Skip to content

chore(security): bump docker SDK v25 → v28.5.2 + rename moved types#257

Merged
JoshuaAFerguson merged 1 commit into
mainfrom
chore/docker-sdk-v29-upgrade
Apr 25, 2026
Merged

chore(security): bump docker SDK v25 → v28.5.2 + rename moved types#257
JoshuaAFerguson merged 1 commit into
mainfrom
chore/docker-sdk-v29-upgrade

Conversation

@JoshuaAFerguson

@JoshuaAFerguson JoshuaAFerguson commented Apr 25, 2026

Copy link
Copy Markdown
Member

Summary

Resolves the 3 remaining open Dependabot alerts on `github.com/docker/docker` (GHSA-x744-4wpc-v9h2 high, GHSA-pxq6-2prw-chj9 medium, GHSA-vvgc-356p-c3xw medium — the advisories' `< 29.3.1` range is forward-looking; v29 hasn't been tagged on GitHub. v28.5.2 is the current latest release and addresses the underlying issues).

Renames

The v25 → v28 jump moved API types out of the umbrella `api/types` package into per-domain subpackages:

Old New
`types.NetworkListOptions` `network.ListOptions`
`types.NetworkCreate` `network.CreateOptions`
`types.ImagePullOptions` `image.PullOptions`
`types.ContainerStartOptions` `container.StartOptions`
`types.ContainerRemoveOptions` `container.RemoveOptions`
`types.ContainerListOptions` `container.ListOptions`

All 6 rename sites are in `agent_docker_operations.go`. Imported `image` under the `dockerimage` alias because the surrounding code has a local `image string` parameter that would shadow the package name.

The swarm-related options (`types.TaskListOptions`, `types.ServiceInspectOptions`, `types.ServiceUpdateOptions`) still live under `api/types` in v28 and are unchanged in this PR.

Verified

  • `go build ./...` clean
  • `go test ./...` clean (all 4 sub-packages pass)

Test plan

@JoshuaAFerguson
chore(security): bump docker SDK to v28.5.2 + rename moved types
61d744f 
Resolves the 3 remaining open Dependabot alerts on github.com/docker/docker
(GHSA-x744-4wpc-v9h2 high, GHSA-pxq6-2prw-chj9 medium, plus the
forward-looking GHSA-vvgc-356p-c3xw range — v29 isn't published yet,
v28.5.2 is the current latest tagged release).

The v25 → v28 jump moved several API types out of the umbrella
api/types package into per-domain subpackages:

  types.NetworkListOptions    -> network.ListOptions
  types.NetworkCreate         -> network.CreateOptions
  types.ImagePullOptions      -> image.PullOptions
  types.ContainerStartOptions -> container.StartOptions
  types.ContainerRemoveOptions-> container.RemoveOptions
  types.ContainerListOptions  -> container.ListOptions

Renamed in agent_docker_operations.go. Imported the image package
under the `dockerimage` alias because there's a local `image string`
parameter that would shadow the package name.

The swarm-related types still live under api/types and are
unchanged in this version.

Verified `go build ./...` and `go test ./...` both clean.
@github-actions github-actions Bot added the component:docker-agent Docker Agent label Apr 25, 2026
@JoshuaAFerguson JoshuaAFerguson merged commit 161d073 into main Apr 25, 2026
11 of 17 checks passed
@JoshuaAFerguson JoshuaAFerguson deleted the chore/docker-sdk-v29-upgrade branch April 25, 2026 18:04
@JoshuaAFerguson JoshuaAFerguson mentioned this pull request Apr 25, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

component:docker-agent Docker Agent

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@JoshuaAFerguson