ci: bump actions/setup-go from 5 to 6#1
Merged
Conversation
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
o1x3
added a commit
that referenced
this pull request
Jun 25, 2026
compose: - run now forwards --tty/--interactive (defaults: keep stdin open, allocate a TTY unless -T or no terminal); previously it read neither so 'compose run web bash' got no PTY. (composeRunPtyFlags) - OneOffArgs: overriding --entrypoint on a multi-token service entrypoint no longer leaks the old entrypoint's trailing args onto the new one. - one-off run containers are labeled oneoff=True and excluded by the service-replica resolvers, so 'compose exec/ps' no longer confuses a surviving 'run --rm=false' container with replica #1. - up --scale SERVICE=0 now runs zero replicas (explicit 0 was treated as unset and clamped to 1). (effectiveReplicas) - long-form port host_ip without published emits host_ip::target, not the malformed host_ip:target (which parsed as host_port:container). - bare environment/build-arg keys (- FOO / FOO:) inherit the host value (compose passthrough) instead of being forced to FOO="". (EnvMap) - correct the inaccurate Levels() cycle doc comment. cli: - port expands a published range (PublishPort.Count>1) to one line per port and resolves per-port filters into it. (portMappingLines) dockerfmt: - table header derivation handles function/pipeline-prefixed actions ({{upper .Name}}) instead of leaking the raw template into the header. pool: - Claim treats a state-write failure as a miss instead of returning ok on an unpersisted pop, preventing the same warm VM being handed out twice. All covered by reproducing tests.
o1x3
added a commit
that referenced
this pull request
Jun 25, 2026
* fix(machine): close label-spoof resolution + force-by-default footguns
1. resolveMachine matched a container when the user-controllable
dcon.machine.name label equalled the requested name. Because
`dcon run` forwards arbitrary --label to the backend, an ordinary
container created with --label dcon.machine=1 --label
dcon.machine.name=web (and any non-prefixed name) would be resolved as
machine `web`, turning `machine rm/stop/shell web` into a confused
deputy against an arbitrary container and defeating the dcon-machine-
prefix namespace. Resolve strictly by the prefixed backend id plus the
verified dcon.machine label via a new pure matchMachine helper; a
genuine machine always has id == dcon-machine-<name>, so no real
capability is lost.
2. `machine rm` had --force default to true, so a bare `rm` always
force-deleted a running machine (irreversible FS loss) and -f was a
no-op. Default to false to mirror `docker rm`: a bare rm of a running
machine fails and tells the user to pass -f.
Both bugs are covered by reproducing unit tests.
* fix(compose): parse long-form ports/volumes and drop empty env keys
ports: and volumes: were plain []string, so the Compose long (mapping)
form — e.g. 'ports: [{target: 80, published: "8080"}]' or
'volumes: [{type: bind, source: ./d, target: /d}]' — failed to unmarshal
and hard-errored the entire compose file (every up/down/ps/config).
This is valid, common syntax (what 'docker compose config' emits).
Add PortList/VolumeList named types that accept both the short string and
long mapping forms, flattening the long form to the same
[host_ip:][published:]target[/proto] and [source:]target[:ro] strings the
translator already emits. yaml scalar .Value is read directly so numeric
ports (- 9000, target: 80) don't trip an int->string decode.
Also drop blank/keyless environment & labels list entries ('' or
'=value') in MapList, which previously injected a malformed empty-key
'--env =' argument.
Both covered by reproducing tests.
* fix(pool): reap stale warm VMs atomically to avoid destroying a claimed one
ReapStale enumerated members with List(), then for each stale one called
forget() and DestroyAsync() as separate steps. A concurrent Claim could
pop a member in that window; the reaper would then DestroyAsync the very
VM the live run was about to exec into. (It self-healed via the cold-path
fallback, but wasted the warm slot.)
Pop stale members inside the state lock via a pure partitionStale helper,
then destroy them after releasing it. A concurrent Claim and a reap can
now never both own the same member.
* fix: stop --mount panic, --filter comma-corruption, ps -n 0, images ref filters
- run: a valueless '--mount type=tmpfs,...,tmpfs-size' (no =value) sliced
past the string end and panicked the process; pass such fields through.
