lint	yes		no	no	0.5s
✅ JSON	prettier	21	4	0	0	1.08s
✅ JSON	v8r	21		0	0	11.99s
✅ MARKDOWN	markdownlint	12	0	0	0	1.33s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.34s
✅ REPOSITORY	checkov	yes		no	no	25.5s
✅ REPOSITORY	gitleaks	yes		no	no	0.95s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	52.02s
✅ REPOSITORY	secretlint	yes		no	no	2.06s
✅ REPOSITORY	syft	yes		no	no	2.25s
✅ REPOSITORY	trivy	yes		no	no	12.67s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.42s
✅ REPOSITORY	trufflehog	yes		no	no	6.2s
⚠️ SPELL	lychee	83		1	0	23.34s
✅ YAML	prettier	31	0	0	0	1.23s
✅ YAML	v8r	31		0	0	13.07s
✅ YAML	yamllint	31		0	0	1.28s

Detailed Issues

⚠️ SPELL / lychee - 1 error

[IGNORED] docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62 | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/salesforce@v9.4.0 (58 linters)
• oxsecurity/megalinter/flavors/javascript@v9.4.0 (61 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1227

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	144.72 MB	71.82 MB	72.9 MB (-50.37%)	🔽
linux/arm64	137.03 MB	70.13 MB	66.91 MB (-48.83%)	🔽

[github-actions]

Test Results

 13 files  ±0   13 suites  ±0   17m 19s ⏱️ -38s
 33 tests ±0   33 ✅ ±0  0 💤 ±0  0 ❌ ±0 
137 runs  ±0  137 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 16230c6. ± Comparison against base commit 70e10d1.

♻️ This comment has been updated with latest results.

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edge ➔ ghcr.io/philips-software/amp-devcontainer-rust:pr-1227

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	455.22 MB	468.63 MB	+13.41 MB (+2.95%)	🔼
linux/arm64	408.41 MB	419.81 MB	+11.41 MB (+2.79%)	🔼

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:edge ➔ ghcr.io/philips-software/amp-devcontainer-cpp:pr-1227

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	540.66 MB	544.95 MB	+4.29 MB (+0.79%)	🔼
linux/arm64	522.27 MB	524.3 MB	+2.03 MB (+0.39%)	🔼

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

This PR upgrades the devcontainer images (base, C++, Rust) to Ubuntu 26.04 and refreshes the associated toolchains and pinned package versions to match the newer distribution.

Changes:

• Switch base image to Ubuntu 26.04, add locale support, and generate C.UTF-8.
• Update C++ toolchain components (GCC 15, ARM GNU toolchain 15.2, Ubuntu-provided LLVM/Clang 20 packages) and refresh Python/pip-compiled dependencies.
• Update Rust toolchain versions, ensure GCC/G++ 15 is available, and reduce container privileges by removing privileged: true.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
.devcontainer/base/Dockerfile	Moves base image to Ubuntu 26.04 and adds locale generation/setup.
.devcontainer/base/apt-requirements.json	Updates pinned base packages and adds locales.
.devcontainer/cpp/Dockerfile	Updates ARM GNU toolchain, switches GCC alternatives to v15, and adjusts LLVM repo usage.
.devcontainer/cpp/apt-requirements-base.json	Refreshes pinned base build tool versions for the C++ image (incl. GCC/G++ 15).
.devcontainer/cpp/apt-requirements-clang.json	Pins Clang/LLVM packages to Ubuntu 26.04 package versions.
.devcontainer/cpp/requirements.txt	Refreshes Python dependencies/hashes for C++ container tooling.
.devcontainer/rust/Dockerfile	Bumps Rust/cargo-binstall versions and sets compiler alternatives to GCC/G++ 15.
.devcontainer/rust/apt-requirements.json	Adds g++-15 and updates pinned rustup version.
.devcontainer/rust/devcontainer.json	Removes privileged mode from the Rust devcontainer configuration.
test/cpp/workspace/sanitizers/asan.cpp	Adjusts ASan test source to trigger OOB access via a pointer.

[github-actions]

Pull Request Report (#1227)

Static measures

Description	Value
Number of added lines	367
Number of deleted lines	287
Number of changed files	10
Number of commits	22
Number of reviews	2
Number of comments (w/o review comments)	7
Number of reviews that contains a comment to resolve	1
Number of reviews that requested a change from the author	0
Number of reviews that approved the Pull Request	1
Get the total number of participants of a Pull Request	5

Time related measures

Description	Value
PR lead time (from creation to close of PR)	39.8 Days
Time that was spend on the branch before the PR was created	20 Sec
Time that was spend on the branch before the PR was merged	39.8 Days
Time to merge after last review	1.2 Hours

Status check related measures

Description	Value
Total runtime for last status check run (Workflow for PR)	1.2 Hours
Total time spend in last status check run on PR	25 Min