- ps/images/volume/network: --filter was StringSlice, which comma-splits a
single value, so 'label=team=a,b' became two bogus filters and matched
the wrong set. Use StringArray (the project's comma-bearing-flag rule).
- ps: 'ps -n 0' listed every running container instead of none; trimLast
now distinguishes the unset sentinel (-1) from an explicit 0.
- images: a registry-port ref (registry:5000/img) was misread as tag
':latest' and hid all other tags; a digest ref (img@sha256:..) compared
the digest against the tag column and always returned empty. Parse via
imageRefFilter and match digests against the digest column.
- images: a malformed reference= glob silently hid every image; validate
the pattern up front and error like docker.
All covered by reproducing tests.
* fix: compose exec/run/create + top, cp, history, system prune correctness
compose:
- exec gated --interactive on stdin being a TTY, so 'compose exec -T db
psql < dump.sql' dropped the redirected stdin. Forward --interactive on
the flag value alone (TTY handled separately) via a pure composeExecArgs.
- run --rm=false used a global token strip that removed EVERY '--rm',
including one passed to the in-container command. Pass rm into OneOffArgs
so the run-level flag is controlled at the source; delete dropFlag.
- up/create's '--detach' strip had the same hazard for a service command
containing a literal --detach; add a positional CreateArgs builder.
- warn (don't silently drop) when multiple -f/--file files are given,
since dcon does not merge them like docker.
cli:
- top: pass dashed ps options through (SetInterspersed false) so
'top web -ef' no longer dies on an unknown-flag parse error.
- cp: a local path with a colon (./my:file.txt) was misread as a
CONTAINER:PATH ref; classify like docker's splitCpArg.
- history: truncate CREATED BY by runes, not bytes, so multibyte UTF-8
isn't split into an invalid sequence.
- system df --verbose / prune --filter now warn instead of silently
ignoring; system prune propagates backend errors instead of always
exiting 0.
All covered by reproducing tests.
* fix: build --output name=, restart --signal, mixed inspect ids
- build: '--output type=docker|image,name=X' with no -t silently dropped
the name, yielding an untagged image. A dest-less type=docker/image is
buildx's local-store load (the long form of --load) — the backend
default — so omit --output and carry name= through as --tag. With dest
it stays a file export (type=oci). translateOutput now returns (output,
tag, err).
- restart: the --signal flag was defined but never used; forward it to the
stop phase (the backend stop accepts --signal), matching docker.
- inspect: a mixed 'inspect <container> <image>' failed because each
namespace was tried as one batch. Fall back to per-id resolution and
merge the JSON arrays so both print, like docker.
All covered by reproducing tests.
* fix(compose): tag built image with image: so --build output is actually used
A service with both build: and image: built an image tagged with the
derived project name (project-service:latest) via BuildArgs, but the
container was run as svc.Image (imageRef). So 'compose up --build' (and
'compose build') produced an image the run never referenced — the run used
a stale/pulled svc.Image instead of the freshly built one.
Tag the built image with imageRef (svc.Image when set, else the derived
name), matching what RunArgs/OneOffArgs run. This also makes
'down --rmi local' consistent: a service with a custom image: keeps its
tag (removed only by --rmi all), while build-only services still tag and
remove the derived name.
Covered by a reproducing test.
* fix(compose/pool/cli): 10 issues from second adversarial red-team pass
compose:
- run now forwards --tty/--interactive (defaults: keep stdin open, allocate
a TTY unless -T or no terminal); previously it read neither so
'compose run web bash' got no PTY. (composeRunPtyFlags)
- OneOffArgs: overriding --entrypoint on a multi-token service entrypoint
no longer leaks the old entrypoint's trailing args onto the new one.
- one-off run containers are labeled oneoff=True and excluded by the
service-replica resolvers, so 'compose exec/ps' no longer confuses a
surviving 'run --rm=false' container with replica #1.
- up --scale SERVICE=0 now runs zero replicas (explicit 0 was treated as
unset and clamped to 1). (effectiveReplicas)
- long-form port host_ip without published emits host_ip::target, not the
malformed host_ip:target (which parsed as host_port:container).
- bare environment/build-arg keys (- FOO / FOO:) inherit the host value
(compose passthrough) instead of being forced to FOO="". (EnvMap)
- correct the inaccurate Levels() cycle doc comment.
cli:
- port expands a published range (PublishPort.Count>1) to one line per
port and resolves per-port filters into it. (portMappingLines)
dockerfmt:
- table header derivation handles function/pipeline-prefixed actions
({{upper .Name}}) instead of leaking the raw template into the header.
pool:
- Claim treats a state-write failure as a miss instead of returning ok on
an unpersisted pop, preventing the same warm VM being handed out twice.
All covered by reproducing tests.
* fix: 5 issues from third red-team pass (incl. 2 self-introduced regressions)
- compose long-form volume read_only: parse as a boolean (ParseBool), so
'read_only: True'/'TRUE'/'1' produce a :ro mount instead of silently
mounting read-write. (regression in the pass-1 long-form volume support)
- OneOffArgs: a command override no longer drops the service entrypoint's
extra tokens when --entrypoint is NOT overridden, so 'compose run web
shell' on entrypoint [python,-m,flask] runs 'python -m flask shell', not
'python shell'. Post-image tokens are now split into entrypoint-extras
(kept unless the entrypoint is replaced) and command (replaced by the
override). (regression in the pass-2 entrypoint fix)
- compose ls -q now prints only project names (the flag was ignored).
- volume create --name is honored instead of silently creating a
random-named volume; supplying both --name and a positional errors.
- dockerfmt table header derivation strips string literals before scanning
for the field, so a dotted token inside a printf format
({{.Name | printf "%s.txt"}}) no longer becomes the header column.
Reproducing tests for all except 'compose ls -q' (backend-coupled glue).
* style: gofmt alignment/trailing-newline in compose files
* fix(compose/stats): 5 issues from fourth red-team pass
- compose: $$ is compose's escape for a literal $; Load() was deleting it
(echo $$HOME -> echo HOME). Collapse $$ to a single $ so literal-dollar
values (shell vars, cron, hashes) survive interpolation.
- compose images now honors the [SERVICE...] positional filter instead of
always listing every service's image.
- compose ls defaults to projects with a running container; -a/--all now
actually includes fully-stopped projects (the flag was dead).
- compose config -q/--quiet now validates silently (prints nothing)
instead of dumping the full rendered YAML.
- stats: the live-table clear-screen escape is gated on a real terminal,
so 'dcon stats | cat' no longer injects raw ANSI into piped output.
$$-escape and config -q covered by reproducing tests; the others are
backend-coupled paths (per the repo's manual-validation convention).
* fix(compose): full var-interpolation, named-volume scoping, kill/stop flags
- interpolation: Load() only honored ${VAR:-default}; every other operator
(:?, :+, -, +, :=) silently produced empty — even for SET variables, so
'image: app:${TAG:?required}' with TAG=v2 rendered 'app:'. Implement the
bash/compose parameter-expansion family in a new expandVar (-/:- default,
+/:+ alternate, ?/:? required-with-error, =/:= default); a required-but-
unset ${VAR:?} now aborts Load with a clear error.
- named volumes: a service mount of a declared top-level volume used the bare
key (e.g. 'data:/var/lib') while ensureVolumes created '<project>_data', so
the container got a different (auto-created) volume than declared and
'down -v' removed the wrong one. resolveVolume now rewrites a declared named
volume to its VolumeName (project-scoped / explicit name:), mirroring the
network resolution.
- compose kill --signal and stop/restart --timeout were registered but
dropped; lifecycleOnProject now forwards them (the backend kill/stop accept
--signal/--time), via composeKillArgs/composeStopArgs.
All covered by reproducing tests (expandVar table, required-var Load error,
resolveVolume named volume, kill/stop arg builders).
* fix(compose): rewrite -f/-p shorthand even when a root flag precedes `compose`
rewriteComposeGlobalShorthands early-returned unless args[0]=="compose", so
a root persistent flag before the subcommand (`dcon -D compose -f x.yml up`,
`dcon --host x compose -p proj down`) skipped the rewrite and cobra then
hard-failed with 'unknown shorthand flag: f', diverging from docker which
accepts global flags before `compose`.
Add composeIndex to locate the `compose` token past any root flags (skipping
the value of separated value-flags like --host/--context/--tls*), and rewrite
from there. Covered by new test cases.
* fix: reject non-finite --cpus, unescape --format \t/\n, build progress, doctor builder
- parseCPUs accepted inf/NaN (ParseFloat parses them), emitting --cpus
9223372036854775807 (Inf) or --cpus 0 (NaN) to the backend; reject
non-finite values like docker does. Shared by run/create/machine create.
- --format 'table {{.A}}\t{{.B}}' (and the plain template branch) rendered
a literal backslash-t and never aligned columns; unescape \t/\n to real
bytes like the docker CLI (this is the documented recipe in SECONDARY.md).
- build --progress quiet was forwarded verbatim and rejected by the backend
(accepts auto|plain|tty); remap quiet->plain (alongside rawjson).
- doctor's image-builder check used substring "running", which also matches
"not running"; exclude the negative form via builderRunning.
All covered by reproducing tests.
* fix: honor ignored compose-up flags, fix info/ps/images matching (pass 8)
Recurring-class sweep (ignored flags, substring matches):
- compose up now honors --no-log-prefix (foreground), --timeout (stop grace),
and --pull always (force-refresh each service image before start). These were
registered with real-behavior help but never read. (formatLogLine extracted
for the prefix; followAndWait threads noPrefix + timeout.)
- docker info reported the backend as 'running' when stopped: it used a
substring match ("running" is inside "not running"). Use parseSystemStatus
exact-match, like doctor.
- ps --filter status=exited/created/dead returned nothing without -a (default
fetch was running-only); a status= filter now forces the all-states fetch.
- ps --filter ancestor=alpine matched superstrings like 'myalpine' (substring);
match repo / repo:tag / full ref via ancestorMatches.
- images REPO filter was built from the un-normalized ref, so
'images docker.io/library/alpine' returned empty; normalize via ShortImage.
- compose port --protocol UDP was compared case-sensitively to the backend's
lowercase proto.
Pure helpers (hasStatusFilter/ancestorMatches/imageRefFilter/formatLogLine)
covered by reproducing tests.
* fix: address CodeRabbit review (pass 9)
Resolve the actionable CodeRabbit findings on the red-team sweep:
- compose up: short-circuit the foreground path when zero containers start
(`up --scale svc=0` no longer hangs on the signal channel)
- run/create: reject the reserved `dcon-machine-` name prefix and
`dcon.machine*` labels so `dcon run` can't forge a container that
`dcon machine stop` would resolve (confused-deputy fix)
- ps --filter ancestor: normalize the filter value too, so a fully
qualified ancestor matches a shortened stored ref (and vice-versa)
- volume create: an explicit empty --name now errors instead of silently
creating an anonymous volume
- compose: route long-form `type: tmpfs` volumes to --tmpfs instead of a
disk-backed anonymous --volume
- compose: external named volumes reference their exact name, never the
project-prefixed one
- pool: destroy reaped VMs only after the state removal is persisted; a
failed save() no longer tears down still-claimable members
Tests: machine-namespace rejection, ancestor normalization, empty --name,
tmpfs routing, external volumes, MapList label empty-key drop, plus
deterministic unset-var fixtures and a root-proof pool save-failure case.
* docs: document ui/machine packages, refresh binary size
Add the internal/ui and internal/machine architecture notes to CLAUDE.md
and update the make build size estimate (~5.3 MB -> ~6.2 MB).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps actions/setup-go from 5 to 6.
Release notes
Sourced from actions/setup-go's releases.
... (truncated)
Commits
4a36011docs: fix Microsoft build of Go link (#734)8f19afcfeat: add go-download-base-url input for custom Go distributions (#721)27fdb26Bump minimatch from 3.1.2 to 3.1.5 (#727)def8c39Rearrange README.md, add advanced-usage.md (#724)4b73464Fix golang download url to go.dev (#469)a5f9b05Update default Go module caching to use go.mod (#705)7a3fe6cBump qs from 6.14.0 to 6.14.1 (#703)b9adafdBump actions/checkout from 5 to 6 (#686)d73f6bcREADME.md: correct to actions/checkout@v6 (#683)ae252eeBump@actions/cacheto v5 (#695)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)